Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6

+32 -42

fs/ecryptfs/crypto.c

··· 1024 1024 } 1025 1025 1026 1026 /** 1027 - * contains_ecryptfs_marker - check for the ecryptfs marker 1027 + * ecryptfs_validate_marker - check for the ecryptfs marker 1028 1028 * @data: The data block in which to check 1029 1029 * 1030 - * Returns one if marker found; zero if not found 1030 + * Returns zero if marker found; -EINVAL if not found 1031 1031 */ 1032 - static int contains_ecryptfs_marker(char *data) 1032 + static int ecryptfs_validate_marker(char *data) 1033 1033 { 1034 1034 u32 m_1, m_2; 1035 1035 1036 1036 m_1 = get_unaligned_be32(data); 1037 1037 m_2 = get_unaligned_be32(data + 4); 1038 1038 if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2) 1039 - return 1; 1039 + return 0; 1040 1040 ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; " 1041 1041 "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n", m_1, m_2, 1042 1042 MAGIC_ECRYPTFS_MARKER); 1043 1043 ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = " 1044 1044 "[0x%.8x]\n", (m_1 ^ MAGIC_ECRYPTFS_MARKER)); 1045 - return 0; 1045 + return -EINVAL; 1046 1046 } 1047 1047 1048 1048 struct ecryptfs_flag_map_elem { ··· 1201 1201 return rc; 1202 1202 } 1203 1203 1204 - int ecryptfs_read_and_validate_header_region(char *data, 1205 - struct inode *ecryptfs_inode) 1204 + int ecryptfs_read_and_validate_header_region(struct inode *inode) 1206 1205 { 1207 - struct ecryptfs_crypt_stat *crypt_stat = 1208 - &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 1206 + u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; 1207 + u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; 1209 1208 int rc; 1210 1209 1211 - if (crypt_stat->extent_size == 0) 1212 - crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE; 1213 - rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size, 1214 - ecryptfs_inode); 1215 - if (rc < 0) { 1216 - printk(KERN_ERR "%s: Error reading header region; rc = [%d]\n", 1217 - __func__, rc); 1218 - goto out; 1219 - } 1220 - if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) { 1221 - rc = -EINVAL; 1222 - } else 1223 - rc = 0; 1224 - out: 1210 + rc = ecryptfs_read_lower(file_size, 0, ECRYPTFS_SIZE_AND_MARKER_BYTES, 1211 + inode); 1212 + if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) 1213 + return rc >= 0 ? -EINVAL : rc; 1214 + rc = ecryptfs_validate_marker(marker); 1215 + if (!rc) 1216 + ecryptfs_i_size_init(file_size, inode); 1225 1217 return rc; 1226 1218 } 1227 1219 ··· 1234 1242 (*written) = 6; 1235 1243 } 1236 1244 1237 - struct kmem_cache *ecryptfs_header_cache_1; 1238 - struct kmem_cache *ecryptfs_header_cache_2; 1245 + struct kmem_cache *ecryptfs_header_cache; 1239 1246 1240 1247 /** 1241 1248 * ecryptfs_write_headers_virt ··· 1487 1496 crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private( 1488 1497 ecryptfs_dentry->d_sb)->mount_crypt_stat; 1489 1498 offset = ECRYPTFS_FILE_SIZE_BYTES; 1490 - rc = contains_ecryptfs_marker(page_virt + offset); 1491 - if (rc == 0) { 1492 - rc = -EINVAL; 1499 + rc = ecryptfs_validate_marker(page_virt + offset); 1500 + if (rc) 1493 1501 goto out; 1494 - } 1495 1502 if (!(crypt_stat->flags & ECRYPTFS_I_SIZE_INITIALIZED)) 1496 1503 ecryptfs_i_size_init(page_virt, ecryptfs_dentry->d_inode); 1497 1504 offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; ··· 1556 1567 return rc; 1557 1568 } 1558 1569 1559 - int ecryptfs_read_and_validate_xattr_region(char *page_virt, 1560 - struct dentry *ecryptfs_dentry) 1570 + int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, 1571 + struct inode *inode) 1561 1572 { 1573 + u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; 1574 + u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; 1562 1575 int rc; 1563 1576 1564 - rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_dentry->d_inode); 1565 - if (rc) 1566 - goto out; 1567 - if (!contains_ecryptfs_marker(page_virt + ECRYPTFS_FILE_SIZE_BYTES)) { 1568 - printk(KERN_WARNING "Valid data found in [%s] xattr, but " 1569 - "the marker is invalid\n", ECRYPTFS_XATTR_NAME); 1570 - rc = -EINVAL; 1571 - } 1572 - out: 1577 + rc = ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), 1578 + ECRYPTFS_XATTR_NAME, file_size, 1579 + ECRYPTFS_SIZE_AND_MARKER_BYTES); 1580 + if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) 1581 + return rc >= 0 ? -EINVAL : rc; 1582 + rc = ecryptfs_validate_marker(marker); 1583 + if (!rc) 1584 + ecryptfs_i_size_init(file_size, inode); 1573 1585 return rc; 1574 1586 } 1575 1587 ··· 1600 1610 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 1601 1611 mount_crypt_stat); 1602 1612 /* Read the first page from the underlying file */ 1603 - page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER); 1613 + page_virt = kmem_cache_alloc(ecryptfs_header_cache, GFP_USER); 1604 1614 if (!page_virt) { 1605 1615 rc = -ENOMEM; 1606 1616 printk(KERN_ERR "%s: Unable to allocate page_virt\n", ··· 1645 1655 out: 1646 1656 if (page_virt) { 1647 1657 memset(page_virt, 0, PAGE_CACHE_SIZE); 1648 - kmem_cache_free(ecryptfs_header_cache_1, page_virt); 1658 + kmem_cache_free(ecryptfs_header_cache, page_virt); 1649 1659 } 1650 1660 return rc; 1651 1661 }

+9 -17

fs/ecryptfs/ecryptfs_kernel.h

··· 200 200 #define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5 201 201 #define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8 /* 4*2 */ 202 202 #define ECRYPTFS_FILE_SIZE_BYTES (sizeof(u64)) 203 + #define ECRYPTFS_SIZE_AND_MARKER_BYTES (ECRYPTFS_FILE_SIZE_BYTES \ 204 + + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES) 203 205 #define ECRYPTFS_DEFAULT_CIPHER "aes" 204 206 #define ECRYPTFS_DEFAULT_KEY_BYTES 16 205 207 #define ECRYPTFS_DEFAULT_HASH "md5" ··· 605 603 extern struct kmem_cache *ecryptfs_dentry_info_cache; 606 604 extern struct kmem_cache *ecryptfs_inode_info_cache; 607 605 extern struct kmem_cache *ecryptfs_sb_info_cache; 608 - extern struct kmem_cache *ecryptfs_header_cache_1; 609 - extern struct kmem_cache *ecryptfs_header_cache_2; 606 + extern struct kmem_cache *ecryptfs_header_cache; 610 607 extern struct kmem_cache *ecryptfs_xattr_cache; 611 608 extern struct kmem_cache *ecryptfs_key_record_cache; 612 609 extern struct kmem_cache *ecryptfs_key_sig_cache; ··· 626 625 struct list_head kthread_ctl_list; 627 626 }; 628 627 629 - #define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001 630 - int ecryptfs_interpose(struct dentry *hidden_dentry, 631 - struct dentry *this_dentry, struct super_block *sb, 632 - u32 flags); 628 + struct inode *ecryptfs_get_inode(struct inode *lower_inode, 629 + struct super_block *sb); 633 630 void ecryptfs_i_size_init(const char *page_virt, struct inode *inode); 634 - int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, 635 - struct dentry *lower_dentry, 636 - struct inode *ecryptfs_dir_inode); 637 631 int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, 638 632 size_t *decrypted_name_size, 639 633 struct dentry *ecryptfs_dentry, ··· 660 664 void ecryptfs_write_crypt_stat_flags(char *page_virt, 661 665 struct ecryptfs_crypt_stat *crypt_stat, 662 666 size_t *written); 663 - int ecryptfs_read_and_validate_header_region(char *data, 664 - struct inode *ecryptfs_inode); 665 - int ecryptfs_read_and_validate_xattr_region(char *page_virt, 666 - struct dentry *ecryptfs_dentry); 667 + int ecryptfs_read_and_validate_header_region(struct inode *inode); 668 + int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, 669 + struct inode *inode); 667 670 u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes); 668 671 int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code); 669 672 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat); ··· 674 679 ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, 675 680 unsigned char *src, struct dentry *ecryptfs_dentry); 676 681 int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); 677 - int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode); 678 - int ecryptfs_inode_set(struct inode *inode, void *lower_inode); 679 - void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode); 680 682 ssize_t 681 683 ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name, 682 684 void *value, size_t size); ··· 753 761 struct dentry *lower_dentry, 754 762 struct vfsmount *lower_mnt, 755 763 const struct cred *cred); 756 - int ecryptfs_get_lower_file(struct dentry *ecryptfs_dentry); 764 + int ecryptfs_get_lower_file(struct dentry *dentry, struct inode *inode); 757 765 void ecryptfs_put_lower_file(struct inode *inode); 758 766 int 759 767 ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,

+1 -1

fs/ecryptfs/file.c

··· 191 191 | ECRYPTFS_ENCRYPTED); 192 192 } 193 193 mutex_unlock(&crypt_stat->cs_mutex); 194 - rc = ecryptfs_get_lower_file(ecryptfs_dentry); 194 + rc = ecryptfs_get_lower_file(ecryptfs_dentry, inode); 195 195 if (rc) { 196 196 printk(KERN_ERR "%s: Error attempting to initialize " 197 197 "the lower file for the dentry with name "

+177 -112

fs/ecryptfs/inode.c

··· 51 51 dput(dir); 52 52 } 53 53 54 + static int ecryptfs_inode_test(struct inode *inode, void *lower_inode) 55 + { 56 + if (ecryptfs_inode_to_lower(inode) == (struct inode *)lower_inode) 57 + return 1; 58 + return 0; 59 + } 60 + 61 + static int ecryptfs_inode_set(struct inode *inode, void *opaque) 62 + { 63 + struct inode *lower_inode = opaque; 64 + 65 + ecryptfs_set_inode_lower(inode, lower_inode); 66 + fsstack_copy_attr_all(inode, lower_inode); 67 + /* i_size will be overwritten for encrypted regular files */ 68 + fsstack_copy_inode_size(inode, lower_inode); 69 + inode->i_ino = lower_inode->i_ino; 70 + inode->i_version++; 71 + inode->i_mapping->a_ops = &ecryptfs_aops; 72 + 73 + if (S_ISLNK(inode->i_mode)) 74 + inode->i_op = &ecryptfs_symlink_iops; 75 + else if (S_ISDIR(inode->i_mode)) 76 + inode->i_op = &ecryptfs_dir_iops; 77 + else 78 + inode->i_op = &ecryptfs_main_iops; 79 + 80 + if (S_ISDIR(inode->i_mode)) 81 + inode->i_fop = &ecryptfs_dir_fops; 82 + else if (special_file(inode->i_mode)) 83 + init_special_inode(inode, inode->i_mode, inode->i_rdev); 84 + else 85 + inode->i_fop = &ecryptfs_main_fops; 86 + 87 + return 0; 88 + } 89 + 90 + static struct inode *__ecryptfs_get_inode(struct inode *lower_inode, 91 + struct super_block *sb) 92 + { 93 + struct inode *inode; 94 + 95 + if (lower_inode->i_sb != ecryptfs_superblock_to_lower(sb)) 96 + return ERR_PTR(-EXDEV); 97 + if (!igrab(lower_inode)) 98 + return ERR_PTR(-ESTALE); 99 + inode = iget5_locked(sb, (unsigned long)lower_inode, 100 + ecryptfs_inode_test, ecryptfs_inode_set, 101 + lower_inode); 102 + if (!inode) { 103 + iput(lower_inode); 104 + return ERR_PTR(-EACCES); 105 + } 106 + if (!(inode->i_state & I_NEW)) 107 + iput(lower_inode); 108 + 109 + return inode; 110 + } 111 + 112 + struct inode *ecryptfs_get_inode(struct inode *lower_inode, 113 + struct super_block *sb) 114 + { 115 + struct inode *inode = __ecryptfs_get_inode(lower_inode, sb); 116 + 117 + if (!IS_ERR(inode) && (inode->i_state & I_NEW)) 118 + unlock_new_inode(inode); 119 + 120 + return inode; 121 + } 122 + 123 + /** 124 + * ecryptfs_interpose 125 + * @lower_dentry: Existing dentry in the lower filesystem 126 + * @dentry: ecryptfs' dentry 127 + * @sb: ecryptfs's super_block 128 + * 129 + * Interposes upper and lower dentries. 130 + * 131 + * Returns zero on success; non-zero otherwise 132 + */ 133 + static int ecryptfs_interpose(struct dentry *lower_dentry, 134 + struct dentry *dentry, struct super_block *sb) 135 + { 136 + struct inode *inode = ecryptfs_get_inode(lower_dentry->d_inode, sb); 137 + 138 + if (IS_ERR(inode)) 139 + return PTR_ERR(inode); 140 + d_instantiate(dentry, inode); 141 + 142 + return 0; 143 + } 144 + 54 145 /** 55 146 * ecryptfs_create_underlying_file 56 147 * @lower_dir_inode: inode of the parent in the lower fs of the new file ··· 220 129 goto out_lock; 221 130 } 222 131 rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry, 223 - directory_inode->i_sb, 0); 132 + directory_inode->i_sb); 224 133 if (rc) { 225 134 ecryptfs_printk(KERN_ERR, "Failure in ecryptfs_interpose\n"); 226 135 goto out_lock; ··· 259 168 "context; rc = [%d]\n", rc); 260 169 goto out; 261 170 } 262 - rc = ecryptfs_get_lower_file(ecryptfs_dentry); 171 + rc = ecryptfs_get_lower_file(ecryptfs_dentry, 172 + ecryptfs_dentry->d_inode); 263 173 if (rc) { 264 174 printk(KERN_ERR "%s: Error attempting to initialize " 265 175 "the lower file for the dentry with name " ··· 307 215 return rc; 308 216 } 309 217 310 - /** 311 - * ecryptfs_lookup_and_interpose_lower - Perform a lookup 312 - */ 313 - int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, 314 - struct dentry *lower_dentry, 315 - struct inode *ecryptfs_dir_inode) 218 + static int ecryptfs_i_size_read(struct dentry *dentry, struct inode *inode) 316 219 { 317 - struct dentry *lower_dir_dentry; 318 - struct vfsmount *lower_mnt; 319 - struct inode *lower_inode; 320 220 struct ecryptfs_crypt_stat *crypt_stat; 321 - char *page_virt = NULL; 322 - int put_lower = 0, rc = 0; 221 + int rc; 323 222 324 - lower_dir_dentry = lower_dentry->d_parent; 325 - lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt( 326 - ecryptfs_dentry->d_parent)); 327 - lower_inode = lower_dentry->d_inode; 328 - fsstack_copy_attr_atime(ecryptfs_dir_inode, lower_dir_dentry->d_inode); 329 - BUG_ON(!lower_dentry->d_count); 330 - ecryptfs_set_dentry_private(ecryptfs_dentry, 331 - kmem_cache_alloc(ecryptfs_dentry_info_cache, 332 - GFP_KERNEL)); 333 - if (!ecryptfs_dentry_to_private(ecryptfs_dentry)) { 334 - rc = -ENOMEM; 335 - printk(KERN_ERR "%s: Out of memory whilst attempting " 336 - "to allocate ecryptfs_dentry_info struct\n", 337 - __func__); 338 - goto out_put; 339 - } 340 - ecryptfs_set_dentry_lower(ecryptfs_dentry, lower_dentry); 341 - ecryptfs_set_dentry_lower_mnt(ecryptfs_dentry, lower_mnt); 342 - if (!lower_dentry->d_inode) { 343 - /* We want to add because we couldn't find in lower */ 344 - d_add(ecryptfs_dentry, NULL); 345 - goto out; 346 - } 347 - rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry, 348 - ecryptfs_dir_inode->i_sb, 349 - ECRYPTFS_INTERPOSE_FLAG_D_ADD); 350 - if (rc) { 351 - printk(KERN_ERR "%s: Error interposing; rc = [%d]\n", 352 - __func__, rc); 353 - goto out; 354 - } 355 - if (S_ISDIR(lower_inode->i_mode)) 356 - goto out; 357 - if (S_ISLNK(lower_inode->i_mode)) 358 - goto out; 359 - if (special_file(lower_inode->i_mode)) 360 - goto out; 361 - /* Released in this function */ 362 - page_virt = kmem_cache_zalloc(ecryptfs_header_cache_2, GFP_USER); 363 - if (!page_virt) { 364 - printk(KERN_ERR "%s: Cannot kmem_cache_zalloc() a page\n", 365 - __func__); 366 - rc = -ENOMEM; 367 - goto out; 368 - } 369 - rc = ecryptfs_get_lower_file(ecryptfs_dentry); 223 + rc = ecryptfs_get_lower_file(dentry, inode); 370 224 if (rc) { 371 225 printk(KERN_ERR "%s: Error attempting to initialize " 372 226 "the lower file for the dentry with name " 373 227 "[%s]; rc = [%d]\n", __func__, 374 - ecryptfs_dentry->d_name.name, rc); 375 - goto out_free_kmem; 228 + dentry->d_name.name, rc); 229 + return rc; 376 230 } 377 - put_lower = 1; 378 - crypt_stat = &ecryptfs_inode_to_private( 379 - ecryptfs_dentry->d_inode)->crypt_stat; 231 + 232 + crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; 380 233 /* TODO: lock for crypt_stat comparison */ 381 234 if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) 382 - ecryptfs_set_default_sizes(crypt_stat); 383 - rc = ecryptfs_read_and_validate_header_region(page_virt, 384 - ecryptfs_dentry->d_inode); 235 + ecryptfs_set_default_sizes(crypt_stat); 236 + 237 + rc = ecryptfs_read_and_validate_header_region(inode); 238 + ecryptfs_put_lower_file(inode); 385 239 if (rc) { 386 - memset(page_virt, 0, PAGE_CACHE_SIZE); 387 - rc = ecryptfs_read_and_validate_xattr_region(page_virt, 388 - ecryptfs_dentry); 389 - if (rc) { 390 - rc = 0; 391 - goto out_free_kmem; 392 - } 393 - crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; 240 + rc = ecryptfs_read_and_validate_xattr_region(dentry, inode); 241 + if (!rc) 242 + crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; 394 243 } 395 - ecryptfs_i_size_init(page_virt, ecryptfs_dentry->d_inode); 396 - out_free_kmem: 397 - kmem_cache_free(ecryptfs_header_cache_2, page_virt); 398 - goto out; 399 - out_put: 400 - dput(lower_dentry); 401 - mntput(lower_mnt); 402 - d_drop(ecryptfs_dentry); 403 - out: 404 - if (put_lower) 405 - ecryptfs_put_lower_file(ecryptfs_dentry->d_inode); 244 + 245 + /* Must return 0 to allow non-eCryptfs files to be looked up, too */ 246 + return 0; 247 + } 248 + 249 + /** 250 + * ecryptfs_lookup_interpose - Dentry interposition for a lookup 251 + */ 252 + static int ecryptfs_lookup_interpose(struct dentry *dentry, 253 + struct dentry *lower_dentry, 254 + struct inode *dir_inode) 255 + { 256 + struct inode *inode, *lower_inode = lower_dentry->d_inode; 257 + struct ecryptfs_dentry_info *dentry_info; 258 + struct vfsmount *lower_mnt; 259 + int rc = 0; 260 + 261 + lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt(dentry->d_parent)); 262 + fsstack_copy_attr_atime(dir_inode, lower_dentry->d_parent->d_inode); 263 + BUG_ON(!lower_dentry->d_count); 264 + 265 + dentry_info = kmem_cache_alloc(ecryptfs_dentry_info_cache, GFP_KERNEL); 266 + ecryptfs_set_dentry_private(dentry, dentry_info); 267 + if (!dentry_info) { 268 + printk(KERN_ERR "%s: Out of memory whilst attempting " 269 + "to allocate ecryptfs_dentry_info struct\n", 270 + __func__); 271 + dput(lower_dentry); 272 + mntput(lower_mnt); 273 + d_drop(dentry); 274 + return -ENOMEM; 275 + } 276 + ecryptfs_set_dentry_lower(dentry, lower_dentry); 277 + ecryptfs_set_dentry_lower_mnt(dentry, lower_mnt); 278 + 279 + if (!lower_dentry->d_inode) { 280 + /* We want to add because we couldn't find in lower */ 281 + d_add(dentry, NULL); 282 + return 0; 283 + } 284 + inode = __ecryptfs_get_inode(lower_inode, dir_inode->i_sb); 285 + if (IS_ERR(inode)) { 286 + printk(KERN_ERR "%s: Error interposing; rc = [%ld]\n", 287 + __func__, PTR_ERR(inode)); 288 + return PTR_ERR(inode); 289 + } 290 + if (S_ISREG(inode->i_mode)) { 291 + rc = ecryptfs_i_size_read(dentry, inode); 292 + if (rc) { 293 + make_bad_inode(inode); 294 + return rc; 295 + } 296 + } 297 + 298 + if (inode->i_state & I_NEW) 299 + unlock_new_inode(inode); 300 + d_add(dentry, inode); 301 + 406 302 return rc; 407 303 } 408 304 ··· 433 353 goto out_d_drop; 434 354 } 435 355 if (lower_dentry->d_inode) 436 - goto lookup_and_interpose; 356 + goto interpose; 437 357 mount_crypt_stat = &ecryptfs_superblock_to_private( 438 358 ecryptfs_dentry->d_sb)->mount_crypt_stat; 439 359 if (!(mount_crypt_stat 440 360 && (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) 441 - goto lookup_and_interpose; 361 + goto interpose; 442 362 dput(lower_dentry); 443 363 rc = ecryptfs_encrypt_and_encode_filename( 444 364 &encrypted_and_encoded_name, &encrypted_and_encoded_name_size, ··· 461 381 encrypted_and_encoded_name); 462 382 goto out_d_drop; 463 383 } 464 - lookup_and_interpose: 465 - rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry, 466 - ecryptfs_dir_inode); 384 + interpose: 385 + rc = ecryptfs_lookup_interpose(ecryptfs_dentry, lower_dentry, 386 + ecryptfs_dir_inode); 467 387 goto out; 468 388 out_d_drop: 469 389 d_drop(ecryptfs_dentry); ··· 491 411 lower_new_dentry); 492 412 if (rc || !lower_new_dentry->d_inode) 493 413 goto out_lock; 494 - rc = ecryptfs_interpose(lower_new_dentry, new_dentry, dir->i_sb, 0); 414 + rc = ecryptfs_interpose(lower_new_dentry, new_dentry, dir->i_sb); 495 415 if (rc) 496 416 goto out_lock; 497 417 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); ··· 558 478 kfree(encoded_symname); 559 479 if (rc || !lower_dentry->d_inode) 560 480 goto out_lock; 561 - rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0); 481 + rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb); 562 482 if (rc) 563 483 goto out_lock; 564 484 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); ··· 582 502 rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode); 583 503 if (rc || !lower_dentry->d_inode) 584 504 goto out; 585 - rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0); 505 + rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb); 586 506 if (rc) 587 507 goto out; 588 508 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); ··· 630 550 rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev); 631 551 if (rc || !lower_dentry->d_inode) 632 552 goto out; 633 - rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0); 553 + rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb); 634 554 if (rc) 635 555 goto out; 636 556 fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); ··· 830 750 lower_ia->ia_valid &= ~ATTR_SIZE; 831 751 return 0; 832 752 } 833 - rc = ecryptfs_get_lower_file(dentry); 753 + rc = ecryptfs_get_lower_file(dentry, inode); 834 754 if (rc) 835 755 return rc; 836 756 crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; ··· 986 906 987 907 mount_crypt_stat = &ecryptfs_superblock_to_private( 988 908 dentry->d_sb)->mount_crypt_stat; 989 - rc = ecryptfs_get_lower_file(dentry); 909 + rc = ecryptfs_get_lower_file(dentry, inode); 990 910 if (rc) { 991 911 mutex_unlock(&crypt_stat->cs_mutex); 992 912 goto out; ··· 1157 1077 mutex_unlock(&lower_dentry->d_inode->i_mutex); 1158 1078 out: 1159 1079 return rc; 1160 - } 1161 - 1162 - int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode) 1163 - { 1164 - if ((ecryptfs_inode_to_lower(inode) 1165 - == (struct inode *)candidate_lower_inode)) 1166 - return 1; 1167 - else 1168 - return 0; 1169 - } 1170 - 1171 - int ecryptfs_inode_set(struct inode *inode, void *lower_inode) 1172 - { 1173 - ecryptfs_init_inode(inode, (struct inode *)lower_inode); 1174 - return 0; 1175 1080 } 1176 1081 1177 1082 const struct inode_operations ecryptfs_symlink_iops = {

+5 -79

fs/ecryptfs/main.c

··· 135 135 return rc; 136 136 } 137 137 138 - int ecryptfs_get_lower_file(struct dentry *dentry) 138 + int ecryptfs_get_lower_file(struct dentry *dentry, struct inode *inode) 139 139 { 140 - struct ecryptfs_inode_info *inode_info = 141 - ecryptfs_inode_to_private(dentry->d_inode); 140 + struct ecryptfs_inode_info *inode_info; 142 141 int count, rc = 0; 143 142 143 + inode_info = ecryptfs_inode_to_private(inode); 144 144 mutex_lock(&inode_info->lower_file_mutex); 145 145 count = atomic_inc_return(&inode_info->lower_file_count); 146 146 if (WARN_ON_ONCE(count < 1)) ··· 166 166 inode_info->lower_file = NULL; 167 167 mutex_unlock(&inode_info->lower_file_mutex); 168 168 } 169 - } 170 - 171 - static struct inode *ecryptfs_get_inode(struct inode *lower_inode, 172 - struct super_block *sb) 173 - { 174 - struct inode *inode; 175 - int rc = 0; 176 - 177 - if (lower_inode->i_sb != ecryptfs_superblock_to_lower(sb)) { 178 - rc = -EXDEV; 179 - goto out; 180 - } 181 - if (!igrab(lower_inode)) { 182 - rc = -ESTALE; 183 - goto out; 184 - } 185 - inode = iget5_locked(sb, (unsigned long)lower_inode, 186 - ecryptfs_inode_test, ecryptfs_inode_set, 187 - lower_inode); 188 - if (!inode) { 189 - rc = -EACCES; 190 - iput(lower_inode); 191 - goto out; 192 - } 193 - if (inode->i_state & I_NEW) 194 - unlock_new_inode(inode); 195 - else 196 - iput(lower_inode); 197 - if (S_ISLNK(lower_inode->i_mode)) 198 - inode->i_op = &ecryptfs_symlink_iops; 199 - else if (S_ISDIR(lower_inode->i_mode)) 200 - inode->i_op = &ecryptfs_dir_iops; 201 - if (S_ISDIR(lower_inode->i_mode)) 202 - inode->i_fop = &ecryptfs_dir_fops; 203 - if (special_file(lower_inode->i_mode)) 204 - init_special_inode(inode, lower_inode->i_mode, 205 - lower_inode->i_rdev); 206 - fsstack_copy_attr_all(inode, lower_inode); 207 - /* This size will be overwritten for real files w/ headers and 208 - * other metadata */ 209 - fsstack_copy_inode_size(inode, lower_inode); 210 - return inode; 211 - out: 212 - return ERR_PTR(rc); 213 - } 214 - 215 - /** 216 - * ecryptfs_interpose 217 - * @lower_dentry: Existing dentry in the lower filesystem 218 - * @dentry: ecryptfs' dentry 219 - * @sb: ecryptfs's super_block 220 - * @flags: flags to govern behavior of interpose procedure 221 - * 222 - * Interposes upper and lower dentries. 223 - * 224 - * Returns zero on success; non-zero otherwise 225 - */ 226 - int ecryptfs_interpose(struct dentry *lower_dentry, struct dentry *dentry, 227 - struct super_block *sb, u32 flags) 228 - { 229 - struct inode *lower_inode = lower_dentry->d_inode; 230 - struct inode *inode = ecryptfs_get_inode(lower_inode, sb); 231 - if (IS_ERR(inode)) 232 - return PTR_ERR(inode); 233 - if (flags & ECRYPTFS_INTERPOSE_FLAG_D_ADD) 234 - d_add(dentry, inode); 235 - else 236 - d_instantiate(dentry, inode); 237 - return 0; 238 169 } 239 170 240 171 enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ··· 635 704 .size = sizeof(struct ecryptfs_sb_info), 636 705 }, 637 706 { 638 - .cache = &ecryptfs_header_cache_1, 639 - .name = "ecryptfs_headers_1", 640 - .size = PAGE_CACHE_SIZE, 641 - }, 642 - { 643 - .cache = &ecryptfs_header_cache_2, 644 - .name = "ecryptfs_headers_2", 707 + .cache = &ecryptfs_header_cache, 708 + .name = "ecryptfs_headers", 645 709 .size = PAGE_CACHE_SIZE, 646 710 }, 647 711 {

-16

fs/ecryptfs/super.c

··· 93 93 } 94 94 95 95 /** 96 - * ecryptfs_init_inode 97 - * @inode: The ecryptfs inode 98 - * 99 - * Set up the ecryptfs inode. 100 - */ 101 - void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode) 102 - { 103 - ecryptfs_set_inode_lower(inode, lower_inode); 104 - inode->i_ino = lower_inode->i_ino; 105 - inode->i_version++; 106 - inode->i_op = &ecryptfs_main_iops; 107 - inode->i_fop = &ecryptfs_main_fops; 108 - inode->i_mapping->a_ops = &ecryptfs_aops; 109 - } 110 - 111 - /** 112 96 * ecryptfs_statfs 113 97 * @sb: The ecryptfs super block 114 98 * @buf: The struct kstatfs to fill in with stats

Configure Feed

Configure Feed