- 16 Oct, 2007 40 commits
-
-
Michael Halcrow authored
Initialize persistent lower file on inode create. Signed-off-by:
Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Michael Halcrow authored
Update data types and add casts in order to avoid potential overflow issues. Signed-off-by:
-
Michael Halcrow authored
Convert readpage, prepare_write, and commit_write to use read_write.c routines. Remove sync_page; I cannot think of a good reason for implementing that in eCryptfs. Signed-off-by:
-
Michael Halcrow authored
Rather than open a new lower file for every eCryptfs file that is opened, truncated, or setattr'd, instead use the existing lower persistent file for the eCryptfs inode. Change truncate to use read_write.c functions. Change ecryptfs_getxattr() to use the common ecryptfs_getxattr_lower() function. Signed-off-by:
-
Michael Halcrow authored
Update the metadata read/write functions and grow_file() to use the read_write.c routines. Do not open another lower file; use the persistent lower file instead. Provide a separate function for crypto.c::ecryptfs_read_xattr_region() to get to the lower xattr without having to go through the eCryptfs getxattr. Signed-off-by:
-
Michael Halcrow authored
This patch sets up and destroys the persistent lower file for each eCryptfs inode. Signed-off-by:
-
Michael Halcrow authored
Replace page encryption and decryption routines and inode size write routine with versions that utilize the read_write.c functions. Signed-off-by:
-
Michael Halcrow authored
Add a set of functions through which all I/O to lower files is consolidated. This patch adds a new inode_info reference to a persistent lower file for each eCryptfs inode; another patch later in this series will set that up. This persistent lower file is what the read_write.c functions use to call vfs_read() and vfs_write() on the lower filesystem, so even when reads and writes come in through aops->readpage and aops->writepage, we can satisfy them without resorting to direct access to the lower inode's address space. Several function declarations are going to be changing with this patchset. For now, in order to keep from breaking the build, I am putting dummy parameters in for those functions. Signed-off-by:
-
Michael Halcrow authored
The error paths and the module exit code need work. sysfs unregistration is not the right place to tear down the crypto subsystem, and the code to undo subsystem initializations on various error paths is unnecessarily duplicated. This patch addresses those issues. Signed-off-by:
-
Michael Halcrow authored
Remove assignments in if-statements. Signed-off-by:
-
Michael Halcrow authored
There is no point to keeping a separate header_extent_size and an extent_size. The total size of the header can always be represented as some multiple of the regular data extent size. [randy.dunlap@oracle.com: ecryptfs: fix printk format warning] Signed-off-by:
Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by:
-
Michael Halcrow authored
eCryptfs is currently just passing through splice reads to the lower filesystem. This is obviously incorrect behavior; the decrypted data is what needs to be read, not the lower encrypted data. I cannot think of any good reason for eCryptfs to implement splice_read, so this patch points the eCryptfs fops splice_read to use generic_file_splice_read. Signed-off-by:
Jens Axboe <jens.axboe@oracle.com> Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: > Please check that all the newly-added global symbols do indeed need > to be global. Change symbols in keystore.c and crypto.o to static if they do not need to be global. Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: > > struct mutex *tfm_mutex = NULL; > > This initialisation looks like it's here to kill bogus gcc warning > (if it is, it should have been commented). Please investigate > uninitialized_var() and __maybe_unused sometime. Remove some unnecessary variable initializations. There may be a few more such intializations remaining in the code base; a future patch will take care of those. Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: From: mhalcrow@us.ibm.com <mhalcrow@halcrow.austin.ibm.com> > > +/** > > + * decrypt_passphrase_encrypted_session_key - Decrypt the session key > > + * with the given auth_tok. > > * > > * Returns Zero on success; non-zero error otherwise. > > */ > > That comment purports to be a kerneldoc-style comment. But > > - kerneldoc doesn't support multiple lines on the introductory line > which identifies the name of the function (alas). So you'll need to > overflow 80 cols here. > > - the function args weren't documented > > But the return value is! People regularly forget to do that. And > they frequently forget to document the locking prerequisites and the > permissible calling contexts (process/might_sleep/hardirq, etc) > > (please check all ecryptfs kerneldoc for this stuff sometime) This patch cleans up some of the existing comments and makes a couple of line break tweaks. There is more work to do to bring eCryptfs into full kerneldoc-compliance. Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: > > +struct ecryptfs_global_auth_tok { > > +#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 > > + u32 flags; > > + struct list_head mount_crypt_stat_list; > > + struct key *global_auth_tok_key; > > + struct ecryptfs_auth_tok *global_auth_tok; > > + unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1]; > > +}; > > + > > +struct ecryptfs_key_tfm { > > + struct crypto_blkcipher *key_tfm; > > + size_t key_size; > > + struct mutex key_tfm_mutex; > > + struct list_head key_tfm_list; > > + unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; > > +}; > > Please consider commenting your struct fields carefully: it's a > great way to help other to understand your code. Add some comments to the ecryptfs_global_auth_tok and ecryptfs_key_tfm structs to make their functions more easily ascertained. Signed-off-by: -
Michael Halcrow authored
Andrew Morton wrote: > > +int ecryptfs_destruct_crypto(void) > > ecryptfs_destroy_crypto would be more grammatically correct ;) Grammatical fix for some function names. Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: > > + crypt_stat->flags |= ECRYPTFS_ENCRYPTED; > > + crypt_stat->flags |= ECRYPTFS_KEY_VALID; > > Maybe the compiler can optimise those two statements, but we'd > normally provide it with some manual help. This patch provides the compiler with some manual help for optimizing the setting of some flags. Signed-off-by:
-
Michael Halcrow authored
Andrew Morton wrote: > > + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); > > + BUG_ON(mount_crypt_stat->num_global_auth_toks == 0); > > + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); > > That's odd-looking. If it was a bug for num_global_auth_toks to be > zero, and if that mutex protects num_global_auth_toks then as soon > as the lock gets dropped, another thread can make > num_global_auth_toks zero, hence the bug is present. Perhaps? That was serving as an internal sanity check that should not have made it into the final patch set in the first place. This patch removes it. Signed-off-by:
-
Andrew Morton authored
fs/ecryptfs/keystore.c: In function 'parse_tag_1_packet': fs/ecryptfs/keystore.c:557: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c: In function 'parse_tag_3_packet': fs/ecryptfs/keystore.c:690: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c: In function 'parse_tag_11_packet': fs/ecryptfs/keystore.c:836: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c: In function 'write_tag_1_packet': fs/ecryptfs/keystore.c:1413: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c:1413: warning: format '%d' expects type 'int', but argument 3 has type 'long unsigned int' fs/ecryptfs/keystore.c: In function 'write_tag_11_packet': fs/ecryptfs/keystore.c:1472: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c: In function 'write_tag_3_packet': fs/ecryptfs/keystore.c:1663: warning: format '%d' expects type 'int', but argument 2 has type 'size_t' fs/ecryptfs/keystore.c:1663: warning: format '%d' expects type 'int', but argument 3 has type 'long unsigned int' fs/ecryptfs/keystore.c: In function 'ecryptfs_generate_key_packet_set': fs/ecryptfs/keystore.c:1778: warning: passing argument 2 of 'write_tag_11_packet' from incompatible pointer type fs/ecryptfs/main.c: In function 'ecryptfs_parse_options': fs/ecryptfs/main.c:363: warning: format '%d' expects type 'int', but argument 3 has type 'size_t' Cc: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by:
-
Michael Halcrow authored
Trivial updates to comment and debug statement. Signed-off-by:
-
Michael Halcrow authored
Fix up the Tag 11 writing code to handle size limits and boundaries more explicitly. It looks like the packet length was 1 shorter than it should have been, chopping off the last byte of the key identifier. This is largely inconsequential, since it is not much more likely that a key identifier collision will occur with 7 bytes rather than 8. This patch fixes the packet to use the full number of bytes that were originally intended to be used for the key identifier. Signed-off-by:
-
Michael Halcrow authored
Fix up the Tag 11 parsing code to handle size limits and boundaries more explicitly. Pay attention to *8* bytes for the key identifier (literal data), no more, no less. Signed-off-by:
-
Michael Halcrow authored
Fix up the Tag 3 parsing code to handle size limits and boundaries more explicitly. Signed-off-by:
-
Michael Halcrow authored
Fix up the Tag 1 parsing code to handle size limits and boundaries more explicitly. Initialize the new auth_tok's flags. Signed-off-by:
-
Michael Halcrow authored
Introduce kmem_cache objects for handling multiple keys per inode. Add calls in the module init and exit code to call the key list initialization/destruction functions. Signed-off-by:
-
Michael Halcrow authored
Use list_for_each_entry_safe() when wiping the authentication token list. Signed-off-by:
-
Michael Halcrow authored
Add support structures for handling multiple keys. The list in crypt_stat contains the key identifiers for all of the keys that should be used for encrypting each file's File Encryption Key (FEK). For now, each inode inherits this list from the mount-wide crypt_stat struct, via the ecryptfs_copy_mount_wide_sigs_to_inode_sigs() function. This patch also removes the global key tfm from the mount-wide crypt_stat struct, instead keeping a list of tfm's meant for dealing with the various inode FEK's. eCryptfs will now search the user's keyring for FEK's parsed from the existing file metadata, so the user can make keys available at any time before or after mounting. Now that multiple FEK packets can be written to the file metadata, we need to be more meticulous about size limits. The updates to the code for writing out packets to the file metadata makes sizes and limits more explicit, uniformly expressed, and (hopefully) easier to follow. Signed-off-by:
-
Adrian Bunk authored
This patch makes the following needlessly global functions static: - exp_get_by_name() - exp_parent() - exp_find() Signed-off-by:
Adrian Bunk <bunk@stusta.de> Cc: Neil Brown <neilb@suse.de> Cc: "J. Bruce Fields" <bfields@fieldses.org> Signed-off-by:
-
Jesper Juhl authored
In drivers/isdn/capi/kcapi.c::old_capi_manufacturer(), if the call to get_capi_ctr_by_nr(ldef.contr); in line 823 returns NULL, then we'll be dereferencing a NULL pointer in the very next line. (Found by Coverity checker as bug #402) Signed-off-by:
Jesper Juhl <jesper.juhl@gmail.com> Acked-by:
Karsten Keil <kkeil@suse.de> Signed-off-by:
-
Jesper Juhl authored
If we fail to allocate an skb in drivers/isdn/capi/capidrv.c::send_message(), then we'll end up dereferencing a NULL pointer. Since out of memory conditions are not unheard of, I believe it is better to print a error message and just return rather than bring down the whole kernel. Sure, doing this may upset some application, but that's still better than crashing the whole system. Signed-off-by:
-
Matthias Kaehlcke authored
The ISDN subsystem common functions use a semaphore as mutex. Use the mutex API instead of the (binary) semaphore. Signed-off-by:
Matthias Kaehlcke <matthias.kaehlcke@gmail.com> Acked-by:
-
Tilman Schmidt authored
Remove pointless taking of spinlock around reading a single pointer-sized or smaller variable. Signed-off-by:
Tilman Schmidt <tilman@imap.cc> Acked-by:
-
Masami Hiramatsu authored
Introduce architecture dependent kretprobe blacklists to prohibit users from inserting return probes on the function in which kprobes can be inserted but kretprobes can not. This patch also removes "__kprobes" mark from "__switch_to" on x86_64 and registers "__switch_to" to the blacklist on x86-64, because that mark is to prohibit user from inserting only kretprobe. Signed-off-by:
Masami Hiramatsu <mhiramat@redhat.com> Cc: Prasanna S Panchamukhi <prasanna@in.ibm.com> Acked-by:
Ananth N Mavinakayanahalli <ananth@in.ibm.com> Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> Signed-off-by:
-
Tony Jones authored
Make the SPI framework and drivers stop using class_device. Update docs accordingly ... highlighting just which sysfs paths should be "safe"/stable. Signed-off-by:
Tony Jones <tonyj@suse.de> Signed-off-by:
David Brownell <dbrownell@users.sourceforge.net> Cc: Greg KH <greg@kroah.com> Signed-off-by:
-
WANG Cong authored
Constify two char pointers and a struct in Documentation/spi/spidev_test.c. Acked-by:
WANG Cong <xiyou.wangcong@gmail.com> Signed-off-by:
-
Anton Vorontsov authored
Currently, all QE SPI controllers are almost the same comparing to MPC83xx's, thus let's use that driver for them. Tested to work on MPC85xx in loopback mode. Signed-off-by:
Anton Vorontsov <avorontsov@ru.mvista.com> Acked-by:
Kumar Gala <galak@kernel.crashing.org> Signed-off-by:
-
David Brownell authored
Shrink the runtime footprint of various SPI drivers: - Move the probe() routine into the init section where practical, using platform_driver_probe() to make that safe. This often saves around 1KB. Using platform_driver_probe() can also be a correctness fix, if the probe routine is already marked __init but the driver struct keeps a dangling pointer to it after init section removal. - Likewise move remove() routines into the exit sections. These changes would be inappropriate iff the platform devices were actually hotpluggable (e.g. they're found on optional addon cards, or in an FPGA that's dynamically reprogrammed). In these cases, that's not the situation; it's an SOC controller and the only device is initialized before these drivers. Signed-off-by: -
Kyungmin Park authored
Remove unused variable & write space Signed-off-by:
Kyungmin Park <kyungmin.park@samsung.com> Signed-off-by:
-
Jesper Juhl authored
This patch cleans up duplicate includes in drivers/spi/ Signed-off-by:
David Brownell <david-b@pacbell.net> Signed-off-by:
-
