• Eric Sandeen's avatar
    ecryptfs: check for existing key_tfm at mount time · af440f52
    Eric Sandeen authored
    Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same
    cipher & other mount options, created a new ecryptfs_key_tfm_cache item
    each time, and the cache could grow quite large this way.
    
    Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding
    these items.
    
    Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new
    helper function, ecryptfs_tfm_exists(), which checks for the cipher on the
    cached key_tfm_list, and sets a pointer to it if it exists.  This can then
    be called from ecryptfs_parse_options(), and new key_tfm's can be added
    only when a cached one is not found.
    
    With list locking changes suggested by akpm.
    Signed-off-by: default avatarEric Sandeen <sandeen@redhat.com>
    Cc: Michael Halcrow <mhalcrow@us.ibm.com>
    Cc: Jeff Moyer <jmoyer@redhat.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    af440f52
crypto.c 56.7 KB