diff options
author | Michael Halcrow <mhalcrow@us.ibm.com> | 2007-10-16 10:27:55 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-16 18:43:10 +0200 |
commit | 956159c3d6e7eed61da0aaee740fbfba52849ff8 (patch) | |
tree | b4b14bbda404eda6ce6d9604e6024f3a647dfc8c | |
parent | eCryptfs: use list_for_each_entry_safe() when wiping auth toks (diff) | |
download | linux-956159c3d6e7eed61da0aaee740fbfba52849ff8.tar.xz linux-956159c3d6e7eed61da0aaee740fbfba52849ff8.zip |
eCryptfs: kmem_cache objects for multiple keys; init/exit functions
Introduce kmem_cache objects for handling multiple keys per inode. Add calls
in the module init and exit code to call the key list
initialization/destruction functions.
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | fs/ecryptfs/main.c | 44 |
1 files changed, 36 insertions, 8 deletions
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index 6e2170c96c02..0387f0d73cd0 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -240,14 +240,11 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) int cipher_name_set = 0; int cipher_key_bytes; int cipher_key_bytes_set = 0; - struct key *auth_tok_key = NULL; - struct ecryptfs_auth_tok *auth_tok = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; substring_t args[MAX_OPT_ARGS]; int token; char *sig_src; - char *sig_dst; char *debug_src; char *cipher_name_dst; char *cipher_name_src; @@ -258,6 +255,7 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) rc = -EINVAL; goto out; } + ecryptfs_init_mount_crypt_stat(mount_crypt_stat); while ((p = strsep(&options, ",")) != NULL) { if (!*p) continue; @@ -334,12 +332,10 @@ static int ecryptfs_parse_options(struct super_block *sb, char *options) p); } } - /* Do not support lack of mount-wide signature in 0.1 - * release */ if (!sig_set) { rc = -EINVAL; - ecryptfs_printk(KERN_ERR, "You must supply a valid " - "passphrase auth tok signature as a mount " + ecryptfs_printk(KERN_ERR, "You must supply at least one valid " + "auth tok signature as a mount " "parameter; see the eCryptfs README\n"); goto out; } @@ -615,6 +611,21 @@ static struct ecryptfs_cache_info { .name = "ecryptfs_key_record_cache", .size = sizeof(struct ecryptfs_key_record), }, + { + .cache = &ecryptfs_key_sig_cache, + .name = "ecryptfs_key_sig_cache", + .size = sizeof(struct ecryptfs_key_sig), + }, + { + .cache = &ecryptfs_global_auth_tok_cache, + .name = "ecryptfs_global_auth_tok_cache", + .size = sizeof(struct ecryptfs_global_auth_tok), + }, + { + .cache = &ecryptfs_key_tfm_cache, + .name = "ecryptfs_key_tfm_cache", + .size = sizeof(struct ecryptfs_key_tfm), + }, }; static void ecryptfs_free_kmem_caches(void) @@ -717,7 +728,8 @@ static struct ecryptfs_version_str_map_elem { {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, {ECRYPTFS_VERSIONING_POLICY, "policy"}, - {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"} + {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"}, + {ECRYPTFS_VERSIONING_MULTKEY, "multiple keys per file"} }; static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) @@ -782,6 +794,12 @@ out: static void do_sysfs_unregistration(void) { + int rc; + + if ((rc = ecryptfs_destruct_crypto())) { + printk(KERN_ERR "Failure whilst attempting to destruct crypto; " + "rc = [%d]\n", rc); + } sysfs_remove_file(&ecryptfs_subsys.kobj, &sysfs_attr_version.attr); sysfs_remove_file(&ecryptfs_subsys.kobj, @@ -830,6 +848,16 @@ static int __init ecryptfs_init(void) do_sysfs_unregistration(); unregister_filesystem(&ecryptfs_fs_type); ecryptfs_free_kmem_caches(); + goto out; + } + rc = ecryptfs_init_crypto(); + if (rc) { + printk(KERN_ERR "Failure whilst attempting to init crypto; " + "rc = [%d]\n", rc); + do_sysfs_unregistration(); + unregister_filesystem(&ecryptfs_fs_type); + ecryptfs_free_kmem_caches(); + goto out; } out: return rc; |