Re: [PATCH 12/12: eCryptfs] Crypto functions

From: Dave Kleikamp
Date: Thu Nov 03 2005 - 17:07:05 EST

Next message: Jean-Christian de Rivaz: "Re: NTP broken with 2.6.14"
Previous message: Steve French: "kernel connector upcall API"
In reply to: Phillip Hellewell: "[PATCH 12/12: eCryptfs] Crypto functions"
Next in thread: Michael Thompson: "Re: [PATCH 12/12: eCryptfs] Crypto functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2005-11-02 at 20:56 -0700, Phillip Hellewell wrote:
> +/**
> + * Write the file headers out. This will likely involve a userspace
> + * callout, in which the session key is encrypted with one or more
> + * public keys and/or the passphrase necessary to do the encryption
> is
> + * retrieved via a prompt. Exactly what happens at this point should
> + * be policy-dependent.
> + *
> + * @param lower_file The lower file struct, which was returned from
> + * dentry_open
> + * @return Zero on success; non-zero on error
> + */
> +int ecryptfs_write_headers(struct dentry *ecryptfs_dentry,
> + struct file *lower_file)
> +{
> + int rc = 0;
> + char *page_virt;
> + struct ecryptfs_crypt_stats *crypt_stats;
> + mm_segment_t oldfs;
> + int ecryptfs_marker_len;
> + ecryptfs_printk(1, KERN_NOTICE, "Enter\n");
> + crypt_stats =
> &INODE_TO_PRIVATE(ecryptfs_dentry->d_inode)->crypt_stats;
> + if (likely(1 == crypt_stats->encrypted)) {
> + if (!crypt_stats->key_valid) {
> + ecryptfs_printk(1, KERN_NOTICE, "Key is "
> + "invalid; bailing out\n");
> + rc = -EINVAL;
> + goto out;
> + }
> + } else {
> + rc = -EINVAL;
> + ecryptfs_printk(0, KERN_WARNING,
> + "Called with crypt_stats->encrypted ==
> 0\n");
> + goto out;
> + }
> + /* Released in this function */
> + page_virt =
> + ecryptfs_kmem_cache_alloc(ecryptfs_header_cache_0,
> SLAB_USER);
> + if (!page_virt) {
> + ecryptfs_printk(0, KERN_ERR, "Out of memory\n");
> + return -ENOMEM;
> + }
> + ecryptfs_marker_len = write_ecryptfs_marker(page_virt,
> +
> ECRYPTFS_FILE_SIZE_BYTES);
> + rc = ecryptfs_generate_key_packet_set(page_virt,
> +
> (ECRYPTFS_FILE_SIZE_BYTES
> + + ecryptfs_marker_len),
> + crypt_stats,
> ecryptfs_dentry);
> + if (unlikely(rc == 0)) {
> + rc = -EIO;
> + ecryptfs_printk(0, KERN_ERR, "Error whilst generating
> the key "
> + "packet set; writing zero's\n");
> + goto out_free;
> + }
> + rc = 0;
> + ecryptfs_printk(1, KERN_NOTICE,
> + "Writing key packet set to underlying file
> \n");
> + lower_file->f_pos = 0;
> + oldfs = get_fs();
> + set_fs(get_ds());
> + lower_file->f_op->write(lower_file, (char __user *)page_virt,
> + PAGE_CACHE_SIZE, &lower_file->f_pos);
> + set_fs(oldfs);
> + ecryptfs_fput(lower_file);

Why the call to ecryptfs_fput() here? The caller does it's own fput on
lower_file.

> + ecryptfs_printk(1, KERN_NOTICE,
> + "Done writing key packet set to underlying
> file.\n");
> +out_free:
> + ecryptfs_kmem_cache_free(ecryptfs_header_cache_0, page_virt);
> +out:
> + ecryptfs_printk(1, KERN_NOTICE, "Exit; rc = [%d]\n", rc);
> + return rc;
> +}
--
David Kleikamp
IBM Linux Technology Center

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean-Christian de Rivaz: "Re: NTP broken with 2.6.14"
Previous message: Steve French: "kernel connector upcall API"
In reply to: Phillip Hellewell: "[PATCH 12/12: eCryptfs] Crypto functions"
Next in thread: Michael Thompson: "Re: [PATCH 12/12: eCryptfs] Crypto functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]