Lines Matching +full:lower +full:- +full:case
1 // SPDX-License-Identifier: GPL-2.0-or-later
5 * Copyright (C) 1997-2003 Erez Zadok
6 * Copyright (C) 2001-2003 Stony Brook University
7 * Copyright (C) 2004-2007 International Business Machines Corp.
86 * the lower dentry and the lower mount set
88 * eCryptfs only ever keeps a single open file for every lower
89 * inode. All I/O operations to the lower inode occur through that
91 * lower dentry for that inode is created, this function creates the
92 * lower file struct and associates it with the eCryptfs
96 * The lower file will be opened with read/write permissions, if
97 * possible. Otherwise, it is opened read-only.
99 * This function does nothing if a lower file is already
102 * Returns zero on success; non-zero otherwise
111 rc = ecryptfs_privileged_open(lower_file, path->dentry, path->mnt, in ecryptfs_init_lower_file()
114 printk(KERN_ERR "Error opening lower file " in ecryptfs_init_lower_file()
116 "rc = [%d]\n", path->dentry, path->mnt, rc); in ecryptfs_init_lower_file()
128 mutex_lock(&inode_info->lower_file_mutex); in ecryptfs_get_lower_file()
129 count = atomic_inc_return(&inode_info->lower_file_count); in ecryptfs_get_lower_file()
131 rc = -EINVAL; in ecryptfs_get_lower_file()
134 &inode_info->lower_file); in ecryptfs_get_lower_file()
136 atomic_set(&inode_info->lower_file_count, 0); in ecryptfs_get_lower_file()
138 mutex_unlock(&inode_info->lower_file_mutex); in ecryptfs_get_lower_file()
147 if (atomic_dec_and_mutex_lock(&inode_info->lower_file_count, in ecryptfs_put_lower_file()
148 &inode_info->lower_file_mutex)) { in ecryptfs_put_lower_file()
149 filemap_write_and_wait(inode->i_mapping); in ecryptfs_put_lower_file()
150 fput(inode_info->lower_file); in ecryptfs_put_lower_file()
151 inode_info->lower_file = NULL; in ecryptfs_put_lower_file()
152 mutex_unlock(&inode_info->lower_file_mutex); in ecryptfs_put_lower_file()
192 &mount_crypt_stat->global_auth_tok_list, in ecryptfs_init_global_auth_toks()
195 &global_auth_tok->global_auth_tok_key, &auth_tok, in ecryptfs_init_global_auth_toks()
196 global_auth_tok->sig); in ecryptfs_init_global_auth_toks()
200 "option: [%s]\n", global_auth_tok->sig); in ecryptfs_init_global_auth_toks()
201 global_auth_tok->flags |= ECRYPTFS_AUTH_TOK_INVALID; in ecryptfs_init_global_auth_toks()
204 global_auth_tok->flags &= ~ECRYPTFS_AUTH_TOK_INVALID; in ecryptfs_init_global_auth_toks()
205 up_write(&(global_auth_tok->global_auth_tok_key)->sem); in ecryptfs_init_global_auth_toks()
217 INIT_LIST_HEAD(&mount_crypt_stat->global_auth_tok_list); in ecryptfs_init_mount_crypt_stat()
218 mutex_init(&mount_crypt_stat->global_auth_tok_list_mutex); in ecryptfs_init_mount_crypt_stat()
219 mount_crypt_stat->flags |= ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED; in ecryptfs_init_mount_crypt_stat()
229 * debug=N - ecryptfs_verbosity level for debug output
230 * sig=XXX - description(signature) of the key to use
232 * Returns the dentry object of the lower-level (lower/interposed)
234 * that lower directory.
240 * Returns zero on success; non-zero on error
255 &sbi->mount_crypt_stat; in ecryptfs_parse_options()
272 rc = -EINVAL; in ecryptfs_parse_options()
281 case ecryptfs_opt_sig: in ecryptfs_parse_options()
282 case ecryptfs_opt_ecryptfs_sig: in ecryptfs_parse_options()
293 case ecryptfs_opt_cipher: in ecryptfs_parse_options()
294 case ecryptfs_opt_ecryptfs_cipher: in ecryptfs_parse_options()
297 mount_crypt_stat-> in ecryptfs_parse_options()
304 case ecryptfs_opt_ecryptfs_key_bytes: in ecryptfs_parse_options()
309 mount_crypt_stat->global_default_cipher_key_size = in ecryptfs_parse_options()
313 case ecryptfs_opt_passthrough: in ecryptfs_parse_options()
314 mount_crypt_stat->flags |= in ecryptfs_parse_options()
317 case ecryptfs_opt_xattr_metadata: in ecryptfs_parse_options()
318 mount_crypt_stat->flags |= in ecryptfs_parse_options()
321 case ecryptfs_opt_encrypted_view: in ecryptfs_parse_options()
322 mount_crypt_stat->flags |= in ecryptfs_parse_options()
324 mount_crypt_stat->flags |= in ecryptfs_parse_options()
327 case ecryptfs_opt_fnek_sig: in ecryptfs_parse_options()
330 mount_crypt_stat->global_default_fnek_sig; in ecryptfs_parse_options()
332 mount_crypt_stat->global_default_fnek_sig[ in ecryptfs_parse_options()
336 mount_crypt_stat->global_default_fnek_sig, in ecryptfs_parse_options()
341 mount_crypt_stat->global_default_fnek_sig, in ecryptfs_parse_options()
345 mount_crypt_stat->flags |= in ecryptfs_parse_options()
349 case ecryptfs_opt_fn_cipher: in ecryptfs_parse_options()
352 mount_crypt_stat->global_default_fn_cipher_name; in ecryptfs_parse_options()
355 mount_crypt_stat->global_default_fn_cipher_name[ in ecryptfs_parse_options()
359 case ecryptfs_opt_fn_cipher_key_bytes: in ecryptfs_parse_options()
364 mount_crypt_stat->global_default_fn_cipher_key_bytes = in ecryptfs_parse_options()
368 case ecryptfs_opt_unlink_sigs: in ecryptfs_parse_options()
369 mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS; in ecryptfs_parse_options()
371 case ecryptfs_opt_mount_auth_tok_only: in ecryptfs_parse_options()
372 mount_crypt_stat->flags |= in ecryptfs_parse_options()
375 case ecryptfs_opt_check_dev_ruid: in ecryptfs_parse_options()
378 case ecryptfs_opt_err: in ecryptfs_parse_options()
386 rc = -EINVAL; in ecryptfs_parse_options()
396 strcpy(mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_options()
399 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_parse_options()
401 strcpy(mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_parse_options()
402 mount_crypt_stat->global_default_cipher_name); in ecryptfs_parse_options()
404 mount_crypt_stat->global_default_cipher_key_size = 0; in ecryptfs_parse_options()
405 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_parse_options()
407 mount_crypt_stat->global_default_fn_cipher_key_bytes = in ecryptfs_parse_options()
408 mount_crypt_stat->global_default_cipher_key_size; in ecryptfs_parse_options()
411 mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_options()
412 mount_crypt_stat->global_default_cipher_key_size); in ecryptfs_parse_options()
416 mount_crypt_stat->global_default_cipher_name); in ecryptfs_parse_options()
417 rc = -EINVAL; in ecryptfs_parse_options()
422 if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_options()
425 NULL, mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_options()
426 mount_crypt_stat->global_default_cipher_key_size); in ecryptfs_parse_options()
431 mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_options()
432 mount_crypt_stat->global_default_cipher_key_size, in ecryptfs_parse_options()
434 rc = -EINVAL; in ecryptfs_parse_options()
439 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_parse_options()
441 mount_crypt_stat->global_default_fn_cipher_name, NULL)) { in ecryptfs_parse_options()
443 NULL, mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_parse_options()
444 mount_crypt_stat->global_default_fn_cipher_key_bytes); in ecryptfs_parse_options()
449 mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_parse_options()
450 mount_crypt_stat->global_default_fn_cipher_key_bytes, in ecryptfs_parse_options()
452 rc = -EINVAL; in ecryptfs_parse_options()
491 rc = -ENOMEM; in ecryptfs_mount()
496 rc = -EINVAL; in ecryptfs_mount()
506 mount_crypt_stat = &sbi->mount_crypt_stat; in ecryptfs_mount()
520 /* ->kill_sb() will take care of sbi after that point */ in ecryptfs_mount()
522 s->s_op = &ecryptfs_sops; in ecryptfs_mount()
523 s->s_xattr = ecryptfs_xattr_handlers; in ecryptfs_mount()
524 s->s_d_op = &ecryptfs_dops; in ecryptfs_mount()
532 if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) { in ecryptfs_mount()
533 rc = -EINVAL; in ecryptfs_mount()
541 rc = -EINVAL; in ecryptfs_mount()
546 if (check_ruid && !uid_eq(d_inode(path.dentry)->i_uid, current_uid())) { in ecryptfs_mount()
547 rc = -EPERM; in ecryptfs_mount()
555 ecryptfs_set_superblock_lower(s, path.dentry->d_sb); in ecryptfs_mount()
558 * Set the POSIX ACL flag based on whether they're enabled in the lower in ecryptfs_mount()
561 s->s_flags = flags & ~SB_POSIXACL; in ecryptfs_mount()
562 s->s_flags |= path.dentry->d_sb->s_flags & SB_POSIXACL; in ecryptfs_mount()
565 * Force a read-only eCryptfs mount when: in ecryptfs_mount()
566 * 1) The lower mount is ro in ecryptfs_mount()
569 if (sb_rdonly(path.dentry->d_sb) || mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) in ecryptfs_mount()
570 s->s_flags |= SB_RDONLY; in ecryptfs_mount()
572 s->s_maxbytes = path.dentry->d_sb->s_maxbytes; in ecryptfs_mount()
573 s->s_blocksize = path.dentry->d_sb->s_blocksize; in ecryptfs_mount()
574 s->s_magic = ECRYPTFS_SUPER_MAGIC; in ecryptfs_mount()
575 s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1; in ecryptfs_mount()
577 rc = -EINVAL; in ecryptfs_mount()
578 if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { in ecryptfs_mount()
588 s->s_root = d_make_root(inode); in ecryptfs_mount()
589 if (!s->s_root) { in ecryptfs_mount()
590 rc = -ENOMEM; in ecryptfs_mount()
594 rc = -ENOMEM; in ecryptfs_mount()
599 /* ->kill_sb() will take care of root_info */ in ecryptfs_mount()
600 ecryptfs_set_dentry_private(s->s_root, root_info); in ecryptfs_mount()
601 root_info->lower_path = path; in ecryptfs_mount()
603 s->s_flags |= SB_ACTIVE; in ecryptfs_mount()
604 return dget(s->s_root); in ecryptfs_mount()
612 ecryptfs_destroy_mount_crypt_stat(&sbi->mount_crypt_stat); in ecryptfs_mount()
631 ecryptfs_destroy_mount_crypt_stat(&sb_info->mount_crypt_stat); in ecryptfs_kill_block_super()
654 inode_init_once(&ei->vfs_inode); in inode_info_init_once()
737 kmem_cache_destroy(*(info->cache)); in ecryptfs_free_kmem_caches()
744 * Returns zero on success; non-zero otherwise
754 *(info->cache) = kmem_cache_create(info->name, info->size, 0, in ecryptfs_init_kmem_caches()
755 SLAB_HWCACHE_ALIGN | info->flags, info->ctor); in ecryptfs_init_kmem_caches()
756 if (!*(info->cache)) { in ecryptfs_init_kmem_caches()
760 info->name); in ecryptfs_init_kmem_caches()
761 return -ENOMEM; in ecryptfs_init_kmem_caches()
793 rc = -ENOMEM; in do_sysfs_registration()
817 rc = -EINVAL; in ecryptfs_init()