| crypto.c (05db67a4f2c14dab5bcaa46c7d4e9237bd11b37c) | crypto.c (18d1dbf1d401e8f9d74cf1cf799fdb19cff150c6) |
|---|---|
| 1/** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 1997-2004 Erez Zadok 5 * Copyright (C) 2001-2004 Stony Brook University 6 * Copyright (C) 2004-2007 International Business Machines Corp. 7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 8 * Michael C. Thompson <mcthomps@us.ibm.com> --- 105 unchanged lines hidden (view full) --- 114 goto out; 115 } 116 crypt_stat->hash_tfm = desc.tfm; 117 } 118 rc = crypto_hash_init(&desc); 119 if (rc) { 120 printk(KERN_ERR 121 "%s: Error initializing crypto hash; rc = [%d]\n", | 1/** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 1997-2004 Erez Zadok 5 * Copyright (C) 2001-2004 Stony Brook University 6 * Copyright (C) 2004-2007 International Business Machines Corp. 7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 8 * Michael C. Thompson <mcthomps@us.ibm.com> --- 105 unchanged lines hidden (view full) --- 114 goto out; 115 } 116 crypt_stat->hash_tfm = desc.tfm; 117 } 118 rc = crypto_hash_init(&desc); 119 if (rc) { 120 printk(KERN_ERR 121 "%s: Error initializing crypto hash; rc = [%d]\n", |
| 122 __FUNCTION__, rc); | 122 __func__, rc); |
| 123 goto out; 124 } 125 rc = crypto_hash_update(&desc, &sg, len); 126 if (rc) { 127 printk(KERN_ERR 128 "%s: Error updating crypto hash; rc = [%d]\n", | 123 goto out; 124 } 125 rc = crypto_hash_update(&desc, &sg, len); 126 if (rc) { 127 printk(KERN_ERR 128 "%s: Error updating crypto hash; rc = [%d]\n", |
| 129 __FUNCTION__, rc); | 129 __func__, rc); |
| 130 goto out; 131 } 132 rc = crypto_hash_final(&desc, dst); 133 if (rc) { 134 printk(KERN_ERR 135 "%s: Error finalizing crypto hash; rc = [%d]\n", | 130 goto out; 131 } 132 rc = crypto_hash_final(&desc, dst); 133 if (rc) { 134 printk(KERN_ERR 135 "%s: Error finalizing crypto hash; rc = [%d]\n", |
| 136 __FUNCTION__, rc); | 136 __func__, rc); |
| 137 goto out; 138 } 139out: 140 mutex_unlock(&crypt_stat->cs_hash_tfm_mutex); 141 return rc; 142} 143 144static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, --- 287 unchanged lines hidden (view full) --- 432 } 433 rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, 434 page, (extent_offset 435 * crypt_stat->extent_size), 436 crypt_stat->extent_size, extent_iv); 437 if (rc < 0) { 438 printk(KERN_ERR "%s: Error attempting to encrypt page with " 439 "page->index = [%ld], extent_offset = [%ld]; " | 137 goto out; 138 } 139out: 140 mutex_unlock(&crypt_stat->cs_hash_tfm_mutex); 141 return rc; 142} 143 144static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, --- 287 unchanged lines hidden (view full) --- 432 } 433 rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, 434 page, (extent_offset 435 * crypt_stat->extent_size), 436 crypt_stat->extent_size, extent_iv); 437 if (rc < 0) { 438 printk(KERN_ERR "%s: Error attempting to encrypt page with " 439 "page->index = [%ld], extent_offset = [%ld]; " |
| 440 "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, | 440 "rc = [%d]\n", __func__, page->index, extent_offset, |
| 441 rc); 442 goto out; 443 } 444 rc = 0; 445 if (unlikely(ecryptfs_verbosity > 0)) { 446 ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " 447 "rc = [%d]\n", (extent_base + extent_offset), 448 rc); --- 33 unchanged lines hidden (view full) --- 482 ecryptfs_inode = page->mapping->host; 483 crypt_stat = 484 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 485 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 486 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 487 0, PAGE_CACHE_SIZE); 488 if (rc) 489 printk(KERN_ERR "%s: Error attempting to copy " | 441 rc); 442 goto out; 443 } 444 rc = 0; 445 if (unlikely(ecryptfs_verbosity > 0)) { 446 ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " 447 "rc = [%d]\n", (extent_base + extent_offset), 448 rc); --- 33 unchanged lines hidden (view full) --- 482 ecryptfs_inode = page->mapping->host; 483 crypt_stat = 484 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 485 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 486 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 487 0, PAGE_CACHE_SIZE); 488 if (rc) 489 printk(KERN_ERR "%s: Error attempting to copy " |
| 490 "page at index [%ld]\n", __FUNCTION__, | 490 "page at index [%ld]\n", __func__, |
| 491 page->index); 492 goto out; 493 } 494 enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); 495 if (!enc_extent_virt) { 496 rc = -ENOMEM; 497 ecryptfs_printk(KERN_ERR, "Error allocating memory for " 498 "encrypted extent\n"); --- 4 unchanged lines hidden (view full) --- 503 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); 504 extent_offset++) { 505 loff_t offset; 506 507 rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat, page, 508 extent_offset); 509 if (rc) { 510 printk(KERN_ERR "%s: Error encrypting extent; " | 491 page->index); 492 goto out; 493 } 494 enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); 495 if (!enc_extent_virt) { 496 rc = -ENOMEM; 497 ecryptfs_printk(KERN_ERR, "Error allocating memory for " 498 "encrypted extent\n"); --- 4 unchanged lines hidden (view full) --- 503 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); 504 extent_offset++) { 505 loff_t offset; 506 507 rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat, page, 508 extent_offset); 509 if (rc) { 510 printk(KERN_ERR "%s: Error encrypting extent; " |
| 511 "rc = [%d]\n", __FUNCTION__, rc); | 511 "rc = [%d]\n", __func__, rc); |
| 512 goto out; 513 } 514 ecryptfs_lower_offset_for_extent( 515 &offset, ((((loff_t)page->index) 516 * (PAGE_CACHE_SIZE 517 / crypt_stat->extent_size)) 518 + extent_offset), crypt_stat); 519 rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, --- 44 unchanged lines hidden (view full) --- 564 rc = ecryptfs_decrypt_page_offset(crypt_stat, page, 565 (extent_offset 566 * crypt_stat->extent_size), 567 enc_extent_page, 0, 568 crypt_stat->extent_size, extent_iv); 569 if (rc < 0) { 570 printk(KERN_ERR "%s: Error attempting to decrypt to page with " 571 "page->index = [%ld], extent_offset = [%ld]; " | 512 goto out; 513 } 514 ecryptfs_lower_offset_for_extent( 515 &offset, ((((loff_t)page->index) 516 * (PAGE_CACHE_SIZE 517 / crypt_stat->extent_size)) 518 + extent_offset), crypt_stat); 519 rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, --- 44 unchanged lines hidden (view full) --- 564 rc = ecryptfs_decrypt_page_offset(crypt_stat, page, 565 (extent_offset 566 * crypt_stat->extent_size), 567 enc_extent_page, 0, 568 crypt_stat->extent_size, extent_iv); 569 if (rc < 0) { 570 printk(KERN_ERR "%s: Error attempting to decrypt to page with " 571 "page->index = [%ld], extent_offset = [%ld]; " |
| 572 "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, | 572 "rc = [%d]\n", __func__, page->index, extent_offset, |
| 573 rc); 574 goto out; 575 } 576 rc = 0; 577 if (unlikely(ecryptfs_verbosity > 0)) { 578 ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " 579 "rc = [%d]\n", (extent_base + extent_offset), 580 rc); --- 36 unchanged lines hidden (view full) --- 617 crypt_stat = 618 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 619 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 620 rc = ecryptfs_read_lower_page_segment(page, page->index, 0, 621 PAGE_CACHE_SIZE, 622 ecryptfs_inode); 623 if (rc) 624 printk(KERN_ERR "%s: Error attempting to copy " | 573 rc); 574 goto out; 575 } 576 rc = 0; 577 if (unlikely(ecryptfs_verbosity > 0)) { 578 ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " 579 "rc = [%d]\n", (extent_base + extent_offset), 580 rc); --- 36 unchanged lines hidden (view full) --- 617 crypt_stat = 618 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 619 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 620 rc = ecryptfs_read_lower_page_segment(page, page->index, 0, 621 PAGE_CACHE_SIZE, 622 ecryptfs_inode); 623 if (rc) 624 printk(KERN_ERR "%s: Error attempting to copy " |
| 625 "page at index [%ld]\n", __FUNCTION__, | 625 "page at index [%ld]\n", __func__, |
| 626 page->index); 627 goto out; 628 } 629 enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); 630 if (!enc_extent_virt) { 631 rc = -ENOMEM; 632 ecryptfs_printk(KERN_ERR, "Error allocating memory for " 633 "encrypted extent\n"); --- 17 unchanged lines hidden (view full) --- 651 "to read lower page; rc = [%d]" 652 "\n", rc); 653 goto out; 654 } 655 rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page, 656 extent_offset); 657 if (rc) { 658 printk(KERN_ERR "%s: Error encrypting extent; " | 626 page->index); 627 goto out; 628 } 629 enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); 630 if (!enc_extent_virt) { 631 rc = -ENOMEM; 632 ecryptfs_printk(KERN_ERR, "Error allocating memory for " 633 "encrypted extent\n"); --- 17 unchanged lines hidden (view full) --- 651 "to read lower page; rc = [%d]" 652 "\n", rc); 653 goto out; 654 } 655 rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page, 656 extent_offset); 657 if (rc) { 658 printk(KERN_ERR "%s: Error encrypting extent; " |
| 659 "rc = [%d]\n", __FUNCTION__, rc); | 659 "rc = [%d]\n", __func__, rc); |
| 660 goto out; 661 } 662 } 663out: 664 kfree(enc_extent_virt); 665 return rc; 666} 667 --- 542 unchanged lines hidden (view full) --- 1210 struct ecryptfs_crypt_stat *crypt_stat = 1211 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 1212 int rc; 1213 1214 rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size, 1215 ecryptfs_inode); 1216 if (rc) { 1217 printk(KERN_ERR "%s: Error reading header region; rc = [%d]\n", | 660 goto out; 661 } 662 } 663out: 664 kfree(enc_extent_virt); 665 return rc; 666} 667 --- 542 unchanged lines hidden (view full) --- 1210 struct ecryptfs_crypt_stat *crypt_stat = 1211 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 1212 int rc; 1213 1214 rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size, 1215 ecryptfs_inode); 1216 if (rc) { 1217 printk(KERN_ERR "%s: Error reading header region; rc = [%d]\n", |
| 1218 __FUNCTION__, rc); | 1218 __func__, rc); |
| 1219 goto out; 1220 } 1221 if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) { 1222 rc = -EINVAL; 1223 ecryptfs_printk(KERN_DEBUG, "Valid marker not found\n"); 1224 } 1225out: 1226 return rc; --- 87 unchanged lines hidden (view full) --- 1314 char *virt) 1315{ 1316 int rc; 1317 1318 rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, 1319 0, crypt_stat->num_header_bytes_at_front); 1320 if (rc) 1321 printk(KERN_ERR "%s: Error attempting to write header " | 1219 goto out; 1220 } 1221 if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) { 1222 rc = -EINVAL; 1223 ecryptfs_printk(KERN_DEBUG, "Valid marker not found\n"); 1224 } 1225out: 1226 return rc; --- 87 unchanged lines hidden (view full) --- 1314 char *virt) 1315{ 1316 int rc; 1317 1318 rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt, 1319 0, crypt_stat->num_header_bytes_at_front); 1320 if (rc) 1321 printk(KERN_ERR "%s: Error attempting to write header " |
| 1322 "information to lower file; rc = [%d]\n", __FUNCTION__, | 1322 "information to lower file; rc = [%d]\n", __func__, |
| 1323 rc); 1324 return rc; 1325} 1326 1327static int 1328ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, 1329 struct ecryptfs_crypt_stat *crypt_stat, 1330 char *page_virt, size_t size) --- 28 unchanged lines hidden (view full) --- 1359 if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 1360 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { 1361 printk(KERN_ERR "Key is invalid; bailing out\n"); 1362 rc = -EINVAL; 1363 goto out; 1364 } 1365 } else { 1366 printk(KERN_WARNING "%s: Encrypted flag not set\n", | 1323 rc); 1324 return rc; 1325} 1326 1327static int 1328ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, 1329 struct ecryptfs_crypt_stat *crypt_stat, 1330 char *page_virt, size_t size) --- 28 unchanged lines hidden (view full) --- 1359 if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 1360 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { 1361 printk(KERN_ERR "Key is invalid; bailing out\n"); 1362 rc = -EINVAL; 1363 goto out; 1364 } 1365 } else { 1366 printk(KERN_WARNING "%s: Encrypted flag not set\n", |
| 1367 __FUNCTION__); | 1367 __func__); |
| 1368 rc = -EINVAL; 1369 goto out; 1370 } 1371 /* Released in this function */ 1372 virt = kzalloc(crypt_stat->num_header_bytes_at_front, GFP_KERNEL); 1373 if (!virt) { | 1368 rc = -EINVAL; 1369 goto out; 1370 } 1371 /* Released in this function */ 1372 virt = kzalloc(crypt_stat->num_header_bytes_at_front, GFP_KERNEL); 1373 if (!virt) { |
| 1374 printk(KERN_ERR "%s: Out of memory\n", __FUNCTION__); | 1374 printk(KERN_ERR "%s: Out of memory\n", __func__); |
| 1375 rc = -ENOMEM; 1376 goto out; 1377 } 1378 rc = ecryptfs_write_headers_virt(virt, &size, crypt_stat, 1379 ecryptfs_dentry); 1380 if (unlikely(rc)) { 1381 printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", | 1375 rc = -ENOMEM; 1376 goto out; 1377 } 1378 rc = ecryptfs_write_headers_virt(virt, &size, crypt_stat, 1379 ecryptfs_dentry); 1380 if (unlikely(rc)) { 1381 printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", |
| 1382 __FUNCTION__, rc); | 1382 __func__, rc); |
| 1383 goto out_free; 1384 } 1385 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 1386 rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, 1387 crypt_stat, virt, size); 1388 else 1389 rc = ecryptfs_write_metadata_to_contents(crypt_stat, 1390 ecryptfs_dentry, virt); 1391 if (rc) { 1392 printk(KERN_ERR "%s: Error writing metadata out to lower file; " | 1383 goto out_free; 1384 } 1385 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 1386 rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, 1387 crypt_stat, virt, size); 1388 else 1389 rc = ecryptfs_write_metadata_to_contents(crypt_stat, 1390 ecryptfs_dentry, virt); 1391 if (rc) { 1392 printk(KERN_ERR "%s: Error writing metadata out to lower file; " |
| 1393 "rc = [%d]\n", __FUNCTION__, rc); | 1393 "rc = [%d]\n", __func__, rc); |
| 1394 goto out_free; 1395 } 1396out_free: 1397 memset(virt, 0, crypt_stat->num_header_bytes_at_front); 1398 kfree(virt); 1399out: 1400 return rc; 1401} --- 177 unchanged lines hidden (view full) --- 1579 1580 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 1581 mount_crypt_stat); 1582 /* Read the first page from the underlying file */ 1583 page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER); 1584 if (!page_virt) { 1585 rc = -ENOMEM; 1586 printk(KERN_ERR "%s: Unable to allocate page_virt\n", | 1394 goto out_free; 1395 } 1396out_free: 1397 memset(virt, 0, crypt_stat->num_header_bytes_at_front); 1398 kfree(virt); 1399out: 1400 return rc; 1401} --- 177 unchanged lines hidden (view full) --- 1579 1580 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 1581 mount_crypt_stat); 1582 /* Read the first page from the underlying file */ 1583 page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER); 1584 if (!page_virt) { 1585 rc = -ENOMEM; 1586 printk(KERN_ERR "%s: Unable to allocate page_virt\n", |
| 1587 __FUNCTION__); | 1587 __func__); |
| 1588 goto out; 1589 } 1590 rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size, 1591 ecryptfs_inode); 1592 if (!rc) 1593 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, 1594 ecryptfs_dentry, 1595 ECRYPTFS_VALIDATE_HEADER_SIZE); --- 319 unchanged lines hidden --- | 1588 goto out; 1589 } 1590 rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size, 1591 ecryptfs_inode); 1592 if (!rc) 1593 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, 1594 ecryptfs_dentry, 1595 ECRYPTFS_VALIDATE_HEADER_SIZE); --- 319 unchanged lines hidden --- |