1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2004-2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * Tyler Hicks <tyhicks@ou.edu> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License version 10 * 2 as published by the Free Software Foundation. 11 * 12 * This program is distributed in the hope that it will be useful, but 13 * WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15 * General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 20 * 02111-1307, USA. 21 */ 22 #include <linux/sched.h> 23 #include <linux/user_namespace.h> 24 #include <linux/nsproxy.h> 25 #include "ecryptfs_kernel.h" 26 27 static LIST_HEAD(ecryptfs_msg_ctx_free_list); 28 static LIST_HEAD(ecryptfs_msg_ctx_alloc_list); 29 static struct mutex ecryptfs_msg_ctx_lists_mux; 30 31 static struct hlist_head *ecryptfs_daemon_hash; 32 struct mutex ecryptfs_daemon_hash_mux; 33 static int ecryptfs_hash_buckets; 34 #define ecryptfs_uid_hash(uid) \ 35 hash_long((unsigned long)uid, ecryptfs_hash_buckets) 36 37 static u32 ecryptfs_msg_counter; 38 static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr; 39 40 /** 41 * ecryptfs_acquire_free_msg_ctx 42 * @msg_ctx: The context that was acquired from the free list 43 * 44 * Acquires a context element from the free list and locks the mutex 45 * on the context. Sets the msg_ctx task to current. Returns zero on 46 * success; non-zero on error or upon failure to acquire a free 47 * context element. Must be called with ecryptfs_msg_ctx_lists_mux 48 * held. 49 */ 50 static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx) 51 { 52 struct list_head *p; 53 int rc; 54 55 if (list_empty(&ecryptfs_msg_ctx_free_list)) { 56 printk(KERN_WARNING "%s: The eCryptfs free " 57 "context list is empty. It may be helpful to " 58 "specify the ecryptfs_message_buf_len " 59 "parameter to be greater than the current " 60 "value of [%d]\n", __func__, ecryptfs_message_buf_len); 61 rc = -ENOMEM; 62 goto out; 63 } 64 list_for_each(p, &ecryptfs_msg_ctx_free_list) { 65 *msg_ctx = list_entry(p, struct ecryptfs_msg_ctx, node); 66 if (mutex_trylock(&(*msg_ctx)->mux)) { 67 (*msg_ctx)->task = current; 68 rc = 0; 69 goto out; 70 } 71 } 72 rc = -ENOMEM; 73 out: 74 return rc; 75 } 76 77 /** 78 * ecryptfs_msg_ctx_free_to_alloc 79 * @msg_ctx: The context to move from the free list to the alloc list 80 * 81 * Must be called with ecryptfs_msg_ctx_lists_mux held. 82 */ 83 static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx) 84 { 85 list_move(&msg_ctx->node, &ecryptfs_msg_ctx_alloc_list); 86 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_PENDING; 87 msg_ctx->counter = ++ecryptfs_msg_counter; 88 } 89 90 /** 91 * ecryptfs_msg_ctx_alloc_to_free 92 * @msg_ctx: The context to move from the alloc list to the free list 93 * 94 * Must be called with ecryptfs_msg_ctx_lists_mux held. 95 */ 96 void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx) 97 { 98 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list); 99 if (msg_ctx->msg) 100 kfree(msg_ctx->msg); 101 msg_ctx->msg = NULL; 102 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE; 103 } 104 105 /** 106 * ecryptfs_find_daemon_by_euid 107 * @euid: The effective user id which maps to the desired daemon id 108 * @user_ns: The namespace in which @euid applies 109 * @daemon: If return value is zero, points to the desired daemon pointer 110 * 111 * Must be called with ecryptfs_daemon_hash_mux held. 112 * 113 * Search the hash list for the given user id. 114 * 115 * Returns zero if the user id exists in the list; non-zero otherwise. 116 */ 117 int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid, 118 struct user_namespace *user_ns) 119 { 120 struct hlist_node *elem; 121 int rc; 122 123 hlist_for_each_entry(*daemon, elem, 124 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)], 125 euid_chain) { 126 if ((*daemon)->euid == euid && (*daemon)->user_ns == user_ns) { 127 rc = 0; 128 goto out; 129 } 130 } 131 rc = -EINVAL; 132 out: 133 return rc; 134 } 135 136 static int 137 ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len, 138 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx); 139 140 /** 141 * ecryptfs_send_raw_message 142 * @transport: Transport type 143 * @msg_type: Message type 144 * @daemon: Daemon struct for recipient of message 145 * 146 * A raw message is one that does not include an ecryptfs_message 147 * struct. It simply has a type. 148 * 149 * Must be called with ecryptfs_daemon_hash_mux held. 150 * 151 * Returns zero on success; non-zero otherwise 152 */ 153 static int ecryptfs_send_raw_message(unsigned int transport, u8 msg_type, 154 struct ecryptfs_daemon *daemon) 155 { 156 struct ecryptfs_msg_ctx *msg_ctx; 157 int rc; 158 159 switch(transport) { 160 case ECRYPTFS_TRANSPORT_NETLINK: 161 rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0, 162 daemon->pid); 163 break; 164 case ECRYPTFS_TRANSPORT_MISCDEV: 165 rc = ecryptfs_send_message_locked(transport, NULL, 0, msg_type, 166 &msg_ctx); 167 if (rc) { 168 printk(KERN_ERR "%s: Error whilst attempting to send " 169 "message via procfs; rc = [%d]\n", __func__, rc); 170 goto out; 171 } 172 /* Raw messages are logically context-free (e.g., no 173 * reply is expected), so we set the state of the 174 * ecryptfs_msg_ctx object to indicate that it should 175 * be freed as soon as the transport sends out the message. */ 176 mutex_lock(&msg_ctx->mux); 177 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY; 178 mutex_unlock(&msg_ctx->mux); 179 break; 180 case ECRYPTFS_TRANSPORT_CONNECTOR: 181 case ECRYPTFS_TRANSPORT_RELAYFS: 182 default: 183 rc = -ENOSYS; 184 } 185 out: 186 return rc; 187 } 188 189 /** 190 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct 191 * @daemon: Pointer to set to newly allocated daemon struct 192 * @euid: Effective user id for the daemon 193 * @user_ns: The namespace in which @euid applies 194 * @pid: Process id for the daemon 195 * 196 * Must be called ceremoniously while in possession of 197 * ecryptfs_sacred_daemon_hash_mux 198 * 199 * Returns zero on success; non-zero otherwise 200 */ 201 int 202 ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid, 203 struct user_namespace *user_ns, struct pid *pid) 204 { 205 int rc = 0; 206 207 (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL); 208 if (!(*daemon)) { 209 rc = -ENOMEM; 210 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of " 211 "GFP_KERNEL memory\n", __func__, sizeof(**daemon)); 212 goto out; 213 } 214 (*daemon)->euid = euid; 215 (*daemon)->user_ns = get_user_ns(user_ns); 216 (*daemon)->pid = get_pid(pid); 217 (*daemon)->task = current; 218 mutex_init(&(*daemon)->mux); 219 INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue); 220 init_waitqueue_head(&(*daemon)->wait); 221 (*daemon)->num_queued_msg_ctx = 0; 222 hlist_add_head(&(*daemon)->euid_chain, 223 &ecryptfs_daemon_hash[ecryptfs_uid_hash(euid)]); 224 out: 225 return rc; 226 } 227 228 /** 229 * ecryptfs_process_helo 230 * @transport: The underlying transport (netlink, etc.) 231 * @euid: The user ID owner of the message 232 * @user_ns: The namespace in which @euid applies 233 * @pid: The process ID for the userspace program that sent the 234 * message 235 * 236 * Adds the euid and pid values to the daemon euid hash. If an euid 237 * already has a daemon pid registered, the daemon will be 238 * unregistered before the new daemon is put into the hash list. 239 * Returns zero after adding a new daemon to the hash list; 240 * non-zero otherwise. 241 */ 242 int ecryptfs_process_helo(unsigned int transport, uid_t euid, 243 struct user_namespace *user_ns, struct pid *pid) 244 { 245 struct ecryptfs_daemon *new_daemon; 246 struct ecryptfs_daemon *old_daemon; 247 int rc; 248 249 mutex_lock(&ecryptfs_daemon_hash_mux); 250 rc = ecryptfs_find_daemon_by_euid(&old_daemon, euid, user_ns); 251 if (rc != 0) { 252 printk(KERN_WARNING "Received request from user [%d] " 253 "to register daemon [0x%p]; unregistering daemon " 254 "[0x%p]\n", euid, pid, old_daemon->pid); 255 rc = ecryptfs_send_raw_message(transport, ECRYPTFS_MSG_QUIT, 256 old_daemon); 257 if (rc) 258 printk(KERN_WARNING "Failed to send QUIT " 259 "message to daemon [0x%p]; rc = [%d]\n", 260 old_daemon->pid, rc); 261 hlist_del(&old_daemon->euid_chain); 262 kfree(old_daemon); 263 } 264 rc = ecryptfs_spawn_daemon(&new_daemon, euid, user_ns, pid); 265 if (rc) 266 printk(KERN_ERR "%s: The gods are displeased with this attempt " 267 "to create a new daemon object for euid [%d]; pid " 268 "[0x%p]; rc = [%d]\n", __func__, euid, pid, rc); 269 mutex_unlock(&ecryptfs_daemon_hash_mux); 270 return rc; 271 } 272 273 /** 274 * ecryptfs_exorcise_daemon - Destroy the daemon struct 275 * 276 * Must be called ceremoniously while in possession of 277 * ecryptfs_daemon_hash_mux and the daemon's own mux. 278 */ 279 int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon) 280 { 281 struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp; 282 int rc = 0; 283 284 mutex_lock(&daemon->mux); 285 if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ) 286 || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) { 287 rc = -EBUSY; 288 printk(KERN_WARNING "%s: Attempt to destroy daemon with pid " 289 "[0x%p], but it is in the midst of a read or a poll\n", 290 __func__, daemon->pid); 291 mutex_unlock(&daemon->mux); 292 goto out; 293 } 294 list_for_each_entry_safe(msg_ctx, msg_ctx_tmp, 295 &daemon->msg_ctx_out_queue, daemon_out_list) { 296 list_del(&msg_ctx->daemon_out_list); 297 daemon->num_queued_msg_ctx--; 298 printk(KERN_WARNING "%s: Warning: dropping message that is in " 299 "the out queue of a dying daemon\n", __func__); 300 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 301 } 302 hlist_del(&daemon->euid_chain); 303 if (daemon->task) 304 wake_up_process(daemon->task); 305 if (daemon->pid) 306 put_pid(daemon->pid); 307 if (daemon->user_ns) 308 put_user_ns(daemon->user_ns); 309 mutex_unlock(&daemon->mux); 310 memset(daemon, 0, sizeof(*daemon)); 311 kfree(daemon); 312 out: 313 return rc; 314 } 315 316 /** 317 * ecryptfs_process_quit 318 * @euid: The user ID owner of the message 319 * @user_ns: The namespace in which @euid applies 320 * @pid: The process ID for the userspace program that sent the 321 * message 322 * 323 * Deletes the corresponding daemon for the given euid and pid, if 324 * it is the registered that is requesting the deletion. Returns zero 325 * after deleting the desired daemon; non-zero otherwise. 326 */ 327 int ecryptfs_process_quit(uid_t euid, struct user_namespace *user_ns, 328 struct pid *pid) 329 { 330 struct ecryptfs_daemon *daemon; 331 int rc; 332 333 mutex_lock(&ecryptfs_daemon_hash_mux); 334 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, user_ns); 335 if (rc || !daemon) { 336 rc = -EINVAL; 337 printk(KERN_ERR "Received request from user [%d] to " 338 "unregister unrecognized daemon [0x%p]\n", euid, pid); 339 goto out_unlock; 340 } 341 rc = ecryptfs_exorcise_daemon(daemon); 342 out_unlock: 343 mutex_unlock(&ecryptfs_daemon_hash_mux); 344 return rc; 345 } 346 347 /** 348 * ecryptfs_process_reponse 349 * @msg: The ecryptfs message received; the caller should sanity check 350 * msg->data_len and free the memory 351 * @pid: The process ID of the userspace application that sent the 352 * message 353 * @seq: The sequence number of the message; must match the sequence 354 * number for the existing message context waiting for this 355 * response 356 * 357 * Processes a response message after sending an operation request to 358 * userspace. Some other process is awaiting this response. Before 359 * sending out its first communications, the other process allocated a 360 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The 361 * response message contains this index so that we can copy over the 362 * response message into the msg_ctx that the process holds a 363 * reference to. The other process is going to wake up, check to see 364 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then 365 * proceed to read off and process the response message. Returns zero 366 * upon delivery to desired context element; non-zero upon delivery 367 * failure or error. 368 * 369 * Returns zero on success; non-zero otherwise 370 */ 371 int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid, 372 struct user_namespace *user_ns, struct pid *pid, 373 u32 seq) 374 { 375 struct ecryptfs_daemon *daemon; 376 struct ecryptfs_msg_ctx *msg_ctx; 377 size_t msg_size; 378 struct nsproxy *nsproxy; 379 struct user_namespace *current_user_ns; 380 int rc; 381 382 if (msg->index >= ecryptfs_message_buf_len) { 383 rc = -EINVAL; 384 printk(KERN_ERR "%s: Attempt to reference " 385 "context buffer at index [%d]; maximum " 386 "allowable is [%d]\n", __func__, msg->index, 387 (ecryptfs_message_buf_len - 1)); 388 goto out; 389 } 390 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index]; 391 mutex_lock(&msg_ctx->mux); 392 mutex_lock(&ecryptfs_daemon_hash_mux); 393 rcu_read_lock(); 394 nsproxy = task_nsproxy(msg_ctx->task); 395 if (nsproxy == NULL) { 396 rc = -EBADMSG; 397 printk(KERN_ERR "%s: Receiving process is a zombie. Dropping " 398 "message.\n", __func__); 399 rcu_read_unlock(); 400 mutex_unlock(&ecryptfs_daemon_hash_mux); 401 goto wake_up; 402 } 403 current_user_ns = nsproxy->user_ns; 404 rc = ecryptfs_find_daemon_by_euid(&daemon, msg_ctx->task->euid, 405 current_user_ns); 406 rcu_read_unlock(); 407 mutex_unlock(&ecryptfs_daemon_hash_mux); 408 if (rc) { 409 rc = -EBADMSG; 410 printk(KERN_WARNING "%s: User [%d] received a " 411 "message response from process [0x%p] but does " 412 "not have a registered daemon\n", __func__, 413 msg_ctx->task->euid, pid); 414 goto wake_up; 415 } 416 if (msg_ctx->task->euid != euid) { 417 rc = -EBADMSG; 418 printk(KERN_WARNING "%s: Received message from user " 419 "[%d]; expected message from user [%d]\n", __func__, 420 euid, msg_ctx->task->euid); 421 goto unlock; 422 } 423 if (current_user_ns != user_ns) { 424 rc = -EBADMSG; 425 printk(KERN_WARNING "%s: Received message from user_ns " 426 "[0x%p]; expected message from user_ns [0x%p]\n", 427 __func__, user_ns, nsproxy->user_ns); 428 goto unlock; 429 } 430 if (daemon->pid != pid) { 431 rc = -EBADMSG; 432 printk(KERN_ERR "%s: User [%d] sent a message response " 433 "from an unrecognized process [0x%p]\n", 434 __func__, msg_ctx->task->euid, pid); 435 goto unlock; 436 } 437 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { 438 rc = -EINVAL; 439 printk(KERN_WARNING "%s: Desired context element is not " 440 "pending a response\n", __func__); 441 goto unlock; 442 } else if (msg_ctx->counter != seq) { 443 rc = -EINVAL; 444 printk(KERN_WARNING "%s: Invalid message sequence; " 445 "expected [%d]; received [%d]\n", __func__, 446 msg_ctx->counter, seq); 447 goto unlock; 448 } 449 msg_size = (sizeof(*msg) + msg->data_len); 450 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL); 451 if (!msg_ctx->msg) { 452 rc = -ENOMEM; 453 printk(KERN_ERR "%s: Failed to allocate [%Zd] bytes of " 454 "GFP_KERNEL memory\n", __func__, msg_size); 455 goto unlock; 456 } 457 memcpy(msg_ctx->msg, msg, msg_size); 458 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_DONE; 459 rc = 0; 460 wake_up: 461 wake_up_process(msg_ctx->task); 462 unlock: 463 mutex_unlock(&msg_ctx->mux); 464 out: 465 return rc; 466 } 467 468 /** 469 * ecryptfs_send_message_locked 470 * @transport: The transport over which to send the message (i.e., 471 * netlink) 472 * @data: The data to send 473 * @data_len: The length of data 474 * @msg_ctx: The message context allocated for the send 475 * 476 * Must be called with ecryptfs_daemon_hash_mux held. 477 * 478 * Returns zero on success; non-zero otherwise 479 */ 480 static int 481 ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len, 482 u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx) 483 { 484 struct ecryptfs_daemon *daemon; 485 int rc; 486 487 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 488 current->nsproxy->user_ns); 489 if (rc || !daemon) { 490 rc = -ENOTCONN; 491 printk(KERN_ERR "%s: User [%d] does not have a daemon " 492 "registered\n", __func__, current->euid); 493 goto out; 494 } 495 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 496 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx); 497 if (rc) { 498 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 499 printk(KERN_WARNING "%s: Could not claim a free " 500 "context element\n", __func__); 501 goto out; 502 } 503 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx); 504 mutex_unlock(&(*msg_ctx)->mux); 505 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 506 switch (transport) { 507 case ECRYPTFS_TRANSPORT_NETLINK: 508 rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, msg_type, 509 0, daemon->pid); 510 break; 511 case ECRYPTFS_TRANSPORT_MISCDEV: 512 rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 513 0, daemon); 514 break; 515 case ECRYPTFS_TRANSPORT_CONNECTOR: 516 case ECRYPTFS_TRANSPORT_RELAYFS: 517 default: 518 rc = -ENOSYS; 519 } 520 if (rc) 521 printk(KERN_ERR "%s: Error attempting to send message to " 522 "userspace daemon; rc = [%d]\n", __func__, rc); 523 out: 524 return rc; 525 } 526 527 /** 528 * ecryptfs_send_message 529 * @transport: The transport over which to send the message (i.e., 530 * netlink) 531 * @data: The data to send 532 * @data_len: The length of data 533 * @msg_ctx: The message context allocated for the send 534 * 535 * Grabs ecryptfs_daemon_hash_mux. 536 * 537 * Returns zero on success; non-zero otherwise 538 */ 539 int ecryptfs_send_message(unsigned int transport, char *data, int data_len, 540 struct ecryptfs_msg_ctx **msg_ctx) 541 { 542 int rc; 543 544 mutex_lock(&ecryptfs_daemon_hash_mux); 545 rc = ecryptfs_send_message_locked(transport, data, data_len, 546 ECRYPTFS_MSG_REQUEST, msg_ctx); 547 mutex_unlock(&ecryptfs_daemon_hash_mux); 548 return rc; 549 } 550 551 /** 552 * ecryptfs_wait_for_response 553 * @msg_ctx: The context that was assigned when sending a message 554 * @msg: The incoming message from userspace; not set if rc != 0 555 * 556 * Sleeps until awaken by ecryptfs_receive_message or until the amount 557 * of time exceeds ecryptfs_message_wait_timeout. If zero is 558 * returned, msg will point to a valid message from userspace; a 559 * non-zero value is returned upon failure to receive a message or an 560 * error occurs. Callee must free @msg on success. 561 */ 562 int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx, 563 struct ecryptfs_message **msg) 564 { 565 signed long timeout = ecryptfs_message_wait_timeout * HZ; 566 int rc = 0; 567 568 sleep: 569 timeout = schedule_timeout_interruptible(timeout); 570 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 571 mutex_lock(&msg_ctx->mux); 572 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_DONE) { 573 if (timeout) { 574 mutex_unlock(&msg_ctx->mux); 575 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 576 goto sleep; 577 } 578 rc = -ENOMSG; 579 } else { 580 *msg = msg_ctx->msg; 581 msg_ctx->msg = NULL; 582 } 583 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 584 mutex_unlock(&msg_ctx->mux); 585 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 586 return rc; 587 } 588 589 int ecryptfs_init_messaging(unsigned int transport) 590 { 591 int i; 592 int rc = 0; 593 594 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) { 595 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS; 596 printk(KERN_WARNING "%s: Specified number of users is " 597 "too large, defaulting to [%d] users\n", __func__, 598 ecryptfs_number_of_users); 599 } 600 mutex_init(&ecryptfs_daemon_hash_mux); 601 mutex_lock(&ecryptfs_daemon_hash_mux); 602 ecryptfs_hash_buckets = 1; 603 while (ecryptfs_number_of_users >> ecryptfs_hash_buckets) 604 ecryptfs_hash_buckets++; 605 ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head) 606 * ecryptfs_hash_buckets), GFP_KERNEL); 607 if (!ecryptfs_daemon_hash) { 608 rc = -ENOMEM; 609 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__); 610 mutex_unlock(&ecryptfs_daemon_hash_mux); 611 goto out; 612 } 613 for (i = 0; i < ecryptfs_hash_buckets; i++) 614 INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]); 615 mutex_unlock(&ecryptfs_daemon_hash_mux); 616 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx) 617 * ecryptfs_message_buf_len), 618 GFP_KERNEL); 619 if (!ecryptfs_msg_ctx_arr) { 620 rc = -ENOMEM; 621 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__); 622 goto out; 623 } 624 mutex_init(&ecryptfs_msg_ctx_lists_mux); 625 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 626 ecryptfs_msg_counter = 0; 627 for (i = 0; i < ecryptfs_message_buf_len; i++) { 628 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node); 629 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list); 630 mutex_init(&ecryptfs_msg_ctx_arr[i].mux); 631 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 632 ecryptfs_msg_ctx_arr[i].index = i; 633 ecryptfs_msg_ctx_arr[i].state = ECRYPTFS_MSG_CTX_STATE_FREE; 634 ecryptfs_msg_ctx_arr[i].counter = 0; 635 ecryptfs_msg_ctx_arr[i].task = NULL; 636 ecryptfs_msg_ctx_arr[i].msg = NULL; 637 list_add_tail(&ecryptfs_msg_ctx_arr[i].node, 638 &ecryptfs_msg_ctx_free_list); 639 mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux); 640 } 641 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 642 switch(transport) { 643 case ECRYPTFS_TRANSPORT_NETLINK: 644 rc = ecryptfs_init_netlink(); 645 if (rc) 646 ecryptfs_release_messaging(transport); 647 break; 648 case ECRYPTFS_TRANSPORT_MISCDEV: 649 rc = ecryptfs_init_ecryptfs_miscdev(); 650 if (rc) 651 ecryptfs_release_messaging(transport); 652 break; 653 case ECRYPTFS_TRANSPORT_CONNECTOR: 654 case ECRYPTFS_TRANSPORT_RELAYFS: 655 default: 656 rc = -ENOSYS; 657 } 658 out: 659 return rc; 660 } 661 662 void ecryptfs_release_messaging(unsigned int transport) 663 { 664 if (ecryptfs_msg_ctx_arr) { 665 int i; 666 667 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 668 for (i = 0; i < ecryptfs_message_buf_len; i++) { 669 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 670 if (ecryptfs_msg_ctx_arr[i].msg) 671 kfree(ecryptfs_msg_ctx_arr[i].msg); 672 mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux); 673 } 674 kfree(ecryptfs_msg_ctx_arr); 675 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 676 } 677 if (ecryptfs_daemon_hash) { 678 struct hlist_node *elem; 679 struct ecryptfs_daemon *daemon; 680 int i; 681 682 mutex_lock(&ecryptfs_daemon_hash_mux); 683 for (i = 0; i < ecryptfs_hash_buckets; i++) { 684 int rc; 685 686 hlist_for_each_entry(daemon, elem, 687 &ecryptfs_daemon_hash[i], 688 euid_chain) { 689 rc = ecryptfs_exorcise_daemon(daemon); 690 if (rc) 691 printk(KERN_ERR "%s: Error whilst " 692 "attempting to destroy daemon; " 693 "rc = [%d]. Dazed and confused, " 694 "but trying to continue.\n", 695 __func__, rc); 696 } 697 } 698 kfree(ecryptfs_daemon_hash); 699 mutex_unlock(&ecryptfs_daemon_hash_mux); 700 } 701 switch(transport) { 702 case ECRYPTFS_TRANSPORT_NETLINK: 703 ecryptfs_release_netlink(); 704 break; 705 case ECRYPTFS_TRANSPORT_MISCDEV: 706 ecryptfs_destroy_ecryptfs_miscdev(); 707 break; 708 case ECRYPTFS_TRANSPORT_CONNECTOR: 709 case ECRYPTFS_TRANSPORT_RELAYFS: 710 default: 711 break; 712 } 713 return; 714 } 715