1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2004-2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * Tyler Hicks <tyhicks@ou.edu> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License version 10 * 2 as published by the Free Software Foundation. 11 * 12 * This program is distributed in the hope that it will be useful, but 13 * WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15 * General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 20 * 02111-1307, USA. 21 */ 22 #include <linux/sched.h> 23 #include <linux/slab.h> 24 #include <linux/user_namespace.h> 25 #include <linux/nsproxy.h> 26 #include "ecryptfs_kernel.h" 27 28 static LIST_HEAD(ecryptfs_msg_ctx_free_list); 29 static LIST_HEAD(ecryptfs_msg_ctx_alloc_list); 30 static struct mutex ecryptfs_msg_ctx_lists_mux; 31 32 static struct hlist_head *ecryptfs_daemon_hash; 33 struct mutex ecryptfs_daemon_hash_mux; 34 static int ecryptfs_hash_bits; 35 #define ecryptfs_current_euid_hash(uid) \ 36 hash_long((unsigned long)from_kuid(&init_user_ns, current_euid()), ecryptfs_hash_bits) 37 38 static u32 ecryptfs_msg_counter; 39 static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr; 40 41 /** 42 * ecryptfs_acquire_free_msg_ctx 43 * @msg_ctx: The context that was acquired from the free list 44 * 45 * Acquires a context element from the free list and locks the mutex 46 * on the context. Sets the msg_ctx task to current. Returns zero on 47 * success; non-zero on error or upon failure to acquire a free 48 * context element. Must be called with ecryptfs_msg_ctx_lists_mux 49 * held. 50 */ 51 static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx) 52 { 53 struct list_head *p; 54 int rc; 55 56 if (list_empty(&ecryptfs_msg_ctx_free_list)) { 57 printk(KERN_WARNING "%s: The eCryptfs free " 58 "context list is empty. It may be helpful to " 59 "specify the ecryptfs_message_buf_len " 60 "parameter to be greater than the current " 61 "value of [%d]\n", __func__, ecryptfs_message_buf_len); 62 rc = -ENOMEM; 63 goto out; 64 } 65 list_for_each(p, &ecryptfs_msg_ctx_free_list) { 66 *msg_ctx = list_entry(p, struct ecryptfs_msg_ctx, node); 67 if (mutex_trylock(&(*msg_ctx)->mux)) { 68 (*msg_ctx)->task = current; 69 rc = 0; 70 goto out; 71 } 72 } 73 rc = -ENOMEM; 74 out: 75 return rc; 76 } 77 78 /** 79 * ecryptfs_msg_ctx_free_to_alloc 80 * @msg_ctx: The context to move from the free list to the alloc list 81 * 82 * Must be called with ecryptfs_msg_ctx_lists_mux held. 83 */ 84 static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx) 85 { 86 list_move(&msg_ctx->node, &ecryptfs_msg_ctx_alloc_list); 87 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_PENDING; 88 msg_ctx->counter = ++ecryptfs_msg_counter; 89 } 90 91 /** 92 * ecryptfs_msg_ctx_alloc_to_free 93 * @msg_ctx: The context to move from the alloc list to the free list 94 * 95 * Must be called with ecryptfs_msg_ctx_lists_mux held. 96 */ 97 void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx) 98 { 99 list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list); 100 if (msg_ctx->msg) 101 kfree(msg_ctx->msg); 102 msg_ctx->msg = NULL; 103 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE; 104 } 105 106 /** 107 * ecryptfs_find_daemon_by_euid 108 * @daemon: If return value is zero, points to the desired daemon pointer 109 * 110 * Must be called with ecryptfs_daemon_hash_mux held. 111 * 112 * Search the hash list for the current effective user id. 113 * 114 * Returns zero if the user id exists in the list; non-zero otherwise. 115 */ 116 int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon) 117 { 118 int rc; 119 120 hlist_for_each_entry(*daemon, 121 &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()], 122 euid_chain) { 123 if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) { 124 rc = 0; 125 goto out; 126 } 127 } 128 rc = -EINVAL; 129 out: 130 return rc; 131 } 132 133 /** 134 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct 135 * @daemon: Pointer to set to newly allocated daemon struct 136 * @file: File used when opening /dev/ecryptfs 137 * 138 * Must be called ceremoniously while in possession of 139 * ecryptfs_sacred_daemon_hash_mux 140 * 141 * Returns zero on success; non-zero otherwise 142 */ 143 int 144 ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, struct file *file) 145 { 146 int rc = 0; 147 148 (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL); 149 if (!(*daemon)) { 150 rc = -ENOMEM; 151 printk(KERN_ERR "%s: Failed to allocate [%zd] bytes of " 152 "GFP_KERNEL memory\n", __func__, sizeof(**daemon)); 153 goto out; 154 } 155 (*daemon)->file = file; 156 mutex_init(&(*daemon)->mux); 157 INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue); 158 init_waitqueue_head(&(*daemon)->wait); 159 (*daemon)->num_queued_msg_ctx = 0; 160 hlist_add_head(&(*daemon)->euid_chain, 161 &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()]); 162 out: 163 return rc; 164 } 165 166 /** 167 * ecryptfs_exorcise_daemon - Destroy the daemon struct 168 * 169 * Must be called ceremoniously while in possession of 170 * ecryptfs_daemon_hash_mux and the daemon's own mux. 171 */ 172 int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon) 173 { 174 struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp; 175 int rc = 0; 176 177 mutex_lock(&daemon->mux); 178 if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ) 179 || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) { 180 rc = -EBUSY; 181 mutex_unlock(&daemon->mux); 182 goto out; 183 } 184 list_for_each_entry_safe(msg_ctx, msg_ctx_tmp, 185 &daemon->msg_ctx_out_queue, daemon_out_list) { 186 list_del(&msg_ctx->daemon_out_list); 187 daemon->num_queued_msg_ctx--; 188 printk(KERN_WARNING "%s: Warning: dropping message that is in " 189 "the out queue of a dying daemon\n", __func__); 190 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 191 } 192 hlist_del(&daemon->euid_chain); 193 mutex_unlock(&daemon->mux); 194 kzfree(daemon); 195 out: 196 return rc; 197 } 198 199 /** 200 * ecryptfs_process_reponse 201 * @msg: The ecryptfs message received; the caller should sanity check 202 * msg->data_len and free the memory 203 * @seq: The sequence number of the message; must match the sequence 204 * number for the existing message context waiting for this 205 * response 206 * 207 * Processes a response message after sending an operation request to 208 * userspace. Some other process is awaiting this response. Before 209 * sending out its first communications, the other process allocated a 210 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The 211 * response message contains this index so that we can copy over the 212 * response message into the msg_ctx that the process holds a 213 * reference to. The other process is going to wake up, check to see 214 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then 215 * proceed to read off and process the response message. Returns zero 216 * upon delivery to desired context element; non-zero upon delivery 217 * failure or error. 218 * 219 * Returns zero on success; non-zero otherwise 220 */ 221 int ecryptfs_process_response(struct ecryptfs_daemon *daemon, 222 struct ecryptfs_message *msg, u32 seq) 223 { 224 struct ecryptfs_msg_ctx *msg_ctx; 225 size_t msg_size; 226 int rc; 227 228 if (msg->index >= ecryptfs_message_buf_len) { 229 rc = -EINVAL; 230 printk(KERN_ERR "%s: Attempt to reference " 231 "context buffer at index [%d]; maximum " 232 "allowable is [%d]\n", __func__, msg->index, 233 (ecryptfs_message_buf_len - 1)); 234 goto out; 235 } 236 msg_ctx = &ecryptfs_msg_ctx_arr[msg->index]; 237 mutex_lock(&msg_ctx->mux); 238 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { 239 rc = -EINVAL; 240 printk(KERN_WARNING "%s: Desired context element is not " 241 "pending a response\n", __func__); 242 goto unlock; 243 } else if (msg_ctx->counter != seq) { 244 rc = -EINVAL; 245 printk(KERN_WARNING "%s: Invalid message sequence; " 246 "expected [%d]; received [%d]\n", __func__, 247 msg_ctx->counter, seq); 248 goto unlock; 249 } 250 msg_size = (sizeof(*msg) + msg->data_len); 251 msg_ctx->msg = kmalloc(msg_size, GFP_KERNEL); 252 if (!msg_ctx->msg) { 253 rc = -ENOMEM; 254 printk(KERN_ERR "%s: Failed to allocate [%zd] bytes of " 255 "GFP_KERNEL memory\n", __func__, msg_size); 256 goto unlock; 257 } 258 memcpy(msg_ctx->msg, msg, msg_size); 259 msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_DONE; 260 wake_up_process(msg_ctx->task); 261 rc = 0; 262 unlock: 263 mutex_unlock(&msg_ctx->mux); 264 out: 265 return rc; 266 } 267 268 /** 269 * ecryptfs_send_message_locked 270 * @data: The data to send 271 * @data_len: The length of data 272 * @msg_ctx: The message context allocated for the send 273 * 274 * Must be called with ecryptfs_daemon_hash_mux held. 275 * 276 * Returns zero on success; non-zero otherwise 277 */ 278 static int 279 ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type, 280 struct ecryptfs_msg_ctx **msg_ctx) 281 { 282 struct ecryptfs_daemon *daemon; 283 int rc; 284 285 rc = ecryptfs_find_daemon_by_euid(&daemon); 286 if (rc || !daemon) { 287 rc = -ENOTCONN; 288 goto out; 289 } 290 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 291 rc = ecryptfs_acquire_free_msg_ctx(msg_ctx); 292 if (rc) { 293 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 294 printk(KERN_WARNING "%s: Could not claim a free " 295 "context element\n", __func__); 296 goto out; 297 } 298 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx); 299 mutex_unlock(&(*msg_ctx)->mux); 300 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 301 rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 0, 302 daemon); 303 if (rc) 304 printk(KERN_ERR "%s: Error attempting to send message to " 305 "userspace daemon; rc = [%d]\n", __func__, rc); 306 out: 307 return rc; 308 } 309 310 /** 311 * ecryptfs_send_message 312 * @data: The data to send 313 * @data_len: The length of data 314 * @msg_ctx: The message context allocated for the send 315 * 316 * Grabs ecryptfs_daemon_hash_mux. 317 * 318 * Returns zero on success; non-zero otherwise 319 */ 320 int ecryptfs_send_message(char *data, int data_len, 321 struct ecryptfs_msg_ctx **msg_ctx) 322 { 323 int rc; 324 325 mutex_lock(&ecryptfs_daemon_hash_mux); 326 rc = ecryptfs_send_message_locked(data, data_len, ECRYPTFS_MSG_REQUEST, 327 msg_ctx); 328 mutex_unlock(&ecryptfs_daemon_hash_mux); 329 return rc; 330 } 331 332 /** 333 * ecryptfs_wait_for_response 334 * @msg_ctx: The context that was assigned when sending a message 335 * @msg: The incoming message from userspace; not set if rc != 0 336 * 337 * Sleeps until awaken by ecryptfs_receive_message or until the amount 338 * of time exceeds ecryptfs_message_wait_timeout. If zero is 339 * returned, msg will point to a valid message from userspace; a 340 * non-zero value is returned upon failure to receive a message or an 341 * error occurs. Callee must free @msg on success. 342 */ 343 int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx, 344 struct ecryptfs_message **msg) 345 { 346 signed long timeout = ecryptfs_message_wait_timeout * HZ; 347 int rc = 0; 348 349 sleep: 350 timeout = schedule_timeout_interruptible(timeout); 351 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 352 mutex_lock(&msg_ctx->mux); 353 if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_DONE) { 354 if (timeout) { 355 mutex_unlock(&msg_ctx->mux); 356 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 357 goto sleep; 358 } 359 rc = -ENOMSG; 360 } else { 361 *msg = msg_ctx->msg; 362 msg_ctx->msg = NULL; 363 } 364 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 365 mutex_unlock(&msg_ctx->mux); 366 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 367 return rc; 368 } 369 370 int __init ecryptfs_init_messaging(void) 371 { 372 int i; 373 int rc = 0; 374 375 if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) { 376 ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS; 377 printk(KERN_WARNING "%s: Specified number of users is " 378 "too large, defaulting to [%d] users\n", __func__, 379 ecryptfs_number_of_users); 380 } 381 mutex_init(&ecryptfs_daemon_hash_mux); 382 mutex_lock(&ecryptfs_daemon_hash_mux); 383 ecryptfs_hash_bits = 1; 384 while (ecryptfs_number_of_users >> ecryptfs_hash_bits) 385 ecryptfs_hash_bits++; 386 ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head) 387 * (1 << ecryptfs_hash_bits)), 388 GFP_KERNEL); 389 if (!ecryptfs_daemon_hash) { 390 rc = -ENOMEM; 391 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__); 392 mutex_unlock(&ecryptfs_daemon_hash_mux); 393 goto out; 394 } 395 for (i = 0; i < (1 << ecryptfs_hash_bits); i++) 396 INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]); 397 mutex_unlock(&ecryptfs_daemon_hash_mux); 398 ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx) 399 * ecryptfs_message_buf_len), 400 GFP_KERNEL); 401 if (!ecryptfs_msg_ctx_arr) { 402 rc = -ENOMEM; 403 printk(KERN_ERR "%s: Failed to allocate memory\n", __func__); 404 goto out; 405 } 406 mutex_init(&ecryptfs_msg_ctx_lists_mux); 407 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 408 ecryptfs_msg_counter = 0; 409 for (i = 0; i < ecryptfs_message_buf_len; i++) { 410 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node); 411 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list); 412 mutex_init(&ecryptfs_msg_ctx_arr[i].mux); 413 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 414 ecryptfs_msg_ctx_arr[i].index = i; 415 ecryptfs_msg_ctx_arr[i].state = ECRYPTFS_MSG_CTX_STATE_FREE; 416 ecryptfs_msg_ctx_arr[i].counter = 0; 417 ecryptfs_msg_ctx_arr[i].task = NULL; 418 ecryptfs_msg_ctx_arr[i].msg = NULL; 419 list_add_tail(&ecryptfs_msg_ctx_arr[i].node, 420 &ecryptfs_msg_ctx_free_list); 421 mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux); 422 } 423 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 424 rc = ecryptfs_init_ecryptfs_miscdev(); 425 if (rc) 426 ecryptfs_release_messaging(); 427 out: 428 return rc; 429 } 430 431 void ecryptfs_release_messaging(void) 432 { 433 if (ecryptfs_msg_ctx_arr) { 434 int i; 435 436 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 437 for (i = 0; i < ecryptfs_message_buf_len; i++) { 438 mutex_lock(&ecryptfs_msg_ctx_arr[i].mux); 439 if (ecryptfs_msg_ctx_arr[i].msg) 440 kfree(ecryptfs_msg_ctx_arr[i].msg); 441 mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux); 442 } 443 kfree(ecryptfs_msg_ctx_arr); 444 mutex_unlock(&ecryptfs_msg_ctx_lists_mux); 445 } 446 if (ecryptfs_daemon_hash) { 447 struct ecryptfs_daemon *daemon; 448 int i; 449 450 mutex_lock(&ecryptfs_daemon_hash_mux); 451 for (i = 0; i < (1 << ecryptfs_hash_bits); i++) { 452 int rc; 453 454 hlist_for_each_entry(daemon, 455 &ecryptfs_daemon_hash[i], 456 euid_chain) { 457 rc = ecryptfs_exorcise_daemon(daemon); 458 if (rc) 459 printk(KERN_ERR "%s: Error whilst " 460 "attempting to destroy daemon; " 461 "rc = [%d]. Dazed and confused, " 462 "but trying to continue.\n", 463 __func__, rc); 464 } 465 } 466 kfree(ecryptfs_daemon_hash); 467 mutex_unlock(&ecryptfs_daemon_hash_mux); 468 } 469 ecryptfs_destroy_ecryptfs_miscdev(); 470 return; 471 } 472