1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License version 9 * 2 as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22 #include <linux/fs.h> 23 #include <linux/hash.h> 24 #include <linux/random.h> 25 #include <linux/miscdevice.h> 26 #include <linux/poll.h> 27 #include <linux/slab.h> 28 #include <linux/wait.h> 29 #include <linux/module.h> 30 #include "ecryptfs_kernel.h" 31 32 static atomic_t ecryptfs_num_miscdev_opens; 33 34 /** 35 * ecryptfs_miscdev_poll 36 * @file: dev file 37 * @pt: dev poll table (ignored) 38 * 39 * Returns the poll mask 40 */ 41 static unsigned int 42 ecryptfs_miscdev_poll(struct file *file, poll_table *pt) 43 { 44 struct ecryptfs_daemon *daemon = file->private_data; 45 unsigned int mask = 0; 46 47 mutex_lock(&daemon->mux); 48 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 49 printk(KERN_WARNING "%s: Attempt to poll on zombified " 50 "daemon\n", __func__); 51 goto out_unlock_daemon; 52 } 53 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) 54 goto out_unlock_daemon; 55 if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL) 56 goto out_unlock_daemon; 57 daemon->flags |= ECRYPTFS_DAEMON_IN_POLL; 58 mutex_unlock(&daemon->mux); 59 poll_wait(file, &daemon->wait, pt); 60 mutex_lock(&daemon->mux); 61 if (!list_empty(&daemon->msg_ctx_out_queue)) 62 mask |= POLLIN | POLLRDNORM; 63 out_unlock_daemon: 64 daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL; 65 mutex_unlock(&daemon->mux); 66 return mask; 67 } 68 69 /** 70 * ecryptfs_miscdev_open 71 * @inode: inode of miscdev handle (ignored) 72 * @file: file for miscdev handle 73 * 74 * Returns zero on success; non-zero otherwise 75 */ 76 static int 77 ecryptfs_miscdev_open(struct inode *inode, struct file *file) 78 { 79 struct ecryptfs_daemon *daemon = NULL; 80 int rc; 81 82 mutex_lock(&ecryptfs_daemon_hash_mux); 83 rc = ecryptfs_find_daemon_by_euid(&daemon); 84 if (!rc) { 85 rc = -EINVAL; 86 goto out_unlock_daemon_list; 87 } 88 rc = ecryptfs_spawn_daemon(&daemon, file); 89 if (rc) { 90 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 91 "rc = [%d]\n", __func__, rc); 92 goto out_unlock_daemon_list; 93 } 94 mutex_lock(&daemon->mux); 95 if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) { 96 rc = -EBUSY; 97 goto out_unlock_daemon; 98 } 99 daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; 100 file->private_data = daemon; 101 atomic_inc(&ecryptfs_num_miscdev_opens); 102 out_unlock_daemon: 103 mutex_unlock(&daemon->mux); 104 out_unlock_daemon_list: 105 mutex_unlock(&ecryptfs_daemon_hash_mux); 106 return rc; 107 } 108 109 /** 110 * ecryptfs_miscdev_release 111 * @inode: inode of fs/ecryptfs/euid handle (ignored) 112 * @file: file for fs/ecryptfs/euid handle 113 * 114 * This keeps the daemon registered until the daemon sends another 115 * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters. 116 * 117 * Returns zero on success; non-zero otherwise 118 */ 119 static int 120 ecryptfs_miscdev_release(struct inode *inode, struct file *file) 121 { 122 struct ecryptfs_daemon *daemon = file->private_data; 123 int rc; 124 125 mutex_lock(&daemon->mux); 126 BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); 127 daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; 128 atomic_dec(&ecryptfs_num_miscdev_opens); 129 mutex_unlock(&daemon->mux); 130 131 mutex_lock(&ecryptfs_daemon_hash_mux); 132 rc = ecryptfs_exorcise_daemon(daemon); 133 mutex_unlock(&ecryptfs_daemon_hash_mux); 134 if (rc) { 135 printk(KERN_CRIT "%s: Fatal error whilst attempting to " 136 "shut down daemon; rc = [%d]. Please report this " 137 "bug.\n", __func__, rc); 138 BUG(); 139 } 140 return rc; 141 } 142 143 /** 144 * ecryptfs_send_miscdev 145 * @data: Data to send to daemon; may be NULL 146 * @data_size: Amount of data to send to daemon 147 * @msg_ctx: Message context, which is used to handle the reply. If 148 * this is NULL, then we do not expect a reply. 149 * @msg_type: Type of message 150 * @msg_flags: Flags for message 151 * @daemon: eCryptfs daemon object 152 * 153 * Add msg_ctx to queue and then, if it exists, notify the blocked 154 * miscdevess about the data being available. Must be called with 155 * ecryptfs_daemon_hash_mux held. 156 * 157 * Returns zero on success; non-zero otherwise 158 */ 159 int ecryptfs_send_miscdev(char *data, size_t data_size, 160 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, 161 u16 msg_flags, struct ecryptfs_daemon *daemon) 162 { 163 struct ecryptfs_message *msg; 164 165 msg = kmalloc((sizeof(*msg) + data_size), GFP_KERNEL); 166 if (!msg) 167 return -ENOMEM; 168 169 mutex_lock(&msg_ctx->mux); 170 msg_ctx->msg = msg; 171 msg_ctx->msg->index = msg_ctx->index; 172 msg_ctx->msg->data_len = data_size; 173 msg_ctx->type = msg_type; 174 memcpy(msg_ctx->msg->data, data, data_size); 175 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); 176 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 177 mutex_unlock(&msg_ctx->mux); 178 179 mutex_lock(&daemon->mux); 180 daemon->num_queued_msg_ctx++; 181 wake_up_interruptible(&daemon->wait); 182 mutex_unlock(&daemon->mux); 183 184 return 0; 185 } 186 187 /* 188 * miscdevfs packet format: 189 * Octet 0: Type 190 * Octets 1-4: network byte order msg_ctx->counter 191 * Octets 5-N0: Size of struct ecryptfs_message to follow 192 * Octets N0-N1: struct ecryptfs_message (including data) 193 * 194 * Octets 5-N1 not written if the packet type does not include a message 195 */ 196 #define PKT_TYPE_SIZE 1 197 #define PKT_CTR_SIZE 4 198 #define MIN_NON_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE) 199 #define MIN_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \ 200 + ECRYPTFS_MIN_PKT_LEN_SIZE) 201 /* 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES comes from tag 65 packet format */ 202 #define MAX_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \ 203 + ECRYPTFS_MAX_PKT_LEN_SIZE \ 204 + sizeof(struct ecryptfs_message) \ 205 + 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) 206 #define PKT_TYPE_OFFSET 0 207 #define PKT_CTR_OFFSET PKT_TYPE_SIZE 208 #define PKT_LEN_OFFSET (PKT_TYPE_SIZE + PKT_CTR_SIZE) 209 210 /** 211 * ecryptfs_miscdev_read - format and send message from queue 212 * @file: miscdevfs handle 213 * @buf: User buffer into which to copy the next message on the daemon queue 214 * @count: Amount of space available in @buf 215 * @ppos: Offset in file (ignored) 216 * 217 * Pulls the most recent message from the daemon queue, formats it for 218 * being sent via a miscdevfs handle, and copies it into @buf 219 * 220 * Returns the number of bytes copied into the user buffer 221 */ 222 static ssize_t 223 ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 224 loff_t *ppos) 225 { 226 struct ecryptfs_daemon *daemon = file->private_data; 227 struct ecryptfs_msg_ctx *msg_ctx; 228 size_t packet_length_size; 229 char packet_length[ECRYPTFS_MAX_PKT_LEN_SIZE]; 230 size_t i; 231 size_t total_length; 232 int rc; 233 234 mutex_lock(&daemon->mux); 235 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 236 rc = 0; 237 printk(KERN_WARNING "%s: Attempt to read from zombified " 238 "daemon\n", __func__); 239 goto out_unlock_daemon; 240 } 241 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) { 242 rc = 0; 243 goto out_unlock_daemon; 244 } 245 /* This daemon will not go away so long as this flag is set */ 246 daemon->flags |= ECRYPTFS_DAEMON_IN_READ; 247 check_list: 248 if (list_empty(&daemon->msg_ctx_out_queue)) { 249 mutex_unlock(&daemon->mux); 250 rc = wait_event_interruptible( 251 daemon->wait, !list_empty(&daemon->msg_ctx_out_queue)); 252 mutex_lock(&daemon->mux); 253 if (rc < 0) { 254 rc = 0; 255 goto out_unlock_daemon; 256 } 257 } 258 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 259 rc = 0; 260 goto out_unlock_daemon; 261 } 262 if (list_empty(&daemon->msg_ctx_out_queue)) { 263 /* Something else jumped in since the 264 * wait_event_interruptable() and removed the 265 * message from the queue; try again */ 266 goto check_list; 267 } 268 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 269 struct ecryptfs_msg_ctx, daemon_out_list); 270 BUG_ON(!msg_ctx); 271 mutex_lock(&msg_ctx->mux); 272 if (msg_ctx->msg) { 273 rc = ecryptfs_write_packet_length(packet_length, 274 msg_ctx->msg_size, 275 &packet_length_size); 276 if (rc) { 277 rc = 0; 278 printk(KERN_WARNING "%s: Error writing packet length; " 279 "rc = [%d]\n", __func__, rc); 280 goto out_unlock_msg_ctx; 281 } 282 } else { 283 packet_length_size = 0; 284 msg_ctx->msg_size = 0; 285 } 286 total_length = (PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_length_size 287 + msg_ctx->msg_size); 288 if (count < total_length) { 289 rc = 0; 290 printk(KERN_WARNING "%s: Only given user buffer of " 291 "size [%zd], but we need [%zd] to read the " 292 "pending message\n", __func__, count, total_length); 293 goto out_unlock_msg_ctx; 294 } 295 rc = -EFAULT; 296 if (put_user(msg_ctx->type, buf)) 297 goto out_unlock_msg_ctx; 298 if (put_user(cpu_to_be32(msg_ctx->counter), 299 (__be32 __user *)(&buf[PKT_CTR_OFFSET]))) 300 goto out_unlock_msg_ctx; 301 i = PKT_TYPE_SIZE + PKT_CTR_SIZE; 302 if (msg_ctx->msg) { 303 if (copy_to_user(&buf[i], packet_length, packet_length_size)) 304 goto out_unlock_msg_ctx; 305 i += packet_length_size; 306 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) 307 goto out_unlock_msg_ctx; 308 i += msg_ctx->msg_size; 309 } 310 rc = i; 311 list_del(&msg_ctx->daemon_out_list); 312 kfree(msg_ctx->msg); 313 msg_ctx->msg = NULL; 314 /* We do not expect a reply from the userspace daemon for any 315 * message type other than ECRYPTFS_MSG_REQUEST */ 316 if (msg_ctx->type != ECRYPTFS_MSG_REQUEST) 317 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 318 out_unlock_msg_ctx: 319 mutex_unlock(&msg_ctx->mux); 320 out_unlock_daemon: 321 daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ; 322 mutex_unlock(&daemon->mux); 323 return rc; 324 } 325 326 /** 327 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 328 * @data: Bytes comprising struct ecryptfs_message 329 * @data_size: sizeof(struct ecryptfs_message) + data len 330 * @seq: Sequence number for miscdev response packet 331 * 332 * Returns zero on success; non-zero otherwise 333 */ 334 static int ecryptfs_miscdev_response(struct ecryptfs_daemon *daemon, char *data, 335 size_t data_size, u32 seq) 336 { 337 struct ecryptfs_message *msg = (struct ecryptfs_message *)data; 338 int rc; 339 340 if ((sizeof(*msg) + msg->data_len) != data_size) { 341 printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = " 342 "[%zd]; data_size = [%zd]. Invalid packet.\n", __func__, 343 (sizeof(*msg) + msg->data_len), data_size); 344 rc = -EINVAL; 345 goto out; 346 } 347 rc = ecryptfs_process_response(daemon, msg, seq); 348 if (rc) 349 printk(KERN_ERR 350 "Error processing response message; rc = [%d]\n", rc); 351 out: 352 return rc; 353 } 354 355 /** 356 * ecryptfs_miscdev_write - handle write to daemon miscdev handle 357 * @file: File for misc dev handle 358 * @buf: Buffer containing user data 359 * @count: Amount of data in @buf 360 * @ppos: Pointer to offset in file (ignored) 361 * 362 * Returns the number of bytes read from @buf 363 */ 364 static ssize_t 365 ecryptfs_miscdev_write(struct file *file, const char __user *buf, 366 size_t count, loff_t *ppos) 367 { 368 __be32 counter_nbo; 369 u32 seq; 370 size_t packet_size, packet_size_length; 371 char *data; 372 unsigned char packet_size_peek[ECRYPTFS_MAX_PKT_LEN_SIZE]; 373 ssize_t rc; 374 375 if (count == 0) { 376 return 0; 377 } else if (count == MIN_NON_MSG_PKT_SIZE) { 378 /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ 379 goto memdup; 380 } else if (count < MIN_MSG_PKT_SIZE || count > MAX_MSG_PKT_SIZE) { 381 printk(KERN_WARNING "%s: Acceptable packet size range is " 382 "[%d-%zu], but amount of data written is [%zu].\n", 383 __func__, MIN_MSG_PKT_SIZE, MAX_MSG_PKT_SIZE, count); 384 return -EINVAL; 385 } 386 387 if (copy_from_user(packet_size_peek, &buf[PKT_LEN_OFFSET], 388 sizeof(packet_size_peek))) { 389 printk(KERN_WARNING "%s: Error while inspecting packet size\n", 390 __func__); 391 return -EFAULT; 392 } 393 394 rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, 395 &packet_size_length); 396 if (rc) { 397 printk(KERN_WARNING "%s: Error parsing packet length; " 398 "rc = [%zd]\n", __func__, rc); 399 return rc; 400 } 401 402 if ((PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_size_length + packet_size) 403 != count) { 404 printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, 405 packet_size); 406 return -EINVAL; 407 } 408 409 memdup: 410 data = memdup_user(buf, count); 411 if (IS_ERR(data)) { 412 printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", 413 __func__, PTR_ERR(data)); 414 return PTR_ERR(data); 415 } 416 switch (data[PKT_TYPE_OFFSET]) { 417 case ECRYPTFS_MSG_RESPONSE: 418 if (count < (MIN_MSG_PKT_SIZE 419 + sizeof(struct ecryptfs_message))) { 420 printk(KERN_WARNING "%s: Minimum acceptable packet " 421 "size is [%zd], but amount of data written is " 422 "only [%zd]. Discarding response packet.\n", 423 __func__, 424 (MIN_MSG_PKT_SIZE 425 + sizeof(struct ecryptfs_message)), count); 426 rc = -EINVAL; 427 goto out_free; 428 } 429 memcpy(&counter_nbo, &data[PKT_CTR_OFFSET], PKT_CTR_SIZE); 430 seq = be32_to_cpu(counter_nbo); 431 rc = ecryptfs_miscdev_response(file->private_data, 432 &data[PKT_LEN_OFFSET + packet_size_length], 433 packet_size, seq); 434 if (rc) { 435 printk(KERN_WARNING "%s: Failed to deliver miscdev " 436 "response to requesting operation; rc = [%zd]\n", 437 __func__, rc); 438 goto out_free; 439 } 440 break; 441 case ECRYPTFS_MSG_HELO: 442 case ECRYPTFS_MSG_QUIT: 443 break; 444 default: 445 ecryptfs_printk(KERN_WARNING, "Dropping miscdev " 446 "message of unrecognized type [%d]\n", 447 data[0]); 448 rc = -EINVAL; 449 goto out_free; 450 } 451 rc = count; 452 out_free: 453 kfree(data); 454 return rc; 455 } 456 457 458 static const struct file_operations ecryptfs_miscdev_fops = { 459 .owner = THIS_MODULE, 460 .open = ecryptfs_miscdev_open, 461 .poll = ecryptfs_miscdev_poll, 462 .read = ecryptfs_miscdev_read, 463 .write = ecryptfs_miscdev_write, 464 .release = ecryptfs_miscdev_release, 465 .llseek = noop_llseek, 466 }; 467 468 static struct miscdevice ecryptfs_miscdev = { 469 .minor = MISC_DYNAMIC_MINOR, 470 .name = "ecryptfs", 471 .fops = &ecryptfs_miscdev_fops 472 }; 473 474 /** 475 * ecryptfs_init_ecryptfs_miscdev 476 * 477 * Messages sent to the userspace daemon from the kernel are placed on 478 * a queue associated with the daemon. The next read against the 479 * miscdev handle by that daemon will return the oldest message placed 480 * on the message queue for the daemon. 481 * 482 * Returns zero on success; non-zero otherwise 483 */ 484 int __init ecryptfs_init_ecryptfs_miscdev(void) 485 { 486 int rc; 487 488 atomic_set(&ecryptfs_num_miscdev_opens, 0); 489 rc = misc_register(&ecryptfs_miscdev); 490 if (rc) 491 printk(KERN_ERR "%s: Failed to register miscellaneous device " 492 "for communications with userspace daemons; rc = [%d]\n", 493 __func__, rc); 494 return rc; 495 } 496 497 /** 498 * ecryptfs_destroy_ecryptfs_miscdev 499 * 500 * All of the daemons must be exorcised prior to calling this 501 * function. 502 */ 503 void ecryptfs_destroy_ecryptfs_miscdev(void) 504 { 505 BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0); 506 misc_deregister(&ecryptfs_miscdev); 507 } 508