1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License version 9 * 2 as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22 #include <linux/fs.h> 23 #include <linux/hash.h> 24 #include <linux/random.h> 25 #include <linux/miscdevice.h> 26 #include <linux/poll.h> 27 #include <linux/wait.h> 28 #include <linux/module.h> 29 #include "ecryptfs_kernel.h" 30 31 static atomic_t ecryptfs_num_miscdev_opens; 32 33 /** 34 * ecryptfs_miscdev_poll 35 * @file: dev file (ignored) 36 * @pt: dev poll table (ignored) 37 * 38 * Returns the poll mask 39 */ 40 static unsigned int 41 ecryptfs_miscdev_poll(struct file *file, poll_table *pt) 42 { 43 struct ecryptfs_daemon *daemon; 44 unsigned int mask = 0; 45 int rc; 46 47 mutex_lock(&ecryptfs_daemon_hash_mux); 48 /* TODO: Just use file->private_data? */ 49 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 50 current->nsproxy->user_ns); 51 BUG_ON(rc || !daemon); 52 mutex_lock(&daemon->mux); 53 mutex_unlock(&ecryptfs_daemon_hash_mux); 54 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 55 printk(KERN_WARNING "%s: Attempt to poll on zombified " 56 "daemon\n", __func__); 57 goto out_unlock_daemon; 58 } 59 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) 60 goto out_unlock_daemon; 61 if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL) 62 goto out_unlock_daemon; 63 daemon->flags |= ECRYPTFS_DAEMON_IN_POLL; 64 mutex_unlock(&daemon->mux); 65 poll_wait(file, &daemon->wait, pt); 66 mutex_lock(&daemon->mux); 67 if (!list_empty(&daemon->msg_ctx_out_queue)) 68 mask |= POLLIN | POLLRDNORM; 69 out_unlock_daemon: 70 daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL; 71 mutex_unlock(&daemon->mux); 72 return mask; 73 } 74 75 /** 76 * ecryptfs_miscdev_open 77 * @inode: inode of miscdev handle (ignored) 78 * @file: file for miscdev handle (ignored) 79 * 80 * Returns zero on success; non-zero otherwise 81 */ 82 static int 83 ecryptfs_miscdev_open(struct inode *inode, struct file *file) 84 { 85 struct ecryptfs_daemon *daemon = NULL; 86 int rc; 87 88 mutex_lock(&ecryptfs_daemon_hash_mux); 89 rc = try_module_get(THIS_MODULE); 90 if (rc == 0) { 91 rc = -EIO; 92 printk(KERN_ERR "%s: Error attempting to increment module use " 93 "count; rc = [%d]\n", __func__, rc); 94 goto out_unlock_daemon_list; 95 } 96 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 97 current->nsproxy->user_ns); 98 if (rc || !daemon) { 99 rc = ecryptfs_spawn_daemon(&daemon, current->euid, 100 current->nsproxy->user_ns, 101 task_pid(current)); 102 if (rc) { 103 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 104 "rc = [%d]\n", __func__, rc); 105 goto out_module_put_unlock_daemon_list; 106 } 107 } 108 mutex_lock(&daemon->mux); 109 if (daemon->pid != task_pid(current)) { 110 rc = -EINVAL; 111 printk(KERN_ERR "%s: pid [0x%p] has registered with euid [%d], " 112 "but pid [0x%p] has attempted to open the handle " 113 "instead\n", __func__, daemon->pid, daemon->euid, 114 task_pid(current)); 115 goto out_unlock_daemon; 116 } 117 if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) { 118 rc = -EBUSY; 119 printk(KERN_ERR "%s: Miscellaneous device handle may only be " 120 "opened once per daemon; pid [0x%p] already has this " 121 "handle open\n", __func__, daemon->pid); 122 goto out_unlock_daemon; 123 } 124 daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; 125 atomic_inc(&ecryptfs_num_miscdev_opens); 126 out_unlock_daemon: 127 mutex_unlock(&daemon->mux); 128 out_module_put_unlock_daemon_list: 129 if (rc) 130 module_put(THIS_MODULE); 131 out_unlock_daemon_list: 132 mutex_unlock(&ecryptfs_daemon_hash_mux); 133 return rc; 134 } 135 136 /** 137 * ecryptfs_miscdev_release 138 * @inode: inode of fs/ecryptfs/euid handle (ignored) 139 * @file: file for fs/ecryptfs/euid handle (ignored) 140 * 141 * This keeps the daemon registered until the daemon sends another 142 * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters. 143 * 144 * Returns zero on success; non-zero otherwise 145 */ 146 static int 147 ecryptfs_miscdev_release(struct inode *inode, struct file *file) 148 { 149 struct ecryptfs_daemon *daemon = NULL; 150 int rc; 151 152 mutex_lock(&ecryptfs_daemon_hash_mux); 153 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 154 current->nsproxy->user_ns); 155 BUG_ON(rc || !daemon); 156 mutex_lock(&daemon->mux); 157 BUG_ON(daemon->pid != task_pid(current)); 158 BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); 159 daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; 160 atomic_dec(&ecryptfs_num_miscdev_opens); 161 mutex_unlock(&daemon->mux); 162 rc = ecryptfs_exorcise_daemon(daemon); 163 if (rc) { 164 printk(KERN_CRIT "%s: Fatal error whilst attempting to " 165 "shut down daemon; rc = [%d]. Please report this " 166 "bug.\n", __func__, rc); 167 BUG(); 168 } 169 module_put(THIS_MODULE); 170 mutex_unlock(&ecryptfs_daemon_hash_mux); 171 return rc; 172 } 173 174 /** 175 * ecryptfs_send_miscdev 176 * @data: Data to send to daemon; may be NULL 177 * @data_size: Amount of data to send to daemon 178 * @msg_ctx: Message context, which is used to handle the reply. If 179 * this is NULL, then we do not expect a reply. 180 * @msg_type: Type of message 181 * @msg_flags: Flags for message 182 * @daemon: eCryptfs daemon object 183 * 184 * Add msg_ctx to queue and then, if it exists, notify the blocked 185 * miscdevess about the data being available. Must be called with 186 * ecryptfs_daemon_hash_mux held. 187 * 188 * Returns zero on success; non-zero otherwise 189 */ 190 int ecryptfs_send_miscdev(char *data, size_t data_size, 191 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, 192 u16 msg_flags, struct ecryptfs_daemon *daemon) 193 { 194 int rc = 0; 195 196 mutex_lock(&msg_ctx->mux); 197 if (data) { 198 msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), 199 GFP_KERNEL); 200 if (!msg_ctx->msg) { 201 rc = -ENOMEM; 202 printk(KERN_ERR "%s: Out of memory whilst attempting " 203 "to kmalloc(%Zd, GFP_KERNEL)\n", __func__, 204 (sizeof(*msg_ctx->msg) + data_size)); 205 goto out_unlock; 206 } 207 } else 208 msg_ctx->msg = NULL; 209 msg_ctx->msg->index = msg_ctx->index; 210 msg_ctx->msg->data_len = data_size; 211 msg_ctx->type = msg_type; 212 if (data) { 213 memcpy(msg_ctx->msg->data, data, data_size); 214 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); 215 } else 216 msg_ctx->msg_size = 0; 217 mutex_lock(&daemon->mux); 218 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 219 daemon->num_queued_msg_ctx++; 220 wake_up_interruptible(&daemon->wait); 221 mutex_unlock(&daemon->mux); 222 out_unlock: 223 mutex_unlock(&msg_ctx->mux); 224 return rc; 225 } 226 227 /** 228 * ecryptfs_miscdev_read - format and send message from queue 229 * @file: fs/ecryptfs/euid miscdevfs handle (ignored) 230 * @buf: User buffer into which to copy the next message on the daemon queue 231 * @count: Amount of space available in @buf 232 * @ppos: Offset in file (ignored) 233 * 234 * Pulls the most recent message from the daemon queue, formats it for 235 * being sent via a miscdevfs handle, and copies it into @buf 236 * 237 * Returns the number of bytes copied into the user buffer 238 */ 239 static ssize_t 240 ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 241 loff_t *ppos) 242 { 243 struct ecryptfs_daemon *daemon; 244 struct ecryptfs_msg_ctx *msg_ctx; 245 size_t packet_length_size; 246 char packet_length[3]; 247 size_t i; 248 size_t total_length; 249 int rc; 250 251 mutex_lock(&ecryptfs_daemon_hash_mux); 252 /* TODO: Just use file->private_data? */ 253 rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, 254 current->nsproxy->user_ns); 255 BUG_ON(rc || !daemon); 256 mutex_lock(&daemon->mux); 257 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 258 rc = 0; 259 mutex_unlock(&ecryptfs_daemon_hash_mux); 260 printk(KERN_WARNING "%s: Attempt to read from zombified " 261 "daemon\n", __func__); 262 goto out_unlock_daemon; 263 } 264 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) { 265 rc = 0; 266 mutex_unlock(&ecryptfs_daemon_hash_mux); 267 goto out_unlock_daemon; 268 } 269 /* This daemon will not go away so long as this flag is set */ 270 daemon->flags |= ECRYPTFS_DAEMON_IN_READ; 271 mutex_unlock(&ecryptfs_daemon_hash_mux); 272 check_list: 273 if (list_empty(&daemon->msg_ctx_out_queue)) { 274 mutex_unlock(&daemon->mux); 275 rc = wait_event_interruptible( 276 daemon->wait, !list_empty(&daemon->msg_ctx_out_queue)); 277 mutex_lock(&daemon->mux); 278 if (rc < 0) { 279 rc = 0; 280 goto out_unlock_daemon; 281 } 282 } 283 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 284 rc = 0; 285 goto out_unlock_daemon; 286 } 287 if (list_empty(&daemon->msg_ctx_out_queue)) { 288 /* Something else jumped in since the 289 * wait_event_interruptable() and removed the 290 * message from the queue; try again */ 291 goto check_list; 292 } 293 BUG_ON(current->euid != daemon->euid); 294 BUG_ON(current->nsproxy->user_ns != daemon->user_ns); 295 BUG_ON(task_pid(current) != daemon->pid); 296 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 297 struct ecryptfs_msg_ctx, daemon_out_list); 298 BUG_ON(!msg_ctx); 299 mutex_lock(&msg_ctx->mux); 300 if (msg_ctx->msg) { 301 rc = ecryptfs_write_packet_length(packet_length, 302 msg_ctx->msg_size, 303 &packet_length_size); 304 if (rc) { 305 rc = 0; 306 printk(KERN_WARNING "%s: Error writing packet length; " 307 "rc = [%d]\n", __func__, rc); 308 goto out_unlock_msg_ctx; 309 } 310 } else { 311 packet_length_size = 0; 312 msg_ctx->msg_size = 0; 313 } 314 /* miscdevfs packet format: 315 * Octet 0: Type 316 * Octets 1-4: network byte order msg_ctx->counter 317 * Octets 5-N0: Size of struct ecryptfs_message to follow 318 * Octets N0-N1: struct ecryptfs_message (including data) 319 * 320 * Octets 5-N1 not written if the packet type does not 321 * include a message */ 322 total_length = (1 + 4 + packet_length_size + msg_ctx->msg_size); 323 if (count < total_length) { 324 rc = 0; 325 printk(KERN_WARNING "%s: Only given user buffer of " 326 "size [%Zd], but we need [%Zd] to read the " 327 "pending message\n", __func__, count, total_length); 328 goto out_unlock_msg_ctx; 329 } 330 rc = -EFAULT; 331 if (put_user(msg_ctx->type, buf)) 332 goto out_unlock_msg_ctx; 333 if (put_user(cpu_to_be32(msg_ctx->counter), (__be32 __user *)(buf + 1))) 334 goto out_unlock_msg_ctx; 335 i = 5; 336 if (msg_ctx->msg) { 337 if (copy_to_user(&buf[i], packet_length, packet_length_size)) 338 goto out_unlock_msg_ctx; 339 i += packet_length_size; 340 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) 341 goto out_unlock_msg_ctx; 342 i += msg_ctx->msg_size; 343 } 344 rc = i; 345 list_del(&msg_ctx->daemon_out_list); 346 kfree(msg_ctx->msg); 347 msg_ctx->msg = NULL; 348 /* We do not expect a reply from the userspace daemon for any 349 * message type other than ECRYPTFS_MSG_REQUEST */ 350 if (msg_ctx->type != ECRYPTFS_MSG_REQUEST) 351 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 352 out_unlock_msg_ctx: 353 mutex_unlock(&msg_ctx->mux); 354 out_unlock_daemon: 355 daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ; 356 mutex_unlock(&daemon->mux); 357 return rc; 358 } 359 360 /** 361 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 362 * @data: Bytes comprising struct ecryptfs_message 363 * @data_size: sizeof(struct ecryptfs_message) + data len 364 * @euid: Effective user id of miscdevess sending the miscdev response 365 * @user_ns: The namespace in which @euid applies 366 * @pid: Miscdevess id of miscdevess sending the miscdev response 367 * @seq: Sequence number for miscdev response packet 368 * 369 * Returns zero on success; non-zero otherwise 370 */ 371 static int ecryptfs_miscdev_response(char *data, size_t data_size, 372 uid_t euid, struct user_namespace *user_ns, 373 struct pid *pid, u32 seq) 374 { 375 struct ecryptfs_message *msg = (struct ecryptfs_message *)data; 376 int rc; 377 378 if ((sizeof(*msg) + msg->data_len) != data_size) { 379 printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = " 380 "[%Zd]; data_size = [%Zd]. Invalid packet.\n", __func__, 381 (sizeof(*msg) + msg->data_len), data_size); 382 rc = -EINVAL; 383 goto out; 384 } 385 rc = ecryptfs_process_response(msg, euid, user_ns, pid, seq); 386 if (rc) 387 printk(KERN_ERR 388 "Error processing response message; rc = [%d]\n", rc); 389 out: 390 return rc; 391 } 392 393 /** 394 * ecryptfs_miscdev_write - handle write to daemon miscdev handle 395 * @file: File for misc dev handle (ignored) 396 * @buf: Buffer containing user data 397 * @count: Amount of data in @buf 398 * @ppos: Pointer to offset in file (ignored) 399 * 400 * miscdevfs packet format: 401 * Octet 0: Type 402 * Octets 1-4: network byte order msg_ctx->counter (0's for non-response) 403 * Octets 5-N0: Size of struct ecryptfs_message to follow 404 * Octets N0-N1: struct ecryptfs_message (including data) 405 * 406 * Returns the number of bytes read from @buf 407 */ 408 static ssize_t 409 ecryptfs_miscdev_write(struct file *file, const char __user *buf, 410 size_t count, loff_t *ppos) 411 { 412 __be32 counter_nbo; 413 u32 seq; 414 size_t packet_size, packet_size_length, i; 415 ssize_t sz = 0; 416 char *data; 417 int rc; 418 419 if (count == 0) 420 goto out; 421 data = kmalloc(count, GFP_KERNEL); 422 if (!data) { 423 printk(KERN_ERR "%s: Out of memory whilst attempting to " 424 "kmalloc([%Zd], GFP_KERNEL)\n", __func__, count); 425 goto out; 426 } 427 rc = copy_from_user(data, buf, count); 428 if (rc) { 429 printk(KERN_ERR "%s: copy_from_user returned error [%d]\n", 430 __func__, rc); 431 goto out_free; 432 } 433 sz = count; 434 i = 0; 435 switch (data[i++]) { 436 case ECRYPTFS_MSG_RESPONSE: 437 if (count < (1 + 4 + 1 + sizeof(struct ecryptfs_message))) { 438 printk(KERN_WARNING "%s: Minimum acceptable packet " 439 "size is [%Zd], but amount of data written is " 440 "only [%Zd]. Discarding response packet.\n", 441 __func__, 442 (1 + 4 + 1 + sizeof(struct ecryptfs_message)), 443 count); 444 goto out_free; 445 } 446 memcpy(&counter_nbo, &data[i], 4); 447 seq = be32_to_cpu(counter_nbo); 448 i += 4; 449 rc = ecryptfs_parse_packet_length(&data[i], &packet_size, 450 &packet_size_length); 451 if (rc) { 452 printk(KERN_WARNING "%s: Error parsing packet length; " 453 "rc = [%d]\n", __func__, rc); 454 goto out_free; 455 } 456 i += packet_size_length; 457 if ((1 + 4 + packet_size_length + packet_size) != count) { 458 printk(KERN_WARNING "%s: (1 + packet_size_length([%Zd])" 459 " + packet_size([%Zd]))([%Zd]) != " 460 "count([%Zd]). Invalid packet format.\n", 461 __func__, packet_size_length, packet_size, 462 (1 + packet_size_length + packet_size), count); 463 goto out_free; 464 } 465 rc = ecryptfs_miscdev_response(&data[i], packet_size, 466 current->euid, 467 current->nsproxy->user_ns, 468 task_pid(current), seq); 469 if (rc) 470 printk(KERN_WARNING "%s: Failed to deliver miscdev " 471 "response to requesting operation; rc = [%d]\n", 472 __func__, rc); 473 break; 474 case ECRYPTFS_MSG_HELO: 475 case ECRYPTFS_MSG_QUIT: 476 break; 477 default: 478 ecryptfs_printk(KERN_WARNING, "Dropping miscdev " 479 "message of unrecognized type [%d]\n", 480 data[0]); 481 break; 482 } 483 out_free: 484 kfree(data); 485 out: 486 return sz; 487 } 488 489 490 static const struct file_operations ecryptfs_miscdev_fops = { 491 .open = ecryptfs_miscdev_open, 492 .poll = ecryptfs_miscdev_poll, 493 .read = ecryptfs_miscdev_read, 494 .write = ecryptfs_miscdev_write, 495 .release = ecryptfs_miscdev_release, 496 }; 497 498 static struct miscdevice ecryptfs_miscdev = { 499 .minor = MISC_DYNAMIC_MINOR, 500 .name = "ecryptfs", 501 .fops = &ecryptfs_miscdev_fops 502 }; 503 504 /** 505 * ecryptfs_init_ecryptfs_miscdev 506 * 507 * Messages sent to the userspace daemon from the kernel are placed on 508 * a queue associated with the daemon. The next read against the 509 * miscdev handle by that daemon will return the oldest message placed 510 * on the message queue for the daemon. 511 * 512 * Returns zero on success; non-zero otherwise 513 */ 514 int ecryptfs_init_ecryptfs_miscdev(void) 515 { 516 int rc; 517 518 atomic_set(&ecryptfs_num_miscdev_opens, 0); 519 rc = misc_register(&ecryptfs_miscdev); 520 if (rc) 521 printk(KERN_ERR "%s: Failed to register miscellaneous device " 522 "for communications with userspace daemons; rc = [%d]\n", 523 __func__, rc); 524 return rc; 525 } 526 527 /** 528 * ecryptfs_destroy_ecryptfs_miscdev 529 * 530 * All of the daemons must be exorcised prior to calling this 531 * function. 532 */ 533 void ecryptfs_destroy_ecryptfs_miscdev(void) 534 { 535 BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0); 536 misc_deregister(&ecryptfs_miscdev); 537 } 538