1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License version 9 * 2 as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22 #include <linux/fs.h> 23 #include <linux/hash.h> 24 #include <linux/random.h> 25 #include <linux/miscdevice.h> 26 #include <linux/poll.h> 27 #include <linux/wait.h> 28 #include <linux/module.h> 29 #include "ecryptfs_kernel.h" 30 31 static atomic_t ecryptfs_num_miscdev_opens; 32 33 /** 34 * ecryptfs_miscdev_poll 35 * @file: dev file (ignored) 36 * @pt: dev poll table (ignored) 37 * 38 * Returns the poll mask 39 */ 40 static unsigned int 41 ecryptfs_miscdev_poll(struct file *file, poll_table *pt) 42 { 43 struct ecryptfs_daemon *daemon; 44 unsigned int mask = 0; 45 uid_t euid = current_euid(); 46 int rc; 47 48 mutex_lock(&ecryptfs_daemon_hash_mux); 49 /* TODO: Just use file->private_data? */ 50 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); 51 BUG_ON(rc || !daemon); 52 mutex_lock(&daemon->mux); 53 mutex_unlock(&ecryptfs_daemon_hash_mux); 54 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 55 printk(KERN_WARNING "%s: Attempt to poll on zombified " 56 "daemon\n", __func__); 57 goto out_unlock_daemon; 58 } 59 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) 60 goto out_unlock_daemon; 61 if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL) 62 goto out_unlock_daemon; 63 daemon->flags |= ECRYPTFS_DAEMON_IN_POLL; 64 mutex_unlock(&daemon->mux); 65 poll_wait(file, &daemon->wait, pt); 66 mutex_lock(&daemon->mux); 67 if (!list_empty(&daemon->msg_ctx_out_queue)) 68 mask |= POLLIN | POLLRDNORM; 69 out_unlock_daemon: 70 daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL; 71 mutex_unlock(&daemon->mux); 72 return mask; 73 } 74 75 /** 76 * ecryptfs_miscdev_open 77 * @inode: inode of miscdev handle (ignored) 78 * @file: file for miscdev handle (ignored) 79 * 80 * Returns zero on success; non-zero otherwise 81 */ 82 static int 83 ecryptfs_miscdev_open(struct inode *inode, struct file *file) 84 { 85 struct ecryptfs_daemon *daemon = NULL; 86 uid_t euid = current_euid(); 87 int rc; 88 89 mutex_lock(&ecryptfs_daemon_hash_mux); 90 rc = try_module_get(THIS_MODULE); 91 if (rc == 0) { 92 rc = -EIO; 93 printk(KERN_ERR "%s: Error attempting to increment module use " 94 "count; rc = [%d]\n", __func__, rc); 95 goto out_unlock_daemon_list; 96 } 97 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); 98 if (rc || !daemon) { 99 rc = ecryptfs_spawn_daemon(&daemon, euid, current_user_ns(), 100 task_pid(current)); 101 if (rc) { 102 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 103 "rc = [%d]\n", __func__, rc); 104 goto out_module_put_unlock_daemon_list; 105 } 106 } 107 mutex_lock(&daemon->mux); 108 if (daemon->pid != task_pid(current)) { 109 rc = -EINVAL; 110 printk(KERN_ERR "%s: pid [0x%p] has registered with euid [%d], " 111 "but pid [0x%p] has attempted to open the handle " 112 "instead\n", __func__, daemon->pid, daemon->euid, 113 task_pid(current)); 114 goto out_unlock_daemon; 115 } 116 if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) { 117 rc = -EBUSY; 118 printk(KERN_ERR "%s: Miscellaneous device handle may only be " 119 "opened once per daemon; pid [0x%p] already has this " 120 "handle open\n", __func__, daemon->pid); 121 goto out_unlock_daemon; 122 } 123 daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; 124 atomic_inc(&ecryptfs_num_miscdev_opens); 125 out_unlock_daemon: 126 mutex_unlock(&daemon->mux); 127 out_module_put_unlock_daemon_list: 128 if (rc) 129 module_put(THIS_MODULE); 130 out_unlock_daemon_list: 131 mutex_unlock(&ecryptfs_daemon_hash_mux); 132 return rc; 133 } 134 135 /** 136 * ecryptfs_miscdev_release 137 * @inode: inode of fs/ecryptfs/euid handle (ignored) 138 * @file: file for fs/ecryptfs/euid handle (ignored) 139 * 140 * This keeps the daemon registered until the daemon sends another 141 * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters. 142 * 143 * Returns zero on success; non-zero otherwise 144 */ 145 static int 146 ecryptfs_miscdev_release(struct inode *inode, struct file *file) 147 { 148 struct ecryptfs_daemon *daemon = NULL; 149 uid_t euid = current_euid(); 150 int rc; 151 152 mutex_lock(&ecryptfs_daemon_hash_mux); 153 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); 154 BUG_ON(rc || !daemon); 155 mutex_lock(&daemon->mux); 156 BUG_ON(daemon->pid != task_pid(current)); 157 BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); 158 daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; 159 atomic_dec(&ecryptfs_num_miscdev_opens); 160 mutex_unlock(&daemon->mux); 161 rc = ecryptfs_exorcise_daemon(daemon); 162 if (rc) { 163 printk(KERN_CRIT "%s: Fatal error whilst attempting to " 164 "shut down daemon; rc = [%d]. Please report this " 165 "bug.\n", __func__, rc); 166 BUG(); 167 } 168 module_put(THIS_MODULE); 169 mutex_unlock(&ecryptfs_daemon_hash_mux); 170 return rc; 171 } 172 173 /** 174 * ecryptfs_send_miscdev 175 * @data: Data to send to daemon; may be NULL 176 * @data_size: Amount of data to send to daemon 177 * @msg_ctx: Message context, which is used to handle the reply. If 178 * this is NULL, then we do not expect a reply. 179 * @msg_type: Type of message 180 * @msg_flags: Flags for message 181 * @daemon: eCryptfs daemon object 182 * 183 * Add msg_ctx to queue and then, if it exists, notify the blocked 184 * miscdevess about the data being available. Must be called with 185 * ecryptfs_daemon_hash_mux held. 186 * 187 * Returns zero on success; non-zero otherwise 188 */ 189 int ecryptfs_send_miscdev(char *data, size_t data_size, 190 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, 191 u16 msg_flags, struct ecryptfs_daemon *daemon) 192 { 193 int rc = 0; 194 195 mutex_lock(&msg_ctx->mux); 196 if (data) { 197 msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), 198 GFP_KERNEL); 199 if (!msg_ctx->msg) { 200 rc = -ENOMEM; 201 printk(KERN_ERR "%s: Out of memory whilst attempting " 202 "to kmalloc(%zd, GFP_KERNEL)\n", __func__, 203 (sizeof(*msg_ctx->msg) + data_size)); 204 goto out_unlock; 205 } 206 } else 207 msg_ctx->msg = NULL; 208 msg_ctx->msg->index = msg_ctx->index; 209 msg_ctx->msg->data_len = data_size; 210 msg_ctx->type = msg_type; 211 if (data) { 212 memcpy(msg_ctx->msg->data, data, data_size); 213 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); 214 } else 215 msg_ctx->msg_size = 0; 216 mutex_lock(&daemon->mux); 217 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 218 daemon->num_queued_msg_ctx++; 219 wake_up_interruptible(&daemon->wait); 220 mutex_unlock(&daemon->mux); 221 out_unlock: 222 mutex_unlock(&msg_ctx->mux); 223 return rc; 224 } 225 226 /** 227 * ecryptfs_miscdev_read - format and send message from queue 228 * @file: fs/ecryptfs/euid miscdevfs handle (ignored) 229 * @buf: User buffer into which to copy the next message on the daemon queue 230 * @count: Amount of space available in @buf 231 * @ppos: Offset in file (ignored) 232 * 233 * Pulls the most recent message from the daemon queue, formats it for 234 * being sent via a miscdevfs handle, and copies it into @buf 235 * 236 * Returns the number of bytes copied into the user buffer 237 */ 238 static ssize_t 239 ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 240 loff_t *ppos) 241 { 242 struct ecryptfs_daemon *daemon; 243 struct ecryptfs_msg_ctx *msg_ctx; 244 size_t packet_length_size; 245 char packet_length[3]; 246 size_t i; 247 size_t total_length; 248 uid_t euid = current_euid(); 249 int rc; 250 251 mutex_lock(&ecryptfs_daemon_hash_mux); 252 /* TODO: Just use file->private_data? */ 253 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); 254 BUG_ON(rc || !daemon); 255 mutex_lock(&daemon->mux); 256 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 257 rc = 0; 258 mutex_unlock(&ecryptfs_daemon_hash_mux); 259 printk(KERN_WARNING "%s: Attempt to read from zombified " 260 "daemon\n", __func__); 261 goto out_unlock_daemon; 262 } 263 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) { 264 rc = 0; 265 mutex_unlock(&ecryptfs_daemon_hash_mux); 266 goto out_unlock_daemon; 267 } 268 /* This daemon will not go away so long as this flag is set */ 269 daemon->flags |= ECRYPTFS_DAEMON_IN_READ; 270 mutex_unlock(&ecryptfs_daemon_hash_mux); 271 check_list: 272 if (list_empty(&daemon->msg_ctx_out_queue)) { 273 mutex_unlock(&daemon->mux); 274 rc = wait_event_interruptible( 275 daemon->wait, !list_empty(&daemon->msg_ctx_out_queue)); 276 mutex_lock(&daemon->mux); 277 if (rc < 0) { 278 rc = 0; 279 goto out_unlock_daemon; 280 } 281 } 282 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 283 rc = 0; 284 goto out_unlock_daemon; 285 } 286 if (list_empty(&daemon->msg_ctx_out_queue)) { 287 /* Something else jumped in since the 288 * wait_event_interruptable() and removed the 289 * message from the queue; try again */ 290 goto check_list; 291 } 292 BUG_ON(euid != daemon->euid); 293 BUG_ON(current_user_ns() != daemon->user_ns); 294 BUG_ON(task_pid(current) != daemon->pid); 295 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 296 struct ecryptfs_msg_ctx, daemon_out_list); 297 BUG_ON(!msg_ctx); 298 mutex_lock(&msg_ctx->mux); 299 if (msg_ctx->msg) { 300 rc = ecryptfs_write_packet_length(packet_length, 301 msg_ctx->msg_size, 302 &packet_length_size); 303 if (rc) { 304 rc = 0; 305 printk(KERN_WARNING "%s: Error writing packet length; " 306 "rc = [%d]\n", __func__, rc); 307 goto out_unlock_msg_ctx; 308 } 309 } else { 310 packet_length_size = 0; 311 msg_ctx->msg_size = 0; 312 } 313 /* miscdevfs packet format: 314 * Octet 0: Type 315 * Octets 1-4: network byte order msg_ctx->counter 316 * Octets 5-N0: Size of struct ecryptfs_message to follow 317 * Octets N0-N1: struct ecryptfs_message (including data) 318 * 319 * Octets 5-N1 not written if the packet type does not 320 * include a message */ 321 total_length = (1 + 4 + packet_length_size + msg_ctx->msg_size); 322 if (count < total_length) { 323 rc = 0; 324 printk(KERN_WARNING "%s: Only given user buffer of " 325 "size [%zd], but we need [%zd] to read the " 326 "pending message\n", __func__, count, total_length); 327 goto out_unlock_msg_ctx; 328 } 329 rc = -EFAULT; 330 if (put_user(msg_ctx->type, buf)) 331 goto out_unlock_msg_ctx; 332 if (put_user(cpu_to_be32(msg_ctx->counter), (__be32 __user *)(buf + 1))) 333 goto out_unlock_msg_ctx; 334 i = 5; 335 if (msg_ctx->msg) { 336 if (copy_to_user(&buf[i], packet_length, packet_length_size)) 337 goto out_unlock_msg_ctx; 338 i += packet_length_size; 339 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) 340 goto out_unlock_msg_ctx; 341 i += msg_ctx->msg_size; 342 } 343 rc = i; 344 list_del(&msg_ctx->daemon_out_list); 345 kfree(msg_ctx->msg); 346 msg_ctx->msg = NULL; 347 /* We do not expect a reply from the userspace daemon for any 348 * message type other than ECRYPTFS_MSG_REQUEST */ 349 if (msg_ctx->type != ECRYPTFS_MSG_REQUEST) 350 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 351 out_unlock_msg_ctx: 352 mutex_unlock(&msg_ctx->mux); 353 out_unlock_daemon: 354 daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ; 355 mutex_unlock(&daemon->mux); 356 return rc; 357 } 358 359 /** 360 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 361 * @data: Bytes comprising struct ecryptfs_message 362 * @data_size: sizeof(struct ecryptfs_message) + data len 363 * @euid: Effective user id of miscdevess sending the miscdev response 364 * @user_ns: The namespace in which @euid applies 365 * @pid: Miscdevess id of miscdevess sending the miscdev response 366 * @seq: Sequence number for miscdev response packet 367 * 368 * Returns zero on success; non-zero otherwise 369 */ 370 static int ecryptfs_miscdev_response(char *data, size_t data_size, 371 uid_t euid, struct user_namespace *user_ns, 372 struct pid *pid, u32 seq) 373 { 374 struct ecryptfs_message *msg = (struct ecryptfs_message *)data; 375 int rc; 376 377 if ((sizeof(*msg) + msg->data_len) != data_size) { 378 printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = " 379 "[%zd]; data_size = [%zd]. Invalid packet.\n", __func__, 380 (sizeof(*msg) + msg->data_len), data_size); 381 rc = -EINVAL; 382 goto out; 383 } 384 rc = ecryptfs_process_response(msg, euid, user_ns, pid, seq); 385 if (rc) 386 printk(KERN_ERR 387 "Error processing response message; rc = [%d]\n", rc); 388 out: 389 return rc; 390 } 391 392 /** 393 * ecryptfs_miscdev_write - handle write to daemon miscdev handle 394 * @file: File for misc dev handle (ignored) 395 * @buf: Buffer containing user data 396 * @count: Amount of data in @buf 397 * @ppos: Pointer to offset in file (ignored) 398 * 399 * miscdevfs packet format: 400 * Octet 0: Type 401 * Octets 1-4: network byte order msg_ctx->counter (0's for non-response) 402 * Octets 5-N0: Size of struct ecryptfs_message to follow 403 * Octets N0-N1: struct ecryptfs_message (including data) 404 * 405 * Returns the number of bytes read from @buf 406 */ 407 static ssize_t 408 ecryptfs_miscdev_write(struct file *file, const char __user *buf, 409 size_t count, loff_t *ppos) 410 { 411 __be32 counter_nbo; 412 u32 seq; 413 size_t packet_size, packet_size_length, i; 414 ssize_t sz = 0; 415 char *data; 416 uid_t euid = current_euid(); 417 int rc; 418 419 if (count == 0) 420 goto out; 421 data = kmalloc(count, GFP_KERNEL); 422 if (!data) { 423 printk(KERN_ERR "%s: Out of memory whilst attempting to " 424 "kmalloc([%zd], GFP_KERNEL)\n", __func__, count); 425 goto out; 426 } 427 rc = copy_from_user(data, buf, count); 428 if (rc) { 429 printk(KERN_ERR "%s: copy_from_user returned error [%d]\n", 430 __func__, rc); 431 goto out_free; 432 } 433 sz = count; 434 i = 0; 435 switch (data[i++]) { 436 case ECRYPTFS_MSG_RESPONSE: 437 if (count < (1 + 4 + 1 + sizeof(struct ecryptfs_message))) { 438 printk(KERN_WARNING "%s: Minimum acceptable packet " 439 "size is [%zd], but amount of data written is " 440 "only [%zd]. Discarding response packet.\n", 441 __func__, 442 (1 + 4 + 1 + sizeof(struct ecryptfs_message)), 443 count); 444 goto out_free; 445 } 446 memcpy(&counter_nbo, &data[i], 4); 447 seq = be32_to_cpu(counter_nbo); 448 i += 4; 449 rc = ecryptfs_parse_packet_length(&data[i], &packet_size, 450 &packet_size_length); 451 if (rc) { 452 printk(KERN_WARNING "%s: Error parsing packet length; " 453 "rc = [%d]\n", __func__, rc); 454 goto out_free; 455 } 456 i += packet_size_length; 457 if ((1 + 4 + packet_size_length + packet_size) != count) { 458 printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" 459 " + packet_size([%zd]))([%zd]) != " 460 "count([%zd]). Invalid packet format.\n", 461 __func__, packet_size_length, packet_size, 462 (1 + packet_size_length + packet_size), count); 463 goto out_free; 464 } 465 rc = ecryptfs_miscdev_response(&data[i], packet_size, 466 euid, current_user_ns(), 467 task_pid(current), seq); 468 if (rc) 469 printk(KERN_WARNING "%s: Failed to deliver miscdev " 470 "response to requesting operation; rc = [%d]\n", 471 __func__, rc); 472 break; 473 case ECRYPTFS_MSG_HELO: 474 case ECRYPTFS_MSG_QUIT: 475 break; 476 default: 477 ecryptfs_printk(KERN_WARNING, "Dropping miscdev " 478 "message of unrecognized type [%d]\n", 479 data[0]); 480 break; 481 } 482 out_free: 483 kfree(data); 484 out: 485 return sz; 486 } 487 488 489 static const struct file_operations ecryptfs_miscdev_fops = { 490 .open = ecryptfs_miscdev_open, 491 .poll = ecryptfs_miscdev_poll, 492 .read = ecryptfs_miscdev_read, 493 .write = ecryptfs_miscdev_write, 494 .release = ecryptfs_miscdev_release, 495 }; 496 497 static struct miscdevice ecryptfs_miscdev = { 498 .minor = MISC_DYNAMIC_MINOR, 499 .name = "ecryptfs", 500 .fops = &ecryptfs_miscdev_fops 501 }; 502 503 /** 504 * ecryptfs_init_ecryptfs_miscdev 505 * 506 * Messages sent to the userspace daemon from the kernel are placed on 507 * a queue associated with the daemon. The next read against the 508 * miscdev handle by that daemon will return the oldest message placed 509 * on the message queue for the daemon. 510 * 511 * Returns zero on success; non-zero otherwise 512 */ 513 int ecryptfs_init_ecryptfs_miscdev(void) 514 { 515 int rc; 516 517 atomic_set(&ecryptfs_num_miscdev_opens, 0); 518 rc = misc_register(&ecryptfs_miscdev); 519 if (rc) 520 printk(KERN_ERR "%s: Failed to register miscellaneous device " 521 "for communications with userspace daemons; rc = [%d]\n", 522 __func__, rc); 523 return rc; 524 } 525 526 /** 527 * ecryptfs_destroy_ecryptfs_miscdev 528 * 529 * All of the daemons must be exorcised prior to calling this 530 * function. 531 */ 532 void ecryptfs_destroy_ecryptfs_miscdev(void) 533 { 534 BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0); 535 misc_deregister(&ecryptfs_miscdev); 536 } 537