1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License version 9 * 2 as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22 #include <linux/fs.h> 23 #include <linux/hash.h> 24 #include <linux/random.h> 25 #include <linux/miscdevice.h> 26 #include <linux/poll.h> 27 #include <linux/slab.h> 28 #include <linux/wait.h> 29 #include <linux/module.h> 30 #include "ecryptfs_kernel.h" 31 32 static atomic_t ecryptfs_num_miscdev_opens; 33 34 /** 35 * ecryptfs_miscdev_poll 36 * @file: dev file 37 * @pt: dev poll table (ignored) 38 * 39 * Returns the poll mask 40 */ 41 static unsigned int 42 ecryptfs_miscdev_poll(struct file *file, poll_table *pt) 43 { 44 struct ecryptfs_daemon *daemon = file->private_data; 45 unsigned int mask = 0; 46 47 mutex_lock(&daemon->mux); 48 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 49 printk(KERN_WARNING "%s: Attempt to poll on zombified " 50 "daemon\n", __func__); 51 goto out_unlock_daemon; 52 } 53 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) 54 goto out_unlock_daemon; 55 if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL) 56 goto out_unlock_daemon; 57 daemon->flags |= ECRYPTFS_DAEMON_IN_POLL; 58 mutex_unlock(&daemon->mux); 59 poll_wait(file, &daemon->wait, pt); 60 mutex_lock(&daemon->mux); 61 if (!list_empty(&daemon->msg_ctx_out_queue)) 62 mask |= POLLIN | POLLRDNORM; 63 out_unlock_daemon: 64 daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL; 65 mutex_unlock(&daemon->mux); 66 return mask; 67 } 68 69 /** 70 * ecryptfs_miscdev_open 71 * @inode: inode of miscdev handle (ignored) 72 * @file: file for miscdev handle 73 * 74 * Returns zero on success; non-zero otherwise 75 */ 76 static int 77 ecryptfs_miscdev_open(struct inode *inode, struct file *file) 78 { 79 struct ecryptfs_daemon *daemon = NULL; 80 int rc; 81 82 mutex_lock(&ecryptfs_daemon_hash_mux); 83 rc = try_module_get(THIS_MODULE); 84 if (rc == 0) { 85 rc = -EIO; 86 printk(KERN_ERR "%s: Error attempting to increment module use " 87 "count; rc = [%d]\n", __func__, rc); 88 goto out_unlock_daemon_list; 89 } 90 rc = ecryptfs_find_daemon_by_euid(&daemon); 91 if (!rc) { 92 rc = -EINVAL; 93 goto out_unlock_daemon_list; 94 } 95 rc = ecryptfs_spawn_daemon(&daemon, file); 96 if (rc) { 97 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 98 "rc = [%d]\n", __func__, rc); 99 goto out_module_put_unlock_daemon_list; 100 } 101 mutex_lock(&daemon->mux); 102 if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) { 103 rc = -EBUSY; 104 goto out_unlock_daemon; 105 } 106 daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; 107 file->private_data = daemon; 108 atomic_inc(&ecryptfs_num_miscdev_opens); 109 out_unlock_daemon: 110 mutex_unlock(&daemon->mux); 111 out_module_put_unlock_daemon_list: 112 if (rc) 113 module_put(THIS_MODULE); 114 out_unlock_daemon_list: 115 mutex_unlock(&ecryptfs_daemon_hash_mux); 116 return rc; 117 } 118 119 /** 120 * ecryptfs_miscdev_release 121 * @inode: inode of fs/ecryptfs/euid handle (ignored) 122 * @file: file for fs/ecryptfs/euid handle 123 * 124 * This keeps the daemon registered until the daemon sends another 125 * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters. 126 * 127 * Returns zero on success; non-zero otherwise 128 */ 129 static int 130 ecryptfs_miscdev_release(struct inode *inode, struct file *file) 131 { 132 struct ecryptfs_daemon *daemon = file->private_data; 133 int rc; 134 135 mutex_lock(&daemon->mux); 136 BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); 137 daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; 138 atomic_dec(&ecryptfs_num_miscdev_opens); 139 mutex_unlock(&daemon->mux); 140 141 mutex_lock(&ecryptfs_daemon_hash_mux); 142 rc = ecryptfs_exorcise_daemon(daemon); 143 mutex_unlock(&ecryptfs_daemon_hash_mux); 144 if (rc) { 145 printk(KERN_CRIT "%s: Fatal error whilst attempting to " 146 "shut down daemon; rc = [%d]. Please report this " 147 "bug.\n", __func__, rc); 148 BUG(); 149 } 150 module_put(THIS_MODULE); 151 return rc; 152 } 153 154 /** 155 * ecryptfs_send_miscdev 156 * @data: Data to send to daemon; may be NULL 157 * @data_size: Amount of data to send to daemon 158 * @msg_ctx: Message context, which is used to handle the reply. If 159 * this is NULL, then we do not expect a reply. 160 * @msg_type: Type of message 161 * @msg_flags: Flags for message 162 * @daemon: eCryptfs daemon object 163 * 164 * Add msg_ctx to queue and then, if it exists, notify the blocked 165 * miscdevess about the data being available. Must be called with 166 * ecryptfs_daemon_hash_mux held. 167 * 168 * Returns zero on success; non-zero otherwise 169 */ 170 int ecryptfs_send_miscdev(char *data, size_t data_size, 171 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, 172 u16 msg_flags, struct ecryptfs_daemon *daemon) 173 { 174 struct ecryptfs_message *msg; 175 176 msg = kmalloc((sizeof(*msg) + data_size), GFP_KERNEL); 177 if (!msg) { 178 printk(KERN_ERR "%s: Out of memory whilst attempting " 179 "to kmalloc(%zd, GFP_KERNEL)\n", __func__, 180 (sizeof(*msg) + data_size)); 181 return -ENOMEM; 182 } 183 184 mutex_lock(&msg_ctx->mux); 185 msg_ctx->msg = msg; 186 msg_ctx->msg->index = msg_ctx->index; 187 msg_ctx->msg->data_len = data_size; 188 msg_ctx->type = msg_type; 189 memcpy(msg_ctx->msg->data, data, data_size); 190 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); 191 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 192 mutex_unlock(&msg_ctx->mux); 193 194 mutex_lock(&daemon->mux); 195 daemon->num_queued_msg_ctx++; 196 wake_up_interruptible(&daemon->wait); 197 mutex_unlock(&daemon->mux); 198 199 return 0; 200 } 201 202 /* 203 * miscdevfs packet format: 204 * Octet 0: Type 205 * Octets 1-4: network byte order msg_ctx->counter 206 * Octets 5-N0: Size of struct ecryptfs_message to follow 207 * Octets N0-N1: struct ecryptfs_message (including data) 208 * 209 * Octets 5-N1 not written if the packet type does not include a message 210 */ 211 #define PKT_TYPE_SIZE 1 212 #define PKT_CTR_SIZE 4 213 #define MIN_NON_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE) 214 #define MIN_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \ 215 + ECRYPTFS_MIN_PKT_LEN_SIZE) 216 /* 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES comes from tag 65 packet format */ 217 #define MAX_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \ 218 + ECRYPTFS_MAX_PKT_LEN_SIZE \ 219 + sizeof(struct ecryptfs_message) \ 220 + 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) 221 #define PKT_TYPE_OFFSET 0 222 #define PKT_CTR_OFFSET PKT_TYPE_SIZE 223 #define PKT_LEN_OFFSET (PKT_TYPE_SIZE + PKT_CTR_SIZE) 224 225 /** 226 * ecryptfs_miscdev_read - format and send message from queue 227 * @file: miscdevfs handle 228 * @buf: User buffer into which to copy the next message on the daemon queue 229 * @count: Amount of space available in @buf 230 * @ppos: Offset in file (ignored) 231 * 232 * Pulls the most recent message from the daemon queue, formats it for 233 * being sent via a miscdevfs handle, and copies it into @buf 234 * 235 * Returns the number of bytes copied into the user buffer 236 */ 237 static ssize_t 238 ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 239 loff_t *ppos) 240 { 241 struct ecryptfs_daemon *daemon = file->private_data; 242 struct ecryptfs_msg_ctx *msg_ctx; 243 size_t packet_length_size; 244 char packet_length[ECRYPTFS_MAX_PKT_LEN_SIZE]; 245 size_t i; 246 size_t total_length; 247 int rc; 248 249 mutex_lock(&daemon->mux); 250 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 251 rc = 0; 252 printk(KERN_WARNING "%s: Attempt to read from zombified " 253 "daemon\n", __func__); 254 goto out_unlock_daemon; 255 } 256 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) { 257 rc = 0; 258 goto out_unlock_daemon; 259 } 260 /* This daemon will not go away so long as this flag is set */ 261 daemon->flags |= ECRYPTFS_DAEMON_IN_READ; 262 check_list: 263 if (list_empty(&daemon->msg_ctx_out_queue)) { 264 mutex_unlock(&daemon->mux); 265 rc = wait_event_interruptible( 266 daemon->wait, !list_empty(&daemon->msg_ctx_out_queue)); 267 mutex_lock(&daemon->mux); 268 if (rc < 0) { 269 rc = 0; 270 goto out_unlock_daemon; 271 } 272 } 273 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 274 rc = 0; 275 goto out_unlock_daemon; 276 } 277 if (list_empty(&daemon->msg_ctx_out_queue)) { 278 /* Something else jumped in since the 279 * wait_event_interruptable() and removed the 280 * message from the queue; try again */ 281 goto check_list; 282 } 283 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 284 struct ecryptfs_msg_ctx, daemon_out_list); 285 BUG_ON(!msg_ctx); 286 mutex_lock(&msg_ctx->mux); 287 if (msg_ctx->msg) { 288 rc = ecryptfs_write_packet_length(packet_length, 289 msg_ctx->msg_size, 290 &packet_length_size); 291 if (rc) { 292 rc = 0; 293 printk(KERN_WARNING "%s: Error writing packet length; " 294 "rc = [%d]\n", __func__, rc); 295 goto out_unlock_msg_ctx; 296 } 297 } else { 298 packet_length_size = 0; 299 msg_ctx->msg_size = 0; 300 } 301 total_length = (PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_length_size 302 + msg_ctx->msg_size); 303 if (count < total_length) { 304 rc = 0; 305 printk(KERN_WARNING "%s: Only given user buffer of " 306 "size [%zd], but we need [%zd] to read the " 307 "pending message\n", __func__, count, total_length); 308 goto out_unlock_msg_ctx; 309 } 310 rc = -EFAULT; 311 if (put_user(msg_ctx->type, buf)) 312 goto out_unlock_msg_ctx; 313 if (put_user(cpu_to_be32(msg_ctx->counter), 314 (__be32 __user *)(&buf[PKT_CTR_OFFSET]))) 315 goto out_unlock_msg_ctx; 316 i = PKT_TYPE_SIZE + PKT_CTR_SIZE; 317 if (msg_ctx->msg) { 318 if (copy_to_user(&buf[i], packet_length, packet_length_size)) 319 goto out_unlock_msg_ctx; 320 i += packet_length_size; 321 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) 322 goto out_unlock_msg_ctx; 323 i += msg_ctx->msg_size; 324 } 325 rc = i; 326 list_del(&msg_ctx->daemon_out_list); 327 kfree(msg_ctx->msg); 328 msg_ctx->msg = NULL; 329 /* We do not expect a reply from the userspace daemon for any 330 * message type other than ECRYPTFS_MSG_REQUEST */ 331 if (msg_ctx->type != ECRYPTFS_MSG_REQUEST) 332 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 333 out_unlock_msg_ctx: 334 mutex_unlock(&msg_ctx->mux); 335 out_unlock_daemon: 336 daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ; 337 mutex_unlock(&daemon->mux); 338 return rc; 339 } 340 341 /** 342 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 343 * @data: Bytes comprising struct ecryptfs_message 344 * @data_size: sizeof(struct ecryptfs_message) + data len 345 * @seq: Sequence number for miscdev response packet 346 * 347 * Returns zero on success; non-zero otherwise 348 */ 349 static int ecryptfs_miscdev_response(struct ecryptfs_daemon *daemon, char *data, 350 size_t data_size, u32 seq) 351 { 352 struct ecryptfs_message *msg = (struct ecryptfs_message *)data; 353 int rc; 354 355 if ((sizeof(*msg) + msg->data_len) != data_size) { 356 printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = " 357 "[%zd]; data_size = [%zd]. Invalid packet.\n", __func__, 358 (sizeof(*msg) + msg->data_len), data_size); 359 rc = -EINVAL; 360 goto out; 361 } 362 rc = ecryptfs_process_response(daemon, msg, seq); 363 if (rc) 364 printk(KERN_ERR 365 "Error processing response message; rc = [%d]\n", rc); 366 out: 367 return rc; 368 } 369 370 /** 371 * ecryptfs_miscdev_write - handle write to daemon miscdev handle 372 * @file: File for misc dev handle 373 * @buf: Buffer containing user data 374 * @count: Amount of data in @buf 375 * @ppos: Pointer to offset in file (ignored) 376 * 377 * Returns the number of bytes read from @buf 378 */ 379 static ssize_t 380 ecryptfs_miscdev_write(struct file *file, const char __user *buf, 381 size_t count, loff_t *ppos) 382 { 383 __be32 counter_nbo; 384 u32 seq; 385 size_t packet_size, packet_size_length; 386 char *data; 387 unsigned char packet_size_peek[ECRYPTFS_MAX_PKT_LEN_SIZE]; 388 ssize_t rc; 389 390 if (count == 0) { 391 return 0; 392 } else if (count == MIN_NON_MSG_PKT_SIZE) { 393 /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ 394 goto memdup; 395 } else if (count < MIN_MSG_PKT_SIZE || count > MAX_MSG_PKT_SIZE) { 396 printk(KERN_WARNING "%s: Acceptable packet size range is " 397 "[%d-%zu], but amount of data written is [%zu].", 398 __func__, MIN_MSG_PKT_SIZE, MAX_MSG_PKT_SIZE, count); 399 return -EINVAL; 400 } 401 402 if (copy_from_user(packet_size_peek, &buf[PKT_LEN_OFFSET], 403 sizeof(packet_size_peek))) { 404 printk(KERN_WARNING "%s: Error while inspecting packet size\n", 405 __func__); 406 return -EFAULT; 407 } 408 409 rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, 410 &packet_size_length); 411 if (rc) { 412 printk(KERN_WARNING "%s: Error parsing packet length; " 413 "rc = [%zd]\n", __func__, rc); 414 return rc; 415 } 416 417 if ((PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_size_length + packet_size) 418 != count) { 419 printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, 420 packet_size); 421 return -EINVAL; 422 } 423 424 memdup: 425 data = memdup_user(buf, count); 426 if (IS_ERR(data)) { 427 printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", 428 __func__, PTR_ERR(data)); 429 return PTR_ERR(data); 430 } 431 switch (data[PKT_TYPE_OFFSET]) { 432 case ECRYPTFS_MSG_RESPONSE: 433 if (count < (MIN_MSG_PKT_SIZE 434 + sizeof(struct ecryptfs_message))) { 435 printk(KERN_WARNING "%s: Minimum acceptable packet " 436 "size is [%zd], but amount of data written is " 437 "only [%zd]. Discarding response packet.\n", 438 __func__, 439 (MIN_MSG_PKT_SIZE 440 + sizeof(struct ecryptfs_message)), count); 441 rc = -EINVAL; 442 goto out_free; 443 } 444 memcpy(&counter_nbo, &data[PKT_CTR_OFFSET], PKT_CTR_SIZE); 445 seq = be32_to_cpu(counter_nbo); 446 rc = ecryptfs_miscdev_response(file->private_data, 447 &data[PKT_LEN_OFFSET + packet_size_length], 448 packet_size, seq); 449 if (rc) { 450 printk(KERN_WARNING "%s: Failed to deliver miscdev " 451 "response to requesting operation; rc = [%zd]\n", 452 __func__, rc); 453 goto out_free; 454 } 455 break; 456 case ECRYPTFS_MSG_HELO: 457 case ECRYPTFS_MSG_QUIT: 458 break; 459 default: 460 ecryptfs_printk(KERN_WARNING, "Dropping miscdev " 461 "message of unrecognized type [%d]\n", 462 data[0]); 463 rc = -EINVAL; 464 goto out_free; 465 } 466 rc = count; 467 out_free: 468 kfree(data); 469 return rc; 470 } 471 472 473 static const struct file_operations ecryptfs_miscdev_fops = { 474 .open = ecryptfs_miscdev_open, 475 .poll = ecryptfs_miscdev_poll, 476 .read = ecryptfs_miscdev_read, 477 .write = ecryptfs_miscdev_write, 478 .release = ecryptfs_miscdev_release, 479 .llseek = noop_llseek, 480 }; 481 482 static struct miscdevice ecryptfs_miscdev = { 483 .minor = MISC_DYNAMIC_MINOR, 484 .name = "ecryptfs", 485 .fops = &ecryptfs_miscdev_fops 486 }; 487 488 /** 489 * ecryptfs_init_ecryptfs_miscdev 490 * 491 * Messages sent to the userspace daemon from the kernel are placed on 492 * a queue associated with the daemon. The next read against the 493 * miscdev handle by that daemon will return the oldest message placed 494 * on the message queue for the daemon. 495 * 496 * Returns zero on success; non-zero otherwise 497 */ 498 int __init ecryptfs_init_ecryptfs_miscdev(void) 499 { 500 int rc; 501 502 atomic_set(&ecryptfs_num_miscdev_opens, 0); 503 rc = misc_register(&ecryptfs_miscdev); 504 if (rc) 505 printk(KERN_ERR "%s: Failed to register miscellaneous device " 506 "for communications with userspace daemons; rc = [%d]\n", 507 __func__, rc); 508 return rc; 509 } 510 511 /** 512 * ecryptfs_destroy_ecryptfs_miscdev 513 * 514 * All of the daemons must be exorcised prior to calling this 515 * function. 516 */ 517 void ecryptfs_destroy_ecryptfs_miscdev(void) 518 { 519 BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0); 520 misc_deregister(&ecryptfs_miscdev); 521 } 522