2 * eCryptfs: Linux filesystem encryption layer
4 * Copyright (C) 2004-2008 International Business Machines Corp.
5 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
6 * Tyler Hicks <tyhicks@ou.edu>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License version
10 * 2 as published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
22 #include <linux/sched.h>
23 #include <linux/slab.h>
24 #include <linux/user_namespace.h>
25 #include <linux/nsproxy.h>
26 #include "ecryptfs_kernel.h"
28 static LIST_HEAD(ecryptfs_msg_ctx_free_list
);
29 static LIST_HEAD(ecryptfs_msg_ctx_alloc_list
);
30 static struct mutex ecryptfs_msg_ctx_lists_mux
;
32 static struct hlist_head
*ecryptfs_daemon_hash
;
33 struct mutex ecryptfs_daemon_hash_mux
;
34 static int ecryptfs_hash_bits
;
35 #define ecryptfs_uid_hash(uid) \
36 hash_long((unsigned long)uid, ecryptfs_hash_bits)
38 static u32 ecryptfs_msg_counter
;
39 static struct ecryptfs_msg_ctx
*ecryptfs_msg_ctx_arr
;
42 * ecryptfs_acquire_free_msg_ctx
43 * @msg_ctx: The context that was acquired from the free list
45 * Acquires a context element from the free list and locks the mutex
46 * on the context. Sets the msg_ctx task to current. Returns zero on
47 * success; non-zero on error or upon failure to acquire a free
48 * context element. Must be called with ecryptfs_msg_ctx_lists_mux
51 static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx
**msg_ctx
)
56 if (list_empty(&ecryptfs_msg_ctx_free_list
)) {
57 printk(KERN_WARNING
"%s: The eCryptfs free "
58 "context list is empty. It may be helpful to "
59 "specify the ecryptfs_message_buf_len "
60 "parameter to be greater than the current "
61 "value of [%d]\n", __func__
, ecryptfs_message_buf_len
);
65 list_for_each(p
, &ecryptfs_msg_ctx_free_list
) {
66 *msg_ctx
= list_entry(p
, struct ecryptfs_msg_ctx
, node
);
67 if (mutex_trylock(&(*msg_ctx
)->mux
)) {
68 (*msg_ctx
)->task
= current
;
79 * ecryptfs_msg_ctx_free_to_alloc
80 * @msg_ctx: The context to move from the free list to the alloc list
82 * Must be called with ecryptfs_msg_ctx_lists_mux held.
84 static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx
*msg_ctx
)
86 list_move(&msg_ctx
->node
, &ecryptfs_msg_ctx_alloc_list
);
87 msg_ctx
->state
= ECRYPTFS_MSG_CTX_STATE_PENDING
;
88 msg_ctx
->counter
= ++ecryptfs_msg_counter
;
92 * ecryptfs_msg_ctx_alloc_to_free
93 * @msg_ctx: The context to move from the alloc list to the free list
95 * Must be called with ecryptfs_msg_ctx_lists_mux held.
97 void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx
*msg_ctx
)
99 list_move(&(msg_ctx
->node
), &ecryptfs_msg_ctx_free_list
);
103 msg_ctx
->state
= ECRYPTFS_MSG_CTX_STATE_FREE
;
107 * ecryptfs_find_daemon_by_euid
108 * @euid: The effective user id which maps to the desired daemon id
109 * @user_ns: The namespace in which @euid applies
110 * @daemon: If return value is zero, points to the desired daemon pointer
112 * Must be called with ecryptfs_daemon_hash_mux held.
114 * Search the hash list for the given user id.
116 * Returns zero if the user id exists in the list; non-zero otherwise.
118 int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon
**daemon
, uid_t euid
,
119 struct user_namespace
*user_ns
)
121 struct hlist_node
*elem
;
124 hlist_for_each_entry(*daemon
, elem
,
125 &ecryptfs_daemon_hash
[ecryptfs_uid_hash(euid
)],
127 if ((*daemon
)->euid
== euid
&& (*daemon
)->user_ns
== user_ns
) {
138 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
139 * @daemon: Pointer to set to newly allocated daemon struct
140 * @euid: Effective user id for the daemon
141 * @user_ns: The namespace in which @euid applies
142 * @pid: Process id for the daemon
144 * Must be called ceremoniously while in possession of
145 * ecryptfs_sacred_daemon_hash_mux
147 * Returns zero on success; non-zero otherwise
150 ecryptfs_spawn_daemon(struct ecryptfs_daemon
**daemon
, uid_t euid
,
151 struct user_namespace
*user_ns
, struct pid
*pid
)
155 (*daemon
) = kzalloc(sizeof(**daemon
), GFP_KERNEL
);
158 printk(KERN_ERR
"%s: Failed to allocate [%zd] bytes of "
159 "GFP_KERNEL memory\n", __func__
, sizeof(**daemon
));
162 (*daemon
)->euid
= euid
;
163 (*daemon
)->user_ns
= get_user_ns(user_ns
);
164 (*daemon
)->pid
= get_pid(pid
);
165 (*daemon
)->task
= current
;
166 mutex_init(&(*daemon
)->mux
);
167 INIT_LIST_HEAD(&(*daemon
)->msg_ctx_out_queue
);
168 init_waitqueue_head(&(*daemon
)->wait
);
169 (*daemon
)->num_queued_msg_ctx
= 0;
170 hlist_add_head(&(*daemon
)->euid_chain
,
171 &ecryptfs_daemon_hash
[ecryptfs_uid_hash(euid
)]);
177 * ecryptfs_exorcise_daemon - Destroy the daemon struct
179 * Must be called ceremoniously while in possession of
180 * ecryptfs_daemon_hash_mux and the daemon's own mux.
182 int ecryptfs_exorcise_daemon(struct ecryptfs_daemon
*daemon
)
184 struct ecryptfs_msg_ctx
*msg_ctx
, *msg_ctx_tmp
;
187 mutex_lock(&daemon
->mux
);
188 if ((daemon
->flags
& ECRYPTFS_DAEMON_IN_READ
)
189 || (daemon
->flags
& ECRYPTFS_DAEMON_IN_POLL
)) {
191 printk(KERN_WARNING
"%s: Attempt to destroy daemon with pid "
192 "[0x%p], but it is in the midst of a read or a poll\n",
193 __func__
, daemon
->pid
);
194 mutex_unlock(&daemon
->mux
);
197 list_for_each_entry_safe(msg_ctx
, msg_ctx_tmp
,
198 &daemon
->msg_ctx_out_queue
, daemon_out_list
) {
199 list_del(&msg_ctx
->daemon_out_list
);
200 daemon
->num_queued_msg_ctx
--;
201 printk(KERN_WARNING
"%s: Warning: dropping message that is in "
202 "the out queue of a dying daemon\n", __func__
);
203 ecryptfs_msg_ctx_alloc_to_free(msg_ctx
);
205 hlist_del(&daemon
->euid_chain
);
207 wake_up_process(daemon
->task
);
209 put_pid(daemon
->pid
);
211 put_user_ns(daemon
->user_ns
);
212 mutex_unlock(&daemon
->mux
);
219 * ecryptfs_process_reponse
220 * @msg: The ecryptfs message received; the caller should sanity check
221 * msg->data_len and free the memory
222 * @pid: The process ID of the userspace application that sent the
224 * @seq: The sequence number of the message; must match the sequence
225 * number for the existing message context waiting for this
228 * Processes a response message after sending an operation request to
229 * userspace. Some other process is awaiting this response. Before
230 * sending out its first communications, the other process allocated a
231 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
232 * response message contains this index so that we can copy over the
233 * response message into the msg_ctx that the process holds a
234 * reference to. The other process is going to wake up, check to see
235 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
236 * proceed to read off and process the response message. Returns zero
237 * upon delivery to desired context element; non-zero upon delivery
240 * Returns zero on success; non-zero otherwise
242 int ecryptfs_process_response(struct ecryptfs_message
*msg
, uid_t euid
,
243 struct user_namespace
*user_ns
, struct pid
*pid
,
246 struct ecryptfs_daemon
*uninitialized_var(daemon
);
247 struct ecryptfs_msg_ctx
*msg_ctx
;
249 struct nsproxy
*nsproxy
;
250 struct user_namespace
*tsk_user_ns
;
254 if (msg
->index
>= ecryptfs_message_buf_len
) {
256 printk(KERN_ERR
"%s: Attempt to reference "
257 "context buffer at index [%d]; maximum "
258 "allowable is [%d]\n", __func__
, msg
->index
,
259 (ecryptfs_message_buf_len
- 1));
262 msg_ctx
= &ecryptfs_msg_ctx_arr
[msg
->index
];
263 mutex_lock(&msg_ctx
->mux
);
264 mutex_lock(&ecryptfs_daemon_hash_mux
);
266 nsproxy
= task_nsproxy(msg_ctx
->task
);
267 if (nsproxy
== NULL
) {
269 printk(KERN_ERR
"%s: Receiving process is a zombie. Dropping "
270 "message.\n", __func__
);
272 mutex_unlock(&ecryptfs_daemon_hash_mux
);
275 tsk_user_ns
= __task_cred(msg_ctx
->task
)->user_ns
;
276 ctx_euid
= task_euid(msg_ctx
->task
);
277 rc
= ecryptfs_find_daemon_by_euid(&daemon
, ctx_euid
, tsk_user_ns
);
279 mutex_unlock(&ecryptfs_daemon_hash_mux
);
282 printk(KERN_WARNING
"%s: User [%d] received a "
283 "message response from process [0x%p] but does "
284 "not have a registered daemon\n", __func__
,
288 if (ctx_euid
!= euid
) {
290 printk(KERN_WARNING
"%s: Received message from user "
291 "[%d]; expected message from user [%d]\n", __func__
,
295 if (tsk_user_ns
!= user_ns
) {
297 printk(KERN_WARNING
"%s: Received message from user_ns "
298 "[0x%p]; expected message from user_ns [0x%p]\n",
299 __func__
, user_ns
, tsk_user_ns
);
302 if (daemon
->pid
!= pid
) {
304 printk(KERN_ERR
"%s: User [%d] sent a message response "
305 "from an unrecognized process [0x%p]\n",
306 __func__
, ctx_euid
, pid
);
309 if (msg_ctx
->state
!= ECRYPTFS_MSG_CTX_STATE_PENDING
) {
311 printk(KERN_WARNING
"%s: Desired context element is not "
312 "pending a response\n", __func__
);
314 } else if (msg_ctx
->counter
!= seq
) {
316 printk(KERN_WARNING
"%s: Invalid message sequence; "
317 "expected [%d]; received [%d]\n", __func__
,
318 msg_ctx
->counter
, seq
);
321 msg_size
= (sizeof(*msg
) + msg
->data_len
);
322 msg_ctx
->msg
= kmalloc(msg_size
, GFP_KERNEL
);
325 printk(KERN_ERR
"%s: Failed to allocate [%zd] bytes of "
326 "GFP_KERNEL memory\n", __func__
, msg_size
);
329 memcpy(msg_ctx
->msg
, msg
, msg_size
);
330 msg_ctx
->state
= ECRYPTFS_MSG_CTX_STATE_DONE
;
333 wake_up_process(msg_ctx
->task
);
335 mutex_unlock(&msg_ctx
->mux
);
341 * ecryptfs_send_message_locked
342 * @data: The data to send
343 * @data_len: The length of data
344 * @msg_ctx: The message context allocated for the send
346 * Must be called with ecryptfs_daemon_hash_mux held.
348 * Returns zero on success; non-zero otherwise
351 ecryptfs_send_message_locked(char *data
, int data_len
, u8 msg_type
,
352 struct ecryptfs_msg_ctx
**msg_ctx
)
354 struct ecryptfs_daemon
*daemon
;
355 uid_t euid
= current_euid();
358 rc
= ecryptfs_find_daemon_by_euid(&daemon
, euid
, current_user_ns());
361 printk(KERN_ERR
"%s: User [%d] does not have a daemon "
362 "registered\n", __func__
, euid
);
365 mutex_lock(&ecryptfs_msg_ctx_lists_mux
);
366 rc
= ecryptfs_acquire_free_msg_ctx(msg_ctx
);
368 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
369 printk(KERN_WARNING
"%s: Could not claim a free "
370 "context element\n", __func__
);
373 ecryptfs_msg_ctx_free_to_alloc(*msg_ctx
);
374 mutex_unlock(&(*msg_ctx
)->mux
);
375 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
376 rc
= ecryptfs_send_miscdev(data
, data_len
, *msg_ctx
, msg_type
, 0,
379 printk(KERN_ERR
"%s: Error attempting to send message to "
380 "userspace daemon; rc = [%d]\n", __func__
, rc
);
386 * ecryptfs_send_message
387 * @data: The data to send
388 * @data_len: The length of data
389 * @msg_ctx: The message context allocated for the send
391 * Grabs ecryptfs_daemon_hash_mux.
393 * Returns zero on success; non-zero otherwise
395 int ecryptfs_send_message(char *data
, int data_len
,
396 struct ecryptfs_msg_ctx
**msg_ctx
)
400 mutex_lock(&ecryptfs_daemon_hash_mux
);
401 rc
= ecryptfs_send_message_locked(data
, data_len
, ECRYPTFS_MSG_REQUEST
,
403 mutex_unlock(&ecryptfs_daemon_hash_mux
);
408 * ecryptfs_wait_for_response
409 * @msg_ctx: The context that was assigned when sending a message
410 * @msg: The incoming message from userspace; not set if rc != 0
412 * Sleeps until awaken by ecryptfs_receive_message or until the amount
413 * of time exceeds ecryptfs_message_wait_timeout. If zero is
414 * returned, msg will point to a valid message from userspace; a
415 * non-zero value is returned upon failure to receive a message or an
416 * error occurs. Callee must free @msg on success.
418 int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx
*msg_ctx
,
419 struct ecryptfs_message
**msg
)
421 signed long timeout
= ecryptfs_message_wait_timeout
* HZ
;
425 timeout
= schedule_timeout_interruptible(timeout
);
426 mutex_lock(&ecryptfs_msg_ctx_lists_mux
);
427 mutex_lock(&msg_ctx
->mux
);
428 if (msg_ctx
->state
!= ECRYPTFS_MSG_CTX_STATE_DONE
) {
430 mutex_unlock(&msg_ctx
->mux
);
431 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
439 ecryptfs_msg_ctx_alloc_to_free(msg_ctx
);
440 mutex_unlock(&msg_ctx
->mux
);
441 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
445 int __init
ecryptfs_init_messaging(void)
450 if (ecryptfs_number_of_users
> ECRYPTFS_MAX_NUM_USERS
) {
451 ecryptfs_number_of_users
= ECRYPTFS_MAX_NUM_USERS
;
452 printk(KERN_WARNING
"%s: Specified number of users is "
453 "too large, defaulting to [%d] users\n", __func__
,
454 ecryptfs_number_of_users
);
456 mutex_init(&ecryptfs_daemon_hash_mux
);
457 mutex_lock(&ecryptfs_daemon_hash_mux
);
458 ecryptfs_hash_bits
= 1;
459 while (ecryptfs_number_of_users
>> ecryptfs_hash_bits
)
460 ecryptfs_hash_bits
++;
461 ecryptfs_daemon_hash
= kmalloc((sizeof(struct hlist_head
)
462 * (1 << ecryptfs_hash_bits
)),
464 if (!ecryptfs_daemon_hash
) {
466 printk(KERN_ERR
"%s: Failed to allocate memory\n", __func__
);
467 mutex_unlock(&ecryptfs_daemon_hash_mux
);
470 for (i
= 0; i
< (1 << ecryptfs_hash_bits
); i
++)
471 INIT_HLIST_HEAD(&ecryptfs_daemon_hash
[i
]);
472 mutex_unlock(&ecryptfs_daemon_hash_mux
);
473 ecryptfs_msg_ctx_arr
= kmalloc((sizeof(struct ecryptfs_msg_ctx
)
474 * ecryptfs_message_buf_len
),
476 if (!ecryptfs_msg_ctx_arr
) {
478 printk(KERN_ERR
"%s: Failed to allocate memory\n", __func__
);
481 mutex_init(&ecryptfs_msg_ctx_lists_mux
);
482 mutex_lock(&ecryptfs_msg_ctx_lists_mux
);
483 ecryptfs_msg_counter
= 0;
484 for (i
= 0; i
< ecryptfs_message_buf_len
; i
++) {
485 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr
[i
].node
);
486 INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr
[i
].daemon_out_list
);
487 mutex_init(&ecryptfs_msg_ctx_arr
[i
].mux
);
488 mutex_lock(&ecryptfs_msg_ctx_arr
[i
].mux
);
489 ecryptfs_msg_ctx_arr
[i
].index
= i
;
490 ecryptfs_msg_ctx_arr
[i
].state
= ECRYPTFS_MSG_CTX_STATE_FREE
;
491 ecryptfs_msg_ctx_arr
[i
].counter
= 0;
492 ecryptfs_msg_ctx_arr
[i
].task
= NULL
;
493 ecryptfs_msg_ctx_arr
[i
].msg
= NULL
;
494 list_add_tail(&ecryptfs_msg_ctx_arr
[i
].node
,
495 &ecryptfs_msg_ctx_free_list
);
496 mutex_unlock(&ecryptfs_msg_ctx_arr
[i
].mux
);
498 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
499 rc
= ecryptfs_init_ecryptfs_miscdev();
501 ecryptfs_release_messaging();
506 void ecryptfs_release_messaging(void)
508 if (ecryptfs_msg_ctx_arr
) {
511 mutex_lock(&ecryptfs_msg_ctx_lists_mux
);
512 for (i
= 0; i
< ecryptfs_message_buf_len
; i
++) {
513 mutex_lock(&ecryptfs_msg_ctx_arr
[i
].mux
);
514 if (ecryptfs_msg_ctx_arr
[i
].msg
)
515 kfree(ecryptfs_msg_ctx_arr
[i
].msg
);
516 mutex_unlock(&ecryptfs_msg_ctx_arr
[i
].mux
);
518 kfree(ecryptfs_msg_ctx_arr
);
519 mutex_unlock(&ecryptfs_msg_ctx_lists_mux
);
521 if (ecryptfs_daemon_hash
) {
522 struct hlist_node
*elem
;
523 struct ecryptfs_daemon
*daemon
;
526 mutex_lock(&ecryptfs_daemon_hash_mux
);
527 for (i
= 0; i
< (1 << ecryptfs_hash_bits
); i
++) {
530 hlist_for_each_entry(daemon
, elem
,
531 &ecryptfs_daemon_hash
[i
],
533 rc
= ecryptfs_exorcise_daemon(daemon
);
535 printk(KERN_ERR
"%s: Error whilst "
536 "attempting to destroy daemon; "
537 "rc = [%d]. Dazed and confused, "
538 "but trying to continue.\n",
542 kfree(ecryptfs_daemon_hash
);
543 mutex_unlock(&ecryptfs_daemon_hash_mux
);
545 ecryptfs_destroy_ecryptfs_miscdev();