| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This patch fixes the processes involved in wiping regions of the data during
truncate and write events, fixing a kernel hang in 2.6.22-rc4 while assuring
that zero values are written out to the appropriate locations during events in
which the i_size will change.
The range passed to ecryptfs_truncate() from ecryptfs_prepare_write() includes
the page that is the object of ecryptfs_prepare_write(). This leads to a
kernel hang as read_cache_page() is executed on the same page in the
ecryptfs_truncate() execution path. This patch remedies this by limiting the
range passed to ecryptfs_truncate() so as to exclude the page that is the
object of ecryptfs_prepare_write(); it also adds code to
ecryptfs_prepare_write() to zero out the region of its own page when writing
past the i_size position. This patch also modifies ecryptfs_truncate() so
that when a file is truncated to a smaller size, eCryptfs will zero out the
contents of the new last page from the new size through to the end of the last
page.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
ecryptfs uses a lock_parent() function, which I hope really locks the parents
and is not abused
Signed-off-by: Peter Zijlstra <[email protected]>
Cc: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
- ecryptfs_write_inode_size_to_metadata() error code was ignored.
- i_op->setxattr() must be supported by lower fs because used below.
Signed-off-by: Monakhov Dmitriy <[email protected]>
Acked-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
O_LARGEFILE should be set here when opening the lower file.
Signed-off-by: Michael Halcrow <[email protected]>
Cc: Dmitriy Monakhov <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Many struct inode_operations in the kernel can be "const". Marking them const
moves these to the .rodata section, which avoids false sharing with potential
dirty data. In addition it'll catch accidental writes at compile time to
these shared resources.
Signed-off-by: Arjan van de Ven <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Open-code flag checking and manipulation.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Trevor Highland <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
sys_write() takes a local copy of f_pos and writes that back
into the struct file. It does this so that two concurrent write()
callers don't make a mess of f_pos, and of the file contents.
ecryptfs should be calling vfs_write(). That way we also get the fsnotify
notifications, which ecryptfs presently appears to have subverted.
Convert direct calls to f_op->write() into calls to vfs_write().
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Provide an option to provide a view of the encrypted files such that the
metadata is always in the header of the files, regardless of whether the
metadata is actually in the header or in the extended attribute. This mode of
operation is useful for applications like incremental backup utilities that do
not preserve the extended attributes when directly accessing the lower files.
With this option enabled, the files under the eCryptfs mount point will be
read-only.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Generalize the metadata reading and writing mechanisms, with two targets for
now: metadata in file header and metadata in the user.ecryptfs xattr of the
lower file.
[[email protected]: printk warning fix]
[[email protected]: make some needlessly global code static]
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Replace appropriate pairs of "kmem_cache_alloc()" + "memset(0)" with the
corresponding "kmem_cache_zalloc()" call.
Signed-off-by: Robert P. J. Day <[email protected]>
Cc: "Luck, Tony" <[email protected]>
Cc: Andi Kleen <[email protected]>
Cc: Roland McGrath <[email protected]>
Cc: James Bottomley <[email protected]>
Cc: Greg KH <[email protected]>
Acked-by: Joel Becker <[email protected]>
Cc: Steven Whitehouse <[email protected]>
Cc: Jan Kara <[email protected]>
Cc: Michael Halcrow <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Stephen Smalley <[email protected]>
Cc: James Morris <[email protected]>
Cc: Chris Wright <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Change all the uses of f_{dentry,vfsmnt} to f_path.{dentry,mnt} in the
ecryptfs filesystem.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Replace eCryptfs specific code & calls with the more generic fsstack
equivalents and remove the eCryptfs specific functions.
Signed-off-by: Josef "Jeff" Sipek <[email protected]>
Cc: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
SLAB_KERNEL is an alias of GFP_KERNEL.
Signed-off-by: Christoph Lameter <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
SLAB_USER is an alias of GFP_USER
Signed-off-by: Christoph Lameter <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
When CIFS is the lower filesystem, the old lower dentry needs to be explicitly
dropped from inside eCryptfs to force a revalidate. In addition, when CIFS is
the lower filesystem, the inode attributes need to be copied back up from the
lower inode to the eCryptfs inode on an eCryptfs revalidate.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
On rename, for both the old and new lower dentry objects, eCryptfs is
missing a dput on the lower parent directory dentry. This patch will
prevent the BUG() at fs/dcache.c:613 from being hit after renaming a file
inside eCryptfs and then doing a umount on the lower filesystem.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Fix the use of dget/dput calls to balance out on the lower filesystem.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Opens on lower dentry objects happen in several places in eCryptfs, and they
all involve the same steps (dget, mntget, dentry_open). This patch
consolidates the lower open events into a single function call.
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
eCryptfs is a stacked cryptographic filesystem for Linux. It is derived from
Erez Zadok's Cryptfs, implemented through the FiST framework for generating
stacked filesystems. eCryptfs extends Cryptfs to provide advanced key
management and policy features. eCryptfs stores cryptographic metadata in the
header of each file written, so that encrypted files can be copied between
hosts; the file will be decryptable with the proper key, and there is no need
to keep track of any additional information aside from what is already in the
encrypted file itself.
[[email protected]: updates for ongoing API changes]
[[email protected]: cleanups]
[[email protected]: alpha build fix]
[[email protected]: cleanups]
[[email protected]: inode-diet updates]
[[email protected]: generic_file_*_read/write() interface updates]
[[email protected]: printk format fixes]
[[email protected]: make slab creation and teardown table-driven]
Signed-off-by: Phillip Hellewell <[email protected]>
Signed-off-by: Michael Halcrow <[email protected]>
Signed-off-by: Erez Zadok <[email protected]>
Signed-off-by: Adrian Bunk <[email protected]>
Signed-off-by: Stephan Mueller <[email protected]>
Signed-off-by: "Theodore Ts'o" <[email protected]>
Signed-off-by: Badari Pulavarty <[email protected]>
Signed-off-by: Randy Dunlap <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|