Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 60d65f1f07
Branches Tags
linux-vybrid_pu...
/
fs
/
ecryptfs
/
miscdev.c

miscdev.c 17 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558 
  1. /**
    2. 

  2.  * eCryptfs: Linux filesystem encryption layer
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2008 International Business Machines Corp.
    5. 

  5.  *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
    6. 

  6.  *
    7. 

  7.  * This program is free software; you can redistribute it and/or
    8. 

  8.  * modify it under the terms of the GNU General Public License version
    9. 

  9.  * 2 as published by the Free Software Foundation.
    10. 

  10.  *
    11. 

  11.  * This program is distributed in the hope that it will be useful, but
    12. 

  12.  * WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    14. 

  14.  * General Public License for more details.
    15. 

  15.  *
    16. 

  16.  * You should have received a copy of the GNU General Public License
    17. 

  17.  * along with this program; if not, write to the Free Software
    18. 

  18.  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
    19. 

  19.  * 02111-1307, USA.
    20. 

  20.  */
    21. 

  21. 

  22. #include <linux/fs.h>
    23. 

  23. #include <linux/hash.h>
    24. 

  24. #include <linux/random.h>
    25. 

  25. #include <linux/miscdevice.h>
    26. 

  26. #include <linux/poll.h>
    27. 

  27. #include <linux/slab.h>
    28. 

  28. #include <linux/wait.h>
    29. 

  29. #include <linux/module.h>
    30. 

  30. #include "ecryptfs_kernel.h"
    31. 

  31. 

  32. static atomic_t ecryptfs_num_miscdev_opens;
    33. 

  33. 

  34. /**
    35. 

  35.  * ecryptfs_miscdev_poll
    36. 

  36.  * @file: dev file (ignored)
    37. 

  37.  * @pt: dev poll table (ignored)
    38. 

  38.  *
    39. 

  39.  * Returns the poll mask
    40. 

  40.  */
    41. 

  41. static unsigned int
    42. 

  42. ecryptfs_miscdev_poll(struct file *file, poll_table *pt)
    43. 

  43. {
    44. 

  44. 	struct ecryptfs_daemon *daemon;
    45. 

  45. 	unsigned int mask = 0;
    46. 

  46. 	uid_t euid = current_euid();
    47. 

  47. 	int rc;
    48. 

  48. 

  49. 	mutex_lock(&ecryptfs_daemon_hash_mux);
    50. 

  50. 	/* TODO: Just use file->private_data? */
    51. 

  51. 	rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
    52. 

  52. 	BUG_ON(rc || !daemon);
    53. 

  53. 	mutex_lock(&daemon->mux);
    54. 

  54. 	mutex_unlock(&ecryptfs_daemon_hash_mux);
    55. 

  55. 	if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
    56. 

  56. 		printk(KERN_WARNING "%s: Attempt to poll on zombified "
    57. 

  57. 		       "daemon\n", __func__);
    58. 

  58. 		goto out_unlock_daemon;
    59. 

  59. 	}
    60. 

  60. 	if (daemon->flags & ECRYPTFS_DAEMON_IN_READ)
    61. 

  61. 		goto out_unlock_daemon;
    62. 

  62. 	if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)
    63. 

  63. 		goto out_unlock_daemon;
    64. 

  64. 	daemon->flags |= ECRYPTFS_DAEMON_IN_POLL;
    65. 

  65. 	mutex_unlock(&daemon->mux);
    66. 

  66. 	poll_wait(file, &daemon->wait, pt);
    67. 

  67. 	mutex_lock(&daemon->mux);
    68. 

  68. 	if (!list_empty(&daemon->msg_ctx_out_queue))
    69. 

  69. 		mask |= POLLIN | POLLRDNORM;
    70. 

  70. out_unlock_daemon:
    71. 

  71. 	daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL;
    72. 

  72. 	mutex_unlock(&daemon->mux);
    73. 

  73. 	return mask;
    74. 

  74. }
    75. 

  75. 

  76. /**
    77. 

  77.  * ecryptfs_miscdev_open
    78. 

  78.  * @inode: inode of miscdev handle (ignored)
    79. 

  79.  * @file: file for miscdev handle (ignored)
    80. 

  80.  *
    81. 

  81.  * Returns zero on success; non-zero otherwise
    82. 

  82.  */
    83. 

  83. static int
    84. 

  84. ecryptfs_miscdev_open(struct inode *inode, struct file *file)
    85. 

  85. {
    86. 

  86. 	struct ecryptfs_daemon *daemon = NULL;
    87. 

  87. 	uid_t euid = current_euid();
    88. 

  88. 	int rc;
    89. 

  89. 

  90. 	mutex_lock(&ecryptfs_daemon_hash_mux);
    91. 

  91. 	rc = try_module_get(THIS_MODULE);
    92. 

  92. 	if (rc == 0) {
    93. 

  93. 		rc = -EIO;
    94. 

  94. 		printk(KERN_ERR "%s: Error attempting to increment module use "
    95. 

  95. 		       "count; rc = [%d]\n", __func__, rc);
    96. 

  96. 		goto out_unlock_daemon_list;
    97. 

  97. 	}
    98. 

  98. 	rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
    99. 

  99. 	if (rc || !daemon) {
    100. 

  100. 		rc = ecryptfs_spawn_daemon(&daemon, euid, current_user_ns(),
    101. 

  101. 					   task_pid(current));
    102. 

  102. 		if (rc) {
    103. 

  103. 			printk(KERN_ERR "%s: Error attempting to spawn daemon; "
    104. 

  104. 			       "rc = [%d]\n", __func__, rc);
    105. 

  105. 			goto out_module_put_unlock_daemon_list;
    106. 

  106. 		}
    107. 

  107. 	}
    108. 

  108. 	mutex_lock(&daemon->mux);
    109. 

  109. 	if (daemon->pid != task_pid(current)) {
    110. 

  110. 		rc = -EINVAL;
    111. 

  111. 		printk(KERN_ERR "%s: pid [0x%p] has registered with euid [%d], "
    112. 

  112. 		       "but pid [0x%p] has attempted to open the handle "
    113. 

  113. 		       "instead\n", __func__, daemon->pid, daemon->euid,
    114. 

  114. 		       task_pid(current));
    115. 

  115. 		goto out_unlock_daemon;
    116. 

  116. 	}
    117. 

  117. 	if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) {
    118. 

  118. 		rc = -EBUSY;
    119. 

  119. 		printk(KERN_ERR "%s: Miscellaneous device handle may only be "
    120. 

  120. 		       "opened once per daemon; pid [0x%p] already has this "
    121. 

  121. 		       "handle open\n", __func__, daemon->pid);
    122. 

  122. 		goto out_unlock_daemon;
    123. 

  123. 	}
    124. 

  124. 	daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN;
    125. 

  125. 	atomic_inc(&ecryptfs_num_miscdev_opens);
    126. 

  126. out_unlock_daemon:
    127. 

  127. 	mutex_unlock(&daemon->mux);
    128. 

  128. out_module_put_unlock_daemon_list:
    129. 

  129. 	if (rc)
    130. 

  130. 		module_put(THIS_MODULE);
    131. 

  131. out_unlock_daemon_list:
    132. 

  132. 	mutex_unlock(&ecryptfs_daemon_hash_mux);
    133. 

  133. 	return rc;
    134. 

  134. }
    135. 

  135. 

  136. /**
    137. 

  137.  * ecryptfs_miscdev_release
    138. 

  138.  * @inode: inode of fs/ecryptfs/euid handle (ignored)
    139. 

  139.  * @file: file for fs/ecryptfs/euid handle (ignored)
    140. 

  140.  *
    141. 

  141.  * This keeps the daemon registered until the daemon sends another
    142. 

  142.  * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters.
    143. 

  143.  *
    144. 

  144.  * Returns zero on success; non-zero otherwise
    145. 

  145.  */
    146. 

  146. static int
    147. 

  147. ecryptfs_miscdev_release(struct inode *inode, struct file *file)
    148. 

  148. {
    149. 

  149. 	struct ecryptfs_daemon *daemon = NULL;
    150. 

  150. 	uid_t euid = current_euid();
    151. 

  151. 	int rc;
    152. 

  152. 

  153. 	mutex_lock(&ecryptfs_daemon_hash_mux);
    154. 

  154. 	rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
    155. 

  155. 	BUG_ON(rc || !daemon);
    156. 

  156. 	mutex_lock(&daemon->mux);
    157. 

  157. 	BUG_ON(daemon->pid != task_pid(current));
    158. 

  158. 	BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN));
    159. 

  159. 	daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN;
    160. 

  160. 	atomic_dec(&ecryptfs_num_miscdev_opens);
    161. 

  161. 	mutex_unlock(&daemon->mux);
    162. 

  162. 	rc = ecryptfs_exorcise_daemon(daemon);
    163. 

  163. 	if (rc) {
    164. 

  164. 		printk(KERN_CRIT "%s: Fatal error whilst attempting to "
    165. 

  165. 		       "shut down daemon; rc = [%d]. Please report this "
    166. 

  166. 		       "bug.\n", __func__, rc);
    167. 

  167. 		BUG();
    168. 

  168. 	}
    169. 

  169. 	module_put(THIS_MODULE);
    170. 

  170. 	mutex_unlock(&ecryptfs_daemon_hash_mux);
    171. 

  171. 	return rc;
    172. 

  172. }
    173. 

  173. 

  174. /**
    175. 

  175.  * ecryptfs_send_miscdev
    176. 

  176.  * @data: Data to send to daemon; may be NULL
    177. 

  177.  * @data_size: Amount of data to send to daemon
    178. 

  178.  * @msg_ctx: Message context, which is used to handle the reply. If
    179. 

  179.  *           this is NULL, then we do not expect a reply.
    180. 

  180.  * @msg_type: Type of message
    181. 

  181.  * @msg_flags: Flags for message
    182. 

  182.  * @daemon: eCryptfs daemon object
    183. 

  183.  *
    184. 

  184.  * Add msg_ctx to queue and then, if it exists, notify the blocked
    185. 

  185.  * miscdevess about the data being available. Must be called with
    186. 

  186.  * ecryptfs_daemon_hash_mux held.
    187. 

  187.  *
    188. 

  188.  * Returns zero on success; non-zero otherwise
    189. 

  189.  */
    190. 

  190. int ecryptfs_send_miscdev(char *data, size_t data_size,
    191. 

  191. 			  struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
    192. 

  192. 			  u16 msg_flags, struct ecryptfs_daemon *daemon)
    193. 

  193. {
    194. 

  194. 	struct ecryptfs_message *msg;
    195. 

  195. 

  196. 	msg = kmalloc((sizeof(*msg) + data_size), GFP_KERNEL);
    197. 

  197. 	if (!msg) {
    198. 

  198. 		printk(KERN_ERR "%s: Out of memory whilst attempting "
    199. 

  199. 		       "to kmalloc(%zd, GFP_KERNEL)\n", __func__,
    200. 

  200. 		       (sizeof(*msg) + data_size));
    201. 

  201. 		return -ENOMEM;
    202. 

  202. 	}
    203. 

  203. 

  204. 	mutex_lock(&msg_ctx->mux);
    205. 

  205. 	msg_ctx->msg = msg;
    206. 

  206. 	msg_ctx->msg->index = msg_ctx->index;
    207. 

  207. 	msg_ctx->msg->data_len = data_size;
    208. 

  208. 	msg_ctx->type = msg_type;
    209. 

  209. 	memcpy(msg_ctx->msg->data, data, data_size);
    210. 

  210. 	msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size);
    211. 

  211. 	list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue);
    212. 

  212. 	mutex_unlock(&msg_ctx->mux);
    213. 

  213. 

  214. 	mutex_lock(&daemon->mux);
    215. 

  215. 	daemon->num_queued_msg_ctx++;
    216. 

  216. 	wake_up_interruptible(&daemon->wait);
    217. 

  217. 	mutex_unlock(&daemon->mux);
    218. 

  218. 

  219. 	return 0;
    220. 

  220. }
    221. 

  221. 

  222. /*
    223. 

  223.  * miscdevfs packet format:
    224. 

  224.  *  Octet 0: Type
    225. 

  225.  *  Octets 1-4: network byte order msg_ctx->counter
    226. 

  226.  *  Octets 5-N0: Size of struct ecryptfs_message to follow
    227. 

  227.  *  Octets N0-N1: struct ecryptfs_message (including data)
    228. 

  228.  *
    229. 

  229.  *  Octets 5-N1 not written if the packet type does not include a message
    230. 

  230.  */
    231. 

  231. #define PKT_TYPE_SIZE		1
    232. 

  232. #define PKT_CTR_SIZE		4
    233. 

  233. #define MIN_NON_MSG_PKT_SIZE	(PKT_TYPE_SIZE + PKT_CTR_SIZE)
    234. 

  234. #define MIN_MSG_PKT_SIZE	(PKT_TYPE_SIZE + PKT_CTR_SIZE \
    235. 

  235. 				 + ECRYPTFS_MIN_PKT_LEN_SIZE)
    236. 

  236. /* 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES comes from tag 65 packet format */
    237. 

  237. #define MAX_MSG_PKT_SIZE	(PKT_TYPE_SIZE + PKT_CTR_SIZE \
    238. 

  238. 				 + ECRYPTFS_MAX_PKT_LEN_SIZE \
    239. 

  239. 				 + sizeof(struct ecryptfs_message) \
    240. 

  240. 				 + 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)
    241. 

  241. #define PKT_TYPE_OFFSET		0
    242. 

  242. #define PKT_CTR_OFFSET		PKT_TYPE_SIZE
    243. 

  243. #define PKT_LEN_OFFSET		(PKT_TYPE_SIZE + PKT_CTR_SIZE)
    244. 

  244. 

  245. /**
    246. 

  246.  * ecryptfs_miscdev_read - format and send message from queue
    247. 

  247.  * @file: fs/ecryptfs/euid miscdevfs handle (ignored)
    248. 

  248.  * @buf: User buffer into which to copy the next message on the daemon queue
    249. 

  249.  * @count: Amount of space available in @buf
    250. 

  250.  * @ppos: Offset in file (ignored)
    251. 

  251.  *
    252. 

  252.  * Pulls the most recent message from the daemon queue, formats it for
    253. 

  253.  * being sent via a miscdevfs handle, and copies it into @buf
    254. 

  254.  *
    255. 

  255.  * Returns the number of bytes copied into the user buffer
    256. 

  256.  */
    257. 

  257. static ssize_t
    258. 

  258. ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
    259. 

  259. 		      loff_t *ppos)
    260. 

  260. {
    261. 

  261. 	struct ecryptfs_daemon *daemon;
    262. 

  262. 	struct ecryptfs_msg_ctx *msg_ctx;
    263. 

  263. 	size_t packet_length_size;
    264. 

  264. 	char packet_length[ECRYPTFS_MAX_PKT_LEN_SIZE];
    265. 

  265. 	size_t i;
    266. 

  266. 	size_t total_length;
    267. 

  267. 	uid_t euid = current_euid();
    268. 

  268. 	int rc;
    269. 

  269. 

  270. 	mutex_lock(&ecryptfs_daemon_hash_mux);
    271. 

  271. 	/* TODO: Just use file->private_data? */
    272. 

  272. 	rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns());
    273. 

  273. 	BUG_ON(rc || !daemon);
    274. 

  274. 	mutex_lock(&daemon->mux);
    275. 

  275. 	if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
    276. 

  276. 		rc = 0;
    277. 

  277. 		mutex_unlock(&ecryptfs_daemon_hash_mux);
    278. 

  278. 		printk(KERN_WARNING "%s: Attempt to read from zombified "
    279. 

  279. 		       "daemon\n", __func__);
    280. 

  280. 		goto out_unlock_daemon;
    281. 

  281. 	}
    282. 

  282. 	if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) {
    283. 

  283. 		rc = 0;
    284. 

  284. 		mutex_unlock(&ecryptfs_daemon_hash_mux);
    285. 

  285. 		goto out_unlock_daemon;
    286. 

  286. 	}
    287. 

  287. 	/* This daemon will not go away so long as this flag is set */
    288. 

  288. 	daemon->flags |= ECRYPTFS_DAEMON_IN_READ;
    289. 

  289. 	mutex_unlock(&ecryptfs_daemon_hash_mux);
    290. 

  290. check_list:
    291. 

  291. 	if (list_empty(&daemon->msg_ctx_out_queue)) {
    292. 

  292. 		mutex_unlock(&daemon->mux);
    293. 

  293. 		rc = wait_event_interruptible(
    294. 

  294. 			daemon->wait, !list_empty(&daemon->msg_ctx_out_queue));
    295. 

  295. 		mutex_lock(&daemon->mux);
    296. 

  296. 		if (rc < 0) {
    297. 

  297. 			rc = 0;
    298. 

  298. 			goto out_unlock_daemon;
    299. 

  299. 		}
    300. 

  300. 	}
    301. 

  301. 	if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
    302. 

  302. 		rc = 0;
    303. 

  303. 		goto out_unlock_daemon;
    304. 

  304. 	}
    305. 

  305. 	if (list_empty(&daemon->msg_ctx_out_queue)) {
    306. 

  306. 		/* Something else jumped in since the
    307. 

  307. 		 * wait_event_interruptable() and removed the
    308. 

  308. 		 * message from the queue; try again */
    309. 

  309. 		goto check_list;
    310. 

  310. 	}
    311. 

  311. 	BUG_ON(euid != daemon->euid);
    312. 

  312. 	BUG_ON(current_user_ns() != daemon->user_ns);
    313. 

  313. 	BUG_ON(task_pid(current) != daemon->pid);
    314. 

  314. 	msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue,
    315. 

  315. 				   struct ecryptfs_msg_ctx, daemon_out_list);
    316. 

  316. 	BUG_ON(!msg_ctx);
    317. 

  317. 	mutex_lock(&msg_ctx->mux);
    318. 

  318. 	if (msg_ctx->msg) {
    319. 

  319. 		rc = ecryptfs_write_packet_length(packet_length,
    320. 

  320. 						  msg_ctx->msg_size,
    321. 

  321. 						  &packet_length_size);
    322. 

  322. 		if (rc) {
    323. 

  323. 			rc = 0;
    324. 

  324. 			printk(KERN_WARNING "%s: Error writing packet length; "
    325. 

  325. 			       "rc = [%d]\n", __func__, rc);
    326. 

  326. 			goto out_unlock_msg_ctx;
    327. 

  327. 		}
    328. 

  328. 	} else {
    329. 

  329. 		packet_length_size = 0;
    330. 

  330. 		msg_ctx->msg_size = 0;
    331. 

  331. 	}
    332. 

  332. 	total_length = (PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_length_size
    333. 

  333. 			+ msg_ctx->msg_size);
    334. 

  334. 	if (count < total_length) {
    335. 

  335. 		rc = 0;
    336. 

  336. 		printk(KERN_WARNING "%s: Only given user buffer of "
    337. 

  337. 		       "size [%zd], but we need [%zd] to read the "
    338. 

  338. 		       "pending message\n", __func__, count, total_length);
    339. 

  339. 		goto out_unlock_msg_ctx;
    340. 

  340. 	}
    341. 

  341. 	rc = -EFAULT;
    342. 

  342. 	if (put_user(msg_ctx->type, buf))
    343. 

  343. 		goto out_unlock_msg_ctx;
    344. 

  344. 	if (put_user(cpu_to_be32(msg_ctx->counter),
    345. 

  345. 		     (__be32 __user *)(&buf[PKT_CTR_OFFSET])))
    346. 

  346. 		goto out_unlock_msg_ctx;
    347. 

  347. 	i = PKT_TYPE_SIZE + PKT_CTR_SIZE;
    348. 

  348. 	if (msg_ctx->msg) {
    349. 

  349. 		if (copy_to_user(&buf[i], packet_length, packet_length_size))
    350. 

  350. 			goto out_unlock_msg_ctx;
    351. 

  351. 		i += packet_length_size;
    352. 

  352. 		if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
    353. 

  353. 			goto out_unlock_msg_ctx;
    354. 

  354. 		i += msg_ctx->msg_size;
    355. 

  355. 	}
    356. 

  356. 	rc = i;
    357. 

  357. 	list_del(&msg_ctx->daemon_out_list);
    358. 

  358. 	kfree(msg_ctx->msg);
    359. 

  359. 	msg_ctx->msg = NULL;
    360. 

  360. 	/* We do not expect a reply from the userspace daemon for any
    361. 

  361. 	 * message type other than ECRYPTFS_MSG_REQUEST */
    362. 

  362. 	if (msg_ctx->type != ECRYPTFS_MSG_REQUEST)
    363. 

  363. 		ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
    364. 

  364. out_unlock_msg_ctx:
    365. 

  365. 	mutex_unlock(&msg_ctx->mux);
    366. 

  366. out_unlock_daemon:
    367. 

  367. 	daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ;
    368. 

  368. 	mutex_unlock(&daemon->mux);
    369. 

  369. 	return rc;
    370. 

  370. }
    371. 

  371. 

  372. /**
    373. 

  373.  * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon
    374. 

  374.  * @data: Bytes comprising struct ecryptfs_message
    375. 

  375.  * @data_size: sizeof(struct ecryptfs_message) + data len
    376. 

  376.  * @euid: Effective user id of miscdevess sending the miscdev response
    377. 

  377.  * @user_ns: The namespace in which @euid applies
    378. 

  378.  * @pid: Miscdevess id of miscdevess sending the miscdev response
    379. 

  379.  * @seq: Sequence number for miscdev response packet
    380. 

  380.  *
    381. 

  381.  * Returns zero on success; non-zero otherwise
    382. 

  382.  */
    383. 

  383. static int ecryptfs_miscdev_response(char *data, size_t data_size,
    384. 

  384. 				     uid_t euid, struct user_namespace *user_ns,
    385. 

  385. 				     struct pid *pid, u32 seq)
    386. 

  386. {
    387. 

  387. 	struct ecryptfs_message *msg = (struct ecryptfs_message *)data;
    388. 

  388. 	int rc;
    389. 

  389. 

  390. 	if ((sizeof(*msg) + msg->data_len) != data_size) {
    391. 

  391. 		printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = "
    392. 

  392. 		       "[%zd]; data_size = [%zd]. Invalid packet.\n", __func__,
    393. 

  393. 		       (sizeof(*msg) + msg->data_len), data_size);
    394. 

  394. 		rc = -EINVAL;
    395. 

  395. 		goto out;
    396. 

  396. 	}
    397. 

  397. 	rc = ecryptfs_process_response(msg, euid, user_ns, pid, seq);
    398. 

  398. 	if (rc)
    399. 

  399. 		printk(KERN_ERR
    400. 

  400. 		       "Error processing response message; rc = [%d]\n", rc);
    401. 

  401. out:
    402. 

  402. 	return rc;
    403. 

  403. }
    404. 

  404. 

  405. /**
    406. 

  406.  * ecryptfs_miscdev_write - handle write to daemon miscdev handle
    407. 

  407.  * @file: File for misc dev handle (ignored)
    408. 

  408.  * @buf: Buffer containing user data
    409. 

  409.  * @count: Amount of data in @buf
    410. 

  410.  * @ppos: Pointer to offset in file (ignored)
    411. 

  411.  *
    412. 

  412.  * Returns the number of bytes read from @buf
    413. 

  413.  */
    414. 

  414. static ssize_t
    415. 

  415. ecryptfs_miscdev_write(struct file *file, const char __user *buf,
    416. 

  416. 		       size_t count, loff_t *ppos)
    417. 

  417. {
    418. 

  418. 	__be32 counter_nbo;
    419. 

  419. 	u32 seq;
    420. 

  420. 	size_t packet_size, packet_size_length;
    421. 

  421. 	char *data;
    422. 

  422. 	uid_t euid = current_euid();
    423. 

  423. 	unsigned char packet_size_peek[ECRYPTFS_MAX_PKT_LEN_SIZE];
    424. 

  424. 	ssize_t rc;
    425. 

  425. 

  426. 	if (count == 0) {
    427. 

  427. 		return 0;
    428. 

  428. 	} else if (count == MIN_NON_MSG_PKT_SIZE) {
    429. 

  429. 		/* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */
    430. 

  430. 		goto memdup;
    431. 

  431. 	} else if (count < MIN_MSG_PKT_SIZE || count > MAX_MSG_PKT_SIZE) {
    432. 

  432. 		printk(KERN_WARNING "%s: Acceptable packet size range is "
    433. 

  433. 		       "[%d-%zu], but amount of data written is [%zu].",
    434. 

  434. 		       __func__, MIN_MSG_PKT_SIZE, MAX_MSG_PKT_SIZE, count);
    435. 

  435. 		return -EINVAL;
    436. 

  436. 	}
    437. 

  437. 

  438. 	if (copy_from_user(packet_size_peek, &buf[PKT_LEN_OFFSET],
    439. 

  439. 			   sizeof(packet_size_peek))) {
    440. 

  440. 		printk(KERN_WARNING "%s: Error while inspecting packet size\n",
    441. 

  441. 		       __func__);
    442. 

  442. 		return -EFAULT;
    443. 

  443. 	}
    444. 

  444. 

  445. 	rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size,
    446. 

  446. 					  &packet_size_length);
    447. 

  447. 	if (rc) {
    448. 

  448. 		printk(KERN_WARNING "%s: Error parsing packet length; "
    449. 

  449. 		       "rc = [%zd]\n", __func__, rc);
    450. 

  450. 		return rc;
    451. 

  451. 	}
    452. 

  452. 

  453. 	if ((PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_size_length + packet_size)
    454. 

  454. 	    != count) {
    455. 

  455. 		printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__,
    456. 

  456. 		       packet_size);
    457. 

  457. 		return -EINVAL;
    458. 

  458. 	}
    459. 

  459. 

  460. memdup:
    461. 

  461. 	data = memdup_user(buf, count);
    462. 

  462. 	if (IS_ERR(data)) {
    463. 

  463. 		printk(KERN_ERR "%s: memdup_user returned error [%ld]\n",
    464. 

  464. 		       __func__, PTR_ERR(data));
    465. 

  465. 		return PTR_ERR(data);
    466. 

  466. 	}
    467. 

  467. 	switch (data[PKT_TYPE_OFFSET]) {
    468. 

  468. 	case ECRYPTFS_MSG_RESPONSE:
    469. 

  469. 		if (count < (MIN_MSG_PKT_SIZE
    470. 

  470. 			     + sizeof(struct ecryptfs_message))) {
    471. 

  471. 			printk(KERN_WARNING "%s: Minimum acceptable packet "
    472. 

  472. 			       "size is [%zd], but amount of data written is "
    473. 

  473. 			       "only [%zd]. Discarding response packet.\n",
    474. 

  474. 			       __func__,
    475. 

  475. 			       (MIN_MSG_PKT_SIZE
    476. 

  476. 				+ sizeof(struct ecryptfs_message)), count);
    477. 

  477. 			rc = -EINVAL;
    478. 

  478. 			goto out_free;
    479. 

  479. 		}
    480. 

  480. 		memcpy(&counter_nbo, &data[PKT_CTR_OFFSET], PKT_CTR_SIZE);
    481. 

  481. 		seq = be32_to_cpu(counter_nbo);
    482. 

  482. 		rc = ecryptfs_miscdev_response(
    483. 

  483. 				&data[PKT_LEN_OFFSET + packet_size_length],
    484. 

  484. 				packet_size, euid, current_user_ns(),
    485. 

  485. 				task_pid(current), seq);
    486. 

  486. 		if (rc) {
    487. 

  487. 			printk(KERN_WARNING "%s: Failed to deliver miscdev "
    488. 

  488. 			       "response to requesting operation; rc = [%zd]\n",
    489. 

  489. 			       __func__, rc);
    490. 

  490. 			goto out_free;
    491. 

  491. 		}
    492. 

  492. 		break;
    493. 

  493. 	case ECRYPTFS_MSG_HELO:
    494. 

  494. 	case ECRYPTFS_MSG_QUIT:
    495. 

  495. 		break;
    496. 

  496. 	default:
    497. 

  497. 		ecryptfs_printk(KERN_WARNING, "Dropping miscdev "
    498. 

  498. 				"message of unrecognized type [%d]\n",
    499. 

  499. 				data[0]);
    500. 

  500. 		rc = -EINVAL;
    501. 

  501. 		goto out_free;
    502. 

  502. 	}
    503. 

  503. 	rc = count;
    504. 

  504. out_free:
    505. 

  505. 	kfree(data);
    506. 

  506. 	return rc;
    507. 

  507. }
    508. 

  508. 

  509. 

  510. static const struct file_operations ecryptfs_miscdev_fops = {
    511. 

  511. 	.open    = ecryptfs_miscdev_open,
    512. 

  512. 	.poll    = ecryptfs_miscdev_poll,
    513. 

  513. 	.read    = ecryptfs_miscdev_read,
    514. 

  514. 	.write   = ecryptfs_miscdev_write,
    515. 

  515. 	.release = ecryptfs_miscdev_release,
    516. 

  516. 	.llseek  = noop_llseek,
    517. 

  517. };
    518. 

  518. 

  519. static struct miscdevice ecryptfs_miscdev = {
    520. 

  520. 	.minor = MISC_DYNAMIC_MINOR,
    521. 

  521. 	.name  = "ecryptfs",
    522. 

  522. 	.fops  = &ecryptfs_miscdev_fops
    523. 

  523. };
    524. 

  524. 

  525. /**
    526. 

  526.  * ecryptfs_init_ecryptfs_miscdev
    527. 

  527.  *
    528. 

  528.  * Messages sent to the userspace daemon from the kernel are placed on
    529. 

  529.  * a queue associated with the daemon. The next read against the
    530. 

  530.  * miscdev handle by that daemon will return the oldest message placed
    531. 

  531.  * on the message queue for the daemon.
    532. 

  532.  *
    533. 

  533.  * Returns zero on success; non-zero otherwise
    534. 

  534.  */
    535. 

  535. int __init ecryptfs_init_ecryptfs_miscdev(void)
    536. 

  536. {
    537. 

  537. 	int rc;
    538. 

  538. 

  539. 	atomic_set(&ecryptfs_num_miscdev_opens, 0);
    540. 

  540. 	rc = misc_register(&ecryptfs_miscdev);
    541. 

  541. 	if (rc)
    542. 

  542. 		printk(KERN_ERR "%s: Failed to register miscellaneous device "
    543. 

  543. 		       "for communications with userspace daemons; rc = [%d]\n",
    544. 

  544. 		       __func__, rc);
    545. 

  545. 	return rc;
    546. 

  546. }
    547. 

  547. 

  548. /**
    549. 

  549.  * ecryptfs_destroy_ecryptfs_miscdev
    550. 

  550.  *
    551. 

  551.  * All of the daemons must be exorcised prior to calling this
    552. 

  552.  * function.
    553. 

  553.  */
    554. 

  554. void ecryptfs_destroy_ecryptfs_miscdev(void)
    555. 

  555. {
    556. 

  556. 	BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0);
    557. 

  557. 	misc_deregister(&ecryptfs_miscdev);
    558. 

  558. }
    559.