Merge tag 'ecryptfs-5.13-rc1-updates' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

Merge tag 'ecryptfs-5.13-rc1-updates' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs

Pull ecryptfs updates from Tyler Hicks:
"Code cleanups and a bug fix

- W=1 compiler warning cleanups

- Mutex initialization simplification

- Protect against NULL pointer exception during mount"

* tag 'ecryptfs-5.13-rc1-updates' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs:
ecryptfs: fix kernel panic with null dev_name
ecryptfs: remove unused helpers
ecryptfs: Fix typo in message
eCryptfs: Use DEFINE_MUTEX() for mutex lock
ecryptfs: keystore: Fix some kernel-doc issues and demote non-conformant headers
ecryptfs: inode: Help out nearly-there header and demote non-conformant ones
ecryptfs: mmap: Help out one function header and demote other abuses
ecryptfs: crypto: Supply some missing param descriptions and demote abuses
ecryptfs: miscdev: File headers are not good kernel-doc candidates
ecryptfs: main: Demote a bunch of non-conformant kernel-doc headers
ecryptfs: messaging: Add missing param descriptions and demote abuses
ecryptfs: super: Fix formatting, naming and kernel-doc abuses
ecryptfs: file: Demote kernel-doc abuses
ecryptfs: kthread: Demote file header and provide description for 'cred'
ecryptfs: dentry: File headers are not good candidates for kernel-doc
ecryptfs: debug: Demote a couple of kernel-doc abuses
ecryptfs: read_write: File headers do not make good candidates for kernel-doc
ecryptfs: use DEFINE_MUTEX() for mutex lock
eCryptfs: add a semicolon

Linus Torvalds 4 years ago 682a8e2b 7ec901b6

+73 -63

14 changed files

expand all collapse all

ecryptfs

crypto.c

debug.c

dentry.c

ecryptfs_kernel.h

file.c

inode.c

keystore.c

kthread.c

main.c

messaging.c

miscdev.c

mmap.c

read_write.c

super.c

+12 -13

fs/ecryptfs/crypto.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 1997-2004 Erez Zadok ··· 350 350 return rc; 351 351 } 352 352 353 353 - /** 353 353 + /* 354 354 * lower_offset_for_page 355 355 * 356 356 * Convert an eCryptfs page index into a lower byte offset ··· 535 535 rc = crypt_extent(crypt_stat, page, page, 536 536 extent_offset, DECRYPT); 537 537 if (rc) { 538 538 - printk(KERN_ERR "%s: Error encrypting extent; " 538 538 + printk(KERN_ERR "%s: Error decrypting extent; " 539 539 "rc = [%d]\n", __func__, rc); 540 540 goto out; 541 541 } ··· 627 627 } 628 628 } 629 629 630 630 - /** 630 630 + /* 631 631 * ecryptfs_compute_root_iv 632 632 - * @crypt_stats 633 632 * 634 633 * On error, sets the root IV to all 0's. 635 634 */ ··· 1369 1370 return rc; 1370 1371 } 1371 1372 1372 1372 - /** 1373 1373 + /* 1373 1374 * ecryptfs_read_metadata 1374 1375 * 1375 1376 * Common entry point for reading file metadata. From here, we could ··· 1447 1448 return rc; 1448 1449 } 1449 1450 1450 1450 - /** 1451 1451 + /* 1451 1452 * ecryptfs_encrypt_filename - encrypt filename 1452 1453 * 1453 1454 * CBC-encrypts the filename. We do not want to encrypt the same ··· 1589 1590 1590 1591 struct kmem_cache *ecryptfs_key_tfm_cache; 1591 1592 static struct list_head key_tfm_list; 1592 1592 - struct mutex key_tfm_list_mutex; 1593 1593 + DEFINE_MUTEX(key_tfm_list_mutex); 1593 1594 1594 1595 int __init ecryptfs_init_crypto(void) 1595 1596 { 1596 1596 - mutex_init(&key_tfm_list_mutex); 1597 1597 INIT_LIST_HEAD(&key_tfm_list); 1598 1598 return 0; 1599 1599 } ··· 1875 1877 1876 1878 /** 1877 1879 * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name to cipher text 1878 1878 - * @crypt_stat: The crypt_stat struct associated with the file anem to encode 1880 1880 + * @encoded_name: The encrypted name 1881 1881 + * @encoded_name_size: Length of the encrypted name 1882 1882 + * @mount_crypt_stat: The crypt_stat struct associated with the file name to encode 1879 1883 * @name: The plaintext name 1880 1880 - * @length: The length of the plaintext 1881 1881 - * @encoded_name: The encypted name 1884 1884 + * @name_size: The length of the plaintext name 1882 1885 * 1883 1886 * Encrypts and encodes a filename into something that constitutes a 1884 1887 * valid filename for a filesystem, with printable characters. ··· 1991 1992 * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher text name to decoded plaintext 1992 1993 * @plaintext_name: The plaintext name 1993 1994 * @plaintext_name_size: The plaintext name size 1994 1994 - * @ecryptfs_dir_dentry: eCryptfs directory dentry 1995 1995 + * @sb: Ecryptfs's super_block 1995 1996 * @name: The filename in cipher text 1996 1997 * @name_size: The cipher text name size 1997 1998 *

+2 -2

fs/ecryptfs/debug.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * Functions only useful for debugging. 5 5 * ··· 9 9 10 10 #include "ecryptfs_kernel.h" 11 11 12 12 - /** 12 12 + /* 13 13 * ecryptfs_dump_auth_tok - debug function to print auth toks 14 14 * 15 15 * This function will print the contents of an ecryptfs authentication

+1 -1

fs/ecryptfs/dentry.c

reviewed

+1 -1

fs/ecryptfs/ecryptfs_kernel.h

reviewed

··· 513 513 } 514 514 515 515 #define ecryptfs_printk(type, fmt, arg...) \ 516 516 - __ecryptfs_printk(type "%s: " fmt, __func__, ## arg); 516 516 + __ecryptfs_printk(type "%s: " fmt, __func__, ## arg) 517 517 __printf(1, 2) 518 518 void __ecryptfs_printk(const char *fmt, ...); 519 519

+2 -2

fs/ecryptfs/file.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 1997-2004 Erez Zadok ··· 19 19 #include <linux/fs_stack.h> 20 20 #include "ecryptfs_kernel.h" 21 21 22 22 - /** 22 22 + /* 23 23 * ecryptfs_read_update_atime 24 24 * 25 25 * generic_file_read updates the atime of upper layer inode. But, it

+5 -6

fs/ecryptfs/inode.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 1997-2004 Erez Zadok ··· 199 199 return inode; 200 200 } 201 201 202 202 - /** 202 202 + /* 203 203 * ecryptfs_initialize_file 204 204 * 205 205 * Cause the file to be changed from a basic empty file to an ecryptfs ··· 242 242 return rc; 243 243 } 244 244 245 245 - /** 245 245 + /* 246 246 * ecryptfs_create 247 247 - * @dir: The inode of the directory in which to create the file. 248 248 - * @dentry: The eCryptfs dentry 249 247 * @mode: The mode of the new file. 250 248 * 251 249 * Creates a new file. ··· 311 313 return 0; 312 314 } 313 315 314 314 - /** 316 316 + /* 315 317 * ecryptfs_lookup_interpose - Dentry interposition for a lookup 316 318 */ 317 319 static struct dentry *ecryptfs_lookup_interpose(struct dentry *dentry, ··· 871 873 872 874 /** 873 875 * ecryptfs_setattr 876 876 + * @mnt_userns: user namespace of the target mount 874 877 * @dentry: dentry handle to the inode to modify 875 878 * @ia: Structure with flags of what to change and values 876 879 *

+8 -7

fs/ecryptfs/keystore.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * In-kernel key management code. Includes functions to parse and 5 5 * write authentication token-related packets with the underlying ··· 21 21 #include <linux/slab.h> 22 22 #include "ecryptfs_kernel.h" 23 23 24 24 - /** 24 24 + /* 25 25 * request_key returned an error instead of a valid key address; 26 26 * determine the type of error, make appropriate log entries, and 27 27 * return an error code. ··· 536 536 537 537 /** 538 538 * ecryptfs_find_auth_tok_for_sig 539 539 + * @auth_tok_key: key containing the authentication token 539 540 * @auth_tok: Set to the matching auth_tok; NULL if not found 540 540 - * @crypt_stat: inode crypt_stat crypto context 541 541 + * @mount_crypt_stat: inode crypt_stat crypto context 541 542 * @sig: Sig of auth_tok to find 542 543 * 543 544 * For now, this function simply looks at the registered auth_tok's ··· 577 576 return rc; 578 577 } 579 578 580 580 - /** 579 579 + /* 581 580 * write_tag_70_packet can gobble a lot of stack space. We stuff most 582 581 * of the function's parameters in a kmalloc'd struct to help reduce 583 582 * eCryptfs' overall stack usage. ··· 605 604 struct shash_desc *hash_desc; 606 605 }; 607 606 608 608 - /** 607 607 + /* 609 608 * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK 610 609 * @filename: NULL-terminated filename string 611 610 * ··· 874 873 }; 875 874 876 875 /** 877 877 - * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet 876 876 + * ecryptfs_parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet 878 877 * @filename: This function kmalloc's the memory for the filename 879 878 * @filename_size: This function sets this to the amount of memory 880 879 * kmalloc'd for the filename ··· 1173 1172 rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); 1174 1173 if (rc) { 1175 1174 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", 1176 1176 - cipher_code) 1175 1175 + cipher_code); 1177 1176 goto out; 1178 1177 } 1179 1178 crypt_stat->flags |= ECRYPTFS_KEY_VALID;

+2 -1

fs/ecryptfs/kthread.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 2008 International Business Machines Corp. ··· 108 108 * @lower_file: Result of dentry_open by root on lower dentry 109 109 * @lower_dentry: Lower dentry for file to open 110 110 * @lower_mnt: Lower vfsmount for file to open 111 111 + * @cred: credential to use for this call 111 112 * 112 113 * This function gets a r/w file opened against the lower dentry. 113 114 *

+18 -12

fs/ecryptfs/main.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 1997-2003 Erez Zadok ··· 24 24 #include <linux/magic.h> 25 25 #include "ecryptfs_kernel.h" 26 26 27 27 - /** 27 27 + /* 28 28 * Module parameter that defines the ecryptfs_verbosity level. 29 29 */ 30 30 int ecryptfs_verbosity = 0; ··· 34 34 "Initial verbosity level (0 or 1; defaults to " 35 35 "0, which is Quiet)"); 36 36 37 37 - /** 37 37 + /* 38 38 * Module parameter that defines the number of message buffer elements 39 39 */ 40 40 unsigned int ecryptfs_message_buf_len = ECRYPTFS_DEFAULT_MSG_CTX_ELEMS; ··· 43 43 MODULE_PARM_DESC(ecryptfs_message_buf_len, 44 44 "Number of message buffer elements"); 45 45 46 46 - /** 46 46 + /* 47 47 * Module parameter that defines the maximum guaranteed amount of time to wait 48 48 * for a response from ecryptfsd. The actual sleep time will be, more than 49 49 * likely, a small amount greater than this specified value, but only less if ··· 57 57 "sleep while waiting for a message response from " 58 58 "userspace"); 59 59 60 60 - /** 60 60 + /* 61 61 * Module parameter that is an estimate of the maximum number of users 62 62 * that will be concurrently using eCryptfs. Set this to the right 63 63 * value to balance performance and memory use. ··· 80 80 va_end(args); 81 81 } 82 82 83 83 - /** 83 83 + /* 84 84 * ecryptfs_init_lower_file 85 85 * @ecryptfs_dentry: Fully initialized eCryptfs dentry object, with 86 86 * the lower dentry and the lower mount set ··· 221 221 222 222 /** 223 223 * ecryptfs_parse_options 224 224 - * @sb: The ecryptfs super block 224 224 + * @sbi: The ecryptfs super block 225 225 * @options: The options passed to the kernel 226 226 * @check_ruid: set to 1 if device uid should be checked against the ruid 227 227 * ··· 466 466 struct kmem_cache *ecryptfs_sb_info_cache; 467 467 static struct file_system_type ecryptfs_fs_type; 468 468 469 469 - /** 470 470 - * ecryptfs_get_sb 471 471 - * @fs_type 472 472 - * @flags 469 469 + /* 470 470 + * ecryptfs_mount 471 471 + * @fs_type: The filesystem type that the superblock should belong to 472 472 + * @flags: The flags associated with the mount 473 473 * @dev_name: The path to mount over 474 474 * @raw_data: The options passed into the kernel 475 475 */ ··· 489 489 sbi = kmem_cache_zalloc(ecryptfs_sb_info_cache, GFP_KERNEL); 490 490 if (!sbi) { 491 491 rc = -ENOMEM; 492 492 + goto out; 493 493 + } 494 494 + 495 495 + if (!dev_name) { 496 496 + rc = -EINVAL; 497 497 + err = "Device name cannot be null"; 492 498 goto out; 493 499 } 494 500 ··· 641 635 }; 642 636 MODULE_ALIAS_FS("ecryptfs"); 643 637 644 644 - /** 638 638 + /* 645 639 * inode_info_init_once 646 640 * 647 641 * Initializes the ecryptfs_inode_info_cache when it is created

+7 -7

fs/ecryptfs/messaging.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-only 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 2004-2008 International Business Machines Corp. ··· 14 14 15 15 static LIST_HEAD(ecryptfs_msg_ctx_free_list); 16 16 static LIST_HEAD(ecryptfs_msg_ctx_alloc_list); 17 17 - static struct mutex ecryptfs_msg_ctx_lists_mux; 17 17 + static DEFINE_MUTEX(ecryptfs_msg_ctx_lists_mux); 18 18 19 19 static struct hlist_head *ecryptfs_daemon_hash; 20 20 - struct mutex ecryptfs_daemon_hash_mux; 20 20 + DEFINE_MUTEX(ecryptfs_daemon_hash_mux); 21 21 static int ecryptfs_hash_bits; 22 22 #define ecryptfs_current_euid_hash(uid) \ 23 23 hash_long((unsigned long)from_kuid(&init_user_ns, current_euid()), ecryptfs_hash_bits) ··· 147 147 return rc; 148 148 } 149 149 150 150 - /** 150 150 + /* 151 151 * ecryptfs_exorcise_daemon - Destroy the daemon struct 152 152 * 153 153 * Must be called ceremoniously while in possession of ··· 181 181 } 182 182 183 183 /** 184 184 - * ecryptfs_process_reponse 184 184 + * ecryptfs_process_response 185 185 + * @daemon: eCryptfs daemon object 185 186 * @msg: The ecryptfs message received; the caller should sanity check 186 187 * msg->data_len and free the memory 187 188 * @seq: The sequence number of the message; must match the sequence ··· 251 250 * ecryptfs_send_message_locked 252 251 * @data: The data to send 253 252 * @data_len: The length of data 253 253 + * @msg_type: Type of message 254 254 * @msg_ctx: The message context allocated for the send 255 255 * 256 256 * Must be called with ecryptfs_daemon_hash_mux held. ··· 361 359 "too large, defaulting to [%d] users\n", __func__, 362 360 ecryptfs_number_of_users); 363 361 } 364 364 - mutex_init(&ecryptfs_daemon_hash_mux); 365 362 mutex_lock(&ecryptfs_daemon_hash_mux); 366 363 ecryptfs_hash_bits = 1; 367 364 while (ecryptfs_number_of_users >> ecryptfs_hash_bits) ··· 384 383 rc = -ENOMEM; 385 384 goto out; 386 385 } 387 387 - mutex_init(&ecryptfs_msg_ctx_lists_mux); 388 386 mutex_lock(&ecryptfs_msg_ctx_lists_mux); 389 387 ecryptfs_msg_counter = 0; 390 388 for (i = 0; i < ecryptfs_message_buf_len; i++) {

+2 -1

fs/ecryptfs/miscdev.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-only 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 2008 International Business Machines Corp. ··· 312 312 313 313 /** 314 314 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 315 315 + * @daemon: eCryptfs daemon object 315 316 * @data: Bytes comprising struct ecryptfs_message 316 317 * @data_size: sizeof(struct ecryptfs_message) + data len 317 318 * @seq: Sequence number for miscdev response packet

+6 -5

fs/ecryptfs/mmap.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * This is where eCryptfs coordinates the symmetric encryption and 5 5 * decryption of the file data as it passes between the lower ··· 22 22 #include <asm/unaligned.h> 23 23 #include "ecryptfs_kernel.h" 24 24 25 25 - /** 25 25 + /* 26 26 * ecryptfs_get_locked_page 27 27 * 28 28 * Get one page from cache or lower f/s, return error otherwise. ··· 41 41 /** 42 42 * ecryptfs_writepage 43 43 * @page: Page that is locked before this call is made 44 44 + * @wbc: Write-back control structure 44 45 * 45 46 * Returns zero on success; non-zero otherwise 46 47 * ··· 79 78 } 80 79 } 81 80 82 82 - /** 81 81 + /* 83 82 * Header Extent: 84 83 * Octets 0-7: Unencrypted file size (big-endian) 85 84 * Octets 8-15: eCryptfs special marker ··· 230 229 return rc; 231 230 } 232 231 233 233 - /** 232 232 + /* 234 233 * Called with lower inode mutex held. 235 234 */ 236 235 static int fill_zeros_to_end_of_page(struct page *page, unsigned int to) ··· 369 368 return rc; 370 369 } 371 370 372 372 - /** 371 371 + /* 373 372 * ecryptfs_write_inode_size_to_header 374 373 * 375 374 * Writes the lower file size to the first 8 bytes of the header.

+3 -1

fs/ecryptfs/read_write.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 2007 International Business Machines Corp. ··· 230 230 * ecryptfs_read_lower_page_segment 231 231 * @page_for_ecryptfs: The page into which data for eCryptfs will be 232 232 * written 233 233 + * @page_index: Page index in @page_for_ecryptfs from which to start 234 234 + * writing 233 235 * @offset_in_page: Offset in @page_for_ecryptfs from which to start 234 236 * writing 235 237 * @size: The number of bytes to write into @page_for_ecryptfs

+4 -4

fs/ecryptfs/super.c

reviewed

··· 1 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 2 - /** 2 2 + /* 3 3 * eCryptfs: Linux filesystem encryption layer 4 4 * 5 5 * Copyright (C) 1997-2003 Erez Zadok ··· 81 81 82 82 /** 83 83 * ecryptfs_statfs 84 84 - * @sb: The ecryptfs super block 84 84 + * @dentry: The ecryptfs dentry 85 85 * @buf: The struct kstatfs to fill in with stats 86 86 * 87 87 * Get the filesystem statistics. Currently, we let this pass right through ··· 108 108 109 109 /** 110 110 * ecryptfs_evict_inode 111 111 - * @inode - The ecryptfs inode 111 111 + * @inode: The ecryptfs inode 112 112 * 113 113 * Called by iput() when the inode reference count reached zero 114 114 * and the inode is not hashed anywhere. Used to clear anything ··· 123 123 iput(ecryptfs_inode_to_lower(inode)); 124 124 } 125 125 126 126 - /** 126 126 + /* 127 127 * ecryptfs_show_options 128 128 * 129 129 * Prints the mount options for a given superblock.