Lines Matching +full:lower +full:- +full:case
1 // SPDX-License-Identifier: GPL-2.0-or-later
5 * Copyright (C) 1997-2003 Erez Zadok
6 * Copyright (C) 2001-2003 Stony Brook University
7 * Copyright (C) 2004-2007 International Business Machines Corp.
87 * the lower dentry and the lower mount set
89 * eCryptfs only ever keeps a single open file for every lower
90 * inode. All I/O operations to the lower inode occur through that
92 * lower dentry for that inode is created, this function creates the
93 * lower file struct and associates it with the eCryptfs
97 * The lower file will be opened with read/write permissions, if
98 * possible. Otherwise, it is opened read-only.
100 * This function does nothing if a lower file is already
103 * Returns zero on success; non-zero otherwise
114 printk(KERN_ERR "Error opening lower file " in ecryptfs_init_lower_file()
128 mutex_lock(&inode_info->lower_file_mutex); in ecryptfs_get_lower_file()
129 count = atomic_inc_return(&inode_info->lower_file_count); in ecryptfs_get_lower_file()
131 rc = -EINVAL; in ecryptfs_get_lower_file()
134 &inode_info->lower_file); in ecryptfs_get_lower_file()
136 atomic_set(&inode_info->lower_file_count, 0); in ecryptfs_get_lower_file()
138 mutex_unlock(&inode_info->lower_file_mutex); in ecryptfs_get_lower_file()
147 if (atomic_dec_and_mutex_lock(&inode_info->lower_file_count, in ecryptfs_put_lower_file()
148 &inode_info->lower_file_mutex)) { in ecryptfs_put_lower_file()
149 filemap_write_and_wait(inode->i_mapping); in ecryptfs_put_lower_file()
150 fput(inode_info->lower_file); in ecryptfs_put_lower_file()
151 inode_info->lower_file = NULL; in ecryptfs_put_lower_file()
152 mutex_unlock(&inode_info->lower_file_mutex); in ecryptfs_put_lower_file()
190 &mount_crypt_stat->global_auth_tok_list, in ecryptfs_init_global_auth_toks()
193 &global_auth_tok->global_auth_tok_key, &auth_tok, in ecryptfs_init_global_auth_toks()
194 global_auth_tok->sig); in ecryptfs_init_global_auth_toks()
198 "option: [%s]\n", global_auth_tok->sig); in ecryptfs_init_global_auth_toks()
199 global_auth_tok->flags |= ECRYPTFS_AUTH_TOK_INVALID; in ecryptfs_init_global_auth_toks()
202 global_auth_tok->flags &= ~ECRYPTFS_AUTH_TOK_INVALID; in ecryptfs_init_global_auth_toks()
203 up_write(&(global_auth_tok->global_auth_tok_key)->sem); in ecryptfs_init_global_auth_toks()
215 INIT_LIST_HEAD(&mount_crypt_stat->global_auth_tok_list); in ecryptfs_init_mount_crypt_stat()
216 mutex_init(&mount_crypt_stat->global_auth_tok_list_mutex); in ecryptfs_init_mount_crypt_stat()
217 mount_crypt_stat->flags |= ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED; in ecryptfs_init_mount_crypt_stat()
239 * Returns zero on success; non-zero on error
248 struct ecryptfs_fs_context *ctx = fc->fs_private; in ecryptfs_parse_param()
249 struct ecryptfs_sb_info *sbi = fc->s_fs_info; in ecryptfs_parse_param()
251 &sbi->mount_crypt_stat; in ecryptfs_parse_param()
258 case Opt_sig: in ecryptfs_parse_param()
259 case Opt_ecryptfs_sig: in ecryptfs_parse_param()
261 param->string, 0); in ecryptfs_parse_param()
267 ctx->sig_set = 1; in ecryptfs_parse_param()
269 case Opt_cipher: in ecryptfs_parse_param()
270 case Opt_ecryptfs_cipher: in ecryptfs_parse_param()
271 strscpy(mount_crypt_stat->global_default_cipher_name, in ecryptfs_parse_param()
272 param->string); in ecryptfs_parse_param()
273 ctx->cipher_name_set = 1; in ecryptfs_parse_param()
275 case Opt_ecryptfs_key_bytes: in ecryptfs_parse_param()
276 mount_crypt_stat->global_default_cipher_key_size = in ecryptfs_parse_param()
278 ctx->cipher_key_bytes_set = 1; in ecryptfs_parse_param()
280 case Opt_passthrough: in ecryptfs_parse_param()
281 mount_crypt_stat->flags |= in ecryptfs_parse_param()
284 case Opt_xattr_metadata: in ecryptfs_parse_param()
285 mount_crypt_stat->flags |= ECRYPTFS_XATTR_METADATA_ENABLED; in ecryptfs_parse_param()
287 case Opt_encrypted_view: in ecryptfs_parse_param()
288 mount_crypt_stat->flags |= ECRYPTFS_XATTR_METADATA_ENABLED; in ecryptfs_parse_param()
289 mount_crypt_stat->flags |= ECRYPTFS_ENCRYPTED_VIEW_ENABLED; in ecryptfs_parse_param()
291 case Opt_fnek_sig: in ecryptfs_parse_param()
292 strscpy(mount_crypt_stat->global_default_fnek_sig, in ecryptfs_parse_param()
293 param->string); in ecryptfs_parse_param()
296 mount_crypt_stat->global_default_fnek_sig, in ecryptfs_parse_param()
301 mount_crypt_stat->global_default_fnek_sig, rc); in ecryptfs_parse_param()
304 mount_crypt_stat->flags |= in ecryptfs_parse_param()
308 case Opt_fn_cipher: in ecryptfs_parse_param()
309 strscpy(mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_parse_param()
310 param->string); in ecryptfs_parse_param()
311 ctx->fn_cipher_name_set = 1; in ecryptfs_parse_param()
313 case Opt_fn_cipher_key_bytes: in ecryptfs_parse_param()
314 mount_crypt_stat->global_default_fn_cipher_key_bytes = in ecryptfs_parse_param()
316 ctx->fn_cipher_key_bytes_set = 1; in ecryptfs_parse_param()
318 case Opt_unlink_sigs: in ecryptfs_parse_param()
319 mount_crypt_stat->flags |= ECRYPTFS_UNLINK_SIGS; in ecryptfs_parse_param()
321 case Opt_mount_auth_tok_only: in ecryptfs_parse_param()
322 mount_crypt_stat->flags |= ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY; in ecryptfs_parse_param()
324 case Opt_check_dev_ruid: in ecryptfs_parse_param()
325 ctx->check_ruid = 1; in ecryptfs_parse_param()
328 return -EINVAL; in ecryptfs_parse_param()
338 struct ecryptfs_fs_context *ctx = fc->fs_private; in ecryptfs_validate_options()
339 struct ecryptfs_sb_info *sbi = fc->s_fs_info; in ecryptfs_validate_options()
343 mount_crypt_stat = &sbi->mount_crypt_stat; in ecryptfs_validate_options()
345 if (!ctx->sig_set) { in ecryptfs_validate_options()
346 rc = -EINVAL; in ecryptfs_validate_options()
352 if (!ctx->cipher_name_set) { in ecryptfs_validate_options()
356 strcpy(mount_crypt_stat->global_default_cipher_name, in ecryptfs_validate_options()
359 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_validate_options()
360 && !ctx->fn_cipher_name_set) in ecryptfs_validate_options()
361 strcpy(mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_validate_options()
362 mount_crypt_stat->global_default_cipher_name); in ecryptfs_validate_options()
363 if (!ctx->cipher_key_bytes_set) in ecryptfs_validate_options()
364 mount_crypt_stat->global_default_cipher_key_size = 0; in ecryptfs_validate_options()
365 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_validate_options()
366 && !ctx->fn_cipher_key_bytes_set) in ecryptfs_validate_options()
367 mount_crypt_stat->global_default_fn_cipher_key_bytes = in ecryptfs_validate_options()
368 mount_crypt_stat->global_default_cipher_key_size; in ecryptfs_validate_options()
371 mount_crypt_stat->global_default_cipher_name, in ecryptfs_validate_options()
372 mount_crypt_stat->global_default_cipher_key_size); in ecryptfs_validate_options()
376 mount_crypt_stat->global_default_cipher_name); in ecryptfs_validate_options()
377 rc = -EINVAL; in ecryptfs_validate_options()
382 if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name, in ecryptfs_validate_options()
385 NULL, mount_crypt_stat->global_default_cipher_name, in ecryptfs_validate_options()
386 mount_crypt_stat->global_default_cipher_key_size); in ecryptfs_validate_options()
391 mount_crypt_stat->global_default_cipher_name, in ecryptfs_validate_options()
392 mount_crypt_stat->global_default_cipher_key_size, in ecryptfs_validate_options()
394 rc = -EINVAL; in ecryptfs_validate_options()
399 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) in ecryptfs_validate_options()
401 mount_crypt_stat->global_default_fn_cipher_name, NULL)) { in ecryptfs_validate_options()
403 NULL, mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_validate_options()
404 mount_crypt_stat->global_default_fn_cipher_key_bytes); in ecryptfs_validate_options()
409 mount_crypt_stat->global_default_fn_cipher_name, in ecryptfs_validate_options()
410 mount_crypt_stat->global_default_fn_cipher_key_bytes, in ecryptfs_validate_options()
412 rc = -EINVAL; in ecryptfs_validate_options()
436 struct ecryptfs_fs_context *ctx = fc->fs_private; in ecryptfs_get_tree()
437 struct ecryptfs_sb_info *sbi = fc->s_fs_info; in ecryptfs_get_tree()
444 if (!fc->source) { in ecryptfs_get_tree()
445 rc = -EINVAL; in ecryptfs_get_tree()
450 mount_crypt_stat = &sbi->mount_crypt_stat; in ecryptfs_get_tree()
469 /* ->kill_sb() will take care of sbi after that point */ in ecryptfs_get_tree()
471 s->s_op = &ecryptfs_sops; in ecryptfs_get_tree()
472 s->s_xattr = ecryptfs_xattr_handlers; in ecryptfs_get_tree()
476 rc = kern_path(fc->source, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path); in ecryptfs_get_tree()
481 if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) { in ecryptfs_get_tree()
482 rc = -EINVAL; in ecryptfs_get_tree()
490 rc = -EINVAL; in ecryptfs_get_tree()
495 if (ctx->check_ruid && in ecryptfs_get_tree()
496 !uid_eq(d_inode(path.dentry)->i_uid, current_uid())) { in ecryptfs_get_tree()
497 rc = -EPERM; in ecryptfs_get_tree()
505 ecryptfs_set_superblock_lower(s, path.dentry->d_sb); in ecryptfs_get_tree()
508 * Set the POSIX ACL flag based on whether they're enabled in the lower in ecryptfs_get_tree()
511 s->s_flags = fc->sb_flags & ~SB_POSIXACL; in ecryptfs_get_tree()
512 s->s_flags |= path.dentry->d_sb->s_flags & SB_POSIXACL; in ecryptfs_get_tree()
515 * Force a read-only eCryptfs mount when: in ecryptfs_get_tree()
516 * 1) The lower mount is ro in ecryptfs_get_tree()
519 if (sb_rdonly(path.dentry->d_sb) || mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) in ecryptfs_get_tree()
520 s->s_flags |= SB_RDONLY; in ecryptfs_get_tree()
522 s->s_maxbytes = path.dentry->d_sb->s_maxbytes; in ecryptfs_get_tree()
523 s->s_blocksize = path.dentry->d_sb->s_blocksize; in ecryptfs_get_tree()
524 s->s_magic = ECRYPTFS_SUPER_MAGIC; in ecryptfs_get_tree()
525 s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1; in ecryptfs_get_tree()
527 rc = -EINVAL; in ecryptfs_get_tree()
528 if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { in ecryptfs_get_tree()
538 s->s_root = d_make_root(inode); in ecryptfs_get_tree()
539 if (!s->s_root) { in ecryptfs_get_tree()
540 rc = -ENOMEM; in ecryptfs_get_tree()
544 ecryptfs_set_dentry_lower(s->s_root, path.dentry); in ecryptfs_get_tree()
545 ecryptfs_superblock_to_private(s)->lower_mnt = path.mnt; in ecryptfs_get_tree()
547 s->s_flags |= SB_ACTIVE; in ecryptfs_get_tree()
548 fc->root = dget(s->s_root); in ecryptfs_get_tree()
557 ecryptfs_destroy_mount_crypt_stat(&sbi->mount_crypt_stat); in ecryptfs_get_tree()
575 mntput(sb_info->lower_mnt); in ecryptfs_kill_block_super()
576 ecryptfs_destroy_mount_crypt_stat(&sb_info->mount_crypt_stat); in ecryptfs_kill_block_super()
582 struct ecryptfs_fs_context *ctx = fc->fs_private; in ecryptfs_free_fc()
583 struct ecryptfs_sb_info *sbi = fc->s_fs_info; in ecryptfs_free_fc()
588 ecryptfs_destroy_mount_crypt_stat(&sbi->mount_crypt_stat); in ecryptfs_free_fc()
607 return -ENOMEM; in ecryptfs_init_fs_context()
612 return -ENOMEM; in ecryptfs_init_fs_context()
615 ecryptfs_init_mount_crypt_stat(&sbi->mount_crypt_stat); in ecryptfs_init_fs_context()
617 fc->fs_private = ctx; in ecryptfs_init_fs_context()
618 fc->s_fs_info = sbi; in ecryptfs_init_fs_context()
619 fc->ops = &ecryptfs_context_ops; in ecryptfs_init_fs_context()
643 inode_init_once(&ei->vfs_inode); in inode_info_init_once()
721 kmem_cache_destroy(*(info->cache)); in ecryptfs_free_kmem_caches()
728 * Returns zero on success; non-zero otherwise
738 *(info->cache) = kmem_cache_create(info->name, info->size, 0, in ecryptfs_init_kmem_caches()
739 SLAB_HWCACHE_ALIGN | info->flags, info->ctor); in ecryptfs_init_kmem_caches()
740 if (!*(info->cache)) { in ecryptfs_init_kmem_caches()
744 info->name); in ecryptfs_init_kmem_caches()
745 return -ENOMEM; in ecryptfs_init_kmem_caches()
777 rc = -ENOMEM; in do_sysfs_registration()
801 rc = -EINVAL; in ecryptfs_init()