eCryptfs

Merge lp:~ecryptfs/ecryptfs/ecryptfs-utils into lp:~mhlavink/ecryptfs/20090424

ecryptfs-utils
Merge into 20090424

Proposed by david on 2009-09-28

Status:

Merged

Merge reported by:

Dustin Kirkland 

Merged at revision:

not available

Proposed branch:

lp:~ecryptfs/ecryptfs/ecryptfs-utils

Merge into:

lp:~mhlavink/ecryptfs/20090424

Diff against target:

5798 lines (+2544/-987)

72 files modified

README (+0/-5)
configure.ac (+4/-17)
debian/changelog (+311/-1)
debian/control (+49/-9)
debian/copyright (+10/-5)
debian/ecryptfs-utils.dirs (+0/-2)
debian/ecryptfs-utils.ecryptfs-utils-restore.upstart (+26/-0)
debian/ecryptfs-utils.ecryptfs-utils-save.upstart (+26/-0)
debian/ecryptfs-utils.install (+2/-1)
debian/ecryptfs-utils.postinst (+11/-35)
debian/libecryptfs0.shlibs (+1/-1)
debian/lintian/ecryptfs-utils (+13/-0)
debian/local/ecryptfs-utils.pam-auth-update (+3/-3)
debian/po/POTFILES.sh (+5/-0)
debian/po/ecryptfs-utils.pot (+407/-0)
debian/po/fr.po (+389/-0)
debian/rules (+38/-19)
doc/Makefile.am (+1/-2)
doc/ecryptfs-mount-private.txt (+1/-1)
doc/manpage/Makefile.am (+3/-0)
doc/manpage/ecryptfs-mount-private.1 (+2/-2)
doc/manpage/ecryptfs-rewrite-file.1 (+1/-1)
doc/manpage/ecryptfs-setup-private.1 (+2/-2)
doc/manpage/ecryptfs-setup-swap.1 (+29/-0)
doc/manpage/ecryptfs-stat.1 (+18/-0)
doc/manpage/ecryptfs.7 (+7/-135)
doc/manpage/mount.ecryptfs_private.1 (+1/-1)
doc/manpage/umount.ecryptfs.8 (+23/-0)
doc/manpage/umount.ecryptfs_private.1 (+1/-1)
doc/sourceforge_webpage/README (+0/-5)
lintian/ecryptfs-utils (+12/-0)
scripts/build-ubuntu.sh (+1/-1)
scripts/release.sh (+6/-2)
src/desktop/Makefile.am (+2/-1)
src/desktop/ecryptfs-record-passphrase (+6/-3)
src/include/ecryptfs.h (+5/-0)
src/key_mod/ecryptfs_key_mod_gpg.c (+5/-8)
src/key_mod/ecryptfs_key_mod_openssl.c (+28/-2)
src/key_mod/ecryptfs_key_mod_pkcs11_helper.c (+4/-3)
src/key_mod/ecryptfs_key_mod_tspi.c (+7/-3)
src/libecryptfs-swig/libecryptfs.i (+1/-1)
src/libecryptfs-swig/libecryptfs.py (+1/-1)
src/libecryptfs-swig/libecryptfs_wrap.c (+88/-47)
src/libecryptfs/cipher_list.c (+1/-1)
src/libecryptfs/cmd_ln_parser.c (+1/-1)
src/libecryptfs/decision_graph.c (+39/-13)
src/libecryptfs/key_management.c (+40/-102)
src/libecryptfs/libecryptfs.pc.in (+2/-2)
src/libecryptfs/main.c (+108/-30)
src/libecryptfs/module_mgr.c (+57/-11)
src/pam_ecryptfs/Makefile.am (+2/-2)
src/pam_ecryptfs/pam_ecryptfs.c (+66/-51)
src/python/ecryptfsapi.py (+82/-0)
src/utils/Makefile.am (+4/-3)
src/utils/ecryptfs-dot-private (+0/-34)
src/utils/ecryptfs-migrate-home (+195/-0)
src/utils/ecryptfs-mount-private (+8/-7)
src/utils/ecryptfs-rewrite-file (+29/-15)
src/utils/ecryptfs-setup-private (+125/-126)
src/utils/ecryptfs-setup-swap (+100/-89)
src/utils/ecryptfs-umount-private (+14/-16)
src/utils/ecryptfs_add_passphrase.c (+11/-7)
src/utils/ecryptfs_generate_tpm_key.c (+4/-1)
src/utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c (+15/-5)
src/utils/ecryptfs_rewrap_passphrase.c (+0/-1)
src/utils/ecryptfs_unwrap_passphrase.c (+12/-3)
src/utils/ecryptfs_wrap_passphrase.c (+0/-1)
src/utils/io.c (+29/-12)
src/utils/manager.c (+1/-1)
src/utils/mount.ecryptfs.c (+13/-26)
src/utils/mount.ecryptfs_private.c (+32/-107)
src/utils/umount.ecryptfs.c (+4/-0)

To merge this branch:

bzr merge lp:~ecryptfs/ecryptfs/ecryptfs-utils

Related bugs:

Bug #386504: eCryptfs has generic/confusing error message for too long a passphrase	Wishlist	Fix Released
Bug #387073: BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	High	Fix Released
Bug #408437: typo 'Filname' in module_mgr.c:215	Wishlist	Fix Released
Bug #430890: error messages only report 1 word	Wishlist	Fix Released
Bug #430891: failures from dmsetup visible on stderr when running	Wishlist	Fix Released
Bug #445301: ecryptfs-setup-private creates .ecryptfs dir with wrong permissions when GID is different than UID	High	Fix Released
Bug #456565: /usr/bin/ecryptfs-setup-private: 294: getext: not found	Medium	Fix Released
Bug #471725: ecryptfs-setup-private test step fails, bad error message "Sessions still open, not unmounting" "ERROR: Could"	Medium	Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Dustin Kirkland  (community)			Needs Information on 2012-04-26
Review via email: mp+12512@code.launchpad.net

Revision history for this message

david (davidelizondo2006) wrote on 2009-09-28:

diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index 2f0945d..056fed6 100644 (file)
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -476,6 +476,7 @@ static int ecryptfs_unlink(struct inode *dir, struct dentry *dentry)
struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
struct dentry *lower_dir_dentry;

+ dget(lower_dentry);
        lower_dir_dentry = lock_parent(lower_dentry);
        rc = vfs_unlink(lower_dir_inode, lower_dentry);
        if (rc) {
@@ -489,6 +490,7 @@ static int ecryptfs_unlink(struct inode *dir, struct dentry *dentry)
        d_drop(dentry);
out_unlock:
        unlock_dir(lower_dir_dentry);
+ dput(lower_dentry);
        return rc;
}

test ......

http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=blob;f=fs/ecryptfs/inode.c;h=2f0945d632970511ba189a0ef8595e918c10b693;hb=96a7b9c2f5df899f302ade45cf17ad753fe130fd

Revision history for this message

david (davidelizondo2006) wrote on 2009-09-28:

> diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> index 2f0945d..056fed6 100644 (file)
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -476,6 +476,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> dentry *dentry)
> struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
> struct dentry *lower_dir_dentry;
>
> + dget(lower_dentry);
> lower_dir_dentry = lock_parent(lower_dentry);
> rc = vfs_unlink(lower_dir_inode, lower_dentry);
> if (rc) {
> @@ -489,6 +490,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> dentry *dentry)
> d_drop(dentry);
> out_unlock:
> unlock_dir(lower_dir_dentry);
> + dput(lower_dentry);
> return rc;
> }
>
> test ......
>
> http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=blob;f=fs/ecry
> ptfs/inode.c;h=2f0945d632970511ba189a0ef8595e918c10b693;hb=96a7b9c2f5df899f302
> ade45cf17ad753fe130fd

Merge branch 'for-linus' of git://git./linux/kernel/git/ecryptfs/ecryptfs-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
  eCryptfs: Prevent lower dentry from going negative during unlink
  eCryptfs: Propagate vfs_read and vfs_write return codes
  eCryptfs: Validate global auth tok keys
  eCryptfs: Filename encryption only supports password auth tokens
  eCryptfs: Check for O_RDONLY lower inodes when opening lower files
  eCryptfs: Handle unrecognized tag 3 cipher codes
  ecryptfs: improved dependency checking and reporting
  eCryptfs: Fix lockdep-reported AB-BA mutex issue
  ecryptfs: Remove unneeded locking that triggers lockdep false positives

Revision history for this message

david (davidelizondo2006) wrote on 2009-09-28:

Download full text (98.9 KiB)

> > diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> > index 2f0945d..056fed6 100644 (file)
> > --- a/fs/ecryptfs/inode.c
> > +++ b/fs/ecryptfs/inode.c
> > @@ -476,6 +476,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > dentry *dentry)
> > struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
> > struct dentry *lower_dir_dentry;
> >
> > + dget(lower_dentry);
> > lower_dir_dentry = lock_parent(lower_dentry);
> > rc = vfs_unlink(lower_dir_inode, lower_dentry);
> > if (rc) {
> > @@ -489,6 +490,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > dentry *dentry)
> > d_drop(dentry);
> > out_unlock:
> > unlock_dir(lower_dir_dentry);
> > + dput(lower_dentry);
> > return rc;
> > }
> >
> > test ......
> >
> > http://git.kernel.org/?p=linux/kernel/git/next/linux-
> next.git;a=blob;f=fs/ecry
> >
> ptfs/inode.c;h=2f0945d632970511ba189a0ef8595e918c10b693;hb=96a7b9c2f5df899f302
> > ade45cf17ad753fe130fd
>
>
> Merge branch 'for-linus' of git://git./linux/kernel/git/ecryptfs/ecryptfs-2.6
>
> * 'for-linus' of
> git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
> eCryptfs: Prevent lower dentry from going negative during unlink
> eCryptfs: Propagate vfs_read and vfs_write return codes
> eCryptfs: Validate global auth tok keys
> eCryptfs: Filename encryption only supports password auth tokens
> eCryptfs: Check for O_RDONLY lower inodes when opening lower files
> eCryptfs: Handle unrecognized tag 3 cipher codes
> ecryptfs: improved dependency checking and reporting
> eCryptfs: Fix lockdep-reported AB-BA mutex issue
> ecryptfs: Remove unneeded locking that triggers lockdep false positives

1 config ECRYPT_FS
2 tristate "eCrypt filesystem layer support (EXPERIMENTAL)"
3 depends on EXPERIMENTAL && KEYS && NET
4 select CRYPTO_ECB
5 select CRYPTO_CBC
6 help
7 Encrypted filesystem that operates on the VFS layer. See
8 <file:Documentation/filesystems/ecryptfs.txt> to learn more about
9 eCryptfs. Userspace components are required and can be
10 obtained from <http://ecryptfs.sf.net>.
11
12 To compile this file system support as a module, choose M here: the
13 module will be called ecryptfs.

> > diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> > index 2f0945d..056fed6 100644 (file)
> > --- a/fs/ecryptfs/inode.c
> > +++ b/fs/ecryptfs/inode.c
> > @@ -476,6 +476,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > dentry *dentry)
> >         struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
> >         struct dentry *lower_dir_dentry;
> >
> > +       dget(lower_dentry);
> >         lower_dir_dentry = lock_parent(lower_dentry);
> >         rc = vfs_unlink(lower_dir_inode, lower_dentry);
> >         if (rc) {
> > @@ -489,6 +490,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > dentry *dentry)
> >         d_drop(dentry);
> >  out_unlock:
> >         unlock_dir(lower_dir_dentry);
> > +       dput(lower_dentry);
> >         return rc;
> >  }
> >
> >   test ......
> >
> > http://git.kernel.org/?p=linux/kernel/git/next/linux-
> next.git;a=blob;f=fs/ecry
> >
> ptfs/inode.c;h=2f0945d632970511ba189a0ef8595e918c10b693;hb=96a7b9c2f5df899f302
> > ade45cf17ad753fe130fd
> 
> 
> Merge branch 'for-linus' of git://git./linux/kernel/git/ecryptfs/ecryptfs-2.6
> 
> * 'for-linus' of
> git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
>   eCryptfs: Prevent lower dentry from going negative during unlink
>   eCryptfs: Propagate vfs_read and vfs_write return codes
>   eCryptfs: Validate global auth tok keys
>   eCryptfs: Filename encryption only supports password auth tokens
>   eCryptfs: Check for O_RDONLY lower inodes when opening lower files
>   eCryptfs: Handle unrecognized tag 3 cipher codes
>   ecryptfs: improved dependency checking and reporting
>   eCryptfs: Fix lockdep-reported AB-BA mutex issue
>   ecryptfs: Remove unneeded locking that triggers lockdep false positives

1 config ECRYPT_FS
2         tristate "eCrypt filesystem layer support (EXPERIMENTAL)"
3         depends on EXPERIMENTAL && KEYS && NET
4         select CRYPTO_ECB
5         select CRYPTO_CBC
6         help
7           Encrypted filesystem that operates on the VFS layer.  See
8           <file:Documentation/filesystems/ecryptfs.txt> to learn more about
9           eCryptfs.  Userspace components are required and can be
10           obtained from <http://ecryptfs.sf.net>.
11
12           To compile this file system support as a module, choose M here: the
13           module will be called ecryptfs.

#######################################################################################
/**
2  * eCryptfs: Linux filesystem encryption layer
3  *
4  * Copyright (C) 1997-2004 Erez Zadok
5  * Copyright (C) 2001-2004 Stony Brook University
6  * Copyright (C) 2004-2007 International Business Machines Corp.
7  *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
8  *              Michael C. Thompson <mcthomps@us.ibm.com>
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License as
12  * published by the Free Software Foundation; either version 2 of the
13  * License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful, but
16  * WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
18  * General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
23  * 02111-1307, USA.
24  */
25
26 #include <linux/fs.h>
27 #include <linux/mount.h>
28 #include <linux/pagemap.h>
29 #include <linux/random.h>
30 #include <linux/compiler.h>
31 #include <linux/key.h>
32 #include <linux/namei.h>
33 #include <linux/crypto.h>
34 #include <linux/file.h>
35 #include <linux/scatterlist.h>
36 #include <asm/unaligned.h>
37 #include "ecryptfs_kernel.h"
38
39 static int
40 ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
41                              struct page *dst_page, int dst_offset,
42                              struct page *src_page, int src_offset, int size,
43                              unsigned char *iv);
44 static int
45 ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
46                              struct page *dst_page, int dst_offset,
47                              struct page *src_page, int src_offset, int size,
48                              unsigned char *iv);
49
50 /**
51  * ecryptfs_to_hex
52  * @dst: Buffer to take hex character representation of contents of
53  *       src; must be at least of size (src_size * 2)
54  * @src: Buffer to be converted to a hex string respresentation
55  * @src_size: number of bytes to convert
56  */
57 void ecryptfs_to_hex(char *dst, char *src, size_t src_size)
58 {
59         int x;
60
61         for (x = 0; x < src_size; x++)
62                 sprintf(&dst[x * 2], "%.2x", (unsigned char)src[x]);
63 }
64
65 /**
66  * ecryptfs_from_hex
67  * @dst: Buffer to take the bytes from src hex; must be at least of
68  *       size (src_size / 2)
69  * @src: Buffer to be converted from a hex string respresentation to raw value
70  * @dst_size: size of dst buffer, or number of hex characters pairs to convert
71  */
72 void ecryptfs_from_hex(char *dst, char *src, int dst_size)
73 {
74         int x;
75         char tmp[3] = { 0, };
76
77         for (x = 0; x < dst_size; x++) {
78                 tmp[0] = src[x * 2];
79                 tmp[1] = src[x * 2 + 1];
80                 dst[x] = (unsigned char)simple_strtol(tmp, NULL, 16);
81         }
82 }
83
84 /**
85  * ecryptfs_calculate_md5 - calculates the md5 of @src
86  * @dst: Pointer to 16 bytes of allocated memory
87  * @crypt_stat: Pointer to crypt_stat struct for the current inode
88  * @src: Data to be md5'd
89  * @len: Length of @src
90  *
91  * Uses the allocated crypto context that crypt_stat references to
92  * generate the MD5 sum of the contents of src.
93  */
94 static int ecryptfs_calculate_md5(char *dst,
95                                   struct ecryptfs_crypt_stat *crypt_stat,
96                                   char *src, int len)
97 {
98         struct scatterlist sg;
99         struct hash_desc desc = {
100                 .tfm = crypt_stat->hash_tfm,
101                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
102         };
103         int rc = 0;
104
105         mutex_lock(&crypt_stat->cs_hash_tfm_mutex);
106         sg_init_one(&sg, (u8 *)src, len);
107         if (!desc.tfm) {
108                 desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
109                                              CRYPTO_ALG_ASYNC);
110                 if (IS_ERR(desc.tfm)) {
111                         rc = PTR_ERR(desc.tfm);
112                         ecryptfs_printk(KERN_ERR, "Error attempting to "
113                                         "allocate crypto context; rc = [%d]\n",
114                                         rc);
115                         goto out;
116                 }
117                 crypt_stat->hash_tfm = desc.tfm;
118         }
119         rc = crypto_hash_init(&desc);
120         if (rc) {
121                 printk(KERN_ERR
122                        "%s: Error initializing crypto hash; rc = [%d]\n",
123                        __func__, rc);
124                 goto out;
125         }
126         rc = crypto_hash_update(&desc, &sg, len);
127         if (rc) {
128                 printk(KERN_ERR
129                        "%s: Error updating crypto hash; rc = [%d]\n",
130                        __func__, rc);
131                 goto out;
132         }
133         rc = crypto_hash_final(&desc, dst);
134         if (rc) {
135                 printk(KERN_ERR
136                        "%s: Error finalizing crypto hash; rc = [%d]\n",
137                        __func__, rc);
138                 goto out;
139         }
140 out:
141         mutex_unlock(&crypt_stat->cs_hash_tfm_mutex);
142         return rc;
143 }
144
145 static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name,
146                                                   char *cipher_name,
147                                                   char *chaining_modifier)
148 {
149         int cipher_name_len = strlen(cipher_name);
150         int chaining_modifier_len = strlen(chaining_modifier);
151         int algified_name_len;
152         int rc;
153
154         algified_name_len = (chaining_modifier_len + cipher_name_len + 3);
155         (*algified_name) = kmalloc(algified_name_len, GFP_KERNEL);
156         if (!(*algified_name)) {
157                 rc = -ENOMEM;
158                 goto out;
159         }
160         snprintf((*algified_name), algified_name_len, "%s(%s)",
161                  chaining_modifier, cipher_name);
162         rc = 0;
163 out:
164         return rc;
165 }
166
167 /**
168  * ecryptfs_derive_iv
169  * @iv: destination for the derived iv vale
170  * @crypt_stat: Pointer to crypt_stat struct for the current inode
171  * @offset: Offset of the extent whose IV we are to derive
172  *
173  * Generate the initialization vector from the given root IV and page
174  * offset.
175  *
176  * Returns zero on success; non-zero on error.
177  */
178 int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
179                        loff_t offset)
180 {
181         int rc = 0;
182         char dst[MD5_DIGEST_SIZE];
183         char src[ECRYPTFS_MAX_IV_BYTES + 16];
184
185         if (unlikely(ecryptfs_verbosity > 0)) {
186                 ecryptfs_printk(KERN_DEBUG, "root iv:\n");
187                 ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes);
188         }
189         /* TODO: It is probably secure to just cast the least
190          * significant bits of the root IV into an unsigned long and
191          * add the offset to that rather than go through all this
192          * hashing business. -Halcrow */
193         memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);
194         memset((src + crypt_stat->iv_bytes), 0, 16);
195         snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);
196         if (unlikely(ecryptfs_verbosity > 0)) {
197                 ecryptfs_printk(KERN_DEBUG, "source:\n");
198                 ecryptfs_dump_hex(src, (crypt_stat->iv_bytes + 16));
199         }
200         rc = ecryptfs_calculate_md5(dst, crypt_stat, src,
201                                     (crypt_stat->iv_bytes + 16));
202         if (rc) {
203                 ecryptfs_printk(KERN_WARNING, "Error attempting to compute "
204                                 "MD5 while generating IV for a page\n");
205                 goto out;
206         }
207         memcpy(iv, dst, crypt_stat->iv_bytes);
208         if (unlikely(ecryptfs_verbosity > 0)) {
209                 ecryptfs_printk(KERN_DEBUG, "derived iv:\n");
210                 ecryptfs_dump_hex(iv, crypt_stat->iv_bytes);
211         }
212 out:
213         return rc;
214 }
215
216 /**
217  * ecryptfs_init_crypt_stat
218  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
219  *
220  * Initialize the crypt_stat structure.
221  */
222 void
223 ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
224 {
225         memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
226         INIT_LIST_HEAD(&crypt_stat->keysig_list);
227         mutex_init(&crypt_stat->keysig_list_mutex);
228         mutex_init(&crypt_stat->cs_mutex);
229         mutex_init(&crypt_stat->cs_tfm_mutex);
230         mutex_init(&crypt_stat->cs_hash_tfm_mutex);
231         crypt_stat->flags |= ECRYPTFS_STRUCT_INITIALIZED;
232 }
233
234 /**
235  * ecryptfs_destroy_crypt_stat
236  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
237  *
238  * Releases all memory associated with a crypt_stat struct.
239  */
240 void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
241 {
242         struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
243
244         if (crypt_stat->tfm)
245                 crypto_free_blkcipher(crypt_stat->tfm);
246         if (crypt_stat->hash_tfm)
247                 crypto_free_hash(crypt_stat->hash_tfm);
248         list_for_each_entry_safe(key_sig, key_sig_tmp,
249                                  &crypt_stat->keysig_list, crypt_stat_list) {
250                 list_del(&key_sig->crypt_stat_list);
251                 kmem_cache_free(ecryptfs_key_sig_cache, key_sig);
252         }
253         memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
254 }
255
256 void ecryptfs_destroy_mount_crypt_stat(
257         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
258 {
259         struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp;
260
261         if (!(mount_crypt_stat->flags & ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED))
262                 return;
263         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
264         list_for_each_entry_safe(auth_tok, auth_tok_tmp,
265                                  &mount_crypt_stat->global_auth_tok_list,
266                                  mount_crypt_stat_list) {
267                 list_del(&auth_tok->mount_crypt_stat_list);
268                 mount_crypt_stat->num_global_auth_toks--;
269                 if (auth_tok->global_auth_tok_key
270                     && !(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID))
271                         key_put(auth_tok->global_auth_tok_key);
272                 kmem_cache_free(ecryptfs_global_auth_tok_cache, auth_tok);
273         }
274         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
275         memset(mount_crypt_stat, 0, sizeof(struct ecryptfs_mount_crypt_stat));
276 }
277
278 /**
279  * virt_to_scatterlist
280  * @addr: Virtual address
281  * @size: Size of data; should be an even multiple of the block size
282  * @sg: Pointer to scatterlist array; set to NULL to obtain only
283  *      the number of scatterlist structs required in array
284  * @sg_size: Max array size
285  *
286  * Fills in a scatterlist array with page references for a passed
287  * virtual address.
288  *
289  * Returns the number of scatterlist structs in array used
290  */
291 int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg,
292                         int sg_size)
293 {
294         int i = 0;
295         struct page *pg;
296         int offset;
297         int remainder_of_page;
298
299         sg_init_table(sg, sg_size);
300
301         while (size > 0 && i < sg_size) {
302                 pg = virt_to_page(addr);
303                 offset = offset_in_page(addr);
304                 if (sg)
305                         sg_set_page(&sg[i], pg, 0, offset);
306                 remainder_of_page = PAGE_CACHE_SIZE - offset;
307                 if (size >= remainder_of_page) {
308                         if (sg)
309                                 sg[i].length = remainder_of_page;
310                         addr += remainder_of_page;
311                         size -= remainder_of_page;
312                 } else {
313                         if (sg)
314                                 sg[i].length = size;
315                         addr += size;
316                         size = 0;
317                 }
318                 i++;
319         }
320         if (size > 0)
321                 return -ENOMEM;
322         return i;
323 }
324
325 /**
326  * encrypt_scatterlist
327  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
328  * @dest_sg: Destination of encrypted data
329  * @src_sg: Data to be encrypted
330  * @size: Length of data to be encrypted
331  * @iv: iv to use during encryption
332  *
333  * Returns the number of bytes encrypted; negative value on error
334  */
335 static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
336                                struct scatterlist *dest_sg,
337                                struct scatterlist *src_sg, int size,
338                                unsigned char *iv)
339 {
340         struct blkcipher_desc desc = {
341                 .tfm = crypt_stat->tfm,
342                 .info = iv,
343                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
344         };
345         int rc = 0;
346
347         BUG_ON(!crypt_stat || !crypt_stat->tfm
348                || !(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED));
349         if (unlikely(ecryptfs_verbosity > 0)) {
350                 ecryptfs_printk(KERN_DEBUG, "Key size [%d]; key:\n",
351                                 crypt_stat->key_size);
352                 ecryptfs_dump_hex(crypt_stat->key,
353                                   crypt_stat->key_size);
354         }
355         /* Consider doing this once, when the file is opened */
356         mutex_lock(&crypt_stat->cs_tfm_mutex);
357         if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
358                 rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
359                                              crypt_stat->key_size);
360                 crypt_stat->flags |= ECRYPTFS_KEY_SET;
361         }
362         if (rc) {
363                 ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
364                                 rc);
365                 mutex_unlock(&crypt_stat->cs_tfm_mutex);
366                 rc = -EINVAL;
367                 goto out;
368         }
369         ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes.\n", size);
370         crypto_blkcipher_encrypt_iv(&desc, dest_sg, src_sg, size);
371         mutex_unlock(&crypt_stat->cs_tfm_mutex);
372 out:
373         return rc;
374 }
375
376 /**
377  * ecryptfs_lower_offset_for_extent
378  *
379  * Convert an eCryptfs page index into a lower byte offset
380  */
381 static void ecryptfs_lower_offset_for_extent(loff_t *offset, loff_t extent_num,
382                                              struct ecryptfs_crypt_stat *crypt_stat)
383 {
384         (*offset) = (crypt_stat->num_header_bytes_at_front
385                      + (crypt_stat->extent_size * extent_num));
386 }
387
388 /**
389  * ecryptfs_encrypt_extent
390  * @enc_extent_page: Allocated page into which to encrypt the data in
391  *                   @page
392  * @crypt_stat: crypt_stat containing cryptographic context for the
393  *              encryption operation
394  * @page: Page containing plaintext data extent to encrypt
395  * @extent_offset: Page extent offset for use in generating IV
396  *
397  * Encrypts one extent of data.
398  *
399  * Return zero on success; non-zero otherwise
400  */
401 static int ecryptfs_encrypt_extent(struct page *enc_extent_page,
402                                    struct ecryptfs_crypt_stat *crypt_stat,
403                                    struct page *page,
404                                    unsigned long extent_offset)
405 {
406         loff_t extent_base;
407         char extent_iv[ECRYPTFS_MAX_IV_BYTES];
408         int rc;
409
410         extent_base = (((loff_t)page->index)
411                        * (PAGE_CACHE_SIZE / crypt_stat->extent_size));
412         rc = ecryptfs_derive_iv(extent_iv, crypt_stat,
413                                 (extent_base + extent_offset));
414         if (rc) {
415                 ecryptfs_printk(KERN_ERR, "Error attempting to "
416                                 "derive IV for extent [0x%.16x]; "
417                                 "rc = [%d]\n", (extent_base + extent_offset),
418                                 rc);
419                 goto out;
420         }
421         if (unlikely(ecryptfs_verbosity > 0)) {
422                 ecryptfs_printk(KERN_DEBUG, "Encrypting extent "
423                                 "with iv:\n");
424                 ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
425                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
426                                 "encryption:\n");
427                 ecryptfs_dump_hex((char *)
428                                   (page_address(page)
429                                    + (extent_offset * crypt_stat->extent_size)),
430                                   8);
431         }
432         rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0,
433                                           page, (extent_offset
434                                                  * crypt_stat->extent_size),
435                                           crypt_stat->extent_size, extent_iv);
436         if (rc < 0) {
437                 printk(KERN_ERR "%s: Error attempting to encrypt page with "
438                        "page->index = [%ld], extent_offset = [%ld]; "
439                        "rc = [%d]\n", __func__, page->index, extent_offset,
440                        rc);
441                 goto out;
442         }
443         rc = 0;
444         if (unlikely(ecryptfs_verbosity > 0)) {
445                 ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; "
446                                 "rc = [%d]\n", (extent_base + extent_offset),
447                                 rc);
448                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
449                                 "encryption:\n");
450                 ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8);
451         }
452 out:
453         return rc;
454 }
455
456 /**
457  * ecryptfs_encrypt_page
458  * @page: Page mapped from the eCryptfs inode for the file; contains
459  *        decrypted content that needs to be encrypted (to a temporary
460  *        page; not in place) and written out to the lower file
461  *
462  * Encrypt an eCryptfs page. This is done on a per-extent basis. Note
463  * that eCryptfs pages may straddle the lower pages -- for instance,
464  * if the file was created on a machine with an 8K page size
465  * (resulting in an 8K header), and then the file is copied onto a
466  * host with a 32K page size, then when reading page 0 of the eCryptfs
467  * file, 24K of page 0 of the lower file will be read and decrypted,
468  * and then 8K of page 1 of the lower file will be read and decrypted.
469  *
470  * Returns zero on success; negative on error
471  */
472 int ecryptfs_encrypt_page(struct page *page)
473 {
474         struct inode *ecryptfs_inode;
475         struct ecryptfs_crypt_stat *crypt_stat;
476         char *enc_extent_virt;
477         struct page *enc_extent_page = NULL;
478         loff_t extent_offset;
479         int rc = 0;
480
481         ecryptfs_inode = page->mapping->host;
482         crypt_stat =
483                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
484         BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
485         enc_extent_page = alloc_page(GFP_USER);
486         if (!enc_extent_page) {
487                 rc = -ENOMEM;
488                 ecryptfs_printk(KERN_ERR, "Error allocating memory for "
489                                 "encrypted extent\n");
490                 goto out;
491         }
492         enc_extent_virt = kmap(enc_extent_page);
493         for (extent_offset = 0;
494              extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
495              extent_offset++) {
496                 loff_t offset;
497
498                 rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat, page,
499                                              extent_offset);
500                 if (rc) {
501                         printk(KERN_ERR "%s: Error encrypting extent; "
502                                "rc = [%d]\n", __func__, rc);
503                         goto out;
504                 }
505                 ecryptfs_lower_offset_for_extent(
506                         &offset, ((((loff_t)page->index)
507                                    * (PAGE_CACHE_SIZE
508                                       / crypt_stat->extent_size))
509                                   + extent_offset), crypt_stat);
510                 rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt,
511                                           offset, crypt_stat->extent_size);
512                 if (rc < 0) {
513                         ecryptfs_printk(KERN_ERR, "Error attempting "
514                                         "to write lower page; rc = [%d]"
515                                         "\n", rc);
516                         goto out;
517                 }
518         }
519         rc = 0;
520 out:
521         if (enc_extent_page) {
522                 kunmap(enc_extent_page);
523                 __free_page(enc_extent_page);
524         }
525         return rc;
526 }
527
528 static int ecryptfs_decrypt_extent(struct page *page,
529                                    struct ecryptfs_crypt_stat *crypt_stat,
530                                    struct page *enc_extent_page,
531                                    unsigned long extent_offset)
532 {
533         loff_t extent_base;
534         char extent_iv[ECRYPTFS_MAX_IV_BYTES];
535         int rc;
536
537         extent_base = (((loff_t)page->index)
538                        * (PAGE_CACHE_SIZE / crypt_stat->extent_size));
539         rc = ecryptfs_derive_iv(extent_iv, crypt_stat,
540                                 (extent_base + extent_offset));
541         if (rc) {
542                 ecryptfs_printk(KERN_ERR, "Error attempting to "
543                                 "derive IV for extent [0x%.16x]; "
544                                 "rc = [%d]\n", (extent_base + extent_offset),
545                                 rc);
546                 goto out;
547         }
548         if (unlikely(ecryptfs_verbosity > 0)) {
549                 ecryptfs_printk(KERN_DEBUG, "Decrypting extent "
550                                 "with iv:\n");
551                 ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
552                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
553                                 "decryption:\n");
554                 ecryptfs_dump_hex((char *)
555                                   (page_address(enc_extent_page)
556                                    + (extent_offset * crypt_stat->extent_size)),
557                                   8);
558         }
559         rc = ecryptfs_decrypt_page_offset(crypt_stat, page,
560                                           (extent_offset
561                                            * crypt_stat->extent_size),
562                                           enc_extent_page, 0,
563                                           crypt_stat->extent_size, extent_iv);
564         if (rc < 0) {
565                 printk(KERN_ERR "%s: Error attempting to decrypt to page with "
566                        "page->index = [%ld], extent_offset = [%ld]; "
567                        "rc = [%d]\n", __func__, page->index, extent_offset,
568                        rc);
569                 goto out;
570         }
571         rc = 0;
572         if (unlikely(ecryptfs_verbosity > 0)) {
573                 ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; "
574                                 "rc = [%d]\n", (extent_base + extent_offset),
575                                 rc);
576                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
577                                 "decryption:\n");
578                 ecryptfs_dump_hex((char *)(page_address(page)
579                                            + (extent_offset
580                                               * crypt_stat->extent_size)), 8);
581         }
582 out:
583         return rc;
584 }
585
586 /**
587  * ecryptfs_decrypt_page
588  * @page: Page mapped from the eCryptfs inode for the file; data read
589  *        and decrypted from the lower file will be written into this
590  *        page
591  *
592  * Decrypt an eCryptfs page. This is done on a per-extent basis. Note
593  * that eCryptfs pages may straddle the lower pages -- for instance,
594  * if the file was created on a machine with an 8K page size
595  * (resulting in an 8K header), and then the file is copied onto a
596  * host with a 32K page size, then when reading page 0 of the eCryptfs
597  * file, 24K of page 0 of the lower file will be read and decrypted,
598  * and then 8K of page 1 of the lower file will be read and decrypted.
599  *
600  * Returns zero on success; negative on error
601  */
602 int ecryptfs_decrypt_page(struct page *page)
603 {
604         struct inode *ecryptfs_inode;
605         struct ecryptfs_crypt_stat *crypt_stat;
606         char *enc_extent_virt;
607         struct page *enc_extent_page = NULL;
608         unsigned long extent_offset;
609         int rc = 0;
610
611         ecryptfs_inode = page->mapping->host;
612         crypt_stat =
613                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
614         BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
615         enc_extent_page = alloc_page(GFP_USER);
616         if (!enc_extent_page) {
617                 rc = -ENOMEM;
618                 ecryptfs_printk(KERN_ERR, "Error allocating memory for "
619                                 "encrypted extent\n");
620                 goto out;
621         }
622         enc_extent_virt = kmap(enc_extent_page);
623         for (extent_offset = 0;
624              extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
625              extent_offset++) {
626                 loff_t offset;
627
628                 ecryptfs_lower_offset_for_extent(
629                         &offset, ((page->index * (PAGE_CACHE_SIZE
630                                                   / crypt_stat->extent_size))
631                                   + extent_offset), crypt_stat);
632                 rc = ecryptfs_read_lower(enc_extent_virt, offset,
633                                          crypt_stat->extent_size,
634                                          ecryptfs_inode);
635                 if (rc < 0) {
636                         ecryptfs_printk(KERN_ERR, "Error attempting "
637                                         "to read lower page; rc = [%d]"
638                                         "\n", rc);
639                         goto out;
640                 }
641                 rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page,
642                                              extent_offset);
643                 if (rc) {
644                         printk(KERN_ERR "%s: Error encrypting extent; "
645                                "rc = [%d]\n", __func__, rc);
646                         goto out;
647                 }
648         }
649 out:
650         if (enc_extent_page) {
651                 kunmap(enc_extent_page);
652                 __free_page(enc_extent_page);
653         }
654         return rc;
655 }
656
657 /**
658  * decrypt_scatterlist
659  * @crypt_stat: Cryptographic context
660  * @dest_sg: The destination scatterlist to decrypt into
661  * @src_sg: The source scatterlist to decrypt from
662  * @size: The number of bytes to decrypt
663  * @iv: The initialization vector to use for the decryption
664  *
665  * Returns the number of bytes decrypted; negative value on error
666  */
667 static int decrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
668                                struct scatterlist *dest_sg,
669                                struct scatterlist *src_sg, int size,
670                                unsigned char *iv)
671 {
672         struct blkcipher_desc desc = {
673                 .tfm = crypt_stat->tfm,
674                 .info = iv,
675                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
676         };
677         int rc = 0;
678
679         /* Consider doing this once, when the file is opened */
680         mutex_lock(&crypt_stat->cs_tfm_mutex);
681         rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
682                                      crypt_stat->key_size);
683         if (rc) {
684                 ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
685                                 rc);
686                 mutex_unlock(&crypt_stat->cs_tfm_mutex);
687                 rc = -EINVAL;
688                 goto out;
689         }
690         ecryptfs_printk(KERN_DEBUG, "Decrypting [%d] bytes.\n", size);
691         rc = crypto_blkcipher_decrypt_iv(&desc, dest_sg, src_sg, size);
692         mutex_unlock(&crypt_stat->cs_tfm_mutex);
693         if (rc) {
694                 ecryptfs_printk(KERN_ERR, "Error decrypting; rc = [%d]\n",
695                                 rc);
696                 goto out;
697         }
698         rc = size;
699 out:
700         return rc;
701 }
702
703 /**
704  * ecryptfs_encrypt_page_offset
705  * @crypt_stat: The cryptographic context
706  * @dst_page: The page to encrypt into
707  * @dst_offset: The offset in the page to encrypt into
708  * @src_page: The page to encrypt from
709  * @src_offset: The offset in the page to encrypt from
710  * @size: The number of bytes to encrypt
711  * @iv: The initialization vector to use for the encryption
712  *
713  * Returns the number of bytes encrypted
714  */
715 static int
716 ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
717                              struct page *dst_page, int dst_offset,
718                              struct page *src_page, int src_offset, int size,
719                              unsigned char *iv)
720 {
721         struct scatterlist src_sg, dst_sg;
722
723         sg_init_table(&src_sg, 1);
724         sg_init_table(&dst_sg, 1);
725
726         sg_set_page(&src_sg, src_page, size, src_offset);
727         sg_set_page(&dst_sg, dst_page, size, dst_offset);
728         return encrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);
729 }
730
731 /**
732  * ecryptfs_decrypt_page_offset
733  * @crypt_stat: The cryptographic context
734  * @dst_page: The page to decrypt into
735  * @dst_offset: The offset in the page to decrypt into
736  * @src_page: The page to decrypt from
737  * @src_offset: The offset in the page to decrypt from
738  * @size: The number of bytes to decrypt
739  * @iv: The initialization vector to use for the decryption
740  *
741  * Returns the number of bytes decrypted
742  */
743 static int
744 ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
745                              struct page *dst_page, int dst_offset,
746                              struct page *src_page, int src_offset, int size,
747                              unsigned char *iv)
748 {
749         struct scatterlist src_sg, dst_sg;
750
751         sg_init_table(&src_sg, 1);
752         sg_set_page(&src_sg, src_page, size, src_offset);
753
754         sg_init_table(&dst_sg, 1);
755         sg_set_page(&dst_sg, dst_page, size, dst_offset);
756
757         return decrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size, iv);
758 }
759
760 #define ECRYPTFS_MAX_SCATTERLIST_LEN 4
761
762 /**
763  * ecryptfs_init_crypt_ctx
764  * @crypt_stat: Uninitilized crypt stats structure
765  *
766  * Initialize the crypto context.
767  *
768  * TODO: Performance: Keep a cache of initialized cipher contexts;
769  * only init if needed
770  */
771 int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
772 {
773         char *full_alg_name;
774         int rc = -EINVAL;
775
776         if (!crypt_stat->cipher) {
777                 ecryptfs_printk(KERN_ERR, "No cipher specified\n");
778                 goto out;
779         }
780         ecryptfs_printk(KERN_DEBUG,
781                         "Initializing cipher [%s]; strlen = [%d]; "
782                         "key_size_bits = [%d]\n",
783                         crypt_stat->cipher, (int)strlen(crypt_stat->cipher),
784                         crypt_stat->key_size << 3);
785         if (crypt_stat->tfm) {
786                 rc = 0;
787                 goto out;
788         }
789         mutex_lock(&crypt_stat->cs_tfm_mutex);
790         rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
791                                                     crypt_stat->cipher, "cbc");
792         if (rc)
793                 goto out_unlock;
794         crypt_stat->tfm = crypto_alloc_blkcipher(full_alg_name, 0,
795                                                  CRYPTO_ALG_ASYNC);
796         kfree(full_alg_name);
797         if (IS_ERR(crypt_stat->tfm)) {
798                 rc = PTR_ERR(crypt_stat->tfm);
799                 crypt_stat->tfm = NULL;
800                 ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
801                                 "Error initializing cipher [%s]\n",
802                                 crypt_stat->cipher);
803                 goto out_unlock;
804         }
805         crypto_blkcipher_set_flags(crypt_stat->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
806         rc = 0;
807 out_unlock:
808         mutex_unlock(&crypt_stat->cs_tfm_mutex);
809 out:
810         return rc;
811 }
812
813 static void set_extent_mask_and_shift(struct ecryptfs_crypt_stat *crypt_stat)
814 {
815         int extent_size_tmp;
816
817         crypt_stat->extent_mask = 0xFFFFFFFF;
818         crypt_stat->extent_shift = 0;
819         if (crypt_stat->extent_size == 0)
820                 return;
821         extent_size_tmp = crypt_stat->extent_size;
822         while ((extent_size_tmp & 0x01) == 0) {
823                 extent_size_tmp >>= 1;
824                 crypt_stat->extent_mask <<= 1;
825                 crypt_stat->extent_shift++;
826         }
827 }
828
829 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat)
830 {
831         /* Default values; may be overwritten as we are parsing the
832          * packets. */
833         crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE;
834         set_extent_mask_and_shift(crypt_stat);
835         crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES;
836         if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
837                 crypt_stat->num_header_bytes_at_front = 0;
838         else {
839                 if (PAGE_CACHE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)
840                         crypt_stat->num_header_bytes_at_front =
841                                 ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
842                 else
843                         crypt_stat->num_header_bytes_at_front = PAGE_CACHE_SIZE;
844         }
845 }
846
847 /**
848  * ecryptfs_compute_root_iv
849  * @crypt_stats
850  *
851  * On error, sets the root IV to all 0's.
852  */
853 int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat)
854 {
855         int rc = 0;
856         char dst[MD5_DIGEST_SIZE];
857
858         BUG_ON(crypt_stat->iv_bytes > MD5_DIGEST_SIZE);
859         BUG_ON(crypt_stat->iv_bytes <= 0);
860         if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
861                 rc = -EINVAL;
862                 ecryptfs_printk(KERN_WARNING, "Session key not valid; "
863                                 "cannot generate root IV\n");
864                 goto out;
865         }
866         rc = ecryptfs_calculate_md5(dst, crypt_stat, crypt_stat->key,
867                                     crypt_stat->key_size);
868         if (rc) {
869                 ecryptfs_printk(KERN_WARNING, "Error attempting to compute "
870                                 "MD5 while generating root IV\n");
871                 goto out;
872         }
873         memcpy(crypt_stat->root_iv, dst, crypt_stat->iv_bytes);
874 out:
875         if (rc) {
876                 memset(crypt_stat->root_iv, 0, crypt_stat->iv_bytes);
877                 crypt_stat->flags |= ECRYPTFS_SECURITY_WARNING;
878         }
879         return rc;
880 }
881
882 static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat)
883 {
884         get_random_bytes(crypt_stat->key, crypt_stat->key_size);
885         crypt_stat->flags |= ECRYPTFS_KEY_VALID;
886         ecryptfs_compute_root_iv(crypt_stat);
887         if (unlikely(ecryptfs_verbosity > 0)) {
888                 ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n");
889                 ecryptfs_dump_hex(crypt_stat->key,
890                                   crypt_stat->key_size);
891         }
892 }
893
894 /**
895  * ecryptfs_copy_mount_wide_flags_to_inode_flags
896  * @crypt_stat: The inode's cryptographic context
897  * @mount_crypt_stat: The mount point's cryptographic context
898  *
899  * This function propagates the mount-wide flags to individual inode
900  * flags.
901  */
902 static void ecryptfs_copy_mount_wide_flags_to_inode_flags(
903         struct ecryptfs_crypt_stat *crypt_stat,
904         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
905 {
906         if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED)
907                 crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
908         if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
909                 crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED;
910         if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) {
911                 crypt_stat->flags |= ECRYPTFS_ENCRYPT_FILENAMES;
912                 if (mount_crypt_stat->flags
913                     & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)
914                         crypt_stat->flags |= ECRYPTFS_ENCFN_USE_MOUNT_FNEK;
915                 else if (mount_crypt_stat->flags
916                          & ECRYPTFS_GLOBAL_ENCFN_USE_FEK)
917                         crypt_stat->flags |= ECRYPTFS_ENCFN_USE_FEK;
918         }
919 }
920
921 static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs(
922         struct ecryptfs_crypt_stat *crypt_stat,
923         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
924 {
925         struct ecryptfs_global_auth_tok *global_auth_tok;
926         int rc = 0;
927
928         mutex_lock(&crypt_stat->keysig_list_mutex);
929         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
930
931         list_for_each_entry(global_auth_tok,
932                             &mount_crypt_stat->global_auth_tok_list,
933                             mount_crypt_stat_list) {
934                 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK)
935                         continue;
936                 rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig);
937                 if (rc) {
938                         printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc);
939                         goto out;
940                 }
941         }
942
943 out:
944         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
945         mutex_unlock(&crypt_stat->keysig_list_mutex);
946         return rc;
947 }
948
949 /**
950  * ecryptfs_set_default_crypt_stat_vals
951  * @crypt_stat: The inode's cryptographic context
952  * @mount_crypt_stat: The mount point's cryptographic context
953  *
954  * Default values in the event that policy does not override them.
955  */
956 static void ecryptfs_set_default_crypt_stat_vals(
957         struct ecryptfs_crypt_stat *crypt_stat,
958         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
959 {
960         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
961                                                       mount_crypt_stat);
962         ecryptfs_set_default_sizes(crypt_stat);
963         strcpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER);
964         crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES;
965         crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID);
966         crypt_stat->file_version = ECRYPTFS_FILE_VERSION;
967         crypt_stat->mount_crypt_stat = mount_crypt_stat;
968 }
969
970 /**
971  * ecryptfs_new_file_context
972  * @ecryptfs_dentry: The eCryptfs dentry
973  *
974  * If the crypto context for the file has not yet been established,
975  * this is where we do that.  Establishing a new crypto context
976  * involves the following decisions:
977  *  - What cipher to use?
978  *  - What set of authentication tokens to use?
979  * Here we just worry about getting enough information into the
980  * authentication tokens so that we know that they are available.
981  * We associate the available authentication tokens with the new file
982  * via the set of signatures in the crypt_stat struct.  Later, when
983  * the headers are actually written out, we may again defer to
984  * userspace to perform the encryption of the session key; for the
985  * foreseeable future, this will be the case with public key packets.
986  *
987  * Returns zero on success; non-zero otherwise
988  */
989 int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry)
990 {
991         struct ecryptfs_crypt_stat *crypt_stat =
992             &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
993         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
994             &ecryptfs_superblock_to_private(
995                     ecryptfs_dentry->d_sb)->mount_crypt_stat;
996         int cipher_name_len;
997         int rc = 0;
998
999         ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat);
1000         crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID);
1001         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
1002                                                       mount_crypt_stat);
1003         rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat,
1004                                                          mount_crypt_stat);
1005         if (rc) {
1006                 printk(KERN_ERR "Error attempting to copy mount-wide key sigs "
1007                        "to the inode key sigs; rc = [%d]\n", rc);
1008                 goto out;
1009         }
1010         cipher_name_len =
1011                 strlen(mount_crypt_stat->global_default_cipher_name);
1012         memcpy(crypt_stat->cipher,
1013                mount_crypt_stat->global_default_cipher_name,
1014                cipher_name_len);
1015         crypt_stat->cipher[cipher_name_len] = '\0';
1016         crypt_stat->key_size =
1017                 mount_crypt_stat->global_default_cipher_key_size;
1018         ecryptfs_generate_new_key(crypt_stat);
1019         rc = ecryptfs_init_crypt_ctx(crypt_stat);
1020         if (rc)
1021                 ecryptfs_printk(KERN_ERR, "Error initializing cryptographic "
1022                                 "context for cipher [%s]: rc = [%d]\n",
1023                                 crypt_stat->cipher, rc);
1024 out:
1025         return rc;
1026 }
1027
1028 /**
1029  * contains_ecryptfs_marker - check for the ecryptfs marker
1030  * @data: The data block in which to check
1031  *
1032  * Returns one if marker found; zero if not found
1033  */
1034 static int contains_ecryptfs_marker(char *data)
1035 {
1036         u32 m_1, m_2;
1037
1038         m_1 = get_unaligned_be32(data);
1039         m_2 = get_unaligned_be32(data + 4);
1040         if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2)
1041                 return 1;
1042         ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; "
1043                         "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n", m_1, m_2,
1044                         MAGIC_ECRYPTFS_MARKER);
1045         ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = "
1046                         "[0x%.8x]\n", (m_1 ^ MAGIC_ECRYPTFS_MARKER));
1047         return 0;
1048 }
1049
1050 struct ecryptfs_flag_map_elem {
1051         u32 file_flag;
1052         u32 local_flag;
1053 };
1054
1055 /* Add support for additional flags by adding elements here. */
1056 static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = {
1057         {0x00000001, ECRYPTFS_ENABLE_HMAC},
1058         {0x00000002, ECRYPTFS_ENCRYPTED},
1059         {0x00000004, ECRYPTFS_METADATA_IN_XATTR},
1060         {0x00000008, ECRYPTFS_ENCRYPT_FILENAMES}
1061 };
1062
1063 /**
1064  * ecryptfs_process_flags
1065  * @crypt_stat: The cryptographic context
1066  * @page_virt: Source data to be parsed
1067  * @bytes_read: Updated with the number of bytes read
1068  *
1069  * Returns zero on success; non-zero if the flag set is invalid
1070  */
1071 static int ecryptfs_process_flags(struct ecryptfs_crypt_stat *crypt_stat,
1072                                   char *page_virt, int *bytes_read)
1073 {
1074         int rc = 0;
1075         int i;
1076         u32 flags;
1077
1078         flags = get_unaligned_be32(page_virt);
1079         for (i = 0; i < ((sizeof(ecryptfs_flag_map)
1080                           / sizeof(struct ecryptfs_flag_map_elem))); i++)
1081                 if (flags & ecryptfs_flag_map[i].file_flag) {
1082                         crypt_stat->flags |= ecryptfs_flag_map[i].local_flag;
1083                 } else
1084                         crypt_stat->flags &= ~(ecryptfs_flag_map[i].local_flag);
1085         /* Version is in top 8 bits of the 32-bit flag vector */
1086         crypt_stat->file_version = ((flags >> 24) & 0xFF);
1087         (*bytes_read) = 4;
1088         return rc;
1089 }
1090
1091 /**
1092  * write_ecryptfs_marker
1093  * @page_virt: The pointer to in a page to begin writing the marker
1094  * @written: Number of bytes written
1095  *
1096  * Marker = 0x3c81b7f5
1097  */
1098 static void write_ecryptfs_marker(char *page_virt, size_t *written)
1099 {
1100         u32 m_1, m_2;
1101
1102         get_random_bytes(&m_1, (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2));
1103         m_2 = (m_1 ^ MAGIC_ECRYPTFS_MARKER);
1104         put_unaligned_be32(m_1, page_virt);
1105         page_virt += (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2);
1106         put_unaligned_be32(m_2, page_virt);
1107         (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
1108 }
1109
1110 static void
1111 write_ecryptfs_flags(char *page_virt, struct ecryptfs_crypt_stat *crypt_stat,
1112                      size_t *written)
1113 {
1114         u32 flags = 0;
1115         int i;
1116
1117         for (i = 0; i < ((sizeof(ecryptfs_flag_map)
1118                           / sizeof(struct ecryptfs_flag_map_elem))); i++)
1119                 if (crypt_stat->flags & ecryptfs_flag_map[i].local_flag)
1120                         flags |= ecryptfs_flag_map[i].file_flag;
1121         /* Version is in top 8 bits of the 32-bit flag vector */
1122         flags |= ((((u8)crypt_stat->file_version) << 24) & 0xFF000000);
1123         put_unaligned_be32(flags, page_virt);
1124         (*written) = 4;
1125 }
1126
1127 struct ecryptfs_cipher_code_str_map_elem {
1128         char cipher_str[16];
1129         u8 cipher_code;
1130 };
1131
1132 /* Add support for additional ciphers by adding elements here. The
1133  * cipher_code is whatever OpenPGP applicatoins use to identify the
1134  * ciphers. List in order of probability. */
1135 static struct ecryptfs_cipher_code_str_map_elem
1136 ecryptfs_cipher_code_str_map[] = {
1137         {"aes",RFC2440_CIPHER_AES_128 },
1138         {"blowfish", RFC2440_CIPHER_BLOWFISH},
1139         {"des3_ede", RFC2440_CIPHER_DES3_EDE},
1140         {"cast5", RFC2440_CIPHER_CAST_5},
1141         {"twofish", RFC2440_CIPHER_TWOFISH},
1142         {"cast6", RFC2440_CIPHER_CAST_6},
1143         {"aes", RFC2440_CIPHER_AES_192},
1144         {"aes", RFC2440_CIPHER_AES_256}
1145 };
1146
1147 /**
1148  * ecryptfs_code_for_cipher_string
1149  * @cipher_name: The string alias for the cipher
1150  * @key_bytes: Length of key in bytes; used for AES code selection
1151  *
1152  * Returns zero on no match, or the cipher code on match
1153  */
1154 u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes)
1155 {
1156         int i;
1157         u8 code = 0;
1158         struct ecryptfs_cipher_code_str_map_elem *map =
1159                 ecryptfs_cipher_code_str_map;
1160
1161         if (strcmp(cipher_name, "aes") == 0) {
1162                 switch (key_bytes) {
1163                 case 16:
1164                         code = RFC2440_CIPHER_AES_128;
1165                         break;
1166                 case 24:
1167                         code = RFC2440_CIPHER_AES_192;
1168                         break;
1169                 case 32:
1170                         code = RFC2440_CIPHER_AES_256;
1171                 }
1172         } else {
1173                 for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)
1174                         if (strcmp(cipher_name, map[i].cipher_str) == 0) {
1175                                 code = map[i].cipher_code;
1176                                 break;
1177                         }
1178         }
1179         return code;
1180 }
1181
1182 /**
1183  * ecryptfs_cipher_code_to_string
1184  * @str: Destination to write out the cipher name
1185  * @cipher_code: The code to convert to cipher name string
1186  *
1187  * Returns zero on success
1188  */
1189 int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code)
1190 {
1191         int rc = 0;
1192         int i;
1193
1194         str[0] = '\0';
1195         for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)
1196                 if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code)
1197                         strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str);
1198         if (str[0] == '\0') {
1199                 ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: "
1200                                 "[%d]\n", cipher_code);
1201                 rc = -EINVAL;
1202         }
1203         return rc;
1204 }
1205
1206 int ecryptfs_read_and_validate_header_region(char *data,
1207                                              struct inode *ecryptfs_inode)
1208 {
1209         struct ecryptfs_crypt_stat *crypt_stat =
1210                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
1211         int rc;
1212
1213         if (crypt_stat->extent_size == 0)
1214                 crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE;
1215         rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size,
1216                                  ecryptfs_inode);
1217         if (rc < 0) {
1218                 printk(KERN_ERR "%s: Error reading header region; rc = [%d]\n",
1219                        __func__, rc);
1220                 goto out;
1221         }
1222         if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) {
1223                 rc = -EINVAL;
1224         } else
1225                 rc = 0;
1226 out:
1227         return rc;
1228 }
1229
1230 void
1231 ecryptfs_write_header_metadata(char *virt,
1232                                struct ecryptfs_crypt_stat *crypt_stat,
1233                                size_t *written)
1234 {
1235         u32 header_extent_size;
1236         u16 num_header_extents_at_front;
1237
1238         header_extent_size = (u32)crypt_stat->extent_size;
1239         num_header_extents_at_front =
1240                 (u16)(crypt_stat->num_header_bytes_at_front
1241                       / crypt_stat->extent_size);
1242         put_unaligned_be32(header_extent_size, virt);
1243         virt += 4;
1244         put_unaligned_be16(num_header_extents_at_front, virt);
1245         (*written) = 6;
1246 }
1247
1248 struct kmem_cache *ecryptfs_header_cache_1;
1249 struct kmem_cache *ecryptfs_header_cache_2;
1250
1251 /**
1252  * ecryptfs_write_headers_virt
1253  * @page_virt: The virtual address to write the headers to
1254  * @max: The size of memory allocated at page_virt
1255  * @size: Set to the number of bytes written by this function
1256  * @crypt_stat: The cryptographic context
1257  * @ecryptfs_dentry: The eCryptfs dentry
1258  *
1259  * Format version: 1
1260  *
1261  *   Header Extent:
1262  *     Octets 0-7:        Unencrypted file size (big-endian)
1263  *     Octets 8-15:       eCryptfs special marker
1264  *     Octets 16-19:      Flags
1265  *      Octet 16:         File format version number (between 0 and 255)
1266  *      Octets 17-18:     Reserved
1267  *      Octet 19:         Bit 1 (lsb): Reserved
1268  *                        Bit 2: Encrypted?
1269  *                        Bits 3-8: Reserved
1270  *     Octets 20-23:      Header extent size (big-endian)
1271  *     Octets 24-25:      Number of header extents at front of file
1272  *                        (big-endian)
1273  *     Octet  26:         Begin RFC 2440 authentication token packet set
1274  *   Data Extent 0:
1275  *     Lower data (CBC encrypted)
1276  *   Data Extent 1:
1277  *     Lower data (CBC encrypted)
1278  *   ...
1279  *
1280  * Returns zero on success
1281  */
1282 static int ecryptfs_write_headers_virt(char *page_virt, size_t max,
1283                                        size_t *size,
1284                                        struct ecryptfs_crypt_stat *crypt_stat,
1285                                        struct dentry *ecryptfs_dentry)
1286 {
1287         int rc;
1288         size_t written;
1289         size_t offset;
1290
1291         offset = ECRYPTFS_FILE_SIZE_BYTES;
1292         write_ecryptfs_marker((page_virt + offset), &written);
1293         offset += written;
1294         write_ecryptfs_flags((page_virt + offset), crypt_stat, &written);
1295         offset += written;
1296         ecryptfs_write_header_metadata((page_virt + offset), crypt_stat,
1297                                        &written);
1298         offset += written;
1299         rc = ecryptfs_generate_key_packet_set((page_virt + offset), crypt_stat,
1300                                               ecryptfs_dentry, &written,
1301                                               max - offset);
1302         if (rc)
1303                 ecryptfs_printk(KERN_WARNING, "Error generating key packet "
1304                                 "set; rc = [%d]\n", rc);
1305         if (size) {
1306                 offset += written;
1307                 *size = offset;
1308         }
1309         return rc;
1310 }
1311
1312 static int
1313 ecryptfs_write_metadata_to_contents(struct dentry *ecryptfs_dentry,
1314                                     char *virt, size_t virt_len)
1315 {
1316         int rc;
1317
1318         rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt,
1319                                   0, virt_len);
1320         if (rc < 0)
1321                 printk(KERN_ERR "%s: Error attempting to write header "
1322                        "information to lower file; rc = [%d]\n", __func__, rc);
1323         else
1324                 rc = 0;
1325         return rc;
1326 }
1327
1328 static int
1329 ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry,
1330                                  char *page_virt, size_t size)
1331 {
1332         int rc;
1333
1334         rc = ecryptfs_setxattr(ecryptfs_dentry, ECRYPTFS_XATTR_NAME, page_virt,
1335                                size, 0);
1336         return rc;
1337 }
1338
1339 static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask,
1340                                                unsigned int order)
1341 {
1342         struct page *page;
1343
1344         page = alloc_pages(gfp_mask | __GFP_ZERO, order);
1345         if (page)
1346                 return (unsigned long) page_address(page);
1347         return 0;
1348 }
1349
1350 /**
1351  * ecryptfs_write_metadata
1352  * @ecryptfs_dentry: The eCryptfs dentry
1353  *
1354  * Write the file headers out.  This will likely involve a userspace
1355  * callout, in which the session key is encrypted with one or more
1356  * public keys and/or the passphrase necessary to do the encryption is
1357  * retrieved via a prompt.  Exactly what happens at this point should
1358  * be policy-dependent.
1359  *
1360  * Returns zero on success; non-zero on error
1361  */
1362 int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry)
1363 {
1364         struct ecryptfs_crypt_stat *crypt_stat =
1365                 &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
1366         unsigned int order;
1367         char *virt;
1368         size_t virt_len;
1369         size_t size = 0;
1370         int rc = 0;
1371
1372         if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
1373                 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
1374                         printk(KERN_ERR "Key is invalid; bailing out\n");
1375                         rc = -EINVAL;
1376                         goto out;
1377                 }
1378         } else {
1379                 printk(KERN_WARNING "%s: Encrypted flag not set\n",
1380                        __func__);
1381                 rc = -EINVAL;
1382                 goto out;
1383         }
1384         virt_len = crypt_stat->num_header_bytes_at_front;
1385         order = get_order(virt_len);
1386         /* Released in this function */
1387         virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order);
1388         if (!virt) {
1389                 printk(KERN_ERR "%s: Out of memory\n", __func__);
1390                 rc = -ENOMEM;
1391                 goto out;
1392         }
1393         rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat,
1394                                          ecryptfs_dentry);
1395         if (unlikely(rc)) {
1396                 printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n",
1397                        __func__, rc);
1398                 goto out_free;
1399         }
1400         if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
1401                 rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt,
1402                                                       size);
1403         else
1404                 rc = ecryptfs_write_metadata_to_contents(ecryptfs_dentry, virt,
1405                                                          virt_len);
1406         if (rc) {
1407                 printk(KERN_ERR "%s: Error writing metadata out to lower file; "
1408                        "rc = [%d]\n", __func__, rc);
1409                 goto out_free;
1410         }
1411 out_free:
1412         free_pages((unsigned long)virt, order);
1413 out:
1414         return rc;
1415 }
1416
1417 #define ECRYPTFS_DONT_VALIDATE_HEADER_SIZE 0
1418 #define ECRYPTFS_VALIDATE_HEADER_SIZE 1
1419 static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat,
1420                                  char *virt, int *bytes_read,
1421                                  int validate_header_size)
1422 {
1423         int rc = 0;
1424         u32 header_extent_size;
1425         u16 num_header_extents_at_front;
1426
1427         header_extent_size = get_unaligned_be32(virt);
1428         virt += sizeof(__be32);
1429         num_header_extents_at_front = get_unaligned_be16(virt);
1430         crypt_stat->num_header_bytes_at_front =
1431                 (((size_t)num_header_extents_at_front
1432                   * (size_t)header_extent_size));
1433         (*bytes_read) = (sizeof(__be32) + sizeof(__be16));
1434         if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE)
1435             && (crypt_stat->num_header_bytes_at_front
1436                 < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) {
1437                 rc = -EINVAL;
1438                 printk(KERN_WARNING "Invalid header size: [%zd]\n",
1439                        crypt_stat->num_header_bytes_at_front);
1440         }
1441         return rc;
1442 }
1443
1444 /**
1445  * set_default_header_data
1446  * @crypt_stat: The cryptographic context
1447  *
1448  * For version 0 file format; this function is only for backwards
1449  * compatibility for files created with the prior versions of
1450  * eCryptfs.
1451  */
1452 static void set_default_header_data(struct ecryptfs_crypt_stat *crypt_stat)
1453 {
1454         crypt_stat->num_header_bytes_at_front =
1455                 ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
1456 }
1457
1458 /**
1459  * ecryptfs_read_headers_virt
1460  * @page_virt: The virtual address into which to read the headers
1461  * @crypt_stat: The cryptographic context
1462  * @ecryptfs_dentry: The eCryptfs dentry
1463  * @validate_header_size: Whether to validate the header size while reading
1464  *
1465  * Read/parse the header data. The header format is detailed in the
1466  * comment block for the ecryptfs_write_headers_virt() function.
1467  *
1468  * Returns zero on success
1469  */
1470 static int ecryptfs_read_headers_virt(char *page_virt,
1471                                       struct ecryptfs_crypt_stat *crypt_stat,
1472                                       struct dentry *ecryptfs_dentry,
1473                                       int validate_header_size)
1474 {
1475         int rc = 0;
1476         int offset;
1477         int bytes_read;
1478
1479         ecryptfs_set_default_sizes(crypt_stat);
1480         crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private(
1481                 ecryptfs_dentry->d_sb)->mount_crypt_stat;
1482         offset = ECRYPTFS_FILE_SIZE_BYTES;
1483         rc = contains_ecryptfs_marker(page_virt + offset);
1484         if (rc == 0) {
1485                 rc = -EINVAL;
1486                 goto out;
1487         }
1488         offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
1489         rc = ecryptfs_process_flags(crypt_stat, (page_virt + offset),
1490                                     &bytes_read);
1491         if (rc) {
1492                 ecryptfs_printk(KERN_WARNING, "Error processing flags\n");
1493                 goto out;
1494         }
1495         if (crypt_stat->file_version > ECRYPTFS_SUPPORTED_FILE_VERSION) {
1496                 ecryptfs_printk(KERN_WARNING, "File version is [%d]; only "
1497                                 "file version [%d] is supported by this "
1498                                 "version of eCryptfs\n",
1499                                 crypt_stat->file_version,
1500                                 ECRYPTFS_SUPPORTED_FILE_VERSION);
1501                 rc = -EINVAL;
1502                 goto out;
1503         }
1504         offset += bytes_read;
1505         if (crypt_stat->file_version >= 1) {
1506                 rc = parse_header_metadata(crypt_stat, (page_virt + offset),
1507                                            &bytes_read, validate_header_size);
1508                 if (rc) {
1509                         ecryptfs_printk(KERN_WARNING, "Error reading header "
1510                                         "metadata; rc = [%d]\n", rc);
1511                 }
1512                 offset += bytes_read;
1513         } else
1514                 set_default_header_data(crypt_stat);
1515         rc = ecryptfs_parse_packet_set(crypt_stat, (page_virt + offset),
1516                                        ecryptfs_dentry);
1517 out:
1518         return rc;
1519 }
1520
1521 /**
1522  * ecryptfs_read_xattr_region
1523  * @page_virt: The vitual address into which to read the xattr data
1524  * @ecryptfs_inode: The eCryptfs inode
1525  *
1526  * Attempts to read the crypto metadata from the extended attribute
1527  * region of the lower file.
1528  *
1529  * Returns zero on success; non-zero on error
1530  */
1531 int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode)
1532 {
1533         struct dentry *lower_dentry =
1534                 ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_dentry;
1535         ssize_t size;
1536         int rc = 0;
1537
1538         size = ecryptfs_getxattr_lower(lower_dentry, ECRYPTFS_XATTR_NAME,
1539                                        page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE);
1540         if (size < 0) {
1541                 if (unlikely(ecryptfs_verbosity > 0))
1542                         printk(KERN_INFO "Error attempting to read the [%s] "
1543                                "xattr from the lower file; return value = "
1544                                "[%zd]\n", ECRYPTFS_XATTR_NAME, size);
1545                 rc = -EINVAL;
1546                 goto out;
1547         }
1548 out:
1549         return rc;
1550 }
1551
1552 int ecryptfs_read_and_validate_xattr_region(char *page_virt,
1553                                             struct dentry *ecryptfs_dentry)
1554 {
1555         int rc;
1556
1557         rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_dentry->d_inode);
1558         if (rc)
1559                 goto out;
1560         if (!contains_ecryptfs_marker(page_virt + ECRYPTFS_FILE_SIZE_BYTES)) {
1561                 printk(KERN_WARNING "Valid data found in [%s] xattr, but "
1562                         "the marker is invalid\n", ECRYPTFS_XATTR_NAME);
1563                 rc = -EINVAL;
1564         }
1565 out:
1566         return rc;
1567 }
1568
1569 /**
1570  * ecryptfs_read_metadata
1571  *
1572  * Common entry point for reading file metadata. From here, we could
1573  * retrieve the header information from the header region of the file,
1574  * the xattr region of the file, or some other repostory that is
1575  * stored separately from the file itself. The current implementation
1576  * supports retrieving the metadata information from the file contents
1577  * and from the xattr region.
1578  *
1579  * Returns zero if valid headers found and parsed; non-zero otherwise
1580  */
1581 int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry)
1582 {
1583         int rc = 0;
1584         char *page_virt = NULL;
1585         struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode;
1586         struct ecryptfs_crypt_stat *crypt_stat =
1587             &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
1588         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
1589                 &ecryptfs_superblock_to_private(
1590                         ecryptfs_dentry->d_sb)->mount_crypt_stat;
1591
1592         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
1593                                                       mount_crypt_stat);
1594         /* Read the first page from the underlying file */
1595         page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER);
1596         if (!page_virt) {
1597                 rc = -ENOMEM;
1598                 printk(KERN_ERR "%s: Unable to allocate page_virt\n",
1599                        __func__);
1600                 goto out;
1601         }
1602         rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size,
1603                                  ecryptfs_inode);
1604         if (rc >= 0)
1605                 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
1606                                                 ecryptfs_dentry,
1607                                                 ECRYPTFS_VALIDATE_HEADER_SIZE);
1608         if (rc) {
1609                 rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode);
1610                 if (rc) {
1611                         printk(KERN_DEBUG "Valid eCryptfs headers not found in "
1612                                "file header region or xattr region\n");
1613                         rc = -EINVAL;
1614                         goto out;
1615                 }
1616                 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
1617                                                 ecryptfs_dentry,
1618                                                 ECRYPTFS_DONT_VALIDATE_HEADER_SIZE);
1619                 if (rc) {
1620                         printk(KERN_DEBUG "Valid eCryptfs headers not found in "
1621                                "file xattr region either\n");
1622                         rc = -EINVAL;
1623                 }
1624                 if (crypt_stat->mount_crypt_stat->flags
1625                     & ECRYPTFS_XATTR_METADATA_ENABLED) {
1626                         crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
1627                 } else {
1628                         printk(KERN_WARNING "Attempt to access file with "
1629                                "crypto metadata only in the extended attribute "
1630                                "region, but eCryptfs was mounted without "
1631                                "xattr support enabled. eCryptfs will not treat "
1632                                "this like an encrypted file.\n");
1633                         rc = -EINVAL;
1634                 }
1635         }
1636 out:
1637         if (page_virt) {
1638                 memset(page_virt, 0, PAGE_CACHE_SIZE);
1639                 kmem_cache_free(ecryptfs_header_cache_1, page_virt);
1640         }
1641         return rc;
1642 }
1643
1644 /**
1645  * ecryptfs_encrypt_filename - encrypt filename
1646  *
1647  * CBC-encrypts the filename. We do not want to encrypt the same
1648  * filename with the same key and IV, which may happen with hard
1649  * links, so we prepend random bits to each filename.
1650  *
1651  * Returns zero on success; non-zero otherwise
1652  */
1653 static int
1654 ecryptfs_encrypt_filename(struct ecryptfs_filename *filename,
1655                           struct ecryptfs_crypt_stat *crypt_stat,
1656                           struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
1657 {
1658         int rc = 0;
1659
1660         filename->encrypted_filename = NULL;
1661         filename->encrypted_filename_size = 0;
1662         if ((crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
1663             || (mount_crypt_stat && (mount_crypt_stat->flags
1664                                      & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) {
1665                 size_t packet_size;
1666                 size_t remaining_bytes;
1667
1668                 rc = ecryptfs_write_tag_70_packet(
1669                         NULL, NULL,
1670                         &filename->encrypted_filename_size,
1671                         mount_crypt_stat, NULL,
1672                         filename->filename_size);
1673                 if (rc) {
1674                         printk(KERN_ERR "%s: Error attempting to get packet "
1675                                "size for tag 72; rc = [%d]\n", __func__,
1676                                rc);
1677                         filename->encrypted_filename_size = 0;
1678                         goto out;
1679                 }
1680                 filename->encrypted_filename =
1681                         kmalloc(filename->encrypted_filename_size, GFP_KERNEL);
1682                 if (!filename->encrypted_filename) {
1683                         printk(KERN_ERR "%s: Out of memory whilst attempting "
1684                                "to kmalloc [%zd] bytes\n", __func__,
1685                                filename->encrypted_filename_size);
1686                         rc = -ENOMEM;
1687                         goto out;
1688                 }
1689                 remaining_bytes = filename->encrypted_filename_size;
1690                 rc = ecryptfs_write_tag_70_packet(filename->encrypted_filename,
1691                                                   &remaining_bytes,
1692                                                   &packet_size,
1693                                                   mount_crypt_stat,
1694                                                   filename->filename,
1695                                                   filename->filename_size);
1696                 if (rc) {
1697                         printk(KERN_ERR "%s: Error attempting to generate "
1698                                "tag 70 packet; rc = [%d]\n", __func__,
1699                                rc);
1700                         kfree(filename->encrypted_filename);
1701                         filename->encrypted_filename = NULL;
1702                         filename->encrypted_filename_size = 0;
1703                         goto out;
1704                 }
1705                 filename->encrypted_filename_size = packet_size;
1706         } else {
1707                 printk(KERN_ERR "%s: No support for requested filename "
1708                        "encryption method in this release\n", __func__);
1709                 rc = -EOPNOTSUPP;
1710                 goto out;
1711         }
1712 out:
1713         return rc;
1714 }
1715
1716 static int ecryptfs_copy_filename(char **copied_name, size_t *copied_name_size,
1717                                   const char *name, size_t name_size)
1718 {
1719         int rc = 0;
1720
1721         (*copied_name) = kmalloc((name_size + 1), GFP_KERNEL);
1722         if (!(*copied_name)) {
1723                 rc = -ENOMEM;
1724                 goto out;
1725         }
1726         memcpy((void *)(*copied_name), (void *)name, name_size);
1727         (*copied_name)[(name_size)] = '\0';     /* Only for convenience
1728                                                  * in printing out the
1729                                                  * string in debug
1730                                                  * messages */
1731         (*copied_name_size) = name_size;
1732 out:
1733         return rc;
1734 }
1735
1736 /**
1737  * ecryptfs_process_key_cipher - Perform key cipher initialization.
1738  * @key_tfm: Crypto context for key material, set by this function
1739  * @cipher_name: Name of the cipher
1740  * @key_size: Size of the key in bytes
1741  *
1742  * Returns zero on success. Any crypto_tfm structs allocated here
1743  * should be released by other functions, such as on a superblock put
1744  * event, regardless of whether this function succeeds for fails.
1745  */
1746 static int
1747 ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm,
1748                             char *cipher_name, size_t *key_size)
1749 {
1750         char dummy_key[ECRYPTFS_MAX_KEY_BYTES];
1751         char *full_alg_name;
1752         int rc;
1753
1754         *key_tfm = NULL;
1755         if (*key_size > ECRYPTFS_MAX_KEY_BYTES) {
1756                 rc = -EINVAL;
1757                 printk(KERN_ERR "Requested key size is [%zd] bytes; maximum "
1758                       "allowable is [%d]\n", *key_size, ECRYPTFS_MAX_KEY_BYTES);
1759                 goto out;
1760         }
1761         rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, cipher_name,
1762                                                     "ecb");
1763         if (rc)
1764                 goto out;
1765         *key_tfm = crypto_alloc_blkcipher(full_alg_name, 0, CRYPTO_ALG_ASYNC);
1766         kfree(full_alg_name);
1767         if (IS_ERR(*key_tfm)) {
1768                 rc = PTR_ERR(*key_tfm);
1769                 printk(KERN_ERR "Unable to allocate crypto cipher with name "
1770                        "[%s]; rc = [%d]\n", full_alg_name, rc);
1771                 goto out;
1772         }
1773         crypto_blkcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1774         if (*key_size == 0) {
1775                 struct blkcipher_alg *alg = crypto_blkcipher_alg(*key_tfm);
1776
1777                 *key_size = alg->max_keysize;
1778         }
1779         get_random_bytes(dummy_key, *key_size);
1780         rc = crypto_blkcipher_setkey(*key_tfm, dummy_key, *key_size);
1781         if (rc) {
1782                 printk(KERN_ERR "Error attempting to set key of size [%zd] for "
1783                        "cipher [%s]; rc = [%d]\n", *key_size, full_alg_name,
1784                        rc);
1785                 rc = -EINVAL;
1786                 goto out;
1787         }
1788 out:
1789         return rc;
1790 }
1791
1792 struct kmem_cache *ecryptfs_key_tfm_cache;
1793 static struct list_head key_tfm_list;
1794 struct mutex key_tfm_list_mutex;
1795
1796 int ecryptfs_init_crypto(void)
1797 {
1798         mutex_init(&key_tfm_list_mutex);
1799         INIT_LIST_HEAD(&key_tfm_list);
1800         return 0;
1801 }
1802
1803 /**
1804  * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
1805  *
1806  * Called only at module unload time
1807  */
1808 int ecryptfs_destroy_crypto(void)
1809 {
1810         struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
1811
1812         mutex_lock(&key_tfm_list_mutex);
1813         list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list,
1814                                  key_tfm_list) {
1815                 list_del(&key_tfm->key_tfm_list);
1816                 if (key_tfm->key_tfm)
1817                         crypto_free_blkcipher(key_tfm->key_tfm);
1818                 kmem_cache_free(ecryptfs_key_tfm_cache, key_tfm);
1819         }
1820         mutex_unlock(&key_tfm_list_mutex);
1821         return 0;
1822 }
1823
1824 int
1825 ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name,
1826                          size_t key_size)
1827 {
1828         struct ecryptfs_key_tfm *tmp_tfm;
1829         int rc = 0;
1830
1831         BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
1832
1833         tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
1834         if (key_tfm != NULL)
1835                 (*key_tfm) = tmp_tfm;
1836         if (!tmp_tfm) {
1837                 rc = -ENOMEM;
1838                 printk(KERN_ERR "Error attempting to allocate from "
1839                        "ecryptfs_key_tfm_cache\n");
1840                 goto out;
1841         }
1842         mutex_init(&tmp_tfm->key_tfm_mutex);
1843         strncpy(tmp_tfm->cipher_name, cipher_name,
1844                 ECRYPTFS_MAX_CIPHER_NAME_SIZE);
1845         tmp_tfm->cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE] = '\0';
1846         tmp_tfm->key_size = key_size;
1847         rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm,
1848                                          tmp_tfm->cipher_name,
1849                                          &tmp_tfm->key_size);
1850         if (rc) {
1851                 printk(KERN_ERR "Error attempting to initialize key TFM "
1852                        "cipher with name = [%s]; rc = [%d]\n",
1853                        tmp_tfm->cipher_name, rc);
1854                 kmem_cache_free(ecryptfs_key_tfm_cache, tmp_tfm);
1855                 if (key_tfm != NULL)
1856                         (*key_tfm) = NULL;
1857                 goto out;
1858         }
1859         list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
1860 out:
1861         return rc;
1862 }
1863
1864 /**
1865  * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
1866  * @cipher_name: the name of the cipher to search for
1867  * @key_tfm: set to corresponding tfm if found
1868  *
1869  * Searches for cached key_tfm matching @cipher_name
1870  * Must be called with &key_tfm_list_mutex held
1871  * Returns 1 if found, with @key_tfm set
1872  * Returns 0 if not found, with @key_tfm set to NULL
1873  */
1874 int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
1875 {
1876         struct ecryptfs_key_tfm *tmp_key_tfm;
1877
1878         BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
1879
1880         list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
1881                 if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
1882                         if (key_tfm)
1883                                 (*key_tfm) = tmp_key_tfm;
1884                         return 1;
1885                 }
1886         }
1887         if (key_tfm)
1888                 (*key_tfm) = NULL;
1889         return 0;
1890 }
1891
1892 /**
1893  * ecryptfs_get_tfm_and_mutex_for_cipher_name
1894  *
1895  * @tfm: set to cached tfm found, or new tfm created
1896  * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
1897  * @cipher_name: the name of the cipher to search for and/or add
1898  *
1899  * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
1900  * Searches for cached item first, and creates new if not found.
1901  * Returns 0 on success, non-zero if adding new cipher failed
1902  */
1903 int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
1904                                                struct mutex **tfm_mutex,
1905                                                char *cipher_name)
1906 {
1907         struct ecryptfs_key_tfm *key_tfm;
1908         int rc = 0;
1909
1910         (*tfm) = NULL;
1911         (*tfm_mutex) = NULL;
1912
1913         mutex_lock(&key_tfm_list_mutex);
1914         if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
1915                 rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
1916                 if (rc) {
1917                         printk(KERN_ERR "Error adding new key_tfm to list; "
1918                                         "rc = [%d]\n", rc);
1919                         goto out;
1920                 }
1921         }
1922         (*tfm) = key_tfm->key_tfm;
1923         (*tfm_mutex) = &key_tfm->key_tfm_mutex;
1924 out:
1925         mutex_unlock(&key_tfm_list_mutex);
1926         return rc;
1927 }
1928
1929 /* 64 characters forming a 6-bit target field */
1930 static unsigned char *portable_filename_chars = ("-.0123456789ABCD"
1931                                                  "EFGHIJKLMNOPQRST"
1932                                                  "UVWXYZabcdefghij"
1933                                                  "klmnopqrstuvwxyz");
1934
1935 /* We could either offset on every reverse map or just pad some 0x00's
1936  * at the front here */
1937 static const unsigned char filename_rev_map[] = {
1938         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */
1939         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */
1940         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */
1941         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */
1942         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */
1943         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */
1944         0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */
1945         0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */
1946         0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */
1947         0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */
1948         0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */
1949         0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */
1950         0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */
1951         0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */
1952         0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */
1953         0x3D, 0x3E, 0x3F
1954 };
1955
1956 /**
1957  * ecryptfs_encode_for_filename
1958  * @dst: Destination location for encoded filename
1959  * @dst_size: Size of the encoded filename in bytes
1960  * @src: Source location for the filename to encode
1961  * @src_size: Size of the source in bytes
1962  */
1963 void ecryptfs_encode_for_filename(unsigned char *dst, size_t *dst_size,
1964                                   unsigned char *src, size_t src_size)
1965 {
1966         size_t num_blocks;
1967         size_t block_num = 0;
1968         size_t dst_offset = 0;
1969         unsigned char last_block[3];
1970
1971         if (src_size == 0) {
1972                 (*dst_size) = 0;
1973                 goto out;
1974         }
1975         num_blocks = (src_size / 3);
1976         if ((src_size % 3) == 0) {
1977                 memcpy(last_block, (&src[src_size - 3]), 3);
1978         } else {
1979                 num_blocks++;
1980                 last_block[2] = 0x00;
1981                 switch (src_size % 3) {
1982                 case 1:
1983                         last_block[0] = src[src_size - 1];
1984                         last_block[1] = 0x00;
1985                         break;
1986                 case 2:
1987                         last_block[0] = src[src_size - 2];
1988                         last_block[1] = src[src_size - 1];
1989                 }
1990         }
1991         (*dst_size) = (num_blocks * 4);
1992         if (!dst)
1993                 goto out;
1994         while (block_num < num_blocks) {
1995                 unsigned char *src_block;
1996                 unsigned char dst_block[4];
1997
1998                 if (block_num == (num_blocks - 1))
1999                         src_block = last_block;
2000                 else
2001                         src_block = &src[block_num * 3];
2002                 dst_block[0] = ((src_block[0] >> 2) & 0x3F);
2003                 dst_block[1] = (((src_block[0] << 4) & 0x30)
2004                                 | ((src_block[1] >> 4) & 0x0F));
2005                 dst_block[2] = (((src_block[1] << 2) & 0x3C)
2006                                 | ((src_block[2] >> 6) & 0x03));
2007                 dst_block[3] = (src_block[2] & 0x3F);
2008                 dst[dst_offset++] = portable_filename_chars[dst_block[0]];
2009                 dst[dst_offset++] = portable_filename_chars[dst_block[1]];
2010                 dst[dst_offset++] = portable_filename_chars[dst_block[2]];
2011                 dst[dst_offset++] = portable_filename_chars[dst_block[3]];
2012                 block_num++;
2013         }
2014 out:
2015         return;
2016 }
2017
2018 /**
2019  * ecryptfs_decode_from_filename
2020  * @dst: If NULL, this function only sets @dst_size and returns. If
2021  *       non-NULL, this function decodes the encoded octets in @src
2022  *       into the memory that @dst points to.
2023  * @dst_size: Set to the size of the decoded string.
2024  * @src: The encoded set of octets to decode.
2025  * @src_size: The size of the encoded set of octets to decode.
2026  */
2027 static void
2028 ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
2029                               const unsigned char *src, size_t src_size)
2030 {
2031         u8 current_bit_offset = 0;
2032         size_t src_byte_offset = 0;
2033         size_t dst_byte_offset = 0;
2034
2035         if (dst == NULL) {
2036                 /* Not exact; conservatively long. Every block of 4
2037                  * encoded characters decodes into a block of 3
2038                  * decoded characters. This segment of code provides
2039                  * the caller with the maximum amount of allocated
2040                  * space that @dst will need to point to in a
2041                  * subsequent call. */
2042                 (*dst_size) = (((src_size + 1) * 3) / 4);
2043                 goto out;
2044         }
2045         while (src_byte_offset < src_size) {
2046                 unsigned char src_byte =
2047                                 filename_rev_map[(int)src[src_byte_offset]];
2048
2049                 switch (current_bit_offset) {
2050                 case 0:
2051                         dst[dst_byte_offset] = (src_byte << 2);
2052                         current_bit_offset = 6;
2053                         break;
2054                 case 6:
2055                         dst[dst_byte_offset++] |= (src_byte >> 4);
2056                         dst[dst_byte_offset] = ((src_byte & 0xF)
2057                                                  << 4);
2058                         current_bit_offset = 4;
2059                         break;
2060                 case 4:
2061                         dst[dst_byte_offset++] |= (src_byte >> 2);
2062                         dst[dst_byte_offset] = (src_byte << 6);
2063                         current_bit_offset = 2;
2064                         break;
2065                 case 2:
2066                         dst[dst_byte_offset++] |= (src_byte);
2067                         dst[dst_byte_offset] = 0;
2068                         current_bit_offset = 0;
2069                         break;
2070                 }
2071                 src_byte_offset++;
2072         }
2073         (*dst_size) = dst_byte_offset;
2074 out:
2075         return;
2076 }
2077
2078 /**
2079  * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name to cipher text
2080  * @crypt_stat: The crypt_stat struct associated with the file anem to encode
2081  * @name: The plaintext name
2082  * @length: The length of the plaintext
2083  * @encoded_name: The encypted name
2084  *
2085  * Encrypts and encodes a filename into something that constitutes a
2086  * valid filename for a filesystem, with printable characters.
2087  *
2088  * We assume that we have a properly initialized crypto context,
2089  * pointed to by crypt_stat->tfm.
2090  *
2091  * Returns zero on success; non-zero on otherwise
2092  */
2093 int ecryptfs_encrypt_and_encode_filename(
2094         char **encoded_name,
2095         size_t *encoded_name_size,
2096         struct ecryptfs_crypt_stat *crypt_stat,
2097         struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
2098         const char *name, size_t name_size)
2099 {
2100         size_t encoded_name_no_prefix_size;
2101         int rc = 0;
2102
2103         (*encoded_name) = NULL;
2104         (*encoded_name_size) = 0;
2105         if ((crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCRYPT_FILENAMES))
2106             || (mount_crypt_stat && (mount_crypt_stat->flags
2107                                      & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) {
2108                 struct ecryptfs_filename *filename;
2109
2110                 filename = kzalloc(sizeof(*filename), GFP_KERNEL);
2111                 if (!filename) {
2112                         printk(KERN_ERR "%s: Out of memory whilst attempting "
2113                                "to kzalloc [%zd] bytes\n", __func__,
2114                                sizeof(*filename));
2115                         rc = -ENOMEM;
2116                         goto out;
2117                 }
2118                 filename->filename = (char *)name;
2119                 filename->filename_size = name_size;
2120                 rc = ecryptfs_encrypt_filename(filename, crypt_stat,
2121                                                mount_crypt_stat);
2122                 if (rc) {
2123                         printk(KERN_ERR "%s: Error attempting to encrypt "
2124                                "filename; rc = [%d]\n", __func__, rc);
2125                         kfree(filename);
2126                         goto out;
2127                 }
2128                 ecryptfs_encode_for_filename(
2129                         NULL, &encoded_name_no_prefix_size,
2130                         filename->encrypted_filename,
2131                         filename->encrypted_filename_size);
2132                 if ((crypt_stat && (crypt_stat->flags
2133                                     & ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
2134                     || (mount_crypt_stat
2135                         && (mount_crypt_stat->flags
2136                             & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)))
2137                         (*encoded_name_size) =
2138                                 (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
2139                                  + encoded_name_no_prefix_size);
2140                 else
2141                         (*encoded_name_size) =
2142                                 (ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE
2143                                  + encoded_name_no_prefix_size);
2144                 (*encoded_name) = kmalloc((*encoded_name_size) + 1, GFP_KERNEL);
2145                 if (!(*encoded_name)) {
2146                         printk(KERN_ERR "%s: Out of memory whilst attempting "
2147                                "to kzalloc [%zd] bytes\n", __func__,
2148                                (*encoded_name_size));
2149                         rc = -ENOMEM;
2150                         kfree(filename->encrypted_filename);
2151                         kfree(filename);
2152                         goto out;
2153                 }
2154                 if ((crypt_stat && (crypt_stat->flags
2155                                     & ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
2156                     || (mount_crypt_stat
2157                         && (mount_crypt_stat->flags
2158                             & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) {
2159                         memcpy((*encoded_name),
2160                                ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
2161                                ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE);
2162                         ecryptfs_encode_for_filename(
2163                             ((*encoded_name)
2164                              + ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE),
2165                             &encoded_name_no_prefix_size,
2166                             filename->encrypted_filename,
2167                             filename->encrypted_filename_size);
2168                         (*encoded_name_size) =
2169                                 (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
2170                                  + encoded_name_no_prefix_size);
2171                         (*encoded_name)[(*encoded_name_size)] = '\0';
2172                         (*encoded_name_size)++;
2173                 } else {
2174                         rc = -EOPNOTSUPP;
2175                 }
2176                 if (rc) {
2177                         printk(KERN_ERR "%s: Error attempting to encode "
2178                                "encrypted filename; rc = [%d]\n", __func__,
2179                                rc);
2180                         kfree((*encoded_name));
2181                         (*encoded_name) = NULL;
2182                         (*encoded_name_size) = 0;
2183                 }
2184                 kfree(filename->encrypted_filename);
2185                 kfree(filename);
2186         } else {
2187                 rc = ecryptfs_copy_filename(encoded_name,
2188                                             encoded_name_size,
2189                                             name, name_size);
2190         }
2191 out:
2192         return rc;
2193 }
2194
2195 /**
2196  * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher text name to decoded plaintext
2197  * @plaintext_name: The plaintext name
2198  * @plaintext_name_size: The plaintext name size
2199  * @ecryptfs_dir_dentry: eCryptfs directory dentry
2200  * @name: The filename in cipher text
2201  * @name_size: The cipher text name size
2202  *
2203  * Decrypts and decodes the filename.
2204  *
2205  * Returns zero on error; non-zero otherwise
2206  */
2207 int ecryptfs_decode_and_decrypt_filename(char **plaintext_name,
2208                                          size_t *plaintext_name_size,
2209                                          struct dentry *ecryptfs_dir_dentry,
2210                                          const char *name, size_t name_size)
2211 {
2212         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
2213                 &ecryptfs_superblock_to_private(
2214                         ecryptfs_dir_dentry->d_sb)->mount_crypt_stat;
2215         char *decoded_name;
2216         size_t decoded_name_size;
2217         size_t packet_size;
2218         int rc = 0;
2219
2220         if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)
2221             && !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
2222             && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE)
2223             && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
2224                         ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) {
2225                 const char *orig_name = name;
2226                 size_t orig_name_size = name_size;
2227
2228                 name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
2229                 name_size -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
2230                 ecryptfs_decode_from_filename(NULL, &decoded_name_size,
2231                                               name, name_size);
2232                 decoded_name = kmalloc(decoded_name_size, GFP_KERNEL);
2233                 if (!decoded_name) {
2234                         printk(KERN_ERR "%s: Out of memory whilst attempting "
2235                                "to kmalloc [%zd] bytes\n", __func__,
2236                                decoded_name_size);
2237                         rc = -ENOMEM;
2238                         goto out;
2239                 }
2240                 ecryptfs_decode_from_filename(decoded_name, &decoded_name_size,
2241                                               name, name_size);
2242                 rc = ecryptfs_parse_tag_70_packet(plaintext_name,
2243                                                   plaintext_name_size,
2244                                                   &packet_size,
2245                                                   mount_crypt_stat,
2246                                                   decoded_name,
2247                                                   decoded_name_size);
2248                 if (rc) {
2249                         printk(KERN_INFO "%s: Could not parse tag 70 packet "
2250                                "from filename; copying through filename "
2251                                "as-is\n", __func__);
2252                         rc = ecryptfs_copy_filename(plaintext_name,
2253                                                     plaintext_name_size,
2254                                                     orig_name, orig_name_size);
2255                         goto out_free;
2256                 }
2257         } else {
2258                 rc = ecryptfs_copy_filename(plaintext_name,
2259                                             plaintext_name_size,
2260                                             name, name_size);
2261                 goto out;
2262         }
2263 out_free:
2264         kfree(decoded_name);
2265 out:
2266         return rc;
2267 }

Revision history for this message

david (davidelizondo2006) wrote on 2009-09-28:

Download full text (262.0 KiB)

> > > diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> > > index 2f0945d..056fed6 100644 (file)
> > > --- a/fs/ecryptfs/inode.c
> > > +++ b/fs/ecryptfs/inode.c
> > > @@ -476,6 +476,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > > dentry *dentry)
> > >         struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
> > >         struct dentry *lower_dir_dentry;
> > >
> > > +       dget(lower_dentry);
> > >         lower_dir_dentry = lock_parent(lower_dentry);
> > >         rc = vfs_unlink(lower_dir_inode, lower_dentry);
> > >         if (rc) {
> > > @@ -489,6 +490,7 @@ static int ecryptfs_unlink(struct inode *dir, struct
> > > dentry *dentry)
> > >         d_drop(dentry);
> > >  out_unlock:
> > >         unlock_dir(lower_dir_dentry);
> > > +       dput(lower_dentry);
> > >         return rc;
> > >  }
> > >
> > >   test ......
> > >
> > > http://git.kernel.org/?p=linux/kernel/git/next/linux-
> > next.git;a=blob;f=fs/ecry
> > >
> >
> ptfs/inode.c;h=2f0945d632970511ba189a0ef8595e918c10b693;hb=96a7b9c2f5df899f302
> > > ade45cf17ad753fe130fd
> >
> >
> > Merge branch 'for-linus' of
> git://git./linux/kernel/git/ecryptfs/ecryptfs-2.6
> >
> > * 'for-linus' of
> > git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
> >   eCryptfs: Prevent lower dentry from going negative during unlink
> >   eCryptfs: Propagate vfs_read and vfs_write return codes
> >   eCryptfs: Validate global auth tok keys
> >   eCryptfs: Filename encryption only supports password auth tokens
> >   eCryptfs: Check for O_RDONLY lower inodes when opening lower files
> >   eCryptfs: Handle unrecognized tag 3 cipher codes
> >   ecryptfs: improved dependency checking and reporting
> >   eCryptfs: Fix lockdep-reported AB-BA mutex issue
> >   ecryptfs: Remove unneeded locking that triggers lockdep false positives
> 
> 
> 1 config ECRYPT_FS
> 2         tristate "eCrypt filesystem layer support (EXPERIMENTAL)"
> 3         depends on EXPERIMENTAL && KEYS && NET
> 4         select CRYPTO_ECB
> 5         select CRYPTO_CBC
> 6         help
> 7           Encrypted filesystem that operates on the VFS layer.  See
> 8           <file:Documentation/filesystems/ecryptfs.txt> to learn more about
> 9           eCryptfs.  Userspace components are required and can be
> 10           obtained from <http://ecryptfs.sf.net>.
> 11
> 12           To compile this file system support as a module, choose M here:
> the
> 13           module will be called ecryptfs.
> 
> ##############################################################################
> #########
> /**
> 2  * eCryptfs: Linux filesystem encryption layer
> 3  *
> 4  * Copyright (C) 1997-2004 Erez Zadok
> 5  * Copyright (C) 2001-2004 Stony Brook University
> 6  * Copyright (C) 2004-2007 International Business Machines Corp.
> 7  *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
> 8  *              Michael C. Thompson <mcthomps@us.ibm.com>
> 9  *
> 10  * This program is free software; you can redistribute it and/or
> 11  * modify it under the terms of the GNU General Public License as
> 12  * published by the Free Software Foundation; either version 2 of the
> 13  * License, or (at your option) any later version.
> 14  *
> 15  * This program is distributed in the hope that it will be useful, but
> 16  * WITHOUT ANY WARRANTY; without even the implied warranty of
> 17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> 18  * General Public License for more details.
> 19  *
> 20  * You should have received a copy of the GNU General Public License
> 21  * along with this program; if not, write to the Free Software
> 22  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
> 23  * 02111-1307, USA.
> 24  */
> 25
> 26 #include <linux/fs.h>
> 27 #include <linux/mount.h>
> 28 #include <linux/pagemap.h>
> 29 #include <linux/random.h>
> 30 #include <linux/compiler.h>
> 31 #include <linux/key.h>
> 32 #include <linux/namei.h>
> 33 #include <linux/crypto.h>
> 34 #include <linux/file.h>
> 35 #include <linux/scatterlist.h>
> 36 #include <asm/unaligned.h>
> 37 #include "ecryptfs_kernel.h"
> 38
> 39 static int
> 40 ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
> 41                              struct page *dst_page, int dst_offset,
> 42                              struct page *src_page, int src_offset, int
> size,
> 43                              unsigned char *iv);
> 44 static int
> 45 ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
> 46                              struct page *dst_page, int dst_offset,
> 47                              struct page *src_page, int src_offset, int
> size,
> 48                              unsigned char *iv);
> 49
> 50 /**
> 51  * ecryptfs_to_hex
> 52  * @dst: Buffer to take hex character representation of contents of
> 53  *       src; must be at least of size (src_size * 2)
> 54  * @src: Buffer to be converted to a hex string respresentation
> 55  * @src_size: number of bytes to convert
> 56  */
> 57 void ecryptfs_to_hex(char *dst, char *src, size_t src_size)
> 58 {
> 59         int x;
> 60
> 61         for (x = 0; x < src_size; x++)
> 62                 sprintf(&dst[x * 2], "%.2x", (unsigned char)src[x]);
> 63 }
> 64
> 65 /**
> 66  * ecryptfs_from_hex
> 67  * @dst: Buffer to take the bytes from src hex; must be at least of
> 68  *       size (src_size / 2)
> 69  * @src: Buffer to be converted from a hex string respresentation to raw
> value
> 70  * @dst_size: size of dst buffer, or number of hex characters pairs to
> convert
> 71  */
> 72 void ecryptfs_from_hex(char *dst, char *src, int dst_size)
> 73 {
> 74         int x;
> 75         char tmp[3] = { 0, };
> 76
> 77         for (x = 0; x < dst_size; x++) {
> 78                 tmp[0] = src[x * 2];
> 79                 tmp[1] = src[x * 2 + 1];
> 80                 dst[x] = (unsigned char)simple_strtol(tmp, NULL, 16);
> 81         }
> 82 }
> 83
> 84 /**
> 85  * ecryptfs_calculate_md5 - calculates the md5 of @src
> 86  * @dst: Pointer to 16 bytes of allocated memory
> 87  * @crypt_stat: Pointer to crypt_stat struct for the current inode
> 88  * @src: Data to be md5'd
> 89  * @len: Length of @src
> 90  *
> 91  * Uses the allocated crypto context that crypt_stat references to
> 92  * generate the MD5 sum of the contents of src.
> 93  */
> 94 static int ecryptfs_calculate_md5(char *dst,
> 95                                   struct ecryptfs_crypt_stat *crypt_stat,
> 96                                   char *src, int len)
> 97 {
> 98         struct scatterlist sg;
> 99         struct hash_desc desc = {
> 100                 .tfm = crypt_stat->hash_tfm,
> 101                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
> 102         };
> 103         int rc = 0;
> 104
> 105         mutex_lock(&crypt_stat->cs_hash_tfm_mutex);
> 106         sg_init_one(&sg, (u8 *)src, len);
> 107         if (!desc.tfm) {
> 108                 desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
> 109                                              CRYPTO_ALG_ASYNC);
> 110                 if (IS_ERR(desc.tfm)) {
> 111                         rc = PTR_ERR(desc.tfm);
> 112                         ecryptfs_printk(KERN_ERR, "Error attempting to "
> 113                                         "allocate crypto context; rc =
> [%d]\n",
> 114                                         rc);
> 115                         goto out;
> 116                 }
> 117                 crypt_stat->hash_tfm = desc.tfm;
> 118         }
> 119         rc = crypto_hash_init(&desc);
> 120         if (rc) {
> 121                 printk(KERN_ERR
> 122                        "%s: Error initializing crypto hash; rc = [%d]\n",
> 123                        __func__, rc);
> 124                 goto out;
> 125         }
> 126         rc = crypto_hash_update(&desc, &sg, len);
> 127         if (rc) {
> 128                 printk(KERN_ERR
> 129                        "%s: Error updating crypto hash; rc = [%d]\n",
> 130                        __func__, rc);
> 131                 goto out;
> 132         }
> 133         rc = crypto_hash_final(&desc, dst);
> 134         if (rc) {
> 135                 printk(KERN_ERR
> 136                        "%s: Error finalizing crypto hash; rc = [%d]\n",
> 137                        __func__, rc);
> 138                 goto out;
> 139         }
> 140 out:
> 141         mutex_unlock(&crypt_stat->cs_hash_tfm_mutex);
> 142         return rc;
> 143 }
> 144
> 145 static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name,
> 146                                                   char *cipher_name,
> 147                                                   char *chaining_modifier)
> 148 {
> 149         int cipher_name_len = strlen(cipher_name);
> 150         int chaining_modifier_len = strlen(chaining_modifier);
> 151         int algified_name_len;
> 152         int rc;
> 153
> 154         algified_name_len = (chaining_modifier_len + cipher_name_len + 3);
> 155         (*algified_name) = kmalloc(algified_name_len, GFP_KERNEL);
> 156         if (!(*algified_name)) {
> 157                 rc = -ENOMEM;
> 158                 goto out;
> 159         }
> 160         snprintf((*algified_name), algified_name_len, "%s(%s)",
> 161                  chaining_modifier, cipher_name);
> 162         rc = 0;
> 163 out:
> 164         return rc;
> 165 }
> 166
> 167 /**
> 168  * ecryptfs_derive_iv
> 169  * @iv: destination for the derived iv vale
> 170  * @crypt_stat: Pointer to crypt_stat struct for the current inode
> 171  * @offset: Offset of the extent whose IV we are to derive
> 172  *
> 173  * Generate the initialization vector from the given root IV and page
> 174  * offset.
> 175  *
> 176  * Returns zero on success; non-zero on error.
> 177  */
> 178 int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
> 179                        loff_t offset)
> 180 {
> 181         int rc = 0;
> 182         char dst[MD5_DIGEST_SIZE];
> 183         char src[ECRYPTFS_MAX_IV_BYTES + 16];
> 184
> 185         if (unlikely(ecryptfs_verbosity > 0)) {
> 186                 ecryptfs_printk(KERN_DEBUG, "root iv:\n");
> 187                 ecryptfs_dump_hex(crypt_stat->root_iv,
> crypt_stat->iv_bytes);
> 188         }
> 189         /* TODO: It is probably secure to just cast the least
> 190          * significant bits of the root IV into an unsigned long and
> 191          * add the offset to that rather than go through all this
> 192          * hashing business. -Halcrow */
> 193         memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);
> 194         memset((src + crypt_stat->iv_bytes), 0, 16);
> 195         snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);
> 196         if (unlikely(ecryptfs_verbosity > 0)) {
> 197                 ecryptfs_printk(KERN_DEBUG, "source:\n");
> 198                 ecryptfs_dump_hex(src, (crypt_stat->iv_bytes + 16));
> 199         }
> 200         rc = ecryptfs_calculate_md5(dst, crypt_stat, src,
> 201                                     (crypt_stat->iv_bytes + 16));
> 202         if (rc) {
> 203                 ecryptfs_printk(KERN_WARNING, "Error attempting to compute
> "
> 204                                 "MD5 while generating IV for a page\n");
> 205                 goto out;
> 206         }
> 207         memcpy(iv, dst, crypt_stat->iv_bytes);
> 208         if (unlikely(ecryptfs_verbosity > 0)) {
> 209                 ecryptfs_printk(KERN_DEBUG, "derived iv:\n");
> 210                 ecryptfs_dump_hex(iv, crypt_stat->iv_bytes);
> 211         }
> 212 out:
> 213         return rc;
> 214 }
> 215
> 216 /**
> 217  * ecryptfs_init_crypt_stat
> 218  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
> 219  *
> 220  * Initialize the crypt_stat structure.
> 221  */
> 222 void
> 223 ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
> 224 {
> 225         memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
> 226         INIT_LIST_HEAD(&crypt_stat->keysig_list);
> 227         mutex_init(&crypt_stat->keysig_list_mutex);
> 228         mutex_init(&crypt_stat->cs_mutex);
> 229         mutex_init(&crypt_stat->cs_tfm_mutex);
> 230         mutex_init(&crypt_stat->cs_hash_tfm_mutex);
> 231         crypt_stat->flags |= ECRYPTFS_STRUCT_INITIALIZED;
> 232 }
> 233
> 234 /**
> 235  * ecryptfs_destroy_crypt_stat
> 236  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
> 237  *
> 238  * Releases all memory associated with a crypt_stat struct.
> 239  */
> 240 void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
> 241 {
> 242         struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
> 243
> 244         if (crypt_stat->tfm)
> 245                 crypto_free_blkcipher(crypt_stat->tfm);
> 246         if (crypt_stat->hash_tfm)
> 247                 crypto_free_hash(crypt_stat->hash_tfm);
> 248         list_for_each_entry_safe(key_sig, key_sig_tmp,
> 249                                  &crypt_stat->keysig_list,
> crypt_stat_list) {
> 250                 list_del(&key_sig->crypt_stat_list);
> 251                 kmem_cache_free(ecryptfs_key_sig_cache, key_sig);
> 252         }
> 253         memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
> 254 }
> 255
> 256 void ecryptfs_destroy_mount_crypt_stat(
> 257         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
> 258 {
> 259         struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp;
> 260
> 261         if (!(mount_crypt_stat->flags &
> ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED))
> 262                 return;
> 263         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
> 264         list_for_each_entry_safe(auth_tok, auth_tok_tmp,
> 265                                  &mount_crypt_stat->global_auth_tok_list,
> 266                                  mount_crypt_stat_list) {
> 267                 list_del(&auth_tok->mount_crypt_stat_list);
> 268                 mount_crypt_stat->num_global_auth_toks--;
> 269                 if (auth_tok->global_auth_tok_key
> 270                     && !(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID))
> 271                         key_put(auth_tok->global_auth_tok_key);
> 272                 kmem_cache_free(ecryptfs_global_auth_tok_cache, auth_tok);
> 273         }
> 274         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
> 275         memset(mount_crypt_stat, 0, sizeof(struct
> ecryptfs_mount_crypt_stat));
> 276 }
> 277
> 278 /**
> 279  * virt_to_scatterlist
> 280  * @addr: Virtual address
> 281  * @size: Size of data; should be an even multiple of the block size
> 282  * @sg: Pointer to scatterlist array; set to NULL to obtain only
> 283  *      the number of scatterlist structs required in array
> 284  * @sg_size: Max array size
> 285  *
> 286  * Fills in a scatterlist array with page references for a passed
> 287  * virtual address.
> 288  *
> 289  * Returns the number of scatterlist structs in array used
> 290  */
> 291 int virt_to_scatterlist(const void *addr, int size, struct scatterlist
> *sg,
> 292                         int sg_size)
> 293 {
> 294         int i = 0;
> 295         struct page *pg;
> 296         int offset;
> 297         int remainder_of_page;
> 298
> 299         sg_init_table(sg, sg_size);
> 300
> 301         while (size > 0 && i < sg_size) {
> 302                 pg = virt_to_page(addr);
> 303                 offset = offset_in_page(addr);
> 304                 if (sg)
> 305                         sg_set_page(&sg[i], pg, 0, offset);
> 306                 remainder_of_page = PAGE_CACHE_SIZE - offset;
> 307                 if (size >= remainder_of_page) {
> 308                         if (sg)
> 309                                 sg[i].length = remainder_of_page;
> 310                         addr += remainder_of_page;
> 311                         size -= remainder_of_page;
> 312                 } else {
> 313                         if (sg)
> 314                                 sg[i].length = size;
> 315                         addr += size;
> 316                         size = 0;
> 317                 }
> 318                 i++;
> 319         }
> 320         if (size > 0)
> 321                 return -ENOMEM;
> 322         return i;
> 323 }
> 324
> 325 /**
> 326  * encrypt_scatterlist
> 327  * @crypt_stat: Pointer to the crypt_stat struct to initialize.
> 328  * @dest_sg: Destination of encrypted data
> 329  * @src_sg: Data to be encrypted
> 330  * @size: Length of data to be encrypted
> 331  * @iv: iv to use during encryption
> 332  *
> 333  * Returns the number of bytes encrypted; negative value on error
> 334  */
> 335 static int encrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
> 336                                struct scatterlist *dest_sg,
> 337                                struct scatterlist *src_sg, int size,
> 338                                unsigned char *iv)
> 339 {
> 340         struct blkcipher_desc desc = {
> 341                 .tfm = crypt_stat->tfm,
> 342                 .info = iv,
> 343                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
> 344         };
> 345         int rc = 0;
> 346
> 347         BUG_ON(!crypt_stat || !crypt_stat->tfm
> 348                || !(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED));
> 349         if (unlikely(ecryptfs_verbosity > 0)) {
> 350                 ecryptfs_printk(KERN_DEBUG, "Key size [%d]; key:\n",
> 351                                 crypt_stat->key_size);
> 352                 ecryptfs_dump_hex(crypt_stat->key,
> 353                                   crypt_stat->key_size);
> 354         }
> 355         /* Consider doing this once, when the file is opened */
> 356         mutex_lock(&crypt_stat->cs_tfm_mutex);
> 357         if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
> 358                 rc = crypto_blkcipher_setkey(crypt_stat->tfm,
> crypt_stat->key,
> 359                                              crypt_stat->key_size);
> 360                 crypt_stat->flags |= ECRYPTFS_KEY_SET;
> 361         }
> 362         if (rc) {
> 363                 ecryptfs_printk(KERN_ERR, "Error setting key; rc =
> [%d]\n",
> 364                                 rc);
> 365                 mutex_unlock(&crypt_stat->cs_tfm_mutex);
> 366                 rc = -EINVAL;
> 367                 goto out;
> 368         }
> 369         ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes.\n", size);
> 370         crypto_blkcipher_encrypt_iv(&desc, dest_sg, src_sg, size);
> 371         mutex_unlock(&crypt_stat->cs_tfm_mutex);
> 372 out:
> 373         return rc;
> 374 }
> 375
> 376 /**
> 377  * ecryptfs_lower_offset_for_extent
> 378  *
> 379  * Convert an eCryptfs page index into a lower byte offset
> 380  */
> 381 static void ecryptfs_lower_offset_for_extent(loff_t *offset, loff_t
> extent_num,
> 382                                              struct ecryptfs_crypt_stat
> *crypt_stat)
> 383 {
> 384         (*offset) = (crypt_stat->num_header_bytes_at_front
> 385                      + (crypt_stat->extent_size * extent_num));
> 386 }
> 387
> 388 /**
> 389  * ecryptfs_encrypt_extent
> 390  * @enc_extent_page: Allocated page into which to encrypt the data in
> 391  *                   @page
> 392  * @crypt_stat: crypt_stat containing cryptographic context for the
> 393  *              encryption operation
> 394  * @page: Page containing plaintext data extent to encrypt
> 395  * @extent_offset: Page extent offset for use in generating IV
> 396  *
> 397  * Encrypts one extent of data.
> 398  *
> 399  * Return zero on success; non-zero otherwise
> 400  */
> 401 static int ecryptfs_encrypt_extent(struct page *enc_extent_page,
> 402                                    struct ecryptfs_crypt_stat *crypt_stat,
> 403                                    struct page *page,
> 404                                    unsigned long extent_offset)
> 405 {
> 406         loff_t extent_base;
> 407         char extent_iv[ECRYPTFS_MAX_IV_BYTES];
> 408         int rc;
> 409
> 410         extent_base = (((loff_t)page->index)
> 411                        * (PAGE_CACHE_SIZE / crypt_stat->extent_size));
> 412         rc = ecryptfs_derive_iv(extent_iv, crypt_stat,
> 413                                 (extent_base + extent_offset));
> 414         if (rc) {
> 415                 ecryptfs_printk(KERN_ERR, "Error attempting to "
> 416                                 "derive IV for extent [0x%.16x]; "
> 417                                 "rc = [%d]\n", (extent_base +
> extent_offset),
> 418                                 rc);
> 419                 goto out;
> 420         }
> 421         if (unlikely(ecryptfs_verbosity > 0)) {
> 422                 ecryptfs_printk(KERN_DEBUG, "Encrypting extent "
> 423                                 "with iv:\n");
> 424                 ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
> 425                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
> 426                                 "encryption:\n");
> 427                 ecryptfs_dump_hex((char *)
> 428                                   (page_address(page)
> 429                                    + (extent_offset *
> crypt_stat->extent_size)),
> 430                                   8);
> 431         }
> 432         rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0,
> 433                                           page, (extent_offset
> 434                                                  *
> crypt_stat->extent_size),
> 435                                           crypt_stat->extent_size,
> extent_iv);
> 436         if (rc < 0) {
> 437                 printk(KERN_ERR "%s: Error attempting to encrypt page with
> "
> 438                        "page->index = [%ld], extent_offset = [%ld]; "
> 439                        "rc = [%d]\n", __func__, page->index,
> extent_offset,
> 440                        rc);
> 441                 goto out;
> 442         }
> 443         rc = 0;
> 444         if (unlikely(ecryptfs_verbosity > 0)) {
> 445                 ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; "
> 446                                 "rc = [%d]\n", (extent_base +
> extent_offset),
> 447                                 rc);
> 448                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
> 449                                 "encryption:\n");
> 450                 ecryptfs_dump_hex((char *)(page_address(enc_extent_page)),
> 8);
> 451         }
> 452 out:
> 453         return rc;
> 454 }
> 455
> 456 /**
> 457  * ecryptfs_encrypt_page
> 458  * @page: Page mapped from the eCryptfs inode for the file; contains
> 459  *        decrypted content that needs to be encrypted (to a temporary
> 460  *        page; not in place) and written out to the lower file
> 461  *
> 462  * Encrypt an eCryptfs page. This is done on a per-extent basis. Note
> 463  * that eCryptfs pages may straddle the lower pages -- for instance,
> 464  * if the file was created on a machine with an 8K page size
> 465  * (resulting in an 8K header), and then the file is copied onto a
> 466  * host with a 32K page size, then when reading page 0 of the eCryptfs
> 467  * file, 24K of page 0 of the lower file will be read and decrypted,
> 468  * and then 8K of page 1 of the lower file will be read and decrypted.
> 469  *
> 470  * Returns zero on success; negative on error
> 471  */
> 472 int ecryptfs_encrypt_page(struct page *page)
> 473 {
> 474         struct inode *ecryptfs_inode;
> 475         struct ecryptfs_crypt_stat *crypt_stat;
> 476         char *enc_extent_virt;
> 477         struct page *enc_extent_page = NULL;
> 478         loff_t extent_offset;
> 479         int rc = 0;
> 480
> 481         ecryptfs_inode = page->mapping->host;
> 482         crypt_stat =
> 483                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
> 484         BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
> 485         enc_extent_page = alloc_page(GFP_USER);
> 486         if (!enc_extent_page) {
> 487                 rc = -ENOMEM;
> 488                 ecryptfs_printk(KERN_ERR, "Error allocating memory for "
> 489                                 "encrypted extent\n");
> 490                 goto out;
> 491         }
> 492         enc_extent_virt = kmap(enc_extent_page);
> 493         for (extent_offset = 0;
> 494              extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
> 495              extent_offset++) {
> 496                 loff_t offset;
> 497
> 498                 rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat,
> page,
> 499                                              extent_offset);
> 500                 if (rc) {
> 501                         printk(KERN_ERR "%s: Error encrypting extent; "
> 502                                "rc = [%d]\n", __func__, rc);
> 503                         goto out;
> 504                 }
> 505                 ecryptfs_lower_offset_for_extent(
> 506                         &offset, ((((loff_t)page->index)
> 507                                    * (PAGE_CACHE_SIZE
> 508                                       / crypt_stat->extent_size))
> 509                                   + extent_offset), crypt_stat);
> 510                 rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt,
> 511                                           offset,
> crypt_stat->extent_size);
> 512                 if (rc < 0) {
> 513                         ecryptfs_printk(KERN_ERR, "Error attempting "
> 514                                         "to write lower page; rc = [%d]"
> 515                                         "\n", rc);
> 516                         goto out;
> 517                 }
> 518         }
> 519         rc = 0;
> 520 out:
> 521         if (enc_extent_page) {
> 522                 kunmap(enc_extent_page);
> 523                 __free_page(enc_extent_page);
> 524         }
> 525         return rc;
> 526 }
> 527
> 528 static int ecryptfs_decrypt_extent(struct page *page,
> 529                                    struct ecryptfs_crypt_stat *crypt_stat,
> 530                                    struct page *enc_extent_page,
> 531                                    unsigned long extent_offset)
> 532 {
> 533         loff_t extent_base;
> 534         char extent_iv[ECRYPTFS_MAX_IV_BYTES];
> 535         int rc;
> 536
> 537         extent_base = (((loff_t)page->index)
> 538                        * (PAGE_CACHE_SIZE / crypt_stat->extent_size));
> 539         rc = ecryptfs_derive_iv(extent_iv, crypt_stat,
> 540                                 (extent_base + extent_offset));
> 541         if (rc) {
> 542                 ecryptfs_printk(KERN_ERR, "Error attempting to "
> 543                                 "derive IV for extent [0x%.16x]; "
> 544                                 "rc = [%d]\n", (extent_base +
> extent_offset),
> 545                                 rc);
> 546                 goto out;
> 547         }
> 548         if (unlikely(ecryptfs_verbosity > 0)) {
> 549                 ecryptfs_printk(KERN_DEBUG, "Decrypting extent "
> 550                                 "with iv:\n");
> 551                 ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes);
> 552                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes before "
> 553                                 "decryption:\n");
> 554                 ecryptfs_dump_hex((char *)
> 555                                   (page_address(enc_extent_page)
> 556                                    + (extent_offset *
> crypt_stat->extent_size)),
> 557                                   8);
> 558         }
> 559         rc = ecryptfs_decrypt_page_offset(crypt_stat, page,
> 560                                           (extent_offset
> 561                                            * crypt_stat->extent_size),
> 562                                           enc_extent_page, 0,
> 563                                           crypt_stat->extent_size,
> extent_iv);
> 564         if (rc < 0) {
> 565                 printk(KERN_ERR "%s: Error attempting to decrypt to page
> with "
> 566                        "page->index = [%ld], extent_offset = [%ld]; "
> 567                        "rc = [%d]\n", __func__, page->index,
> extent_offset,
> 568                        rc);
> 569                 goto out;
> 570         }
> 571         rc = 0;
> 572         if (unlikely(ecryptfs_verbosity > 0)) {
> 573                 ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; "
> 574                                 "rc = [%d]\n", (extent_base +
> extent_offset),
> 575                                 rc);
> 576                 ecryptfs_printk(KERN_DEBUG, "First 8 bytes after "
> 577                                 "decryption:\n");
> 578                 ecryptfs_dump_hex((char *)(page_address(page)
> 579                                            + (extent_offset
> 580                                               * crypt_stat->extent_size)),
> 8);
> 581         }
> 582 out:
> 583         return rc;
> 584 }
> 585
> 586 /**
> 587  * ecryptfs_decrypt_page
> 588  * @page: Page mapped from the eCryptfs inode for the file; data read
> 589  *        and decrypted from the lower file will be written into this
> 590  *        page
> 591  *
> 592  * Decrypt an eCryptfs page. This is done on a per-extent basis. Note
> 593  * that eCryptfs pages may straddle the lower pages -- for instance,
> 594  * if the file was created on a machine with an 8K page size
> 595  * (resulting in an 8K header), and then the file is copied onto a
> 596  * host with a 32K page size, then when reading page 0 of the eCryptfs
> 597  * file, 24K of page 0 of the lower file will be read and decrypted,
> 598  * and then 8K of page 1 of the lower file will be read and decrypted.
> 599  *
> 600  * Returns zero on success; negative on error
> 601  */
> 602 int ecryptfs_decrypt_page(struct page *page)
> 603 {
> 604         struct inode *ecryptfs_inode;
> 605         struct ecryptfs_crypt_stat *crypt_stat;
> 606         char *enc_extent_virt;
> 607         struct page *enc_extent_page = NULL;
> 608         unsigned long extent_offset;
> 609         int rc = 0;
> 610
> 611         ecryptfs_inode = page->mapping->host;
> 612         crypt_stat =
> 613                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
> 614         BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
> 615         enc_extent_page = alloc_page(GFP_USER);
> 616         if (!enc_extent_page) {
> 617                 rc = -ENOMEM;
> 618                 ecryptfs_printk(KERN_ERR, "Error allocating memory for "
> 619                                 "encrypted extent\n");
> 620                 goto out;
> 621         }
> 622         enc_extent_virt = kmap(enc_extent_page);
> 623         for (extent_offset = 0;
> 624              extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
> 625              extent_offset++) {
> 626                 loff_t offset;
> 627
> 628                 ecryptfs_lower_offset_for_extent(
> 629                         &offset, ((page->index * (PAGE_CACHE_SIZE
> 630                                                   /
> crypt_stat->extent_size))
> 631                                   + extent_offset), crypt_stat);
> 632                 rc = ecryptfs_read_lower(enc_extent_virt, offset,
> 633                                          crypt_stat->extent_size,
> 634                                          ecryptfs_inode);
> 635                 if (rc < 0) {
> 636                         ecryptfs_printk(KERN_ERR, "Error attempting "
> 637                                         "to read lower page; rc = [%d]"
> 638                                         "\n", rc);
> 639                         goto out;
> 640                 }
> 641                 rc = ecryptfs_decrypt_extent(page, crypt_stat,
> enc_extent_page,
> 642                                              extent_offset);
> 643                 if (rc) {
> 644                         printk(KERN_ERR "%s: Error encrypting extent; "
> 645                                "rc = [%d]\n", __func__, rc);
> 646                         goto out;
> 647                 }
> 648         }
> 649 out:
> 650         if (enc_extent_page) {
> 651                 kunmap(enc_extent_page);
> 652                 __free_page(enc_extent_page);
> 653         }
> 654         return rc;
> 655 }
> 656
> 657 /**
> 658  * decrypt_scatterlist
> 659  * @crypt_stat: Cryptographic context
> 660  * @dest_sg: The destination scatterlist to decrypt into
> 661  * @src_sg: The source scatterlist to decrypt from
> 662  * @size: The number of bytes to decrypt
> 663  * @iv: The initialization vector to use for the decryption
> 664  *
> 665  * Returns the number of bytes decrypted; negative value on error
> 666  */
> 667 static int decrypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
> 668                                struct scatterlist *dest_sg,
> 669                                struct scatterlist *src_sg, int size,
> 670                                unsigned char *iv)
> 671 {
> 672         struct blkcipher_desc desc = {
> 673                 .tfm = crypt_stat->tfm,
> 674                 .info = iv,
> 675                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
> 676         };
> 677         int rc = 0;
> 678
> 679         /* Consider doing this once, when the file is opened */
> 680         mutex_lock(&crypt_stat->cs_tfm_mutex);
> 681         rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
> 682                                      crypt_stat->key_size);
> 683         if (rc) {
> 684                 ecryptfs_printk(KERN_ERR, "Error setting key; rc =
> [%d]\n",
> 685                                 rc);
> 686                 mutex_unlock(&crypt_stat->cs_tfm_mutex);
> 687                 rc = -EINVAL;
> 688                 goto out;
> 689         }
> 690         ecryptfs_printk(KERN_DEBUG, "Decrypting [%d] bytes.\n", size);
> 691         rc = crypto_blkcipher_decrypt_iv(&desc, dest_sg, src_sg, size);
> 692         mutex_unlock(&crypt_stat->cs_tfm_mutex);
> 693         if (rc) {
> 694                 ecryptfs_printk(KERN_ERR, "Error decrypting; rc = [%d]\n",
> 695                                 rc);
> 696                 goto out;
> 697         }
> 698         rc = size;
> 699 out:
> 700         return rc;
> 701 }
> 702
> 703 /**
> 704  * ecryptfs_encrypt_page_offset
> 705  * @crypt_stat: The cryptographic context
> 706  * @dst_page: The page to encrypt into
> 707  * @dst_offset: The offset in the page to encrypt into
> 708  * @src_page: The page to encrypt from
> 709  * @src_offset: The offset in the page to encrypt from
> 710  * @size: The number of bytes to encrypt
> 711  * @iv: The initialization vector to use for the encryption
> 712  *
> 713  * Returns the number of bytes encrypted
> 714  */
> 715 static int
> 716 ecryptfs_encrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
> 717                              struct page *dst_page, int dst_offset,
> 718                              struct page *src_page, int src_offset, int
> size,
> 719                              unsigned char *iv)
> 720 {
> 721         struct scatterlist src_sg, dst_sg;
> 722
> 723         sg_init_table(&src_sg, 1);
> 724         sg_init_table(&dst_sg, 1);
> 725
> 726         sg_set_page(&src_sg, src_page, size, src_offset);
> 727         sg_set_page(&dst_sg, dst_page, size, dst_offset);
> 728         return encrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size,
> iv);
> 729 }
> 730
> 731 /**
> 732  * ecryptfs_decrypt_page_offset
> 733  * @crypt_stat: The cryptographic context
> 734  * @dst_page: The page to decrypt into
> 735  * @dst_offset: The offset in the page to decrypt into
> 736  * @src_page: The page to decrypt from
> 737  * @src_offset: The offset in the page to decrypt from
> 738  * @size: The number of bytes to decrypt
> 739  * @iv: The initialization vector to use for the decryption
> 740  *
> 741  * Returns the number of bytes decrypted
> 742  */
> 743 static int
> 744 ecryptfs_decrypt_page_offset(struct ecryptfs_crypt_stat *crypt_stat,
> 745                              struct page *dst_page, int dst_offset,
> 746                              struct page *src_page, int src_offset, int
> size,
> 747                              unsigned char *iv)
> 748 {
> 749         struct scatterlist src_sg, dst_sg;
> 750
> 751         sg_init_table(&src_sg, 1);
> 752         sg_set_page(&src_sg, src_page, size, src_offset);
> 753
> 754         sg_init_table(&dst_sg, 1);
> 755         sg_set_page(&dst_sg, dst_page, size, dst_offset);
> 756
> 757         return decrypt_scatterlist(crypt_stat, &dst_sg, &src_sg, size,
> iv);
> 758 }
> 759
> 760 #define ECRYPTFS_MAX_SCATTERLIST_LEN 4
> 761
> 762 /**
> 763  * ecryptfs_init_crypt_ctx
> 764  * @crypt_stat: Uninitilized crypt stats structure
> 765  *
> 766  * Initialize the crypto context.
> 767  *
> 768  * TODO: Performance: Keep a cache of initialized cipher contexts;
> 769  * only init if needed
> 770  */
> 771 int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
> 772 {
> 773         char *full_alg_name;
> 774         int rc = -EINVAL;
> 775
> 776         if (!crypt_stat->cipher) {
> 777                 ecryptfs_printk(KERN_ERR, "No cipher specified\n");
> 778                 goto out;
> 779         }
> 780         ecryptfs_printk(KERN_DEBUG,
> 781                         "Initializing cipher [%s]; strlen = [%d]; "
> 782                         "key_size_bits = [%d]\n",
> 783                         crypt_stat->cipher,
> (int)strlen(crypt_stat->cipher),
> 784                         crypt_stat->key_size << 3);
> 785         if (crypt_stat->tfm) {
> 786                 rc = 0;
> 787                 goto out;
> 788         }
> 789         mutex_lock(&crypt_stat->cs_tfm_mutex);
> 790         rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
> 791                                                     crypt_stat->cipher,
> "cbc");
> 792         if (rc)
> 793                 goto out_unlock;
> 794         crypt_stat->tfm = crypto_alloc_blkcipher(full_alg_name, 0,
> 795                                                  CRYPTO_ALG_ASYNC);
> 796         kfree(full_alg_name);
> 797         if (IS_ERR(crypt_stat->tfm)) {
> 798                 rc = PTR_ERR(crypt_stat->tfm);
> 799                 crypt_stat->tfm = NULL;
> 800                 ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
> 801                                 "Error initializing cipher [%s]\n",
> 802                                 crypt_stat->cipher);
> 803                 goto out_unlock;
> 804         }
> 805         crypto_blkcipher_set_flags(crypt_stat->tfm,
> CRYPTO_TFM_REQ_WEAK_KEY);
> 806         rc = 0;
> 807 out_unlock:
> 808         mutex_unlock(&crypt_stat->cs_tfm_mutex);
> 809 out:
> 810         return rc;
> 811 }
> 812
> 813 static void set_extent_mask_and_shift(struct ecryptfs_crypt_stat
> *crypt_stat)
> 814 {
> 815         int extent_size_tmp;
> 816
> 817         crypt_stat->extent_mask = 0xFFFFFFFF;
> 818         crypt_stat->extent_shift = 0;
> 819         if (crypt_stat->extent_size == 0)
> 820                 return;
> 821         extent_size_tmp = crypt_stat->extent_size;
> 822         while ((extent_size_tmp & 0x01) == 0) {
> 823                 extent_size_tmp >>= 1;
> 824                 crypt_stat->extent_mask <<= 1;
> 825                 crypt_stat->extent_shift++;
> 826         }
> 827 }
> 828
> 829 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat)
> 830 {
> 831         /* Default values; may be overwritten as we are parsing the
> 832          * packets. */
> 833         crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE;
> 834         set_extent_mask_and_shift(crypt_stat);
> 835         crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES;
> 836         if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
> 837                 crypt_stat->num_header_bytes_at_front = 0;
> 838         else {
> 839                 if (PAGE_CACHE_SIZE <=
> ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)
> 840                         crypt_stat->num_header_bytes_at_front =
> 841                                 ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
> 842                 else
> 843                         crypt_stat->num_header_bytes_at_front =
> PAGE_CACHE_SIZE;
> 844         }
> 845 }
> 846
> 847 /**
> 848  * ecryptfs_compute_root_iv
> 849  * @crypt_stats
> 850  *
> 851  * On error, sets the root IV to all 0's.
> 852  */
> 853 int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat)
> 854 {
> 855         int rc = 0;
> 856         char dst[MD5_DIGEST_SIZE];
> 857
> 858         BUG_ON(crypt_stat->iv_bytes > MD5_DIGEST_SIZE);
> 859         BUG_ON(crypt_stat->iv_bytes <= 0);
> 860         if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
> 861                 rc = -EINVAL;
> 862                 ecryptfs_printk(KERN_WARNING, "Session key not valid; "
> 863                                 "cannot generate root IV\n");
> 864                 goto out;
> 865         }
> 866         rc = ecryptfs_calculate_md5(dst, crypt_stat, crypt_stat->key,
> 867                                     crypt_stat->key_size);
> 868         if (rc) {
> 869                 ecryptfs_printk(KERN_WARNING, "Error attempting to compute
> "
> 870                                 "MD5 while generating root IV\n");
> 871                 goto out;
> 872         }
> 873         memcpy(crypt_stat->root_iv, dst, crypt_stat->iv_bytes);
> 874 out:
> 875         if (rc) {
> 876                 memset(crypt_stat->root_iv, 0, crypt_stat->iv_bytes);
> 877                 crypt_stat->flags |= ECRYPTFS_SECURITY_WARNING;
> 878         }
> 879         return rc;
> 880 }
> 881
> 882 static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat
> *crypt_stat)
> 883 {
> 884         get_random_bytes(crypt_stat->key, crypt_stat->key_size);
> 885         crypt_stat->flags |= ECRYPTFS_KEY_VALID;
> 886         ecryptfs_compute_root_iv(crypt_stat);
> 887         if (unlikely(ecryptfs_verbosity > 0)) {
> 888                 ecryptfs_printk(KERN_DEBUG, "Generated new session
> key:\n");
> 889                 ecryptfs_dump_hex(crypt_stat->key,
> 890                                   crypt_stat->key_size);
> 891         }
> 892 }
> 893
> 894 /**
> 895  * ecryptfs_copy_mount_wide_flags_to_inode_flags
> 896  * @crypt_stat: The inode's cryptographic context
> 897  * @mount_crypt_stat: The mount point's cryptographic context
> 898  *
> 899  * This function propagates the mount-wide flags to individual inode
> 900  * flags.
> 901  */
> 902 static void ecryptfs_copy_mount_wide_flags_to_inode_flags(
> 903         struct ecryptfs_crypt_stat *crypt_stat,
> 904         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
> 905 {
> 906         if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED)
> 907                 crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
> 908         if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
> 909                 crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED;
> 910         if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) {
> 911                 crypt_stat->flags |= ECRYPTFS_ENCRYPT_FILENAMES;
> 912                 if (mount_crypt_stat->flags
> 913                     & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)
> 914                         crypt_stat->flags |=
> ECRYPTFS_ENCFN_USE_MOUNT_FNEK;
> 915                 else if (mount_crypt_stat->flags
> 916                          & ECRYPTFS_GLOBAL_ENCFN_USE_FEK)
> 917                         crypt_stat->flags |= ECRYPTFS_ENCFN_USE_FEK;
> 918         }
> 919 }
> 920
> 921 static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs(
> 922         struct ecryptfs_crypt_stat *crypt_stat,
> 923         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
> 924 {
> 925         struct ecryptfs_global_auth_tok *global_auth_tok;
> 926         int rc = 0;
> 927
> 928         mutex_lock(&crypt_stat->keysig_list_mutex);
> 929         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
> 930
> 931         list_for_each_entry(global_auth_tok,
> 932                             &mount_crypt_stat->global_auth_tok_list,
> 933                             mount_crypt_stat_list) {
> 934                 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK)
> 935                         continue;
> 936                 rc = ecryptfs_add_keysig(crypt_stat,
> global_auth_tok->sig);
> 937                 if (rc) {
> 938                         printk(KERN_ERR "Error adding keysig; rc =
> [%d]\n", rc);
> 939                         goto out;
> 940                 }
> 941         }
> 942
> 943 out:
> 944         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
> 945         mutex_unlock(&crypt_stat->keysig_list_mutex);
> 946         return rc;
> 947 }
> 948
> 949 /**
> 950  * ecryptfs_set_default_crypt_stat_vals
> 951  * @crypt_stat: The inode's cryptographic context
> 952  * @mount_crypt_stat: The mount point's cryptographic context
> 953  *
> 954  * Default values in the event that policy does not override them.
> 955  */
> 956 static void ecryptfs_set_default_crypt_stat_vals(
> 957         struct ecryptfs_crypt_stat *crypt_stat,
> 958         struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
> 959 {
> 960         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
> 961                                                       mount_crypt_stat);
> 962         ecryptfs_set_default_sizes(crypt_stat);
> 963         strcpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER);
> 964         crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES;
> 965         crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID);
> 966         crypt_stat->file_version = ECRYPTFS_FILE_VERSION;
> 967         crypt_stat->mount_crypt_stat = mount_crypt_stat;
> 968 }
> 969
> 970 /**
> 971  * ecryptfs_new_file_context
> 972  * @ecryptfs_dentry: The eCryptfs dentry
> 973  *
> 974  * If the crypto context for the file has not yet been established,
> 975  * this is where we do that.  Establishing a new crypto context
> 976  * involves the following decisions:
> 977  *  - What cipher to use?
> 978  *  - What set of authentication tokens to use?
> 979  * Here we just worry about getting enough information into the
> 980  * authentication tokens so that we know that they are available.
> 981  * We associate the available authentication tokens with the new file
> 982  * via the set of signatures in the crypt_stat struct.  Later, when
> 983  * the headers are actually written out, we may again defer to
> 984  * userspace to perform the encryption of the session key; for the
> 985  * foreseeable future, this will be the case with public key packets.
> 986  *
> 987  * Returns zero on success; non-zero otherwise
> 988  */
> 989 int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry)
> 990 {
> 991         struct ecryptfs_crypt_stat *crypt_stat =
> 992
> &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
> 993         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
> 994             &ecryptfs_superblock_to_private(
> 995                     ecryptfs_dentry->d_sb)->mount_crypt_stat;
> 996         int cipher_name_len;
> 997         int rc = 0;
> 998
> 999         ecryptfs_set_default_crypt_stat_vals(crypt_stat,
> mount_crypt_stat);
> 1000         crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID);
> 1001         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
> 1002                                                       mount_crypt_stat);
> 1003         rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat,
> 1004
> mount_crypt_stat);
> 1005         if (rc) {
> 1006                 printk(KERN_ERR "Error attempting to copy mount-wide key
> sigs "
> 1007                        "to the inode key sigs; rc = [%d]\n", rc);
> 1008                 goto out;
> 1009         }
> 1010         cipher_name_len =
> 1011                 strlen(mount_crypt_stat->global_default_cipher_name);
> 1012         memcpy(crypt_stat->cipher,
> 1013                mount_crypt_stat->global_default_cipher_name,
> 1014                cipher_name_len);
> 1015         crypt_stat->cipher[cipher_name_len] = '\0';
> 1016         crypt_stat->key_size =
> 1017                 mount_crypt_stat->global_default_cipher_key_size;
> 1018         ecryptfs_generate_new_key(crypt_stat);
> 1019         rc = ecryptfs_init_crypt_ctx(crypt_stat);
> 1020         if (rc)
> 1021                 ecryptfs_printk(KERN_ERR, "Error initializing
> cryptographic "
> 1022                                 "context for cipher [%s]: rc = [%d]\n",
> 1023                                 crypt_stat->cipher, rc);
> 1024 out:
> 1025         return rc;
> 1026 }
> 1027
> 1028 /**
> 1029  * contains_ecryptfs_marker - check for the ecryptfs marker
> 1030  * @data: The data block in which to check
> 1031  *
> 1032  * Returns one if marker found; zero if not found
> 1033  */
> 1034 static int contains_ecryptfs_marker(char *data)
> 1035 {
> 1036         u32 m_1, m_2;
> 1037
> 1038         m_1 = get_unaligned_be32(data);
> 1039         m_2 = get_unaligned_be32(data + 4);
> 1040         if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2)
> 1041                 return 1;
> 1042         ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; "
> 1043                         "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n", m_1, m_2,
> 1044                         MAGIC_ECRYPTFS_MARKER);
> 1045         ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = "
> 1046                         "[0x%.8x]\n", (m_1 ^ MAGIC_ECRYPTFS_MARKER));
> 1047         return 0;
> 1048 }
> 1049
> 1050 struct ecryptfs_flag_map_elem {
> 1051         u32 file_flag;
> 1052         u32 local_flag;
> 1053 };
> 1054
> 1055 /* Add support for additional flags by adding elements here. */
> 1056 static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = {
> 1057         {0x00000001, ECRYPTFS_ENABLE_HMAC},
> 1058         {0x00000002, ECRYPTFS_ENCRYPTED},
> 1059         {0x00000004, ECRYPTFS_METADATA_IN_XATTR},
> 1060         {0x00000008, ECRYPTFS_ENCRYPT_FILENAMES}
> 1061 };
> 1062
> 1063 /**
> 1064  * ecryptfs_process_flags
> 1065  * @crypt_stat: The cryptographic context
> 1066  * @page_virt: Source data to be parsed
> 1067  * @bytes_read: Updated with the number of bytes read
> 1068  *
> 1069  * Returns zero on success; non-zero if the flag set is invalid
> 1070  */
> 1071 static int ecryptfs_process_flags(struct ecryptfs_crypt_stat *crypt_stat,
> 1072                                   char *page_virt, int *bytes_read)
> 1073 {
> 1074         int rc = 0;
> 1075         int i;
> 1076         u32 flags;
> 1077
> 1078         flags = get_unaligned_be32(page_virt);
> 1079         for (i = 0; i < ((sizeof(ecryptfs_flag_map)
> 1080                           / sizeof(struct ecryptfs_flag_map_elem))); i++)
> 1081                 if (flags & ecryptfs_flag_map[i].file_flag) {
> 1082                         crypt_stat->flags |=
> ecryptfs_flag_map[i].local_flag;
> 1083                 } else
> 1084                         crypt_stat->flags &=
> ~(ecryptfs_flag_map[i].local_flag);
> 1085         /* Version is in top 8 bits of the 32-bit flag vector */
> 1086         crypt_stat->file_version = ((flags >> 24) & 0xFF);
> 1087         (*bytes_read) = 4;
> 1088         return rc;
> 1089 }
> 1090
> 1091 /**
> 1092  * write_ecryptfs_marker
> 1093  * @page_virt: The pointer to in a page to begin writing the marker
> 1094  * @written: Number of bytes written
> 1095  *
> 1096  * Marker = 0x3c81b7f5
> 1097  */
> 1098 static void write_ecryptfs_marker(char *page_virt, size_t *written)
> 1099 {
> 1100         u32 m_1, m_2;
> 1101
> 1102         get_random_bytes(&m_1, (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2));
> 1103         m_2 = (m_1 ^ MAGIC_ECRYPTFS_MARKER);
> 1104         put_unaligned_be32(m_1, page_virt);
> 1105         page_virt += (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2);
> 1106         put_unaligned_be32(m_2, page_virt);
> 1107         (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
> 1108 }
> 1109
> 1110 static void
> 1111 write_ecryptfs_flags(char *page_virt, struct ecryptfs_crypt_stat
> *crypt_stat,
> 1112                      size_t *written)
> 1113 {
> 1114         u32 flags = 0;
> 1115         int i;
> 1116
> 1117         for (i = 0; i < ((sizeof(ecryptfs_flag_map)
> 1118                           / sizeof(struct ecryptfs_flag_map_elem))); i++)
> 1119                 if (crypt_stat->flags & ecryptfs_flag_map[i].local_flag)
> 1120                         flags |= ecryptfs_flag_map[i].file_flag;
> 1121         /* Version is in top 8 bits of the 32-bit flag vector */
> 1122         flags |= ((((u8)crypt_stat->file_version) << 24) & 0xFF000000);
> 1123         put_unaligned_be32(flags, page_virt);
> 1124         (*written) = 4;
> 1125 }
> 1126
> 1127 struct ecryptfs_cipher_code_str_map_elem {
> 1128         char cipher_str[16];
> 1129         u8 cipher_code;
> 1130 };
> 1131
> 1132 /* Add support for additional ciphers by adding elements here. The
> 1133  * cipher_code is whatever OpenPGP applicatoins use to identify the
> 1134  * ciphers. List in order of probability. */
> 1135 static struct ecryptfs_cipher_code_str_map_elem
> 1136 ecryptfs_cipher_code_str_map[] = {
> 1137         {"aes",RFC2440_CIPHER_AES_128 },
> 1138         {"blowfish", RFC2440_CIPHER_BLOWFISH},
> 1139         {"des3_ede", RFC2440_CIPHER_DES3_EDE},
> 1140         {"cast5", RFC2440_CIPHER_CAST_5},
> 1141         {"twofish", RFC2440_CIPHER_TWOFISH},
> 1142         {"cast6", RFC2440_CIPHER_CAST_6},
> 1143         {"aes", RFC2440_CIPHER_AES_192},
> 1144         {"aes", RFC2440_CIPHER_AES_256}
> 1145 };
> 1146
> 1147 /**
> 1148  * ecryptfs_code_for_cipher_string
> 1149  * @cipher_name: The string alias for the cipher
> 1150  * @key_bytes: Length of key in bytes; used for AES code selection
> 1151  *
> 1152  * Returns zero on no match, or the cipher code on match
> 1153  */
> 1154 u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes)
> 1155 {
> 1156         int i;
> 1157         u8 code = 0;
> 1158         struct ecryptfs_cipher_code_str_map_elem *map =
> 1159                 ecryptfs_cipher_code_str_map;
> 1160
> 1161         if (strcmp(cipher_name, "aes") == 0) {
> 1162                 switch (key_bytes) {
> 1163                 case 16:
> 1164                         code = RFC2440_CIPHER_AES_128;
> 1165                         break;
> 1166                 case 24:
> 1167                         code = RFC2440_CIPHER_AES_192;
> 1168                         break;
> 1169                 case 32:
> 1170                         code = RFC2440_CIPHER_AES_256;
> 1171                 }
> 1172         } else {
> 1173                 for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map);
> i++)
> 1174                         if (strcmp(cipher_name, map[i].cipher_str) == 0)
> {
> 1175                                 code = map[i].cipher_code;
> 1176                                 break;
> 1177                         }
> 1178         }
> 1179         return code;
> 1180 }
> 1181
> 1182 /**
> 1183  * ecryptfs_cipher_code_to_string
> 1184  * @str: Destination to write out the cipher name
> 1185  * @cipher_code: The code to convert to cipher name string
> 1186  *
> 1187  * Returns zero on success
> 1188  */
> 1189 int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code)
> 1190 {
> 1191         int rc = 0;
> 1192         int i;
> 1193
> 1194         str[0] = '\0';
> 1195         for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)
> 1196                 if (cipher_code ==
> ecryptfs_cipher_code_str_map[i].cipher_code)
> 1197                         strcpy(str,
> ecryptfs_cipher_code_str_map[i].cipher_str);
> 1198         if (str[0] == '\0') {
> 1199                 ecryptfs_printk(KERN_WARNING, "Cipher code not
> recognized: "
> 1200                                 "[%d]\n", cipher_code);
> 1201                 rc = -EINVAL;
> 1202         }
> 1203         return rc;
> 1204 }
> 1205
> 1206 int ecryptfs_read_and_validate_header_region(char *data,
> 1207                                              struct inode
> *ecryptfs_inode)
> 1208 {
> 1209         struct ecryptfs_crypt_stat *crypt_stat =
> 1210                 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
> 1211         int rc;
> 1212
> 1213         if (crypt_stat->extent_size == 0)
> 1214                 crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE;
> 1215         rc = ecryptfs_read_lower(data, 0, crypt_stat->extent_size,
> 1216                                  ecryptfs_inode);
> 1217         if (rc < 0) {
> 1218                 printk(KERN_ERR "%s: Error reading header region; rc =
> [%d]\n",
> 1219                        __func__, rc);
> 1220                 goto out;
> 1221         }
> 1222         if (!contains_ecryptfs_marker(data + ECRYPTFS_FILE_SIZE_BYTES)) {
> 1223                 rc = -EINVAL;
> 1224         } else
> 1225                 rc = 0;
> 1226 out:
> 1227         return rc;
> 1228 }
> 1229
> 1230 void
> 1231 ecryptfs_write_header_metadata(char *virt,
> 1232                                struct ecryptfs_crypt_stat *crypt_stat,
> 1233                                size_t *written)
> 1234 {
> 1235         u32 header_extent_size;
> 1236         u16 num_header_extents_at_front;
> 1237
> 1238         header_extent_size = (u32)crypt_stat->extent_size;
> 1239         num_header_extents_at_front =
> 1240                 (u16)(crypt_stat->num_header_bytes_at_front
> 1241                       / crypt_stat->extent_size);
> 1242         put_unaligned_be32(header_extent_size, virt);
> 1243         virt += 4;
> 1244         put_unaligned_be16(num_header_extents_at_front, virt);
> 1245         (*written) = 6;
> 1246 }
> 1247
> 1248 struct kmem_cache *ecryptfs_header_cache_1;
> 1249 struct kmem_cache *ecryptfs_header_cache_2;
> 1250
> 1251 /**
> 1252  * ecryptfs_write_headers_virt
> 1253  * @page_virt: The virtual address to write the headers to
> 1254  * @max: The size of memory allocated at page_virt
> 1255  * @size: Set to the number of bytes written by this function
> 1256  * @crypt_stat: The cryptographic context
> 1257  * @ecryptfs_dentry: The eCryptfs dentry
> 1258  *
> 1259  * Format version: 1
> 1260  *
> 1261  *   Header Extent:
> 1262  *     Octets 0-7:        Unencrypted file size (big-endian)
> 1263  *     Octets 8-15:       eCryptfs special marker
> 1264  *     Octets 16-19:      Flags
> 1265  *      Octet 16:         File format version number (between 0 and 255)
> 1266  *      Octets 17-18:     Reserved
> 1267  *      Octet 19:         Bit 1 (lsb): Reserved
> 1268  *                        Bit 2: Encrypted?
> 1269  *                        Bits 3-8: Reserved
> 1270  *     Octets 20-23:      Header extent size (big-endian)
> 1271  *     Octets 24-25:      Number of header extents at front of file
> 1272  *                        (big-endian)
> 1273  *     Octet  26:         Begin RFC 2440 authentication token packet set
> 1274  *   Data Extent 0:
> 1275  *     Lower data (CBC encrypted)
> 1276  *   Data Extent 1:
> 1277  *     Lower data (CBC encrypted)
> 1278  *   ...
> 1279  *
> 1280  * Returns zero on success
> 1281  */
> 1282 static int ecryptfs_write_headers_virt(char *page_virt, size_t max,
> 1283                                        size_t *size,
> 1284                                        struct ecryptfs_crypt_stat
> *crypt_stat,
> 1285                                        struct dentry *ecryptfs_dentry)
> 1286 {
> 1287         int rc;
> 1288         size_t written;
> 1289         size_t offset;
> 1290
> 1291         offset = ECRYPTFS_FILE_SIZE_BYTES;
> 1292         write_ecryptfs_marker((page_virt + offset), &written);
> 1293         offset += written;
> 1294         write_ecryptfs_flags((page_virt + offset), crypt_stat, &written);
> 1295         offset += written;
> 1296         ecryptfs_write_header_metadata((page_virt + offset), crypt_stat,
> 1297                                        &written);
> 1298         offset += written;
> 1299         rc = ecryptfs_generate_key_packet_set((page_virt + offset),
> crypt_stat,
> 1300                                               ecryptfs_dentry, &written,
> 1301                                               max - offset);
> 1302         if (rc)
> 1303                 ecryptfs_printk(KERN_WARNING, "Error generating key
> packet "
> 1304                                 "set; rc = [%d]\n", rc);
> 1305         if (size) {
> 1306                 offset += written;
> 1307                 *size = offset;
> 1308         }
> 1309         return rc;
> 1310 }
> 1311
> 1312 static int
> 1313 ecryptfs_write_metadata_to_contents(struct dentry *ecryptfs_dentry,
> 1314                                     char *virt, size_t virt_len)
> 1315 {
> 1316         int rc;
> 1317
> 1318         rc = ecryptfs_write_lower(ecryptfs_dentry->d_inode, virt,
> 1319                                   0, virt_len);
> 1320         if (rc < 0)
> 1321                 printk(KERN_ERR "%s: Error attempting to write header "
> 1322                        "information to lower file; rc = [%d]\n",
> __func__, rc);
> 1323         else
> 1324                 rc = 0;
> 1325         return rc;
> 1326 }
> 1327
> 1328 static int
> 1329 ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry,
> 1330                                  char *page_virt, size_t size)
> 1331 {
> 1332         int rc;
> 1333
> 1334         rc = ecryptfs_setxattr(ecryptfs_dentry, ECRYPTFS_XATTR_NAME,
> page_virt,
> 1335                                size, 0);
> 1336         return rc;
> 1337 }
> 1338
> 1339 static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask,
> 1340                                                unsigned int order)
> 1341 {
> 1342         struct page *page;
> 1343
> 1344         page = alloc_pages(gfp_mask | __GFP_ZERO, order);
> 1345         if (page)
> 1346                 return (unsigned long) page_address(page);
> 1347         return 0;
> 1348 }
> 1349
> 1350 /**
> 1351  * ecryptfs_write_metadata
> 1352  * @ecryptfs_dentry: The eCryptfs dentry
> 1353  *
> 1354  * Write the file headers out.  This will likely involve a userspace
> 1355  * callout, in which the session key is encrypted with one or more
> 1356  * public keys and/or the passphrase necessary to do the encryption is
> 1357  * retrieved via a prompt.  Exactly what happens at this point should
> 1358  * be policy-dependent.
> 1359  *
> 1360  * Returns zero on success; non-zero on error
> 1361  */
> 1362 int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry)
> 1363 {
> 1364         struct ecryptfs_crypt_stat *crypt_stat =
> 1365
> &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
> 1366         unsigned int order;
> 1367         char *virt;
> 1368         size_t virt_len;
> 1369         size_t size = 0;
> 1370         int rc = 0;
> 1371
> 1372         if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
> 1373                 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
> 1374                         printk(KERN_ERR "Key is invalid; bailing out\n");
> 1375                         rc = -EINVAL;
> 1376                         goto out;
> 1377                 }
> 1378         } else {
> 1379                 printk(KERN_WARNING "%s: Encrypted flag not set\n",
> 1380                        __func__);
> 1381                 rc = -EINVAL;
> 1382                 goto out;
> 1383         }
> 1384         virt_len = crypt_stat->num_header_bytes_at_front;
> 1385         order = get_order(virt_len);
> 1386         /* Released in this function */
> 1387         virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order);
> 1388         if (!virt) {
> 1389                 printk(KERN_ERR "%s: Out of memory\n", __func__);
> 1390                 rc = -ENOMEM;
> 1391                 goto out;
> 1392         }
> 1393         rc = ecryptfs_write_headers_virt(virt, virt_len, &size,
> crypt_stat,
> 1394                                          ecryptfs_dentry);
> 1395         if (unlikely(rc)) {
> 1396                 printk(KERN_ERR "%s: Error whilst writing headers; rc =
> [%d]\n",
> 1397                        __func__, rc);
> 1398                 goto out_free;
> 1399         }
> 1400         if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
> 1401                 rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry,
> virt,
> 1402                                                       size);
> 1403         else
> 1404                 rc = ecryptfs_write_metadata_to_contents(ecryptfs_dentry,
> virt,
> 1405                                                          virt_len);
> 1406         if (rc) {
> 1407                 printk(KERN_ERR "%s: Error writing metadata out to lower
> file; "
> 1408                        "rc = [%d]\n", __func__, rc);
> 1409                 goto out_free;
> 1410         }
> 1411 out_free:
> 1412         free_pages((unsigned long)virt, order);
> 1413 out:
> 1414         return rc;
> 1415 }
> 1416
> 1417 #define ECRYPTFS_DONT_VALIDATE_HEADER_SIZE 0
> 1418 #define ECRYPTFS_VALIDATE_HEADER_SIZE 1
> 1419 static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat,
> 1420                                  char *virt, int *bytes_read,
> 1421                                  int validate_header_size)
> 1422 {
> 1423         int rc = 0;
> 1424         u32 header_extent_size;
> 1425         u16 num_header_extents_at_front;
> 1426
> 1427         header_extent_size = get_unaligned_be32(virt);
> 1428         virt += sizeof(__be32);
> 1429         num_header_extents_at_front = get_unaligned_be16(virt);
> 1430         crypt_stat->num_header_bytes_at_front =
> 1431                 (((size_t)num_header_extents_at_front
> 1432                   * (size_t)header_extent_size));
> 1433         (*bytes_read) = (sizeof(__be32) + sizeof(__be16));
> 1434         if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE)
> 1435             && (crypt_stat->num_header_bytes_at_front
> 1436                 < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) {
> 1437                 rc = -EINVAL;
> 1438                 printk(KERN_WARNING "Invalid header size: [%zd]\n",
> 1439                        crypt_stat->num_header_bytes_at_front);
> 1440         }
> 1441         return rc;
> 1442 }
> 1443
> 1444 /**
> 1445  * set_default_header_data
> 1446  * @crypt_stat: The cryptographic context
> 1447  *
> 1448  * For version 0 file format; this function is only for backwards
> 1449  * compatibility for files created with the prior versions of
> 1450  * eCryptfs.
> 1451  */
> 1452 static void set_default_header_data(struct ecryptfs_crypt_stat
> *crypt_stat)
> 1453 {
> 1454         crypt_stat->num_header_bytes_at_front =
> 1455                 ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
> 1456 }
> 1457
> 1458 /**
> 1459  * ecryptfs_read_headers_virt
> 1460  * @page_virt: The virtual address into which to read the headers
> 1461  * @crypt_stat: The cryptographic context
> 1462  * @ecryptfs_dentry: The eCryptfs dentry
> 1463  * @validate_header_size: Whether to validate the header size while
> reading
> 1464  *
> 1465  * Read/parse the header data. The header format is detailed in the
> 1466  * comment block for the ecryptfs_write_headers_virt() function.
> 1467  *
> 1468  * Returns zero on success
> 1469  */
> 1470 static int ecryptfs_read_headers_virt(char *page_virt,
> 1471                                       struct ecryptfs_crypt_stat
> *crypt_stat,
> 1472                                       struct dentry *ecryptfs_dentry,
> 1473                                       int validate_header_size)
> 1474 {
> 1475         int rc = 0;
> 1476         int offset;
> 1477         int bytes_read;
> 1478
> 1479         ecryptfs_set_default_sizes(crypt_stat);
> 1480         crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private(
> 1481                 ecryptfs_dentry->d_sb)->mount_crypt_stat;
> 1482         offset = ECRYPTFS_FILE_SIZE_BYTES;
> 1483         rc = contains_ecryptfs_marker(page_virt + offset);
> 1484         if (rc == 0) {
> 1485                 rc = -EINVAL;
> 1486                 goto out;
> 1487         }
> 1488         offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
> 1489         rc = ecryptfs_process_flags(crypt_stat, (page_virt + offset),
> 1490                                     &bytes_read);
> 1491         if (rc) {
> 1492                 ecryptfs_printk(KERN_WARNING, "Error processing
> flags\n");
> 1493                 goto out;
> 1494         }
> 1495         if (crypt_stat->file_version > ECRYPTFS_SUPPORTED_FILE_VERSION) {
> 1496                 ecryptfs_printk(KERN_WARNING, "File version is [%d]; only
> "
> 1497                                 "file version [%d] is supported by this "
> 1498                                 "version of eCryptfs\n",
> 1499                                 crypt_stat->file_version,
> 1500                                 ECRYPTFS_SUPPORTED_FILE_VERSION);
> 1501                 rc = -EINVAL;
> 1502                 goto out;
> 1503         }
> 1504         offset += bytes_read;
> 1505         if (crypt_stat->file_version >= 1) {
> 1506                 rc = parse_header_metadata(crypt_stat, (page_virt +
> offset),
> 1507                                            &bytes_read,
> validate_header_size);
> 1508                 if (rc) {
> 1509                         ecryptfs_printk(KERN_WARNING, "Error reading
> header "
> 1510                                         "metadata; rc = [%d]\n", rc);
> 1511                 }
> 1512                 offset += bytes_read;
> 1513         } else
> 1514                 set_default_header_data(crypt_stat);
> 1515         rc = ecryptfs_parse_packet_set(crypt_stat, (page_virt + offset),
> 1516                                        ecryptfs_dentry);
> 1517 out:
> 1518         return rc;
> 1519 }
> 1520
> 1521 /**
> 1522  * ecryptfs_read_xattr_region
> 1523  * @page_virt: The vitual address into which to read the xattr data
> 1524  * @ecryptfs_inode: The eCryptfs inode
> 1525  *
> 1526  * Attempts to read the crypto metadata from the extended attribute
> 1527  * region of the lower file.
> 1528  *
> 1529  * Returns zero on success; non-zero on error
> 1530  */
> 1531 int ecryptfs_read_xattr_region(char *page_virt, struct inode
> *ecryptfs_inode)
> 1532 {
> 1533         struct dentry *lower_dentry =
> 1534
> ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_dentry;
> 1535         ssize_t size;
> 1536         int rc = 0;
> 1537
> 1538         size = ecryptfs_getxattr_lower(lower_dentry, ECRYPTFS_XATTR_NAME,
> 1539                                        page_virt,
> ECRYPTFS_DEFAULT_EXTENT_SIZE);
> 1540         if (size < 0) {
> 1541                 if (unlikely(ecryptfs_verbosity > 0))
> 1542                         printk(KERN_INFO "Error attempting to read the
> [%s] "
> 1543                                "xattr from the lower file; return value =
> "
> 1544                                "[%zd]\n", ECRYPTFS_XATTR_NAME, size);
> 1545                 rc = -EINVAL;
> 1546                 goto out;
> 1547         }
> 1548 out:
> 1549         return rc;
> 1550 }
> 1551
> 1552 int ecryptfs_read_and_validate_xattr_region(char *page_virt,
> 1553                                             struct dentry
> *ecryptfs_dentry)
> 1554 {
> 1555         int rc;
> 1556
> 1557         rc = ecryptfs_read_xattr_region(page_virt,
> ecryptfs_dentry->d_inode);
> 1558         if (rc)
> 1559                 goto out;
> 1560         if (!contains_ecryptfs_marker(page_virt +
> ECRYPTFS_FILE_SIZE_BYTES)) {
> 1561                 printk(KERN_WARNING "Valid data found in [%s] xattr, but
> "
> 1562                         "the marker is invalid\n", ECRYPTFS_XATTR_NAME);
> 1563                 rc = -EINVAL;
> 1564         }
> 1565 out:
> 1566         return rc;
> 1567 }
> 1568
> 1569 /**
> 1570  * ecryptfs_read_metadata
> 1571  *
> 1572  * Common entry point for reading file metadata. From here, we could
> 1573  * retrieve the header information from the header region of the file,
> 1574  * the xattr region of the file, or some other repostory that is
> 1575  * stored separately from the file itself. The current implementation
> 1576  * supports retrieving the metadata information from the file contents
> 1577  * and from the xattr region.
> 1578  *
> 1579  * Returns zero if valid headers found and parsed; non-zero otherwise
> 1580  */
> 1581 int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry)
> 1582 {
> 1583         int rc = 0;
> 1584         char *page_virt = NULL;
> 1585         struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode;
> 1586         struct ecryptfs_crypt_stat *crypt_stat =
> 1587             &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
> 1588         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
> 1589                 &ecryptfs_superblock_to_private(
> 1590                         ecryptfs_dentry->d_sb)->mount_crypt_stat;
> 1591
> 1592         ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
> 1593                                                       mount_crypt_stat);
> 1594         /* Read the first page from the underlying file */
> 1595         page_virt = kmem_cache_alloc(ecryptfs_header_cache_1, GFP_USER);
> 1596         if (!page_virt) {
> 1597                 rc = -ENOMEM;
> 1598                 printk(KERN_ERR "%s: Unable to allocate page_virt\n",
> 1599                        __func__);
> 1600                 goto out;
> 1601         }
> 1602         rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size,
> 1603                                  ecryptfs_inode);
> 1604         if (rc >= 0)
> 1605                 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
> 1606                                                 ecryptfs_dentry,
> 1607
> ECRYPTFS_VALIDATE_HEADER_SIZE);
> 1608         if (rc) {
> 1609                 rc = ecryptfs_read_xattr_region(page_virt,
> ecryptfs_inode);
> 1610                 if (rc) {
> 1611                         printk(KERN_DEBUG "Valid eCryptfs headers not
> found in "
> 1612                                "file header region or xattr region\n");
> 1613                         rc = -EINVAL;
> 1614                         goto out;
> 1615                 }
> 1616                 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
> 1617                                                 ecryptfs_dentry,
> 1618
> ECRYPTFS_DONT_VALIDATE_HEADER_SIZE);
> 1619                 if (rc) {
> 1620                         printk(KERN_DEBUG "Valid eCryptfs headers not
> found in "
> 1621                                "file xattr region either\n");
> 1622                         rc = -EINVAL;
> 1623                 }
> 1624                 if (crypt_stat->mount_crypt_stat->flags
> 1625                     & ECRYPTFS_XATTR_METADATA_ENABLED) {
> 1626                         crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
> 1627                 } else {
> 1628                         printk(KERN_WARNING "Attempt to access file with
> "
> 1629                                "crypto metadata only in the extended
> attribute "
> 1630                                "region, but eCryptfs was mounted without
> "
> 1631                                "xattr support enabled. eCryptfs will not
> treat "
> 1632                                "this like an encrypted file.\n");
> 1633                         rc = -EINVAL;
> 1634                 }
> 1635         }
> 1636 out:
> 1637         if (page_virt) {
> 1638                 memset(page_virt, 0, PAGE_CACHE_SIZE);
> 1639                 kmem_cache_free(ecryptfs_header_cache_1, page_virt);
> 1640         }
> 1641         return rc;
> 1642 }
> 1643
> 1644 /**
> 1645  * ecryptfs_encrypt_filename - encrypt filename
> 1646  *
> 1647  * CBC-encrypts the filename. We do not want to encrypt the same
> 1648  * filename with the same key and IV, which may happen with hard
> 1649  * links, so we prepend random bits to each filename.
> 1650  *
> 1651  * Returns zero on success; non-zero otherwise
> 1652  */
> 1653 static int
> 1654 ecryptfs_encrypt_filename(struct ecryptfs_filename *filename,
> 1655                           struct ecryptfs_crypt_stat *crypt_stat,
> 1656                           struct ecryptfs_mount_crypt_stat
> *mount_crypt_stat)
> 1657 {
> 1658         int rc = 0;
> 1659
> 1660         filename->encrypted_filename = NULL;
> 1661         filename->encrypted_filename_size = 0;
> 1662         if ((crypt_stat && (crypt_stat->flags &
> ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
> 1663             || (mount_crypt_stat && (mount_crypt_stat->flags
> 1664                                      &
> ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) {
> 1665                 size_t packet_size;
> 1666                 size_t remaining_bytes;
> 1667
> 1668                 rc = ecryptfs_write_tag_70_packet(
> 1669                         NULL, NULL,
> 1670                         &filename->encrypted_filename_size,
> 1671                         mount_crypt_stat, NULL,
> 1672                         filename->filename_size);
> 1673                 if (rc) {
> 1674                         printk(KERN_ERR "%s: Error attempting to get
> packet "
> 1675                                "size for tag 72; rc = [%d]\n", __func__,
> 1676                                rc);
> 1677                         filename->encrypted_filename_size = 0;
> 1678                         goto out;
> 1679                 }
> 1680                 filename->encrypted_filename =
> 1681                         kmalloc(filename->encrypted_filename_size,
> GFP_KERNEL);
> 1682                 if (!filename->encrypted_filename) {
> 1683                         printk(KERN_ERR "%s: Out of memory whilst
> attempting "
> 1684                                "to kmalloc [%zd] bytes\n", __func__,
> 1685                                filename->encrypted_filename_size);
> 1686                         rc = -ENOMEM;
> 1687                         goto out;
> 1688                 }
> 1689                 remaining_bytes = filename->encrypted_filename_size;
> 1690                 rc =
> ecryptfs_write_tag_70_packet(filename->encrypted_filename,
> 1691                                                   &remaining_bytes,
> 1692                                                   &packet_size,
> 1693                                                   mount_crypt_stat,
> 1694                                                   filename->filename,
> 1695
> filename->filename_size);
> 1696                 if (rc) {
> 1697                         printk(KERN_ERR "%s: Error attempting to generate
> "
> 1698                                "tag 70 packet; rc = [%d]\n", __func__,
> 1699                                rc);
> 1700                         kfree(filename->encrypted_filename);
> 1701                         filename->encrypted_filename = NULL;
> 1702                         filename->encrypted_filename_size = 0;
> 1703                         goto out;
> 1704                 }
> 1705                 filename->encrypted_filename_size = packet_size;
> 1706         } else {
> 1707                 printk(KERN_ERR "%s: No support for requested filename "
> 1708                        "encryption method in this release\n", __func__);
> 1709                 rc = -EOPNOTSUPP;
> 1710                 goto out;
> 1711         }
> 1712 out:
> 1713         return rc;
> 1714 }
> 1715
> 1716 static int ecryptfs_copy_filename(char **copied_name, size_t
> *copied_name_size,
> 1717                                   const char *name, size_t name_size)
> 1718 {
> 1719         int rc = 0;
> 1720
> 1721         (*copied_name) = kmalloc((name_size + 1), GFP_KERNEL);
> 1722         if (!(*copied_name)) {
> 1723                 rc = -ENOMEM;
> 1724                 goto out;
> 1725         }
> 1726         memcpy((void *)(*copied_name), (void *)name, name_size);
> 1727         (*copied_name)[(name_size)] = '\0';     /* Only for convenience
> 1728                                                  * in printing out the
> 1729                                                  * string in debug
> 1730                                                  * messages */
> 1731         (*copied_name_size) = name_size;
> 1732 out:
> 1733         return rc;
> 1734 }
> 1735
> 1736 /**
> 1737  * ecryptfs_process_key_cipher - Perform key cipher initialization.
> 1738  * @key_tfm: Crypto context for key material, set by this function
> 1739  * @cipher_name: Name of the cipher
> 1740  * @key_size: Size of the key in bytes
> 1741  *
> 1742  * Returns zero on success. Any crypto_tfm structs allocated here
> 1743  * should be released by other functions, such as on a superblock put
> 1744  * event, regardless of whether this function succeeds for fails.
> 1745  */
> 1746 static int
> 1747 ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm,
> 1748                             char *cipher_name, size_t *key_size)
> 1749 {
> 1750         char dummy_key[ECRYPTFS_MAX_KEY_BYTES];
> 1751         char *full_alg_name;
> 1752         int rc;
> 1753
> 1754         *key_tfm = NULL;
> 1755         if (*key_size > ECRYPTFS_MAX_KEY_BYTES) {
> 1756                 rc = -EINVAL;
> 1757                 printk(KERN_ERR "Requested key size is [%zd] bytes;
> maximum "
> 1758                       "allowable is [%d]\n", *key_size,
> ECRYPTFS_MAX_KEY_BYTES);
> 1759                 goto out;
> 1760         }
> 1761         rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
> cipher_name,
> 1762                                                     "ecb");
> 1763         if (rc)
> 1764                 goto out;
> 1765         *key_tfm = crypto_alloc_blkcipher(full_alg_name, 0,
> CRYPTO_ALG_ASYNC);
> 1766         kfree(full_alg_name);
> 1767         if (IS_ERR(*key_tfm)) {
> 1768                 rc = PTR_ERR(*key_tfm);
> 1769                 printk(KERN_ERR "Unable to allocate crypto cipher with
> name "
> 1770                        "[%s]; rc = [%d]\n", full_alg_name, rc);
> 1771                 goto out;
> 1772         }
> 1773         crypto_blkcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_WEAK_KEY);
> 1774         if (*key_size == 0) {
> 1775                 struct blkcipher_alg *alg =
> crypto_blkcipher_alg(*key_tfm);
> 1776
> 1777                 *key_size = alg->max_keysize;
> 1778         }
> 1779         get_random_bytes(dummy_key, *key_size);
> 1780         rc = crypto_blkcipher_setkey(*key_tfm, dummy_key, *key_size);
> 1781         if (rc) {
> 1782                 printk(KERN_ERR "Error attempting to set key of size
> [%zd] for "
> 1783                        "cipher [%s]; rc = [%d]\n", *key_size,
> full_alg_name,
> 1784                        rc);
> 1785                 rc = -EINVAL;
> 1786                 goto out;
> 1787         }
> 1788 out:
> 1789         return rc;
> 1790 }
> 1791
> 1792 struct kmem_cache *ecryptfs_key_tfm_cache;
> 1793 static struct list_head key_tfm_list;
> 1794 struct mutex key_tfm_list_mutex;
> 1795
> 1796 int ecryptfs_init_crypto(void)
> 1797 {
> 1798         mutex_init(&key_tfm_list_mutex);
> 1799         INIT_LIST_HEAD(&key_tfm_list);
> 1800         return 0;
> 1801 }
> 1802
> 1803 /**
> 1804  * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
> 1805  *
> 1806  * Called only at module unload time
> 1807  */
> 1808 int ecryptfs_destroy_crypto(void)
> 1809 {
> 1810         struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
> 1811
> 1812         mutex_lock(&key_tfm_list_mutex);
> 1813         list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list,
> 1814                                  key_tfm_list) {
> 1815                 list_del(&key_tfm->key_tfm_list);
> 1816                 if (key_tfm->key_tfm)
> 1817                         crypto_free_blkcipher(key_tfm->key_tfm);
> 1818                 kmem_cache_free(ecryptfs_key_tfm_cache, key_tfm);
> 1819         }
> 1820         mutex_unlock(&key_tfm_list_mutex);
> 1821         return 0;
> 1822 }
> 1823
> 1824 int
> 1825 ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char
> *cipher_name,
> 1826                          size_t key_size)
> 1827 {
> 1828         struct ecryptfs_key_tfm *tmp_tfm;
> 1829         int rc = 0;
> 1830
> 1831         BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
> 1832
> 1833         tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
> 1834         if (key_tfm != NULL)
> 1835                 (*key_tfm) = tmp_tfm;
> 1836         if (!tmp_tfm) {
> 1837                 rc = -ENOMEM;
> 1838                 printk(KERN_ERR "Error attempting to allocate from "
> 1839                        "ecryptfs_key_tfm_cache\n");
> 1840                 goto out;
> 1841         }
> 1842         mutex_init(&tmp_tfm->key_tfm_mutex);
> 1843         strncpy(tmp_tfm->cipher_name, cipher_name,
> 1844                 ECRYPTFS_MAX_CIPHER_NAME_SIZE);
> 1845         tmp_tfm->cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE] = '\0';
> 1846         tmp_tfm->key_size = key_size;
> 1847         rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm,
> 1848                                          tmp_tfm->cipher_name,
> 1849                                          &tmp_tfm->key_size);
> 1850         if (rc) {
> 1851                 printk(KERN_ERR "Error attempting to initialize key TFM "
> 1852                        "cipher with name = [%s]; rc = [%d]\n",
> 1853                        tmp_tfm->cipher_name, rc);
> 1854                 kmem_cache_free(ecryptfs_key_tfm_cache, tmp_tfm);
> 1855                 if (key_tfm != NULL)
> 1856                         (*key_tfm) = NULL;
> 1857                 goto out;
> 1858         }
> 1859         list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
> 1860 out:
> 1861         return rc;
> 1862 }
> 1863
> 1864 /**
> 1865  * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
> 1866  * @cipher_name: the name of the cipher to search for
> 1867  * @key_tfm: set to corresponding tfm if found
> 1868  *
> 1869  * Searches for cached key_tfm matching @cipher_name
> 1870  * Must be called with &key_tfm_list_mutex held
> 1871  * Returns 1 if found, with @key_tfm set
> 1872  * Returns 0 if not found, with @key_tfm set to NULL
> 1873  */
> 1874 int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm
> **key_tfm)
> 1875 {
> 1876         struct ecryptfs_key_tfm *tmp_key_tfm;
> 1877
> 1878         BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
> 1879
> 1880         list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
> 1881                 if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
> 1882                         if (key_tfm)
> 1883                                 (*key_tfm) = tmp_key_tfm;
> 1884                         return 1;
> 1885                 }
> 1886         }
> 1887         if (key_tfm)
> 1888                 (*key_tfm) = NULL;
> 1889         return 0;
> 1890 }
> 1891
> 1892 /**
> 1893  * ecryptfs_get_tfm_and_mutex_for_cipher_name
> 1894  *
> 1895  * @tfm: set to cached tfm found, or new tfm created
> 1896  * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
> 1897  * @cipher_name: the name of the cipher to search for and/or add
> 1898  *
> 1899  * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
> 1900  * Searches for cached item first, and creates new if not found.
> 1901  * Returns 0 on success, non-zero if adding new cipher failed
> 1902  */
> 1903 int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher
> **tfm,
> 1904                                                struct mutex **tfm_mutex,
> 1905                                                char *cipher_name)
> 1906 {
> 1907         struct ecryptfs_key_tfm *key_tfm;
> 1908         int rc = 0;
> 1909
> 1910         (*tfm) = NULL;
> 1911         (*tfm_mutex) = NULL;
> 1912
> 1913         mutex_lock(&key_tfm_list_mutex);
> 1914         if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
> 1915                 rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
> 1916                 if (rc) {
> 1917                         printk(KERN_ERR "Error adding new key_tfm to
> list; "
> 1918                                         "rc = [%d]\n", rc);
> 1919                         goto out;
> 1920                 }
> 1921         }
> 1922         (*tfm) = key_tfm->key_tfm;
> 1923         (*tfm_mutex) = &key_tfm->key_tfm_mutex;
> 1924 out:
> 1925         mutex_unlock(&key_tfm_list_mutex);
> 1926         return rc;
> 1927 }
> 1928
> 1929 /* 64 characters forming a 6-bit target field */
> 1930 static unsigned char *portable_filename_chars = ("-.0123456789ABCD"
> 1931                                                  "EFGHIJKLMNOPQRST"
> 1932                                                  "UVWXYZabcdefghij"
> 1933                                                  "klmnopqrstuvwxyz");
> 1934
> 1935 /* We could either offset on every reverse map or just pad some 0x00's
> 1936  * at the front here */
> 1937 static const unsigned char filename_rev_map[] = {
> 1938         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */
> 1939         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */
> 1940         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */
> 1941         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */
> 1942         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */
> 1943         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */
> 1944         0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */
> 1945         0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */
> 1946         0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */
> 1947         0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */
> 1948         0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */
> 1949         0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */
> 1950         0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */
> 1951         0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */
> 1952         0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */
> 1953         0x3D, 0x3E, 0x3F
> 1954 };
> 1955
> 1956 /**
> 1957  * ecryptfs_encode_for_filename
> 1958  * @dst: Destination location for encoded filename
> 1959  * @dst_size: Size of the encoded filename in bytes
> 1960  * @src: Source location for the filename to encode
> 1961  * @src_size: Size of the source in bytes
> 1962  */
> 1963 void ecryptfs_encode_for_filename(unsigned char *dst, size_t *dst_size,
> 1964                                   unsigned char *src, size_t src_size)
> 1965 {
> 1966         size_t num_blocks;
> 1967         size_t block_num = 0;
> 1968         size_t dst_offset = 0;
> 1969         unsigned char last_block[3];
> 1970
> 1971         if (src_size == 0) {
> 1972                 (*dst_size) = 0;
> 1973                 goto out;
> 1974         }
> 1975         num_blocks = (src_size / 3);
> 1976         if ((src_size % 3) == 0) {
> 1977                 memcpy(last_block, (&src[src_size - 3]), 3);
> 1978         } else {
> 1979                 num_blocks++;
> 1980                 last_block[2] = 0x00;
> 1981                 switch (src_size % 3) {
> 1982                 case 1:
> 1983                         last_block[0] = src[src_size - 1];
> 1984                         last_block[1] = 0x00;
> 1985                         break;
> 1986                 case 2:
> 1987                         last_block[0] = src[src_size - 2];
> 1988                         last_block[1] = src[src_size - 1];
> 1989                 }
> 1990         }
> 1991         (*dst_size) = (num_blocks * 4);
> 1992         if (!dst)
> 1993                 goto out;
> 1994         while (block_num < num_blocks) {
> 1995                 unsigned char *src_block;
> 1996                 unsigned char dst_block[4];
> 1997
> 1998                 if (block_num == (num_blocks - 1))
> 1999                         src_block = last_block;
> 2000                 else
> 2001                         src_block = &src[block_num * 3];
> 2002                 dst_block[0] = ((src_block[0] >> 2) & 0x3F);
> 2003                 dst_block[1] = (((src_block[0] << 4) & 0x30)
> 2004                                 | ((src_block[1] >> 4) & 0x0F));
> 2005                 dst_block[2] = (((src_block[1] << 2) & 0x3C)
> 2006                                 | ((src_block[2] >> 6) & 0x03));
> 2007                 dst_block[3] = (src_block[2] & 0x3F);
> 2008                 dst[dst_offset++] =
> portable_filename_chars[dst_block[0]];
> 2009                 dst[dst_offset++] =
> portable_filename_chars[dst_block[1]];
> 2010                 dst[dst_offset++] =
> portable_filename_chars[dst_block[2]];
> 2011                 dst[dst_offset++] =
> portable_filename_chars[dst_block[3]];
> 2012                 block_num++;
> 2013         }
> 2014 out:
> 2015         return;
> 2016 }
> 2017
> 2018 /**
> 2019  * ecryptfs_decode_from_filename
> 2020  * @dst: If NULL, this function only sets @dst_size and returns. If
> 2021  *       non-NULL, this function decodes the encoded octets in @src
> 2022  *       into the memory that @dst points to.
> 2023  * @dst_size: Set to the size of the decoded string.
> 2024  * @src: The encoded set of octets to decode.
> 2025  * @src_size: The size of the encoded set of octets to decode.
> 2026  */
> 2027 static void
> 2028 ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
> 2029                               const unsigned char *src, size_t src_size)
> 2030 {
> 2031         u8 current_bit_offset = 0;
> 2032         size_t src_byte_offset = 0;
> 2033         size_t dst_byte_offset = 0;
> 2034
> 2035         if (dst == NULL) {
> 2036                 /* Not exact; conservatively long. Every block of 4
> 2037                  * encoded characters decodes into a block of 3
> 2038                  * decoded characters. This segment of code provides
> 2039                  * the caller with the maximum amount of allocated
> 2040                  * space that @dst will need to point to in a
> 2041                  * subsequent call. */
> 2042                 (*dst_size) = (((src_size + 1) * 3) / 4);
> 2043                 goto out;
> 2044         }
> 2045         while (src_byte_offset < src_size) {
> 2046                 unsigned char src_byte =
> 2047
> filename_rev_map[(int)src[src_byte_offset]];
> 2048
> 2049                 switch (current_bit_offset) {
> 2050                 case 0:
> 2051                         dst[dst_byte_offset] = (src_byte << 2);
> 2052                         current_bit_offset = 6;
> 2053                         break;
> 2054                 case 6:
> 2055                         dst[dst_byte_offset++] |= (src_byte >> 4);
> 2056                         dst[dst_byte_offset] = ((src_byte & 0xF)
> 2057                                                  << 4);
> 2058                         current_bit_offset = 4;
> 2059                         break;
> 2060                 case 4:
> 2061                         dst[dst_byte_offset++] |= (src_byte >> 2);
> 2062                         dst[dst_byte_offset] = (src_byte << 6);
> 2063                         current_bit_offset = 2;
> 2064                         break;
> 2065                 case 2:
> 2066                         dst[dst_byte_offset++] |= (src_byte);
> 2067                         dst[dst_byte_offset] = 0;
> 2068                         current_bit_offset = 0;
> 2069                         break;
> 2070                 }
> 2071                 src_byte_offset++;
> 2072         }
> 2073         (*dst_size) = dst_byte_offset;
> 2074 out:
> 2075         return;
> 2076 }
> 2077
> 2078 /**
> 2079  * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name
> to cipher text
> 2080  * @crypt_stat: The crypt_stat struct associated with the file anem to
> encode
> 2081  * @name: The plaintext name
> 2082  * @length: The length of the plaintext
> 2083  * @encoded_name: The encypted name
> 2084  *
> 2085  * Encrypts and encodes a filename into something that constitutes a
> 2086  * valid filename for a filesystem, with printable characters.
> 2087  *
> 2088  * We assume that we have a properly initialized crypto context,
> 2089  * pointed to by crypt_stat->tfm.
> 2090  *
> 2091  * Returns zero on success; non-zero on otherwise
> 2092  */
> 2093 int ecryptfs_encrypt_and_encode_filename(
> 2094         char **encoded_name,
> 2095         size_t *encoded_name_size,
> 2096         struct ecryptfs_crypt_stat *crypt_stat,
> 2097         struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
> 2098         const char *name, size_t name_size)
> 2099 {
> 2100         size_t encoded_name_no_prefix_size;
> 2101         int rc = 0;
> 2102
> 2103         (*encoded_name) = NULL;
> 2104         (*encoded_name_size) = 0;
> 2105         if ((crypt_stat && (crypt_stat->flags &
> ECRYPTFS_ENCRYPT_FILENAMES))
> 2106             || (mount_crypt_stat && (mount_crypt_stat->flags
> 2107                                      &
> ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) {
> 2108                 struct ecryptfs_filename *filename;
> 2109
> 2110                 filename = kzalloc(sizeof(*filename), GFP_KERNEL);
> 2111                 if (!filename) {
> 2112                         printk(KERN_ERR "%s: Out of memory whilst
> attempting "
> 2113                                "to kzalloc [%zd] bytes\n", __func__,
> 2114                                sizeof(*filename));
> 2115                         rc = -ENOMEM;
> 2116                         goto out;
> 2117                 }
> 2118                 filename->filename = (char *)name;
> 2119                 filename->filename_size = name_size;
> 2120                 rc = ecryptfs_encrypt_filename(filename, crypt_stat,
> 2121                                                mount_crypt_stat);
> 2122                 if (rc) {
> 2123                         printk(KERN_ERR "%s: Error attempting to encrypt
> "
> 2124                                "filename; rc = [%d]\n", __func__, rc);
> 2125                         kfree(filename);
> 2126                         goto out;
> 2127                 }
> 2128                 ecryptfs_encode_for_filename(
> 2129                         NULL, &encoded_name_no_prefix_size,
> 2130                         filename->encrypted_filename,
> 2131                         filename->encrypted_filename_size);
> 2132                 if ((crypt_stat && (crypt_stat->flags
> 2133                                     & ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
> 2134                     || (mount_crypt_stat
> 2135                         && (mount_crypt_stat->flags
> 2136                             & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)))
> 2137                         (*encoded_name_size) =
> 2138
> (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
> 2139                                  + encoded_name_no_prefix_size);
> 2140                 else
> 2141                         (*encoded_name_size) =
> 2142
> (ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE
> 2143                                  + encoded_name_no_prefix_size);
> 2144                 (*encoded_name) = kmalloc((*encoded_name_size) + 1,
> GFP_KERNEL);
> 2145                 if (!(*encoded_name)) {
> 2146                         printk(KERN_ERR "%s: Out of memory whilst
> attempting "
> 2147                                "to kzalloc [%zd] bytes\n", __func__,
> 2148                                (*encoded_name_size));
> 2149                         rc = -ENOMEM;
> 2150                         kfree(filename->encrypted_filename);
> 2151                         kfree(filename);
> 2152                         goto out;
> 2153                 }
> 2154                 if ((crypt_stat && (crypt_stat->flags
> 2155                                     & ECRYPTFS_ENCFN_USE_MOUNT_FNEK))
> 2156                     || (mount_crypt_stat
> 2157                         && (mount_crypt_stat->flags
> 2158                             & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) {
> 2159                         memcpy((*encoded_name),
> 2160                                ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
> 2161
> ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE);
> 2162                         ecryptfs_encode_for_filename(
> 2163                             ((*encoded_name)
> 2164                              +
> ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE),
> 2165                             &encoded_name_no_prefix_size,
> 2166                             filename->encrypted_filename,
> 2167                             filename->encrypted_filename_size);
> 2168                         (*encoded_name_size) =
> 2169
> (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
> 2170                                  + encoded_name_no_prefix_size);
> 2171                         (*encoded_name)[(*encoded_name_size)] = '\0';
> 2172                         (*encoded_name_size)++;
> 2173                 } else {
> 2174                         rc = -EOPNOTSUPP;
> 2175                 }
> 2176                 if (rc) {
> 2177                         printk(KERN_ERR "%s: Error attempting to encode "
> 2178                                "encrypted filename; rc = [%d]\n",
> __func__,
> 2179                                rc);
> 2180                         kfree((*encoded_name));
> 2181                         (*encoded_name) = NULL;
> 2182                         (*encoded_name_size) = 0;
> 2183                 }
> 2184                 kfree(filename->encrypted_filename);
> 2185                 kfree(filename);
> 2186         } else {
> 2187                 rc = ecryptfs_copy_filename(encoded_name,
> 2188                                             encoded_name_size,
> 2189                                             name, name_size);
> 2190         }
> 2191 out:
> 2192         return rc;
> 2193 }
> 2194
> 2195 /**
> 2196  * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher
> text name to decoded plaintext
> 2197  * @plaintext_name: The plaintext name
> 2198  * @plaintext_name_size: The plaintext name size
> 2199  * @ecryptfs_dir_dentry: eCryptfs directory dentry
> 2200  * @name: The filename in cipher text
> 2201  * @name_size: The cipher text name size
> 2202  *
> 2203  * Decrypts and decodes the filename.
> 2204  *
> 2205  * Returns zero on error; non-zero otherwise
> 2206  */
> 2207 int ecryptfs_decode_and_decrypt_filename(char **plaintext_name,
> 2208                                          size_t *plaintext_name_size,
> 2209                                          struct dentry
> *ecryptfs_dir_dentry,
> 2210                                          const char *name, size_t
> name_size)
> 2211 {
> 2212         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
> 2213                 &ecryptfs_superblock_to_private(
> 2214                         ecryptfs_dir_dentry->d_sb)->mount_crypt_stat;
> 2215         char *decoded_name;
> 2216         size_t decoded_name_size;
> 2217         size_t packet_size;
> 2218         int rc = 0;
> 2219
> 2220         if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)
> 2221             && !(mount_crypt_stat->flags &
> ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
> 2222             && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE)
> 2223             && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
> 2224                         ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) ==
> 0)) {
> 2225                 const char *orig_name = name;
> 2226                 size_t orig_name_size = name_size;
> 2227
> 2228                 name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
> 2229                 name_size -=
> ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
> 2230                 ecryptfs_decode_from_filename(NULL, &decoded_name_size,
> 2231                                               name, name_size);
> 2232                 decoded_name = kmalloc(decoded_name_size, GFP_KERNEL);
> 2233                 if (!decoded_name) {
> 2234                         printk(KERN_ERR "%s: Out of memory whilst
> attempting "
> 2235                                "to kmalloc [%zd] bytes\n", __func__,
> 2236                                decoded_name_size);
> 2237                         rc = -ENOMEM;
> 2238                         goto out;
> 2239                 }
> 2240                 ecryptfs_decode_from_filename(decoded_name,
> &decoded_name_size,
> 2241                                               name, name_size);
> 2242                 rc = ecryptfs_parse_tag_70_packet(plaintext_name,
> 2243                                                   plaintext_name_size,
> 2244                                                   &packet_size,
> 2245                                                   mount_crypt_stat,
> 2246                                                   decoded_name,
> 2247                                                   decoded_name_size);
> 2248                 if (rc) {
> 2249                         printk(KERN_INFO "%s: Could not parse tag 70
> packet "
> 2250                                "from filename; copying through filename "
> 2251                                "as-is\n", __func__);
> 2252                         rc = ecryptfs_copy_filename(plaintext_name,
> 2253                                                     plaintext_name_size,
> 2254                                                     orig_name,
> orig_name_size);
> 2255                         goto out_free;
> 2256                 }
> 2257         } else {
> 2258                 rc = ecryptfs_copy_filename(plaintext_name,
> 2259                                             plaintext_name_size,
> 2260                                             name, name_size);
> 2261                 goto out;
> 2262         }
> 2263 out_free:
> 2264         kfree(decoded_name);
> 2265 out:
> 2266         return rc;
> 2267 }
#####################################################################################
 2  * eCryptfs: Linux filesystem encryption layer
3  *
4  * Copyright (C) 1997-2004 Erez Zadok
5  * Copyright (C) 2001-2004 Stony Brook University
6  * Copyright (C) 2004-2007 International Business Machines Corp.
7  *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
8  *              Michael C. Thompsion <mcthomps@us.ibm.com>
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License as
12  * published by the Free Software Foundation; either version 2 of the
13  * License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful, but
16  * WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
18  * General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
23  * 02111-1307, USA.
24  */
25
26 #include <linux/file.h>
27 #include <linux/vmalloc.h>
28 #include <linux/pagemap.h>
29 #include <linux/dcache.h>
30 #include <linux/namei.h>
31 #include <linux/mount.h>
32 #include <linux/crypto.h>
33 #include <linux/fs_stack.h>
34 #include <asm/unaligned.h>
35 #include "ecryptfs_kernel.h"
36
37 static struct dentry *lock_parent(struct dentry *dentry)
38 {
39         struct dentry *dir;
40
41         dir = dget_parent(dentry);
42         mutex_lock_nested(&(dir->d_inode->i_mutex), I_MUTEX_PARENT);
43         return dir;
44 }
45
46 static void unlock_dir(struct dentry *dir)
47 {
48         mutex_unlock(&dir->d_inode->i_mutex);
49         dput(dir);
50 }
51
52 /**
53  * ecryptfs_create_underlying_file
54  * @lower_dir_inode: inode of the parent in the lower fs of the new file
55  * @dentry: New file's dentry
56  * @mode: The mode of the new file
57  * @nd: nameidata of ecryptfs' parent's dentry & vfsmount
58  *
59  * Creates the file in the lower file system.
60  *
61  * Returns zero on success; non-zero on error condition
62  */
63 static int
64 ecryptfs_create_underlying_file(struct inode *lower_dir_inode,
65                                 struct dentry *dentry, int mode,
66                                 struct nameidata *nd)
67 {
68         struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
69         struct vfsmount *lower_mnt = ecryptfs_dentry_to_lower_mnt(dentry);
70         struct dentry *dentry_save;
71         struct vfsmount *vfsmount_save;
72         int rc;
73
74         dentry_save = nd->path.dentry;
75         vfsmount_save = nd->path.mnt;
76         nd->path.dentry = lower_dentry;
77         nd->path.mnt = lower_mnt;
78         rc = vfs_create(lower_dir_inode, lower_dentry, mode, nd);
79         nd->path.dentry = dentry_save;
80         nd->path.mnt = vfsmount_save;
81         return rc;
82 }
83
84 /**
85  * ecryptfs_do_create
86  * @directory_inode: inode of the new file's dentry's parent in ecryptfs
87  * @ecryptfs_dentry: New file's dentry in ecryptfs
88  * @mode: The mode of the new file
89  * @nd: nameidata of ecryptfs' parent's dentry & vfsmount
90  *
91  * Creates the underlying file and the eCryptfs inode which will link to
92  * it. It will also update the eCryptfs directory inode to mimic the
93  * stat of the lower directory inode.
94  *
95  * Returns zero on success; non-zero on error condition
96  */
97 static int
98 ecryptfs_do_create(struct inode *directory_inode,
99                    struct dentry *ecryptfs_dentry, int mode,
100                    struct nameidata *nd)
101 {
102         int rc;
103         struct dentry *lower_dentry;
104         struct dentry *lower_dir_dentry;
105
106         lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
107         lower_dir_dentry = lock_parent(lower_dentry);
108         if (IS_ERR(lower_dir_dentry)) {
109                 ecryptfs_printk(KERN_ERR, "Error locking directory of "
110                                 "dentry\n");
111                 rc = PTR_ERR(lower_dir_dentry);
112                 goto out;
113         }
114         rc = ecryptfs_create_underlying_file(lower_dir_dentry->d_inode,
115                                              ecryptfs_dentry, mode, nd);
116         if (rc) {
117                 printk(KERN_ERR "%s: Failure to create dentry in lower fs; "
118                        "rc = [%d]\n", __func__, rc);
119                 goto out_lock;
120         }
121         rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry,
122                                 directory_inode->i_sb, 0);
123         if (rc) {
124                 ecryptfs_printk(KERN_ERR, "Failure in ecryptfs_interpose\n");
125                 goto out_lock;
126         }
127         fsstack_copy_attr_times(directory_inode, lower_dir_dentry->d_inode);
128         fsstack_copy_inode_size(directory_inode, lower_dir_dentry->d_inode);
129 out_lock:
130         unlock_dir(lower_dir_dentry);
131 out:
132         return rc;
133 }
134
135 /**
136  * grow_file
137  * @ecryptfs_dentry: the eCryptfs dentry
138  *
139  * This is the code which will grow the file to its correct size.
140  */
141 static int grow_file(struct dentry *ecryptfs_dentry)
142 {
143         struct inode *ecryptfs_inode = ecryptfs_dentry->d_inode;
144         struct file fake_file;
145         struct ecryptfs_file_info tmp_file_info;
146         char zero_virt[] = { 0x00 };
147         int rc = 0;
148
149         memset(&fake_file, 0, sizeof(fake_file));
150         fake_file.f_path.dentry = ecryptfs_dentry;
151         memset(&tmp_file_info, 0, sizeof(tmp_file_info));
152         ecryptfs_set_file_private(&fake_file, &tmp_file_info);
153         ecryptfs_set_file_lower(
154                 &fake_file,
155                 ecryptfs_inode_to_private(ecryptfs_inode)->lower_file);
156         rc = ecryptfs_write(&fake_file, zero_virt, 0, 1);
157         i_size_write(ecryptfs_inode, 0);
158         rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode);
159         ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat.flags |=
160                 ECRYPTFS_NEW_FILE;
161         return rc;
162 }
163
164 /**
165  * ecryptfs_initialize_file
166  *
167  * Cause the file to be changed from a basic empty file to an ecryptfs
168  * file with a header and first data page.
169  *
170  * Returns zero on success
171  */
172 static int ecryptfs_initialize_file(struct dentry *ecryptfs_dentry)
173 {
174         struct ecryptfs_crypt_stat *crypt_stat =
175                 &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
176         int rc = 0;
177
178         if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {
179                 ecryptfs_printk(KERN_DEBUG, "This is a directory\n");
180                 crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
181                 goto out;
182         }
183         crypt_stat->flags |= ECRYPTFS_NEW_FILE;
184         ecryptfs_printk(KERN_DEBUG, "Initializing crypto context\n");
185         rc = ecryptfs_new_file_context(ecryptfs_dentry);
186         if (rc) {
187                 ecryptfs_printk(KERN_ERR, "Error creating new file "
188                                 "context; rc = [%d]\n", rc);
189                 goto out;
190         }
191         if (!ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->lower_file) {
192                 rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
193                 if (rc) {
194                         printk(KERN_ERR "%s: Error attempting to initialize "
195                                "the persistent file for the dentry with name "
196                                "[%s]; rc = [%d]\n", __func__,
197                                ecryptfs_dentry->d_name.name, rc);
198                         goto out;
199                 }
200         }
201         rc = ecryptfs_write_metadata(ecryptfs_dentry);
202         if (rc) {
203                 printk(KERN_ERR "Error writing headers; rc = [%d]\n", rc);
204                 goto out;
205         }
206         rc = grow_file(ecryptfs_dentry);
207         if (rc)
208                 printk(KERN_ERR "Error growing file; rc = [%d]\n", rc);
209 out:
210         return rc;
211 }
212
213 /**
214  * ecryptfs_create
215  * @dir: The inode of the directory in which to create the file.
216  * @dentry: The eCryptfs dentry
217  * @mode: The mode of the new file.
218  * @nd: nameidata
219  *
220  * Creates a new file.
221  *
222  * Returns zero on success; non-zero on error condition
223  */
224 static int
225 ecryptfs_create(struct inode *directory_inode, struct dentry *ecryptfs_dentry,
226                 int mode, struct nameidata *nd)
227 {
228         int rc;
229
230         /* ecryptfs_do_create() calls ecryptfs_interpose() */
231         rc = ecryptfs_do_create(directory_inode, ecryptfs_dentry, mode, nd);
232         if (unlikely(rc)) {
233                 ecryptfs_printk(KERN_WARNING, "Failed to create file in"
234                                 "lower filesystem\n");
235                 goto out;
236         }
237         /* At this point, a file exists on "disk"; we need to make sure
238          * that this on disk file is prepared to be an ecryptfs file */
239         rc = ecryptfs_initialize_file(ecryptfs_dentry);
240 out:
241         return rc;
242 }
243
244 /**
245  * ecryptfs_lookup_and_interpose_lower - Perform a lookup
246  */
247 int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry,
248                                         struct dentry *lower_dentry,
249                                         struct inode *ecryptfs_dir_inode,
250                                         struct nameidata *ecryptfs_nd)
251 {
252         struct dentry *lower_dir_dentry;
253         struct vfsmount *lower_mnt;
254         struct inode *lower_inode;
255         struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
256         struct ecryptfs_crypt_stat *crypt_stat;
257         char *page_virt = NULL;
258         u64 file_size;
259         int rc = 0;
260
261         lower_dir_dentry = lower_dentry->d_parent;
262         lower_mnt = mntget(ecryptfs_dentry_to_lower_mnt(
263                                    ecryptfs_dentry->d_parent));
264         lower_inode = lower_dentry->d_inode;
265         fsstack_copy_attr_atime(ecryptfs_dir_inode, lower_dir_dentry->d_inode);
266         BUG_ON(!atomic_read(&lower_dentry->d_count));
267         ecryptfs_set_dentry_private(ecryptfs_dentry,
268                                     kmem_cache_alloc(ecryptfs_dentry_info_cache,
269                                                      GFP_KERNEL));
270         if (!ecryptfs_dentry_to_private(ecryptfs_dentry)) {
271                 rc = -ENOMEM;
272                 printk(KERN_ERR "%s: Out of memory whilst attempting "
273                        "to allocate ecryptfs_dentry_info struct\n",
274                         __func__);
275                 goto out_dput;
276         }
277         ecryptfs_set_dentry_lower(ecryptfs_dentry, lower_dentry);
278         ecryptfs_set_dentry_lower_mnt(ecryptfs_dentry, lower_mnt);
279         if (!lower_dentry->d_inode) {
280                 /* We want to add because we couldn't find in lower */
281                 d_add(ecryptfs_dentry, NULL);
282                 goto out;
283         }
284         rc = ecryptfs_interpose(lower_dentry, ecryptfs_dentry,
285                                 ecryptfs_dir_inode->i_sb, 1);
286         if (rc) {
287                 printk(KERN_ERR "%s: Error interposing; rc = [%d]\n",
288                        __func__, rc);
289                 goto out;
290         }
291         if (S_ISDIR(lower_inode->i_mode))
292                 goto out;
293         if (S_ISLNK(lower_inode->i_mode))
294                 goto out;
295         if (special_file(lower_inode->i_mode))
296                 goto out;
297         if (!ecryptfs_nd)
298                 goto out;
299         /* Released in this function */
300         page_virt = kmem_cache_zalloc(ecryptfs_header_cache_2, GFP_USER);
301         if (!page_virt) {
302                 printk(KERN_ERR "%s: Cannot kmem_cache_zalloc() a page\n",
303                        __func__);
304                 rc = -ENOMEM;
305                 goto out;
306         }
307         if (!ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->lower_file) {
308                 rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
309                 if (rc) {
310                         printk(KERN_ERR "%s: Error attempting to initialize "
311                                "the persistent file for the dentry with name "
312                                "[%s]; rc = [%d]\n", __func__,
313                                ecryptfs_dentry->d_name.name, rc);
314                         goto out_free_kmem;
315                 }
316         }
317         crypt_stat = &ecryptfs_inode_to_private(
318                                         ecryptfs_dentry->d_inode)->crypt_stat;
319         /* TODO: lock for crypt_stat comparison */
320         if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED))
321                         ecryptfs_set_default_sizes(crypt_stat);
322         rc = ecryptfs_read_and_validate_header_region(page_virt,
323                                                       ecryptfs_dentry->d_inode);
324         if (rc) {
325                 rc = ecryptfs_read_and_validate_xattr_region(page_virt,
326                                                              ecryptfs_dentry);
327                 if (rc) {
328                         rc = 0;
329                         goto out_free_kmem;
330                 }
331                 crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
332         }
333         mount_crypt_stat = &ecryptfs_superblock_to_private(
334                 ecryptfs_dentry->d_sb)->mount_crypt_stat;
335         if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) {
336                 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
337                         file_size = (crypt_stat->num_header_bytes_at_front
338                                      + i_size_read(lower_dentry->d_inode));
339                 else
340                         file_size = i_size_read(lower_dentry->d_inode);
341         } else {
342                 file_size = get_unaligned_be64(page_virt);
343         }
344         i_size_write(ecryptfs_dentry->d_inode, (loff_t)file_size);
345 out_free_kmem:
346         kmem_cache_free(ecryptfs_header_cache_2, page_virt);
347         goto out;
348 out_dput:
349         dput(lower_dentry);
350         d_drop(ecryptfs_dentry);
351 out:
352         return rc;
353 }
354
355 /**
356  * ecryptfs_lookup
357  * @ecryptfs_dir_inode: The eCryptfs directory inode
358  * @ecryptfs_dentry: The eCryptfs dentry that we are looking up
359  * @ecryptfs_nd: nameidata; may be NULL
360  *
361  * Find a file on disk. If the file does not exist, then we'll add it to the
362  * dentry cache and continue on to read it from the disk.
363  */
364 static struct dentry *ecryptfs_lookup(struct inode *ecryptfs_dir_inode,
365                                       struct dentry *ecryptfs_dentry,
366                                       struct nameidata *ecryptfs_nd)
367 {
368         char *encrypted_and_encoded_name = NULL;
369         size_t encrypted_and_encoded_name_size;
370         struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL;
371         struct dentry *lower_dir_dentry, *lower_dentry;
372         int rc = 0;
373
374         ecryptfs_dentry->d_op = &ecryptfs_dops;
375         if ((ecryptfs_dentry->d_name.len == 1
376              && !strcmp(ecryptfs_dentry->d_name.name, "."))
377             || (ecryptfs_dentry->d_name.len == 2
378                 && !strcmp(ecryptfs_dentry->d_name.name, ".."))) {
379                 goto out_d_drop;
380         }
381         lower_dir_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry->d_parent);
382         mutex_lock(&lower_dir_dentry->d_inode->i_mutex);
383         lower_dentry = lookup_one_len(ecryptfs_dentry->d_name.name,
384                                       lower_dir_dentry,
385                                       ecryptfs_dentry->d_name.len);
386         mutex_unlock(&lower_dir_dentry->d_inode->i_mutex);
387         if (IS_ERR(lower_dentry)) {
388                 rc = PTR_ERR(lower_dentry);
389                 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on "
390                        "lower_dentry = [%s]\n", __func__, rc,
391                        ecryptfs_dentry->d_name.name);
392                 goto out_d_drop;
393         }
394         if (lower_dentry->d_inode)
395                 goto lookup_and_interpose;
396         mount_crypt_stat = &ecryptfs_superblock_to_private(
397                                 ecryptfs_dentry->d_sb)->mount_crypt_stat;
398         if (!(mount_crypt_stat
399             && (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)))
400                 goto lookup_and_interpose;
401         dput(lower_dentry);
402         rc = ecryptfs_encrypt_and_encode_filename(
403                 &encrypted_and_encoded_name, &encrypted_and_encoded_name_size,
404                 NULL, mount_crypt_stat, ecryptfs_dentry->d_name.name,
405                 ecryptfs_dentry->d_name.len);
406         if (rc) {
407                 printk(KERN_ERR "%s: Error attempting to encrypt and encode "
408                        "filename; rc = [%d]\n", __func__, rc);
409                 goto out_d_drop;
410         }
411         mutex_lock(&lower_dir_dentry->d_inode->i_mutex);
412         lower_dentry = lookup_one_len(encrypted_and_encoded_name,
413                                       lower_dir_dentry,
414                                       encrypted_and_encoded_name_size - 1);
415         mutex_unlock(&lower_dir_dentry->d_inode->i_mutex);
416         if (IS_ERR(lower_dentry)) {
417                 rc = PTR_ERR(lower_dentry);
418                 printk(KERN_ERR "%s: lookup_one_len() returned [%d] on "
419                        "lower_dentry = [%s]\n", __func__, rc,
420                        encrypted_and_encoded_name);
421                 goto out_d_drop;
422         }
423 lookup_and_interpose:
424         rc = ecryptfs_lookup_and_interpose_lower(ecryptfs_dentry, lower_dentry,
425                                                  ecryptfs_dir_inode,
426                                                  ecryptfs_nd);
427         goto out;
428 out_d_drop:
429         d_drop(ecryptfs_dentry);
430 out:
431         kfree(encrypted_and_encoded_name);
432         return ERR_PTR(rc);
433 }
434
435 static int ecryptfs_link(struct dentry *old_dentry, struct inode *dir,
436                          struct dentry *new_dentry)
437 {
438         struct dentry *lower_old_dentry;
439         struct dentry *lower_new_dentry;
440         struct dentry *lower_dir_dentry;
441         u64 file_size_save;
442         int rc;
443
444         file_size_save = i_size_read(old_dentry->d_inode);
445         lower_old_dentry = ecryptfs_dentry_to_lower(old_dentry);
446         lower_new_dentry = ecryptfs_dentry_to_lower(new_dentry);
447         dget(lower_old_dentry);
448         dget(lower_new_dentry);
449         lower_dir_dentry = lock_parent(lower_new_dentry);
450         rc = vfs_link(lower_old_dentry, lower_dir_dentry->d_inode,
451                       lower_new_dentry);
452         if (rc || !lower_new_dentry->d_inode)
453                 goto out_lock;
454         rc = ecryptfs_interpose(lower_new_dentry, new_dentry, dir->i_sb, 0);
455         if (rc)
456                 goto out_lock;
457         fsstack_copy_attr_times(dir, lower_new_dentry->d_inode);
458         fsstack_copy_inode_size(dir, lower_new_dentry->d_inode);
459         old_dentry->d_inode->i_nlink =
460                 ecryptfs_inode_to_lower(old_dentry->d_inode)->i_nlink;
461         i_size_write(new_dentry->d_inode, file_size_save);
462 out_lock:
463         unlock_dir(lower_dir_dentry);
464         dput(lower_new_dentry);
465         dput(lower_old_dentry);
466         d_drop(lower_old_dentry);
467         d_drop(new_dentry);
468         d_drop(old_dentry);
469         return rc;
470 }
471
472 static int ecryptfs_unlink(struct inode *dir, struct dentry *dentry)
473 {
474         int rc = 0;
475         struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
476         struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
477         struct dentry *lower_dir_dentry;
478
479         dget(lower_dentry);
480         lower_dir_dentry = lock_parent(lower_dentry);
481         rc = vfs_unlink(lower_dir_inode, lower_dentry);
482         if (rc) {
483                 printk(KERN_ERR "Error in vfs_unlink; rc = [%d]\n", rc);
484                 goto out_unlock;
485         }
486         fsstack_copy_attr_times(dir, lower_dir_inode);
487         dentry->d_inode->i_nlink =
488                 ecryptfs_inode_to_lower(dentry->d_inode)->i_nlink;
489         dentry->d_inode->i_ctime = dir->i_ctime;
490         d_drop(dentry);
491 out_unlock:
492         unlock_dir(lower_dir_dentry);
493         dput(lower_dentry);
494         return rc;
495 }
496
497 static int ecryptfs_symlink(struct inode *dir, struct dentry *dentry,
498                             const char *symname)
499 {
500         int rc;
501         struct dentry *lower_dentry;
502         struct dentry *lower_dir_dentry;
503         char *encoded_symname;
504         size_t encoded_symlen;
505         struct ecryptfs_mount_crypt_stat *mount_crypt_stat = NULL;
506
507         lower_dentry = ecryptfs_dentry_to_lower(dentry);
508         dget(lower_dentry);
509         lower_dir_dentry = lock_parent(lower_dentry);
510         mount_crypt_stat = &ecryptfs_superblock_to_private(
511                 dir->i_sb)->mount_crypt_stat;
512         rc = ecryptfs_encrypt_and_encode_filename(&encoded_symname,
513                                                   &encoded_symlen,
514                                                   NULL,
515                                                   mount_crypt_stat, symname,
516                                                   strlen(symname));
517         if (rc)
518                 goto out_lock;
519         rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry,
520                          encoded_symname);
521         kfree(encoded_symname);
522         if (rc || !lower_dentry->d_inode)
523                 goto out_lock;
524         rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
525         if (rc)
526                 goto out_lock;
527         fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
528         fsstack_copy_inode_size(dir, lower_dir_dentry->d_inode);
529 out_lock:
530         unlock_dir(lower_dir_dentry);
531         dput(lower_dentry);
532         if (!dentry->d_inode)
533                 d_drop(dentry);
534         return rc;
535 }
536
537 static int ecryptfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
538 {
539         int rc;
540         struct dentry *lower_dentry;
541         struct dentry *lower_dir_dentry;
542
543         lower_dentry = ecryptfs_dentry_to_lower(dentry);
544         lower_dir_dentry = lock_parent(lower_dentry);
545         rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode);
546         if (rc || !lower_dentry->d_inode)
547                 goto out;
548         rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
549         if (rc)
550                 goto out;
551         fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
552         fsstack_copy_inode_size(dir, lower_dir_dentry->d_inode);
553         dir->i_nlink = lower_dir_dentry->d_inode->i_nlink;
554 out:
555         unlock_dir(lower_dir_dentry);
556         if (!dentry->d_inode)
557                 d_drop(dentry);
558         return rc;
559 }
560
561 static int ecryptfs_rmdir(struct inode *dir, struct dentry *dentry)
562 {
563         struct dentry *lower_dentry;
564         struct dentry *lower_dir_dentry;
565         int rc;
566
567         lower_dentry = ecryptfs_dentry_to_lower(dentry);
568         dget(dentry);
569         lower_dir_dentry = lock_parent(lower_dentry);
570         dget(lower_dentry);
571         rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry);
572         dput(lower_dentry);
573         if (!rc)
574                 d_delete(lower_dentry);
575         fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
576         dir->i_nlink = lower_dir_dentry->d_inode->i_nlink;
577         unlock_dir(lower_dir_dentry);
578         if (!rc)
579                 d_drop(dentry);
580         dput(dentry);
581         return rc;
582 }
583
584 static int
585 ecryptfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
586 {
587         int rc;
588         struct dentry *lower_dentry;
589         struct dentry *lower_dir_dentry;
590
591         lower_dentry = ecryptfs_dentry_to_lower(dentry);
592         lower_dir_dentry = lock_parent(lower_dentry);
593         rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev);
594         if (rc || !lower_dentry->d_inode)
595                 goto out;
596         rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
597         if (rc)
598                 goto out;
599         fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
600         fsstack_copy_inode_size(dir, lower_dir_dentry->d_inode);
601 out:
602         unlock_dir(lower_dir_dentry);
603         if (!dentry->d_inode)
604                 d_drop(dentry);
605         return rc;
606 }
607
608 static int
609 ecryptfs_rename(struct inode *old_dir, struct dentry *old_dentry,
610                 struct inode *new_dir, struct dentry *new_dentry)
611 {
612         int rc;
613         struct dentry *lower_old_dentry;
614         struct dentry *lower_new_dentry;
615         struct dentry *lower_old_dir_dentry;
616         struct dentry *lower_new_dir_dentry;
617
618         lower_old_dentry = ecryptfs_dentry_to_lower(old_dentry);
619         lower_new_dentry = ecryptfs_dentry_to_lower(new_dentry);
620         dget(lower_old_dentry);
621         dget(lower_new_dentry);
622         lower_old_dir_dentry = dget_parent(lower_old_dentry);
623         lower_new_dir_dentry = dget_parent(lower_new_dentry);
624         lock_rename(lower_old_dir_dentry, lower_new_dir_dentry);
625         rc = vfs_rename(lower_old_dir_dentry->d_inode, lower_old_dentry,
626                         lower_new_dir_dentry->d_inode, lower_new_dentry);
627         if (rc)
628                 goto out_lock;
629         fsstack_copy_attr_all(new_dir, lower_new_dir_dentry->d_inode, NULL);
630         if (new_dir != old_dir)
631                 fsstack_copy_attr_all(old_dir, lower_old_dir_dentry->d_inode, NULL);
632 out_lock:
633         unlock_rename(lower_old_dir_dentry, lower_new_dir_dentry);
634         dput(lower_new_dentry->d_parent);
635         dput(lower_old_dentry->d_parent);
636         dput(lower_new_dentry);
637         dput(lower_old_dentry);
638         return rc;
639 }
640
641 static int
642 ecryptfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
643 {
644         char *lower_buf;
645         size_t lower_bufsiz;
646         struct dentry *lower_dentry;
647         struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
648         char *plaintext_name;
649         size_t plaintext_name_size;
650         mm_segment_t old_fs;
651         int rc;
652
653         lower_dentry = ecryptfs_dentry_to_lower(dentry);
654         if (!lower_dentry->d_inode->i_op->readlink) {
655                 rc = -EINVAL;
656                 goto out;
657         }
658         mount_crypt_stat = &ecryptfs_superblock_to_private(
659                                                 dentry->d_sb)->mount_crypt_stat;
660         /*
661          * If the lower filename is encrypted, it will result in a significantly
662          * longer name.  If needed, truncate the name after decode and decrypt.
663          */
664         if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)
665                 lower_bufsiz = PATH_MAX;
666         else
667                 lower_bufsiz = bufsiz;
668         /* Released in this function */
669         lower_buf = kmalloc(lower_bufsiz, GFP_KERNEL);
670         if (lower_buf == NULL) {
671                 printk(KERN_ERR "%s: Out of memory whilst attempting to "
672                        "kmalloc [%zd] bytes\n", __func__, lower_bufsiz);
673                 rc = -ENOMEM;
674                 goto out;
675         }
676         old_fs = get_fs();
677         set_fs(get_ds());
678         rc = lower_dentry->d_inode->i_op->readlink(lower_dentry,
679                                                    (char __user *)lower_buf,
680                                                    lower_bufsiz);
681         set_fs(old_fs);
682         if (rc >= 0) {
683                 rc = ecryptfs_decode_and_decrypt_filename(&plaintext_name,
684                                                           &plaintext_name_size,
685                                                           dentry, lower_buf,
686                                                           rc);
687                 if (rc) {
688                         printk(KERN_ERR "%s: Error attempting to decode and "
689                                "decrypt filename; rc = [%d]\n", __func__,
690                                 rc);
691                         goto out_free_lower_buf;
692                 }
693                 /* Check for bufsiz <= 0 done in sys_readlinkat() */
694                 rc = copy_to_user(buf, plaintext_name,
695                                   min((size_t) bufsiz, plaintext_name_size));
696                 if (rc)
697                         rc = -EFAULT;
698                 else
699                         rc = plaintext_name_size;
700                 kfree(plaintext_name);
701                 fsstack_copy_attr_atime(dentry->d_inode, lower_dentry->d_inode);
702         }
703 out_free_lower_buf:
704         kfree(lower_buf);
705 out:
706         return rc;
707 }
708
709 static void *ecryptfs_follow_link(struct dentry *dentry, struct nameidata *nd)
710 {
711         char *buf;
712         int len = PAGE_SIZE, rc;
713         mm_segment_t old_fs;
714
715         /* Released in ecryptfs_put_link(); only release here on error */
716         buf = kmalloc(len, GFP_KERNEL);
717         if (!buf) {
718                 rc = -ENOMEM;
719                 goto out;
720         }
721         old_fs = get_fs();
722         set_fs(get_ds());
723         rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);
724         set_fs(old_fs);
725         if (rc < 0)
726                 goto out_free;
727         else
728                 buf[rc] = '\0';
729         rc = 0;
730         nd_set_link(nd, buf);
731         goto out;
732 out_free:
733         kfree(buf);
734 out:
735         return ERR_PTR(rc);
736 }
737
738 static void
739 ecryptfs_put_link(struct dentry *dentry, struct nameidata *nd, void *ptr)
740 {
741         /* Free the char* */
742         kfree(nd_get_link(nd));
743 }
744
745 /**
746  * upper_size_to_lower_size
747  * @crypt_stat: Crypt_stat associated with file
748  * @upper_size: Size of the upper file
749  *
750  * Calculate the required size of the lower file based on the
751  * specified size of the upper file. This calculation is based on the
752  * number of headers in the underlying file and the extent size.
753  *
754  * Returns Calculated size of the lower file.
755  */
756 static loff_t
757 upper_size_to_lower_size(struct ecryptfs_crypt_stat *crypt_stat,
758                          loff_t upper_size)
759 {
760         loff_t lower_size;
761
762         lower_size = crypt_stat->num_header_bytes_at_front;
763         if (upper_size != 0) {
764                 loff_t num_extents;
765
766                 num_extents = upper_size >> crypt_stat->extent_shift;
767                 if (upper_size & ~crypt_stat->extent_mask)
768                         num_extents++;
769                 lower_size += (num_extents * crypt_stat->extent_size);
770         }
771         return lower_size;
772 }
773
774 /**
775  * ecryptfs_truncate
776  * @dentry: The ecryptfs layer dentry
777  * @new_length: The length to expand the file to
778  *
779  * Function to handle truncations modifying the size of the file. Note
780  * that the file sizes are interpolated. When expanding, we are simply
781  * writing strings of 0's out. When truncating, we need to modify the
782  * underlying file size according to the page index interpolations.
783  *
784  * Returns zero on success; non-zero otherwise
785  */
786 int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
787 {
788         int rc = 0;
789         struct inode *inode = dentry->d_inode;
790         struct dentry *lower_dentry;
791         struct file fake_ecryptfs_file;
792         struct ecryptfs_crypt_stat *crypt_stat;
793         loff_t i_size = i_size_read(inode);
794         loff_t lower_size_before_truncate;
795         loff_t lower_size_after_truncate;
796
797         if (unlikely((new_length == i_size)))
798                 goto out;
799         crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat;
800         /* Set up a fake ecryptfs file, this is used to interface with
801          * the file in the underlying filesystem so that the
802          * truncation has an effect there as well. */
803         memset(&fake_ecryptfs_file, 0, sizeof(fake_ecryptfs_file));
804         fake_ecryptfs_file.f_path.dentry = dentry;
805         /* Released at out_free: label */
806         ecryptfs_set_file_private(&fake_ecryptfs_file,
807                                   kmem_cache_alloc(ecryptfs_file_info_cache,
808                                                    GFP_KERNEL));
809         if (unlikely(!ecryptfs_file_to_private(&fake_ecryptfs_file))) {
810                 rc = -ENOMEM;
811                 goto out;
812         }
813         lower_dentry = ecryptfs_dentry_to_lower(dentry);
814         ecryptfs_set_file_lower(
815                 &fake_ecryptfs_file,
816                 ecryptfs_inode_to_private(dentry->d_inode)->lower_file);
817         /* Switch on growing or shrinking file */
818         if (new_length > i_size) {
819                 char zero[] = { 0x00 };
820
821                 /* Write a single 0 at the last position of the file;
822                  * this triggers code that will fill in 0's throughout
823                  * the intermediate portion of the previous end of the
824                  * file and the new and of the file */
825                 rc = ecryptfs_write(&fake_ecryptfs_file, zero,
826                                     (new_length - 1), 1);
827         } else { /* new_length < i_size_read(inode) */
828                 /* We're chopping off all the pages down do the page
829                  * in which new_length is located. Fill in the end of
830                  * that page from (new_length & ~PAGE_CACHE_MASK) to
831                  * PAGE_CACHE_SIZE with zeros. */
832                 size_t num_zeros = (PAGE_CACHE_SIZE
833                                     - (new_length & ~PAGE_CACHE_MASK));
834
835                 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
836                         rc = vmtruncate(inode, new_length);
837                         if (rc)
838                                 goto out_free;
839                         rc = vmtruncate(lower_dentry->d_inode, new_length);
840                         goto out_free;
841                 }
842                 if (num_zeros) {
843                         char *zeros_virt;
844
845                         zeros_virt = kzalloc(num_zeros, GFP_KERNEL);
846                         if (!zeros_virt) {
847                                 rc = -ENOMEM;
848                                 goto out_free;
849                         }
850                         rc = ecryptfs_write(&fake_ecryptfs_file, zeros_virt,
851                                             new_length, num_zeros);
852                         kfree(zeros_virt);
853                         if (rc) {
854                                 printk(KERN_ERR "Error attempting to zero out "
855                                        "the remainder of the end page on "
856                                        "reducing truncate; rc = [%d]\n", rc);
857                                 goto out_free;
858                         }
859                 }
860                 vmtruncate(inode, new_length);
861                 rc = ecryptfs_write_inode_size_to_metadata(inode);
862                 if (rc) {
863                         printk(KERN_ERR "Problem with "
864                                "ecryptfs_write_inode_size_to_metadata; "
865                                "rc = [%d]\n", rc);
866                         goto out_free;
867                 }
868                 /* We are reducing the size of the ecryptfs file, and need to
869                  * know if we need to reduce the size of the lower file. */
870                 lower_size_before_truncate =
871                     upper_size_to_lower_size(crypt_stat, i_size);
872                 lower_size_after_truncate =
873                     upper_size_to_lower_size(crypt_stat, new_length);
874                 if (lower_size_after_truncate < lower_size_before_truncate)
875                         vmtruncate(lower_dentry->d_inode,
876                                    lower_size_after_truncate);
877         }
878 out_free:
879         if (ecryptfs_file_to_private(&fake_ecryptfs_file))
880                 kmem_cache_free(ecryptfs_file_info_cache,
881                                 ecryptfs_file_to_private(&fake_ecryptfs_file));
882 out:
883         return rc;
884 }
885
886 static int
887 ecryptfs_permission(struct inode *inode, int mask)
888 {
889         return inode_permission(ecryptfs_inode_to_lower(inode), mask);
890 }
891
892 /**
893  * ecryptfs_setattr
894  * @dentry: dentry handle to the inode to modify
895  * @ia: Structure with flags of what to change and values
896  *
897  * Updates the metadata of an inode. If the update is to the size
898  * i.e. truncation, then ecryptfs_truncate will handle the size modification
899  * of both the ecryptfs inode and the lower inode.
900  *
901  * All other metadata changes will be passed right to the lower filesystem,
902  * and we will just update our inode to look like the lower.
903  */
904 static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
905 {
906         int rc = 0;
907         struct dentry *lower_dentry;
908         struct inode *inode;
909         struct inode *lower_inode;
910         struct ecryptfs_crypt_stat *crypt_stat;
911
912         crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat;
913         if (!(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED))
914                 ecryptfs_init_crypt_stat(crypt_stat);
915         inode = dentry->d_inode;
916         lower_inode = ecryptfs_inode_to_lower(inode);
917         lower_dentry = ecryptfs_dentry_to_lower(dentry);
918         mutex_lock(&crypt_stat->cs_mutex);
919         if (S_ISDIR(dentry->d_inode->i_mode))
920                 crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
921         else if (S_ISREG(dentry->d_inode->i_mode)
922                  && (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)
923                      || !(crypt_stat->flags & ECRYPTFS_KEY_VALID))) {
924                 struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
925
926                 mount_crypt_stat = &ecryptfs_superblock_to_private(
927                         dentry->d_sb)->mount_crypt_stat;
928                 rc = ecryptfs_read_metadata(dentry);
929                 if (rc) {
930                         if (!(mount_crypt_stat->flags
931                               & ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED)) {
932                                 rc = -EIO;
933                                 printk(KERN_WARNING "Either the lower file "
934                                        "is not in a valid eCryptfs format, "
935                                        "or the key could not be retrieved. "
936                                        "Plaintext passthrough mode is not "
937                                        "enabled; returning -EIO\n");
938                                 mutex_unlock(&crypt_stat->cs_mutex);
939                                 goto out;
940                         }
941                         rc = 0;
942                         crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
943                 }
944         }
945         mutex_unlock(&crypt_stat->cs_mutex);
946         if (ia->ia_valid & ATTR_SIZE) {
947                 ecryptfs_printk(KERN_DEBUG,
948                                 "ia->ia_valid = [0x%x] ATTR_SIZE" " = [0x%x]\n",
949                                 ia->ia_valid, ATTR_SIZE);
950                 rc = ecryptfs_truncate(dentry, ia->ia_size);
951                 /* ecryptfs_truncate handles resizing of the lower file */
952                 ia->ia_valid &= ~ATTR_SIZE;
953                 ecryptfs_printk(KERN_DEBUG, "ia->ia_valid = [%x]\n",
954                                 ia->ia_valid);
955                 if (rc < 0)
956                         goto out;
957         }
958
959         /*
960          * mode change is for clearing setuid/setgid bits. Allow lower fs
961          * to interpret this in its own way.
962          */
963         if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
964                 ia->ia_valid &= ~ATTR_MODE;
965
966         mutex_lock(&lower_dentry->d_inode->i_mutex);
967         rc = notify_change(lower_dentry, ia);
968         mutex_unlock(&lower_dentry->d_inode->i_mutex);
969 out:
970         fsstack_copy_attr_all(inode, lower_inode, NULL);
971         return rc;
972 }
973
974 int
975 ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
976                   size_t size, int flags)
977 {
978         int rc = 0;
979         struct dentry *lower_dentry;
980
981         lower_dentry = ecryptfs_dentry_to_lower(dentry);
982         if (!lower_dentry->d_inode->i_op->setxattr) {
983                 rc = -ENOSYS;
984                 goto out;
985         }
986         mutex_lock(&lower_dentry->d_inode->i_mutex);
987         rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, name, value,
988                                                    size, flags);
989         mutex_unlock(&lower_dentry->d_inode->i_mutex);
990 out:
991         return rc;
992 }
993
994 ssize_t
995 ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name,
996                         void *value, size_t size)
997 {
998         int rc = 0;
999
1000         if (!lower_dentry->d_inode->i_op->getxattr) {
1001                 rc = -ENOSYS;
1002                 goto out;
1003         }
1004         mutex_lock(&lower_dentry->d_inode->i_mutex);
1005         rc = lower_dentry->d_inode->i_op->getxattr(lower_dentry, name, value,
1006                                                    size);
1007         mutex_unlock(&lower_dentry->d_inode->i_mutex);
1008 out:
1009         return rc;
1010 }
1011
1012 static ssize_t
1013 ecryptfs_getxattr(struct dentry *dentry, const char *name, void *value,
1014                   size_t size)
1015 {
1016         return ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), name,
1017                                        value, size);
1018 }
1019
1020 static ssize_t
1021 ecryptfs_listxattr(struct dentry *dentry, char *list, size_t size)
1022 {
1023         int rc = 0;
1024         struct dentry *lower_dentry;
1025
1026         lower_dentry = ecryptfs_dentry_to_lower(dentry);
1027         if (!lower_dentry->d_inode->i_op->listxattr) {
1028                 rc = -ENOSYS;
1029                 goto out;
1030         }
1031         mutex_lock(&lower_dentry->d_inode->i_mutex);
1032         rc = lower_dentry->d_inode->i_op->listxattr(lower_dentry, list, size);
1033         mutex_unlock(&lower_dentry->d_inode->i_mutex);
1034 out:
1035         return rc;
1036 }
1037
1038 static int ecryptfs_removexattr(struct dentry *dentry, const char *name)
1039 {
1040         int rc = 0;
1041         struct dentry *lower_dentry;
1042
1043         lower_dentry = ecryptfs_dentry_to_lower(dentry);
1044         if (!lower_dentry->d_inode->i_op->removexattr) {
1045                 rc = -ENOSYS;
1046                 goto out;
1047         }
1048         mutex_lock(&lower_dentry->d_inode->i_mutex);
1049         rc = lower_dentry->d_inode->i_op->removexattr(lower_dentry, name);
1050         mutex_unlock(&lower_dentry->d_inode->i_mutex);
1051 out:
1052         return rc;
1053 }
1054
1055 int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode)
1056 {
1057         if ((ecryptfs_inode_to_lower(inode)
1058              == (struct inode *)candidate_lower_inode))
1059                 return 1;
1060         else
1061                 return 0;
1062 }
1063
1064 int ecryptfs_inode_set(struct inode *inode, void *lower_inode)
1065 {
1066         ecryptfs_init_inode(inode, (struct inode *)lower_inode);
1067         return 0;
1068 }
1069
1070 const struct inode_operations ecryptfs_symlink_iops = {
1071         .readlink = ecryptfs_readlink,
1072         .follow_link = ecryptfs_follow_link,
1073         .put_link = ecryptfs_put_link,
1074         .permission = ecryptfs_permission,
1075         .setattr = ecryptfs_setattr,
1076         .setxattr = ecryptfs_setxattr,
1077         .getxattr = ecryptfs_getxattr,
1078         .listxattr = ecryptfs_listxattr,
1079         .removexattr = ecryptfs_removexattr
1080 };
1081
1082 const struct inode_operations ecryptfs_dir_iops = {
1083         .create = ecryptfs_create,
1084         .lookup = ecryptfs_lookup,
1085         .link = ecryptfs_link,
1086         .unlink = ecryptfs_unlink,
1087         .symlink = ecryptfs_symlink,
1088         .mkdir = ecryptfs_mkdir,
1089         .rmdir = ecryptfs_rmdir,
1090         .mknod = ecryptfs_mknod,
1091         .rename = ecryptfs_rename,
1092         .permission = ecryptfs_permission,
1093         .setattr = ecryptfs_setattr,
1094         .setxattr = ecryptfs_setxattr,
1095         .getxattr = ecryptfs_getxattr,
1096         .listxattr = ecryptfs_listxattr,
1097         .removexattr = ecryptfs_removexattr
1098 };
1099
1100 const struct inode_operations ecryptfs_main_iops = {
1101         .permission = ecryptfs_permission,
1102         .setattr = ecryptfs_setattr,
1103         .setxattr = ecryptfs_setxattr,
1104         .getxattr = ecryptfs_getxattr,
1105         .listxattr = ecryptfs_listxattr,
1106         .removexattr = ecryptfs_removexattr
1107 };
#################################################################################
/**
2  * eCryptfs: Linux filesystem encryption layer
3  * In-kernel key management code.  Includes functions to parse and
4  * write authentication token-related packets with the underlying
5  * file.
6  *
7  * Copyright (C) 2004-2006 International Business Machines Corp.
8  *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
9  *              Michael C. Thompson <mcthomps@us.ibm.com>
10  *              Trevor S. Highland <trevor.highland@gmail.com>
11  *
12  * This program is free software; you can redistribute it and/or
13  * modify it under the terms of the GNU General Public License as
14  * published by the Free Software Foundation; either version 2 of the
15  * License, or (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful, but
18  * WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
20  * General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program; if not, write to the Free Software
24  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
25  * 02111-1307, USA.
26  */
27
28 #include <linux/string.h>
29 #include <linux/syscalls.h>
30 #include <linux/pagemap.h>
31 #include <linux/key.h>
32 #include <linux/random.h>
33 #include <linux/crypto.h>
34 #include <linux/scatterlist.h>
35 #include "ecryptfs_kernel.h"
36
37 /**
38  * request_key returned an error instead of a valid key address;
39  * determine the type of error, make appropriate log entries, and
40  * return an error code.
41  */
42 static int process_request_key_err(long err_code)
43 {
44         int rc = 0;
45
46         switch (err_code) {
47         case -ENOKEY:
48                 ecryptfs_printk(KERN_WARNING, "No key\n");
49                 rc = -ENOENT;
50                 break;
51         case -EKEYEXPIRED:
52                 ecryptfs_printk(KERN_WARNING, "Key expired\n");
53                 rc = -ETIME;
54                 break;
55         case -EKEYREVOKED:
56                 ecryptfs_printk(KERN_WARNING, "Key revoked\n");
57                 rc = -EINVAL;
58                 break;
59         default:
60                 ecryptfs_printk(KERN_WARNING, "Unknown error code: "
61                                 "[0x%.16x]\n", err_code);
62                 rc = -EINVAL;
63         }
64         return rc;
65 }
66
67 /**
68  * ecryptfs_parse_packet_length
69  * @data: Pointer to memory containing length at offset
70  * @size: This function writes the decoded size to this memory
71  *        address; zero on error
72  * @length_size: The number of bytes occupied by the encoded length
73  *
74  * Returns zero on success; non-zero on error
75  */
76 int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
77                                  size_t *length_size)
78 {
79         int rc = 0;
80
81         (*length_size) = 0;
82         (*size) = 0;
83         if (data[0] < 192) {
84                 /* One-byte length */
85                 (*size) = (unsigned char)data[0];
86                 (*length_size) = 1;
87         } else if (data[0] < 224) {
88                 /* Two-byte length */
89                 (*size) = (((unsigned char)(data[0]) - 192) * 256);
90                 (*size) += ((unsigned char)(data[1]) + 192);
91                 (*length_size) = 2;
92         } else if (data[0] == 255) {
93                 /* Five-byte length; we're not supposed to see this */
94                 ecryptfs_printk(KERN_ERR, "Five-byte packet length not "
95                                 "supported\n");
96                 rc = -EINVAL;
97                 goto out;
98         } else {
99                 ecryptfs_printk(KERN_ERR, "Error parsing packet length\n");
100                 rc = -EINVAL;
101                 goto out;
102         }
103 out:
104         return rc;
105 }
106
107 /**
108  * ecryptfs_write_packet_length
109  * @dest: The byte array target into which to write the length. Must
110  *        have at least 5 bytes allocated.
111  * @size: The length to write.
112  * @packet_size_length: The number of bytes used to encode the packet
113  *                      length is written to this address.
114  *
115  * Returns zero on success; non-zero on error.
116  */
117 int ecryptfs_write_packet_length(char *dest, size_t size,
118                                  size_t *packet_size_length)
119 {
120         int rc = 0;
121
122         if (size < 192) {
123                 dest[0] = size;
124                 (*packet_size_length) = 1;
125         } else if (size < 65536) {
126                 dest[0] = (((size - 192) / 256) + 192);
127                 dest[1] = ((size - 192) % 256);
128                 (*packet_size_length) = 2;
129         } else {
130                 rc = -EINVAL;
131                 ecryptfs_printk(KERN_WARNING,
132                                 "Unsupported packet size: [%d]\n", size);
133         }
134         return rc;
135 }
136
137 static int
138 write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
139                     char **packet, size_t *packet_len)
140 {
141         size_t i = 0;
142         size_t data_len;
143         size_t packet_size_len;
144         char *message;
145         int rc;
146
147         /*
148          *              ***** TAG 64 Packet Format *****
149          *    | Content Type                       | 1 byte       |
150          *    | Key Identifier Size                | 1 or 2 bytes |
151          *    | Key Identifier                     | arbitrary    |
152          *    | Encrypted File Encryption Key Size | 1 or 2 bytes |
153          *    | Encrypted File Encryption Key      | arbitrary    |
154          */
155         data_len = (5 + ECRYPTFS_SIG_SIZE_HEX
156                     + session_key->encrypted_key_size);
157         *packet = kmalloc(data_len, GFP_KERNEL);
158         message = *packet;
159         if (!message) {
160                 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n");
161                 rc = -ENOMEM;
162                 goto out;
163         }
164         message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE;
165         rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
166                                           &packet_size_len);
167         if (rc) {
168                 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
169                                 "header; cannot generate packet length\n");
170                 goto out;
171         }
172         i += packet_size_len;
173         memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
174         i += ECRYPTFS_SIG_SIZE_HEX;
175         rc = ecryptfs_write_packet_length(&message[i],
176                                           session_key->encrypted_key_size,
177                                           &packet_size_len);
178         if (rc) {
179                 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
180                                 "header; cannot generate packet length\n");
181                 goto out;
182         }
183         i += packet_size_len;
184         memcpy(&message[i], session_key->encrypted_key,
185                session_key->encrypted_key_size);
186         i += session_key->encrypted_key_size;
187         *packet_len = i;
188 out:
189         return rc;
190 }
191
192 static int
193 parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code,
194                     struct ecryptfs_message *msg)
195 {
196         size_t i = 0;
197         char *data;
198         size_t data_len;
199         size_t m_size;
200         size_t message_len;
201         u16 checksum = 0;
202         u16 expected_checksum = 0;
203         int rc;
204
205         /*
206          *              ***** TAG 65 Packet Format *****
207          *         | Content Type             | 1 byte       |
208          *         | Status Indicator         | 1 byte       |
209          *         | File Encryption Key Size | 1 or 2 bytes |
210          *         | File Encryption Key      | arbitrary    |
211          */
212         message_len = msg->data_len;
213         data = msg->data;
214         if (message_len < 4) {
215                 rc = -EIO;
216                 goto out;
217         }
218         if (data[i++] != ECRYPTFS_TAG_65_PACKET_TYPE) {
219                 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_65\n");
220                 rc = -EIO;
221                 goto out;
222         }
223         if (data[i++]) {
224                 ecryptfs_printk(KERN_ERR, "Status indicator has non-zero value "
225                                 "[%d]\n", data[i-1]);
226                 rc = -EIO;
227                 goto out;
228         }
229         rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len);
230         if (rc) {
231                 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
232                                 "rc = [%d]\n", rc);
233                 goto out;
234         }
235         i += data_len;
236         if (message_len < (i + m_size)) {
237                 ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd "
238                                 "is shorter than expected\n");
239                 rc = -EIO;
240                 goto out;
241         }
242         if (m_size < 3) {
243                 ecryptfs_printk(KERN_ERR,
244                                 "The decrypted key is not long enough to "
245                                 "include a cipher code and checksum\n");
246                 rc = -EIO;
247                 goto out;
248         }
249         *cipher_code = data[i++];
250         /* The decrypted key includes 1 byte cipher code and 2 byte checksum */
251         session_key->decrypted_key_size = m_size - 3;
252         if (session_key->decrypted_key_size > ECRYPTFS_MAX_KEY_BYTES) {
253                 ecryptfs_printk(KERN_ERR, "key_size [%d] larger than "
254                                 "the maximum key size [%d]\n",
255                                 session_key->decrypted_key_size,
256                                 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
257                 rc = -EIO;
258                 goto out;
259         }
260         memcpy(session_key->decrypted_key, &data[i],
261                session_key->decrypted_key_size);
262         i += session_key->decrypted_key_size;
263         expected_checksum += (unsigned char)(data[i++]) << 8;
264         expected_checksum += (unsigned char)(data[i++]);
265         for (i = 0; i < session_key->decrypted_key_size; i++)
266                 checksum += session_key->decrypted_key[i];
267         if (expected_checksum != checksum) {
268                 ecryptfs_printk(KERN_ERR, "Invalid checksum for file "
269                                 "encryption  key; expected [%x]; calculated "
270                                 "[%x]\n", expected_checksum, checksum);
271                 rc = -EIO;
272         }
273 out:
274         return rc;
275 }
276
277
278 static int
279 write_tag_66_packet(char *signature, u8 cipher_code,
280                     struct ecryptfs_crypt_stat *crypt_stat, char **packet,
281                     size_t *packet_len)
282 {
283         size_t i = 0;
284         size_t j;
285         size_t data_len;
286         size_t checksum = 0;
287         size_t packet_size_len;
288         char *message;
289         int rc;
290
291         /*
292          *              ***** TAG 66 Packet Format *****
293          *         | Content Type             | 1 byte       |
294          *         | Key Identifier Size      | 1 or 2 bytes |
295          *         | Key Identifier           | arbitrary    |
296          *         | File Encryption Key Size | 1 or 2 bytes |
297          *         | File Encryption Key      | arbitrary    |
298          */
299         data_len = (5 + ECRYPTFS_SIG_SIZE_HEX + crypt_stat->key_size);
300         *packet = kmalloc(data_len, GFP_KERNEL);
301         message = *packet;
302         if (!message) {
303                 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n");
304                 rc = -ENOMEM;
305                 goto out;
306         }
307         message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE;
308         rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
309                                           &packet_size_len);
310         if (rc) {
311                 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
312                                 "header; cannot generate packet length\n");
313                 goto out;
314         }
315         i += packet_size_len;
316         memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
317         i += ECRYPTFS_SIG_SIZE_HEX;
318         /* The encrypted key includes 1 byte cipher code and 2 byte checksum */
319         rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3,
320                                           &packet_size_len);
321         if (rc) {
322                 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
323                                 "header; cannot generate packet length\n");
324                 goto out;
325         }
326         i += packet_size_len;
327         message[i++] = cipher_code;
328         memcpy(&message[i], crypt_stat->key, crypt_stat->key_size);
329         i += crypt_stat->key_size;
330         for (j = 0; j < crypt_stat->key_size; j++)
331                 checksum += crypt_stat->key[j];
332         message[i++] = (checksum / 256) % 256;
333         message[i++] = (checksum % 256);
334         *packet_len = i;
335 out:
336         return rc;
337 }
338
339 static int
340 parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
341                     struct ecryptfs_message *msg)
342 {
343         size_t i = 0;
344         char *data;
345         size_t data_len;
346         size_t message_len;
347         int rc;
348
349         /*
350          *              ***** TAG 65 Packet Format *****
351          *    | Content Type                       | 1 byte       |
352          *    | Status Indicator                   | 1 byte       |
353          *    | Encrypted File Encryption Key Size | 1 or 2 bytes |
354          *    | Encrypted File Encryption Key      | arbitrary    |
355          */
356         message_len = msg->data_len;
357         data = msg->data;
358         /* verify that everything through the encrypted FEK size is present */
359         if (message_len < 4) {
360                 rc = -EIO;
361                 printk(KERN_ERR "%s: message_len is [%zd]; minimum acceptable "
362                        "message length is [%d]\n", __func__, message_len, 4);
363                 goto out;
364         }
365         if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) {
366                 rc = -EIO;
367                 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n",
368                        __func__);
369                 goto out;
370         }
371         if (data[i++]) {
372                 rc = -EIO;
373                 printk(KERN_ERR "%s: Status indicator has non zero "
374                        "value [%d]\n", __func__, data[i-1]);
375
376                 goto out;
377         }
378         rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size,
379                                           &data_len);
380         if (rc) {
381                 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
382                                 "rc = [%d]\n", rc);
383                 goto out;
384         }
385         i += data_len;
386         if (message_len < (i + key_rec->enc_key_size)) {
387                 rc = -EIO;
388                 printk(KERN_ERR "%s: message_len [%zd]; max len is [%zd]\n",
389                        __func__, message_len, (i + key_rec->enc_key_size));
390                 goto out;
391         }
392         if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
393                 rc = -EIO;
394                 printk(KERN_ERR "%s: Encrypted key_size [%zd] larger than "
395                        "the maximum key size [%d]\n", __func__,
396                        key_rec->enc_key_size,
397                        ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
398                 goto out;
399         }
400         memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size);
401 out:
402         return rc;
403 }
404
405 static int
406 ecryptfs_find_global_auth_tok_for_sig(
407         struct ecryptfs_global_auth_tok **global_auth_tok,
408         struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig)
409 {
410         struct ecryptfs_global_auth_tok *walker;
411         int rc = 0;
412
413         (*global_auth_tok) = NULL;
414         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
415         list_for_each_entry(walker,
416                             &mount_crypt_stat->global_auth_tok_list,
417                             mount_crypt_stat_list) {
418                 if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX) == 0) {
419                         rc = key_validate(walker->global_auth_tok_key);
420                         if (!rc)
421                                 (*global_auth_tok) = walker;
422                         goto out;
423                 }
424         }
425         rc = -EINVAL;
426 out:
427         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
428         return rc;
429 }
430
431 /**
432  * ecryptfs_find_auth_tok_for_sig
433  * @auth_tok: Set to the matching auth_tok; NULL if not found
434  * @crypt_stat: inode crypt_stat crypto context
435  * @sig: Sig of auth_tok to find
436  *
437  * For now, this function simply looks at the registered auth_tok's
438  * linked off the mount_crypt_stat, so all the auth_toks that can be
439  * used must be registered at mount time. This function could
440  * potentially try a lot harder to find auth_tok's (e.g., by calling
441  * out to ecryptfsd to dynamically retrieve an auth_tok object) so
442  * that static registration of auth_tok's will no longer be necessary.
443  *
444  * Returns zero on no error; non-zero on error
445  */
446 static int
447 ecryptfs_find_auth_tok_for_sig(
448         struct ecryptfs_auth_tok **auth_tok,
449         struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
450         char *sig)
451 {
452         struct ecryptfs_global_auth_tok *global_auth_tok;
453         int rc = 0;
454
455         (*auth_tok) = NULL;
456         if (ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok,
457                                                   mount_crypt_stat, sig)) {
458                 struct key *auth_tok_key;
459
460                 rc = ecryptfs_keyring_auth_tok_for_sig(&auth_tok_key, auth_tok,
461                                                        sig);
462         } else
463                 (*auth_tok) = global_auth_tok->global_auth_tok;
464         return rc;
465 }
466
467 /**
468  * write_tag_70_packet can gobble a lot of stack space. We stuff most
469  * of the function's parameters in a kmalloc'd struct to help reduce
470  * eCryptfs' overall stack usage.
471  */
472 struct ecryptfs_write_tag_70_packet_silly_stack {
473         u8 cipher_code;
474         size_t max_packet_size;
475         size_t packet_size_len;
476         size_t block_aligned_filename_size;
477         size_t block_size;
478         size_t i;
479         size_t j;
480         size_t num_rand_bytes;
481         struct mutex *tfm_mutex;
482         char *block_aligned_filename;
483         struct ecryptfs_auth_tok *auth_tok;
484         struct scatterlist src_sg;
485         struct scatterlist dst_sg;
486         struct blkcipher_desc desc;
487         char iv[ECRYPTFS_MAX_IV_BYTES];
488         char hash[ECRYPTFS_TAG_70_DIGEST_SIZE];
489         char tmp_hash[ECRYPTFS_TAG_70_DIGEST_SIZE];
490         struct hash_desc hash_desc;
491         struct scatterlist hash_sg;
492 };
493
494 /**
495  * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK
496  * @filename: NULL-terminated filename string
497  *
498  * This is the simplest mechanism for achieving filename encryption in
499  * eCryptfs. It encrypts the given filename with the mount-wide
500  * filename encryption key (FNEK) and stores it in a packet to @dest,
501  * which the callee will encode and write directly into the dentry
502  * name.
503  */
504 int
505 ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,
506                              size_t *packet_size,
507                              struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
508                              char *filename, size_t filename_size)
509 {
510         struct ecryptfs_write_tag_70_packet_silly_stack *s;
511         int rc = 0;
512
513         s = kmalloc(sizeof(*s), GFP_KERNEL);
514         if (!s) {
515                 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc "
516                        "[%zd] bytes of kernel memory\n", __func__, sizeof(*s));
517                 goto out;
518         }
519         s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
520         (*packet_size) = 0;
521         rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(
522                 &s->desc.tfm,
523                 &s->tfm_mutex, mount_crypt_stat->global_default_fn_cipher_name);
524         if (unlikely(rc)) {
525                 printk(KERN_ERR "Internal error whilst attempting to get "
526                        "tfm and mutex for cipher name [%s]; rc = [%d]\n",
527                        mount_crypt_stat->global_default_fn_cipher_name, rc);
528                 goto out;
529         }
530         mutex_lock(s->tfm_mutex);
531         s->block_size = crypto_blkcipher_blocksize(s->desc.tfm);
532         /* Plus one for the \0 separator between the random prefix
533          * and the plaintext filename */
534         s->num_rand_bytes = (ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES + 1);
535         s->block_aligned_filename_size = (s->num_rand_bytes + filename_size);
536         if ((s->block_aligned_filename_size % s->block_size) != 0) {
537                 s->num_rand_bytes += (s->block_size
538                                       - (s->block_aligned_filename_size
539                                          % s->block_size));
540                 s->block_aligned_filename_size = (s->num_rand_bytes
541                                                   + filename_size);
542         }
543         /* Octet 0: Tag 70 identifier
544          * Octets 1-N1: Tag 70 packet size (includes cipher identifier
545          *              and block-aligned encrypted filename size)
546          * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE)
547          * Octet N2-N3: Cipher identifier (1 octet)
548          * Octets N3-N4: Block-aligned encrypted filename
549          *  - Consists of a minimum number of random characters, a \0
550          *    separator, and then the filename */
551         s->max_packet_size = (1                   /* Tag 70 identifier */
552                               + 3                 /* Max Tag 70 packet size */
553                               + ECRYPTFS_SIG_SIZE /* FNEK sig */
554                               + 1                 /* Cipher identifier */
555                               + s->block_aligned_filename_size);
556         if (dest == NULL) {
557                 (*packet_size) = s->max_packet_size;
558                 goto out_unlock;
559         }
560         if (s->max_packet_size > (*remaining_bytes)) {
561                 printk(KERN_WARNING "%s: Require [%zd] bytes to write; only "
562                        "[%zd] available\n", __func__, s->max_packet_size,
563                        (*remaining_bytes));
564                 rc = -EINVAL;
565                 goto out_unlock;
566         }
567         s->block_aligned_filename = kzalloc(s->block_aligned_filename_size,
568                                             GFP_KERNEL);
569         if (!s->block_aligned_filename) {
570                 printk(KERN_ERR "%s: Out of kernel memory whilst attempting to "
571                        "kzalloc [%zd] bytes\n", __func__,
572                        s->block_aligned_filename_size);
573                 rc = -ENOMEM;
574                 goto out_unlock;
575         }
576         s->i = 0;
577         dest[s->i++] = ECRYPTFS_TAG_70_PACKET_TYPE;
578         rc = ecryptfs_write_packet_length(&dest[s->i],
579                                           (ECRYPTFS_SIG_SIZE
580                                            + 1 /* Cipher code */
581                                            + s->block_aligned_filename_size),
582                                           &s->packet_size_len);
583         if (rc) {
584                 printk(KERN_ERR "%s: Error generating tag 70 packet "
585                        "header; cannot generate packet length; rc = [%d]\n",
586                        __func__, rc);
587                 goto out_free_unlock;
588         }
589         s->i += s->packet_size_len;
590         ecryptfs_from_hex(&dest[s->i],
591                           mount_crypt_stat->global_default_fnek_sig,
592                           ECRYPTFS_SIG_SIZE);
593         s->i += ECRYPTFS_SIG_SIZE;
594         s->cipher_code = ecryptfs_code_for_cipher_string(
595                 mount_crypt_stat->global_default_fn_cipher_name,
596                 mount_crypt_stat->global_default_fn_cipher_key_bytes);
597         if (s->cipher_code == 0) {
598                 printk(KERN_WARNING "%s: Unable to generate code for "
599                        "cipher [%s] with key bytes [%zd]\n", __func__,
600                        mount_crypt_stat->global_default_fn_cipher_name,
601                        mount_crypt_stat->global_default_fn_cipher_key_bytes);
602                 rc = -EINVAL;
603                 goto out_free_unlock;
604         }
605         dest[s->i++] = s->cipher_code;
606         rc = ecryptfs_find_auth_tok_for_sig(
607                 &s->auth_tok, mount_crypt_stat,
608                 mount_crypt_stat->global_default_fnek_sig);
609         if (rc) {
610                 printk(KERN_ERR "%s: Error attempting to find auth tok for "
611                        "fnek sig [%s]; rc = [%d]\n", __func__,
612                        mount_crypt_stat->global_default_fnek_sig, rc);
613                 goto out_free_unlock;
614         }
615         /* TODO: Support other key modules than passphrase for
616          * filename encryption */
617         if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
618                 rc = -EOPNOTSUPP;
619                 printk(KERN_INFO "%s: Filename encryption only supports "
620                        "password tokens\n", __func__);
621                 goto out_free_unlock;
622         }
623         sg_init_one(
624                 &s->hash_sg,
625                 (u8 *)s->auth_tok->token.password.session_key_encryption_key,
626                 s->auth_tok->token.password.session_key_encryption_key_bytes);
627         s->hash_desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
628         s->hash_desc.tfm = crypto_alloc_hash(ECRYPTFS_TAG_70_DIGEST, 0,
629                                              CRYPTO_ALG_ASYNC);
630         if (IS_ERR(s->hash_desc.tfm)) {
631                         rc = PTR_ERR(s->hash_desc.tfm);
632                         printk(KERN_ERR "%s: Error attempting to "
633                                "allocate hash crypto context; rc = [%d]\n",
634                                __func__, rc);
635                         goto out_free_unlock;
636         }
637         rc = crypto_hash_init(&s->hash_desc);
638         if (rc) {
639                 printk(KERN_ERR
640                        "%s: Error initializing crypto hash; rc = [%d]\n",
641                        __func__, rc);
642                 goto out_release_free_unlock;
643         }
644         rc = crypto_hash_update(
645                 &s->hash_desc, &s->hash_sg,
646                 s->auth_tok->token.password.session_key_encryption_key_bytes);
647         if (rc) {
648                 printk(KERN_ERR
649                        "%s: Error updating crypto hash; rc = [%d]\n",
650                        __func__, rc);
651                 goto out_release_free_unlock;
652         }
653         rc = crypto_hash_final(&s->hash_desc, s->hash);
654         if (rc) {
655                 printk(KERN_ERR
656                        "%s: Error finalizing crypto hash; rc = [%d]\n",
657                        __func__, rc);
658                 goto out_release_free_unlock;
659         }
660         for (s->j = 0; s->j < (s->num_rand_bytes - 1); s->j++) {
661                 s->block_aligned_filename[s->j] =
662                         s->hash[(s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)];
663                 if ((s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)
664                     == (ECRYPTFS_TAG_70_DIGEST_SIZE - 1)) {
665                         sg_init_one(&s->hash_sg, (u8 *)s->hash,
666                                     ECRYPTFS_TAG_70_DIGEST_SIZE);
667                         rc = crypto_hash_init(&s->hash_desc);
668                         if (rc) {
669                                 printk(KERN_ERR
670                                        "%s: Error initializing crypto hash; "
671                                        "rc = [%d]\n", __func__, rc);
672                                 goto out_release_free_unlock;
673                         }
674                         rc = crypto_hash_update(&s->hash_desc, &s->hash_sg,
675                                                 ECRYPTFS_TAG_70_DIGEST_SIZE);
676                         if (rc) {
677                                 printk(KERN_ERR
678                                        "%s: Error updating crypto hash; "
679                                        "rc = [%d]\n", __func__, rc);
680                                 goto out_release_free_unlock;
681                         }
682                         rc = crypto_hash_final(&s->hash_desc, s->tmp_hash);
683                         if (rc) {
684                                 printk(KERN_ERR
685                                        "%s: Error finalizing crypto hash; "
686                                        "rc = [%d]\n", __func__, rc);
687                                 goto out_release_free_unlock;
688                         }
689                         memcpy(s->hash, s->tmp_hash,
690                                ECRYPTFS_TAG_70_DIGEST_SIZE);
691                 }
692                 if (s->block_aligned_filename[s->j] == '\0')
693                         s->block_aligned_filename[s->j] = ECRYPTFS_NON_NULL;
694         }
695         memcpy(&s->block_aligned_filename[s->num_rand_bytes], filename,
696                filename_size);
697         rc = virt_to_scatterlist(s->block_aligned_filename,
698                                  s->block_aligned_filename_size, &s->src_sg, 1);
699         if (rc != 1) {
700                 printk(KERN_ERR "%s: Internal error whilst attempting to "
701                        "convert filename memory to scatterlist; "
702                        "expected rc = 1; got rc = [%d]. "
703                        "block_aligned_filename_size = [%zd]\n", __func__, rc,
704                        s->block_aligned_filename_size);
705                 goto out_release_free_unlock;
706         }
707         rc = virt_to_scatterlist(&dest[s->i], s->block_aligned_filename_size,
708                                  &s->dst_sg, 1);
709         if (rc != 1) {
710                 printk(KERN_ERR "%s: Internal error whilst attempting to "
711                        "convert encrypted filename memory to scatterlist; "
712                        "expected rc = 1; got rc = [%d]. "
713                        "block_aligned_filename_size = [%zd]\n", __func__, rc,
714                        s->block_aligned_filename_size);
715                 goto out_release_free_unlock;
716         }
717         /* The characters in the first block effectively do the job
718          * of the IV here, so we just use 0's for the IV. Note the
719          * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES
720          * >= ECRYPTFS_MAX_IV_BYTES. */
721         memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES);
722         s->desc.info = s->iv;
723         rc = crypto_blkcipher_setkey(
724                 s->desc.tfm,
725                 s->auth_tok->token.password.session_key_encryption_key,
726                 mount_crypt_stat->global_default_fn_cipher_key_bytes);
727         if (rc < 0) {
728                 printk(KERN_ERR "%s: Error setting key for crypto context; "
729                        "rc = [%d]. s->auth_tok->token.password.session_key_"
730                        "encryption_key = [0x%p]; mount_crypt_stat->"
731                        "global_default_fn_cipher_key_bytes = [%zd]\n", __func__,
732                        rc,
733                        s->auth_tok->token.password.session_key_encryption_key,
734                        mount_crypt_stat->global_default_fn_cipher_key_bytes);
735                 goto out_release_free_unlock;
736         }
737         rc = crypto_blkcipher_encrypt_iv(&s->desc, &s->dst_sg, &s->src_sg,
738                                          s->block_aligned_filename_size);
739         if (rc) {
740                 printk(KERN_ERR "%s: Error attempting to encrypt filename; "
741                        "rc = [%d]\n", __func__, rc);
742                 goto out_release_free_unlock;
743         }
744         s->i += s->block_aligned_filename_size;
745         (*packet_size) = s->i;
746         (*remaining_bytes) -= (*packet_size);
747 out_release_free_unlock:
748         crypto_free_hash(s->hash_desc.tfm);
749 out_free_unlock:
750         kzfree(s->block_aligned_filename);
751 out_unlock:
752         mutex_unlock(s->tfm_mutex);
753 out:
754         kfree(s);
755         return rc;
756 }
757
758 struct ecryptfs_parse_tag_70_packet_silly_stack {
759         u8 cipher_code;
760         size_t max_packet_size;
761         size_t packet_size_len;
762         size_t parsed_tag_70_packet_size;
763         size_t block_aligned_filename_size;
764         size_t block_size;
765         size_t i;
766         struct mutex *tfm_mutex;
767         char *decrypted_filename;
768         struct ecryptfs_auth_tok *auth_tok;
769         struct scatterlist src_sg;
770         struct scatterlist dst_sg;
771         struct blkcipher_desc desc;
772         char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1];
773         char iv[ECRYPTFS_MAX_IV_BYTES];
774         char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE];
775 };
776
777 /**
778  * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet
779  * @filename: This function kmalloc's the memory for the filename
780  * @filename_size: This function sets this to the amount of memory
781  *                 kmalloc'd for the filename
782  * @packet_size: This function sets this to the the number of octets
783  *               in the packet parsed
784  * @mount_crypt_stat: The mount-wide cryptographic context
785  * @data: The memory location containing the start of the tag 70
786  *        packet
787  * @max_packet_size: The maximum legal size of the packet to be parsed
788  *                   from @data
789  *
790  * Returns zero on success; non-zero otherwise
791  */
792 int
793 ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size,
794                              size_t *packet_size,
795                              struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
796                              char *data, size_t max_packet_size)
797 {
798         struct ecryptfs_parse_tag_70_packet_silly_stack *s;
799         int rc = 0;
800
801         (*packet_size) = 0;
802         (*filename_size) = 0;
803         (*filename) = NULL;
804         s = kmalloc(sizeof(*s), GFP_KERNEL);
805         if (!s) {
806                 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc "
807                        "[%zd] bytes of kernel memory\n", __func__, sizeof(*s));
808                 goto out;
809         }
810         s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
811         if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) {
812                 printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be "
813                        "at least [%d]\n", __func__, max_packet_size,
814                         (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1));
815                 rc = -EINVAL;
816                 goto out;
817         }
818         /* Octet 0: Tag 70 identifier
819          * Octets 1-N1: Tag 70 packet size (includes cipher identifier
820          *              and block-aligned encrypted filename size)
821          * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE)
822          * Octet N2-N3: Cipher identifier (1 octet)
823          * Octets N3-N4: Block-aligned encrypted filename
824          *  - Consists of a minimum number of random numbers, a \0
825          *    separator, and then the filename */
826         if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) {
827                 printk(KERN_WARNING "%s: Invalid packet tag [0x%.2x]; must be "
828                        "tag [0x%.2x]\n", __func__,
829                        data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE);
830                 rc = -EINVAL;
831                 goto out;
832         }
833         rc = ecryptfs_parse_packet_length(&data[(*packet_size)],
834                                           &s->parsed_tag_70_packet_size,
835                                           &s->packet_size_len);
836         if (rc) {
837                 printk(KERN_WARNING "%s: Error parsing packet length; "
838                        "rc = [%d]\n", __func__, rc);
839                 goto out;
840         }
841         s->block_aligned_filename_size = (s->parsed_tag_70_packet_size
842                                           - ECRYPTFS_SIG_SIZE - 1);
843         if ((1 + s->packet_size_len + s->parsed_tag_70_packet_size)
844             > max_packet_size) {
845                 printk(KERN_WARNING "%s: max_packet_size is [%zd]; real packet "
846                        "size is [%zd]\n", __func__, max_packet_size,
847                        (1 + s->packet_size_len + 1
848                         + s->block_aligned_filename_size));
849                 rc = -EINVAL;
850                 goto out;
851         }
852         (*packet_size) += s->packet_size_len;
853         ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)],
854                         ECRYPTFS_SIG_SIZE);
855         s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0';
856         (*packet_size) += ECRYPTFS_SIG_SIZE;
857         s->cipher_code = data[(*packet_size)++];
858         rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code);
859         if (rc) {
860                 printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n",
861                        __func__, s->cipher_code);
862                 goto out;
863         }
864         rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&s->desc.tfm,
865                                                         &s->tfm_mutex,
866                                                         s->cipher_string);
867         if (unlikely(rc)) {
868                 printk(KERN_ERR "Internal error whilst attempting to get "
869                        "tfm and mutex for cipher name [%s]; rc = [%d]\n",
870                        s->cipher_string, rc);
871                 goto out;
872         }
873         mutex_lock(s->tfm_mutex);
874         rc = virt_to_scatterlist(&data[(*packet_size)],
875                                  s->block_aligned_filename_size, &s->src_sg, 1);
876         if (rc != 1) {
877                 printk(KERN_ERR "%s: Internal error whilst attempting to "
878                        "convert encrypted filename memory to scatterlist; "
879                        "expected rc = 1; got rc = [%d]. "
880                        "block_aligned_filename_size = [%zd]\n", __func__, rc,
881                        s->block_aligned_filename_size);
882                 goto out_unlock;
883         }
884         (*packet_size) += s->block_aligned_filename_size;
885         s->decrypted_filename = kmalloc(s->block_aligned_filename_size,
886                                         GFP_KERNEL);
887         if (!s->decrypted_filename) {
888                 printk(KERN_ERR "%s: Out of memory whilst attempting to "
889                        "kmalloc [%zd] bytes\n", __func__,
890                        s->block_aligned_filename_size);
891                 rc = -ENOMEM;
892                 goto out_unlock;
893         }
894         rc = virt_to_scatterlist(s->decrypted_filename,
895                                  s->block_aligned_filename_size, &s->dst_sg, 1);
896         if (rc != 1) {
897                 printk(KERN_ERR "%s: Internal error whilst attempting to "
898                        "convert decrypted filename memory to scatterlist; "
899                        "expected rc = 1; got rc = [%d]. "
900                        "block_aligned_filename_size = [%zd]\n", __func__, rc,
901                        s->block_aligned_filename_size);
902                 goto out_free_unlock;
903         }
904         /* The characters in the first block effectively do the job of
905          * the IV here, so we just use 0's for the IV. Note the
906          * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES
907          * >= ECRYPTFS_MAX_IV_BYTES. */
908         memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES);
909         s->desc.info = s->iv;
910         rc = ecryptfs_find_auth_tok_for_sig(&s->auth_tok, mount_crypt_stat,
911                                             s->fnek_sig_hex);
912         if (rc) {
913                 printk(KERN_ERR "%s: Error attempting to find auth tok for "
914                        "fnek sig [%s]; rc = [%d]\n", __func__, s->fnek_sig_hex,
915                        rc);
916                 goto out_free_unlock;
917         }
918         /* TODO: Support other key modules than passphrase for
919          * filename encryption */
920         if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
921                 rc = -EOPNOTSUPP;
922                 printk(KERN_INFO "%s: Filename encryption only supports "
923                        "password tokens\n", __func__);
924                 goto out_free_unlock;
925         }
926         rc = crypto_blkcipher_setkey(
927                 s->desc.tfm,
928                 s->auth_tok->token.password.session_key_encryption_key,
929                 mount_crypt_stat->global_default_fn_cipher_key_bytes);
930         if (rc < 0) {
931                 printk(KERN_ERR "%s: Error setting key for crypto context; "
932                        "rc = [%d]. s->auth_tok->token.password.session_key_"
933                        "encryption_key = [0x%p]; mount_crypt_stat->"
934                        "global_default_fn_cipher_key_bytes = [%zd]\n", __func__,
935                        rc,
936                        s->auth_tok->token.password.session_key_encryption_key,
937                        mount_crypt_stat->global_default_fn_cipher_key_bytes);
938                 goto out_free_unlock;
939         }
940         rc = crypto_blkcipher_decrypt_iv(&s->desc, &s->dst_sg, &s->src_sg,
941                                          s->block_aligned_filename_size);
942         if (rc) {
943                 printk(KERN_ERR "%s: Error attempting to decrypt filename; "
944                        "rc = [%d]\n", __func__, rc);
945                 goto out_free_unlock;
946         }
947         s->i = 0;
948         while (s->decrypted_filename[s->i] != '\0'
949                && s->i < s->block_aligned_filename_size)
950                 s->i++;
951         if (s->i == s->block_aligned_filename_size) {
952                 printk(KERN_WARNING "%s: Invalid tag 70 packet; could not "
953                        "find valid separator between random characters and "
954                        "the filename\n", __func__);
955                 rc = -EINVAL;
956                 goto out_free_unlock;
957         }
958         s->i++;
959         (*filename_size) = (s->block_aligned_filename_size - s->i);
960         if (!((*filename_size) > 0 && (*filename_size < PATH_MAX))) {
961                 printk(KERN_WARNING "%s: Filename size is [%zd], which is "
962                        "invalid\n", __func__, (*filename_size));
963                 rc = -EINVAL;
964                 goto out_free_unlock;
965         }
966         (*filename) = kmalloc(((*filename_size) + 1), GFP_KERNEL);
967         if (!(*filename)) {
968                 printk(KERN_ERR "%s: Out of memory whilst attempting to "
969                        "kmalloc [%zd] bytes\n", __func__,
970                        ((*filename_size) + 1));
971                 rc = -ENOMEM;
972                 goto out_free_unlock;
973         }
974         memcpy((*filename), &s->decrypted_filename[s->i], (*filename_size));
975         (*filename)[(*filename_size)] = '\0';
976 out_free_unlock:
977         kfree(s->decrypted_filename);
978 out_unlock:
979         mutex_unlock(s->tfm_mutex);
980 out:
981         if (rc) {
982                 (*packet_size) = 0;
983                 (*filename_size) = 0;
984                 (*filename) = NULL;
985         }
986         kfree(s);
987         return rc;
988 }
989
990 static int
991 ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok)
992 {
993         int rc = 0;
994
995         (*sig) = NULL;
996         switch (auth_tok->token_type) {
997         case ECRYPTFS_PASSWORD:
998                 (*sig) = auth_tok->token.password.signature;
999                 break;
1000         case ECRYPTFS_PRIVATE_KEY:
1001                 (*sig) = auth_tok->token.private_key.signature;
1002                 break;
1003         default:
1004                 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n",
1005                        auth_tok->token_type);
1006                 rc = -EINVAL;
1007         }
1008         return rc;
1009 }
1010
1011 /**
1012  * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok.
1013  * @auth_tok: The key authentication token used to decrypt the session key
1014  * @crypt_stat: The cryptographic context
1015  *
1016  * Returns zero on success; non-zero error otherwise.
1017  */
1018 static int
1019 decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
1020                                   struct ecryptfs_crypt_stat *crypt_stat)
1021 {
1022         u8 cipher_code = 0;
1023         struct ecryptfs_msg_ctx *msg_ctx;
1024         struct ecryptfs_message *msg = NULL;
1025         char *auth_tok_sig;
1026         char *payload;
1027         size_t payload_len;
1028         int rc;
1029
1030         rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok);
1031         if (rc) {
1032                 printk(KERN_ERR "Unrecognized auth tok type: [%d]\n",
1033                        auth_tok->token_type);
1034                 goto out;
1035         }
1036         rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),
1037                                  &payload, &payload_len);
1038         if (rc) {
1039                 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n");
1040                 goto out;
1041         }
1042         rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
1043         if (rc) {
1044                 ecryptfs_printk(KERN_ERR, "Error sending message to "
1045                                 "ecryptfsd\n");
1046                 goto out;
1047         }
1048         rc = ecryptfs_wait_for_response(msg_ctx, &msg);
1049         if (rc) {
1050                 ecryptfs_printk(KERN_ERR, "Failed to receive tag 65 packet "
1051                                 "from the user space daemon\n");
1052                 rc = -EIO;
1053                 goto out;
1054         }
1055         rc = parse_tag_65_packet(&(auth_tok->session_key),
1056                                  &cipher_code, msg);
1057         if (rc) {
1058                 printk(KERN_ERR "Failed to parse tag 65 packet; rc = [%d]\n",
1059                        rc);
1060                 goto out;
1061         }
1062         auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1063         memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,
1064                auth_tok->session_key.decrypted_key_size);
1065         crypt_stat->key_size = auth_tok->session_key.decrypted_key_size;
1066         rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code);
1067         if (rc) {
1068                 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n",
1069                                 cipher_code)
1070                 goto out;
1071         }
1072         crypt_stat->flags |= ECRYPTFS_KEY_VALID;
1073         if (ecryptfs_verbosity > 0) {
1074                 ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n");
1075                 ecryptfs_dump_hex(crypt_stat->key,
1076                                   crypt_stat->key_size);
1077         }
1078 out:
1079         if (msg)
1080                 kfree(msg);
1081         return rc;
1082 }
1083
1084 static void wipe_auth_tok_list(struct list_head *auth_tok_list_head)
1085 {
1086         struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
1087         struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp;
1088
1089         list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp,
1090                                  auth_tok_list_head, list) {
1091                 list_del(&auth_tok_list_item->list);
1092                 kmem_cache_free(ecryptfs_auth_tok_list_item_cache,
1093                                 auth_tok_list_item);
1094         }
1095 }
1096
1097 struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
1098
1099 /**
1100  * parse_tag_1_packet
1101  * @crypt_stat: The cryptographic context to modify based on packet contents
1102  * @data: The raw bytes of the packet.
1103  * @auth_tok_list: eCryptfs parses packets into authentication tokens;
1104  *                 a new authentication token will be placed at the
1105  *                 end of this list for this packet.
1106  * @new_auth_tok: Pointer to a pointer to memory that this function
1107  *                allocates; sets the memory address of the pointer to
1108  *                NULL on error. This object is added to the
1109  *                auth_tok_list.
1110  * @packet_size: This function writes the size of the parsed packet
1111  *               into this memory location; zero on error.
1112  * @max_packet_size: The maximum allowable packet size
1113  *
1114  * Returns zero on success; non-zero on error.
1115  */
1116 static int
1117 parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat,
1118                    unsigned char *data, struct list_head *auth_tok_list,
1119                    struct ecryptfs_auth_tok **new_auth_tok,
1120                    size_t *packet_size, size_t max_packet_size)
1121 {
1122         size_t body_size;
1123         struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
1124         size_t length_size;
1125         int rc = 0;
1126
1127         (*packet_size) = 0;
1128         (*new_auth_tok) = NULL;
1129         /**
1130          * This format is inspired by OpenPGP; see RFC 2440
1131          * packet tag 1
1132          *
1133          * Tag 1 identifier (1 byte)
1134          * Max Tag 1 packet size (max 3 bytes)
1135          * Version (1 byte)
1136          * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE)
1137          * Cipher identifier (1 byte)
1138          * Encrypted key size (arbitrary)
1139          *
1140          * 12 bytes minimum packet size
1141          */
1142         if (unlikely(max_packet_size < 12)) {
1143                 printk(KERN_ERR "Invalid max packet size; must be >=12\n");
1144                 rc = -EINVAL;
1145                 goto out;
1146         }
1147         if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) {
1148                 printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n",
1149                        ECRYPTFS_TAG_1_PACKET_TYPE);
1150                 rc = -EINVAL;
1151                 goto out;
1152         }
1153         /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or
1154          * at end of function upon failure */
1155         auth_tok_list_item =
1156                 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache,
1157                                   GFP_KERNEL);
1158         if (!auth_tok_list_item) {
1159                 printk(KERN_ERR "Unable to allocate memory\n");
1160                 rc = -ENOMEM;
1161                 goto out;
1162         }
1163         (*new_auth_tok) = &auth_tok_list_item->auth_tok;
1164         rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
1165                                           &length_size);
1166         if (rc) {
1167                 printk(KERN_WARNING "Error parsing packet length; "
1168                        "rc = [%d]\n", rc);
1169                 goto out_free;
1170         }
1171         if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) {
1172                 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
1173                 rc = -EINVAL;
1174                 goto out_free;
1175         }
1176         (*packet_size) += length_size;
1177         if (unlikely((*packet_size) + body_size > max_packet_size)) {
1178                 printk(KERN_WARNING "Packet size exceeds max\n");
1179                 rc = -EINVAL;
1180                 goto out_free;
1181         }
1182         if (unlikely(data[(*packet_size)++] != 0x03)) {
1183                 printk(KERN_WARNING "Unknown version number [%d]\n",
1184                        data[(*packet_size) - 1]);
1185                 rc = -EINVAL;
1186                 goto out_free;
1187         }
1188         ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature,
1189                         &data[(*packet_size)], ECRYPTFS_SIG_SIZE);
1190         *packet_size += ECRYPTFS_SIG_SIZE;
1191         /* This byte is skipped because the kernel does not need to
1192          * know which public key encryption algorithm was used */
1193         (*packet_size)++;
1194         (*new_auth_tok)->session_key.encrypted_key_size =
1195                 body_size - (ECRYPTFS_SIG_SIZE + 2);
1196         if ((*new_auth_tok)->session_key.encrypted_key_size
1197             > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
1198                 printk(KERN_WARNING "Tag 1 packet contains key larger "
1199                        "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES");
1200                 rc = -EINVAL;
1201                 goto out;
1202         }
1203         memcpy((*new_auth_tok)->session_key.encrypted_key,
1204                &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2)));
1205         (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size;
1206         (*new_auth_tok)->session_key.flags &=
1207                 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1208         (*new_auth_tok)->session_key.flags |=
1209                 ECRYPTFS_CONTAINS_ENCRYPTED_KEY;
1210         (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY;
1211         (*new_auth_tok)->flags = 0;
1212         (*new_auth_tok)->session_key.flags &=
1213                 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT);
1214         (*new_auth_tok)->session_key.flags &=
1215                 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT);
1216         list_add(&auth_tok_list_item->list, auth_tok_list);
1217         goto out;
1218 out_free:
1219         (*new_auth_tok) = NULL;
1220         memset(auth_tok_list_item, 0,
1221                sizeof(struct ecryptfs_auth_tok_list_item));
1222         kmem_cache_free(ecryptfs_auth_tok_list_item_cache,
1223                         auth_tok_list_item);
1224 out:
1225         if (rc)
1226                 (*packet_size) = 0;
1227         return rc;
1228 }
1229
1230 /**
1231  * parse_tag_3_packet
1232  * @crypt_stat: The cryptographic context to modify based on packet
1233  *              contents.
1234  * @data: The raw bytes of the packet.
1235  * @auth_tok_list: eCryptfs parses packets into authentication tokens;
1236  *                 a new authentication token will be placed at the end
1237  *                 of this list for this packet.
1238  * @new_auth_tok: Pointer to a pointer to memory that this function
1239  *                allocates; sets the memory address of the pointer to
1240  *                NULL on error. This object is added to the
1241  *                auth_tok_list.
1242  * @packet_size: This function writes the size of the parsed packet
1243  *               into this memory location; zero on error.
1244  * @max_packet_size: maximum number of bytes to parse
1245  *
1246  * Returns zero on success; non-zero on error.
1247  */
1248 static int
1249 parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
1250                    unsigned char *data, struct list_head *auth_tok_list,
1251                    struct ecryptfs_auth_tok **new_auth_tok,
1252                    size_t *packet_size, size_t max_packet_size)
1253 {
1254         size_t body_size;
1255         struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
1256         size_t length_size;
1257         int rc = 0;
1258
1259         (*packet_size) = 0;
1260         (*new_auth_tok) = NULL;
1261         /**
1262          *This format is inspired by OpenPGP; see RFC 2440
1263          * packet tag 3
1264          *
1265          * Tag 3 identifier (1 byte)
1266          * Max Tag 3 packet size (max 3 bytes)
1267          * Version (1 byte)
1268          * Cipher code (1 byte)
1269          * S2K specifier (1 byte)
1270          * Hash identifier (1 byte)
1271          * Salt (ECRYPTFS_SALT_SIZE)
1272          * Hash iterations (1 byte)
1273          * Encrypted key (arbitrary)
1274          *
1275          * (ECRYPTFS_SALT_SIZE + 7) minimum packet size
1276          */
1277         if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) {
1278                 printk(KERN_ERR "Max packet size too large\n");
1279                 rc = -EINVAL;
1280                 goto out;
1281         }
1282         if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) {
1283                 printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n",
1284                        ECRYPTFS_TAG_3_PACKET_TYPE);
1285                 rc = -EINVAL;
1286                 goto out;
1287         }
1288         /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or
1289          * at end of function upon failure */
1290         auth_tok_list_item =
1291             kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL);
1292         if (!auth_tok_list_item) {
1293                 printk(KERN_ERR "Unable to allocate memory\n");
1294                 rc = -ENOMEM;
1295                 goto out;
1296         }
1297         (*new_auth_tok) = &auth_tok_list_item->auth_tok;
1298         rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
1299                                           &length_size);
1300         if (rc) {
1301                 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n",
1302                        rc);
1303                 goto out_free;
1304         }
1305         if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) {
1306                 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
1307                 rc = -EINVAL;
1308                 goto out_free;
1309         }
1310         (*packet_size) += length_size;
1311         if (unlikely((*packet_size) + body_size > max_packet_size)) {
1312                 printk(KERN_ERR "Packet size exceeds max\n");
1313                 rc = -EINVAL;
1314                 goto out_free;
1315         }
1316         (*new_auth_tok)->session_key.encrypted_key_size =
1317                 (body_size - (ECRYPTFS_SALT_SIZE + 5));
1318         if ((*new_auth_tok)->session_key.encrypted_key_size
1319             > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
1320                 printk(KERN_WARNING "Tag 3 packet contains key larger "
1321                        "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES\n");
1322                 rc = -EINVAL;
1323                 goto out_free;
1324         }
1325         if (unlikely(data[(*packet_size)++] != 0x04)) {
1326                 printk(KERN_WARNING "Unknown version number [%d]\n",
1327                        data[(*packet_size) - 1]);
1328                 rc = -EINVAL;
1329                 goto out_free;
1330         }
1331         rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
1332                                             (u16)data[(*packet_size)]);
1333         if (rc)
1334                 goto out_free;
1335         /* A little extra work to differentiate among the AES key
1336          * sizes; see RFC2440 */
1337         switch(data[(*packet_size)++]) {
1338         case RFC2440_CIPHER_AES_192:
1339                 crypt_stat->key_size = 24;
1340                 break;
1341         default:
1342                 crypt_stat->key_size =
1343                         (*new_auth_tok)->session_key.encrypted_key_size;
1344         }
1345         rc = ecryptfs_init_crypt_ctx(crypt_stat);
1346         if (rc)
1347                 goto out_free;
1348         if (unlikely(data[(*packet_size)++] != 0x03)) {
1349                 printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
1350                 rc = -ENOSYS;
1351                 goto out_free;
1352         }
1353         /* TODO: finish the hash mapping */
1354         switch (data[(*packet_size)++]) {
1355         case 0x01: /* See RFC2440 for these numbers and their mappings */
1356                 /* Choose MD5 */
1357                 memcpy((*new_auth_tok)->token.password.salt,
1358                        &data[(*packet_size)], ECRYPTFS_SALT_SIZE);
1359                 (*packet_size) += ECRYPTFS_SALT_SIZE;
1360                 /* This conversion was taken straight from RFC2440 */
1361                 (*new_auth_tok)->token.password.hash_iterations =
1362                         ((u32) 16 + (data[(*packet_size)] & 15))
1363                                 << ((data[(*packet_size)] >> 4) + 6);
1364                 (*packet_size)++;
1365                 /* Friendly reminder:
1366                  * (*new_auth_tok)->session_key.encrypted_key_size =
1367                  *         (body_size - (ECRYPTFS_SALT_SIZE + 5)); */
1368                 memcpy((*new_auth_tok)->session_key.encrypted_key,
1369                        &data[(*packet_size)],
1370                        (*new_auth_tok)->session_key.encrypted_key_size);
1371                 (*packet_size) +=
1372                         (*new_auth_tok)->session_key.encrypted_key_size;
1373                 (*new_auth_tok)->session_key.flags &=
1374                         ~ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1375                 (*new_auth_tok)->session_key.flags |=
1376                         ECRYPTFS_CONTAINS_ENCRYPTED_KEY;
1377                 (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */
1378                 break;
1379         default:
1380                 ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: "
1381                                 "[%d]\n", data[(*packet_size) - 1]);
1382                 rc = -ENOSYS;
1383                 goto out_free;
1384         }
1385         (*new_auth_tok)->token_type = ECRYPTFS_PASSWORD;
1386         /* TODO: Parametarize; we might actually want userspace to
1387          * decrypt the session key. */
1388         (*new_auth_tok)->session_key.flags &=
1389                             ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT);
1390         (*new_auth_tok)->session_key.flags &=
1391                             ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT);
1392         list_add(&auth_tok_list_item->list, auth_tok_list);
1393         goto out;
1394 out_free:
1395         (*new_auth_tok) = NULL;
1396         memset(auth_tok_list_item, 0,
1397                sizeof(struct ecryptfs_auth_tok_list_item));
1398         kmem_cache_free(ecryptfs_auth_tok_list_item_cache,
1399                         auth_tok_list_item);
1400 out:
1401         if (rc)
1402                 (*packet_size) = 0;
1403         return rc;
1404 }
1405
1406 /**
1407  * parse_tag_11_packet
1408  * @data: The raw bytes of the packet
1409  * @contents: This function writes the data contents of the literal
1410  *            packet into this memory location
1411  * @max_contents_bytes: The maximum number of bytes that this function
1412  *                      is allowed to write into contents
1413  * @tag_11_contents_size: This function writes the size of the parsed
1414  *                        contents into this memory location; zero on
1415  *                        error
1416  * @packet_size: This function writes the size of the parsed packet
1417  *               into this memory location; zero on error
1418  * @max_packet_size: maximum number of bytes to parse
1419  *
1420  * Returns zero on success; non-zero on error.
1421  */
1422 static int
1423 parse_tag_11_packet(unsigned char *data, unsigned char *contents,
1424                     size_t max_contents_bytes, size_t *tag_11_contents_size,
1425                     size_t *packet_size, size_t max_packet_size)
1426 {
1427         size_t body_size;
1428         size_t length_size;
1429         int rc = 0;
1430
1431         (*packet_size) = 0;
1432         (*tag_11_contents_size) = 0;
1433         /* This format is inspired by OpenPGP; see RFC 2440
1434          * packet tag 11
1435          *
1436          * Tag 11 identifier (1 byte)
1437          * Max Tag 11 packet size (max 3 bytes)
1438          * Binary format specifier (1 byte)
1439          * Filename length (1 byte)
1440          * Filename ("_CONSOLE") (8 bytes)
1441          * Modification date (4 bytes)
1442          * Literal data (arbitrary)
1443          *
1444          * We need at least 16 bytes of data for the packet to even be
1445          * valid.
1446          */
1447         if (max_packet_size < 16) {
1448                 printk(KERN_ERR "Maximum packet size too small\n");
1449                 rc = -EINVAL;
1450                 goto out;
1451         }
1452         if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) {
1453                 printk(KERN_WARNING "Invalid tag 11 packet format\n");
1454                 rc = -EINVAL;
1455                 goto out;
1456         }
1457         rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
1458                                           &length_size);
1459         if (rc) {
1460                 printk(KERN_WARNING "Invalid tag 11 packet format\n");
1461                 goto out;
1462         }
1463         if (body_size < 14) {
1464                 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
1465                 rc = -EINVAL;
1466                 goto out;
1467         }
1468         (*packet_size) += length_size;
1469         (*tag_11_contents_size) = (body_size - 14);
1470         if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) {
1471                 printk(KERN_ERR "Packet size exceeds max\n");
1472                 rc = -EINVAL;
1473                 goto out;
1474         }
1475         if (unlikely((*tag_11_contents_size) > max_contents_bytes)) {
1476                 printk(KERN_ERR "Literal data section in tag 11 packet exceeds "
1477                        "expected size\n");
1478                 rc = -EINVAL;
1479                 goto out;
1480         }
1481         if (data[(*packet_size)++] != 0x62) {
1482                 printk(KERN_WARNING "Unrecognizable packet\n");
1483                 rc = -EINVAL;
1484                 goto out;
1485         }
1486         if (data[(*packet_size)++] != 0x08) {
1487                 printk(KERN_WARNING "Unrecognizable packet\n");
1488                 rc = -EINVAL;
1489                 goto out;
1490         }
1491         (*packet_size) += 12; /* Ignore filename and modification date */
1492         memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size));
1493         (*packet_size) += (*tag_11_contents_size);
1494 out:
1495         if (rc) {
1496                 (*packet_size) = 0;
1497                 (*tag_11_contents_size) = 0;
1498         }
1499         return rc;
1500 }
1501
1502 /**
1503  * ecryptfs_verify_version
1504  * @version: The version number to confirm
1505  *
1506  * Returns zero on good version; non-zero otherwise
1507  */
1508 static int ecryptfs_verify_version(u16 version)
1509 {
1510         int rc = 0;
1511         unsigned char major;
1512         unsigned char minor;
1513
1514         major = ((version >> 8) & 0xFF);
1515         minor = (version & 0xFF);
1516         if (major != ECRYPTFS_VERSION_MAJOR) {
1517                 ecryptfs_printk(KERN_ERR, "Major version number mismatch. "
1518                                 "Expected [%d]; got [%d]\n",
1519                                 ECRYPTFS_VERSION_MAJOR, major);
1520                 rc = -EINVAL;
1521                 goto out;
1522         }
1523         if (minor != ECRYPTFS_VERSION_MINOR) {
1524                 ecryptfs_printk(KERN_ERR, "Minor version number mismatch. "
1525                                 "Expected [%d]; got [%d]\n",
1526                                 ECRYPTFS_VERSION_MINOR, minor);
1527                 rc = -EINVAL;
1528                 goto out;
1529         }
1530 out:
1531         return rc;
1532 }
1533
1534 int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key,
1535                                       struct ecryptfs_auth_tok **auth_tok,
1536                                       char *sig)
1537 {
1538         int rc = 0;
1539
1540         (*auth_tok_key) = request_key(&key_type_user, sig, NULL);
1541         if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
1542                 printk(KERN_ERR "Could not find key with description: [%s]\n",
1543                        sig);
1544                 rc = process_request_key_err(PTR_ERR(*auth_tok_key));
1545                 goto out;
1546         }
1547         (*auth_tok) = ecryptfs_get_key_payload_data(*auth_tok_key);
1548         if (ecryptfs_verify_version((*auth_tok)->version)) {
1549                 printk(KERN_ERR
1550                        "Data structure version mismatch. "
1551                        "Userspace tools must match eCryptfs "
1552                        "kernel module with major version [%d] "
1553                        "and minor version [%d]\n",
1554                        ECRYPTFS_VERSION_MAJOR,
1555                        ECRYPTFS_VERSION_MINOR);
1556                 rc = -EINVAL;
1557                 goto out;
1558         }
1559         if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD
1560             && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) {
1561                 printk(KERN_ERR "Invalid auth_tok structure "
1562                        "returned from key query\n");
1563                 rc = -EINVAL;
1564                 goto out;
1565         }
1566 out:
1567         return rc;
1568 }
1569
1570 /**
1571  * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok.
1572  * @auth_tok: The passphrase authentication token to use to encrypt the FEK
1573  * @crypt_stat: The cryptographic context
1574  *
1575  * Returns zero on success; non-zero error otherwise
1576  */
1577 static int
1578 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
1579                                          struct ecryptfs_crypt_stat *crypt_stat)
1580 {
1581         struct scatterlist dst_sg[2];
1582         struct scatterlist src_sg[2];
1583         struct mutex *tfm_mutex;
1584         struct blkcipher_desc desc = {
1585                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
1586         };
1587         int rc = 0;
1588
1589         if (unlikely(ecryptfs_verbosity > 0)) {
1590                 ecryptfs_printk(
1591                         KERN_DEBUG, "Session key encryption key (size [%d]):\n",
1592                         auth_tok->token.password.session_key_encryption_key_bytes);
1593                 ecryptfs_dump_hex(
1594                         auth_tok->token.password.session_key_encryption_key,
1595                         auth_tok->token.password.session_key_encryption_key_bytes);
1596         }
1597         rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex,
1598                                                         crypt_stat->cipher);
1599         if (unlikely(rc)) {
1600                 printk(KERN_ERR "Internal error whilst attempting to get "
1601                        "tfm and mutex for cipher name [%s]; rc = [%d]\n",
1602                        crypt_stat->cipher, rc);
1603                 goto out;
1604         }
1605         rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key,
1606                                  auth_tok->session_key.encrypted_key_size,
1607                                  src_sg, 2);
1608         if (rc < 1 || rc > 2) {
1609                 printk(KERN_ERR "Internal error whilst attempting to convert "
1610                         "auth_tok->session_key.encrypted_key to scatterlist; "
1611                         "expected rc = 1; got rc = [%d]. "
1612                        "auth_tok->session_key.encrypted_key_size = [%d]\n", rc,
1613                         auth_tok->session_key.encrypted_key_size);
1614                 goto out;
1615         }
1616         auth_tok->session_key.decrypted_key_size =
1617                 auth_tok->session_key.encrypted_key_size;
1618         rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key,
1619                                  auth_tok->session_key.decrypted_key_size,
1620                                  dst_sg, 2);
1621         if (rc < 1 || rc > 2) {
1622                 printk(KERN_ERR "Internal error whilst attempting to convert "
1623                         "auth_tok->session_key.decrypted_key to scatterlist; "
1624                         "expected rc = 1; got rc = [%d]\n", rc);
1625                 goto out;
1626         }
1627         mutex_lock(tfm_mutex);
1628         rc = crypto_blkcipher_setkey(
1629                 desc.tfm, auth_tok->token.password.session_key_encryption_key,
1630                 crypt_stat->key_size);
1631         if (unlikely(rc < 0)) {
1632                 mutex_unlock(tfm_mutex);
1633                 printk(KERN_ERR "Error setting key for crypto context\n");
1634                 rc = -EINVAL;
1635                 goto out;
1636         }
1637         rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg,
1638                                       auth_tok->session_key.encrypted_key_size);
1639         mutex_unlock(tfm_mutex);
1640         if (unlikely(rc)) {
1641                 printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc);
1642                 goto out;
1643         }
1644         auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1645         memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,
1646                auth_tok->session_key.decrypted_key_size);
1647         crypt_stat->flags |= ECRYPTFS_KEY_VALID;
1648         if (unlikely(ecryptfs_verbosity > 0)) {
1649                 ecryptfs_printk(KERN_DEBUG, "FEK of size [%d]:\n",
1650                                 crypt_stat->key_size);
1651                 ecryptfs_dump_hex(crypt_stat->key,
1652                                   crypt_stat->key_size);
1653         }
1654 out:
1655         return rc;
1656 }
1657
1658 /**
1659  * ecryptfs_parse_packet_set
1660  * @crypt_stat: The cryptographic context
1661  * @src: Virtual address of region of memory containing the packets
1662  * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set
1663  *
1664  * Get crypt_stat to have the file's session key if the requisite key
1665  * is available to decrypt the session key.
1666  *
1667  * Returns Zero if a valid authentication token was retrieved and
1668  * processed; negative value for file not encrypted or for error
1669  * conditions.
1670  */
1671 int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
1672                               unsigned char *src,
1673                               struct dentry *ecryptfs_dentry)
1674 {
1675         size_t i = 0;
1676         size_t found_auth_tok;
1677         size_t next_packet_is_auth_tok_packet;
1678         struct list_head auth_tok_list;
1679         struct ecryptfs_auth_tok *matching_auth_tok;
1680         struct ecryptfs_auth_tok *candidate_auth_tok;
1681         char *candidate_auth_tok_sig;
1682         size_t packet_size;
1683         struct ecryptfs_auth_tok *new_auth_tok;
1684         unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE];
1685         struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
1686         size_t tag_11_contents_size;
1687         size_t tag_11_packet_size;
1688         int rc = 0;
1689
1690         INIT_LIST_HEAD(&auth_tok_list);
1691         /* Parse the header to find as many packets as we can; these will be
1692          * added the our &auth_tok_list */
1693         next_packet_is_auth_tok_packet = 1;
1694         while (next_packet_is_auth_tok_packet) {
1695                 size_t max_packet_size = ((PAGE_CACHE_SIZE - 8) - i);
1696
1697                 switch (src[i]) {
1698                 case ECRYPTFS_TAG_3_PACKET_TYPE:
1699                         rc = parse_tag_3_packet(crypt_stat,
1700                                                 (unsigned char *)&src[i],
1701                                                 &auth_tok_list, &new_auth_tok,
1702                                                 &packet_size, max_packet_size);
1703                         if (rc) {
1704                                 ecryptfs_printk(KERN_ERR, "Error parsing "
1705                                                 "tag 3 packet\n");
1706                                 rc = -EIO;
1707                                 goto out_wipe_list;
1708                         }
1709                         i += packet_size;
1710                         rc = parse_tag_11_packet((unsigned char *)&src[i],
1711                                                  sig_tmp_space,
1712                                                  ECRYPTFS_SIG_SIZE,
1713                                                  &tag_11_contents_size,
1714                                                  &tag_11_packet_size,
1715                                                  max_packet_size);
1716                         if (rc) {
1717                                 ecryptfs_printk(KERN_ERR, "No valid "
1718                                                 "(ecryptfs-specific) literal "
1719                                                 "packet containing "
1720                                                 "authentication token "
1721                                                 "signature found after "
1722                                                 "tag 3 packet\n");
1723                                 rc = -EIO;
1724                                 goto out_wipe_list;
1725                         }
1726                         i += tag_11_packet_size;
1727                         if (ECRYPTFS_SIG_SIZE != tag_11_contents_size) {
1728                                 ecryptfs_printk(KERN_ERR, "Expected "
1729                                                 "signature of size [%d]; "
1730                                                 "read size [%d]\n",
1731                                                 ECRYPTFS_SIG_SIZE,
1732                                                 tag_11_contents_size);
1733                                 rc = -EIO;
1734                                 goto out_wipe_list;
1735                         }
1736                         ecryptfs_to_hex(new_auth_tok->token.password.signature,
1737                                         sig_tmp_space, tag_11_contents_size);
1738                         new_auth_tok->token.password.signature[
1739                                 ECRYPTFS_PASSWORD_SIG_SIZE] = '\0';
1740                         crypt_stat->flags |= ECRYPTFS_ENCRYPTED;
1741                         break;
1742                 case ECRYPTFS_TAG_1_PACKET_TYPE:
1743                         rc = parse_tag_1_packet(crypt_stat,
1744                                                 (unsigned char *)&src[i],
1745                                                 &auth_tok_list, &new_auth_tok,
1746                                                 &packet_size, max_packet_size);
1747                         if (rc) {
1748                                 ecryptfs_printk(KERN_ERR, "Error parsing "
1749                                                 "tag 1 packet\n");
1750                                 rc = -EIO;
1751                                 goto out_wipe_list;
1752                         }
1753                         i += packet_size;
1754                         crypt_stat->flags |= ECRYPTFS_ENCRYPTED;
1755                         break;
1756                 case ECRYPTFS_TAG_11_PACKET_TYPE:
1757                         ecryptfs_printk(KERN_WARNING, "Invalid packet set "
1758                                         "(Tag 11 not allowed by itself)\n");
1759                         rc = -EIO;
1760                         goto out_wipe_list;
1761                         break;
1762                 default:
1763                         ecryptfs_printk(KERN_DEBUG, "No packet at offset "
1764                                         "[%d] of the file header; hex value of "
1765                                         "character is [0x%.2x]\n", i, src[i]);
1766                         next_packet_is_auth_tok_packet = 0;
1767                 }
1768         }
1769         if (list_empty(&auth_tok_list)) {
1770                 printk(KERN_ERR "The lower file appears to be a non-encrypted "
1771                        "eCryptfs file; this is not supported in this version "
1772                        "of the eCryptfs kernel module\n");
1773                 rc = -EINVAL;
1774                 goto out;
1775         }
1776         /* auth_tok_list contains the set of authentication tokens
1777          * parsed from the metadata. We need to find a matching
1778          * authentication token that has the secret component(s)
1779          * necessary to decrypt the EFEK in the auth_tok parsed from
1780          * the metadata. There may be several potential matches, but
1781          * just one will be sufficient to decrypt to get the FEK. */
1782 find_next_matching_auth_tok:
1783         found_auth_tok = 0;
1784         list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) {
1785                 candidate_auth_tok = &auth_tok_list_item->auth_tok;
1786                 if (unlikely(ecryptfs_verbosity > 0)) {
1787                         ecryptfs_printk(KERN_DEBUG,
1788                                         "Considering cadidate auth tok:\n");
1789                         ecryptfs_dump_auth_tok(candidate_auth_tok);
1790                 }
1791                 rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig,
1792                                                candidate_auth_tok);
1793                 if (rc) {
1794                         printk(KERN_ERR
1795                                "Unrecognized candidate auth tok type: [%d]\n",
1796                                candidate_auth_tok->token_type);
1797                         rc = -EINVAL;
1798                         goto out_wipe_list;
1799                 }
1800                 ecryptfs_find_auth_tok_for_sig(&matching_auth_tok,
1801                                                crypt_stat->mount_crypt_stat,
1802                                                candidate_auth_tok_sig);
1803                 if (matching_auth_tok) {
1804                         found_auth_tok = 1;
1805                         goto found_matching_auth_tok;
1806                 }
1807         }
1808         if (!found_auth_tok) {
1809                 ecryptfs_printk(KERN_ERR, "Could not find a usable "
1810                                 "authentication token\n");
1811                 rc = -EIO;
1812                 goto out_wipe_list;
1813         }
1814 found_matching_auth_tok:
1815         if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
1816                 memcpy(&(candidate_auth_tok->token.private_key),
1817                        &(matching_auth_tok->token.private_key),
1818                        sizeof(struct ecryptfs_private_key));
1819                 rc = decrypt_pki_encrypted_session_key(candidate_auth_tok,
1820                                                        crypt_stat);
1821         } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) {
1822                 memcpy(&(candidate_auth_tok->token.password),
1823                        &(matching_auth_tok->token.password),
1824                        sizeof(struct ecryptfs_password));
1825                 rc = decrypt_passphrase_encrypted_session_key(
1826                         candidate_auth_tok, crypt_stat);
1827         }
1828         if (rc) {
1829                 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp;
1830
1831                 ecryptfs_printk(KERN_WARNING, "Error decrypting the "
1832                                 "session key for authentication token with sig "
1833                                 "[%.*s]; rc = [%d]. Removing auth tok "
1834                                 "candidate from the list and searching for "
1835                                 "the next match.\n", candidate_auth_tok_sig,
1836                                 ECRYPTFS_SIG_SIZE_HEX, rc);
1837                 list_for_each_entry_safe(auth_tok_list_item,
1838                                          auth_tok_list_item_tmp,
1839                                          &auth_tok_list, list) {
1840                         if (candidate_auth_tok
1841                             == &auth_tok_list_item->auth_tok) {
1842                                 list_del(&auth_tok_list_item->list);
1843                                 kmem_cache_free(
1844                                         ecryptfs_auth_tok_list_item_cache,
1845                                         auth_tok_list_item);
1846                                 goto find_next_matching_auth_tok;
1847                         }
1848                 }
1849                 BUG();
1850         }
1851         rc = ecryptfs_compute_root_iv(crypt_stat);
1852         if (rc) {
1853                 ecryptfs_printk(KERN_ERR, "Error computing "
1854                                 "the root IV\n");
1855                 goto out_wipe_list;
1856         }
1857         rc = ecryptfs_init_crypt_ctx(crypt_stat);
1858         if (rc) {
1859                 ecryptfs_printk(KERN_ERR, "Error initializing crypto "
1860                                 "context for cipher [%s]; rc = [%d]\n",
1861                                 crypt_stat->cipher, rc);
1862         }
1863 out_wipe_list:
1864         wipe_auth_tok_list(&auth_tok_list);
1865 out:
1866         return rc;
1867 }
1868
1869 static int
1870 pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok,
1871                         struct ecryptfs_crypt_stat *crypt_stat,
1872                         struct ecryptfs_key_record *key_rec)
1873 {
1874         struct ecryptfs_msg_ctx *msg_ctx = NULL;
1875         char *payload = NULL;
1876         size_t payload_len;
1877         struct ecryptfs_message *msg;
1878         int rc;
1879
1880         rc = write_tag_66_packet(auth_tok->token.private_key.signature,
1881                                  ecryptfs_code_for_cipher_string(
1882                                          crypt_stat->cipher,
1883                                          crypt_stat->key_size),
1884                                  crypt_stat, &payload, &payload_len);
1885         if (rc) {
1886                 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n");
1887                 goto out;
1888         }
1889         rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
1890         if (rc) {
1891                 ecryptfs_printk(KERN_ERR, "Error sending message to "
1892                                 "ecryptfsd\n");
1893                 goto out;
1894         }
1895         rc = ecryptfs_wait_for_response(msg_ctx, &msg);
1896         if (rc) {
1897                 ecryptfs_printk(KERN_ERR, "Failed to receive tag 67 packet "
1898                                 "from the user space daemon\n");
1899                 rc = -EIO;
1900                 goto out;
1901         }
1902         rc = parse_tag_67_packet(key_rec, msg);
1903         if (rc)
1904                 ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n");
1905         kfree(msg);
1906 out:
1907         kfree(payload);
1908         return rc;
1909 }
1910 /**
1911  * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet
1912  * @dest: Buffer into which to write the packet
1913  * @remaining_bytes: Maximum number of bytes that can be writtn
1914  * @auth_tok: The authentication token used for generating the tag 1 packet
1915  * @crypt_stat: The cryptographic context
1916  * @key_rec: The key record struct for the tag 1 packet
1917  * @packet_size: This function will write the number of bytes that end
1918  *               up constituting the packet; set to zero on error
1919  *
1920  * Returns zero on success; non-zero on error.
1921  */
1922 static int
1923 write_tag_1_packet(char *dest, size_t *remaining_bytes,
1924                    struct ecryptfs_auth_tok *auth_tok,
1925                    struct ecryptfs_crypt_stat *crypt_stat,
1926                    struct ecryptfs_key_record *key_rec, size_t *packet_size)
1927 {
1928         size_t i;
1929         size_t encrypted_session_key_valid = 0;
1930         size_t packet_size_length;
1931         size_t max_packet_size;
1932         int rc = 0;
1933
1934         (*packet_size) = 0;
1935         ecryptfs_from_hex(key_rec->sig, auth_tok->token.private_key.signature,
1936                           ECRYPTFS_SIG_SIZE);
1937         encrypted_session_key_valid = 0;
1938         for (i = 0; i < crypt_stat->key_size; i++)
1939                 encrypted_session_key_valid |=
1940                         auth_tok->session_key.encrypted_key[i];
1941         if (encrypted_session_key_valid) {
1942                 memcpy(key_rec->enc_key,
1943                        auth_tok->session_key.encrypted_key,
1944                        auth_tok->session_key.encrypted_key_size);
1945                 goto encrypted_session_key_set;
1946         }
1947         if (auth_tok->session_key.encrypted_key_size == 0)
1948                 auth_tok->session_key.encrypted_key_size =
1949                         auth_tok->token.private_key.key_size;
1950         rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec);
1951         if (rc) {
1952                 printk(KERN_ERR "Failed to encrypt session key via a key "
1953                        "module; rc = [%d]\n", rc);
1954                 goto out;
1955         }
1956         if (ecryptfs_verbosity > 0) {
1957                 ecryptfs_printk(KERN_DEBUG, "Encrypted key:\n");
1958                 ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size);
1959         }
1960 encrypted_session_key_set:
1961         /* This format is inspired by OpenPGP; see RFC 2440
1962          * packet tag 1 */
1963         max_packet_size = (1                         /* Tag 1 identifier */
1964                            + 3                       /* Max Tag 1 packet size */
1965                            + 1                       /* Version */
1966                            + ECRYPTFS_SIG_SIZE       /* Key identifier */
1967                            + 1                       /* Cipher identifier */
1968                            + key_rec->enc_key_size); /* Encrypted key size */
1969         if (max_packet_size > (*remaining_bytes)) {
1970                 printk(KERN_ERR "Packet length larger than maximum allowable; "
1971                        "need up to [%td] bytes, but there are only [%td] "
1972                        "available\n", max_packet_size, (*remaining_bytes));
1973                 rc = -EINVAL;
1974                 goto out;
1975         }
1976         dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE;
1977         rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
1978                                           (max_packet_size - 4),
1979                                           &packet_size_length);
1980         if (rc) {
1981                 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet "
1982                                 "header; cannot generate packet length\n");
1983                 goto out;
1984         }
1985         (*packet_size) += packet_size_length;
1986         dest[(*packet_size)++] = 0x03; /* version 3 */
1987         memcpy(&dest[(*packet_size)], key_rec->sig, ECRYPTFS_SIG_SIZE);
1988         (*packet_size) += ECRYPTFS_SIG_SIZE;
1989         dest[(*packet_size)++] = RFC2440_CIPHER_RSA;
1990         memcpy(&dest[(*packet_size)], key_rec->enc_key,
1991                key_rec->enc_key_size);
1992         (*packet_size) += key_rec->enc_key_size;
1993 out:
1994         if (rc)
1995                 (*packet_size) = 0;
1996         else
1997                 (*remaining_bytes) -= (*packet_size);
1998         return rc;
1999 }
2000
2001 /**
2002  * write_tag_11_packet
2003  * @dest: Target into which Tag 11 packet is to be written
2004  * @remaining_bytes: Maximum packet length
2005  * @contents: Byte array of contents to copy in
2006  * @contents_length: Number of bytes in contents
2007  * @packet_length: Length of the Tag 11 packet written; zero on error
2008  *
2009  * Returns zero on success; non-zero on error.
2010  */
2011 static int
2012 write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents,
2013                     size_t contents_length, size_t *packet_length)
2014 {
2015         size_t packet_size_length;
2016         size_t max_packet_size;
2017         int rc = 0;
2018
2019         (*packet_length) = 0;
2020         /* This format is inspired by OpenPGP; see RFC 2440
2021          * packet tag 11 */
2022         max_packet_size = (1                   /* Tag 11 identifier */
2023                            + 3                 /* Max Tag 11 packet size */
2024                            + 1                 /* Binary format specifier */
2025                            + 1                 /* Filename length */
2026                            + 8                 /* Filename ("_CONSOLE") */
2027                            + 4                 /* Modification date */
2028                            + contents_length); /* Literal data */
2029         if (max_packet_size > (*remaining_bytes)) {
2030                 printk(KERN_ERR "Packet length larger than maximum allowable; "
2031                        "need up to [%td] bytes, but there are only [%td] "
2032                        "available\n", max_packet_size, (*remaining_bytes));
2033                 rc = -EINVAL;
2034                 goto out;
2035         }
2036         dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE;
2037         rc = ecryptfs_write_packet_length(&dest[(*packet_length)],
2038                                           (max_packet_size - 4),
2039                                           &packet_size_length);
2040         if (rc) {
2041                 printk(KERN_ERR "Error generating tag 11 packet header; cannot "
2042                        "generate packet length. rc = [%d]\n", rc);
2043                 goto out;
2044         }
2045         (*packet_length) += packet_size_length;
2046         dest[(*packet_length)++] = 0x62; /* binary data format specifier */
2047         dest[(*packet_length)++] = 8;
2048         memcpy(&dest[(*packet_length)], "_CONSOLE", 8);
2049         (*packet_length) += 8;
2050         memset(&dest[(*packet_length)], 0x00, 4);
2051         (*packet_length) += 4;
2052         memcpy(&dest[(*packet_length)], contents, contents_length);
2053         (*packet_length) += contents_length;
2054  out:
2055         if (rc)
2056                 (*packet_length) = 0;
2057         else
2058                 (*remaining_bytes) -= (*packet_length);
2059         return rc;
2060 }
2061
2062 /**
2063  * write_tag_3_packet
2064  * @dest: Buffer into which to write the packet
2065  * @remaining_bytes: Maximum number of bytes that can be written
2066  * @auth_tok: Authentication token
2067  * @crypt_stat: The cryptographic context
2068  * @key_rec: encrypted key
2069  * @packet_size: This function will write the number of bytes that end
2070  *               up constituting the packet; set to zero on error
2071  *
2072  * Returns zero on success; non-zero on error.
2073  */
2074 static int
2075 write_tag_3_packet(char *dest, size_t *remaining_bytes,
2076                    struct ecryptfs_auth_tok *auth_tok,
2077                    struct ecryptfs_crypt_stat *crypt_stat,
2078                    struct ecryptfs_key_record *key_rec, size_t *packet_size)
2079 {
2080         size_t i;
2081         size_t encrypted_session_key_valid = 0;
2082         char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES];
2083         struct scatterlist dst_sg[2];
2084         struct scatterlist src_sg[2];
2085         struct mutex *tfm_mutex = NULL;
2086         u8 cipher_code;
2087         size_t packet_size_length;
2088         size_t max_packet_size;
2089         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
2090                 crypt_stat->mount_crypt_stat;
2091         struct blkcipher_desc desc = {
2092                 .tfm = NULL,
2093                 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
2094         };
2095         int rc = 0;
2096
2097         (*packet_size) = 0;
2098         ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature,
2099                           ECRYPTFS_SIG_SIZE);
2100         rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex,
2101                                                         crypt_stat->cipher);
2102         if (unlikely(rc)) {
2103                 printk(KERN_ERR "Internal error whilst attempting to get "
2104                        "tfm and mutex for cipher name [%s]; rc = [%d]\n",
2105                        crypt_stat->cipher, rc);
2106                 goto out;
2107         }
2108         if (mount_crypt_stat->global_default_cipher_key_size == 0) {
2109                 struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm);
2110
2111                 printk(KERN_WARNING "No key size specified at mount; "
2112                        "defaulting to [%d]\n", alg->max_keysize);
2113                 mount_crypt_stat->global_default_cipher_key_size =
2114                         alg->max_keysize;
2115         }
2116         if (crypt_stat->key_size == 0)
2117                 crypt_stat->key_size =
2118                         mount_crypt_stat->global_default_cipher_key_size;
2119         if (auth_tok->session_key.encrypted_key_size == 0)
2120                 auth_tok->session_key.encrypted_key_size =
2121                         crypt_stat->key_size;
2122         if (crypt_stat->key_size == 24
2123             && strcmp("aes", crypt_stat->cipher) == 0) {
2124                 memset((crypt_stat->key + 24), 0, 8);
2125                 auth_tok->session_key.encrypted_key_size = 32;
2126         } else
2127                 auth_tok->session_key.encrypted_key_size = crypt_stat->key_size;
2128         key_rec->enc_key_size =
2129                 auth_tok->session_key.encrypted_key_size;
2130         encrypted_session_key_valid = 0;
2131         for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++)
2132                 encrypted_session_key_valid |=
2133                         auth_tok->session_key.encrypted_key[i];
2134         if (encrypted_session_key_valid) {
2135                 ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; "
2136                                 "using auth_tok->session_key.encrypted_key, "
2137                                 "where key_rec->enc_key_size = [%d]\n",
2138                                 key_rec->enc_key_size);
2139                 memcpy(key_rec->enc_key,
2140                        auth_tok->session_key.encrypted_key,
2141                        key_rec->enc_key_size);
2142                 goto encrypted_session_key_set;
2143         }
2144         if (auth_tok->token.password.flags &
2145             ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) {
2146                 ecryptfs_printk(KERN_DEBUG, "Using previously generated "
2147                                 "session key encryption key of size [%d]\n",
2148                                 auth_tok->token.password.
2149                                 session_key_encryption_key_bytes);
2150                 memcpy(session_key_encryption_key,
2151                        auth_tok->token.password.session_key_encryption_key,
2152                        crypt_stat->key_size);
2153                 ecryptfs_printk(KERN_DEBUG,
2154                                 "Cached session key " "encryption key: \n");
2155                 if (ecryptfs_verbosity > 0)
2156                         ecryptfs_dump_hex(session_key_encryption_key, 16);
2157         }
2158         if (unlikely(ecryptfs_verbosity > 0)) {
2159                 ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n");
2160                 ecryptfs_dump_hex(session_key_encryption_key, 16);
2161         }
2162         rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size,
2163                                  src_sg, 2);
2164         if (rc < 1 || rc > 2) {
2165                 ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
2166                                 "for crypt_stat session key; expected rc = 1; "
2167                                 "got rc = [%d]. key_rec->enc_key_size = [%d]\n",
2168                                 rc, key_rec->enc_key_size);
2169                 rc = -ENOMEM;
2170                 goto out;
2171         }
2172         rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size,
2173                                  dst_sg, 2);
2174         if (rc < 1 || rc > 2) {
2175                 ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
2176                                 "for crypt_stat encrypted session key; "
2177                                 "expected rc = 1; got rc = [%d]. "
2178                                 "key_rec->enc_key_size = [%d]\n", rc,
2179                                 key_rec->enc_key_size);
2180                 rc = -ENOMEM;
2181                 goto out;
2182         }
2183         mutex_lock(tfm_mutex);
2184         rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key,
2185                                      crypt_stat->key_size);
2186         if (rc < 0) {
2187                 mutex_unlock(tfm_mutex);
2188                 ecryptfs_printk(KERN_ERR, "Error setting key for crypto "
2189                                 "context; rc = [%d]\n", rc);
2190                 goto out;
2191         }
2192         rc = 0;
2193         ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n",
2194                         crypt_stat->key_size);
2195         rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg,
2196                                       (*key_rec).enc_key_size);
2197         mutex_unlock(tfm_mutex);
2198         if (rc) {
2199                 printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc);
2200                 goto out;
2201         }
2202         ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n");
2203         if (ecryptfs_verbosity > 0) {
2204                 ecryptfs_printk(KERN_DEBUG, "EFEK of size [%d]:\n",
2205                                 key_rec->enc_key_size);
2206                 ecryptfs_dump_hex(key_rec->enc_key,
2207                                   key_rec->enc_key_size);
2208         }
2209 encrypted_session_key_set:
2210         /* This format is inspired by OpenPGP; see RFC 2440
2211          * packet tag 3 */
2212         max_packet_size = (1                         /* Tag 3 identifier */
2213                            + 3                       /* Max Tag 3 packet size */
2214                            + 1                       /* Version */
2215                            + 1                       /* Cipher code */
2216                            + 1                       /* S2K specifier */
2217                            + 1                       /* Hash identifier */
2218                            + ECRYPTFS_SALT_SIZE      /* Salt */
2219                            + 1                       /* Hash iterations */
2220                            + key_rec->enc_key_size); /* Encrypted key size */
2221         if (max_packet_size > (*remaining_bytes)) {
2222                 printk(KERN_ERR "Packet too large; need up to [%td] bytes, but "
2223                        "there are only [%td] available\n", max_packet_size,
2224                        (*remaining_bytes));
2225                 rc = -EINVAL;
2226                 goto out;
2227         }
2228         dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE;
2229         /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3)
2230          * to get the number of octets in the actual Tag 3 packet */
2231         rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
2232                                           (max_packet_size - 4),
2233                                           &packet_size_length);
2234         if (rc) {
2235                 printk(KERN_ERR "Error generating tag 3 packet header; cannot "
2236                        "generate packet length. rc = [%d]\n", rc);
2237                 goto out;
2238         }
2239         (*packet_size) += packet_size_length;
2240         dest[(*packet_size)++] = 0x04; /* version 4 */
2241         /* TODO: Break from RFC2440 so that arbitrary ciphers can be
2242          * specified with strings */
2243         cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher,
2244                                                       crypt_stat->key_size);
2245         if (cipher_code == 0) {
2246                 ecryptfs_printk(KERN_WARNING, "Unable to generate code for "
2247                                 "cipher [%s]\n", crypt_stat->cipher);
2248                 rc = -EINVAL;
2249                 goto out;
2250         }
2251         dest[(*packet_size)++] = cipher_code;
2252         dest[(*packet_size)++] = 0x03;  /* S2K */
2253         dest[(*packet_size)++] = 0x01;  /* MD5 (TODO: parameterize) */
2254         memcpy(&dest[(*packet_size)], auth_tok->token.password.salt,
2255                ECRYPTFS_SALT_SIZE);
2256         (*packet_size) += ECRYPTFS_SALT_SIZE;   /* salt */
2257         dest[(*packet_size)++] = 0x60;  /* hash iterations (65536) */
2258         memcpy(&dest[(*packet_size)], key_rec->enc_key,
2259                key_rec->enc_key_size);
2260         (*packet_size) += key_rec->enc_key_size;
2261 out:
2262         if (rc)
2263                 (*packet_size) = 0;
2264         else
2265                 (*remaining_bytes) -= (*packet_size);
2266         return rc;
2267 }
2268
2269 struct kmem_cache *ecryptfs_key_record_cache;
2270
2271 /**
2272  * ecryptfs_generate_key_packet_set
2273  * @dest_base: Virtual address from which to write the key record set
2274  * @crypt_stat: The cryptographic context from which the
2275  *              authentication tokens will be retrieved
2276  * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat
2277  *                   for the global parameters
2278  * @len: The amount written
2279  * @max: The maximum amount of data allowed to be written
2280  *
2281  * Generates a key packet set and writes it to the virtual address
2282  * passed in.
2283  *
2284  * Returns zero on success; non-zero on error.
2285  */
2286 int
2287 ecryptfs_generate_key_packet_set(char *dest_base,
2288                                  struct ecryptfs_crypt_stat *crypt_stat,
2289                                  struct dentry *ecryptfs_dentry, size_t *len,
2290                                  size_t max)
2291 {
2292         struct ecryptfs_auth_tok *auth_tok;
2293         struct ecryptfs_global_auth_tok *global_auth_tok;
2294         struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
2295                 &ecryptfs_superblock_to_private(
2296                         ecryptfs_dentry->d_sb)->mount_crypt_stat;
2297         size_t written;
2298         struct ecryptfs_key_record *key_rec;
2299         struct ecryptfs_key_sig *key_sig;
2300         int rc = 0;
2301
2302         (*len) = 0;
2303         mutex_lock(&crypt_stat->keysig_list_mutex);
2304         key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL);
2305         if (!key_rec) {
2306                 rc = -ENOMEM;
2307                 goto out;
2308         }
2309         list_for_each_entry(key_sig, &crypt_stat->keysig_list,
2310                             crypt_stat_list) {
2311                 memset(key_rec, 0, sizeof(*key_rec));
2312                 rc = ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok,
2313                                                            mount_crypt_stat,
2314                                                            key_sig->keysig);
2315                 if (rc) {
2316                         printk(KERN_ERR "Error attempting to get the global "
2317                                "auth_tok; rc = [%d]\n", rc);
2318                         goto out_free;
2319                 }
2320                 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID) {
2321                         printk(KERN_WARNING
2322                                "Skipping invalid auth tok with sig = [%s]\n",
2323                                global_auth_tok->sig);
2324                         continue;
2325                 }
2326                 auth_tok = global_auth_tok->global_auth_tok;
2327                 if (auth_tok->token_type == ECRYPTFS_PASSWORD) {
2328                         rc = write_tag_3_packet((dest_base + (*len)),
2329                                                 &max, auth_tok,
2330                                                 crypt_stat, key_rec,
2331                                                 &written);
2332                         if (rc) {
2333                                 ecryptfs_printk(KERN_WARNING, "Error "
2334                                                 "writing tag 3 packet\n");
2335                                 goto out_free;
2336                         }
2337                         (*len) += written;
2338                         /* Write auth tok signature packet */
2339                         rc = write_tag_11_packet((dest_base + (*len)), &max,
2340                                                  key_rec->sig,
2341                                                  ECRYPTFS_SIG_SIZE, &written);
2342                         if (rc) {
2343                                 ecryptfs_printk(KERN_ERR, "Error writing "
2344                                                 "auth tok signature packet\n");
2345                                 goto out_free;
2346                         }
2347                         (*len) += written;
2348                 } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
2349                         rc = write_tag_1_packet(dest_base + (*len),
2350                                                 &max, auth_tok,
2351                                                 crypt_stat, key_rec, &written);
2352                         if (rc) {
2353                                 ecryptfs_printk(KERN_WARNING, "Error "
2354                                                 "writing tag 1 packet\n");
2355                                 goto out_free;
2356                         }
2357                         (*len) += written;
2358                 } else {
2359                         ecryptfs_printk(KERN_WARNING, "Unsupported "
2360                                         "authentication token type\n");
2361                         rc = -EINVAL;
2362                         goto out_free;
2363                 }
2364         }
2365         if (likely(max > 0)) {
2366                 dest_base[(*len)] = 0x00;
2367         } else {
2368                 ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n");
2369                 rc = -EIO;
2370         }
2371 out_free:
2372         kmem_cache_free(ecryptfs_key_record_cache, key_rec);
2373 out:
2374         if (rc)
2375                 (*len) = 0;
2376         mutex_unlock(&crypt_stat->keysig_list_mutex);
2377         return rc;
2378 }
2379
2380 struct kmem_cache *ecryptfs_key_sig_cache;
2381
2382 int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig)
2383 {
2384         struct ecryptfs_key_sig *new_key_sig;
2385
2386         new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL);
2387         if (!new_key_sig) {
2388                 printk(KERN_ERR
2389                        "Error allocating from ecryptfs_key_sig_cache\n");
2390                 return -ENOMEM;
2391         }
2392         memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX);
2393         /* Caller must hold keysig_list_mutex */
2394         list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list);
2395
2396         return 0;
2397 }
2398
2399 struct kmem_cache *ecryptfs_global_auth_tok_cache;
2400
2401 int
2402 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
2403                              char *sig, u32 global_auth_tok_flags)
2404 {
2405         struct ecryptfs_global_auth_tok *new_auth_tok;
2406         int rc = 0;
2407
2408         new_auth_tok = kmem_cache_zalloc(ecryptfs_global_auth_tok_cache,
2409                                         GFP_KERNEL);
2410         if (!new_auth_tok) {
2411                 rc = -ENOMEM;
2412                 printk(KERN_ERR "Error allocating from "
2413                        "ecryptfs_global_auth_tok_cache\n");
2414                 goto out;
2415         }
2416         memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX);
2417         new_auth_tok->flags = global_auth_tok_flags;
2418         new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
2419         mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
2420         list_add(&new_auth_tok->mount_crypt_stat_list,
2421                  &mount_crypt_stat->global_auth_tok_list);
2422         mount_crypt_stat->num_global_auth_toks++;
2423         mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
2424 out:
2425         return rc;
2426 }
2427

lp:~ecryptfs/ecryptfs/ecryptfs-utils updated on 2010-02-17

462. By Dustin Kirkland  on 2009-10-14

open 82 for development

Signed-off-by: Dustin Kirkland <email address hidden>

463. By Dustin Kirkland  on 2009-10-14

src/utils/ecryptfs-setup-private: fix bug where setup-private
incorrectly assumed that the home/private dir ownerships should
be owned by USER:USER; instead, default to USER:GROUP, where
GROUP is the USER's primary group by default, LP: #445301

464. By Dustin Kirkland  on 2009-10-20

src/utils/ecryptfs-setup-private: fix typo, s/getext/gettext, LP: #456565

465. By Dustin Kirkland  on 2009-10-21

* src/utils/ecryptfs-setup-private, debian/control: LP: #456565
- fix typo, s/getext/gettext
- depend on gettext-base

466. By Dustin Kirkland  on 2009-11-02

src/utils/ecryptfs-setup-private: fix printing of error strings,
which was broken by the gettext integration, LP: #471725

467. By Dustin Kirkland  on 2009-11-02

  which was broken by the gettext integration, LP: #471725;
  in doing so, use $() in place of ``, use '' for gettext arguments,
  and wrap gettext in "", like this: foo="$(gettext 'blah blah')"

468. By Dustin Kirkland  on 2009-11-10

* debian/control: one package per line, helps tremendously when looking
at diffs
* debian/copyright: Add new fields
* debian/ecryptfs-utils.postinst: minor set -e change

469. By Dustin Kirkland  on 2009-11-10

releasing version 82

470. By Dustin Kirkland  on 2009-11-10

add release instructions

Signed-off-by: Dustin Kirkland <email address hidden>

471. By Dustin Kirkland <kirkland@x200> on 2010-02-06

* libecryptfs/key_management.c, utils/mount.ecryptfs_private.c:
- use the session keyring, rather than the user keyring, such that
keys are automatically cleared on logout

472. By Dustin Kirkland <kirkland@x200> on 2010-02-07

src/pam_ecryptfs/pam_ecryptfs.c, src/utils/Makefile.am,
src/utils/ecryptfs-migrate-home: add a script and pam hooks to
support automatic migration to encrypted home directory

473. By Dustin Kirkland <kirkland@x200> on 2010-02-16

add uid arg to wrap_passphrase_if_necessary

474. By Dustin Kirkland <kirkland@x200> on 2010-02-16

revert -r471, not quite ready for this yet

475. By Dustin Kirkland <kirkland@x200> on 2010-02-16

move wrap_passphrase_if_necessary() definition up before first use

476. By Dustin Kirkland <kirkland@x200> on 2010-02-17

* src/utils/ecryptfs-migrate-home: clean up for merge
  - use $() rather than ``
  - drop set -u
  - use = and !=, and quote vars, rather than testing with -ne, -eq,
    for better shell portability
  - improve usage statement and error text

477. By Dustin Kirkland <kirkland@x200> on 2010-02-17

- check if already encrypted
- handle migration of multiple users on boot

478. By Dustin Kirkland <kirkland@x200> on 2010-02-17

fix all whitespace, use tabs for indents

479. By Dustin Kirkland <kirkland@x200> on 2010-02-17

use quotes around variables, rather than ${} (stylistic preference)

480. By Dustin Kirkland <kirkland@x200> on 2010-02-17

  - major simplification for immediate release
    + remove boot and user modes; only support administrator mode for
      security reasons and to avoid race conditions
    + other modes can be re-added, if necessary, and if security
      concerns can be addressed

481. By Dustin Kirkland <kirkland@x200> on 2010-02-17

src/utils/Makefile.am: install to /usr/sbin, since this is an
administrative utility

482. By Dustin Kirkland <kirkland@x200> on 2010-02-17

ensure running as root

483. By Dustin Kirkland <kirkland@x200> on 2010-02-17

revert sbin change, as it installed to /sbin instead of /usr/sbin

484. By Dustin Kirkland <kirkland@x200> on 2010-02-17

drop verbose option, always print useful info messages

485. By Dustin Kirkland <kirkland@x200> on 2010-02-17

call the user $USER_NAME rather than $USER_ID since id implies
number, and here we're deailing with names

486. By Dustin Kirkland <kirkland@x200> on 2010-02-17

no decimals on awk calculation

487. By Dustin Kirkland <kirkland@x200> on 2010-02-17

mktemp on the target user, not root

488. By Dustin Kirkland <kirkland@x200> on 2010-02-17

drop VERBOSE option, always print useful info messages

489. By Dustin Kirkland <kirkland@x200> on 2010-02-17

check that there is enough disk space available to do the migration

490. By Dustin Kirkland <kirkland@x200> on 2010-02-17

ensure the user's homedir group is correct

491. By Dustin Kirkland <kirkland@x200> on 2010-02-17

add critical instructions, user *must* login after the migration and
before the reboot, as their wrapped passphrase will be cleared on
reboot (possible we should use an init script to move these to
/var/tmp on reboot)

492. By Dustin Kirkland <kirkland@x200> on 2010-02-17

ensure permissions are set correctly

493. By Dustin Kirkland <kirkland@x200> on 2010-02-17

fix versioning

494. By Dustin Kirkland <kirkland@x200> on 2010-02-17

debian/ecryptfs-utils.upstart, debian/rules: try to protect migrating
users who don't login before the next reboot

495. By Dustin Kirkland <kirkland@x200> on 2010-02-17

* ecryptfs-utils.ecryptfs-utils-restore.upstart,
ecryptfs-utils.ecryptfs-utils-save.upstart, rules:
- try to protect migrating users who don't login before the next reboot

496. By Dustin Kirkland <kirkland@x200> on 2010-02-17

improve text at the end of the migration

497. By Dustin Kirkland <kirkland@x200> on 2010-02-17

src/desktop/ecryptfs-record-passphrase: improve text

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2012-04-26:

Is this branch still active at all?

review: Needs Information

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Dustin Kirkland 

Michal Hlavinka

eCryptfs Developers

eCryptfs

Merge lp:~ecryptfs/ecryptfs/ecryptfs-utils into lp:~mhlavink/ecryptfs/20090424

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'README'
 --- README	2009-02-03 08:50:36 +0000
 +++ README	2010-02-17 20:48:18 +0000
@@ -43,11 +43,6 @@
 .0 or higher)
     - Finding its way into some distros
     - Obtainable from <http://people.redhat.com/~dhowells/keyutils>
--  - libgcrypt
--    - Part of most distros; install the development package
--    - If you need to build from source, you probably will want these:
--     - <ftp://ftp.gnupg.org/gcrypt/libgpg-error>
--     - <ftp://ftp.gnupg.org/gcrypt/libgcrypt>
  KERNEL BUILD OPTIONS
 === modified file 'configure.ac'
 --- configure.ac	2009-04-21 23:25:42 +0000
 +++ configure.ac	2010-02-17 20:48:18 +0000
@@ -10,7 +10,7 @@
  AC_PREREQ(2.59)
--AC_INIT([ecryptfs-utils],[74])
++AC_INIT([ecryptfs-utils],[82])
  AC_CANONICAL_HOST
  AC_CANONICAL_TARGET
  AM_INIT_AUTOMAKE([${PACKAGE_NAME}], [${PACKAGE_VERSION}])
@@ -187,14 +187,6 @@
  AC_HEADER_STDC
  AC_CHECK_LIB([dl], [dlopen])
--# Verify gcrypt
--AC_MSG_CHECKING([for libgcrypt])
--AM_PATH_LIBGCRYPT(,,[AC_MSG_ERROR([eCryptfs userspace tools require libgcrypt
--You might find the package at:
--http://directory.fsf.org/security/libgcrypt.html
--])]
--)
--
  # Verify keyutils version 1.0 or higher
  if test -z "${KEYUTILS_LIBS}"; then
  	AC_ARG_VAR([KEYUTILS_CFLAGS], [C compiler flags for keyutils])
@@ -327,7 +319,7 @@
  		AC_CHECK_LIB(
  			[pam_misc],
  			[pam_misc_setenv],
--			[PAM_LIBS="${TSPI_LIBS} -lpam_misc"],
++			[PAM_LIBS="${PAM_LIBS} ${TSPI_LIBS} -lpam_misc"],
  			[AC_MSG_ERROR([Cannot find pam_misc])]
+ 		)
  	fi
@@ -353,13 +345,8 @@
  	rootsbindir="\$(sbindir)"
  fi
--if test "${enable_nss}" == "yes" ; then
--        CRYPTO_CFLAGS=${NSS_CFLAGS}
--	CRYPTO_LIBS=${NSS_LIBS}
--else
--        CRYPTO_CFLAGS=${LIBGCRYPT_CFLAGS}
--	CRYPTO_LIBS=${LIBGCRYPT_LIBS}
--fi
++CRYPTO_CFLAGS=${NSS_CFLAGS}
++CRYPTO_LIBS=${NSS_LIBS}
  AC_SUBST([pamdir])
  AC_SUBST([pamlibdir])
 === modified file 'debian/changelog'
 --- debian/changelog	2009-04-21 23:24:32 +0000
 +++ debian/changelog	2010-02-17 20:48:18 +0000
@@ -1,4 +1,314 @@
--ecryptfs-utils (74) unreleased; urgency=low
++ecryptfs-utils (83) UNRELEASED; urgency=low
++
++  [ Yan Li <yan.i.li@intel.com> ]
++  * src/pam_ecryptfs/pam_ecryptfs.c, src/utils/Makefile.am,
++    src/utils/ecryptfs-migrate-home: add a script and pam hooks to
++    support automatic migration to encrypted home directory
++
++  [ Dustin Kirkland ]
++  * src/utils/ecryptfs-migrate-home: clean up for merge
++    - use $() rather than ``
++    - drop set -u
++    - use = and !=, and quote vars, rather than testing with -ne, -eq,
++      for better shell portability
++    - improve usage statement and error text
++    - check if already encrypted
++    - handle migration of multiple users on boot
++    - fix all whitespace, use tabs for indents
++    - use quotes around variables, rather than ${} (stylistic preference)
++    - major simplification for immediate release
++      + remove boot and user modes; only support administrator mode for
++        security reasons and to avoid race conditions
++      + other modes can be re-added, if necessary, and if security
++        concerns can be addressed
++    - ensure running as root
++    - drop VERBOSE option, always print useful info messages
++    - call the user $USER_NAME rather than $USER_ID since id implies
++      number, and here we're deailing with names
++    - no decimals on awk calculation
++    - mktemp on the target user, not root
++    - check that there is enough disk space available to do the migration
++    - ensure the user's homedir group is correct
++    - add critical instructions, user *must* login after the migration and
++      before the reboot, as their wrapped passphrase will be cleared on
++      reboot (possible we should use an init script to move these to
++      /var/tmp on reboot)
++    - ensure permissions are set correctly
++    - improve text at the end of the migration
++  * ecryptfs-utils.ecryptfs-utils-restore.upstart,
++    ecryptfs-utils.ecryptfs-utils-save.upstart, rules:
++    - try to protect migrating users who don't login before the next reboot
++  * src/desktop/ecryptfs-record-passphrase: improve text
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Sat, 06 Feb 2010 17:48:57 -0600
++
++ecryptfs-utils (82) released; urgency=low
++
++  * src/utils/ecryptfs-setup-private: fix bug where setup-private
++    incorrectly assumed that the home/private dir ownerships should
++    be owned by USER:USER; instead, default to USER:GROUP, where
++    GROUP is the USER's primary group by default, LP: #445301
++  * src/utils/ecryptfs-setup-private, debian/control: LP: #456565
++    - fix typo, s/getext/gettext
++    - depend on gettext-base
++  * src/utils/ecryptfs-setup-private: fix printing of error strings,
++    which was broken by the gettext integration, LP: #471725;
++    in doing so, use $() in place of ``, use '' for gettext arguments,
++    and wrap gettext in "", like this: foo="$(gettext 'blah blah')"
++  * debian/control: one package per line, helps tremendously when looking
++    at diffs
++  * debian/copyright: Add new fields
++  * debian/ecryptfs-utils.postinst: minor set -e change
++
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Tue, 10 Nov 2009 11:31:25 -0600
++
++ecryptfs-utils (81) released; urgency=low
++
++  [ Michael Terry ]
++  * src/utils/ecryptfs-setup=swap: clean up some error message reporting,
++    LP: #430891, #430890
++
++  [ Dustin Kirkland ]
++  * doc/manpage/ecryptfs.7: note the 64-char passphrase limit, LP: #386504
++  * src/utils/ecryptfs-setup-private: minor documentation change
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Fri, 18 Sep 2009 18:46:07 -0500
++
++ecryptfs-utils (80) released; urgency=low
++
++  [ Evan Dandrea ]
++  * src/utils/ecryptfs-setup-swap: allow for setting up encrpyted swap,
++    without activating it immediately, necessary for livecd installations
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Wed, 19 Aug 2009 11:31:03 -0500
++
++ecryptfs-utils (79) released; urgency=low
++
++  [ Dustin Kirkland ]
++  * debian/control: updated bzr and browser urls, bumped standards version
++  * src/pam_ecryptfs/pam_ecryptfs.c: silence useless, oft-shown info
++    message
++  * src/utils/ecryptfs-mount-private, src/utils/ecryptfs-rewrite-file,
++    src/utils/ecryptfs-setup-private, src/utils/ecryptfs-setup-swap,
++    src/utils/ecryptfs-umount-private: use gettext for all string printing,
++    such that we can internationalize ecryptfs
++  * po/POTFILES.sh, po/ecryptfs-utils.pot, po/fr.po, rules: add po to the
++    build system; for now, in the debian/ directory; this should be put in
++    the upstream source tree eventually (but I need some help with the
++    automake/autoconf integration)
++  * ecryptfs-setup-swap: exit(0) if there's no swaps to encrypt, ensures
++    that this script succeeds if there is no swap space that needs to be
++    secured, or if the existing swap space is already secured
++  * doc/manpage/ecryptfs-setup-swap.1, doc/manpage/ecryptfs-stat.1,
++    doc/manpage/umount.ecryptfs.8, doc/manpage/Makefile.am: added manpagess
++  * doc/manpage/ecryptfs.7: fix lintian warning
++  * debian/lintian/ecryptfs-utils: added a lintian overrides file
++  * debian/lintian/ecryptfs-utils, debian/ecryptfs-utils.install: add and
++    install some proper lintian overrides
++  * src/libecryptfs/module_mgr.c: fix typo, LP: #408437
++
++  [ Evan Dandrea ]
++  * ecryptfs-setup-swap: support more than one encrypted swap device
++
++  [ Dorin Scutarașu ]
++  * src/libecryptfs/key_management.c: fix null pointer deref, LP: #409565
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Mon, 17 Aug 2009 11:58:35 -0500
++
++ecryptfs-utils (78) released; urgency=low
++
++  [ James Westby ]
++  * src/libecryptfs/main.c flockfile the filehandle after checking that
++    we were able to successfully open it (LP: #403011)
++  * debian/libecryptfs0.shlibs: bump shlibs dep to 77 since we added new
++    symbols there
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Wed, 22 Jul 2009 11:28:20 -0500
++
++ecryptfs-utils (77) released; urgency=low
++
++  [ Dustin Kirkland ]
++  * src/libecryptfs/key_management.c, src/pam_ecryptfs/pam_ecryptfs.c:
++    revert the zombie code removal from pam_ecryptfs as it seems this
++    bit is still needed; fix the source of the problem introduced in
++    commit r407; check for non-zero return codes; this problem would
++    manifest itself as a) unable to unlock screensaver, b) unable to
++    switch users, c) unable to mount home folder on initial login;
++    LP: #402222, #402029
++  * src/utils/ecryptfs-umount-private: use for loop to loop over key
++    ids on removal
++  * src/utils/mount.ecryptfs_private.c: return non-zero on unmount failure
++    due to open sessions; handle this in ecryptfs-umount-private too; make
++    the flock() blocking; use /dev/shm for counter; add an iterator to the
++    counter file to prevent users from DoS'ing one another from accessing
++    their encrypted directories, LP: #402745
++  * debian/ecryptfs-utils.postinst: move /tmp counters to /dev/shm
++  * configure.ac: link against pam, silence shlib warning
++  * src/include/ecryptfs.h, src/libecryptfs/main.c,
++    src/pam_ecryptfs/pam_ecryptfs.c, src/utils/Makefile.am,
++    src/utils/mount.ecryptfs_private.c: move two functions from
++    mount.ecryptfs_private to libecryptfs, namely is_mounted() and
++    fetch_private_mnt(); use these in both pam_ecryptfs and
++    mount.ecryptfs_private; also move PRIVATE to ECRYPTFS_PRIVATE in
++    the ecryptfs.h headers; this will allow us to short-circuit some of the
++    costly key-loading code on pam_auth if the private dir is already
++    mounted, speeding up some subsequent authentications significantly,
++    LP: #402748
++  * doc/ecryptfs-mount-private.txt: removed the "$" to make copy-n-paste
++    more user friendly
++  * src/utils/ecryptfs-setup-private: when encrypting home, put the
++    .ecryptfs and .Private data in /home/.ecryptfs rather than /var/lib,
++    as users are forgetting to backup /var/lib, and are often putting
++    /home on a separate partition; furthermore, this gives users a place
++    to access their encrypted data for backup, rather than hiding the
++    data below $HOME, LP: #371719
++
++  [ Tyler Hicks ]
++  * src/libecryptfs/cipher_list.c, src/libecryptfs/module_mgr.c:
++    add blowfish/56-bytes to the list of ciphers we officially support,
++    LP: #402790
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Tue, 21 Jul 2009 23:57:33 -0500
++
++ecryptfs-utils (76) released; urgency=low
++
++  [ Dustin Kirkland ]
++  * src/utils/ecryptfs-setup-swap: switch from vol_id to blkid,
++    LP: #376486
++  * debian/ecryptfs-utils.postinst, src/utils/ecryptfs-setup-private:
++    don't echo mount passphrase if running in bootstrap mode; prune
++    potential leakages from install log, LP: #383650
++  * SECURITY UPDATE: mount passphrase recorded in install log (LP: #383650).
++    - debian/ecryptfs-utils.postinst: prune private information from
++      installer log
++    - src/utils/ecryptfs-setup-private: don't echo passphrase if running in
++      bootstrap mode
++    - CVE-2009-1296
++  * src/utils/ecryptfs-setup-private: make some of the lanuage more readable,
++    (thanks, anrxc)
++  * README, configure.ac, debian/control, debian/rules,
++    doc/sourceforge_webpage/README, src/libecryptfs-swig/libecryptfs.py,
++    src/libecryptfs-swig/libecryptfs_wrap.c,
++    src/libecryptfs/key_management.c, src/libecryptfs/libecryptfs.pc.in,
++    src/libecryptfs/main.c, src/pam_ecryptfs/Makefile.am,
++    src/utils/manager.c, src/utils/mount.ecryptfs.c: move build from gcrypt
++    to nss (this change has been pending for some time)
++  * src/utils/ecryptfs-dot-private: dropped, was too hacky
++  * ecryptfs-mount-private.1, ecryptfs-setup-private.1: align the
++    documentation and implementation of the wrapping-independent feature,
++    LP: #383746
++  * src/utils/ecryptfs-umount-private: use keyctl list @u, since keyctl show
++    stopped working, LP: #400484, #395082
++  * src/utils/mount.ecryptfs_private.c: fix counter file locking; solves
++    a longstanding bug about "random" umount caused by cronjobs, LP: #358573
++
++  [ Michal Hlavinka (edits by Dustin Kirkland) ]
++  * doc/manpage/ecryptfs-mount-private.1,
++    doc/manpage/ecryptfs-rewrite-file.1,
++    doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs.7,
++    doc/manpage/mount.ecryptfs_private.1,
++    doc/manpage/umount.ecryptfs_private.1: documentation updated to note
++    possible ecryptfs group membership requirements; Fix ecrypfs.7 man
++    page and key_mod_openssl's error message; fix typo
++  * src/libecryptfs/decision_graph.c: put a finite limit (5 tries) on
++    interactive input; fix memory leaks when asking questions
++  * src/libecryptfs/module_mgr.c: Don't error out with EINVAL when
++    verbosity=0 and some options are missing.
++  * src/utils/umount.ecryptfs.c: no error for missing key when removing it
++  * src/libecryptfs-swig/libecryptfs.i: fix compile werror, cast char*
++  * src/utils/ecryptfs_add_passphrase.c: fix/test/use return codes;
++    return nonzero for --fnek when not supported but used
++  * src/include/ecryptfs.h, src/key_mod/ecryptfs_key_mod_openssl.c,
++    src/libecryptfs/module_mgr.c: refuse mounting with too small rsa
++    key (key_mod_openssl)
++  * src/utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c: fix return
++    codes
++  * src/utils/ecryptfs-rewrite-file: polish output
++  * src/libecryptfs/key_management.c: inform about full keyring; insert fnek
++    sig into keyring if fnek support check fails; don't fail if key already
++    exists in keyring
++  * src/utils/ecryptfs-setup-private: if the ecryptfs group exists, restrict
++    ecryptfs-setup-private to members of this group
++  * src/pam_ecryptfs/pam_ecryptfs.c: dynamically load ecryptfs module by
++    checking ecryptfs version
++  * src/libecryptfs/decision_graph.c, src/utils/io.c,
++    src/utils/mount.ecryptfs.c: fix EOF handling, LP: #371587
++  * src/desktop/Makefile.am: make desktop files trusted, LP: #371426
++
++  [ Dustin Kirkland and Daniel Baumann ]
++  * debian/control, debian/copyright, debian/ecryptfs-utils.dirs,
++    debian/ecryptfs-utils.install, debian/ecryptfs-utils.postinst,
++    debian/rules, ecryptfs-utils.pam-auth-update: sync Ubuntu's
++    packaging with Debian; drop dpatch, drop libssl build dep, clean
++    up extraneous debhelper bits, match cflags; remaining diff is only
++    ecryptfs-utils.prerm
++
++  [ Arfrever Frehtes Taifersar Arahesis ]
++  * key_mod/ecryptfs_key_mod_gpg.c,
++    key_mod/ecryptfs_key_mod_pkcs11_helper.c,
++    libecryptfs/key_management.c, utils/ecryptfs_unwrap_passphrase.c:
++    Fix warnings, initialize a few variables, drop unused ones
++
++  [ David Hicks ]
++  * src/lib/key_management.c: fix stray semicolon that prevents .ecryptfsrc
++    files from working properly, LP: #372709
++
++  [ Michael Rooney ]
++  * src/python/ecryptfsapi.py: added python api
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Mon, 20 Jul 2009 12:12:30 -0500
++
++ecryptfs-utils (75) released; urgency=low
++
++  [ Dustin Kirkland ]
++  * debian/rules: drop hackery that moves stuff /usr/share/ecryptfs-utils
++  * src/utils/mount.ecryptfs_private.c: update inline documentation
++  * debian/changelog, src/libecryptfs/cmd_ln_parser.c,
++    src/libecryptfs/key_management.c, src/pam_ecryptfs/pam_ecryptfs.c,
++    src/utils/ecryptfs_add_passphrase.c,
++    src/utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c,
++    src/utils/ecryptfs_rewrap_passphrase.c,
++    src/utils/ecryptfs_unwrap_passphrase.c,
++    src/utils/ecryptfs_wrap_passphrase.c: silence some useless logging,
++    LP: #313330
++  * include/ecryptfs.h, libecryptfs/key_management.c,
++    utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c,
++    utils/ecryptfs_unwrap_passphrase.c: if the file to unwrap is
++    unspecified, try to use the default ~/.ecryptfs/wrapped-passphrase
++    before bailing out, LP: #359997
++  * src/utils/ecryptfs-setup-private: unix_chkpwd is not always present
++    (eg, gentoo), LP: #332341
++
++  [ Tyler Hicks ]
++  * doc/manpage/ecryptfs.7: ecryptfs_encrypted_view option desription
++    was wrong LP: #328761
++
++  [ Michal Hlavinka ]
++  * decision_graph.c: fix uninitialized return code
++  * mount.ecryptfs.c: don't pass verbosity option to kernel
++
++  [ anrxc & Dustin Kirkland ]
++  * doc/Makefile.am, src/desktop/Makefile.am: fix automake installation from
++    /usr/share to /usr/share/ecryptfs-utils
++
++  [ Daniel Baumann & Dustin Kirkland ]
++  * debian/rules, debian/control: sync differences between Debian & Ubuntu's
++    packaging
++
++  [ Arfrever Frehtes Taifersar Arahesis ]
++  * src/key_mod/ecryptfs_key_mod_gpg.c,
++    src/key_mod/ecryptfs_key_mod_pkcs11_helper.c: fix implicit declations
++
++  [ Frédéric Guihéry ]
++  * key_mod/ecryptfs_key_mod_tspi.c, utils/ecryptfs_generate_tpm_key.c:
++    the SRK password should be set to 20 bytes of NULL (wellknown
++    password), in order for different tools to request key protection
++    with the Storage Root Key
++
++ -- Dustin Kirkland <kirkland@ubuntu.com>  Fri, 01 May 2009 15:07:38 -0500
++
++ecryptfs-utils (74) released; urgency=low
    [ Michal Hlavinka ]
    * Changes for RH/Fedora release
 === modified file 'debian/control'
 --- debian/control	2009-02-18 21:30:21 +0000
 +++ debian/control	2010-02-17 20:48:18 +0000
@@ -1,19 +1,47 @@
  Source: ecryptfs-utils
  Section: misc
  Priority: optional
--Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss@lists.ubuntu.com>
++Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
  XSBC-Original-Maintainer: Daniel Baumann <daniel@debian.org>
--Build-Depends: debhelper (>= 7), dpatch, autotools-dev, autoconf, automake, libtool, libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libkeyutils-dev, libopencryptoki-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc], pkg-config, python-dev, swig
--Standards-Version: 3.8.0
++Build-Depends:
++ debhelper (>= 7),
++ autotools-dev,
++ autoconf,
++ automake,
++ libtool,
++ libgcrypt11-dev,
++ libgpg-error-dev,
++ libgpgme11-dev,
++ libkeyutils-dev,
++ libnss3-dev,
++ libopencryptoki-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc],
++ libpam0g-dev,
++ libpkcs11-helper1-dev,
++ libtspi-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc],
++ pkg-config,
++ python-dev,
++ swig
++Standards-Version: 3.8.3
  Homepage: https://launchpad.net/ecryptfs
--Vcs-Browser: http://git.debian.net/?p=debian/ecryptfs-utils.git
--Vcs-Git: git://git.debian.net/git/debian/ecryptfs-utils.git
++Vcs-Bzr: https://code.launchpad.net/~ecryptfs/ecryptfs/ecryptfs-utils
++Vcs-Browser: http://bazaar.launchpad.net/~ecryptfs/ecryptfs/ecryptfs-utils/files
  Package: ecryptfs-utils
  Section: misc
  Architecture: any
--Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 1.0.1-2ubuntu1), keyutils, libnss3-1d
--Suggests: opencryptoki, cryptsetup
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++ keyutils,
++ libnss3-1d,
++ libpam-runtime (>= 1.0.1-6),
++ gettext-base
++Recommends:
++ lsof,
++ rsync
++Suggests:
++ cryptsetup,
++ opencryptoki
  Description: ecryptfs cryptographic filesystem (utilities)
   eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
   for Linux.
@@ -33,7 +61,9 @@
  Package: libecryptfs0
  Section: libs
  Architecture: any
--Depends: ${shlibs:Depends}, ${misc:Depends}
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends}
  Description: ecryptfs cryptographic filesystem (library)
   eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
   for Linux.
@@ -43,7 +73,17 @@
  Package: libecryptfs-dev
  Section: libdevel
  Architecture: any
--Depends: libecryptfs0 (= ${binary:Version}), libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libkeyutils-dev, libopencryptoki-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc], libpam0g-dev, libpkcs11-helper1-dev, libtspi-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc]
++Depends:
++ ${misc:Depends},
++ libecryptfs0 (= ${binary:Version}),
++ libgcrypt11-dev,
++ libgpg-error-dev,
++ libgpgme11-dev,
++ libkeyutils-dev,
++ libopencryptoki-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc],
++ libpam0g-dev,
++ libpkcs11-helper1-dev,
++ libtspi-dev [alpha amd64 arm armel hppa ia64 i386 m68k mips mipsel powerpc sparc]
  Description: ecryptfs cryptographic filesystem (development)
   eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
   for Linux.
 === modified file 'debian/copyright'
 --- debian/copyright	2009-02-13 15:57:24 +0000
 +++ debian/copyright	2010-02-17 20:48:18 +0000
@@ -1,11 +1,16 @@
  Authors:
   Phillip Hellewell <hacker@byu.net>
-- Michael A. Halcrow <mhalcrow@us.ibm.com>
-- Dustin Kirkland <kirkland@ubuntu.com>
--Download: https://launchpad.net/ecryptfs/trunk
++ Michael A. Halcrow <mike@halcrow.us>
++ Dustin Kirkland <kirkland@canonical.com>
++ Tyler Hicks <tyhicks@linux.vnet.ibm.com>
++
++Upstream-Contact: Dustin Kirkland <kirkland@canonical.com>
++Upstream-Homepage: https://launchpad.net/ecryptfs
  Files: *
--Copyright: 2004-2008 International Business Machines Corp.
++Copyright:
++ (C) 2004-2009 International Business Machines Corp.
++ (C) 2008-2009 Canonical, Ltd.
  License: GPL-2+
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public License
@@ -46,7 +51,7 @@
   can be found in /usr/share/common-licenses/GPL-2 file.
  Files: debian/*
--Copyright: (C) 2007-2008 Daniel Baumann <daniel@debian.org>
++Copyright: (C) 2007-2009 Daniel Baumann <daniel@debian.org>
  License: GPL-2+
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public License
 === removed file 'debian/ecryptfs-utils.dirs'
 --- debian/ecryptfs-utils.dirs	2009-03-24 21:15:49 +0000
 +++ debian/ecryptfs-utils.dirs	1970-01-01 00:00:00 +0000
@@ -1,2 +0,0 @@
--usr/share/pam-configs
--usr/share/ecryptfs-utils
 === added file 'debian/ecryptfs-utils.ecryptfs-utils-restore.upstart'
 --- debian/ecryptfs-utils.ecryptfs-utils-restore.upstart	1970-01-01 00:00:00 +0000
 +++ debian/ecryptfs-utils.ecryptfs-utils-restore.upstart	2010-02-17 20:48:18 +0000
@@ -0,0 +1,26 @@
++# eCryptfs restore
++description "eCryptfs"
++author "Dustin Kirkland <kirkland@canonical.com>"
++
++start on runlevel [2345]
++task
++
++# This task is necessary in support of ecryptfs-migrate-home.
++#
++# The administrator is strongly advised that the migrated user must
++# log in before reboot in order for the migration to take effect, as
++# the data in /dev/shm will be lost.
++#
++# The code below moves the /dev/shm data to /var/tmp to persist across
++# boots and prevent users from locking themselves out of their system,
++# however, it's slightly less secure, as these files should not be written
++# to disk, if possible.
++
++script
++	for i in /var/tmp/.ecryptfs-*; do
++		u=$(echo "$i" | sed "s:^/var/tmp/.ecryptfs-::")
++		if [ "$(stat -c %U $i)" = "$u" ]; then
++			mv -n "$i" /dev/shm
++		fi
++	done
++end script
 === added file 'debian/ecryptfs-utils.ecryptfs-utils-save.upstart'
 --- debian/ecryptfs-utils.ecryptfs-utils-save.upstart	1970-01-01 00:00:00 +0000
 +++ debian/ecryptfs-utils.ecryptfs-utils-save.upstart	2010-02-17 20:48:18 +0000
@@ -0,0 +1,26 @@
++# eCryptfs save
++description "eCryptfs"
++author "Dustin Kirkland <kirkland@canonical.com>"
++
++start on runlevel [!2345]
++task
++
++# This task is necessary in support of ecryptfs-migrate-home.
++#
++# The administrator is strongly advised that the migrated user must
++# log in before reboot in order for the migration to take effect, as
++# the data in /dev/shm will be lost.
++#
++# The code below moves the /dev/shm data to /var/tmp to persist across
++# boots and prevent users from locking themselves out of their system,
++# however, it's slightly less secure, as these files should not be written
++# to disk, if possible.
++
++script
++	for i in /dev/shm/.ecryptfs-*; do
++		u=$(echo "$i" | sed "s:^/dev/shm/.ecryptfs-::")
++		if [ "$(stat -c %U $i)" = "$u" ]; then
++			mv -n "$i" /var/tmp
++		fi
++	done
++end script
 === modified file 'debian/ecryptfs-utils.install'
 --- debian/ecryptfs-utils.install	2009-02-13 15:57:24 +0000
 +++ debian/ecryptfs-utils.install	2010-02-17 20:48:18 +0000
@@ -3,5 +3,6 @@
  /usr/bin
  /usr/lib/ecryptfs
  /usr/share/doc
++/usr/share/ecryptfs-utils
  /usr/share/man
--/usr/share/pam-configs/ecryptfs-utils
++../../debian/lintian/ecryptfs-utils usr/share/lintian/overrides
 === modified file 'debian/ecryptfs-utils.postinst'
 --- debian/ecryptfs-utils.postinst	2009-02-13 15:57:24 +0000
 +++ debian/ecryptfs-utils.postinst	2010-02-17 20:48:18 +0000
@@ -1,44 +1,20 @@
--#!/bin/sh -e
--
--auth=0c1295085dca124e6ba5a3cea7993c22
--account=9f04221fe44762047894adeb96ffd069
--session=2e9a42f2a3b6573891ff9e6bf0c31c9e
--password=4cf59ec48caad2a06ea2e183d8bc007a
--
--force=
--if dpkg --compare-versions "$2" lt-nl 53-1ubuntu6; then
--        # If we're upgrading from an older ecryptfs-utils,
--        # and the pam configuration precisely matches that
--        # which was written by auth-client-config, we can
--        # safely force the pam-auth-update.
--        force=--force
--        for type in auth account session password
--        do
--            sum="$(md5sum /etc/pam.d/common-$type 2>/dev/null | awk '{ print $1 }')"
--            [ "$sum" = "$(eval echo \$$type)" ] || force=
--        done
--fi
--pam-auth-update --package $force
--
--#DEBHELPER#
--
--exit 0
  #!/bin/sh
  set -e
  case "${1}" in
  	configure)
--		# Basically, if a user chooses to encrypt their entire home
--		# directory, we're going to need someplace to put their
--		# ~/.ecryptfs directory that's available prior to mounting their
--		# home directory. Classic chicken/egg bootstrapping.
--
--		if [ ! -d /var/lib/ecryptfs ]
--		then
--			mkdir -p /var/lib/ecryptfs
--			chmod 1777 /var/lib/ecryptfs
--		fi
++		[ -e /var/log/installer/syslog ] && sed -i '/user-setup: YOU SHOULD RECORD THIS/,+2 d' /var/log/installer/syslog
++		pam-auth-update --package
++		# Try to migrate encrypted Private counters from /tmp to /dev/shm, if sane
++		for i in $(ls /home); do
++			if [ -f "/tmp/ecryptfs-$i-Private" ] && [ ! -e "/dev/shm/ecryptfs-$i-Private" ]; then
++				o=$(stat -c %U "/tmp/ecryptfs-$i-Private")
++				if [ $i = $o ]; then
++					mv -f /tmp/ecryptfs-$i-Private /dev/shm
++				fi
++			fi
++		done
  		;;
  	abort-upgrade|abort-remove|abort-deconfigure)
 === modified file 'debian/libecryptfs0.shlibs'
 --- debian/libecryptfs0.shlibs	2009-02-13 15:57:24 +0000
 +++ debian/libecryptfs0.shlibs	2010-02-17 20:48:18 +0000
@@ -1,1 +1,1 @@
--libecryptfs 0 libecryptfs0 (>= 48)
++libecryptfs 0 libecryptfs0 (>= 77)
 === added directory 'debian/lintian'
 === renamed file 'debian/ecryptfs-utils.lintian-overides' => 'debian/lintian/ecryptfs-utils'
 --- debian/ecryptfs-utils.lintian-overides	2009-02-13 15:57:24 +0000
 +++ debian/lintian/ecryptfs-utils	2010-02-17 20:48:18 +0000
@@ -1,1 +1,14 @@
++# This setuid is required for encrypted-home and encrypted-private;
++# Other distros or sysadmins could perhaps make it 4750, and create
++# an ecryptfs group, adding permitted users to this group (though
++# we're not doing this in Ubuntu).
  ecryptfs-utils: setuid-binary sbin/mount.ecryptfs_private 4755 root/root
++
++# The *.desktop files need to be executable
++ecryptfs-utils: executable-not-elf-or-script ./usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop
++ecryptfs-utils: executable-not-elf-or-script ./usr/share/ecryptfs-utils/ecryptfs-setup-private.desktop
++ecryptfs-utils: executable-not-elf-or-script ./usr/share/ecryptfs-utils/ecryptfs-record-passphrase
++
++# We're not creating these files, but rather moving them, and the utilities
++# that use them provide the necessary owernship checks
++ecryptfs-utils: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:9
 === added directory 'debian/local'
 === renamed file 'debian/ecryptfs-utils.pam-auth-update' => 'debian/local/ecryptfs-utils.pam-auth-update'
 --- debian/ecryptfs-utils.pam-auth-update	2009-02-13 15:57:24 +0000
 +++ debian/local/ecryptfs-utils.pam-auth-update	2010-02-17 20:48:18 +0000
@@ -3,10 +3,10 @@
  Priority: 0
  Auth-Type: Additional
  Auth-Final:
--        optional	pam_ecryptfs.so unwrap
++	optional	pam_ecryptfs.so unwrap
  Session-Type: Additional
  Session-Final:
--        optional	pam_ecryptfs.so unwrap
++	optional	pam_ecryptfs.so unwrap
  Password-Type: Additional
  Password-Final:
--        optional	pam_ecryptfs.so
++	optional	pam_ecryptfs.so
 === added directory 'debian/po'
 === added file 'debian/po/POTFILES.sh'
 --- debian/po/POTFILES.sh	1970-01-01 00:00:00 +0000
 +++ debian/po/POTFILES.sh	2010-02-17 20:48:18 +0000
@@ -0,0 +1,5 @@
++src/utils/ecryptfs-mount-private
++src/utils/ecryptfs-rewrite-file
++src/utils/ecryptfs-setup-private
++src/utils/ecryptfs-setup-swap
++src/utils/ecryptfs-umount-private
 === added file 'debian/po/ecryptfs-utils.pot'
 --- debian/po/ecryptfs-utils.pot	1970-01-01 00:00:00 +0000
 +++ debian/po/ecryptfs-utils.pot	2010-02-17 20:48:18 +0000
@@ -0,0 +1,407 @@
++# SOME DESCRIPTIVE TITLE.
++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the PACKAGE package.
++# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: PACKAGE VERSION\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2009-07-23 18:15-0500\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
++"Language-Team: LANGUAGE <LL@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=CHARSET\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#: src/utils/ecryptfs-mount-private:19
++msgid "Enter your login passphrase:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:24
++msgid "Enter your wrapping passphrase:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:49 src/utils/ecryptfs-mount-private:55
++#: src/utils/ecryptfs-mount-private:60 src/utils/ecryptfs-rewrite-file:24
++#: src/utils/ecryptfs-setup-private:84 src/utils/ecryptfs-setup-private:264
++#: src/utils/ecryptfs-setup-private:272 src/utils/ecryptfs-setup-private:282
++#: src/utils/ecryptfs-setup-private:313 src/utils/ecryptfs-setup-swap:25
++msgid "ERROR:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:49
++msgid "Your passphrase is incorrect"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:55 src/utils/ecryptfs-setup-private:289
++msgid "Too many incorrect password attempts, exiting"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:60
++msgid "Encrypted private directory is not setup properly"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:65 src/utils/ecryptfs-mount-private:66
++#: src/utils/ecryptfs-rewrite-file:30 src/utils/ecryptfs-setup-private:276
++#: src/utils/ecryptfs-setup-private:344 src/utils/ecryptfs-setup-private:349
++#: src/utils/ecryptfs-setup-swap:30 src/utils/ecryptfs-umount-private:21
++#: src/utils/ecryptfs-umount-private:22
++msgid "INFO:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:65
++msgid "Your private directory has been mounted."
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:66 src/utils/ecryptfs-umount-private:22
++msgid "To see this change in your current shell:"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:23
++msgid "[FAILED]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:30
++msgid "Rewriting"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:32
++msgid "File does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:36
++msgid "[EXCLUDED]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:43
++msgid "Could not create tempdir"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:47 src/utils/ecryptfs-rewrite-file:52
++#: src/utils/ecryptfs-rewrite-file:66
++msgid "Could not rename"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:57
++msgid "Could not create tempfile"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:61
++msgid "Could not copy"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:70
++msgid "[OK]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:73
++msgid "rewrites succeeded"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:14
++msgid "Enter your login passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:104
++msgid "Can't get ecryptfs version, ecryptfs kernel module not loaded?"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:131
++msgid "Enter your wrapping passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:155
++msgid "You must be root to bootstrap encrypt a home directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:178 src/utils/ecryptfs-setup-private:183
++msgid "ERROR: "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:178
++msgid "You must provide a username"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:183 src/utils/ecryptfs-setup-private:191
++msgid "User does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:197
++msgid "User needs to be a member of ecryptfs group"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:204
++msgid "User home directory does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:223
++msgid "wrapped-passphrase file already exists, use --force to overwrite."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:226
++msgid "file already exists, use --force to overwrite."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:230 src/utils/ecryptfs-setup-private:231
++msgid "is already mounted"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:238 src/utils/ecryptfs-setup-private:242
++msgid "must be empty before proceeding"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:264
++msgid "Wrapping passphrases must match"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:272
++msgid "You must provide a login passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:276
++msgid "Skipping password verification"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:298
++msgid "Enter your mount passphrase [leave blank to generate one]: "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:308
++msgid "Enter your mount passphrase (again): "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:313
++msgid "Mount passphrases do not match"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:321
++msgid "Too many incorrect passphrase attempts, exiting"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:327
++msgid ""
++"YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:329
++msgid "THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:336
++msgid "Could not create crypt directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:337
++msgid "Could not create mount directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:344
++msgid "will not be mounted on login"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:346
++msgid "Could not setup ecryptfs auto-mount"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:349
++msgid "will not be unmounted on logout"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:351
++msgid "Could not setup ecryptfs auto-umount"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:355
++msgid "Could not remove ecryptfs wrapping-independent"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:357
++msgid "Could not setup ecryptfs wrapping-independent"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:365
++msgid "Could not backup existing data"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:381
++msgid "Could not wrap passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:389
++msgid "Could not add passphrase to the current keyring"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:393
++msgid "Could not obtain the key signature"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:396
++msgid "Could not create signature file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:399
++msgid "Could not create mountpoint file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:403
++msgid "Done configuring."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:433
++msgid "Testing mount/write/umount/read..."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:434
++msgid "Could not mount private ecryptfs directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:435
++msgid "Could not create empty file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:436
++msgid "Could not generate random data"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:437
++msgid "Could not write encrypted file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:438
++msgid "Could not read encrypted file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:439
++msgid "Could not unmount private ecryptfs directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:440
++msgid "Could not mount private ecryptfs directory (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:441
++msgid "Could not read encrypted file (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:445
++msgid "Could not unmount private ecryptfs directory (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:447
++msgid "Testing failed."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:449
++msgid "Testing succeeded."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:453
++msgid "Logout, and log back in to begin using your encrypted directory."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:34
++msgid "WARNING:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:39
++msgid "Usage:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:60
++msgid "Please install"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:63
++msgid "This program must be run with 'sudo', or as root"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:70
++msgid "You do not currently have any swap space defined."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:72
++msgid "You can create a swap file by doing:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:77
++msgid "And then re-run"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:81
++msgid "You have more than one swap space defined."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:82
++msgid "only supports setting up a single swap space"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:89
++msgid "does not appear to be swap space"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:94
++msgid "already appears to be encrypted."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:103
++msgid "already has an entry in /etc/crypttab."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:107
++msgid "already has an entry in /etc/fstab."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:113
++msgid "There appears to be a cryptswap entry in /etc/cryptab; aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:118
++msgid "There appears to be a cryptswap entry in /etc/fstab; aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:124
++msgid "Commented out your unencrypted swap from /etc/fstab"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:126
++msgid "Your swap space isn't currently listed in /etc/fstab"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:134
++msgid ""
++"An encrypted swap is required to help ensure that encrypted files are not "
++"leaked to disk in an unencrypted format."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:136
++msgid ""
++"HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL "
++"BREAK HIBERNATE/RESUME ON THIS SYSTEM!"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:138
++msgid "NOTE: Your suspend/resume capabilities will not be affected."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:140
++msgid "Do you want to proceed with encrypting your swap?"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:145
++msgid "Aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:153
++msgid "Setting up swap:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:170
++msgid "Successfully setup encrypted swap!"
++msgstr ""
++
++#: src/utils/ecryptfs-umount-private:21
++msgid "Your private directory has been unmounted."
++msgstr ""
 === added file 'debian/po/fr.po'
 --- debian/po/fr.po	1970-01-01 00:00:00 +0000
 +++ debian/po/fr.po	2010-02-17 20:48:18 +0000
@@ -0,0 +1,389 @@
++#: src/utils/ecryptfs-mount-private:19
++msgid "Enter your login passphrase:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:24
++msgid "Enter your wrapping passphrase:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:49 src/utils/ecryptfs-mount-private:55
++#: src/utils/ecryptfs-mount-private:60 src/utils/ecryptfs-rewrite-file:24
++#: src/utils/ecryptfs-setup-private:84 src/utils/ecryptfs-setup-private:264
++#: src/utils/ecryptfs-setup-private:272 src/utils/ecryptfs-setup-private:282
++#: src/utils/ecryptfs-setup-private:313 src/utils/ecryptfs-setup-swap:25
++msgid "ERROR:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:49
++msgid "Your passphrase is incorrect"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:55 src/utils/ecryptfs-setup-private:289
++msgid "Too many incorrect password attempts, exiting"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:60
++msgid "Encrypted private directory is not setup properly"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:65 src/utils/ecryptfs-mount-private:66
++#: src/utils/ecryptfs-rewrite-file:30 src/utils/ecryptfs-setup-private:276
++#: src/utils/ecryptfs-setup-private:344 src/utils/ecryptfs-setup-private:349
++#: src/utils/ecryptfs-setup-swap:30 src/utils/ecryptfs-umount-private:21
++#: src/utils/ecryptfs-umount-private:22
++msgid "INFO:"
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:65
++msgid "Your private directory has been mounted."
++msgstr ""
++
++#: src/utils/ecryptfs-mount-private:66 src/utils/ecryptfs-umount-private:22
++msgid "To see this change in your current shell:"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:23
++msgid "[FAILED]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:30
++msgid "Rewriting"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:32
++msgid "File does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:36
++msgid "[EXCLUDED]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:43
++msgid "Could not create tempdir"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:47 src/utils/ecryptfs-rewrite-file:52
++#: src/utils/ecryptfs-rewrite-file:66
++msgid "Could not rename"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:57
++msgid "Could not create tempfile"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:61
++msgid "Could not copy"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:70
++msgid "[OK]"
++msgstr ""
++
++#: src/utils/ecryptfs-rewrite-file:73
++msgid "rewrites succeeded"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:14
++msgid "Enter your login passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:104
++msgid "Can't get ecryptfs version, ecryptfs kernel module not loaded?"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:131
++msgid "Enter your wrapping passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:155
++msgid "You must be root to bootstrap encrypt a home directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:178 src/utils/ecryptfs-setup-private:183
++msgid "ERROR: "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:178
++msgid "You must provide a username"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:183 src/utils/ecryptfs-setup-private:191
++msgid "User does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:197
++msgid "User needs to be a member of ecryptfs group"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:204
++msgid "User home directory does not exist"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:223
++msgid "wrapped-passphrase file already exists, use --force to overwrite."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:226
++msgid "file already exists, use --force to overwrite."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:230 src/utils/ecryptfs-setup-private:231
++msgid "is already mounted"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:238 src/utils/ecryptfs-setup-private:242
++msgid "must be empty before proceeding"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:264
++msgid "Wrapping passphrases must match"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:272
++msgid "You must provide a login passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:276
++msgid "Skipping password verification"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:298
++msgid "Enter your mount passphrase [leave blank to generate one]: "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:308
++msgid "Enter your mount passphrase (again): "
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:313
++msgid "Mount passphrases do not match"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:321
++msgid "Too many incorrect passphrase attempts, exiting"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:327
++msgid ""
++"YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:329
++msgid "THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:336
++msgid "Could not create crypt directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:337
++msgid "Could not create mount directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:344
++msgid "will not be mounted on login"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:346
++msgid "Could not setup ecryptfs auto-mount"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:349
++msgid "will not be unmounted on logout"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:351
++msgid "Could not setup ecryptfs auto-umount"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:355
++msgid "Could not remove ecryptfs wrapping-independent"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:357
++msgid "Could not setup ecryptfs wrapping-independent"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:365
++msgid "Could not backup existing data"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:381
++msgid "Could not wrap passphrase"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:389
++msgid "Could not add passphrase to the current keyring"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:393
++msgid "Could not obtain the key signature"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:396
++msgid "Could not create signature file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:399
++msgid "Could not create mountpoint file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:403
++msgid "Done configuring."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:433
++msgid "Testing mount/write/umount/read..."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:434
++msgid "Could not mount private ecryptfs directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:435
++msgid "Could not create empty file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:436
++msgid "Could not generate random data"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:437
++msgid "Could not write encrypted file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:438
++msgid "Could not read encrypted file"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:439
++msgid "Could not unmount private ecryptfs directory"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:440
++msgid "Could not mount private ecryptfs directory (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:441
++msgid "Could not read encrypted file (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:445
++msgid "Could not unmount private ecryptfs directory (2)"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:447
++msgid "Testing failed."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:449
++msgid "Testing succeeded."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-private:453
++msgid "Logout, and log back in to begin using your encrypted directory."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:34
++msgid "WARNING:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:39
++msgid "Usage:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:60
++msgid "Please install"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:63
++msgid "This program must be run with 'sudo', or as root"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:70
++msgid "You do not currently have any swap space defined."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:72
++msgid "You can create a swap file by doing:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:77
++msgid "And then re-run"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:81
++msgid "You have more than one swap space defined."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:82
++msgid "only supports setting up a single swap space"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:89
++msgid "does not appear to be swap space"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:94
++msgid "already appears to be encrypted."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:103
++msgid "already has an entry in /etc/crypttab."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:107
++msgid "already has an entry in /etc/fstab."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:113
++msgid "There appears to be a cryptswap entry in /etc/cryptab; aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:118
++msgid "There appears to be a cryptswap entry in /etc/fstab; aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:124
++msgid "Commented out your unencrypted swap from /etc/fstab"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:126
++msgid "Your swap space isn't currently listed in /etc/fstab"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:134
++msgid ""
++"An encrypted swap is required to help ensure that encrypted files are not "
++"leaked to disk in an unencrypted format."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:136
++msgid ""
++"HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL "
++"BREAK HIBERNATE/RESUME ON THIS SYSTEM!"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:138
++msgid "NOTE: Your suspend/resume capabilities will not be affected."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:140
++msgid "Do you want to proceed with encrypting your swap?"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:145
++msgid "Aborting."
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:153
++msgid "Setting up swap:"
++msgstr ""
++
++#: src/utils/ecryptfs-setup-swap:170
++msgid "Successfully setup encrypted swap!"
++msgstr ""
++
++#: src/utils/ecryptfs-umount-private:21
++msgid "Your private directory has been unmounted."
++msgstr ""
 === modified file 'debian/rules'
 --- debian/rules	2009-04-22 00:07:59 +0000
 +++ debian/rules	2010-02-17 20:48:18 +0000
@@ -1,43 +1,63 @@
  #!/usr/bin/make -f
--include /usr/share/dpatch/dpatch.make
++PKG=ecryptfs-utils
++PO_DIR=debian/po
--DEB_BUILD_ARCH		?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
  DEB_HOST_GNU_TYPE	?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
  DEB_BUILD_GNU_TYPE	?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
--CFLAGS = -Wall -g
--
--ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
--	CFLAGS += -O0
++ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
++	CROSS=CC=$(DEB_HOST_GNU_TYPE)-gcc
  else
--	CFLAGS += -O2
++	CROSS=
  endif
++DEB_BUILD_ARCH		?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
++
  ifneq ($(DEB_BUILD_ARCH),s390)
  	TPMFLAGS = --enable-opencryptoki
  endif
--clean: unpatch
++install-po: update-pot
++	for po in ${PO_DIR}/*.po ; do \
++		lang=$${po#po/}; lang=$${lang%.po}; \
++		mkdir -p ${PO_DIR}/locale/$${lang}/LC_MESSAGES/; \
++		msgfmt $${po} -o ${PO_DIR}/locale/$${lang}/LC_MESSAGES/${PKG}.mo ; \
++	done
++
++update-pot:
++	rm -f ${PO_DIR}/${PKG}.pot
++	xgettext -o ${PO_DIR}/${PKG}.pot -L Shell -f ${PO_DIR}/POTFILES.sh
++	for po in ${PO_DIR}/*.po ; do \
++		msgmerge $${po} ${PO_DIR}/${PKG}.pot -o $${po} ; \
++	done
++
++clean:
  	dh_testdir
  	dh_testroot
  	rm -f build-stamp
  	rm -f config.guess config.sub
++	for po in ${PO_DIR}/*.po ; do \
++		lang=$${po#po/}; lang=$${lang%.po}; \
++		rm -f ${PO_DIR}/locale/$${lang}/LC_MESSAGES/${PKG}.mo ; \
++	done
++
  	[ ! -f Makefile ] || $(MAKE) distclean
  	dh_clean
--config.status: configure patch
++config.status: configure
  	dh_testdir
++ifneq "$(wildcard /usr/share/misc/config.guess)" ""
++	cp -f /usr/share/misc/config.guess config.guess
++endif
  ifneq "$(wildcard /usr/share/misc/config.sub)" ""
  	cp -f /usr/share/misc/config.sub config.sub
  endif
--ifneq "$(wildcard /usr/share/misc/config.guess)" ""
--	cp -f /usr/share/misc/config.guess config.guess
--endif
--	CFLAGS="$(CFLAGS)" ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --libdir=\$${prefix}/lib --mandir=\$${prefix}/share/man --enable-static --enable-gpg --disable-gui --enable-pam --disable-openssl --disable-pkcs11-helper --disable-tspi $(TPMFLAGS)
++
++	./configure $(CROSS) --prefix=/usr --libdir=\$${prefix}/lib --mandir=\$${prefix}/share/man --enable-static --enable-gpg --enable-nss --disable-gui --enable-pam --disable-openssl --disable-pkcs11-helper --disable-tspi $(TPMFLAGS) CFLAGS="$(CFLAGS)"
  build: build-stamp
  build-stamp: config.status
@@ -47,17 +67,14 @@
  	touch build-stamp
--install: build
++install: build install-po
  	dh_testdir
  	dh_testroot
  	dh_prep
--	dh_installdirs
  	$(MAKE) DESTDIR=$(CURDIR)/debian/tmp install
--	install -m 644 -D $(CURDIR)/debian/ecryptfs-utils.pam-auth-update $(CURDIR)/debian/tmp/usr/share/pam-configs/ecryptfs-utils
--	mv debian/tmp/usr/share/ecryptfs-* debian/ecryptfs-utils/usr/share/ecryptfs-utils
--	mv debian/tmp/usr/share/doc/ecryptfs-utils/ecryptfs-mount-private.txt debian/ecryptfs-utils/usr/share/ecryptfs-utils/ecryptfs-mount-private.txt
++	install -D -m 0644 debian/local/ecryptfs-utils.pam-auth-update debian/ecryptfs-utils/usr/share/pam-configs/ecryptfs-utils
  	chmod 4755 debian/tmp/sbin/mount.ecryptfs_private
@@ -65,12 +82,14 @@
  binary: binary-arch
--binary-arch: build install
++binary-arch: install
  	dh_testdir
  	dh_testroot
  	dh_installchangelogs ChangeLog
  	dh_installdocs
  	dh_install --fail-missing --sourcedir=debian/tmp
++	dh_installinit --noscripts --error-handler=true --name=ecryptfs-utils-save
++	dh_installinit --noscripts --error-handler=true --name=ecryptfs-utils-restore
  	dh_lintian
  	dh_link
  	dh_strip
 === modified file 'doc/Makefile.am'
 --- doc/Makefile.am	2009-02-03 08:50:36 +0000
 +++ doc/Makefile.am	2010-02-17 20:48:18 +0000
@@ -18,5 +18,4 @@
  dist_noinst_DATA += ecryptfs-pkcs11-helper-doc.txt
  endif
--dist_doc_DATA += ecryptfs-mount-private.txt
--dist_noinst_DATA += ecryptfs-mount-private.txt
++dist_pkgdata_DATA = ecryptfs-mount-private.txt
 === modified file 'doc/ecryptfs-mount-private.txt'
 --- doc/ecryptfs-mount-private.txt	2009-02-03 08:50:36 +0000
 +++ doc/ecryptfs-mount-private.txt	2010-02-17 20:48:18 +0000
@@ -6,4 +6,4 @@
  or
  From the command line, run:
-- $ ecryptfs-mount-private
++ ecryptfs-mount-private
 === modified file 'doc/manpage/Makefile.am'
 --- doc/manpage/Makefile.am	2009-03-20 19:29:14 +0000
 +++ doc/manpage/Makefile.am	2010-02-17 20:48:18 +0000
@@ -21,10 +21,13 @@
  	ecryptfs-rewrap-passphrase.1 \
  	ecryptfs-rewrite-file.1 \
  	ecryptfs-setup-private.1 \
++	ecryptfs-setup-swap.1 \
++	ecryptfs-stat.1 \
  	ecryptfs-umount-private.1 \
  	ecryptfs-unwrap-passphrase.1 \
  	ecryptfs-wrap-passphrase.1 \
  	mount.ecryptfs.8 \
++	umount.ecryptfs.8 \
  	mount.ecryptfs_private.1 \
  	pam_ecryptfs.8 \
  	umount.ecryptfs_private.1
 === modified file 'doc/manpage/ecryptfs-mount-private.1'
 --- doc/manpage/ecryptfs-mount-private.1	2009-02-03 08:50:36 +0000
 +++ doc/manpage/ecryptfs-mount-private.1	2010-02-17 20:48:18 +0000
@@ -6,7 +6,7 @@
  \fBecryptfs-mount-private\fP
  .SH DESCRIPTION
--\fBecryptfs-mount-private\fP is a wrapper script for the \fBmount.ecryptfs_private\fP utility that will interactively prompt for the user's login password, if necessary.
++\fBecryptfs-mount-private\fP is a wrapper script for the \fBmount.ecryptfs_private\fP utility that will interactively prompt for the user's login password, if necessary. You need to be a member of \fBecryptfs\fB group to use this.
  .SH FILES
  \fI~/.Private\fP - underlying directory containing encrypted data
@@ -17,7 +17,7 @@
  \fI~/.ecryptfs/wrapped-passphrase\fP - file containing the wrapped passphrase
--\fI~/.ecryptfs/wrapped-independent\fP - this file exists if the wrapping passphrase is independent from login passphrase
++\fI~/.ecryptfs/wrapping-independent\fP - this file exists if the wrapping passphrase is independent from login passphrase
  .SH SEE ALSO
  .PD 0
 === modified file 'doc/manpage/ecryptfs-rewrite-file.1'
 --- doc/manpage/ecryptfs-rewrite-file.1	2009-03-20 22:12:06 +0000
 +++ doc/manpage/ecryptfs-rewrite-file.1	2010-02-17 20:48:18 +0000
@@ -6,7 +6,7 @@
  \fBecryptfs-rewrite-file [file1] [file2] [file3] ...\fP
  .SH DESCRIPTION
--This script takes one or more files/directories/symlinks as arguments, moves each of them to a temporary file, and the moves them back to the original name.  This causes the file to be rewritten (and reencrypted) in the lower filesystem.
++This script takes one or more files/directories/symlinks as arguments, moves each of them to a temporary file, and then moves them back to the original name.  This causes the file to be rewritten (and reencrypted) in the lower filesystem.
  This script may be combined with \fBfind\fP(1) and \fBxargs\fP(1) to rewrite an entire eCryptfs mountpoint, unmount, and sync:
 === modified file 'doc/manpage/ecryptfs-setup-private.1'
 --- doc/manpage/ecryptfs-setup-private.1	2009-03-18 22:00:04 +0000
 +++ doc/manpage/ecryptfs-setup-private.1	2010-02-17 20:48:18 +0000
@@ -43,7 +43,7 @@
  .SH DESCRIPTION
--\fBecryptfs-setup-private\fP is a program that sets up a private cryptographic mountpoint for a non-root user.
++\fBecryptfs-setup-private\fP is a program that sets up a private cryptographic mountpoint for a non-root user, who is a member of \fBecryptfs\fP group.
  Be sure to properly escape your parameters according to your shell's special character nuances, and also surround the parameters by double quotes, if necessary. Any of the parameters may be:
@@ -78,7 +78,7 @@
  \fI~/.ecryptfs/wrapped-passphrase\fP - file containing the mount passphrase, wrapped with the login passphrase
--\fI~/.ecryptfs/wrapped-independent\fP - this file exists if the wrapping passphrase is independent from login passphrase
++\fI~/.ecryptfs/wrapping-independent\fP - this file exists if the wrapping passphrase is independent from login passphrase
  .SH SEE ALSO
  .PD 0
 === added file 'doc/manpage/ecryptfs-setup-swap.1'
 --- doc/manpage/ecryptfs-setup-swap.1	1970-01-01 00:00:00 +0000
 +++ doc/manpage/ecryptfs-setup-swap.1	2010-02-17 20:48:18 +0000
@@ -0,0 +1,29 @@
++.TH ecryptfs-setup-swap 1 2009-08-17 ecryptfs-utils "eCryptfs"
++.SH NAME
++ecryptfs-setup-swap \- ensure that any swap space is encrypted
++
++.SH SYNOPSIS
++\fBecryptfs-setup-swap\fP [-f|--force]
++
++.SH DESCRIPTION
++This script will detect existing swap partitions or swap files, and encrypt them, using cryptsetup.
++
++Encrypted swap is essential to securing any system using eCryptfs, since decrypted file contents will exist in the system's memory, which may be swapped to disk at any time.  If the system swap space is not also encrypted, it is possible that decrypted files could be written to disk in clear text.
++
++Note that most Linux distributions do not yet support resuming from an encrypted swap space, and thus hibernate/resume will not work.  Suspend/resume is unaffected.
++
++Upon running the utility, the user will be informed of the hibernate/resume break, and asked to confirm the behavior.  The -f|--force option can be used to bypass this interactive prompt.
++
++.SH SEE ALSO
++.PD 0
++.TP
++\fBcryptsetup\fP(8)
++
++.TP
++\fIhttp://launchpad.net/ecryptfs/\fP
++.PD
++
++.SH AUTHOR
++This manpage and the utility was written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others).  Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.
++
++On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
 === added file 'doc/manpage/ecryptfs-stat.1'
 --- doc/manpage/ecryptfs-stat.1	1970-01-01 00:00:00 +0000
 +++ doc/manpage/ecryptfs-stat.1	2010-02-17 20:48:18 +0000
@@ -0,0 +1,18 @@
++.TH ecryptfs-setup-swap 1 2009-08-17 ecryptfs-utils "eCryptfs"
++.SH NAME
++ecryptfs-stat \- Present statistics on encrypted eCryptfs file attributes
++
++.SH SYNOPSIS
++\fBecryptfs-stat\fP filename
++
++.SH DESCRIPTION
++This program will present statistics on encrypted eCryptfs file and its attributes.
++
++.TP
++\fIhttp://launchpad.net/ecryptfs/\fP
++.PD
++
++.SH AUTHOR
++This manpage was written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others).  Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.
++
++On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
 === modified file 'doc/manpage/ecryptfs.7'
 --- doc/manpage/ecryptfs.7	2009-04-21 23:20:27 +0000
 +++ doc/manpage/ecryptfs.7	2010-02-17 20:48:18 +0000
@@ -34,7 +34,7 @@
  Do not check the mount key signature against the values in the user's ~/.ecryptfs/sig-cache.txt file. This is useful for such things as non-interactive setup scripts, so that the mount helper does not stop and prompt the user in the event that the key sig is not in the cache.
  .TP
  .B ecryptfs_encrypted_view
--This option, when set, will have eCryptfs return the encrypted versions of the lower files, rather than decrypt encrypted files and return the decrypted data from the lower files. This options is useful for such things as backup utilities.
++This option provides a unified encrypted file format of the eCryptfs files in the lower mount point.  Currently, it is only useful if the lower mount point contains files with the metadata stored in the extended attribute.  Upon a file read in the upper mount point, the encrypted version of the file will be presented with the metadata in the file header instead of the xattr.  Files cannot be opened for writing when this option is enabled.
  .TP
  .B ecryptfs_xattr
  Store the metadata in the extended attribute of the lower files rather than the header region of the lower files.
@@ -79,7 +79,7 @@
  The filename should be the filename of a file containing an RSA SSL key.
  .TP
  .B openssl_passwd_file=(filename)
--The password should be specified in a file with passwd=(openssl-password). It is highly reccomended that the file be stored on a secure medium such as a personal usb key.
++The password should be specified in a file with openssl_passwd=(openssl-password). It is highly reccomended that the file be stored on a secure medium such as a personal usb key.
  .TP
  .B openssl_passwd_fd=(file descriptor)
  The password is specified through the specified file descriptor.
@@ -93,15 +93,13 @@
  .PP
--The following command will layover mount eCryptfs on /secret with a passphrase contained in a file stored on secure media mounted at /mnt/secureusb/.
++The following command will layover mount eCryptfs on /secret with a passphrase contained in a file stored on secure media mounted at /mnt/usb/.
--\fBmount -t ecryptfs -o
--key=passphrase:passphrase_passwd_file=/mnt/secureusb/passwd_file.txt
--/secret /secret\fP
++\fBmount -t ecryptfs -o key=passphrase:passphrase_passwd_file=/mnt/usb/file.txt /secret /secret\fP
  .PP
--Where passwd_file.txt contains the contents
++Where file.txt contains the contents
  \fB"passphrase_passwd=[passphrase]"\fP.
  .SH SEE ALSO
@@ -119,6 +117,8 @@
  .SH NOTES
  Do not run eCryptfs in verbose-mode unless you are doing so for the sole purpose of development, since secret values will be written out to the system log in that case. Make certain that your eCryptfs mount covers all locations where your applications may write sensitive data. In addition, use dm-crypt to encrypt your swap space with a random key on boot, or see \fBecryptfs-setup-swap\fP(1).
++Passphrases have a maximum length of 64 characters.
++
  .SH BUGS
  Please post bug reports to the eCryptfs bug tracker on Launchpad.net: https://bugs.launchpad.net/ecryptfs/+filebug.
@@ -128,131 +128,3 @@
  This manpage was (re-)written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others).  Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.
  On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
--.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.35
--.\"
--.\" Standard preamble:
--.\" ========================================================================
--.de Sh \" Subsection heading
--.br
--.if t .Sp
--.ne 5
--.PP
--\fB\\$1\fR
--.PP
--..
--.de Sp \" Vertical space (when we can't use .PP)
--.if t .sp .5v
--.if n .sp
--..
--.de Vb \" Begin verbatim text
--.ft CW
--.nf
--.ne \\$1
--..
--.de Ve \" End verbatim text
--.ft R
--.fi
--..
--.\" Set up some character translations and predefined strings.  \*(-- will
--.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
--.\" double quote, and \*(R" will give a right double quote.  | will give a
--.\" real vertical bar.  \*(C+ will give a nicer C++.  Capital omega is used to
--.\" do unbreakable dashes and therefore won't be available.  \*(C` and \*(C'
--.\" expand to `' in nroff, nothing in troff, for use with C<>.
--.tr \(*W-|\(bv\*(Tr
--.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
--.ie n \{\
--.    ds -- \(*W-
--.    ds PI pi
--.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
--.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
--.    ds L" ""
--.    ds R" ""
--.    ds C` ""
--.    ds C' ""
--'br\}
--.el\{\
--.    ds -- \|\(em\|
--.    ds PI \(*p
--.    ds L" ``
--.    ds R" ''
--'br\}
--.\"
--.\" If the F register is turned on, we'll generate index entries on stderr for
--.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
--.\" entries marked with X<> in POD.  Of course, you'll have to process the
--.\" output yourself in some meaningful fashion.
--.if \nF \{\
--.    de IX
--.    tm Index:\\$1\t\\n%\t"\\$2"
--..
--.    nr % 0
--.    rr F
--.\}
--.\"
--.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
--.\" way too many mistakes in technical documents.
--.hy 0
--.if n .na
--.\"
--.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
--.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
--.    \" fudge factors for nroff and troff
--.if n \{\
--.    ds #H 0
--.    ds #V .8m
--.    ds #F .3m
--.    ds #[ \f1
--.    ds #] \fP
--.\}
--.if t \{\
--.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
--.    ds #V .6m
--.    ds #F 0
--.    ds #[ \&
--.    ds #] \&
--.\}
--.    \" simple accents for nroff and troff
--.if n \{\
--.    ds ' \&
--.    ds ` \&
--.    ds ^ \&
--.    ds , \&
--.    ds ~ ~
--.    ds /
--.\}
--.if t \{\
--.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
--.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
--.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
--.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
--.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
--.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
--.\}
--.    \" troff and (daisy-wheel) nroff accents
--.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
--.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
--.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
--.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
--.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
--.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
--.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
--.ds ae a\h'-(\w'a'u*4/10)'e
--.ds Ae A\h'-(\w'A'u*4/10)'E
--.    \" corrections for vroff
--.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
--.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
--.    \" for low resolution devices (crt and lpr)
--.if \n(.H>23 .if \n(.V>19 \
--\{\
--.    ds : e
--.    ds 8 ss
--.    ds o a
--.    ds d- d\h'-1'\(ga
--.    ds D- D\h'-1'\(hy
--.    ds th \o'bp'
--.    ds Th \o'LP'
--.    ds ae ae
--.    ds Ae AE
--.\}
--.rm #[ #] #H #V #F C
 === modified file 'doc/manpage/mount.ecryptfs_private.1'
 --- doc/manpage/mount.ecryptfs_private.1	2009-02-23 21:31:11 +0000
 +++ doc/manpage/mount.ecryptfs_private.1	2010-02-17 20:48:18 +0000
@@ -8,7 +8,7 @@
  \fBNOTE:\fP This program will \fBnot\fP dynamically load the relevant keys.  For this reason, it is recommended that users use \fBecryptfs-mount-private\fP(1) instead!
  .SH DESCRIPTION
--\fBmount.ecryptfs_private\fP is a mount helper utility for non-root users to cryptographically mount a private directory, ~/Private.
++\fBmount.ecryptfs_private\fP is a mount helper utility for non-root users, who are members of \fBecryptfs\fP group, to cryptographically mount a private directory, ~/Private.
  If, and only if:
    - the private mount passphrase is in their kernel keyring, and
 === added file 'doc/manpage/umount.ecryptfs.8'
 --- doc/manpage/umount.ecryptfs.8	1970-01-01 00:00:00 +0000
 +++ doc/manpage/umount.ecryptfs.8	2010-02-17 20:48:19 +0000
@@ -0,0 +1,23 @@
++.TH umount.ecryptfs 8 2009-08-17 ecryptfs-utils "eCryptfs"
++.SH NAME
++umount.ecryptfs \- eCryptfs umount helper.
++
++.SH SYNOPSIS
++\fBumount\fP [\fIecryptfs\ mount\ point\fP]
++
++.SH DESCRIPTION
++\fBumount.ecryptfs\fP is an eCryptfs umount helper, that will also unlink keys from the keyring.
++
++.SH "SEE ALSO"
++.PD 0
++.TP
++\fBmount.ecryptfs\fP(8), \fBmount\fP(8)
++
++.TP
++\fIhttp://launchpad.net/ecryptfs/\fP
++.PD
++
++.SH AUTHOR
++This manpage was written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others).  Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.
++
++On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
 === modified file 'doc/manpage/umount.ecryptfs_private.1'
 --- doc/manpage/umount.ecryptfs_private.1	2009-02-23 21:31:11 +0000
 +++ doc/manpage/umount.ecryptfs_private.1	2010-02-17 20:48:19 +0000
@@ -14,7 +14,7 @@
  Force the unmount, ignoring the value of the mount counter in \fI/tmp/ecryptfs-USERNAME-Private\fP
  .SH DESCRIPTION
--\fBumount.ecryptfs_private\fP is a mount helper utility for non-root users to unmount a cryptographically mounted private directory, ~/Private.
++\fBumount.ecryptfs_private\fP is a mount helper utility for non-root users, who ares members of \fBecryptfs\fP group, to unmount a cryptographically mounted private directory, ~/Private.
  If, and only if:
    - the private mount passphrase is in their kernel keyring, and
 === modified file 'doc/sourceforge_webpage/README'
 --- doc/sourceforge_webpage/README	2009-02-03 08:50:36 +0000
 +++ doc/sourceforge_webpage/README	2010-02-17 20:48:19 +0000
@@ -38,11 +38,6 @@
 .0 or higher)
     - Finding its way into some distro's
     - Obtainable from <http://people.redhat.com/~dhowells/keyutils>
--  - libgcrypt
--    - Part of most distro's; install the development package
--    - If you need to build from source, you probably will want these:
--     - <ftp://ftp.gnupg.org/gcrypt/libgpg-error>
--     - <ftp://ftp.gnupg.org/gcrypt/libgcrypt>
  KERNEL BUILD OPTIONS
 === added directory 'lintian'
 === added file 'lintian/ecryptfs-utils'
 --- lintian/ecryptfs-utils	1970-01-01 00:00:00 +0000
 +++ lintian/ecryptfs-utils	2010-02-17 20:48:19 +0000
@@ -0,0 +1,12 @@
++# This setuid is required for encrypted-home and encrypted-private;
++# Other distros or sysadmins could perhaps make it 4750, and create
++# an ecryptfs group, adding permitted users to this group (though
++# we're not doing this in Ubuntu).
++ecryptfs-utils: setuid-binary sbin/mount.ecryptfs_private 4755 root/root
++
++# The *.desktop files should be executable
++ecryptfs-utils: executable-not-elf-or-script
++
++# We're not creating these files, but rather moving them, and the utilities
++# that use them provide the necessary owernship checks.
++ecryptfs-utils: possibly-insecure-handling-of-tmp-files-in-maintainer-script
 === modified file 'scripts/build-ubuntu.sh'
 --- scripts/build-ubuntu.sh	2009-03-24 20:39:50 +0000
 +++ scripts/build-ubuntu.sh	2010-02-17 20:48:19 +0000
@@ -7,5 +7,5 @@
  cd ubuntu
  tar zxvf *.orig.tar.gz
  cd ecryptfs-utils*/
--cp -a ../../ecryptfs/debian .
++cp -a ../../upstream/debian .
  debuild -uc -us
 === modified file 'scripts/release.sh'
 --- scripts/release.sh	2009-04-22 00:17:57 +0000
 +++ scripts/release.sh	2010-02-17 20:48:19 +0000
@@ -8,7 +8,7 @@
  	exit 1
+ }
--head -n1 debian/changelog | grep "unreleased" || error "This version must be 'unreleased'"
++head -n1 debian/changelog | grep -i "unreleased" || error "This version must be 'unreleased'"
  rm -f ./ecryptfs-utils*.tar.*
@@ -36,5 +36,9 @@
  echo "TO MAKE THE RELEASE OFFICIAL, UPLOAD:"
  echo -n "  "
  ls ../ecryptfs-utils*.orig.tar.gz
--echo "---->  https://launchpad.net/ecryptfs/trunk"
++echo "---->  https://launchpad.net/ecryptfs/trunk/+addrelease"
++echo
++echo " dch --release released"
++echo " debcommit --release"
++echo " bzr push lp:ecryptfs"
  echo
 === modified file 'src/desktop/Makefile.am'
 --- src/desktop/Makefile.am	2009-04-07 22:33:58 +0000
 +++ src/desktop/Makefile.am	2010-02-17 20:48:19 +0000
@@ -1,3 +1,4 @@
  MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
--dist_dataroot_DATA = ecryptfs-mount-private.desktop ecryptfs-setup-private.desktop ecryptfs-record-passphrase
++eudatarootdir = $(datarootdir)/ecryptfs-utils
++dist_eudataroot_SCRIPTS = ecryptfs-mount-private.desktop ecryptfs-setup-private.desktop ecryptfs-record-passphrase
 === modified file 'src/desktop/ecryptfs-mount-private.desktop' (properties changed: -x to +x)
 === modified file 'src/desktop/ecryptfs-record-passphrase' (properties changed: -x to +x)
 --- src/desktop/ecryptfs-record-passphrase	2009-04-07 22:33:58 +0000
 +++ src/desktop/ecryptfs-record-passphrase	2010-02-17 20:48:19 +0000
@@ -6,13 +6,16 @@
  Terminal: True
  Command: "sh -c 'ecryptfs-unwrap-passphrase $HOME/.ecryptfs/wrapped-passphrase 2>/dev/null && echo [Enter] && head -n1 && touch $HOME/.ecryptfs/.wrapped-passphrase.recorded '"
  Description: To encrypt your home directory or "Private" folder, a strong
-- passphrase has been autogenerated. Usually your directory is unlocked
++ passphrase has been automatically generated. Usually your directory is unlocked
   with your user password, but if you ever need to manually recover this
   directory, you will need this passphrase. Please print or write it down and
   store it in a safe location.
+  .
-- You can run the "ecryptfs-unwrap-passphrase" command now to do this. Enter
-- your user password at the "Passphrase" prompt.
++ If you click "Run this action now", enter your login password at the "Passphrase"
++ prompt and you can display your randomly generated passphrase.
++ .
++ Otherwise, you will need to run "ecryptfs-unwrap-passphrase" from the command
++ line to retrive and record your generated passphrase.
  Description-de: Um Ihr Heimat- oder "Private"-Verzeichnis zu verschlüsseln,
   wurde automatisch ein starkes Passwort geniert. Normalerweise wird Ihr
   Verzeichnis mit Ihrem Benutzerpasswort freigegeben, aber wenn Sie jemals
 === modified file 'src/desktop/ecryptfs-setup-private.desktop' (properties changed: -x to +x)
 === modified file 'src/include/ecryptfs.h'
 --- src/include/ecryptfs.h	2009-02-06 13:20:40 +0000
 +++ src/include/ecryptfs.h	2010-02-17 20:48:19 +0000
@@ -512,6 +512,7 @@
  					    uint32_t version);
  int get_string(char *val, int len, int echo);
  int get_string_stdin(char **val, char *prompt, int echo);
++int stack_pop(struct val_node **head);
  int stack_pop_val(struct val_node **head, void **val);
  int ecryptfs_mount(char *source, char *target, unsigned long flags, char *opts);
  int ecryptfs_get_current_kernel_ciphers(
@@ -581,6 +582,7 @@
  int ecryptfs_insert_wrapped_passphrase_into_keyring(
  	char *auth_tok_sig, char *filename, char *wrapping_passphrase,
  	char *salt);
++char *ecryptfs_get_wrapped_passphrase_filename();
  struct ecryptfs_key_mod_ops *passphrase_get_key_mod_ops(void);
  int ecryptfs_validate_keyring(void);
  #define ECRYPTFS_SHM_KEY 0x3c81b7f5
@@ -630,5 +632,8 @@
  char *ecryptfs_get_passphrase(char *prompt);
  int ecryptfs_run_daemon(struct ecryptfs_messaging_ctx *mctx);
++#define ECRYPTFS_PRIVATE_DIR "Private"
++char *ecryptfs_fetch_private_mnt(char *pw_dir);
++int ecryptfs_private_is_mounted(char *dev, char *mnt, char *sig, int mounting);
  #endif
 === modified file 'src/key_mod/ecryptfs_key_mod_gpg.c'
 --- src/key_mod/ecryptfs_key_mod_gpg.c	2009-04-22 09:05:00 +0000
 +++ src/key_mod/ecryptfs_key_mod_gpg.c	2010-02-17 20:48:19 +0000
@@ -18,6 +18,7 @@
   * 02111-1307, USA.
   */
++#include "config.h"
  #include <fcntl.h>
  #include <pwd.h>
  #include <stdio.h>
@@ -29,7 +30,6 @@
  #include <gpgme.h>
  #include <sys/types.h>
  #include <sys/stat.h>
--#include "config.h"
  #include "../include/ecryptfs.h"
  #include "../include/decision_graph.h"
@@ -131,7 +131,7 @@
  int ecryptfs_gpg_encrypt(char *to, int size, char *from, unsigned char *blob)
+ {
--	int rc;
++	int rc = 0;
  /*	gpg_op_encrypt(...); */
  out:
@@ -251,7 +251,7 @@
  			 struct val_node **head, void **foo)
+ {
  	struct key_mod_gpg *key_mod_gpg = (struct key_mod_gpg *)(*foo);
--	int i;
++	int i = 0;
  	gpgme_error_t err;
  	int rc = 0;
  	gpgme_key_t key;
@@ -283,10 +283,7 @@
  static int generate_name_val_list(struct ecryptfs_name_val_pair *head)
+ {
--	struct stat buf;
--	int i = 0;
  	uid_t id = getuid();
--	struct passwd *pw = getpwuid(id);
  	int rc = 0;
  	head->next = NULL;
@@ -304,6 +301,7 @@
  		destroy_key_mod_gpg(key_mod_gpg);
  		free(key_mod_gpg);
+ 	}
++	return 0;
+ }
@@ -312,7 +310,6 @@
+ {
  	struct key_mod_gpg *key_mod_gpg;
  	gpgme_error_t err;
--	gpgme_keylist_result_t keylist_res;
  	int rc = 0;
  	(*foo) = NULL;
@@ -329,7 +326,7 @@
  	if ((err = gpgme_op_keylist_start(key_mod_gpg->ctx, "", 0))) {
  		printf("Error attempting to start keylist\n");
  		rc = -EINVAL;
--		gpgme_release(ctx);
++		gpgme_release(key_mod_gpg->ctx);
  		free(key_mod_gpg);
  		goto out;
+ 	}
 === modified file 'src/key_mod/ecryptfs_key_mod_openssl.c'
 --- src/key_mod/ecryptfs_key_mod_openssl.c	2009-04-22 09:05:00 +0000
 +++ src/key_mod/ecryptfs_key_mod_openssl.c	2010-02-17 20:48:19 +0000
@@ -550,6 +550,30 @@
  	return rc;
+ }
++static int limit_key_size(struct val_node **params,
++			  struct ecryptfs_subgraph_ctx *subgraph_ctx)
++{
++	char *buf;
++	int rc;
++	RSA *rsa = NULL;
++
++	if ((rc=ecryptfs_openssl_read_key(&rsa,
++				(unsigned char *)subgraph_ctx->key_mod->blob)))
++		return rc;
++	/* 41 is for padding and 3 are for additional data send from
++	 * kernel (1 for cipher type and 2 for checksum */
++	if ((rc = asprintf(&buf, "max_key_bytes=%d",
++			   RSA_size(rsa)-41-3)) == -1) {
++		rc = -ENOMEM;
++		goto out;
++	}
++
++	rc = stack_push(params, buf);
++out:
++	RSA_free(rsa);
++	return rc;
++}
++
  /**
+  *
+  *
@@ -575,6 +599,7 @@
  		syslog(LOG_ERR, "Error processing OpenSSL key; rc = [%d]", rc);
  		goto out;
+ 	}
++	limit_key_size(mnt_params, subgraph_ctx);
  	ecryptfs_openssl_destroy_subgraph_ctx(subgraph_ctx);
  	free(subgraph_ctx);
  	(*foo) = NULL;
@@ -629,7 +654,7 @@
  		walker = walker->next;
+ 	}
  	if (!walker) {
--		syslog(LOG_ERR, "%s: No passwd option found in file\n",
++		syslog(LOG_ERR, "%s: No openssl_passwd option found in file\n",
  		       __FUNCTION__);
  		rc = MOUNT_ERROR;
  		goto out;
@@ -639,6 +664,7 @@
  		syslog(LOG_ERR, "Error processing OpenSSL key; rc = [%d]", rc);
  		goto out;
+ 	}
++	limit_key_size(mnt_params, subgraph_ctx);
  	ecryptfs_openssl_destroy_subgraph_ctx(subgraph_ctx);
  	free(subgraph_ctx);
  	(*foo) = NULL;
@@ -727,7 +753,7 @@
  	 .display_opts = NULL,
  	 .default_val = NULL,
  	 .suggested_val = NULL,
--	 .flags = ECRYPTFS_PARAM_FLAG_MASK_OUTPUT,
++	 .flags = ECRYPTFS_PARAM_FLAG_MASK_OUTPUT | VERIFY_VALUE,
  	 .num_transitions = 1,
  	 .tl = {{.val = NULL,
  		 .pretty_val = NULL,
 === modified file 'src/key_mod/ecryptfs_key_mod_pkcs11_helper.c'
 --- src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2009-04-22 09:05:00 +0000
 +++ src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2010-02-17 20:48:19 +0000
@@ -20,6 +20,7 @@
   * 02111-1307, USA.
   */
++#include "config.h"
  #include <fcntl.h>
  #include <pwd.h>
  #include <stdio.h>
@@ -28,11 +29,12 @@
  #include <errno.h>
  #include <stdlib.h>
  #include <unistd.h>
++#include <openssl/err.h>
++#include <openssl/pem.h>
  #include <openssl/x509.h>
  #include <sys/types.h>
  #include <sys/stat.h>
  #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
--#include "config.h"
  #include "../include/ecryptfs.h"
  #include "../include/decision_graph.h"
@@ -590,7 +592,6 @@
  		char dn[1024] = {0};
  		char serial[1024] = {0};
  		char *ser = NULL;
--		char *ssh_key = NULL;
  		size_t ser_len = 0;
  		int n;
@@ -1536,7 +1537,6 @@
  	struct ecryptfs_ctx *ctx = &_ctx;
  	struct ecryptfs_name_val_pair nvp_head;
  	struct val_node *dummy_mnt_params;
--	uid_t id;
  	struct passwd *pw;
  	char *rcfile_fullpath = NULL;
  	int fd;
@@ -1647,6 +1647,7 @@
  	if (pkcs11h_key_param_nodes[PKCS11H_KEY_TOK_ID].suggested_val)
  		free(pkcs11h_key_param_nodes[PKCS11H_KEY_TOK_ID].suggested_val);
  	pkcs11h_terminate ();
++	return 0;
+ }
  static struct ecryptfs_key_mod_ops ecryptfs_pkcs11h_ops = {
 === modified file 'src/key_mod/ecryptfs_key_mod_tspi.c'
 --- src/key_mod/ecryptfs_key_mod_tspi.c	2009-02-09 15:33:25 +0000
 +++ src/key_mod/ecryptfs_key_mod_tspi.c	2010-02-17 20:48:19 +0000
@@ -317,6 +317,7 @@
  	struct tspi_data tspi_data;
  	struct ecryptfs_tspi_connect_ticket *ticket;
  	int rc = 0;
++	BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;
  	pthread_mutex_lock(&encrypt_lock);
  	(*to_size) = 0;
@@ -345,8 +346,9 @@
  		rc = -EIO;
  		goto out;
+ 	}
--	if ((result = Tspi_Policy_SetSecret(h_srk_policy, TSS_SECRET_MODE_PLAIN,
--					    0, NULL))
++	if ((result = Tspi_Policy_SetSecret(h_srk_policy,
++					    TSS_SECRET_MODE_SHA1,
++					    sizeof(wellknown), wellknown))
  	    != TSS_SUCCESS) {
  		syslog(LOG_ERR, "Tspi_Policy_SetSecret failed: [%s]\n",
  		       Trspi_Error_String(result));
@@ -415,6 +417,7 @@
  	struct ecryptfs_tspi_connect_ticket *ticket;
  	TSS_RESULT result;
  	int rc = 0;
++	BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;
  	pthread_mutex_lock(&decrypt_lock);
  	ecryptfs_tspi_deserialize(&tspi_data, blob);
@@ -442,7 +445,8 @@
  		goto out;
+ 	}
  	if ((result = Tspi_Policy_SetSecret(h_srk_policy,
--					    TSS_SECRET_MODE_PLAIN, 0, NULL))
++					    TSS_SECRET_MODE_SHA1,
++					    sizeof(wellknown), wellknown))
  	    != TSS_SUCCESS) {
  		syslog(LOG_ERR, "Tspi_Policy_SetSecret failed: [%s]\n",
  		       Trspi_Error_String(result));
 === modified file 'src/libecryptfs-swig/libecryptfs.i'
 --- src/libecryptfs-swig/libecryptfs.i	2009-02-03 08:50:36 +0000
 +++ src/libecryptfs-swig/libecryptfs.i	2010-02-17 20:48:19 +0000
@@ -9,7 +9,7 @@
  #include "../include/ecryptfs.h"
  %typemap(out) binary_data {
--    $result = PyString_FromStringAndSize($1.data,$1.size);
++    $result = PyString_FromStringAndSize((char *)($1.data),$1.size);
+ }
  extern binary_data ecryptfs_passphrase_blob(char *salt, char *passphrase);
 === modified file 'src/libecryptfs-swig/libecryptfs.py'
 --- src/libecryptfs-swig/libecryptfs.py	2009-02-03 08:50:36 +0000
 +++ src/libecryptfs-swig/libecryptfs.py	2010-02-17 20:48:19 +0000
@@ -1,5 +1,5 @@
  # This file was automatically generated by SWIG (http://www.swig.org).
--# Version 1.3.31
++# Version 1.3.36
+ #
  # Don't modify this file, modify the SWIG interface instead.
  # This file is compatible with both classic and new-style classes.
 === modified file 'src/libecryptfs-swig/libecryptfs_wrap.c'
 --- src/libecryptfs-swig/libecryptfs_wrap.c	2009-02-03 08:50:36 +0000
 +++ src/libecryptfs-swig/libecryptfs_wrap.c	2010-02-17 20:48:19 +0000
@@ -1,6 +1,6 @@
  /* ----------------------------------------------------------------------------
   * This file was automatically generated by SWIG (http://www.swig.org).
-- * Version 1.3.31
++ * Version 1.3.36
+  *
   * This file is not intended to be easily readable and contains a number of
   * coding conventions designed to improve portability and efficiency. Do not make
@@ -17,14 +17,14 @@
  /* template workaround for compilers that cannot correctly implement the C++ standard */
  #ifndef SWIGTEMPLATEDISAMBIGUATOR
--# if defined(__SUNPRO_CC)
--#   if (__SUNPRO_CC <= 0x560)
--#     define SWIGTEMPLATEDISAMBIGUATOR template
--#   else
--#     define SWIGTEMPLATEDISAMBIGUATOR
--#   endif
++# if defined(__SUNPRO_CC) && (__SUNPRO_CC <= 0x560)
++#  define SWIGTEMPLATEDISAMBIGUATOR template
++# elif defined(__HP_aCC)
++/* Needed even with `aCC -AA' when `aCC -V' reports HP ANSI C++ B3910B A.03.55 */
++/* If we find a maximum version that requires this, the test would be __HP_aCC <= 35500 for A.03.55 */
++#  define SWIGTEMPLATEDISAMBIGUATOR template
  # else
--#   define SWIGTEMPLATEDISAMBIGUATOR
++#  define SWIGTEMPLATEDISAMBIGUATOR
  # endif
  #endif
@@ -52,6 +52,12 @@
  # endif
  #endif
++#ifndef SWIG_MSC_UNSUPPRESS_4505
++# if defined(_MSC_VER)
++#   pragma warning(disable : 4505) /* unreferenced local function has been removed */
++# endif
++#endif
++
  #ifndef SWIGUNUSEDPARM
  # ifdef __cplusplus
  #   define SWIGUNUSEDPARM(p)
@@ -107,6 +113,12 @@
  # define _CRT_SECURE_NO_DEPRECATE
  #endif
++/* Deal with Microsoft's attempt at deprecating methods in the standard C++ library */
++#if !defined(SWIG_NO_SCL_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_SCL_SECURE_NO_DEPRECATE)
++# define _SCL_SECURE_NO_DEPRECATE
++#endif
++
++
  /* Python.h has to appear first */
  #include <Python.h>
@@ -120,7 +132,7 @@
  /* This should only be incremented when either the layout of swig_type_info changes,
     or for whatever reason, the runtime changes incompatibly */
--#define SWIG_RUNTIME_VERSION "3"
++#define SWIG_RUNTIME_VERSION "4"
  /* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */
  #ifdef SWIG_TYPE_TABLE
@@ -155,6 +167,7 @@
  /* Flags for pointer conversions */
  #define SWIG_POINTER_DISOWN        0x1
++#define SWIG_CAST_NEW_MEMORY       0x2
  /* Flags for new pointer objects */
  #define SWIG_POINTER_OWN           0x1
@@ -295,10 +308,10 @@
  extern "C" {
  #endif
--typedef void *(*swig_converter_func)(void *);
++typedef void *(*swig_converter_func)(void *, int *);
  typedef struct swig_type_info *(*swig_dycast_func)(void **);
--/* Structure to store inforomation on one type */
++/* Structure to store information on one type */
  typedef struct swig_type_info {
    const char             *name;			/* mangled name of this type */
    const char             *str;			/* human readable name of this type */
@@ -343,7 +356,7 @@
      while ((*f2 == ' ') && (f2 != l2)) ++f2;
      if (*f1 != *f2) return (*f1 > *f2) ? 1 : -1;
+   }
--  return (l1 - f1) - (l2 - f2);
++  return (int)((l1 - f1) - (l2 - f2));
+ }
  /*
@@ -425,8 +438,8 @@
    Cast a pointer up an inheritance hierarchy
  */
  SWIGRUNTIMEINLINE void *
--SWIG_TypeCast(swig_cast_info *ty, void *ptr) {
--  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr);
++SWIG_TypeCast(swig_cast_info *ty, void *ptr, int *newmemory) {
++  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr, newmemory);
+ }
  /*
@@ -850,7 +863,7 @@
      Py_DECREF(old_str);
      Py_DECREF(value);
    } else {
--    PyErr_Format(PyExc_RuntimeError, mesg);
++    PyErr_SetString(PyExc_RuntimeError, mesg);
+   }
+ }
@@ -1090,14 +1103,14 @@
  /* Unpack the argument tuple */
  SWIGINTERN int
--SWIG_Python_UnpackTuple(PyObject *args, const char *name, int min, int max, PyObject **objs)
++SWIG_Python_UnpackTuple(PyObject *args, const char *name, Py_ssize_t min, Py_ssize_t max, PyObject **objs)
+ {
    if (!args) {
      if (!min && !max) {
        return 1;
      } else {
        PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got none",
--		   name, (min == max ? "" : "at least "), min);
++		   name, (min == max ? "" : "at least "), (int)min);
        return 0;
+     }
+   }
@@ -1105,14 +1118,14 @@
      PyErr_SetString(PyExc_SystemError, "UnpackTuple() argument list is not a tuple");
      return 0;
    } else {
--    register int l = PyTuple_GET_SIZE(args);
++    register Py_ssize_t l = PyTuple_GET_SIZE(args);
      if (l < min) {
        PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d",
--		   name, (min == max ? "" : "at least "), min, l);
++		   name, (min == max ? "" : "at least "), (int)min, (int)l);
        return 0;
      } else if (l > max) {
        PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d",
--		   name, (min == max ? "" : "at most "), max, l);
++		   name, (min == max ? "" : "at most "), (int)max, (int)l);
        return 0;
      } else {
        register int i;
@@ -1410,7 +1423,7 @@
+ {
    PySwigObject *sobj = (PySwigObject *) v;
    PyObject *next = sobj->next;
--  if (sobj->own) {
++  if (sobj->own == SWIG_POINTER_OWN) {
      swig_type_info *ty = sobj->ty;
      PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0;
      PyObject *destroy = data ? data->destroy : 0;
@@ -1428,12 +1441,13 @@
  	res = ((*meth)(mself, v));
+       }
        Py_XDECREF(res);
--    } else {
++    }
++#if !defined(SWIG_PYTHON_SILENT_MEMLEAK)
++    else {
        const char *name = SWIG_TypePrettyName(ty);
--#if !defined(SWIG_PYTHON_SILENT_MEMLEAK)
--      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", name);
++      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", (name ? name : "unknown"));
++    }
  #endif
--    }
+   }
    Py_XDECREF(next);
    PyObject_DEL(v);
@@ -1591,9 +1605,11 @@
      (unaryfunc)0,                 /*nb_float*/
      (unaryfunc)PySwigObject_oct,  /*nb_oct*/
      (unaryfunc)PySwigObject_hex,  /*nb_hex*/
--#if PY_VERSION_HEX >= 0x02020000
--    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */
--#elif PY_VERSION_HEX >= 0x02000000
++#if PY_VERSION_HEX >= 0x02050000 /* 2.5.0 */
++    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_index */
++#elif PY_VERSION_HEX >= 0x02020000 /* 2.2.0 */
++    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */
++#elif PY_VERSION_HEX >= 0x02000000 /* 2.0.0 */
 ,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_or */
  #endif
    };
@@ -1936,7 +1952,7 @@
  SWIGRUNTIME int
  SWIG_Python_AcquirePtr(PyObject *obj, int own) {
--  if (own) {
++  if (own == SWIG_POINTER_OWN) {
      PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
      if (sobj) {
        int oldown = sobj->own;
@@ -1957,6 +1973,8 @@
      return SWIG_OK;
    } else {
      PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
++    if (own)
++      *own = 0;
      while (sobj) {
        void *vptr = sobj->ptr;
        if (ty) {
@@ -1970,7 +1988,15 @@
  	  if (!tc) {
  	    sobj = (PySwigObject *)sobj->next;
  	  } else {
--	    if (ptr) *ptr = SWIG_TypeCast(tc,vptr);
++	    if (ptr) {
++              int newmemory = 0;
++              *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
++              if (newmemory == SWIG_CAST_NEW_MEMORY) {
++                assert(own);
++                if (own)
++                  *own = *own | SWIG_CAST_NEW_MEMORY;
++              }
++            }
  	    break;
+ 	  }
+ 	}
@@ -1980,7 +2006,8 @@
+       }
+     }
      if (sobj) {
--      if (own) *own = sobj->own;
++      if (own)
++        *own = *own | sobj->own;
        if (flags & SWIG_POINTER_DISOWN) {
  	sobj->own = 0;
+       }
@@ -2045,8 +2072,13 @@
+     }
      if (ty) {
        swig_cast_info *tc = SWIG_TypeCheck(desc,ty);
--      if (!tc) return SWIG_ERROR;
--      *ptr = SWIG_TypeCast(tc,vptr);
++      if (tc) {
++        int newmemory = 0;
++        *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
++        assert(!newmemory); /* newmemory handling not yet implemented */
++      } else {
++        return SWIG_ERROR;
++      }
      } else {
        *ptr = vptr;
+     }
@@ -2469,7 +2501,7 @@
  #define SWIG_name    "_libecryptfs"
--#define SWIGVERSION 0x010331
++#define SWIGVERSION 0x010336
  #define SWIG_VERSION SWIGVERSION
@@ -2567,7 +2599,6 @@
    PyObject *resultobj = 0;
    char *arg1 = (char *) 0 ;
    char *arg2 = (char *) 0 ;
--  binary_data result;
    int res1 ;
    char *buf1 = 0 ;
    int alloc1 = 0 ;
@@ -2576,6 +2607,7 @@
    int alloc2 = 0 ;
    PyObject * obj0 = 0 ;
    PyObject * obj1 = 0 ;
++  binary_data result;
    if (!PyArg_ParseTuple(args,(char *)"OO:ecryptfs_passphrase_blob",&obj0,&obj1)) SWIG_fail;
    res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
@@ -2590,7 +2622,7 @@
    arg2 = (char *)(buf2);
    result = ecryptfs_passphrase_blob(arg1,arg2);
+   {
--    resultobj = PyString_FromStringAndSize((char *)(&result)->data,(&result)->size);
++    resultobj = PyString_FromStringAndSize((char *)((&result)->data),(&result)->size);
+   }
    if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
    if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
@@ -2605,11 +2637,11 @@
  SWIGINTERN PyObject *_wrap_ecryptfs_passphrase_sig_from_blob(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
    PyObject *resultobj = 0;
    char *arg1 = (char *) 0 ;
--  binary_data result;
    int res1 ;
    char *buf1 = 0 ;
    int alloc1 = 0 ;
    PyObject * obj0 = 0 ;
++  binary_data result;
    if (!PyArg_ParseTuple(args,(char *)"O:ecryptfs_passphrase_sig_from_blob",&obj0)) SWIG_fail;
    res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
@@ -2619,7 +2651,7 @@
    arg1 = (char *)(buf1);
    result = ecryptfs_passphrase_sig_from_blob(arg1);
+   {
--    resultobj = PyString_FromStringAndSize((char *)(&result)->data,(&result)->size);
++    resultobj = PyString_FromStringAndSize((char *)((&result)->data),(&result)->size);
+   }
    if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
    return resultobj;
@@ -2633,15 +2665,15 @@
    PyObject *resultobj = 0;
    char *arg1 = (char *) 0 ;
    char *arg2 = (char *) 0 ;
++  int res1 ;
++  char *buf1 = 0 ;
++  int alloc1 = 0 ;
++  int res2 ;
++  char *buf2 = 0 ;
++  int alloc2 = 0 ;
++  PyObject * obj0 = 0 ;
++  PyObject * obj1 = 0 ;
    int result;
--  int res1 ;
--  char *buf1 = 0 ;
--  int alloc1 = 0 ;
--  int res2 ;
--  char *buf2 = 0 ;
--  int alloc2 = 0 ;
--  PyObject * obj0 = 0 ;
--  PyObject * obj1 = 0 ;
    if (!PyArg_ParseTuple(args,(char *)"OO:ecryptfs_add_blob_to_keyring",&obj0,&obj1)) SWIG_fail;
    res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
@@ -2754,7 +2786,7 @@
  SWIG_InitializeModule(void *clientdata) {
    size_t i;
    swig_module_info *module_head, *iter;
--  int found;
++  int found, init;
    clientdata = clientdata;
@@ -2764,6 +2796,9 @@
      swig_module.type_initial = swig_type_initial;
      swig_module.cast_initial = swig_cast_initial;
      swig_module.next = &swig_module;
++    init = 1;
++  } else {
++    init = 0;
+   }
    /* Try and load any already created modules */
@@ -2792,6 +2827,12 @@
      module_head->next = &swig_module;
+   }
++  /* When multiple interpeters are used, a module could have already been initialized in
++       a different interpreter, but not yet have a pointer in this interpreter.
++       In this case, we do not want to continue adding types... everything should be
++       set up already */
++  if (init == 0) return;
++
    /* Now work on filling in swig_module.types */
  #ifdef SWIGRUNTIME_DEBUG
    printf("SWIG_InitializeModule: size %d\n", swig_module.size);
 === modified file 'src/libecryptfs/cipher_list.c'
 --- src/libecryptfs/cipher_list.c	2009-04-22 09:05:00 +0000
 +++ src/libecryptfs/cipher_list.c	2010-02-17 20:48:19 +0000
@@ -338,7 +338,7 @@
  	{"tea", "tea.ko", 8, 16, 16, 7, 0},
  	{"xeta", "tea.ko", 8, 16, 16, 9, 0},
  	{"xtea", "tea.ko", 8, 16, 16, 8, 0},
--	{"blowfish", "blowfish.ko", 16, 16, 32, 2, 1},
++	{"blowfish", "blowfish.ko", 16, 16, 56, 2, 1},
  	{"twofish", "twofish.ko", 16, 16, 32, 4, 1},
  	{"khazad", "khazad.ko", 8, 16, 16, 11, 0},
  	{"cast5", "cast5.ko", 8, 5, 16, 14, 1},
 === modified file 'src/libecryptfs/cmd_ln_parser.c'
 --- src/libecryptfs/cmd_ln_parser.c	2009-04-22 09:05:00 +0000
 +++ src/libecryptfs/cmd_ln_parser.c	2010-02-17 20:48:19 +0000
@@ -200,7 +200,7 @@
  	fd = open(fullpath, O_RDONLY);
  	if (fd == -1) {
--		rc = -EIO;
++		rc = -errno;
  		goto out;
+ 	}
  	rc = parse_options_file(fd, nvp_list_head);
 === modified file 'src/libecryptfs/decision_graph.c'
 --- src/libecryptfs/decision_graph.c	2009-04-23 16:31:05 +0000
 +++ src/libecryptfs/decision_graph.c	2010-02-17 20:48:19 +0000
@@ -209,8 +209,15 @@
  		  struct ecryptfs_name_val_pair *nvp_head,
  		  struct val_node **mnt_params, void **foo)
+ {
++	static int repeated = 0;
++	static struct param_node *lastnode = NULL;
  	int i, rc;
++	if (current != lastnode)
++		repeated = 0;
++
++	lastnode = current;
++
  	for (i = 0; i < current->num_transitions; i++) {
  		struct transition_node *tn = &current->tl[i];
  		struct ecryptfs_name_val_pair *nvp = nvp_head->next;
@@ -275,11 +282,17 @@
  				trans_func_tok_id =
  					tn->trans_func(ctx, current,
  						       mnt_params, foo);
--			if (trans_func_tok_id == WRONG_VALUE &&
--			    (ctx->verbosity ||
--			     (current->flags & STDIN_REQUIRED))) {
--			    *next = current;
--			    return 0;
++			if (trans_func_tok_id == WRONG_VALUE) {
++				if (ctx->verbosity ||
++				    (current->flags & STDIN_REQUIRED)) {
++						if (++repeated >= 5)
++							return -EINVAL;
++						else {
++							*next = current;
++							return 0;
++						}
++				} else
++					return -EINVAL;
+ 			}
  			if (trans_func_tok_id == MOUNT_ERROR ||
  			    trans_func_tok_id < 0)
@@ -289,6 +302,8 @@
  			else return -EINVAL;
+ 		}
+ 	}
++	if (current->num_transitions)
++		return MOUNT_ERROR;
  	return NULL_TOK;
+ }
@@ -560,10 +575,13 @@
+ 			}
  			prompt[i] = '\0';
  get_value:
--			rc = (ctx->get_string)
--				(&(node->val), prompt,
--				 (node->flags
--				  & ECRYPTFS_PARAM_FLAG_ECHO_INPUT));
++			if ((rc = (ctx->get_string)
++				      (&(node->val), prompt,
++					(node->flags
++					  & ECRYPTFS_PARAM_FLAG_ECHO_INPUT)))) {
++				free(prompt);
++				return rc;
++			}
  			val = atoi(node->val);
  			if (val > 0 && val <= node->num_transitions) {
  				free(node->val);
@@ -627,26 +645,34 @@
  				(&(node->val), prompt,
  				 (node->flags
  				  & ECRYPTFS_PARAM_FLAG_ECHO_INPUT));
++			free(prompt);
++			if (rc)
++				goto out;
  			if (node->val[0] == '\0' &&
  			    (node->flags & ECRYPTFS_NONEMPTY_VALUE_REQUIRED)) {
  				fprintf(stderr,"Wrong input, non-empty value "
  					"required!\n");
  				goto obtain_value;
+ 			}
--			free(prompt);
  			if (node->flags & VERIFY_VALUE) {
  				rc = asprintf(&verify_prompt, "Verify %s",
  					      node->prompt);
  				if (rc == -1)
--					return MOUNT_ERROR;
++					return -ENOMEM;
  				rc = (ctx->get_string)
  					(&verify, verify_prompt,
  					 (node->flags
  					  & ECRYPTFS_PARAM_FLAG_ECHO_INPUT));
++				free(verify_prompt);
  				if (rc)
--					return MOUNT_ERROR;
--				if (strcmp(verify, node->val))
++					return -EIO;
++				rc = strcmp(verify, node->val);
++				free(verify);
++				if (rc) {
++					free(node->val);
++					node->val = NULL;
  					goto obtain_value;
++				}
+ 			}
  			if (node->val[0] == '\0') {
  				free(node->val);
 === modified file 'src/libecryptfs/key_management.c'
 --- src/libecryptfs/key_management.c	2009-04-22 09:36:25 +0000
 +++ src/libecryptfs/key_management.c	2010-02-17 20:48:19 +0000
@@ -18,13 +18,10 @@
   * 02111-1307, USA.
   */
++#include "config.h"
  #include <errno.h>
--#ifdef ENABLE_NSS
  #include <nss.h>
  #include <pk11func.h>
--#else
--#include <gcrypt.h>
--#endif /* #ifdef ENABLE_NSS */
  #include <keyutils.h>
  #ifndef S_SPLINT_S
  #include <stdio.h>
@@ -38,7 +35,7 @@
  #include <sys/mman.h>
  #include <sys/types.h>
  #include <sys/stat.h>
--#include "config.h"
++#include <pwd.h>
  #include "../include/ecryptfs.h"
  #ifndef ENOKEY
@@ -166,8 +163,6 @@
  	rc = (int)keyctl_search(KEY_SPEC_USER_KEYRING, "user", auth_tok_sig, 0);
  	if (rc != -1) { /* we already have this key in keyring; we're done */
  		rc = 1;
--		syslog(LOG_WARNING, "Passphrase key already in keyring;"
--		       " rc = [%d]\n", rc);
  		goto out;
  	} else if ((rc == -1) && (errno != ENOKEY)) {
  		int errnum = errno;
@@ -180,11 +175,11 @@
  	rc = add_key("user", auth_tok_sig, (void *)auth_tok,
  		     sizeof(struct ecryptfs_auth_tok), KEY_SPEC_USER_KEYRING);
  	if (rc == -1) {
--		int errnum = errno;
--
++		rc = -errno;
  		syslog(LOG_ERR, "Error adding key with sig [%s]; rc = [%d] "
  		       "\"%m\"\n", auth_tok_sig, rc);
--		rc = (errnum < 0) ? errnum : errnum * -1;
++		if (rc == -EDQUOT)
++			syslog(LOG_WARNING, "Error adding key to keyring - keyring is full\n");
  		goto out;
+ 	}
  	rc = 0;
@@ -300,7 +295,6 @@
  		ECRYPTFS_AES_BLOCK_SIZE + 1];
  	int encrypted_passphrase_pos = 0;
  	int decrypted_passphrase_pos = 0;
--#ifdef ENABLE_NSS
  	int tmp1_outlen = 0;
  	int tmp2_outlen = 0;
  	SECStatus err;
@@ -309,11 +303,6 @@
  	PK11SlotInfo *slot = NULL;
  	PK11Context *enc_ctx = NULL;
  	SECItem *sec_param = NULL;
--#else
--#warning Building against gcrypt instead of nss
--	gcry_cipher_hd_t gcry_handle;
--	gcry_error_t gcry_err;
--#endif /* #ifdef ENABLE_NSS */
  	int encrypted_passphrase_bytes;
  	int decrypted_passphrase_bytes;
  	int fd;
@@ -345,7 +334,6 @@
  					       - (decrypted_passphrase_bytes
  						  % ECRYPTFS_AES_BLOCK_SIZE));
  	encrypted_passphrase_bytes = decrypted_passphrase_bytes;
--#ifdef ENABLE_NSS
  	NSS_NoDB_Init(NULL);
  	slot = PK11_GetBestSlot(CKM_AES_ECB, NULL);
  	key_item.data = (unsigned char *)wrapping_key;
@@ -406,41 +394,6 @@
  		rc = - EIO;
  		goto out;
+ 	}
--#else
--	if ((gcry_err = gcry_cipher_open(&gcry_handle, GCRY_CIPHER_AES,
--					 GCRY_CIPHER_MODE_ECB, 0))) {
--		syslog(LOG_ERR, "Error attempting to initialize AES cipher; "
--		       "gcry_error_t = [%d]\n", gcry_err);
--		rc = -EIO;
--		goto out;
--	}
--	if ((gcry_err = gcry_cipher_setkey(gcry_handle, wrapping_key,
--					   ECRYPTFS_AES_KEY_BYTES))) {
--		syslog(LOG_ERR, "Error attempting to set AES key; "
--		       "gcry_error_t = [%d]\n", gcry_err);
--		rc = -EIO;
--		gcry_cipher_close(gcry_handle);
--		goto out;
--	}
--	while (decrypted_passphrase_bytes > 0) {
--		if ((gcry_err = gcry_cipher_encrypt(
--			     gcry_handle,
--			     &encrypted_passphrase[encrypted_passphrase_pos],
--			     ECRYPTFS_AES_BLOCK_SIZE,
--			     &decrypted_passphrase[decrypted_passphrase_pos],
--			     ECRYPTFS_AES_BLOCK_SIZE))) {
--			syslog(LOG_ERR, "Error attempting to encrypt block; "
--			       "gcry_error = [%d]\n", gcry_err);
--			rc = -EIO;
--			gcry_cipher_close(gcry_handle);
--			goto out;
--		}
--		encrypted_passphrase_pos += ECRYPTFS_AES_BLOCK_SIZE;
--		decrypted_passphrase_pos += ECRYPTFS_AES_BLOCK_SIZE;
--		decrypted_passphrase_bytes -= ECRYPTFS_AES_BLOCK_SIZE;
--	}
--	gcry_cipher_close(gcry_handle);
--#endif /* #ifdef ENABLE_NSS */
  	unlink(filename);
  	if ((fd = open(filename, (O_WRONLY | O_CREAT | O_EXCL),
  		       (S_IRUSR | S_IWUSR))) == -1) {
@@ -486,7 +439,6 @@
  	char encrypted_passphrase[ECRYPTFS_MAX_PASSPHRASE_BYTES + 1];
  	int encrypted_passphrase_pos = 0;
  	int decrypted_passphrase_pos = 0;
--#ifdef ENABLE_NSS
  	int tmp1_outlen = 0;
  	int tmp2_outlen = 0;
  	SECStatus err;
@@ -495,10 +447,6 @@
  	PK11SlotInfo *slot = NULL;
  	PK11Context *enc_ctx = NULL;
  	SECItem *sec_param = NULL;
--#else
--	gcry_cipher_hd_t gcry_handle;
--	gcry_error_t gcry_err;
--#endif /* #ifdef ENABLE_NSS */
  	int encrypted_passphrase_bytes;
  	int fd;
  	ssize_t size;
@@ -545,7 +493,6 @@
  		goto out;
+ 	}
  	encrypted_passphrase_bytes = size;
--#ifdef ENABLE_NSS
  	NSS_NoDB_Init(NULL);
  	slot = PK11_GetBestSlot(CKM_AES_ECB, NULL);
  	key_item.data = (unsigned char *)wrapping_key;
@@ -605,41 +552,6 @@
  		rc = - EIO;
  		goto out;
+ 	}
--#else
--	if ((gcry_err = gcry_cipher_open(&gcry_handle, GCRY_CIPHER_AES,
--					 GCRY_CIPHER_MODE_ECB, 0))) {
--		syslog(LOG_ERR, "Error attempting to initialize AES cipher; "
--		       "gcry_error_t = [%d]\n", gcry_err);
--		rc = -EIO;
--		goto out;
--	}
--	if ((gcry_err = gcry_cipher_setkey(gcry_handle, wrapping_key,
--					   ECRYPTFS_AES_KEY_BYTES))) {
--		syslog(LOG_ERR, "Error attempting to set AES key; "
--		       "gcry_error_t = [%d]\n", gcry_err);
--		rc = -EIO;
--		gcry_cipher_close(gcry_handle);
--		goto out;
--	}
--	memset(decrypted_passphrase, 0, ECRYPTFS_MAX_PASSPHRASE_BYTES + 1);
--	while (encrypted_passphrase_bytes > 0) {
--		if ((gcry_err = gcry_cipher_decrypt(
--			     gcry_handle,
--			     &decrypted_passphrase[encrypted_passphrase_pos],
--			     ECRYPTFS_AES_BLOCK_SIZE,
--			     &encrypted_passphrase[decrypted_passphrase_pos],
--			     ECRYPTFS_AES_BLOCK_SIZE))) {
--			syslog(LOG_ERR, "Error attempting to decrypt block; "
--			       "gcry_error = [%d]\n", gcry_err);
--			rc = -EIO;
--			gcry_cipher_close(gcry_handle);
--			goto out;
--		}
--		encrypted_passphrase_pos += ECRYPTFS_AES_BLOCK_SIZE;
--		decrypted_passphrase_pos += ECRYPTFS_AES_BLOCK_SIZE;
--		encrypted_passphrase_bytes -= ECRYPTFS_AES_BLOCK_SIZE;
--	}
--#endif /* #ifdef ENABLE_NSS */
  out:
  	return rc;
+ }
@@ -676,18 +588,20 @@
  		if ((rc = ecryptfs_add_passphrase_key_to_keyring(
  					auth_tok_sig,
  					decrypted_passphrase,
--					ECRYPTFS_DEFAULT_SALT_FNEK_HEX))) {
++					ECRYPTFS_DEFAULT_SALT_FNEK_HEX)) != 0) {
  			syslog(LOG_ERR,
  			   "Error attempting to add filename encryption key to "
  			   "user session keyring; rc = [%d]\n", rc);
++			goto out;
+ 		}
+ 	}
  	if ((rc = ecryptfs_add_passphrase_key_to_keyring(auth_tok_sig,
  							 decrypted_passphrase,
--							 salt))) {
++							 salt)) != 0) {
  		syslog(LOG_ERR, "Error attempting to add passphrase key to "
  		       "user session keyring; rc = [%d]\n", rc);
--	}
++	} else
++		rc = 0;
  out:
  	return rc;
+ }
@@ -744,10 +658,13 @@
  	rc = add_key("user", auth_tok_sig, (void *)auth_tok,
  		     (sizeof(struct ecryptfs_auth_tok) + blob_size),
  		     KEY_SPEC_USER_KEYRING);
--	if (rc < 0)
++	if (rc < 0) {
++		rc = -errno;
  		syslog(LOG_ERR, "Error adding key with sig [%s]; rc ="
  		       " [%d]\n", auth_tok_sig, rc);
--	else rc = 0;
++		if (rc == -EDQUOT)
++			syslog(LOG_WARNING, "Error adding key to keyring - keyring is full\n");
++	} else rc = 0;
  out:
  	if (auth_tok != NULL) {
  		memset(auth_tok, 0, (sizeof(struct ecryptfs_auth_tok) + blob_size));
@@ -765,14 +682,14 @@
  	memset(&nvp_list_head, 0, sizeof(struct ecryptfs_name_val_pair));
  	rc = ecryptfs_parse_rc_file(&nvp_list_head);
  	if (rc) {
--		if (rc != -EIO) {
++		if (rc != -ENOENT) {
  			syslog(LOG_WARNING,
  				"Error attempting to parse .ecryptfsrc file; "
  				"rc = [%d]", rc);
+ 		}
  		goto out;
+ 	}
--	nvp = &nvp_list_head;
++	nvp = nvp_list_head.next;
  	while (nvp) {
  		if (strcmp(nvp->name, "salt") == 0) {
  			int valsize;
@@ -780,7 +697,7 @@
  			if (!nvp->value)
  				goto next_iteration;
  			valsize = strlen(nvp->value);
--			if (valsize != ECRYPTFS_SALT_SIZE_HEX);
++			if (valsize != ECRYPTFS_SALT_SIZE_HEX)
  				goto next_iteration;
  			memcpy(salt_hex, nvp->value, ECRYPTFS_SALT_SIZE_HEX);
  			goto out_free;
@@ -917,7 +834,8 @@
  	ecryptfs_enable_echo(&current_settings);
  	p = strrchr(passphrase, '\n');
  	if (p) *p = '\0';
--	printf("\n");
++	if (prompt != NULL)
++		printf("\n");
  	if (strlen(passphrase) > ECRYPTFS_MAX_PASSWORD_LENGTH) {
  		fprintf(stderr,"Passphrase is too long. Use at most %u "
  			       "characters long passphrase.\n",
@@ -927,3 +845,23 @@
+ 	}
  	return passphrase;
+ }
++
++char *ecryptfs_get_wrapped_passphrase_filename() {
++	struct passwd *pwd = NULL;
++	struct stat s;
++	char *filename = NULL;
++	if ((pwd = getpwuid(getuid())) == NULL) {
++		perror("getpwuid");
++		return NULL;
++	}
++	if ((asprintf(&filename,
++	    "%s/.ecryptfs/wrapped-passphrase", pwd->pw_dir) < 0)) {
++		perror("asprintf");
++		return NULL;
++	}
++	if (stat(filename, &s) != 0) {
++		perror("stat");
++		return NULL;
++	}
++	return filename;
++}
 === modified file 'src/libecryptfs/libecryptfs.pc.in'
 --- src/libecryptfs/libecryptfs.pc.in	2009-02-03 08:50:36 +0000
 +++ src/libecryptfs/libecryptfs.pc.in	2010-02-17 20:48:19 +0000
@@ -6,5 +6,5 @@
  Name: libecryptfs
  Description: eCryptfs library
  Version: @PACKAGE_VERSION@
--Cflags: -I${includedir} @LIBGCRYPT_CFLAGS@ @KEYUTILS_CFLAGS@
--Libs: @LIBGCRYPT_LIBS@ @KEYUTILS_LIBS@ -L${libdir} -lecryptfs
++Cflags: -I${includedir} @KEYUTILS_CFLAGS@
++Libs: @KEYUTILS_LIBS@ -L${libdir} -lecryptfs
 === modified file 'src/libecryptfs/main.c'
 --- src/libecryptfs/main.c	2009-02-09 15:33:25 +0000
 +++ src/libecryptfs/main.c	2010-02-17 20:48:19 +0000
@@ -21,12 +21,8 @@
  #include "config.h"
  #include <errno.h>
--#ifdef ENABLE_NSS
  #include <nss.h>
  #include <pk11func.h>
--#else
--#include <gcrypt.h>
--#endif /* #ifdef ENABLE_NSS */
  #include <mntent.h>
  #ifndef S_SPLINT_S
  #include <stdio.h>
@@ -37,9 +33,10 @@
  #include <signal.h>
  #include <sys/mount.h>
  #include <getopt.h>
++#include <sys/types.h>
  #include <keyutils.h>
--#include <sys/types.h>
  #include <sys/ipc.h>
++#include <sys/param.h>
  #include <sys/shm.h>
  #include <sys/sem.h>
  #include "../include/ecryptfs.h"
@@ -77,16 +74,8 @@
  int do_hash(char *src, int src_size, char *dst, int algo)
+ {
--#ifdef ENABLE_NSS
  	SECStatus err;
--#else
--	gcry_md_hd_t hd;
--	gcry_error_t err = 0;
--	unsigned char * hash;
--	unsigned int mdlen;
--#endif /* #ifdef ENABLE_NSS */
--#ifdef ENABLE_NSS
  	NSS_NoDB_Init(NULL);
  	err = PK11_HashBuf(algo, (unsigned char *)dst, (unsigned char *)src,
  			   src_size);
@@ -97,23 +86,115 @@
  		err = -EINVAL;
  		goto out;
+ 	}
--#else
--	err = gcry_md_open(&hd, algo, 0);
--	mdlen = gcry_md_get_algo_dlen(algo);
--	if (err) {
--		syslog(LOG_ERR, "Failed to open hash algo [%d]: "
--		       "[%d]\n", algo, err);
--		goto out;
--	}
--	gcry_md_write(hd, src, src_size);
--	hash = gcry_md_read(hd, algo);
--	memcpy(dst, hash, mdlen);
--	gcry_md_close(hd);
--#endif /* #ifdef ENABLE_NSS */
  out:
  	return (int)err;
+ }
++/* Read ecryptfs private mount from file
++ * Allocate and return a string
++ */
++char *ecryptfs_fetch_private_mnt(char *pw_dir) {
++	char *mnt_file = NULL;
++	char *mnt_default = NULL;
++	char *mnt = NULL;
++	FILE *fh = NULL;
++	/* Construct mnt file name */
++	if (asprintf(&mnt_default, "%s/%s", pw_dir, ECRYPTFS_PRIVATE_DIR) < 0
++			|| mnt_default == NULL) {
++		perror("asprintf");
++		return NULL;
++	}
++	if (
++			asprintf(&mnt_file, "%s/.ecryptfs/%s.mnt", pw_dir, ECRYPTFS_PRIVATE_DIR) < 0
++			|| mnt_file == NULL) {
++		perror("asprintf");
++		return NULL;
++	}
++	fh = fopen(mnt_file, "r");
++	if (fh == NULL) {
++		mnt = mnt_default;
++	} else {
++		flockfile(fh);
++		if ((mnt = (char *)malloc(MAXPATHLEN+1)) == NULL) {
++			perror("malloc");
++			return NULL;
++		}
++		if (fgets(mnt, MAXPATHLEN, fh) == NULL) {
++			mnt = mnt_default;
++		} else {
++			/* Ensure that mnt doesn't contain newlines */
++			mnt = strtok(mnt, "\n");
++		}
++		fclose(fh);
++	}
++	if (mnt_file != NULL)
++		free(mnt_file);
++	if (mnt_default != NULL && mnt != mnt_default)
++		free(mnt_default);
++	return mnt;
++}
++
++
++/* Check if an ecryptfs private device or mount point is mounted.
++ * Return 1 if a filesystem in mtab matches dev && mnt && sig.
++ * Return 0 otherwise.
++ */
++int ecryptfs_private_is_mounted(char *dev, char *mnt, char *sig, int mounting) {
++	FILE *fh = NULL;
++	struct mntent *m = NULL;
++	char *opt = NULL;
++	int mounted;
++	if (asprintf(&opt, "ecryptfs_sig=%s", sig) < 0) {
++		perror("asprintf");
++		return 0;
++	}
++	fh = setmntent("/proc/mounts", "r");
++	if (fh == NULL) {
++		perror("setmntent");
++		return 0;
++	}
++	mounted = 0;
++	flockfile(fh);
++	while ((m = getmntent(fh)) != NULL) {
++		if (strcmp(m->mnt_type, "ecryptfs") != 0)
++			/* Skip if this entry is not an ecryptfs mount */
++			continue;
++		if (mounting == 1) {
++			/* If mounting, return "already mounted" if EITHER the
++ 			 * dev or the mnt dir shows up in mtab/mounts;
++ 			 * regardless of the signature of such mounts;
++ 			 */
++			if (dev != NULL && strcmp(m->mnt_fsname, dev) == 0) {
++				mounted = 1;
++				break;
++			}
++			if (mnt != NULL && strcmp(m->mnt_dir, mnt) == 0) {
++				mounted = 1;
++				break;
++			}
++		} else {
++			/* Otherwise, we're unmounting, and we need to be
++			 * very conservative in finding a perfect match
++			 * to unmount.  The device, mountpoint, and signature
++			 * must *all* match perfectly.
++			 */
++			if (
++			    strcmp(m->mnt_fsname, dev) == 0 &&
++			    strcmp(m->mnt_dir, mnt) == 0 &&
++			    hasmntopt(m, opt) != NULL
++			) {
++				mounted = 1;
++				break;
++			}
++		}
++	}
++	endmntent(fh);
++	if (opt != NULL)
++		free(opt);
++	return mounted;
++}
++
++
  /**
   * TODO: We need to support more hash algs
   * @fekek: ECRYPTFS_MAX_KEY_BYTES bytes of allocated memory
@@ -133,11 +214,7 @@
  	char salt_and_passphrase[ECRYPTFS_MAX_PASSPHRASE_BYTES
  				 + ECRYPTFS_SALT_SIZE];
  	int passphrase_size;
--#ifdef ENABLE_NSS
  	int alg = SEC_OID_SHA512;
--#else
--	int alg = GCRY_MD_SHA512;
--#endif /* #ifdef ENABLE_NSS */
  	int dig_len = SHA512_DIGEST_LENGTH;
  	char buf[SHA512_DIGEST_LENGTH];
  	int hash_iterations = ECRYPTFS_DEFAULT_NUM_HASH_ITERATIONS;
@@ -890,3 +967,4 @@
+ {
  	return &ctx_ops;
+ }
++
 === modified file 'src/libecryptfs/module_mgr.c'
 --- src/libecryptfs/module_mgr.c	2009-04-21 17:59:16 +0000
 +++ src/libecryptfs/module_mgr.c	2010-02-17 20:48:19 +0000
@@ -97,15 +97,20 @@
  		.trans_func = sig_param_node_callback}}
  };
--/* returns: 1 for str=="yes" or "y", 0 for "no" or "n", -1 elsewhere */
--static int is_yes(const char *str)
++/* returns:
++ * 	on_null for str == NULL
++ *	1 for str=="yes" or "y"
++ *	0 for str=="no" or "n"
++ *	-1 elsewhere */
++static int is_yes(const char *str, int on_null)
+ {
  	if (str) {
  		if (!strcmp(str,"y") || !strcmp(str,"yes"))
  			return 1;
  		if (!strcmp(str,"no") || !strcmp(str,"n"))
  			return 0;
--	}
++	} else
++		return on_null;
  	return -1;
+ }
@@ -120,7 +125,7 @@
+ {
  	int rc;
--	if (((rc=is_yes(node->val)) == 1) || (node->flags & PARAMETER_SET)) {
++	if (((rc=is_yes(node->val, 0)) == 1) || (node->flags & PARAMETER_SET)) {
  		rc = stack_push(head, opt_name);
  	} else if (rc == -1)
  		rc = WRONG_VALUE;
@@ -207,7 +212,7 @@
  static struct param_node filename_crypto_fnek_sig_param_node = {
  	.num_mnt_opt_names = 1,
  	.mnt_opt_names = {"ecryptfs_fnek_sig"},
--	.prompt = "Filname Encryption Key (FNEK) Signature",
++	.prompt = "Filename Encryption Key (FNEK) Signature",
  	.val_type = VAL_STR,
  	.val = NULL,
  	.display_opts = NULL,
@@ -227,7 +232,7 @@
+ {
  	int yn, rc = 0;
--	if (((yn=is_yes(node->val)) > 0)
++	if (((yn=is_yes(node->val, 0)) > 0)
  	    || (node->flags & PARAMETER_SET)) {
  		int i;
  		struct val_node *val_node;
@@ -407,6 +412,7 @@
  	{"twofish", 32, 2},
  	{"blowfish", 16, 1},
  	{"blowfish", 32, 2},
++	{"blowfish", 56, 2},
  	{"khazad", 16, 1},
  	{"arc4", 16, 1},
  	{"arc4", 32, 2},
@@ -432,15 +438,18 @@
  	return rc;
+ }
--static int init_ecryptfs_key_bytes_param_node(char *cipher_name)
++static int init_ecryptfs_key_bytes_param_node(char *cipher_name,
++					      int min, int max)
+ {
  	int i;
  	int rc = 0;
  	i = 0;
  	while (supported_key_bytes[i].cipher_name) {
--		if (strcmp(cipher_name, supported_key_bytes[i].cipher_name)
--		    == 0) {
++		if ((supported_key_bytes[i].key_bytes >= min) &&
++		    (supported_key_bytes[i].key_bytes <= max) &&
++		    (strcmp(cipher_name, supported_key_bytes[i].cipher_name)
++		      == 0)) {
  			struct transition_node *tn;
  			tn = &ecryptfs_key_bytes_param_node.tl[
@@ -468,6 +477,11 @@
+ 		}
  		i++;
+ 	}
++	if (ecryptfs_key_bytes_param_node.num_transitions == 0) {
++		syslog(LOG_ERR, "Error initializing key_bytes selection: "
++		       "there is no posibility left for used params\n");
++		return -EINVAL;
++	}
  out:
  	return rc;
+ }
@@ -477,8 +491,40 @@
+ {
  	char *opt;
  	int rc;
--
--	rc = init_ecryptfs_key_bytes_param_node(node->val);
++	int min = 0, max = 999999;
++	struct val_node *tmp = *head, *tmpprev = NULL;
++
++	while (tmp) {
++		char *ptr;
++		int popval = 0;
++		if (tmp->val && (strstr(tmp->val,"max_key_bytes=") != NULL) &&
++		    ((ptr=strchr(tmp->val,'=')) != NULL)) {
++			char *eptr;
++			max = strtol(++ptr, &eptr, 10);
++			if (eptr == ptr)
++				return -EINVAL;
++			popval = 1;
++		}
++		if (tmp->val && (strstr(tmp->val,"min_key_bytes=") != NULL) &&
++		    ((ptr=strchr(tmp->val,'=')) != NULL)) {
++			char *eptr;
++			min = strtol(++ptr, &eptr, 10);
++			if (eptr == ptr)
++				return -EINVAL;
++			popval = 1;
++		}
++		if (popval) {
++			if (tmp == *head)
++				*head = (*head)->next;
++			stack_pop(&tmp);
++			if (tmpprev != NULL)
++				tmpprev->next = tmp;
++		}
++		tmpprev = tmp;
++		tmp = tmp->next;
++	}
++
++	rc = init_ecryptfs_key_bytes_param_node(node->val, min, max);
  	if (rc) {
  		syslog(LOG_ERR, "%s: Error initializing key_bytes param node; "
  		       "rc = [%d]\n", __FUNCTION__, rc);
 === modified file 'src/pam_ecryptfs/Makefile.am'
 --- src/pam_ecryptfs/Makefile.am	2009-02-03 08:50:36 +0000
 +++ src/pam_ecryptfs/Makefile.am	2010-02-17 20:48:19 +0000
@@ -12,6 +12,6 @@
  endif
  pam_ecryptfs_la_SOURCES = pam_ecryptfs.c
--pam_ecryptfs_la_CFLAGS = $(AM_CFLAGS) $(LIBGCRYPT_CFLAGS)
--pam_ecryptfs_la_LIBADD = $(top_builddir)/src/libecryptfs/libecryptfs.la $(PAM_LIBS) $(LIBGCRYPT_LIBS)
++pam_ecryptfs_la_CFLAGS = $(AM_CFLAGS)
++pam_ecryptfs_la_LIBADD = $(top_builddir)/src/libecryptfs/libecryptfs.la $(PAM_LIBS)
  pam_ecryptfs_la_LDFLAGS = $(AM_LDFLAGS) -module -avoid-version -shared
 === modified file 'src/pam_ecryptfs/pam_ecryptfs.c'
 --- src/pam_ecryptfs/pam_ecryptfs.c	2009-04-21 23:20:27 +0000
 +++ src/pam_ecryptfs/pam_ecryptfs.c	2010-02-17 20:48:23 +0000
@@ -1,4 +1,5 @@
--/**
++/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*-
++ *
   * pam_ecryptfs.c: PAM module that sends the user's authentication
   * tokens into the kernel keyring.
+  *
@@ -73,30 +74,48 @@
  	char *file_path;
  	int rc = 0;
  	struct stat s;
--	if (asprintf(
--		&file_path, "%s/.ecryptfs/%s",
--		homedir,
--		ECRYPTFS_DEFAULT_WRAPPED_PASSPHRASE_FILENAME) == -1)
--		return -ENOMEM;
--	if (stat(file_path, &s) != 0) {
--		if (errno != ENOENT)
--			rc = -errno;
--		goto out;
--	}
--	free(file_path);
  	if (asprintf(&file_path, "%s/.ecryptfs/auto-mount", homedir) == -1)
  		return -ENOMEM;
  	if (stat(file_path, &s) != 0) {
  		if (errno != ENOENT)
  			rc = -errno;
  		goto out;
--	}
++	}
  	rc = 1;
  out:
  	free(file_path);
  	return rc;
+ }
++static int wrap_passphrase_if_necessary(char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt)
++{
++	char *unwrapped_pw_filename = NULL;
++	struct stat s;
++	int rc = 0;
++
++	rc = asprintf(&unwrapped_pw_filename, "/dev/shm/.ecryptfs-%s", username);
++	if (rc == -1) {
++		syslog(LOG_ERR, "Unable to allocate memory\n");
++		return -ENOMEM;
++	}
++	/* If /dev/shm/.ecryptfs-$USER exists and owned by the user
++	   and ~/.ecryptfs/wrapped-passphrase does not exist
++	   and a passphrase is set:
++	   wrap the unwrapped passphrase file */
++	if (stat(unwrapped_pw_filename, &s) == 0 && (s.st_uid == uid) &&
++	    stat(wrapped_pw_filename, &s) != 0  &&
++	    passphrase != NULL && *passphrase != '\0' &&
++	    username != NULL && *username != '\0') {
++		setuid(uid);
++		rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename);
++		if (rc != 0) {
++			syslog(LOG_ERR, "Error wrapping cleartext password; " "rc = [%d]\n", rc);
++		}
++		return rc;
++	}
++	return 0;
++}
++
  PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
  				   const char **argv)
+ {
@@ -108,8 +127,10 @@
  	char salt[ECRYPTFS_SALT_SIZE];
  	char salt_hex[ECRYPTFS_SALT_SIZE_HEX];
  	char *auth_tok_sig;
++	char *private_mnt = NULL;
  	pid_t child_pid, tmp_pid;
  	long rc;
++	uint32_t version;
  	syslog(LOG_INFO, "%s: Called\n", __FUNCTION__);
  	rc = pam_get_user(pamh, &username, NULL);
@@ -130,6 +151,18 @@
+ 	}
  	if (!ecryptfs_pam_automount_set(homedir))
  		goto out;
++	private_mnt = ecryptfs_fetch_private_mnt(homedir);
++	if (ecryptfs_private_is_mounted(NULL, private_mnt, NULL, 1)) {
++		syslog(LOG_INFO, "%s: %s is already mounted\n", __FUNCTION__,
++			homedir);
++		/* If private/home is already mounted, then we can skip
++		   costly loading of keys */
++		goto out;
++	}
++	/* we need side effect of this check:
++	   load ecryptfs module if not loaded already */
++	if (ecryptfs_get_version(&version) != 0)
++		syslog(LOG_WARNING, "Can't check if kernel supports ecryptfs\n");
  	saved_uid = geteuid();
  	seteuid(uid);
  	rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&passphrase);
@@ -147,7 +180,6 @@
+ 	}
  	rc = ecryptfs_read_salt_hex_from_rc(salt_hex);
  	if (rc) {
--		syslog(LOG_WARNING, "%s\n", ECRYPTFS_WARN_DEFAULT_SALT);
  		from_hex(salt, ECRYPTFS_DEFAULT_SALT_HEX, ECRYPTFS_SALT_SIZE);
  	} else
  		from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE);
@@ -166,7 +198,9 @@
  		if ((argc == 1)
  		    && (memcmp(argv[0], "unwrap\0", 7) == 0)) {
  			char *wrapped_pw_filename;
--
++			char *unwrapped_pw_filename;
++			struct stat s;
++
  			rc = asprintf(
  				&wrapped_pw_filename, "%s/.ecryptfs/%s",
  				homedir,
@@ -176,6 +210,11 @@
  				rc = -ENOMEM;
  				goto out_child;
+ 			}
++			if (wrap_passphrase_if_necessary(username, uid, wrapped_pw_filename, passphrase, salt) == 0) {
++				syslog(LOG_INFO, "Passphrase file wrapped");
++			} else {
++				goto out_child;
++			}
  			rc = ecryptfs_insert_wrapped_passphrase_into_keyring(
  				auth_tok_sig, wrapped_pw_filename, passphrase,
  				salt);
@@ -185,9 +224,6 @@
  				auth_tok_sig, passphrase, salt);
+ 		}
  		if (rc == 1) {
--			syslog(LOG_WARNING, "There is already a key in the "
--			       "user session keyring for the given "
--			       "passphrase.\n");
  			goto out_child;
+ 		}
  		if (rc) {
@@ -198,8 +234,8 @@
  		if (fork() == 0) {
  			if ((rc = ecryptfs_set_zombie_session_placeholder())) {
  				syslog(LOG_ERR, "Error attempting to create "
--				       "and register zombie process; "
--				       "rc = [%ld]\n", rc);
++						"and register zombie process; "
++						"rc = [%ld]\n", rc);
+ 			}
+ 		}
  out_child:
@@ -211,6 +247,8 @@
  		syslog(LOG_WARNING,
  		       "waitpid() returned with error condition\n");
  out:
++	if (private_mnt != NULL)
++		free(private_mnt);
  	return PAM_SUCCESS;
+ }
@@ -272,7 +310,7 @@
  		return 1;
+         }
          if (
--	    (asprintf(&sigfile, "%s/.ecryptfs/%s.sig", pwd->pw_dir,
++	    (asprintf(&sigfile, "%s/.ecryptfs/%s.sig", pwd->pw_dir,
  	     PRIVATE_DIR) < 0) || sigfile == NULL) {
  		syslog(LOG_ERR, "Error allocating memory for sigfile name");
  		return 1;
@@ -288,7 +326,7 @@
  	if ((pid = fork()) < 0) {
  		syslog(LOG_ERR, "Error setting up private mount");
  		return 1;
--	}
++	}
  	if (pid == 0) {
  		if (mount == 1) {
  		        if ((asprintf(&recorded,
@@ -313,7 +351,7 @@
+ 			}
  			/* run mount.ecryptfs_private as the user */
  			setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid);
--			execl("/sbin/mount.ecryptfs_private",
++			execl("/sbin/mount.ecryptfs_private",
  			      "mount.ecryptfs_private", NULL);
  		} else {
  			if (stat(autofile, &s) != 0) {
@@ -324,14 +362,12 @@
+ 			}
  			/* run umount.ecryptfs_private as the user */
  			setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid);
--			execl("/sbin/umount.ecryptfs_private",
++			execl("/sbin/umount.ecryptfs_private",
   			      "umount.ecryptfs_private", NULL);
+ 		}
  		return 1;
  	} else {
  		waitpid(pid, &rc, 0);
--		syslog(LOG_INFO,
--		       "Mount of private directory return code [%d]", rc);
  		goto out;
+ 	}
  out:
@@ -374,12 +410,10 @@
  	char *old_passphrase = NULL;
  	char *new_passphrase = NULL;
  	char *wrapped_pw_filename;
--	char *unwrapped_pw_filename;
  	char *name = NULL;
  	char salt[ECRYPTFS_SALT_SIZE];
  	char salt_hex[ECRYPTFS_SALT_SIZE_HEX];
  	pid_t child_pid, tmp_pid;
--	struct stat s;
  	int rc = PAM_SUCCESS;
  	rc = pam_get_user(pamh, &username, NULL);
@@ -434,36 +468,17 @@
  		rc = -ENOMEM;
  		goto out;
+ 	}
--	rc = asprintf(&unwrapped_pw_filename, "/dev/shm/.ecryptfs-%s", name);
--	if (rc == -1) {
--		syslog(LOG_ERR, "Unable to allocate memory\n");
--		rc = -ENOMEM;
--		goto out;
--	}
  	if ((rc = ecryptfs_read_salt_hex_from_rc(salt_hex))) {
--		syslog(LOG_WARNING, "%s\n", ECRYPTFS_WARN_DEFAULT_SALT);
  		from_hex(salt, ECRYPTFS_DEFAULT_SALT_HEX, ECRYPTFS_SALT_SIZE);
  	} else {
  		from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE);
+ 	}
--	/* If /dev/shm/.ecryptfs-$USER exists and owned by the user
--	   and ~/.ecryptfs/wrapped-passphrase does not exist
--	   and a new_passphrase is set:
--	   wrap the unwrapped passphrase file */
--	if (stat(unwrapped_pw_filename, &s) == 0 && (s.st_uid == uid) &&
--	    stat(wrapped_pw_filename, &s) != 0  &&
--	    new_passphrase != NULL && *new_passphrase != '\0' &&
--	    name != NULL && *name != '\0') {
--		setuid(uid);
--		rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename,
--			new_passphrase, salt, unwrapped_pw_filename);
--		if (rc != 0) {
--			syslog(LOG_ERR,
--			  "Error wrapping cleartext password; "
--	       		  "rc = [%d]\n", rc);
--		}
++	if (wrap_passphrase_if_necessary(username, uid, wrapped_pw_filename, new_passphrase, salt) == 0) {
++		syslog(LOG_INFO, "Passphrase file wrapped");
++	} else {
  		goto out;
+ 	}
++
  	seteuid(saved_uid);
  	if (!old_passphrase || !new_passphrase || *new_passphrase == '\0') {
  		syslog(LOG_WARNING, "eCryptfs PAM passphrase change module "
 === added directory 'src/python'
 === added file 'src/python/__init__.py'
 === added file 'src/python/ecryptfsapi.py'
 --- src/python/ecryptfsapi.py	1970-01-01 00:00:00 +0000
 +++ src/python/ecryptfsapi.py	2010-02-17 20:48:23 +0000
@@ -0,0 +1,82 @@
++#!/usr/bin/env python
++#
++#    ecryptfsapi.py, Copyright 2008, 2009 Michael Rooney <mrooney@ubuntu.com>
++#    Date: 2009-05-28
++#    Version: 0.4
++#
++#    This is a python API for interacting with ecryptfs-utils and its
++#    encrypted directories.
++#
++#    This program is free software: you can redistribute it and/or modify
++#    it under the terms of the GNU General Public License as published by
++#    the Free Software Foundation, either version 3 of the License, or
++#    (at your option) any later version.
++#
++#    This program is distributed in the hope that it will be useful,
++#    but WITHOUT ANY WARRANTY; without even the implied warranty of
++#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++#    GNU General Public License for more details.
++#
++#    You should have received a copy of the GNU General Public License
++#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++
++import commands, os
++
++AUTOMOUNT_FILE = os.path.expanduser("~/.ecryptfs/auto-mount")
++AUTOUMOUNT_FILE = os.path.expanduser("~/.ecryptfs/auto-umount")
++PRIVATE_LOCATION_FILE = os.path.expanduser("~/.ecryptfs/Private.mnt")
++PRIVATE_LOCATION = os.path.exists(PRIVATE_LOCATION_FILE) and open(PRIVATE_LOCATION_FILE).read().strip()
++
++def set_automount(doAuto):
++    """Enable or disable automounting for this user."""
++    if doAuto:
++        command = "touch %s" % AUTOMOUNT_FILE
++        #open(AUTOMOUNT_FILE, "w")
++    else:
++        command = "rm %s" % AUTOMOUNT_FILE
++        #os.remove(AUTOMOUNT_FILE)
++
++    return commands.getstatusoutput(command)
++
++def get_automount():
++    """Return whether or not automounting is enabled for this user."""
++    return os.path.exists(AUTOMOUNT_FILE)
++
++def set_autounmount(doAuto):
++    """Enable or disable automounting for this user."""
++    if doAuto:
++        command = "touch %s" % AUTOUMOUNT_FILE
++    else:
++        command = "rm %s" % AUTOUMOUNT_FILE
++
++    return commands.getstatusoutput(command)
++
++def get_autounmount():
++    """Return whether or not autounmounting is enabled for this user."""
++    return os.path.exists(AUTOUMOUNT_FILE)
++
++def set_mounted(doMount):
++    """Set the mounted (unencrypted) state of ~/Private."""
++    if doMount:
++        command = "/sbin/mount.ecryptfs_private"
++    else:
++        command = "/sbin/umount.ecryptfs_private"
++
++    return commands.getstatusoutput(command)
++
++def get_mounted():
++    """Return whether or not ~/Private is mounted (unencrypted)."""
++    if PRIVATE_LOCATION:
++        mounts = open("/proc/mounts").read()
++        return PRIVATE_LOCATION in mounts
++    else:
++        return False
++
++def needs_setup():
++    """
++    Return whether or not an encrypted directory has been set up by ecryptfs
++    for this user, either Home or Private.
++    """
++    encryptedHome = False #TODO: implement
++    encryptedPrivate = PRIVATE_LOCATION
++    return not (encryptedHome or encryptedPrivate)
 === modified file 'src/utils/Makefile.am'
 --- src/utils/Makefile.am	2009-04-21 23:36:43 +0000
 +++ src/utils/Makefile.am	2010-02-17 20:48:23 +0000
@@ -1,6 +1,6 @@
  MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
--EXTRA_DIST=ecryptfsrc ecryptfs-rewrite-file ecryptfs-setup-private ecryptfs-setup-swap ecryptfs-mount-private ecryptfs-umount-private ecryptfs-dot-private
++EXTRA_DIST=ecryptfsrc ecryptfs-rewrite-file ecryptfs-setup-private ecryptfs-setup-swap ecryptfs-mount-private ecryptfs-umount-private ecryptfs-migrate-home
  rootsbin_PROGRAMS=mount.ecryptfs \
  		  umount.ecryptfs \
@@ -16,7 +16,8 @@
  	      ecryptfs-mount-private \
  	      ecryptfs-umount-private \
  	      ecryptfs-rewrite-file \
--	      ecryptfs-dot-private
++	      ecryptfs-migrate-home
++bin2dir = $(bindir)
  noinst_PROGRAMS=test
@@ -55,7 +56,7 @@
  ecryptfs_generate_tpm_key_LDADD = $(TSPI_LIBS)
  mount_ecryptfs_private_SOURCES = mount.ecryptfs_private.c
--mount_ecryptfs_private_LDADD = $(KEYUTILS_LIBS)
++mount_ecryptfs_private_LDADD = $(top_builddir)/src/libecryptfs/libecryptfs.la $(KEYUTILS_LIBS)
  ecryptfs_stat_SOURCES = ecryptfs-stat.c
  ecryptfs_stat_LDADD = $(top_builddir)/src/libecryptfs/libecryptfs.la
 === removed file 'src/utils/ecryptfs-dot-private'
 --- src/utils/ecryptfs-dot-private	2009-04-08 22:36:45 +0000
 +++ src/utils/ecryptfs-dot-private	1970-01-01 00:00:00 +0000
@@ -1,34 +0,0 @@
--#!/bin/sh -e
--#
--#    ecryptfs-dot-private
--#    Copyright (C) 2009 Canonical Ltd.
--#
--#    Authors: Dustin Kirkland <kirkland@canonical.com>
--#
--#    This program is free software: you can redistribute it and/or modify
--#    it under the terms of the GNU General Public License as published by
--#    the Free Software Foundation, version 2 of the License.
--#
--#    This program is distributed in the hope that it will be useful,
--#    but WITHOUT ANY WARRANTY; without even the implied warranty of
--#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--#    GNU General Public License for more details.
--#
--#    You should have received a copy of the GNU General Public License
--
--if echo "$0" | grep -qs "ecryptfs"; then
--	echo "ERROR: This file must be sourced, rather than executed:"
--	echo
--	echo "  . $0"
--	echo
--	exit 1
--fi
--
--# Hacky, umount.ecryptfs_private should be taught to exit 1 on
--# unsuccessful unmount, must check who else depends on this exit code.
--if /sbin/umount.ecryptfs_private | grep -v "Sessions still open"; then
--	cd "$HOME"/.Private
--else
--	echo "ERROR: Unable to access .Private, please close some sessions"
--fi
--/sbin/mount.ecryptfs_private
 === added file 'src/utils/ecryptfs-migrate-home'
 --- src/utils/ecryptfs-migrate-home	1970-01-01 00:00:00 +0000
 +++ src/utils/ecryptfs-migrate-home	2010-02-17 20:48:23 +0000
@@ -0,0 +1,195 @@
++#!/bin/sh
++# -*- sh-basic-offset: 4; sh-indentation: 4; tab-width: 4; indent-tabs-mode: t; sh-indent-comment: t; -*-
++# This script encrypts an user's home
++#
++# Written by Yan Li <yan.i.li@intel.com>, <yanli@gnome.org>
++# Copyright (C) 2010 Intel Corporation
++#
++# Modified by Dustin Kirkland <kirkland@canonical.com>
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License as
++# published by the Free Software Foundation; either version 2 of the
++# License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful, but
++# WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++# General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
++# 02111-1307, USA.
++
++set -e
++
++PRIVATE_DIR="Private"
++
++usage() {
++       echo "
++Usage:
++
++$0 -u USER
++
++ -u,--user       Migrate USER's home directory to an encrypted home directory
++
++WARNING: Make a complete backup copy of the non-encrypted data to
++another system or external media. This script is dangerous and, in
++case of an error, could result in data lost, or lock you out of your
++system!
++
++This program must be executed by root.
++
++"
++	exit 1
++}
++
++error() {
++	echo "$(gettext 'ERROR: ')" "$@" 1>&2
++	exit 1
++}
++
++warning() {
++	echo "$(gettext 'WARNING: ')" "$@" 1>&2
++}
++
++info() {
++	echo "$(gettext 'INFO: ')" "$@" 1>&2
++}
++
++assert_dir_empty() {
++	local DIR="$1"
++	if [ -e "$DIR" ]; then
++		# if $DIR is a directory, make sure it's empty
++		if [ -d "$DIR" ]; then
++			ls=$(ls -A "$DIR" | wc -l)
++			if [ "$ls" != "0" ]; then
++				echo 1>&2 "If you already have some data in directory $DIR,"
++				echo 1>&2 "please move all of these files and directories out of the way, and"
++				echo 1>&2 "follow the instructions in:"
++				echo 1>&2 "    ecryptfs-setup-private --undo"
++				echo 1>&2
++				error "$DIR is not empty, cannot continue."
++			fi
++		else
++			error "$DIR exists but is not an empty directory, cannot continue."
++		fi
++	fi
++}
++
++# get user home by username
++get_user_home () {
++	local USER_NAME="$1"
++	local USER_HOME=$(grep "^$USER_NAME:" /etc/passwd | cut -d":" -f 6)
++	if [ -z "$USER_HOME" ]; then
++		error "Cannot find the home directory of $USER_NAME."
++	fi
++	echo "$USER_HOME"
++}
++
++sanity_check () {
++	local USER_NAME="$1"
++	local USER_HOME="$2"
++	if [ -e "$USER_HOME/.ecryptfs" ]; then
++		error "$USER_HOME appears to be encrypted already."
++	fi
++	# Check for rsync
++	if ! which rsync >/dev/null 2>&1; then
++		error "Please install the rsync package."
++	fi
++	# Check free space: make sure we have sufficient disk space
++	# available. To make a full copy, we will need at least 2.5x the
++	# disk usage of the target home directory.
++	info "Checking disk space, this may take a few moments.  Please be patient."
++	needed=$(du -s "$USER_HOME" | awk '{printf "%.0f", $1*2.5}')
++	free=$(df -P "$USER_HOME" | tail -n 1 | awk '{print $4}')
++	if [ $needed -gt $free ]; then
++		info "2.5x the size your current home directory is required to perform a migration."
++		info "Once the migration succeeds, you may recover most of this space by deleting the cleartext directory."
++		error "Not enough free disk space."
++	fi
++	assert_dir_empty "$USER_HOME/.$PRIVATE_DIR"
++	assert_dir_empty "$USER_HOME/.ecryptfs"
++	assert_dir_empty "/home/.ecryptfs/$USER_NAME"
++}
++
++encrypt_dir () {
++	local USER_NAME="$1"
++	local USER_HOME="$2"
++	if ! which lsof >/dev/null 2>&1; then
++		info "Please install lsof."
++		error "Can not tell whether $USER_HOME is in use or not."
++	fi
++	info "Checking for open files in $USER_HOME"
++	lsof=$(lsof +D "$USER_HOME" | wc -l)
++	if [ "$lsof" != "0" ]; then
++		info "The following files are in use:"
++		echo
++		lsof +D "$USER_HOME" | sed "s/^/    /"
++		echo
++		error "Cannot proceed."
++	fi
++	# start encryption
++	orig=$(mktemp /home/$USER_NAME.XXXXXXXX)
++	rm "$orig" && mv "$USER_HOME" "$orig"
++	chmod 700 "$orig"
++	mkdir -p -m 700 "$USER_HOME"
++	USER_GROUP=$(id -g "$USER_NAME")
++	chown "$USER_NAME:$USER_GROUP" "$USER_HOME" "$orig"
++	ECRYPTFS_SETUP_PRIVATE_ARGS=""
++	if [ -n "$LOGINPASS" ]; then
++		ECRYPTFS_SETUP_PRIVATE_ARGS="-l $LOGINPASS"
++	fi
++	if [ -n "$MOUNTPASS" ]; then
++		ECRYPTFS_SETUP_PRIVATE_ARGS="$ECRYPTFS_SETUP_PRIVATE_ARGS -m $MOUNTPASS"
++	fi
++	if ! ecryptfs-setup-private -u "$USER_NAME" -b $ECRYPTFS_SETUP_PRIVATE_ARGS; then
++		# too bad, something went wrong, we'll try to recover
++		rm -rf "$USER_HOME"
++		mv "$orig" "$USER_HOME"
++		exit 1
++	fi
++	info "Encrypted home has been set up, encrypting files now...this may take a while."
++	rsync -a "$orig/" "$USER_HOME/"
++	umount "$USER_HOME/"
++	echo
++	info "======================================================================"
++	info "The file encryption appears to have completed successfully, however,"
++	info "$USER_NAME MUST LOGIN IMMEDIATELY (BEFORE THE NEXT REBOOT) TO COMPLETE THE MIGRATION!!!"
++	info "======================================================================"
++	echo
++	info "If $USER_NAME can log in and read and write their files, then the migration is complete, and you should remove $orig."
++	echo
++	info "Otherwise, remove $USER_HOME and move $orig back to $USER_HOME."
++	echo
++}
++
++DO_ENCRYPT=
++while true; do
++	[ -z "$1" ] && break
++	case "$1" in
++		-u|--user)
++			DO_ENCRYPT=1
++			USER_NAME="$2"
++			shift 2
++		;;
++		*)
++			usage
++		;;
++	esac
++done
++
++if [ "$DO_ENCRYPT" != "1" ]; then
++	usage
++fi
++
++if [ "$(id -u)" != "0" ]; then
++	error "This program must be executed with root privileges"
++fi
++
++if [ "$DO_ENCRYPT" = "1" ]; then
++	USER_HOME=$(get_user_home "$USER_NAME")
++	sanity_check "$USER_NAME" "$USER_HOME"
++	encrypt_dir "$USER_NAME" "$USER_HOME" "$LOGINPASS" "$MOUNTPASS"
++fi
 === modified file 'src/utils/ecryptfs-mount-private'
 --- src/utils/ecryptfs-mount-private	2009-03-20 21:44:01 +0000
 +++ src/utils/ecryptfs-mount-private	2010-02-17 20:48:23 +0000
@@ -15,12 +15,13 @@
  PRIVATE_DIR="Private"
  WRAPPING_PASS="LOGIN"
  PW_ATTEMPTS=3
--MESSAGE="Enter your login passphrase: "
++TEXTDOMAIN="ecryptfs-utils"
++MESSAGE=`gettext "Enter your login passphrase:"`
  if [ -f $HOME/.ecryptfs/wrapping-independent ]; then
  	# use a wrapping passphrase different from the login passphrase
  	WRAPPING_PASS="INDEPENDENT"
--	MESSAGE="Enter your wrapping passphrase: "
++	MESSAGE=`gettext "Enter your wrapping passphrase:"`
  fi
  WRAPPED_PASSPHRASE_FILE="$HOME/.ecryptfs/wrapped-passphrase"
@@ -45,24 +46,24 @@
  		if printf "%s\0" "$LOGINPASS" | ecryptfs-insert-wrapped-passphrase-into-keyring "$WRAPPED_PASSPHRASE_FILE" - ; then
  			break
  		else
--			echo "ERROR: Your passphrase is incorrect"
++			echo `gettext "ERROR:"` `gettext "Your passphrase is incorrect"`
  			tries=$(($tries + 1))
  			continue
  		fi
  	done
  	if [ $tries -ge $PW_ATTEMPTS ]; then
--		echo "ERROR: Too many incorrect password attempts, exiting"
++		echo `gettext "ERROR:"` `gettext "Too many incorrect password attempts, exiting"`
  		exit 1
  	fi
  	/sbin/mount.ecryptfs_private
  else
--	echo "ERROR: Encrypted $PRIVATE_DIR is not setup properly"
++	echo `gettext "ERROR:"` `gettext "Encrypted private directory is not setup properly"`
  	exit 1
  fi
  if grep -qs "$HOME/.Private $PWD ecryptfs " /proc/mounts 2>/dev/null; then
  	echo
--	echo "INFO: Your private directory has been mounted."
--	echo "INFO: To see this change in your current shell:"
++	echo `gettext "INFO:"` `gettext "Your private directory has been mounted."`
++	echo `gettext "INFO:"` `gettext "To see this change in your current shell:"`
  	echo "  cd $PWD"
  	echo
  fi
 === modified file 'src/utils/ecryptfs-rewrite-file'
 --- src/utils/ecryptfs-rewrite-file	2009-03-20 22:11:25 +0000
 +++ src/utils/ecryptfs-rewrite-file	2010-02-17 20:48:23 +0000
@@ -17,45 +17,59 @@
  #    You should have received a copy of the GNU General Public License
  #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++TEXTDOMAIN="ecryptfs-utils"
++
  error() {
--	echo
--	echo "ERROR: $1" 1>&2
++	echo `gettext "[FAILED]"`
++	echo `gettext "ERROR:"` "$1" 1>&2
+ }
  j=0
++OKs=0
  for i in "$@"; do
--	[ "$i" = "." ] && continue
  	j=`expr $j + 1`
--	echo -n "INFO: Rewriting [$j/$#] [$i] ... "
++	echo -n `gettext "INFO:"` `gettext "Rewriting"` "[$j/$#] [$i] ... "
++	if [ ! -e "$i" ] ; then
++		error `gettext "File does not exist"`
++		continue
++	fi
++	if [ "$i" = "." ]; then
++		echo `gettext "[EXCLUDED]"` >&2
++		continue
++	fi
  	opt=
  	if [ -d "$i" -a ! -h "$i" ]; then
  		# A directory, re-encrypt the filename
  		temp1=`mktemp -d "$i".XXXXXXXXXX` || {
--			error "Could not create tempdir"
++			error `gettext "Could not create tempdir"`
  			continue
+ 		}
--		mv -f -T "$i" "$temp1" || {
--			error "Could not rename [$i] to [$temp1]"
++		mv -f -T "$i" "$temp1" 2>/dev/null  || {
++			error `gettext "Could not rename"` "[$i] -> [$temp1]"
  			rmdir "$temp1"
  			continue
+ 		}
--		mv -f "$temp1" "$i"	|| {
--			error "Could not rename [$temp1] to [$i]"
++		mv -f "$temp1" "$i" 2>/dev/null || {
++			error `gettext "Could not rename"` "[$temp1] -> [$i]"
+ 		}
  	else
  		# A file or symlink, re-encrypt the contents
  		temp1=`mktemp "$i".XXXXXXXXXX` || {
--			error "Could not create tempfile"
++			error `gettext "Could not create tempfile"`
  			continue
+ 		}
--		cp -a "$i" "$temp1" || {
--			error "Could not copy [$i] to [$temp1]"
++		cp -a "$i" "$temp1" 2>/dev/null || {
++			error `gettext "Could not copy"` "[$i] -> [$temp1]"
  			rm -f "$temp1"
  			continue
+ 		}
--		mv -f "$temp1" "$i" || {
--			error "Could not rename [$temp1] to [$i]"
++		mv -f "$temp1" "$i" 2>/dev/null || {
++			error `gettext "Could not rename"` "[$temp1] -> [$i]"
++			continue
+ 		}
  	fi
--	echo "[OK]"
++	echo `gettext "[OK]"`
++	OKs=$((OKs+1))
  done
++echo "$OKs/$j" `gettext "rewrites succeeded"`
++[ $OKs -ne $j ] && exit 1
  exit 0
 === modified file 'src/utils/ecryptfs-setup-private'
 --- src/utils/ecryptfs-setup-private	2009-03-24 19:38:23 +0000
 +++ src/utils/ecryptfs-setup-private	2010-02-17 20:48:23 +0000
@@ -8,8 +8,10 @@
  # Copyright (C) 2007-2008 International Business Machines
  PRIVATE_DIR="Private"
  WRAPPING_PASS="LOGIN"
++ECRYPTFS_DIR="/home/.ecryptfs"
  PW_ATTEMPTS=3
--MESSAGE="Enter your login passphrase"
++TEXTDOMAIN="ecryptfs-utils"
++MESSAGE="$(gettext 'Enter your login passphrase')"
  CIPHER="aes"
  KEYBYTES="16"
  FNEK=
@@ -18,42 +20,43 @@
  GREP_OPTIONS=
  usage() {
--	echo
--	echo "Usage:"
--	echo "  $0 [-f|--force] [-w|--wrapping] [--nopwcheck] [-n|--no-fnek]"
--	echo "  [-u|--username USER] [-l|--loginpass LOGINPASS]"
--	echo "  [-m|--mountpass MOUNTPASS]"
--	echo
--	echo " -f, --force      Force overwriting of an existing setup"
--	echo " -w, --wrapping   Use an independent wrapping passphrase,"
--	echo "                  different from the login passphrase"
--	echo " -n, --no-fnek    Do not encrypt filenames; If this flag is"
--	echo "                  omitted, and the kernel supports filename"
--	echo "                  encryption, then filenames will be encrypted"
--	echo " -u, --username   Username for encrypted private mountpoint,"
--	echo "                  defaults to yourself"
--	echo " -l, --loginpass  Login/Wrapping passphrase for USER,"
--	echo "                  used to wrap MOUNTPASS"
--	echo " --nopwcheck      Do not check the validity of the specified"
--	echo "                  login password (useful for LDAP user accounts)"
--	echo " --noautomount    Setup this user such that the encrypted private"
--	echo "                  directory is not automatically mounted on login"
--	echo " --noautoumount   Setup this user such that the encrypted private"
--	echo "                  directory is not automatically unmounted at"
--	echo "                  logout"
--	echo " -m, --mountpass  Passphrase for mounting the ecryptfs directory,"
--	echo "                  defaults to randomly generated $KEYBYTES bytes"
--	echo " -b, --bootstrap  Bootstrap a new user's entire home directory"
--	echo "                  Generates a random mount passphrase, which"
--	echo "			will be wrapped when the new login passphrase"
--	echo "			is set. SHOULD ONLY BE CALLED FROM 'adduser'."
--	echo " --undo           Provide instructions on how to undo an"
--	echo "                  encrypted private setup"
--	echo
--	echo "   Be sure to properly escape your parameters according to your"
--	echo "   shell's special character nuances, and also surround the"
--	echo "   parameters by double quotes, if necessary."
--	echo
++	echo "
++Usage:
++
++$0 [-f|--force] [-w|--wrapping] [--nopwcheck] [-n|--no-fnek]
++  [-u|--username USER] [-l|--loginpass LOGINPASS]
++  [-m|--mountpass MOUNTPASS]
++
++ -f, --force      Force overwriting of an existing setup
++ -w, --wrapping   Use an independent wrapping passphrase,
++                  different from the login passphrase
++ -n, --no-fnek    Do not encrypt filenames; If this flag is
++                  omitted, and the kernel supports filename
++                  encryption, then filenames will be encrypted
++ -u, --username   Username for encrypted private mountpoint,
++                  defaults to yourself
++ -l, --loginpass  Login/Wrapping passphrase for USER,
++                  used to wrap MOUNTPASS
++ --nopwcheck      Do not check the validity of the specified
++                  login password (useful for LDAP user accounts)
++ --noautomount    Setup this user such that the encrypted private
++                  directory is not automatically mounted on login
++ --noautoumount   Setup this user such that the encrypted private
++                  directory is not automatically unmounted at
++                  logout
++ -m, --mountpass  Passphrase for mounting the ecryptfs directory,
++                  defaults to randomly generated $KEYBYTES bytes
++ -b, --bootstrap  Bootstrap a new user's entire home directory
++                  Generates a random mount passphrase, which
++		  will be wrapped when the new login passphrase
++		  is set. SHOULD ONLY BE CALLED FROM 'adduser'.
++ --undo           Provide instructions on how to undo an
++                  encrypted private setup
++
++   Be sure to properly escape your parameters according to your
++   shell's special character nuances, and also surround the
++   parameters by double quotes, if necessary.
++"
  	exit 1
+ }
@@ -63,7 +66,7 @@
  you will need to very carefully perform the following actions manually:
 . Obtain your Private directory mountpoint
--   $ PRIVATE=\`cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo \$HOME/Private\`
++   $ PRIVATE=\`cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo \$HOME/$PRIVATE_DIR\`
 . Ensure that you have moved all relevant data out of your \$PRIVATE directory
 . Unmount your encrypted private directory
     $ ecryptfs-umount-private
@@ -78,14 +81,15 @@
+ }
  error() {
--	echo "ERROR: $1" 1>&2
++	echo "$(gettext 'ERROR: ')" "$@" 1>&2
  	exit 1
+ }
  error_testing() {
  	rm -f "$1" >/dev/null
++	shift
  	/sbin/umount.ecryptfs_private >/dev/null
--	error "$2"
++	error "$@"
  	exit 1
+ }
@@ -98,7 +102,7 @@
  filename_encryption_available() {
  	version=$(cat /sys/fs/ecryptfs/version 2>/dev/null)
--	[ -z "$version" ] && error "Can't get ecryptfs version, ecryptfs kernel module not loaded?"
++	[ -z "$version" ] && error "$(gettext 'Cannot get ecryptfs version, ecryptfs kernel module not loaded?')"
  	[ $(($version & 0x100)) -eq 0 ] && return 1
  	return 0
+ }
@@ -125,7 +129,7 @@
  		;;
  		-w|--wrapping)
  			WRAPPING_PASS="INDEPENDENT"
--			MESSAGE="Enter your wrapping passphrase"
++			MESSAGE="$(gettext 'Enter your wrapping passphrase')"
  			shift 1
  		;;
  		-f|--force)
@@ -149,7 +153,7 @@
  			exit 0
  		;;
  		-b|--bootstrap)
--			[ `whoami` = "root" ] || error "You must be root to bootstrap encrypt a home directory"
++			[ `whoami` = "root" ] || error "$(gettext 'You must be root to bootstrap encrypt a home directory')"
  			BOOTSTRAP=1
  			MOUNTPASS=`random_passphrase $KEYBYTES`
  			RANDOM_MOUNTPASS=1
@@ -168,16 +172,16 @@
  # Prompt for the USER name, if not on the command line and not in the env
  if [ -z "$USER" ]; then
  	while [ true ]; do
--		echo -n "Enter the username: "
++		echo -n "$(gettext 'Enter the username: ')"
  		USER=`head -n1`
  		echo
  		if [ -z "$USER" ]; then
--			echo "ERROR: You must provide a username"
++			echo "$(gettext 'ERROR: ')" "$(gettext 'You must provide a username')"
  			continue
  		else
  			# Verify that the user exists
  			if ! id "$USER" >/dev/null; then
--				echo "ERROR: User [$USER] does not exist"
++				echo "$(gettext 'ERROR: ')" "$(gettext 'User does not exist')" " [$USER]"
  				continue
  			fi
  			break
@@ -185,49 +189,61 @@
  	done
  else
  	# Verify that the user exists
--	id "$USER" >/dev/null || error "User [$USER] does not exist"
++	id "$USER" >/dev/null || error "$(gettext 'User does not exist')" "[$USER]"
++fi
++
++# Obtain USER's primary group
++GROUP=$(id -g $USER)
++
++# Check if the ecryptfs group exists, and user is member of ecryptfs group
++if grep -qs "^ecryptfs:" /etc/group; then
++	if ! id "$USER" | grep -qs "\(ecryptfs\)"; then
++	       error "$(gettext 'User needs to be a member of ecryptfs group')"
++	fi
  fi
  # Obtain the user's home directory
  HOME=`getent passwd "$USER" | awk -F: '{print $6}'`
  if [ ! -d "$HOME" ]; then
--	error "User home directory [$HOME] does not exist"
++	error "$(gettext 'User home directory does not exist')" "[$HOME]"
  fi
  if [ "$BOOTSTRAP" = "1" ]; then
  	# If we want to encrypt the entire homedir, we need the .ecryptfs
  	# config dir elsewhere, but linked into the homedir
--	mkdir -p -m 700 /var/lib/ecryptfs/$USER
--	ln -sf /var/lib/ecryptfs/$USER $HOME/.ecryptfs
++	mkdir -p -m 700 $ECRYPTFS_DIR/$USER/.ecryptfs
++	ln -sf $ECRYPTFS_DIR/$USER/.ecryptfs $HOME/.ecryptfs
++	ln -sf $ECRYPTFS_DIR/$USER/.$PRIVATE_DIR $HOME/.$PRIVATE_DIR
  	MOUNTPOINT="$HOME"
++	CRYPTDIR="$ECRYPTFS_DIR/$USER/.$PRIVATE_DIR"
  else
  	mkdir -m 700 $HOME/.ecryptfs
  	MOUNTPOINT="$HOME/$PRIVATE_DIR"
++	CRYPTDIR="$HOME/.$PRIVATE_DIR"
  fi
  # Check for previously setup private directory
  if [ -s "$HOME/.ecryptfs/wrapped-passphrase" -a "$FORCE" != "1" ]; then
--	error "wrapped-passphrase file already exists, use --force to overwrite."
++	error "$(gettext 'wrapped-passphrase file already exists, use --force to overwrite.')"
  fi
  if [ -s "$HOME/.ecryptfs/$PRIVATE_DIR.sig" -a "$FORCE" != "1" ]; then
--	error "$PRIVATE_DIR.sig file already exists, use --force to overwrite."
++	error "$PRIVATE_DIR.sig" "$(gettext 'file already exists, use --force to overwrite.')"
  fi
  # Check for active mounts
--CRYPTDIR="$HOME/.$PRIVATE_DIR"
--grep -qs "$MOUNTPOINT " /proc/mounts && error "[$MOUNTPOINT] is already mounted"
--grep -qs "$CRYPTDIR " /proc/mounts && error "[$CRYPTDIR] is already mounted"
++grep -qs "$MOUNTPOINT " /proc/mounts && error "[$MOUNTPOINT]" "$(gettext 'is already mounted')"
++grep -qs "$CRYPTDIR " /proc/mounts && error "[$CRYPTDIR]" "$(gettext 'is already mounted')"
  # Check that the mount point and encrypted directory are empty (skip symlinks).
  # Perhaps one day we could provide a migration mode (using rsync or something),
  # but this would be VERY hard to do safely.
  count=`ls -Al "$MOUNTPOINT" 2>/dev/null | egrep -c "^[drwx-]{10}"`
  if [ "$count" != "0" ]; then
--	error "$MOUNTPOINT must be empty before proceeding"
++	error "$MOUNTPOINT" "$(gettext 'must be empty before proceeding')"
  fi
  count=`ls -Al "$CRYPTDIR" 2>/dev/null | egrep -c "^[dlrwx-]{10}"`
  if [ "$count" != "0" ]; then
--	error "$CRYPTDIR must be empty before proceeding"
++	error "$CRYPTDIR" "$(gettext 'must be empty before proceeding')"
  fi
  stty_orig=`stty -g`
@@ -240,14 +256,16 @@
  		LOGINPASS=`head -n1`
  		stty $stty_orig
  		echo
--		if [ $WRAPPING_PASS != "LOGIN" ]; then
++		if [ $WRAPPING_PASS != "LOGIN" -o ! -x /sbin/unix_chkpwd ]; then
++			# If we can't check the accuracy of the user's entered
++			# passphrase, force them to type it twice (matching)
  			stty -echo
  			echo -n "$MESSAGE (again): "
  			LOGINPASS2=`head -n1`
  			stty $stty_orig
  			echo
  			if [ "$LOGINPASS" != "$LOGINPASS2" ]; then
--				echo "ERROR: Wrapping passphrases must match"
++				echo "$(gettext 'ERROR: ')" "$(gettext 'Wrapping passphrases must match')"
  			else
  				break
  			fi
@@ -255,25 +273,24 @@
  			continue
  		fi
  		if [ -z "$LOGINPASS" ]; then
--			echo "ERROR: You must provide a login passphrase"
++			echo "$(gettext 'ERROR: ')" "$(gettext 'You must provide a login passphrase')"
  			tries=$(($tries + 1))
  		else
  			if [ "$NOPWCHECK" = "1" ]; then
--				echo "INFO: Skipping password verification"
++				echo "$(gettext 'INFO:')" "$(gettext 'Skipping password verification')"
  				break
  			else
  				if printf "%s\0" "$LOGINPASS" | /sbin/unix_chkpwd "$USER" nullok; then
  					break
  				else
--					echo "ERROR: Your login passphrase is incorrect"
++					echo "$(gettext 'ERROR: ')" "$(gettext 'Your login passphrase is incorrect')"
  					tries=$(($tries + 1))
  				fi
  			fi
  		fi
  	done
  	if [ $tries -ge $PW_ATTEMPTS ]; then
--		echo "ERROR: Too many incorrect password attempts, exiting"
--		exit 1
++		error "$(gettext 'Too many incorrect password attempts, exiting')"
  	fi
  fi
@@ -282,7 +299,7 @@
  	tries=0
  	while [ $tries -lt $PW_ATTEMPTS ]; do
  		stty -echo
--		echo -n "Enter your mount passphrase [leave blank to generate one]: "
++		echo -n "$(gettext 'Enter your mount passphrase [leave blank to generate one]: ')"
  		MOUNTPASS=`head -n1`
  		stty $stty_orig
  		echo
@@ -292,12 +309,12 @@
  			break
  		else
  			stty -echo
--			echo -n "Enter your mount passphrase (again): "
++			echo -n "$(gettext 'Enter your mount passphrase (again): ')"
  			MOUNTPASS2=`head -n1`
  			stty $stty_orig
  			echo
  			if [ "$MOUNTPASS" != "$MOUNTPASS2" ]; then
--				echo "ERROR: Mount passphrases do not match"
++				echo "$(gettext 'ERROR: ')" "$(gettext 'Mount passphrases do not match')"
  				tries=$(($tries + 1))
  			else
  				break
@@ -305,58 +322,43 @@
  		fi
  	done
  	if [ $tries -ge $PW_ATTEMPTS ]; then
--		echo "ERROR: Too many incorrect passphrase attempts, exiting"
--		exit 1
++		error "$(gettext 'Too many incorrect passphrase attempts, exiting')"
  	fi
  fi
--#echo
--#echo "Using username [$USER]"
--#echo "Using mount passphrase [$MOUNTPASS]"
--#echo "Using login passphrase [$LOGINPASS]"
--#echo "Using mount point [$MOUNTPOINT]"
--#echo "Using encrypted dir [$CRYPTDIR]"
--#echo
--#echo "This script will attempt to set up your system to mount"
--#echo "$MOUNTPOINT with eCryptfs automatically on login,"
--#echo "using your login passphrase."
  echo
  echo "************************************************************************"
--if [ "$RANDOM_MOUNTPASS" = "1" ]; then
--	echo "YOU SHOULD RECORD THIS MOUNT PASSPHRASE AND STORE IN A SAFE LOCATION:"
--	echo "$MOUNTPASS"
--else
--	echo "YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IN A SAFE LOCATION:"
--fi
--echo "THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME."
++echo "$(gettext 'YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.')"
++echo "  ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase"
++echo "$(gettext 'THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.')"
  echo "************************************************************************"
  echo
  ###############################################################################
  # Setup private directory in home
--mkdir -m 700 -p "$CRYPTDIR" || error "Could not create crypt directory [$CRYPTDIR]"
--mkdir -m 700 -p "$MOUNTPOINT" || error "Could not create mount directory [$MOUNTPOINT]"
++mkdir -m 700 -p "$CRYPTDIR" || error "$(gettext 'Could not create crypt directory')" "[$CRYPTDIR]"
++mkdir -m 700 -p "$MOUNTPOINT" || error "$(gettext 'Could not create mount directory')" "[$MOUNTPOINT]"
  ln -sf /usr/share/ecryptfs-utils/ecryptfs-mount-private.txt "$MOUNTPOINT"/README.txt
  ln -sf /usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop "$MOUNTPOINT"/Access-Your-Private-Data.desktop
  chmod 500 "$MOUNTPOINT"
  # Setup ~/.ecryptfs directory
  if [ "$NOAUTOMOUNT" = "1" ]; then
--	echo "INFO: $HOME/$PRIVATE_DIR will not be mounted on login"
++	echo "$(gettext 'INFO:')" "$HOME/$PRIVATE_DIR" "$(gettext 'will not be mounted on login')"
  else
--	touch $HOME/.ecryptfs/auto-mount || error "Could not setup ecryptfs auto-mount"
++	touch $HOME/.ecryptfs/auto-mount || error "$(gettext 'Could not setup ecryptfs auto-mount')"
  fi
  if [ "$NOAUTOUMOUNT" = "1" ]; then
--	echo "INFO: $HOME/$PRIVATE_DIR will not be unmounted on logout"
++	echo "$(gettext 'INFO:')" "$HOME/$PRIVATE_DIR" "$(gettext 'will not be unmounted on logout')"
  else
--	touch $HOME/.ecryptfs/auto-umount || error "Could not setup ecryptfs auto-umount"
++	touch $HOME/.ecryptfs/auto-umount || error "$(gettext 'Could not setup ecryptfs auto-umount')"
  fi
  if [ "$WRAPPING_PASS" = "LOGIN" ]; then
--	rm -f $HOME/.ecryptfs/wrapping-independent || error "Could not remove ecryptfs wrapping-independent"
++	rm -f $HOME/.ecryptfs/wrapping-independent || error "$(gettext 'Could not remove ecryptfs wrapping-independent')"
  else
--	touch $HOME/.ecryptfs/wrapping-independent || error "Could not setup ecryptfs wrapping-independent"
++	touch $HOME/.ecryptfs/wrapping-independent || error "$(gettext 'Could not setup ecryptfs wrapping-independent')"
  fi
@@ -364,7 +366,7 @@
  timestamp=`date +%Y%m%d%H%M%S`
  for i in "$HOME/.ecryptfs/wrapped-passphrase" "$HOME/.ecryptfs/$PRIVATE_DIR.sig"; do
  	if [ -s "$i" ]; then
--		mv -f "$i" "$i.$timestamp" || error "Could not backup existing data [$i]"
++		mv -f "$i" "$i.$timestamp" || error "(gettext 'Could not backup existing data')" "[$i]"
  	fi
  done
@@ -380,7 +382,7 @@
  	printf "%s" "$MOUNTPASS" > "$temp"
  	mv "$temp" "/dev/shm/.ecryptfs-$USER"
  else
--	printf "%s\n%s" "$MOUNTPASS" "$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "Could not wrap passphrase"
++	printf "%s\n%s" "$MOUNTPASS" "$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "$(gettext 'Could not wrap passphrase')"
  fi
  umask $u
@@ -388,21 +390,21 @@
  # On subsequent logins, this should be handled by "pam_ecryptfs.so unwrap"
  response=`printf "%s" "$MOUNTPASS" | ecryptfs-add-passphrase $FNEK -`
  if [ $? -ne 0 ]; then
--	error "Could not add passphrase to the current keyring"
++	error "$(gettext 'Could not add passphrase to the current keyring')"
  fi
  sig=`echo "$response" | grep "Inserted auth tok" | sed "s/^.*\[//" | sed "s/\].*$//"`
  if ! echo "$sig" | egrep -qs "^[0-9a-fA-F]{$KEYBYTES,$KEYBYTES}$"; then
--	error "Could not obtain the key signature"
++	error "$(gettext 'Could not obtain the key signature')"
  fi
  temp=`mktemp`
--echo "$sig" > "$temp" || error "Could not create signature file [$HOME/.ecryptfs/$PRIVATE_DIR.sig]"
++echo "$sig" > "$temp" || error "$(gettext 'Could not create signature file')" "[$HOME/.ecryptfs/$PRIVATE_DIR.sig]"
  mv "$temp" "$HOME/.ecryptfs/$PRIVATE_DIR.sig"
  temp=`mktemp`
--echo "$MOUNTPOINT" > "$temp" || error "Could not create mountpoint file [$HOME/.ecryptfs/$PRIVATE_DIR.mnt]"
++echo "$MOUNTPOINT" > "$temp" || error "$(gettext 'Could not create mountpoint file')" "[$HOME/.ecryptfs/$PRIVATE_DIR.mnt]"
  mv "$temp" "$HOME/.ecryptfs/$PRIVATE_DIR.mnt"
  echo
--echo "Done configuring."
++echo "$(gettext 'Done configuring.')"
  echo
  # Skip the tests if we're in bootstrap mode, but exit with the encrypted
@@ -412,7 +414,9 @@
  	# and the calling 'adduser' is about to copy over /etc/skel
  	# NOTE: it is the responsibility of 'adduser' to unmount!
  	# And ensure that $USER owns the files/dirs we've created as root
--	chown $USER:$USER "$CRYPTDIR" /dev/shm/.ecryptfs-$USER
++	chown $USER:$GROUP "$CRYPTDIR" /dev/shm/.ecryptfs-$USER
++	chown -R $USER:$GROUP $ECRYPTFS_DIR/$USER
++	chown -R $USER:$GROUP $MOUNTPOINT
  	if [ "$FNEK" = "--fnek" ]; then
  		fnek_sig=`tail -n 1 "$HOME/.ecryptfs/$PRIVATE_DIR.sig"`
  		sig=`head -n 1 "$HOME/.ecryptfs/$PRIVATE_DIR.sig"`
@@ -420,42 +424,37 @@
  	else
  		sig_opt="ecryptfs_sig=$sig"
  	fi
++	# Do the mount, and provide some helpful symlinks
  	mount -i -t ecryptfs -o "rw,$sig_opt,ecryptfs_cipher=$CIPHER,ecryptfs_key_bytes=$KEYBYTES" "$CRYPTDIR" "$MOUNTPOINT" || error "Could not mount"
--	ln -sf /var/lib/ecryptfs/$USER $MOUNTPOINT/.ecryptfs
--	for i in auto-mount \
--		 auto-umount \
--		 $PRIVATE_DIR.mnt \
--		 $PRIVATE_DIR.sig \
--		 wrapped-passphrase;
--	do
--		[ -e $HOME/.ecryptfs/$i ] && chown $USER:$USER $MOUNTPOINT/.ecryptfs/$i
--	done
--	chown $USER:$USER /var/lib/ecryptfs/$USER
--	chown -h $USER:$USER $MOUNTPOINT/.ecryptfs
++	ln -sf $ECRYPTFS_DIR/$USER/.ecryptfs $MOUNTPOINT/.ecryptfs
++	ln -sf $ECRYPTFS_DIR/$USER/.$PRIVATE_DIR $MOUNTPOINT/.$PRIVATE_DIR
++	chown -R $USER:$GROUP $ECRYPTFS_DIR/$USER
++	chown -R $USER:$GROUP $MOUNTPOINT
  	exit 0
  fi
  # Now let's perform some basic mount/write/umount/read sanity testing...
--echo "Testing mount/write/umount/read..."
--/sbin/mount.ecryptfs_private || error "Could not mount private ecryptfs directory"
--temp=`mktemp "$MOUNTPOINT/ecryptfs.test.XXXXXX"` || error_testing "$temp" "Could not create empty file"
--random_data=`head -c 16000 /dev/urandom | od -x` || error_testing "$temp" "Could not generate random data"
--echo "$random_data" > "$temp" || error_testing "$temp" "Could not write encrypted file"
--md5sum1=`md5sum "$temp"` || error_testing "$temp" "Could not read encrypted file"
--/sbin/umount.ecryptfs_private || error_testing "$temp" "Could not unmount private ecryptfs directory"
--/sbin/mount.ecryptfs_private || error_testing "$temp" "Could not mount private ecryptfs directory (2)"
--md5sum2=`md5sum "$temp"` || error_testing "$temp" "Could not read encrypted file (2)"
++echo "$(gettext 'Testing mount/write/umount/read...')"
++/sbin/mount.ecryptfs_private || error "$(gettext 'Could not mount private ecryptfs directory')"
++temp=`mktemp "$MOUNTPOINT/ecryptfs.test.XXXXXX"` || error_testing "$temp" "$(gettext 'Could not create empty file')"
++random_data=`head -c 16000 /dev/urandom | od -x` || error_testing "$temp" "$(gettext 'Could not generate random data')"
++echo "$random_data" > "$temp" || error_testing "$temp" "$(gettext 'Could not write encrypted file')"
++md5sum1=`md5sum "$temp"` || error_testing "$temp" "$(gettext 'Could not read encrypted file')"
++/sbin/umount.ecryptfs_private || error_testing "$temp" "$(gettext 'Could not unmount private ecryptfs directory')"
++/sbin/mount.ecryptfs_private || error_testing "$temp" "$(gettext 'Could not mount private ecryptfs directory (2)')"
++md5sum2=`md5sum "$temp"` || error_testing "$temp" "$(gettext 'Could not read encrypted file (2)')"
  rm -f "$temp"
  # Use ecryptfs-umount-private on the final run, to clear the used keys
  # out of the keyring
--ecryptfs-umount-private || error_testing "$temp" "Could not unmount private ecryptfs directory (2)"
++ecryptfs-umount-private || error_testing "$temp" "$(gettext 'Could not unmount private ecryptfs directory (2)')"
  if [ "$md5sum1" != "$md5sum2" ]; then
--	error "Testing failed."
++	error "$(gettext 'Testing failed.')"
  else
--	echo "Testing succeeded."
++	echo "$(gettext 'Testing succeeded.')"
  fi
  echo
--echo "Logout, and log back in to begin using your encrypted directory."
++echo "$(gettext 'Logout, and log back in to begin using your encrypted directory.')"
  echo
++
  exit 0
 === modified file 'src/utils/ecryptfs-setup-swap'
 --- src/utils/ecryptfs-setup-swap	2009-03-20 21:44:01 +0000
 +++ src/utils/ecryptfs-setup-swap	2010-02-17 20:48:23 +0000
@@ -19,23 +19,25 @@
  # The cryptswap setup used here follows a guide published at:
  #  * http://ubuntumagnet.com/2007/11/creating-encrypted-swap-file-ubuntu-using-cryptsetup
++TEXTDOMAIN="ecryptfs-utils"
++
  error() {
--	echo "ERROR: $1" 1>&2
++	echo `gettext "ERROR:"` "$@" 1>&2
  	exit 1
+ }
  info() {
--	echo "INFO: $1"
++	echo `gettext "INFO:"` "$@"
+ }
--warning() {
--	echo "WARNING: "
++warn() {
++	echo `gettext "WARNING:"` "$@" 1>&2
+ }
  usage() {
  	echo
--	echo "Usage:"
--	echo "  $0 [-f|--force]"
++	echo `gettext "Usage:"`
++	echo "  $0 [-f|--force] [-n|--no-reload]"
  	echo
  	exit 1
+ }
@@ -48,6 +50,10 @@
  			FORCE=1
  			shift 1
  		;;
++		-n|--no-reload)
++			NO_RELOAD=1
++			shift 1
++		;;
  		*)
  			usage
  		;;
@@ -55,94 +61,83 @@
  done
  # Ensure that cryptsetup is available
--[ -x /sbin/cryptsetup ] || error "Please install 'cryptsetup'"
++[ -x /sbin/cryptsetup ] || error `gettext "Please install"` "'cryptsetup'"
  # Ensure that we're running with root privileges
--[ -w /etc/passwd ] || error "This program must be run with 'sudo', or as root"
++[ -w /etc/passwd ] || error `gettext "This program must be run with 'sudo', or as root"`
  # Count swap spaces available
--# BUG: We only support setting up a single swap space at this time
  if [ $(grep -c "^/" /proc/swaps) -eq 0 ]; then
  	mem=$(grep "^MemTotal:" /proc/meminfo | awk '{print $2}')
  	swapsize=$((4*$mem))
  	info "You do not currently have any swap space defined."
  	echo
--	echo "You can create a swap file by doing:"
++	echo `gettext "You can create a swap file by doing:"`
  	echo " $ sudo dd if=/dev/zero of=/swapfile count=$swapsize"
  	echo " $ sudo mkswap /swapfile"
  	echo " $ sudo swapon /swapfile"
  	echo
--	echo "And then re-run $0"
++	echo `gettext "And then re-run"` "$0"
  	echo
  	exit 0
--elif [ $(grep -c "^/" /proc/swaps) -gt 1 ]; then
--	info "You have more than one swap space defined."
--	error "$0 only supports setting up a single swap space"
--else
--	swap=$(grep "^/" /proc/swaps | awk '{print $1}')
--fi
--
--# Make sure this is swap space
--if ! vol_id "$swap" | grep -qs "ID_FS_TYPE=swap"; then
--	error "[$swap] does not appear to be swap space"
--fi
--
--# Check if this this swap space is already setup for encryption
--if /sbin/dmsetup table "$swap" | grep -qs " crypt " 2>/dev/null; then
--	info "[$swap] already appears to be encrypted."
--	exit 0
--else
--	# keep going
--	/bin/true
--fi
--
--base=$(basename "$swap")
--if grep -qs "^$base.*swap.*cipher" /etc/crypttab 2>/dev/null; then
--	info "[$swap] already has an entry in /etc/crypttab."
--	exit 0
--fi
--if grep -qs "$swap" /etc/initramfs-tools/conf.d/cryptroot 2>/dev/null; then
--	info "[$swap] already has an entry in /etc/fstab."
--	exit 0
--fi
--
--# Ensure available dev mapper name 'cryptswap'
--if grep -qs "^cryptswap" /etc/crypttab; then
--	error "There appears to be a cryptswap entry in /etc/cryptab; aborting."
--fi
--
--# Ensure available fstab entry
--if grep -qs "^/dev/mapper/cryptswap" /etc/fstab; then
--	error "There appears to be a cryptswap entry in /etc/fstab; aborting."
--fi
--
--# Ensure that the existing swap space exists in fstab
--if grep -qs "^$swap" /etc/fstab; then
--	sed -i "s:^$swap:\#$swap:" /etc/fstab
--	info "Commented out your unencrypted swap from /etc/fstab"
--else
--	info "Your swap space isn't currently listed in /etc/fstab"
--fi
--
++fi
++
++swaps=$(grep "^/" /proc/swaps | awk '{print $1}')
++
++filtered_swaps=$(
++for swap in $swaps; do
++	# Make sure this is swap space
++	if [ "$(blkid -o value -s TYPE $swap)" != "swap" ]; then
++		warn "[$swap]" `gettext "does not appear to be swap space, skipping."`
++		continue
++	fi
++
++	if [ "${swap#/dev/ram}" != "$swap" ]; then
++		warn "[$swap]" `gettext "is a RAM device, skipping."`
++		continue
++	fi
++
++	# Check if this swap space is already setup for encryption
++	if /sbin/dmsetup table "$swap" 2>/dev/null | grep -qs " crypt "; then
++		warn "[$swap]" `gettext "already appears to be encrypted, skipping."`
++		continue
++	fi
++
++	base=$(basename "$swap")
++	if grep -qs "^$base.*swap.*cipher" /etc/crypttab 2>/dev/null; then
++		warn "[$swap]" `gettext "already has an entry in /etc/crypttab, skipping."`
++		continue
++	fi
++	if grep -qs "$swap" /etc/initramfs-tools/conf.d/cryptroot 2>/dev/null; then
++		warn "[$swap]" `gettext "already has an entry in /etc/crypttab, skipping."`
++		continue
++	fi
++
++	echo $swap
++done
++)
++swaps="$filtered_swaps"
++if [ -z "$swaps" ]; then
++	warn "There were no usable swap devices to be encrypted.  Exiting."
++	exit 0
++fi
  ##########################################################################
  # Warn the user about breaking hibernate mode
  if [ "$FORCE" != 1 ]; then
  	echo
--	warning
--	echo "    An encrypted swap is required to help ensure that encrypted files"
--	echo "    are not leaked to disk in an unencrypted format."
--	echo
--	echo "    HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM"
--	echo "    WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!"
--	echo
--	echo "    NOTE: Your suspend/resume capabilities will not be affected."
--	echo
--	echo -n "Do you want to proceed with encrypting your swap [y/N]: "
++	echo `gettext "WARNING:"`
++	echo `gettext "An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format."`