1/** 2 * eCryptfs: Linux filesystem encryption layer 3 * This is where eCryptfs coordinates the symmetric encryption and 4 * decryption of the file data as it passes between the lower 5 * encrypted file and the upper decrypted file. 6 * 7 * Copyright (C) 1997-2003 Erez Zadok 8 * Copyright (C) 2001-2003 Stony Brook University 9 * Copyright (C) 2004-2007 International Business Machines Corp. 10 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License as 14 * published by the Free Software Foundation; either version 2 of the 15 * License, or (at your option) any later version. 16 * 17 * This program is distributed in the hope that it will be useful, but 18 * WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 20 * General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, write to the Free Software 24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 25 * 02111-1307, USA. 26 */ 27 28#include <linux/pagemap.h> 29#include <linux/writeback.h> 30#include <linux/page-flags.h> 31#include <linux/mount.h> 32#include <linux/file.h> 33#include <linux/crypto.h> 34#include <linux/scatterlist.h> 35#include "ecryptfs_kernel.h" 36 37struct kmem_cache *ecryptfs_lower_page_cache; 38 39/** 40 * ecryptfs_get1page 41 * 42 * Get one page from cache or lower f/s, return error otherwise. 43 * 44 * Returns unlocked and up-to-date page (if ok), with increased 45 * refcnt. 46 */ 47static struct page *ecryptfs_get1page(struct file *file, int index) 48{ 49 struct dentry *dentry; 50 struct inode *inode; 51 struct address_space *mapping; 52 53 dentry = file->f_path.dentry; 54 inode = dentry->d_inode; 55 mapping = inode->i_mapping; 56 return read_mapping_page(mapping, index, (void *)file); 57} 58 59/** 60 * ecryptfs_fill_zeros 61 * @file: The ecryptfs file 62 * @new_length: The new length of the data in the underlying file; 63 * everything between the prior end of the file and the 64 * new end of the file will be filled with zero's. 65 * new_length must be greater than current length 66 * 67 * Function for handling lseek-ing past the end of the file. 68 * 69 * This function does not support shrinking, only growing a file. 70 * 71 * Returns zero on success; non-zero otherwise. 72 */ 73int ecryptfs_fill_zeros(struct file *file, loff_t new_length) 74{ 75 int rc = 0; 76 struct dentry *dentry = file->f_path.dentry; 77 struct inode *inode = dentry->d_inode; 78 pgoff_t old_end_page_index = 0; 79 pgoff_t index = old_end_page_index; 80 int old_end_pos_in_page = -1; 81 pgoff_t new_end_page_index; 82 int new_end_pos_in_page; 83 loff_t cur_length = i_size_read(inode); 84 85 if (cur_length != 0) { 86 index = old_end_page_index = 87 ((cur_length - 1) >> PAGE_CACHE_SHIFT); 88 old_end_pos_in_page = ((cur_length - 1) & ~PAGE_CACHE_MASK); 89 } 90 new_end_page_index = ((new_length - 1) >> PAGE_CACHE_SHIFT); 91 new_end_pos_in_page = ((new_length - 1) & ~PAGE_CACHE_MASK); 92 ecryptfs_printk(KERN_DEBUG, "old_end_page_index = [0x%.16x]; " 93 "old_end_pos_in_page = [%d]; " 94 "new_end_page_index = [0x%.16x]; " 95 "new_end_pos_in_page = [%d]\n", 96 old_end_page_index, old_end_pos_in_page, 97 new_end_page_index, new_end_pos_in_page); 98 if (old_end_page_index == new_end_page_index) { 99 /* Start and end are in the same page; we just need to 100 * set a portion of the existing page to zero's */ 101 rc = ecryptfs_write_zeros(file, index, 102 (old_end_pos_in_page + 1), 103 (new_end_pos_in_page 104 - old_end_pos_in_page)); 105 if (rc) 106 ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(" 107 "file=[%p], " 108 "index=[0x%.16x], " 109 "old_end_pos_in_page=[d], " 110 "(PAGE_CACHE_SIZE - new_end_pos_in_page" 111 "=[%d]" 112 ")=[d]) returned [%d]\n", file, index, 113 old_end_pos_in_page, 114 new_end_pos_in_page, 115 (PAGE_CACHE_SIZE - new_end_pos_in_page), 116 rc); 117 goto out; 118 } 119 /* Fill the remainder of the previous last page with zeros */ 120 rc = ecryptfs_write_zeros(file, index, (old_end_pos_in_page + 1), 121 ((PAGE_CACHE_SIZE - 1) - old_end_pos_in_page)); 122 if (rc) { 123 ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(file=[%p], " 124 "index=[0x%.16x], old_end_pos_in_page=[d], " 125 "(PAGE_CACHE_SIZE - old_end_pos_in_page)=[d]) " 126 "returned [%d]\n", file, index, 127 old_end_pos_in_page, 128 (PAGE_CACHE_SIZE - old_end_pos_in_page), rc); 129 goto out; 130 } 131 index++; 132 while (index < new_end_page_index) { 133 /* Fill all intermediate pages with zeros */ 134 rc = ecryptfs_write_zeros(file, index, 0, PAGE_CACHE_SIZE); 135 if (rc) { 136 ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(" 137 "file=[%p], " 138 "index=[0x%.16x], " 139 "old_end_pos_in_page=[d], " 140 "(PAGE_CACHE_SIZE - new_end_pos_in_page" 141 "=[%d]" 142 ")=[d]) returned [%d]\n", file, index, 143 old_end_pos_in_page, 144 new_end_pos_in_page, 145 (PAGE_CACHE_SIZE - new_end_pos_in_page), 146 rc); 147 goto out; 148 } 149 index++; 150 } 151 /* Fill the portion at the beginning of the last new page with 152 * zero's */ 153 rc = ecryptfs_write_zeros(file, index, 0, (new_end_pos_in_page + 1)); 154 if (rc) { 155 ecryptfs_printk(KERN_ERR, "ecryptfs_write_zeros(file=" 156 "[%p], index=[0x%.16x], 0, " 157 "new_end_pos_in_page=[%d]" 158 "returned [%d]\n", file, index, 159 new_end_pos_in_page, rc); 160 goto out; 161 } 162out: 163 return rc; 164} 165 166/** 167 * ecryptfs_writepage 168 * @page: Page that is locked before this call is made 169 * 170 * Returns zero on success; non-zero otherwise 171 */ 172static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc) 173{ 174 struct ecryptfs_page_crypt_context ctx; 175 int rc; 176 177 ctx.page = page; 178 ctx.mode = ECRYPTFS_WRITEPAGE_MODE; 179 ctx.param.wbc = wbc; 180 rc = ecryptfs_encrypt_page(&ctx); 181 if (rc) { 182 ecryptfs_printk(KERN_WARNING, "Error encrypting " 183 "page (upper index [0x%.16x])\n", page->index); 184 ClearPageUptodate(page); 185 goto out; 186 } 187 SetPageUptodate(page); 188 unlock_page(page); 189out: 190 return rc; 191} 192 193/** 194 * Reads the data from the lower file file at index lower_page_index 195 * and copies that data into page. 196 * 197 * @param page Page to fill 198 * @param lower_page_index Index of the page in the lower file to get 199 */ 200int ecryptfs_do_readpage(struct file *file, struct page *page, 201 pgoff_t lower_page_index) 202{ 203 int rc; 204 struct dentry *dentry; 205 struct file *lower_file; 206 struct dentry *lower_dentry; 207 struct inode *inode; 208 struct inode *lower_inode; 209 char *page_data; 210 struct page *lower_page = NULL; 211 char *lower_page_data; 212 const struct address_space_operations *lower_a_ops; 213 214 dentry = file->f_path.dentry; 215 lower_file = ecryptfs_file_to_lower(file); 216 lower_dentry = ecryptfs_dentry_to_lower(dentry); 217 inode = dentry->d_inode; 218 lower_inode = ecryptfs_inode_to_lower(inode); 219 lower_a_ops = lower_inode->i_mapping->a_ops; 220 lower_page = read_cache_page(lower_inode->i_mapping, lower_page_index, 221 (filler_t *)lower_a_ops->readpage, 222 (void *)lower_file); 223 if (IS_ERR(lower_page)) { 224 rc = PTR_ERR(lower_page); 225 lower_page = NULL; 226 ecryptfs_printk(KERN_ERR, "Error reading from page cache\n"); 227 goto out; 228 } 229 page_data = kmap_atomic(page, KM_USER0); 230 lower_page_data = kmap_atomic(lower_page, KM_USER1); 231 memcpy(page_data, lower_page_data, PAGE_CACHE_SIZE); 232 kunmap_atomic(lower_page_data, KM_USER1); 233 kunmap_atomic(page_data, KM_USER0); 234 flush_dcache_page(page); 235 rc = 0; 236out: 237 if (likely(lower_page)) 238 page_cache_release(lower_page); 239 if (rc == 0) 240 SetPageUptodate(page); 241 else 242 ClearPageUptodate(page); 243 return rc; 244} 245/** 246 * Header Extent: 247 * Octets 0-7: Unencrypted file size (big-endian) 248 * Octets 8-15: eCryptfs special marker 249 * Octets 16-19: Flags 250 * Octet 16: File format version number (between 0 and 255) 251 * Octets 17-18: Reserved 252 * Octet 19: Bit 1 (lsb): Reserved 253 * Bit 2: Encrypted? 254 * Bits 3-8: Reserved 255 * Octets 20-23: Header extent size (big-endian) 256 * Octets 24-25: Number of header extents at front of file 257 * (big-endian) 258 * Octet 26: Begin RFC 2440 authentication token packet set 259 */ 260static void set_header_info(char *page_virt, 261 struct ecryptfs_crypt_stat *crypt_stat) 262{ 263 size_t written; 264 int save_num_header_extents_at_front = 265 crypt_stat->num_header_extents_at_front; 266 267 crypt_stat->num_header_extents_at_front = 1; 268 ecryptfs_write_header_metadata(page_virt + 20, crypt_stat, &written); 269 crypt_stat->num_header_extents_at_front = 270 save_num_header_extents_at_front; 271} 272 273/** 274 * ecryptfs_readpage 275 * @file: This is an ecryptfs file 276 * @page: ecryptfs associated page to stick the read data into 277 * 278 * Read in a page, decrypting if necessary. 279 * 280 * Returns zero on success; non-zero on error. 281 */ 282static int ecryptfs_readpage(struct file *file, struct page *page) 283{ 284 int rc = 0; 285 struct ecryptfs_crypt_stat *crypt_stat; 286 287 BUG_ON(!(file && file->f_path.dentry && file->f_path.dentry->d_inode)); 288 crypt_stat = &ecryptfs_inode_to_private(file->f_path.dentry->d_inode) 289 ->crypt_stat; 290 if (!crypt_stat 291 || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED) 292 || (crypt_stat->flags & ECRYPTFS_NEW_FILE)) { 293 ecryptfs_printk(KERN_DEBUG, 294 "Passing through unencrypted page\n"); 295 rc = ecryptfs_do_readpage(file, page, page->index); 296 if (rc) { 297 ecryptfs_printk(KERN_ERR, "Error reading page; rc = " 298 "[%d]\n", rc); 299 goto out; 300 } 301 } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) { 302 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) { 303 int num_pages_in_header_region = 304 (crypt_stat->header_extent_size 305 / PAGE_CACHE_SIZE); 306 307 if (page->index < num_pages_in_header_region) { 308 char *page_virt; 309 310 page_virt = kmap_atomic(page, KM_USER0); 311 memset(page_virt, 0, PAGE_CACHE_SIZE); 312 if (page->index == 0) { 313 rc = ecryptfs_read_xattr_region( 314 page_virt, file->f_path.dentry); 315 set_header_info(page_virt, crypt_stat); 316 } 317 kunmap_atomic(page_virt, KM_USER0); 318 flush_dcache_page(page); 319 if (rc) { 320 printk(KERN_ERR "Error reading xattr " 321 "region\n"); 322 goto out; 323 } 324 } else { 325 rc = ecryptfs_do_readpage( 326 file, page, 327 (page->index 328 - num_pages_in_header_region)); 329 if (rc) { 330 printk(KERN_ERR "Error reading page; " 331 "rc = [%d]\n", rc); 332 goto out; 333 } 334 } 335 } else { 336 rc = ecryptfs_do_readpage(file, page, page->index); 337 if (rc) { 338 printk(KERN_ERR "Error reading page; rc = " 339 "[%d]\n", rc); 340 goto out; 341 } 342 } 343 } else { 344 rc = ecryptfs_decrypt_page(file, page); 345 if (rc) { 346 ecryptfs_printk(KERN_ERR, "Error decrypting page; " 347 "rc = [%d]\n", rc); 348 goto out; 349 } 350 } 351 SetPageUptodate(page); 352out: 353 if (rc) 354 ClearPageUptodate(page); 355 ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16x]\n", 356 page->index); 357 unlock_page(page); 358 return rc; 359} 360 361/** 362 * Called with lower inode mutex held. 363 */ 364static int fill_zeros_to_end_of_page(struct page *page, unsigned int to) 365{ 366 struct inode *inode = page->mapping->host; 367 int end_byte_in_page; 368 369 if ((i_size_read(inode) / PAGE_CACHE_SIZE) != page->index) 370 goto out; 371 end_byte_in_page = i_size_read(inode) % PAGE_CACHE_SIZE; 372 if (to > end_byte_in_page) 373 end_byte_in_page = to; 374 zero_user_page(page, end_byte_in_page, 375 PAGE_CACHE_SIZE - end_byte_in_page, KM_USER0); 376out: 377 return 0; 378} 379 380/** 381 * eCryptfs does not currently support holes. When writing after a 382 * seek past the end of the file, eCryptfs fills in 0's through to the 383 * current location. The code to fill in the 0's to all the 384 * intermediate pages calls ecryptfs_prepare_write_no_truncate(). 385 */ 386static int 387ecryptfs_prepare_write_no_truncate(struct file *file, struct page *page, 388 unsigned from, unsigned to) 389{ 390 int rc = 0; 391 392 if (from == 0 && to == PAGE_CACHE_SIZE) 393 goto out; /* If we are writing a full page, it will be 394 up to date. */ 395 if (!PageUptodate(page)) 396 rc = ecryptfs_do_readpage(file, page, page->index); 397out: 398 return rc; 399} 400 401static int ecryptfs_prepare_write(struct file *file, struct page *page, 402 unsigned from, unsigned to) 403{ 404 int rc = 0; 405 406 if (from == 0 && to == PAGE_CACHE_SIZE) 407 goto out; /* If we are writing a full page, it will be 408 up to date. */ 409 if (!PageUptodate(page)) 410 rc = ecryptfs_do_readpage(file, page, page->index); 411 if (page->index != 0) { 412 loff_t end_of_prev_pg_pos = 413 (((loff_t)page->index << PAGE_CACHE_SHIFT) - 1); 414 415 if (end_of_prev_pg_pos > i_size_read(page->mapping->host)) { 416 rc = ecryptfs_truncate(file->f_path.dentry, 417 end_of_prev_pg_pos); 418 if (rc) { 419 printk(KERN_ERR "Error on attempt to " 420 "truncate to (higher) offset [%lld];" 421 " rc = [%d]\n", end_of_prev_pg_pos, rc); 422 goto out; 423 } 424 } 425 if (end_of_prev_pg_pos + 1 > i_size_read(page->mapping->host)) 426 zero_user_page(page, 0, PAGE_CACHE_SIZE, KM_USER0); 427 } 428out: 429 return rc; 430} 431 432int ecryptfs_writepage_and_release_lower_page(struct page *lower_page, 433 struct inode *lower_inode, 434 struct writeback_control *wbc) 435{ 436 int rc = 0; 437 438 rc = lower_inode->i_mapping->a_ops->writepage(lower_page, wbc); 439 if (rc) { 440 ecryptfs_printk(KERN_ERR, "Error calling lower writepage(); " 441 "rc = [%d]\n", rc); 442 goto out; 443 } 444 lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; 445 page_cache_release(lower_page); 446out: 447 return rc; 448} 449 450static 451void ecryptfs_release_lower_page(struct page *lower_page, int page_locked) 452{ 453 if (page_locked) 454 unlock_page(lower_page); 455 page_cache_release(lower_page); 456} 457 458/** 459 * ecryptfs_write_inode_size_to_header 460 * 461 * Writes the lower file size to the first 8 bytes of the header. 462 * 463 * Returns zero on success; non-zero on error. 464 */ 465static int ecryptfs_write_inode_size_to_header(struct file *lower_file, 466 struct inode *lower_inode, 467 struct inode *inode) 468{ 469 int rc = 0; 470 struct page *header_page; 471 char *header_virt; 472 const struct address_space_operations *lower_a_ops; 473 u64 file_size; 474 475retry: 476 header_page = grab_cache_page(lower_inode->i_mapping, 0); 477 if (!header_page) { 478 ecryptfs_printk(KERN_ERR, "grab_cache_page for " 479 "lower_page_index 0 failed\n"); 480 rc = -EINVAL; 481 goto out; 482 } 483 lower_a_ops = lower_inode->i_mapping->a_ops; 484 rc = lower_a_ops->prepare_write(lower_file, header_page, 0, 8); 485 if (rc) { 486 if (rc == AOP_TRUNCATED_PAGE) { 487 ecryptfs_release_lower_page(header_page, 0); 488 goto retry; 489 } else 490 ecryptfs_release_lower_page(header_page, 1); 491 goto out; 492 } 493 file_size = (u64)i_size_read(inode); 494 ecryptfs_printk(KERN_DEBUG, "Writing size: [0x%.16x]\n", file_size); 495 file_size = cpu_to_be64(file_size); 496 header_virt = kmap_atomic(header_page, KM_USER0); 497 memcpy(header_virt, &file_size, sizeof(u64)); 498 kunmap_atomic(header_virt, KM_USER0); 499 flush_dcache_page(header_page); 500 rc = lower_a_ops->commit_write(lower_file, header_page, 0, 8); 501 if (rc < 0) 502 ecryptfs_printk(KERN_ERR, "Error commiting header page " 503 "write\n"); 504 if (rc == AOP_TRUNCATED_PAGE) { 505 ecryptfs_release_lower_page(header_page, 0); 506 goto retry; 507 } else 508 ecryptfs_release_lower_page(header_page, 1); 509 lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; 510 mark_inode_dirty_sync(inode); 511out: 512 return rc; 513} 514 515static int ecryptfs_write_inode_size_to_xattr(struct inode *lower_inode, 516 struct inode *inode, 517 struct dentry *ecryptfs_dentry, 518 int lower_i_mutex_held) 519{ 520 ssize_t size; 521 void *xattr_virt; 522 struct dentry *lower_dentry; 523 u64 file_size; 524 int rc; 525 526 xattr_virt = kmem_cache_alloc(ecryptfs_xattr_cache, GFP_KERNEL); 527 if (!xattr_virt) { 528 printk(KERN_ERR "Out of memory whilst attempting to write " 529 "inode size to xattr\n"); 530 rc = -ENOMEM; 531 goto out; 532 } 533 lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry); 534 if (!lower_dentry->d_inode->i_op->getxattr || 535 !lower_dentry->d_inode->i_op->setxattr) { 536 printk(KERN_WARNING 537 "No support for setting xattr in lower filesystem\n"); 538 rc = -ENOSYS; 539 kmem_cache_free(ecryptfs_xattr_cache, xattr_virt); 540 goto out; 541 } 542 if (!lower_i_mutex_held) 543 mutex_lock(&lower_dentry->d_inode->i_mutex); 544 size = lower_dentry->d_inode->i_op->getxattr(lower_dentry, 545 ECRYPTFS_XATTR_NAME, 546 xattr_virt, 547 PAGE_CACHE_SIZE); 548 if (!lower_i_mutex_held) 549 mutex_unlock(&lower_dentry->d_inode->i_mutex); 550 if (size < 0) 551 size = 8; 552 file_size = (u64)i_size_read(inode); 553 file_size = cpu_to_be64(file_size); 554 memcpy(xattr_virt, &file_size, sizeof(u64)); 555 if (!lower_i_mutex_held) 556 mutex_lock(&lower_dentry->d_inode->i_mutex); 557 rc = lower_dentry->d_inode->i_op->setxattr(lower_dentry, 558 ECRYPTFS_XATTR_NAME, 559 xattr_virt, size, 0); 560 if (!lower_i_mutex_held) 561 mutex_unlock(&lower_dentry->d_inode->i_mutex); 562 if (rc) 563 printk(KERN_ERR "Error whilst attempting to write inode size " 564 "to lower file xattr; rc = [%d]\n", rc); 565 kmem_cache_free(ecryptfs_xattr_cache, xattr_virt); 566out: 567 return rc; 568} 569 570int 571ecryptfs_write_inode_size_to_metadata(struct file *lower_file, 572 struct inode *lower_inode, 573 struct inode *inode, 574 struct dentry *ecryptfs_dentry, 575 int lower_i_mutex_held) 576{ 577 struct ecryptfs_crypt_stat *crypt_stat; 578 579 crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; 580 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 581 return ecryptfs_write_inode_size_to_xattr(lower_inode, inode, 582 ecryptfs_dentry, 583 lower_i_mutex_held); 584 else 585 return ecryptfs_write_inode_size_to_header(lower_file, 586 lower_inode, 587 inode); 588} 589 590int ecryptfs_get_lower_page(struct page **lower_page, struct inode *lower_inode, 591 struct file *lower_file, 592 unsigned long lower_page_index, int byte_offset, 593 int region_bytes) 594{ 595 int rc = 0; 596 597retry: 598 *lower_page = grab_cache_page(lower_inode->i_mapping, lower_page_index); 599 if (!(*lower_page)) { 600 rc = -EINVAL; 601 ecryptfs_printk(KERN_ERR, "Error attempting to grab " 602 "lower page with index [0x%.16x]\n", 603 lower_page_index); 604 goto out; 605 } 606 rc = lower_inode->i_mapping->a_ops->prepare_write(lower_file, 607 (*lower_page), 608 byte_offset, 609 region_bytes); 610 if (rc) { 611 if (rc == AOP_TRUNCATED_PAGE) { 612 ecryptfs_release_lower_page(*lower_page, 0); 613 goto retry; 614 } else { 615 ecryptfs_printk(KERN_ERR, "prepare_write for " 616 "lower_page_index = [0x%.16x] failed; rc = " 617 "[%d]\n", lower_page_index, rc); 618 ecryptfs_release_lower_page(*lower_page, 1); 619 (*lower_page) = NULL; 620 } 621 } 622out: 623 return rc; 624} 625 626/** 627 * ecryptfs_commit_lower_page 628 * 629 * Returns zero on success; non-zero on error 630 */ 631int 632ecryptfs_commit_lower_page(struct page *lower_page, struct inode *lower_inode, 633 struct file *lower_file, int byte_offset, 634 int region_size) 635{ 636 int page_locked = 1; 637 int rc = 0; 638 639 rc = lower_inode->i_mapping->a_ops->commit_write( 640 lower_file, lower_page, byte_offset, region_size); 641 if (rc == AOP_TRUNCATED_PAGE) 642 page_locked = 0; 643 if (rc < 0) { 644 ecryptfs_printk(KERN_ERR, 645 "Error committing write; rc = [%d]\n", rc); 646 } else 647 rc = 0; 648 ecryptfs_release_lower_page(lower_page, page_locked); 649 return rc; 650} 651 652/** 653 * ecryptfs_copy_page_to_lower 654 * 655 * Used for plaintext pass-through; no page index interpolation 656 * required. 657 */ 658int ecryptfs_copy_page_to_lower(struct page *page, struct inode *lower_inode, 659 struct file *lower_file) 660{ 661 int rc = 0; 662 struct page *lower_page; 663 664 rc = ecryptfs_get_lower_page(&lower_page, lower_inode, lower_file, 665 page->index, 0, PAGE_CACHE_SIZE); 666 if (rc) { 667 ecryptfs_printk(KERN_ERR, "Error attempting to get page " 668 "at index [0x%.16x]\n", page->index); 669 goto out; 670 } 671 /* TODO: aops */ 672 memcpy((char *)page_address(lower_page), page_address(page), 673 PAGE_CACHE_SIZE); 674 rc = ecryptfs_commit_lower_page(lower_page, lower_inode, lower_file, 675 0, PAGE_CACHE_SIZE); 676 if (rc) 677 ecryptfs_printk(KERN_ERR, "Error attempting to commit page " 678 "at index [0x%.16x]\n", page->index); 679out: 680 return rc; 681} 682 683struct kmem_cache *ecryptfs_xattr_cache; 684 685/** 686 * ecryptfs_commit_write 687 * @file: The eCryptfs file object 688 * @page: The eCryptfs page 689 * @from: Ignored (we rotate the page IV on each write) 690 * @to: Ignored 691 * 692 * This is where we encrypt the data and pass the encrypted data to 693 * the lower filesystem. In OpenPGP-compatible mode, we operate on 694 * entire underlying packets. 695 */ 696static int ecryptfs_commit_write(struct file *file, struct page *page, 697 unsigned from, unsigned to) 698{ 699 struct ecryptfs_page_crypt_context ctx; 700 loff_t pos; 701 struct inode *inode; 702 struct inode *lower_inode; 703 struct file *lower_file; 704 struct ecryptfs_crypt_stat *crypt_stat; 705 int rc; 706 707 inode = page->mapping->host; 708 lower_inode = ecryptfs_inode_to_lower(inode); 709 lower_file = ecryptfs_file_to_lower(file); 710 mutex_lock(&lower_inode->i_mutex); 711 crypt_stat = &ecryptfs_inode_to_private(file->f_path.dentry->d_inode) 712 ->crypt_stat; 713 if (crypt_stat->flags & ECRYPTFS_NEW_FILE) { 714 ecryptfs_printk(KERN_DEBUG, "ECRYPTFS_NEW_FILE flag set in " 715 "crypt_stat at memory location [%p]\n", crypt_stat); 716 crypt_stat->flags &= ~(ECRYPTFS_NEW_FILE); 717 } else 718 ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); 719 ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" 720 "(page w/ index = [0x%.16x], to = [%d])\n", page->index, 721 to); 722 rc = fill_zeros_to_end_of_page(page, to); 723 if (rc) { 724 ecryptfs_printk(KERN_WARNING, "Error attempting to fill " 725 "zeros in page with index = [0x%.16x]\n", 726 page->index); 727 goto out; 728 } 729 ctx.page = page; 730 ctx.mode = ECRYPTFS_PREPARE_COMMIT_MODE; 731 ctx.param.lower_file = lower_file; 732 rc = ecryptfs_encrypt_page(&ctx); 733 if (rc) { 734 ecryptfs_printk(KERN_WARNING, "Error encrypting page (upper " 735 "index [0x%.16x])\n", page->index); 736 goto out; 737 } 738 inode->i_blocks = lower_inode->i_blocks; 739 pos = (page->index << PAGE_CACHE_SHIFT) + to; 740 if (pos > i_size_read(inode)) { 741 i_size_write(inode, pos); 742 ecryptfs_printk(KERN_DEBUG, "Expanded file size to " 743 "[0x%.16x]\n", i_size_read(inode)); 744 } 745 rc = ecryptfs_write_inode_size_to_metadata(lower_file, lower_inode, 746 inode, file->f_dentry, 747 ECRYPTFS_LOWER_I_MUTEX_HELD); 748 if (rc) 749 printk(KERN_ERR "Error writing inode size to metadata; " 750 "rc = [%d]\n", rc); 751 lower_inode->i_mtime = lower_inode->i_ctime = CURRENT_TIME; 752 mark_inode_dirty_sync(inode); 753out: 754 if (rc < 0) 755 ClearPageUptodate(page); 756 else 757 SetPageUptodate(page); 758 mutex_unlock(&lower_inode->i_mutex); 759 return rc; 760} 761 762/** 763 * ecryptfs_write_zeros 764 * @file: The ecryptfs file 765 * @index: The index in which we are writing 766 * @start: The position after the last block of data 767 * @num_zeros: The number of zeros to write 768 * 769 * Write a specified number of zero's to a page. 770 * 771 * (start + num_zeros) must be less than or equal to PAGE_CACHE_SIZE 772 */ 773int 774ecryptfs_write_zeros(struct file *file, pgoff_t index, int start, int num_zeros) 775{ 776 int rc = 0; 777 struct page *tmp_page; 778 779 tmp_page = ecryptfs_get1page(file, index); 780 if (IS_ERR(tmp_page)) { 781 ecryptfs_printk(KERN_ERR, "Error getting page at index " 782 "[0x%.16x]\n", index); 783 rc = PTR_ERR(tmp_page); 784 goto out; 785 } 786 if ((rc = ecryptfs_prepare_write_no_truncate(file, tmp_page, start, 787 (start + num_zeros)))) { 788 ecryptfs_printk(KERN_ERR, "Error preparing to write zero's " 789 "to page at index [0x%.16x]\n", 790 index); 791 page_cache_release(tmp_page); 792 goto out; 793 } 794 zero_user_page(tmp_page, start, num_zeros, KM_USER0); 795 rc = ecryptfs_commit_write(file, tmp_page, start, start + num_zeros); 796 if (rc < 0) { 797 ecryptfs_printk(KERN_ERR, "Error attempting to write zero's " 798 "to remainder of page at index [0x%.16x]\n", 799 index); 800 page_cache_release(tmp_page); 801 goto out; 802 } 803 rc = 0; 804 page_cache_release(tmp_page); 805out: 806 return rc; 807} 808 809static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block) 810{ 811 int rc = 0; 812 struct inode *inode; 813 struct inode *lower_inode; 814 815 inode = (struct inode *)mapping->host; 816 lower_inode = ecryptfs_inode_to_lower(inode); 817 if (lower_inode->i_mapping->a_ops->bmap) 818 rc = lower_inode->i_mapping->a_ops->bmap(lower_inode->i_mapping, 819 block); 820 return rc; 821} 822 823static void ecryptfs_sync_page(struct page *page) 824{ 825 struct inode *inode; 826 struct inode *lower_inode; 827 struct page *lower_page; 828 829 inode = page->mapping->host; 830 lower_inode = ecryptfs_inode_to_lower(inode); 831 /* NOTE: Recently swapped with grab_cache_page(), since 832 * sync_page() just makes sure that pending I/O gets done. */ 833 lower_page = find_lock_page(lower_inode->i_mapping, page->index); 834 if (!lower_page) { 835 ecryptfs_printk(KERN_DEBUG, "find_lock_page failed\n"); 836 return; 837 } 838 lower_page->mapping->a_ops->sync_page(lower_page); 839 ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16x]\n", 840 lower_page->index); 841 unlock_page(lower_page); 842 page_cache_release(lower_page); 843} 844 845struct address_space_operations ecryptfs_aops = { 846 .writepage = ecryptfs_writepage, 847 .readpage = ecryptfs_readpage, 848 .prepare_write = ecryptfs_prepare_write, 849 .commit_write = ecryptfs_commit_write, 850 .bmap = ecryptfs_bmap, 851 .sync_page = ecryptfs_sync_page, 852}; 853