OLD | NEW |
1 /** | 1 /** |
2 * eCryptfs: Linux filesystem encryption layer | 2 * eCryptfs: Linux filesystem encryption layer |
3 * This is where eCryptfs coordinates the symmetric encryption and | 3 * This is where eCryptfs coordinates the symmetric encryption and |
4 * decryption of the file data as it passes between the lower | 4 * decryption of the file data as it passes between the lower |
5 * encrypted file and the upper decrypted file. | 5 * encrypted file and the upper decrypted file. |
6 * | 6 * |
7 * Copyright (C) 1997-2003 Erez Zadok | 7 * Copyright (C) 1997-2003 Erez Zadok |
8 * Copyright (C) 2001-2003 Stony Brook University | 8 * Copyright (C) 2001-2003 Stony Brook University |
9 * Copyright (C) 2004-2007 International Business Machines Corp. | 9 * Copyright (C) 2004-2007 International Business Machines Corp. |
10 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> | 10 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
62 /** | 62 /** |
63 * ecryptfs_writepage | 63 * ecryptfs_writepage |
64 * @page: Page that is locked before this call is made | 64 * @page: Page that is locked before this call is made |
65 * | 65 * |
66 * Returns zero on success; non-zero otherwise | 66 * Returns zero on success; non-zero otherwise |
67 */ | 67 */ |
68 static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc) | 68 static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc) |
69 { | 69 { |
70 int rc; | 70 int rc; |
71 | 71 |
72 /* | |
73 * Refuse to write the page out if we are called from reclaim context | |
74 * since our writepage() path may potentially allocate memory when | |
75 * calling into the lower fs vfs_write() which may in turn invoke | |
76 * us again. | |
77 */ | |
78 if (current->flags & PF_MEMALLOC) { | |
79 redirty_page_for_writepage(wbc, page); | |
80 rc = 0; | |
81 goto out; | |
82 } | |
83 | |
84 rc = ecryptfs_encrypt_page(page); | 72 rc = ecryptfs_encrypt_page(page); |
85 if (rc) { | 73 if (rc) { |
86 ecryptfs_printk(KERN_WARNING, "Error encrypting " | 74 ecryptfs_printk(KERN_WARNING, "Error encrypting " |
87 "page (upper index [0x%.16x])\n", page->index); | 75 "page (upper index [0x%.16x])\n", page->index); |
88 ClearPageUptodate(page); | 76 ClearPageUptodate(page); |
89 goto out; | 77 goto out; |
90 } | 78 } |
91 SetPageUptodate(page); | 79 SetPageUptodate(page); |
| 80 unlock_page(page); |
92 out: | 81 out: |
93 unlock_page(page); | |
94 return rc; | 82 return rc; |
95 } | 83 } |
96 | 84 |
97 /** | 85 /** |
98 * Header Extent: | 86 * Header Extent: |
99 * Octets 0-7: Unencrypted file size (big-endian) | 87 * Octets 0-7: Unencrypted file size (big-endian) |
100 * Octets 8-15: eCryptfs special marker | 88 * Octets 8-15: eCryptfs special marker |
101 * Octets 16-19: Flags | 89 * Octets 16-19: Flags |
102 * Octet 16: File format version number (between 0 and 255) | 90 * Octet 16: File format version number (between 0 and 255) |
103 * Octets 17-18: Reserved | 91 * Octets 17-18: Reserved |
(...skipping 391 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
495 loff_t pos, unsigned len, unsigned copied, | 483 loff_t pos, unsigned len, unsigned copied, |
496 struct page *page, void *fsdata) | 484 struct page *page, void *fsdata) |
497 { | 485 { |
498 pgoff_t index = pos >> PAGE_CACHE_SHIFT; | 486 pgoff_t index = pos >> PAGE_CACHE_SHIFT; |
499 unsigned from = pos & (PAGE_CACHE_SIZE - 1); | 487 unsigned from = pos & (PAGE_CACHE_SIZE - 1); |
500 unsigned to = from + copied; | 488 unsigned to = from + copied; |
501 struct inode *ecryptfs_inode = mapping->host; | 489 struct inode *ecryptfs_inode = mapping->host; |
502 struct ecryptfs_crypt_stat *crypt_stat = | 490 struct ecryptfs_crypt_stat *crypt_stat = |
503 &ecryptfs_inode_to_private(file->f_path.dentry->d_inode)->crypt_
stat; | 491 &ecryptfs_inode_to_private(file->f_path.dentry->d_inode)->crypt_
stat; |
504 int rc; | 492 int rc; |
505 int need_unlock_page = 1; | |
506 | 493 |
507 if (crypt_stat->flags & ECRYPTFS_NEW_FILE) { | 494 if (crypt_stat->flags & ECRYPTFS_NEW_FILE) { |
508 ecryptfs_printk(KERN_DEBUG, "ECRYPTFS_NEW_FILE flag set in " | 495 ecryptfs_printk(KERN_DEBUG, "ECRYPTFS_NEW_FILE flag set in " |
509 "crypt_stat at memory location [%p]\n", crypt_stat); | 496 "crypt_stat at memory location [%p]\n", crypt_stat); |
510 crypt_stat->flags &= ~(ECRYPTFS_NEW_FILE); | 497 crypt_stat->flags &= ~(ECRYPTFS_NEW_FILE); |
511 } else | 498 } else |
512 ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); | 499 ecryptfs_printk(KERN_DEBUG, "Not a new file\n"); |
513 ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" | 500 ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page" |
514 "(page w/ index = [0x%.16x], to = [%d])\n", index, to); | 501 "(page w/ index = [0x%.16x], to = [%d])\n", index, to); |
515 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | 502 if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
516 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 0, | 503 rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 0, |
517 to); | 504 to); |
518 if (!rc) { | 505 if (!rc) { |
519 rc = copied; | 506 rc = copied; |
520 fsstack_copy_inode_size(ecryptfs_inode, | 507 fsstack_copy_inode_size(ecryptfs_inode, |
521 ecryptfs_inode_to_lower(ecryptfs_inode)); | 508 ecryptfs_inode_to_lower(ecryptfs_inode)); |
522 } | 509 } |
523 goto out; | 510 goto out; |
524 } | 511 } |
525 /* Fills in zeros if 'to' goes beyond inode size */ | 512 /* Fills in zeros if 'to' goes beyond inode size */ |
526 rc = fill_zeros_to_end_of_page(page, to); | 513 rc = fill_zeros_to_end_of_page(page, to); |
527 if (rc) { | 514 if (rc) { |
528 ecryptfs_printk(KERN_WARNING, "Error attempting to fill " | 515 ecryptfs_printk(KERN_WARNING, "Error attempting to fill " |
529 "zeros in page with index = [0x%.16x]\n", index); | 516 "zeros in page with index = [0x%.16x]\n", index); |
530 goto out; | 517 goto out; |
531 } | 518 } |
532 » set_page_dirty(page); | 519 » rc = ecryptfs_encrypt_page(page); |
533 » unlock_page(page); | 520 » if (rc) { |
534 » need_unlock_page = 0; | 521 » » ecryptfs_printk(KERN_WARNING, "Error encrypting page (upper " |
| 522 » » » » "index [0x%.16x])\n", index); |
| 523 » » goto out; |
| 524 » } |
535 if (pos + copied > i_size_read(ecryptfs_inode)) { | 525 if (pos + copied > i_size_read(ecryptfs_inode)) { |
536 i_size_write(ecryptfs_inode, pos + copied); | 526 i_size_write(ecryptfs_inode, pos + copied); |
537 ecryptfs_printk(KERN_DEBUG, "Expanded file size to " | 527 ecryptfs_printk(KERN_DEBUG, "Expanded file size to " |
538 "[0x%.16x]\n", i_size_read(ecryptfs_inode)); | 528 "[0x%.16x]\n", i_size_read(ecryptfs_inode)); |
539 balance_dirty_pages_ratelimited(mapping); | |
540 rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode); | |
541 if (rc) { | |
542 printk(KERN_ERR "Error writing inode size to metadata; " | |
543 "rc = [%d]\n", rc); | |
544 goto out; | |
545 } | |
546 } | 529 } |
547 » rc = copied; | 530 » rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode); |
| 531 » if (rc) |
| 532 » » printk(KERN_ERR "Error writing inode size to metadata; " |
| 533 » » "rc = [%d]\n", rc); |
| 534 » else |
| 535 » » rc = copied; |
548 out: | 536 out: |
549 » if (need_unlock_page) | 537 » unlock_page(page); |
550 » » unlock_page(page); | |
551 page_cache_release(page); | 538 page_cache_release(page); |
552 return rc; | 539 return rc; |
553 } | 540 } |
554 | 541 |
555 static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block) | 542 static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block) |
556 { | 543 { |
557 int rc = 0; | 544 int rc = 0; |
558 struct inode *inode; | 545 struct inode *inode; |
559 struct inode *lower_inode; | 546 struct inode *lower_inode; |
560 | 547 |
561 inode = (struct inode *)mapping->host; | 548 inode = (struct inode *)mapping->host; |
562 lower_inode = ecryptfs_inode_to_lower(inode); | 549 lower_inode = ecryptfs_inode_to_lower(inode); |
563 if (lower_inode->i_mapping->a_ops->bmap) | 550 if (lower_inode->i_mapping->a_ops->bmap) |
564 rc = lower_inode->i_mapping->a_ops->bmap(lower_inode->i_mapping, | 551 rc = lower_inode->i_mapping->a_ops->bmap(lower_inode->i_mapping, |
565 block); | 552 block); |
566 return rc; | 553 return rc; |
567 } | 554 } |
568 | 555 |
569 const struct address_space_operations ecryptfs_aops = { | 556 const struct address_space_operations ecryptfs_aops = { |
570 .writepage = ecryptfs_writepage, | 557 .writepage = ecryptfs_writepage, |
571 .readpage = ecryptfs_readpage, | 558 .readpage = ecryptfs_readpage, |
572 .write_begin = ecryptfs_write_begin, | 559 .write_begin = ecryptfs_write_begin, |
573 .write_end = ecryptfs_write_end, | 560 .write_end = ecryptfs_write_end, |
574 .bmap = ecryptfs_bmap, | 561 .bmap = ecryptfs_bmap, |
575 }; | 562 }; |
OLD | NEW |