)]}' { "log": [ { "commit": "ece550f51ba175c14ec3ec047815927d7386ea1f", "tree": "759c930b24718b3feacf149a8e4759f7725ee8e5", "parents": [ "4aa25bcb7dac2d583f1557e2be2d0b598581da54" ], "author": { "name": "Dan Carpenter", "email": "error27@gmail.com", "time": "Tue Jan 19 12:34:32 2010 +0300" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Jan 19 22:36:06 2010 -0600" }, "message": "ecryptfs: use after free\n\nThe \"full_alg_name\" variable is used on a couple error paths, so we\nshouldn\u0027t free it until the end.\n\nSigned-off-by: Dan Carpenter \u003cerror27@gmail.com\u003e\nCc: stable@kernel.org\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "96a7b9c2f5df899f302ade45cf17ad753fe130fd", "tree": "096b67dbaad8e795344554994e28433a1e5b5de1", "parents": [ "3891959846709a19f76628e33478cd85edb0e79f" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 16 19:04:20 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:34 2009 -0500" }, "message": "eCryptfs: Propagate vfs_read and vfs_write return codes\n\nErrors returned from vfs_read() and vfs_write() calls to the lower\nfilesystem were being masked as -EINVAL. This caused some confusion to\nusers who saw EINVAL instead of ENOSPC when the disk was full, for\ninstance.\n\nAlso, the actual bytes read or written were not accessible by callers to\necryptfs_read_lower() and ecryptfs_write_lower(), which may be useful in\nsome cases. This patch updates the error handling logic where those\nfunctions are called in order to accept positive return codes indicating\nsuccess.\n\nCc: Eric Sandeen \u003cesandeen@redhat.com\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "df6ad33ba1b9846bd5f0e2b9016c30c20bc2d948", "tree": "5bed7a289830867f2bac4dc05f076b7121e41ae3", "parents": [ "ac22ba23b659e34a5961aec8c945608e471b0d5b" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Aug 21 04:27:46 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:32 2009 -0500" }, "message": "eCryptfs: Filename encryption only supports password auth tokens\n\nReturns -ENOTSUPP when attempting to use filename encryption with\nsomething other than a password authentication token, such as a private\ntoken from openssl. Using filename encryption with a userspace eCryptfs\nkey module is a future goal. Until then, this patch handles the\nsituation a little better than simply using a BUG_ON().\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "b0105eaefa7cce8f4a941d0fc6354b250d30e745", "tree": "60bed48ff88aa22d9ee36b64d23421cf9e50d2a8", "parents": [ "382684984e93039a3bbd83b04d341b0ceb831519" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Aug 11 00:36:32 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:31 2009 -0500" }, "message": "eCryptfs: Handle unrecognized tag 3 cipher codes\n\nReturns an error when an unrecognized cipher code is present in a tag 3\npacket or an ecryptfs_crypt_stat cannot be initialized. Also sets an\ncrypt_stat-\u003etfm error pointer to NULL to ensure that it will not be\nincorrectly freed in ecryptfs_destroy_crypt_stat().\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "382684984e93039a3bbd83b04d341b0ceb831519", "tree": "039aa99f6651066a2aac7aec42b06da0a9b55402", "parents": [ "aa06117f19944573cda0c4bee026c916b5256090" ], "author": { "name": "Dave Hansen", "email": "dave@linux.vnet.ibm.com", "time": "Thu Aug 27 09:47:07 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:31 2009 -0500" }, "message": "ecryptfs: improved dependency checking and reporting\n\nSo, I compiled a 2.6.31-rc5 kernel with ecryptfs and loaded its module.\nWhen it came time to mount my filesystem, I got this in dmesg, and it\nrefused to mount:\n\n[93577.776637] Unable to allocate crypto cipher with name [aes]; rc \u003d [-2]\n[93577.783280] Error attempting to initialize key TFM cipher with name \u003d [aes]; rc \u003d [-2]\n[93577.791183] Error attempting to initialize cipher with name \u003d [aes] and key size \u003d [32]; rc \u003d [-2]\n[93577.800113] Error parsing options; rc \u003d [-22]\n\nI figured from the error message that I\u0027d either forgotten to load \"aes\"\nor that my key size was bogus. Neither one of those was the case. In\nfact, I was missing the CRYPTO_ECB config option and the \u0027ecb\u0027 module.\nUnfortunately, there\u0027s no trace of \u0027ecb\u0027 in that error message.\n\nI\u0027ve done two things to fix this. First, I\u0027ve modified ecryptfs\u0027s\nKconfig entry to select CRYPTO_ECB and CRYPTO_CBC. I also took CRYPTO\nout of the dependencies since the \u0027select\u0027 will take care of it for us.\n\nI\u0027ve also modified the error messages to print a string that should\ncontain both \u0027ecb\u0027 and \u0027aes\u0027 in my error case. That will give any\nfuture users a chance of finding the right modules and Kconfig options.\n\nI also wonder if we should:\n\n\tselect CRYPTO_AES if !EMBEDDED\n\nsince I think most ecryptfs users are using AES like me.\n\nCc: ecryptfs-devel@lists.launchpad.net\nCc: linux-fsdevel@vger.kernel.org\nCc: linux-kernel@vger.kernel.org\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\n[tyhicks@linux.vnet.ibm.com: Removed extra newline, 80-char violation]\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "aa06117f19944573cda0c4bee026c916b5256090", "tree": "e5cb24f500431a5201e7a50b1e9df62fbd24e1bb", "parents": [ "05dafedb906425fe935199f4c92700d87285e3e9" ], "author": { "name": "Roland Dreier", "email": "rdreier@cisco.com", "time": "Wed Jul 01 15:48:18 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:30 2009 -0500" }, "message": "eCryptfs: Fix lockdep-reported AB-BA mutex issue\n\nLockdep reports the following valid-looking possible AB-BA deadlock with\nglobal_auth_tok_list_mutex and keysig_list_mutex:\n\n ecryptfs_new_file_context() -\u003e\n ecryptfs_copy_mount_wide_sigs_to_inode_sigs() -\u003e\n mutex_lock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n -\u003e ecryptfs_add_keysig() -\u003e\n mutex_lock(\u0026crypt_stat-\u003ekeysig_list_mutex);\n\nvs\n\n ecryptfs_generate_key_packet_set() -\u003e\n mutex_lock(\u0026crypt_stat-\u003ekeysig_list_mutex);\n -\u003e ecryptfs_find_global_auth_tok_for_sig() -\u003e\n mutex_lock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n\nie the two mutexes are taken in opposite orders in the two different\ncode paths. I\u0027m not sure if this is a real bug where two threads could\nactually hit the two paths in parallel and deadlock, but it at least\nmakes lockdep impossible to use with ecryptfs since this report triggers\nevery time and disables future lockdep reporting.\n\nSince ecryptfs_add_keysig() is called only from the single callsite in\necryptfs_copy_mount_wide_sigs_to_inode_sigs(), the simplest fix seems to\nbe to move the lock of keysig_list_mutex back up outside of the where\nglobal_auth_tok_list_mutex is taken. This patch does that, and fixes\nthe lockdep report on my system (and ecryptfs still works OK).\n\nThe full output of lockdep fixed by this patch is:\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: possible circular locking dependency detected ]\n2.6.31-2-generic #14~rbd2\n-------------------------------------------------------\ngdm/2640 is trying to acquire lock:\n (\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex){+.+.+.}, at: [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n\nbut task is already holding lock:\n (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}, at: [\u003cffffffff81217728\u003e] ecryptfs_generate_key_packet_set+0x58/0x2b0\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}:\n [\u003cffffffff8108c897\u003e] check_prev_add+0x2a7/0x370\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121526a\u003e] ecryptfs_add_keysig+0x5a/0xb0\n [\u003cffffffff81213299\u003e] ecryptfs_copy_mount_wide_sigs_to_inode_sigs+0x59/0xb0\n [\u003cffffffff81214b06\u003e] ecryptfs_new_file_context+0xa6/0x1a0\n [\u003cffffffff8120e42a\u003e] ecryptfs_initialize_file+0x4a/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\n\n-\u003e #0 (\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex){+.+.+.}:\n [\u003cffffffff8108c675\u003e] check_prev_add+0x85/0x370\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff812177d5\u003e] ecryptfs_generate_key_packet_set+0x105/0x2b0\n [\u003cffffffff81212f49\u003e] ecryptfs_write_headers_virt+0xc9/0x120\n [\u003cffffffff8121306d\u003e] ecryptfs_write_metadata+0xcd/0x200\n [\u003cffffffff8120e44b\u003e] ecryptfs_initialize_file+0x6b/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\n\nother info that might help us debug this:\n\n2 locks held by gdm/2640:\n #0: (\u0026sb-\u003es_type-\u003ei_mutex_key#11){+.+.+.}, at: [\u003cffffffff8113cb8b\u003e] do_filp_open+0x3cb/0xae0\n #1: (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}, at: [\u003cffffffff81217728\u003e] ecryptfs_generate_key_packet_set+0x58/0x2b0\n\nstack backtrace:\nPid: 2640, comm: gdm Tainted: G C 2.6.31-2-generic #14~rbd2\nCall Trace:\n [\u003cffffffff8108b988\u003e] print_circular_bug_tail+0xa8/0xf0\n [\u003cffffffff8108c675\u003e] check_prev_add+0x85/0x370\n [\u003cffffffff81094912\u003e] ? __module_text_address+0x12/0x60\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff81017275\u003e] ? print_context_stack+0x85/0x140\n [\u003cffffffff81089c68\u003e] ? find_usage_backwards+0x38/0x160\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8108b0b0\u003e] ? check_usage_backwards+0x0/0xb0\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8108c02c\u003e] ? mark_held_locks+0x6c/0xa0\n [\u003cffffffff81125b0d\u003e] ? kmem_cache_alloc+0xfd/0x1a0\n [\u003cffffffff8108c34d\u003e] ? trace_hardirqs_on_caller+0x14d/0x190\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff812177d5\u003e] ecryptfs_generate_key_packet_set+0x105/0x2b0\n [\u003cffffffff81212f49\u003e] ecryptfs_write_headers_virt+0xc9/0x120\n [\u003cffffffff8121306d\u003e] ecryptfs_write_metadata+0xcd/0x200\n [\u003cffffffff81210240\u003e] ? ecryptfs_init_persistent_file+0x60/0xe0\n [\u003cffffffff8120e44b\u003e] ecryptfs_initialize_file+0x6b/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8129a93e\u003e] ? _raw_spin_unlock+0x5e/0xb0\n [\u003cffffffff8155410b\u003e] ? _spin_unlock+0x2b/0x40\n [\u003cffffffff81139e9b\u003e] ? getname+0x3b/0x240\n [\u003cffffffff81148a5a\u003e] ? alloc_fd+0xfa/0x140\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff81553b8f\u003e] ? trace_hardirqs_on_thunk+0x3a/0x3f\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: Roland Dreier \u003crolandd@cisco.com\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "05dafedb906425fe935199f4c92700d87285e3e9", "tree": "7f3162455188c322baf9c6ca9a2890394380201d", "parents": [ "94e0fb086fc5663c38bbc0fe86d698be8314f82f" ], "author": { "name": "Roland Dreier", "email": "roland@digitalvampire.org", "time": "Tue Jul 14 13:32:56 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:30 2009 -0500" }, "message": "ecryptfs: Remove unneeded locking that triggers lockdep false positives\n\nIn ecryptfs_destroy_inode(), inode_info-\u003elower_file_mutex is locked,\nand just after the mutex is unlocked, the code does:\n\n \tkmem_cache_free(ecryptfs_inode_info_cache, inode_info);\n\nThis means that if another context could possibly try to take the same\nmutex as ecryptfs_destroy_inode(), then it could end up getting the\nmutex just before the data structure containing the mutex is freed.\nSo any such use would be an obvious use-after-free bug (catchable with\nslab poisoning or mutex debugging), and therefore the locking in\necryptfs_destroy_inode() is not needed and can be dropped.\n\nSimilarly, in ecryptfs_destroy_crypt_stat(), crypt_stat-\u003ekeysig_list_mutex\nis locked, and then the mutex is unlocked just before the code does:\n\n \tmemset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));\n\nTherefore taking this mutex is similarly not necessary.\n\nRemoving this locking fixes false-positive lockdep reports such as the\nfollowing (and they are false-positives for exactly the same reason\nthat the locking is not needed):\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: inconsistent lock state ]\n2.6.31-2-generic #14~rbd3\n---------------------------------\ninconsistent {RECLAIM_FS-ON-W} -\u003e {IN-RECLAIM_FS-W} usage.\nkswapd0/323 [HC0[0]:SC0[0]:HE1:SE1] takes:\n (\u0026inode_info-\u003elower_file_mutex){+.+.?.}, at: [\u003cffffffff81210d34\u003e] ecryptfs_destroy_inode+0x34/0x100\n{RECLAIM_FS-ON-W} state was registered at:\n [\u003cffffffff8108c02c\u003e] mark_held_locks+0x6c/0xa0\n [\u003cffffffff8108c10f\u003e] lockdep_trace_alloc+0xaf/0xe0\n [\u003cffffffff81125a51\u003e] kmem_cache_alloc+0x41/0x1a0\n [\u003cffffffff8113117a\u003e] get_empty_filp+0x7a/0x1a0\n [\u003cffffffff8112dd46\u003e] dentry_open+0x36/0xc0\n [\u003cffffffff8121a36c\u003e] ecryptfs_privileged_open+0x5c/0x2e0\n [\u003cffffffff81210283\u003e] ecryptfs_init_persistent_file+0xa3/0xe0\n [\u003cffffffff8120e838\u003e] ecryptfs_lookup_and_interpose_lower+0x278/0x380\n [\u003cffffffff8120f97a\u003e] ecryptfs_lookup+0x12a/0x250\n [\u003cffffffff8113930a\u003e] real_lookup+0xea/0x160\n [\u003cffffffff8113afc8\u003e] do_lookup+0xb8/0xf0\n [\u003cffffffff8113b518\u003e] __link_path_walk+0x518/0x870\n [\u003cffffffff8113bd9c\u003e] path_walk+0x5c/0xc0\n [\u003cffffffff8113be5b\u003e] do_path_lookup+0x5b/0xa0\n [\u003cffffffff8113bfe7\u003e] user_path_at+0x57/0xa0\n [\u003cffffffff811340dc\u003e] vfs_fstatat+0x3c/0x80\n [\u003cffffffff8113424b\u003e] vfs_stat+0x1b/0x20\n [\u003cffffffff81134274\u003e] sys_newstat+0x24/0x50\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\nirq event stamp: 7811\nhardirqs last enabled at (7811): [\u003cffffffff810c037f\u003e] call_rcu+0x5f/0x90\nhardirqs last disabled at (7810): [\u003cffffffff810c0353\u003e] call_rcu+0x33/0x90\nsoftirqs last enabled at (3764): [\u003cffffffff810631da\u003e] __do_softirq+0x14a/0x220\nsoftirqs last disabled at (3751): [\u003cffffffff8101440c\u003e] call_softirq+0x1c/0x30\n\nother info that might help us debug this:\n2 locks held by kswapd0/323:\n #0: (shrinker_rwsem){++++..}, at: [\u003cffffffff810f67ed\u003e] shrink_slab+0x3d/0x190\n #1: (\u0026type-\u003es_umount_key#35){.+.+..}, at: [\u003cffffffff811429a1\u003e] prune_dcache+0xd1/0x1b0\n\nstack backtrace:\nPid: 323, comm: kswapd0 Tainted: G C 2.6.31-2-generic #14~rbd3\nCall Trace:\n [\u003cffffffff8108ad6c\u003e] print_usage_bug+0x18c/0x1a0\n [\u003cffffffff8108aff0\u003e] ? check_usage_forwards+0x0/0xc0\n [\u003cffffffff8108bac2\u003e] mark_lock_irq+0xf2/0x280\n [\u003cffffffff8108bd87\u003e] mark_lock+0x137/0x1d0\n [\u003cffffffff81164710\u003e] ? fsnotify_clear_marks_by_inode+0x30/0xf0\n [\u003cffffffff8108bee6\u003e] mark_irqflags+0xc6/0x1a0\n [\u003cffffffff8108d337\u003e] __lock_acquire+0x287/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff8108d2e7\u003e] ? __lock_acquire+0x237/0x430\n [\u003cffffffff815526ad\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff81164710\u003e] ? fsnotify_clear_marks_by_inode+0x30/0xf0\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff8129a91e\u003e] ? _raw_spin_unlock+0x5e/0xb0\n [\u003cffffffff81552b36\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff81210d34\u003e] ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff81145d27\u003e] destroy_inode+0x87/0xd0\n [\u003cffffffff81146b4c\u003e] generic_delete_inode+0x12c/0x1a0\n [\u003cffffffff81145832\u003e] iput+0x62/0x70\n [\u003cffffffff811423c8\u003e] dentry_iput+0x98/0x110\n [\u003cffffffff81142550\u003e] d_kill+0x50/0x80\n [\u003cffffffff81142623\u003e] prune_one_dentry+0xa3/0xc0\n [\u003cffffffff811428b1\u003e] __shrink_dcache_sb+0x271/0x290\n [\u003cffffffff811429d9\u003e] prune_dcache+0x109/0x1b0\n [\u003cffffffff81142abf\u003e] shrink_dcache_memory+0x3f/0x50\n [\u003cffffffff810f68dd\u003e] shrink_slab+0x12d/0x190\n [\u003cffffffff810f9377\u003e] balance_pgdat+0x4d7/0x640\n [\u003cffffffff8104c4c0\u003e] ? finish_task_switch+0x40/0x150\n [\u003cffffffff810f63c0\u003e] ? isolate_pages_global+0x0/0x60\n [\u003cffffffff810f95f7\u003e] kswapd+0x117/0x170\n [\u003cffffffff810777a0\u003e] ? autoremove_wake_function+0x0/0x40\n [\u003cffffffff810f94e0\u003e] ? kswapd+0x0/0x170\n [\u003cffffffff810773be\u003e] kthread+0x9e/0xb0\n [\u003cffffffff8101430a\u003e] child_rip+0xa/0x20\n [\u003cffffffff81013c90\u003e] ? restore_args+0x0/0x30\n [\u003cffffffff81077320\u003e] ? kthread+0x0/0xb0\n [\u003cffffffff81014300\u003e] ? child_rip+0x0/0x20\n\nSigned-off-by: Roland Dreier \u003croland@digitalvampire.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "13a791b4e63eb0537a7f804a340d6527485983b4", "tree": "ad3c74093e8efe0da14644a0dc16ac0c61b2e6e5", "parents": [ "3a5203ab3c0c31e0f1434c69e893bfb85c6e6657" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Apr 13 15:29:27 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 03:54:13 2009 -0500" }, "message": "eCryptfs: Fix data corruption when using ecryptfs_passthrough\n\necryptfs_passthrough is a mount option that allows eCryptfs to allow\ndata to be written to non-eCryptfs files in the lower filesystem. The\npassthrough option was causing data corruption due to it not always\nbeing treated as a non-eCryptfs file.\n\nThe first 8 bytes of an eCryptfs file contains the decrypted file size.\nThis value was being written to the non-eCryptfs files, too. Also,\nextra 0x00 characters were being written to make the file size a\nmultiple of PAGE_CACHE_SIZE.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "2aac0cf88681bfa092f731553bc7fbd23516be73", "tree": "b723cbe9c67b0cafa9081690d03b4ecec038d9f6", "parents": [ "8faece5f906725c10e7a1f6caf84452abadbdc7b" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 20 02:23:57 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Mar 22 11:20:43 2009 -0700" }, "message": "eCryptfs: NULL crypt_stat dereference during lookup\n\nIf ecryptfs_encrypted_view or ecryptfs_xattr_metadata were being\nspecified as mount options, a NULL pointer dereference of crypt_stat\nwas possible during lookup.\n\nThis patch moves the crypt_stat assignment into\necryptfs_lookup_and_interpose_lower(), ensuring that crypt_stat\nwill not be NULL before we attempt to dereference it.\n\nThanks to Dan Carpenter and his static analysis tool, smatch, for\nfinding this bug.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nCc: Dan Carpenter \u003cerror27@gmail.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8faece5f906725c10e7a1f6caf84452abadbdc7b", "tree": "bbe7d6cba67c909fbc86fc63dbfa1cf0d3cb12bc", "parents": [ "18a0d89e54ca0f6f33582f99ae39867b2c975559" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 20 01:25:09 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Mar 22 11:20:43 2009 -0700" }, "message": "eCryptfs: Allocate a variable number of pages for file headers\n\nWhen allocating the memory used to store the eCryptfs header contents, a\nsingle, zeroed page was being allocated with get_zeroed_page().\nHowever, the size of an eCryptfs header is either PAGE_CACHE_SIZE or\nECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE (8192), whichever is larger, and is\nstored in the file\u0027s private_data-\u003ecrypt_stat-\u003enum_header_bytes_at_front\nfield.\n\necryptfs_write_metadata_to_contents() was using\nnum_header_bytes_at_front to decide how many bytes should be written to\nthe lower filesystem for the file header. Unfortunately, at least 8K\nwas being written from the page, despite the chance of the single,\nzeroed page being smaller than 8K. This resulted in random areas of\nkernel memory being written between the 0x1000 and 0x1FFF bytes offsets\nin the eCryptfs file headers if PAGE_SIZE was 4K.\n\nThis patch allocates a variable number of pages, calculated with\nnum_header_bytes_at_front, and passes the number of allocated pages\nalong to ecryptfs_write_metadata_to_contents().\n\nThanks to Florian Streibelt for reporting the data leak and working with\nme to find the problem. 2.6.28 is the only kernel release with this\nvulnerability. Corresponds to CVE-2009-0787\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nReviewed-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nReviewed-by: Eugene Teo \u003ceugeneteo@kernel.sg\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nCc: dann frazier \u003cdannf@dannf.org\u003e\nCc: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nCc: Florian Streibelt \u003cflorian@f-streibelt.de\u003e\nCc: stable@kernel.org\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "84814d642a4f1f294bd675ab11aae1ca54c6cedb", "tree": "4ae91cce54c8d9578dc3217b6454a921b91833a3", "parents": [ "15e7b8767605dc0cb9bd4594caabfec392385210" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 13 13:51:59 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 14 11:57:22 2009 -0700" }, "message": "eCryptfs: don\u0027t encrypt file key with filename key\n\neCryptfs has file encryption keys (FEK), file encryption key encryption\nkeys (FEKEK), and filename encryption keys (FNEK). The per-file FEK is\nencrypted with one or more FEKEKs and stored in the header of the\nencrypted file. I noticed that the FEK is also being encrypted by the\nFNEK. This is a problem if a user wants to use a different FNEK than\ntheir FEKEK, as their file contents will still be accessible with the\nFNEK.\n\nThis is a minimalistic patch which prevents the FNEKs signatures from\nbeing copied to the inode signatures list. Ultimately, it keeps the FEK\nfrom being encrypted with a FNEK.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "fd9fc842bbab0cb5560b0d52ce4598c898707863", "tree": "ff8fc9b1c964debf18ba662558b26bf7bb7513cc", "parents": [ "eeb94855beeb7fde5f9e2ed72fe6a8b24cd5a3c7" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Feb 06 18:06:51 2009 -0600" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Feb 06 18:36:40 2009 -0800" }, "message": "eCryptfs: Regression in unencrypted filename symlinks\n\nThe addition of filename encryption caused a regression in unencrypted\nfilename symlink support. ecryptfs_copy_filename() is used when dealing\nwith unencrypted filenames and it reported that the new, copied filename\nwas a character longer than it should have been.\n\nThis caused the return value of readlink() to count the NULL byte of the\nsymlink target. Most applications don\u0027t care about the extra NULL byte,\nbut a version control system (bzr) helped in discovering the bug.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "71c11c378f46e42ca67c1e227646ce23bf43a8c6", "tree": "5762c267801a47bc5efd54242661820472827960", "parents": [ "7d8bc2be51706152828164b305e969b4a8471041" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:05 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Clean up ecryptfs_decode_from_filename()\n\nFlesh out the comments for ecryptfs_decode_from_filename(). Remove the\nreturn condition, since it is always 0.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a8f12864c52f8ab8520568dc97969c1749ae60bf", "tree": "9b65cf578ce80fb0fc139371b7dd7594ed79a6f0", "parents": [ "df261c52abdef147084c76ecf14473184e907547" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:03 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Fix data types (int/size_t)\n\nCorrect several format string data type specifiers. Correct filename size\ndata types; they should be size_t rather than int when passed as\nparameters to some other functions (although note that the filenames will\nnever be larger than int).\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "df261c52abdef147084c76ecf14473184e907547", "tree": "f1f423ba612dbacace82193f2b088252f169a9c6", "parents": [ "87c94c4df0149786ad91d8a03c738a03369ee9c8" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:02 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Replace %Z with %z\n\n%Z is a gcc-ism. Using %z instead.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "addd65ad8d19a7d7982130b16f957d5d01d3f8df", "tree": "2263b4a4b7a6269410bd161a3995d2b4af3f7bcf", "parents": [ "51ca58dcc9f0d6b1e78954d08bd4954fb6a1421c" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:00 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Filename Encryption: filldir, lookup, and readlink\n\nMake the requisite modifications to ecryptfs_filldir(), ecryptfs_lookup(),\nand ecryptfs_readlink() to call out to filename encryption functions.\nPropagate filename encryption policy flags from mount-wide crypt_stat to\ninode crypt_stat.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "51ca58dcc9f0d6b1e78954d08bd4954fb6a1421c", "tree": "0bd80a0a9322150527b2d2160d7b37d0e067f389", "parents": [ "a34f60f748c6fe5d791e9b54cffe442201428254" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:59 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Encoding and encryption functions\n\nThese functions support encrypting and encoding the filename contents.\nThe encrypted filename contents may consist of any ASCII characters. This\npatch includes a custom encoding mechanism to map the ASCII characters to\na reduced character set that is appropriate for filenames.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a34f60f748c6fe5d791e9b54cffe442201428254", "tree": "1b5378b49773c0f57bb5f892c3d2096da3c9a803", "parents": [ "9c79f34f7ee71cd28272332b424ca64b2be006ab" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:58 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Header updates\n\nExtensions to the header file to support filename encryption.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "9c79f34f7ee71cd28272332b424ca64b2be006ab", "tree": "1a818b78d8f0497c4b97a77a6464718dfaaf12c1", "parents": [ "14bca6c39d8245a0313f55309bfeb6bf60cc17c8" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:57 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Tag 70 packets\n\nThis patchset implements filename encryption via a passphrase-derived\nmount-wide Filename Encryption Key (FNEK) specified as a mount parameter.\nEach encrypted filename has a fixed prefix indicating that eCryptfs should\ntry to decrypt the filename. When eCryptfs encounters this prefix, it\ndecodes the filename into a tag 70 packet and then decrypts the packet\ncontents using the FNEK, setting the filename to the decrypted filename.\nBoth unencrypted and encrypted filenames can reside in the same lower\nfilesystem.\n\nBecause filename encryption expands the length of the filename during the\nencoding stage, eCryptfs will not properly handle filenames that are\nalready near the maximum filename length.\n\nIn the present implementation, eCryptfs must be able to produce a match\nagainst the lower encrypted and encoded filename representation when given\na plaintext filename. Therefore, two files having the same plaintext name\nwill encrypt and encode into the same lower filename if they are both\nencrypted using the same FNEK. This can be changed by finding a way to\nreplace the prepended bytes in the blocked-aligned filename with random\ncharacters; they are hashes of the FNEK right now, so that it is possible\nto deterministically map from a plaintext filename to an encrypted and\nencoded filename in the lower filesystem. An implementation using random\ncharacters will have to decode and decrypt every single directory entry in\nany given directory any time an event occurs wherein the VFS needs to\ndetermine whether a particular file exists in the lower directory and the\ndecrypted and decoded filenames have not yet been extracted for that\ndirectory.\n\nThanks to Tyler Hicks and David Kleikamp for assistance in the development\nof this patchset.\n\nThis patch:\n\nA tag 70 packet contains a filename encrypted with a Filename Encryption\nKey (FNEK). This patch implements functions for writing and parsing tag\n70 packets. This patch also adds definitions and extends structures to\nsupport filename encryption.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "87b811c3f96559e466403e22b1fa99d472571625", "tree": "319179f5d9a1cffaa3ae32aa41076d0fb10aab10", "parents": [ "ce05fcc30ea41c85f9d50bee1ce289f7cb7fb223" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Oct 29 14:01:08 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 30 11:38:46 2008 -0700" }, "message": "ecryptfs: fix memory corruption when storing crypto info in xattrs\n\nWhen ecryptfs allocates space to write crypto headers into, before copying\nit out to file headers or to xattrs, it looks at the value of\ncrypt_stat-\u003enum_header_bytes_at_front to determine how much space it\nneeds. This is also used as the file offset to the actual encrypted data,\nso for xattr-stored crypto info, the value was zero.\n\nSo, we kzalloc\u0027d 0 bytes, and then ran off to write to that memory.\n(Which returned as ZERO_SIZE_PTR, so we explode quickly).\n\nThe right answer is to always allocate a page to write into; the current\ncode won\u0027t ever write more than that (this is enforced by the\n(PAGE_CACHE_SIZE - offset) length in the call to\necryptfs_generate_key_packet_set). To be explicit about this, we now send\nin a \"max\" parameter, rather than magically using PAGE_CACHE_SIZE there.\n\nAlso, since the pointer we pass down the callchain eventually gets the\nvirt_to_page() treatment, we should be using a alloc_page variant, not\nkzalloc (see also 7fcba054373d5dfc43d26e243a5c9b92069972ee)\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7fcba054373d5dfc43d26e243a5c9b92069972ee", "tree": "3503fba122a654946b5455bc95fa3978cbc4f68b", "parents": [ "25947d5ac56004378d8c2d31ebf22600d5bc0c02" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Mon Jul 28 15:46:39 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 28 16:30:21 2008 -0700" }, "message": "eCryptfs: use page_alloc not kmalloc to get a page of memory\n\nWith SLUB debugging turned on in 2.6.26, I was getting memory corruption\nwhen testing eCryptfs. The root cause turned out to be that eCryptfs was\ndoing kmalloc(PAGE_CACHE_SIZE); virt_to_page() and treating that as a nice\npage-aligned chunk of memory. But at least with SLUB debugging on, this\nis not always true, and the page we get from virt_to_page does not\nnecessarily match the PAGE_CACHE_SIZE worth of memory we got from kmalloc.\n\nMy simple testcase was 2 loops doing \"rm -f fileX; cp /tmp/fileX .\" for 2\ndifferent multi-megabyte files. With this change I no longer see the\ncorruption.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nAcked-by: Rik van Riel \u003criel@redhat.com\u003e\nCc: \u003cstable@kernel.org\u003e\t\t[2.6.25.x, 2.6.26.x]\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "29335c6a41568d4708d4ec3b9187f9b6d302e5ea", "tree": "83be9a98e4b657b46377c32624d5d0cd9120ee5f", "parents": [ "8f2368095e25018838e1bf145041f58270ccd32e" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Wed Jul 23 21:30:06 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: crypto.c use unaligned byteorder helpers\n\nFixes the following sparse warnings:\nfs/ecryptfs/crypto.c:1036:8: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1038:8: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1077:10: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1103:6: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1105:6: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1124:8: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1241:21: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1244:30: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1414:23: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1417:32: warning: cast to restricted __be16\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "71fd5179e8d1d4d503b517e0c5374f7c49540bfc", "tree": "987196a5381e6d8e8b614544d1bc3ad4b4531a67", "parents": [ "03fb0bce01490c9bdedad861962c76f987531014" ], "author": { "name": "Cyrill Gorcunov", "email": "gorcunov@gmail.com", "time": "Fri May 23 13:04:20 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 24 09:56:07 2008 -0700" }, "message": "ecryptfs: fix missed mutex_unlock\n\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "18d1dbf1d401e8f9d74cf1cf799fdb19cff150c6", "tree": "72e1e7061b4f630b971bc5ea7d20ba6e1a509988", "parents": [ "05db67a4f2c14dab5bcaa46c7d4e9237bd11b37c" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Tue Apr 29 00:59:48 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:06 2008 -0700" }, "message": "ecryptfs: replace remaining __FUNCTION__ occurrences\n\n__FUNCTION__ is gcc-specific, use __func__\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "05db67a4f2c14dab5bcaa46c7d4e9237bd11b37c", "tree": "6fde8311a2f3eeafb2617ef66ea4bb98377e9a29", "parents": [ "afe42d7dea2983faa593d289ab241ffdd94d37b3" ], "author": { "name": "Adrian Bunk", "email": "bunk@kernel.org", "time": "Tue Apr 29 00:59:47 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:06 2008 -0700" }, "message": "remove ecryptfs_header_cache_0\n\nRemove the no longer used ecryptfs_header_cache_0.\n\nSigned-off-by: Adrian Bunk \u003cbunk@kernel.org\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "af440f52927e4b6941aa94e3cfc698adb0f22663", "tree": "00a7fdc2b09e8e6146f0fd0bc055688d58eea939", "parents": [ "19e66a67e9b25874cd5e184e7d381ce1b955df11" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Feb 06 01:38:37 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:13 2008 -0800" }, "message": "ecryptfs: check for existing key_tfm at mount time\n\nJeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same\ncipher \u0026 other mount options, created a new ecryptfs_key_tfm_cache item\neach time, and the cache could grow quite large this way.\n\nLooking at this with mhalcrow, we saw that ecryptfs_parse_options()\nunconditionally called ecryptfs_add_new_key_tfm(), which is what was adding\nthese items.\n\nRefactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new\nhelper function, ecryptfs_tfm_exists(), which checks for the cipher on the\ncached key_tfm_list, and sets a pointer to it if it exists. This can then\nbe called from ecryptfs_parse_options(), and new key_tfm\u0027s can be added\nonly when a cached one is not found.\n\nWith list locking changes suggested by akpm.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Jeff Moyer \u003cjmoyer@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "19e66a67e9b25874cd5e184e7d381ce1b955df11", "tree": "6dfd5c9771a99ddf7f3978ff6be466267727e2d5", "parents": [ "25bd8174036036f427b039e4857feac6c6912a37" ], "author": { "name": "Trevor Highland", "email": "thighlan@gmail.com", "time": "Wed Feb 06 01:38:36 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:13 2008 -0800" }, "message": "eCryptfs: change the type of cipher_code from u16 to u8\n\nOnly the lower byte of cipher_code is ever used, so it makes sense\nfor its type to be u8.\n\nSigned-off-by: Trevor Highland \u003ctrevor.highland@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "25bd8174036036f427b039e4857feac6c6912a37", "tree": "89c15ca0adb40cd5b4c00b627de74d342a851fa4", "parents": [ "2830bfd6cf66133c86d4a32004fd99c3de7e23bf" ], "author": { "name": "Michael Halcrow", "email": "mike@halcrow.us", "time": "Wed Feb 06 01:38:35 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: Minor fixes to printk messages\n\nThe printk statements that result when the user does not have the\nproper key available could use some refining.\n\nSigned-off-by: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8e3a6f16ba5874b69968cd450334829262513fd1", "tree": "ae5f8535f87377c101eabda9c5508725f5f2b7bd", "parents": [ "cc11beffdf80ca31dff21422fa2a5e54d25f1494" ], "author": { "name": "Trevor Highland", "email": "trevor.highland@gmail.com", "time": "Wed Feb 06 01:38:33 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: set inode key only once per crypto operation\n\nThere is no need to keep re-setting the same key for any given eCryptfs inode.\nThis patch optimizes the use of the crypto API and helps performance a bit.\n\nSigned-off-by: Trevor Highland \u003ctrevor.highland@gmail.com\u003e\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "cc11beffdf80ca31dff21422fa2a5e54d25f1494", "tree": "3b0e28d18f493a7c59b089c4c6fc59c79945937e", "parents": [ "7896b631823c6e8f1a520d89390624a51445840e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Feb 06 01:38:32 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: track header bytes rather than extents\n\nRemove internal references to header extents; just keep track of header bytes\ninstead. Headers can easily span multiple pages with the recent persistent\nfile changes.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7896b631823c6e8f1a520d89390624a51445840e", "tree": "2f9f2151802d21ded60fc6f53df4daeee3eb054e", "parents": [ "162c0d91a365d501c6cc65cba451f2d855e8ee81" ], "author": { "name": "Adrian Bunk", "email": "bunk@kernel.org", "time": "Wed Feb 06 01:38:32 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "fs/ecryptfs/: possible cleanups\n\n- make the following needlessly global code static:\n - crypto.c:ecryptfs_lower_offset_for_extent()\n - crypto.c:key_tfm_list\n - crypto.c:key_tfm_list_mutex\n - inode.c:ecryptfs_getxattr()\n - main.c:ecryptfs_init_persistent_file()\n\n- remove the no longer used mmap.c:ecryptfs_lower_page_cache\n\n- #if 0 the unused read_write.c:ecryptfs_read()\n\nSigned-off-by: Adrian Bunk \u003cbunk@kernel.org\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "c8161f64ccdcc3ac05c7bbfebc031e7ad5ca6412", "tree": "24adc1225b4f56b28533efe59ee357fe912403c5", "parents": [ "c525460e2754dbb33abe2b37d3d941126b2ea830" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Sat Dec 22 14:03:26 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Sun Dec 23 12:54:37 2007 -0800" }, "message": "ecryptfs: fix unlocking in error paths\n\nThanks to Josef Bacik for finding these.\n\nA couple of ecryptfs error paths don\u0027t properly unlock things they locked.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Josef Bacik \u003cjbacik@redhat.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "b88629060b03adc58639f818fe0968bf5fe81b5d", "tree": "5ee2455acde11f0f229de31a73a4475df3445e82", "parents": [ "ed367fc3a7349b17354c7acef551533337764859" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Sat Dec 22 14:03:24 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Sun Dec 23 12:54:36 2007 -0800" }, "message": "ecryptfs: fix string overflow on long cipher names\n\nPassing a cipher name \u003e 32 chars on mount results in an overflow when the\ncipher name is printed, because the last character in the struct\necryptfs_key_tfm\u0027s cipher_name string was never zeroed.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8a29f2b0288ba2a8fb302f9a639521ac9ff302e5", "tree": "384f27ea6300fe50345b0ab5cd7fdad23d0bdb79", "parents": [ "778d1a2bd42ae862a6c6d20a1c3af5e45b3c1924" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Nov 05 14:51:04 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Nov 05 15:12:33 2007 -0800" }, "message": "eCryptfs: release mutex on hash error path\n\nRelease the crypt_stat hash mutex on allocation error. Check for error\nconditions when doing crypto hash calls.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nReported-by: Kazuki Ohta \u003ckazuki.ohta@gmail.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "778d1a2bd42ae862a6c6d20a1c3af5e45b3c1924", "tree": "afc2eed74ad70fb03b0734b13d61c1bd9e6089f3", "parents": [ "01aae97196f2cdfbfebc5a0365bad82d98975588" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Nov 05 14:51:03 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Nov 05 15:12:33 2007 -0800" }, "message": "eCryptfs: increment extent_offset once per loop interation\n\nThe extent_offset is getting incremented twice per loop iteration through any\ngiven page. It should only be getting incremented once. This bug should only\nimpact hosts with \u003e4K page sizes.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "68e3f5dd4db62619fdbe520d36c9ebf62e672256", "tree": "0a9b05227fc53cb72785a95298c643f5405fd7b4", "parents": [ "a5a613a4291a8107008e4c40108a385cda71b08d" ], "author": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Sat Oct 27 00:52:07 2007 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Sat Oct 27 00:52:07 2007 -0700" }, "message": "[CRYPTO] users: Fix up scatterlist conversion errors\n\nThis patch fixes the errors made in the users of the crypto layer during\nthe sg_init_table conversion. It also adds a few conversions that were\nmissing altogether.\n\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "642f149031d70415d9318b919d50b71e4724adbd", "tree": "e792ad29dedffc6756d55e9d63e18ada35515b4b", "parents": [ "bd6dee6f30a0f6943df190b387b5f8fe98a848f3" ], "author": { "name": "Jens Axboe", "email": "jens.axboe@oracle.com", "time": "Wed Oct 24 11:20:47 2007 +0200" }, "committer": { "name": "Jens Axboe", "email": "jens.axboe@oracle.com", "time": "Wed Oct 24 11:20:47 2007 +0200" }, "message": "SG: Change sg_set_page() to take length and offset argument\n\nMost drivers need to set length and offset as well, so may as well fold\nthose three lines into one.\n\nAdd sg_assign_page() for those two locations that only needed to set\nthe page, where the offset/length is set outside of the function context.\n\nSigned-off-by: Jens Axboe \u003cjens.axboe@oracle.com\u003e\n" }, { "commit": "60c74f81933635bb4ccb4ee6f31909c51f5cd230", "tree": "1c8370b66d34d86598070e571f8935f5ff98fadb", "parents": [ "45711f1af6eff1a6d010703b4862e0d2b9afd056" ], "author": { "name": "Jens Axboe", "email": "jens.axboe@oracle.com", "time": "Mon Oct 22 19:43:30 2007 +0200" }, "committer": { "name": "Jens Axboe", "email": "jens.axboe@oracle.com", "time": "Mon Oct 22 21:19:55 2007 +0200" }, "message": "Update fs/ to use sg helpers\n\nSigned-off-by: Jens Axboe \u003cjens.axboe@oracle.com\u003e\n" }, { "commit": "16a72c455a67bb23eed7292a31c6ba17729e78e6", "tree": "d2cc7d116730348375ce0d06ad45e24744cd0b5f", "parents": [ "ecbdc93639f69c1f237ccce6a9aaff1e83f1182f" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:14 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "ecryptfs: clean up page flag handling\n\nThe functions that eventually call down to ecryptfs_read_lower(),\necryptfs_decrypt_page(), and ecryptfs_copy_up_encrypted_with_header()\nshould have the responsibility of managing the page Uptodate\nstatus. This patch gets rid of some of the ugliness that resulted from\ntrying to push some of the page flag setting too far down the stack.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "ecbdc93639f69c1f237ccce6a9aaff1e83f1182f", "tree": "0d3ad7c2d3f87ec4a51997f322aa066298156970", "parents": [ "b6c1d8fcbadeb9bb4c3dbca57a007629d0483544" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:14 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: replace magic numbers\n\nReplace some magic numbers with sizeof() equivalents.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "b6c1d8fcbadeb9bb4c3dbca57a007629d0483544", "tree": "ba786993ce9b16f0dcc25cdab05af8a3fef636ed", "parents": [ "035241d30e273519195a9987e6eb56bbe2297872" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:13 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: remove unused functions and kmem_cache\n\nThe switch to read_write.c routines and the persistent file make a number of\nfunctions unnecessary. This patch removes them.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "d6a13c17164fccab8aa96ca435ddacbf428335ca", "tree": "8995bb0b5c22a97c8f6c86eff797ff2de0421ee2", "parents": [ "bf12be1cc851cface331b0e74713a6bb1cb046b0" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:12 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: fix data types\n\nUpdate data types and add casts in order to avoid potential overflow\nissues.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2ed92554abc5c40d4450f9869c9565a1919a9242", "tree": "3b9be8b86474ad61d357990185476fc56ac2f490", "parents": [ "d7cdc5febf9f2664755002c3a2f84bd348389fe9" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:10 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: make open, truncate, and setattr use persistent file\n\nRather than open a new lower file for every eCryptfs file that is opened,\ntruncated, or setattr\u0027d, instead use the existing lower persistent file for\nthe eCryptfs inode. Change truncate to use read_write.c functions. Change\necryptfs_getxattr() to use the common ecryptfs_getxattr_lower() function.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "d7cdc5febf9f2664755002c3a2f84bd348389fe9", "tree": "ad770ac2031d87474220cc20eb7b99a246dea8bb", "parents": [ "4981e081cfe2c3f4abcfa3924ebd999cdbed4914" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:10 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: update metadata read/write functions\n\nUpdate the metadata read/write functions and grow_file() to use the\nread_write.c routines. Do not open another lower file; use the persistent\nlower file instead. Provide a separate function for\ncrypto.c::ecryptfs_read_xattr_region() to get to the lower xattr without\nhaving to go through the eCryptfs getxattr.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "0216f7f7921759211e48e8b940eae29f0fe43902", "tree": "44999b1dfb49944bfd83881c8d9e0cbe3a90e2b7", "parents": [ "da0102a10aed2244d8fc34f289e81e502622b81e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:08 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: replace encrypt, decrypt, and inode size write\n\nReplace page encryption and decryption routines and inode size write routine\nwith versions that utilize the read_write.c functions.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "5dda6992a3138f3839dcaecbcd2fbea4dd514c7c", "tree": "c9ca012364edc18a2baed74721052b7da9d39f53", "parents": [ "45eaab79678b9e27e08f0cf250eb2df9d6a48df0" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:06 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: remove assignments in if-statements\n\nRemove assignments in if-statements.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "45eaab79678b9e27e08f0cf250eb2df9d6a48df0", "tree": "ff13018aa1d66f1b1d9abbba6df7a361518bacb7", "parents": [ "e9f6a99cb844a61b04cab5b82e333d6efef1f735" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:05 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:12 2007 -0700" }, "message": "eCryptfs: remove header_extent_size\n\nThere is no point to keeping a separate header_extent_size and an extent_size.\n The total size of the header can always be represented as some multiple of\nthe regular data extent size.\n\n[randy.dunlap@oracle.com: ecryptfs: fix printk format warning]\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Randy Dunlap \u003crandy.dunlap@oracle.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "cd9d67dfd2b4db5fdbf9dfa69e202b8571f1db20", "tree": "77682cc92d32d2bb3ce745bdbb7e76ec09c246c5", "parents": [ "dd8e2902d0c02ee28043071023f8fa6063fe8e8f" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:04 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: make needlessly global symbols static\n\nAndrew Morton wrote:\n\u003e Please check that all the newly-added global symbols do indeed need\n\u003e to be global.\n\nChange symbols in keystore.c and crypto.o to static if they do not\nneed to be global.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "22e78fafbdf84883f70eb4944cf658fc23c4a1f4", "tree": "1b922f289e05f01d5c8d02427617cdb9bd66707c", "parents": [ "6c6f57f3bee1e3c3d31b08a0161c435bfaeb77eb" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:02 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: kerneldoc fixes for crypto.c and keystore.c\n\nAndrew Morton wrote:\nFrom: mhalcrow@us.ibm.com \u003cmhalcrow@halcrow.austin.ibm.com\u003e\n\u003e \u003e +/**\n\u003e \u003e + * decrypt_passphrase_encrypted_session_key - Decrypt the session key\n\u003e \u003e + * with the given auth_tok.\n\u003e \u003e *\n\u003e \u003e * Returns Zero on success; non-zero error otherwise.\n\u003e \u003e */\n\u003e\n\u003e That comment purports to be a kerneldoc-style comment. But\n\u003e\n\u003e - kerneldoc doesn\u0027t support multiple lines on the introductory line\n\u003e which identifies the name of the function (alas). So you\u0027ll need to\n\u003e overflow 80 cols here.\n\u003e\n\u003e - the function args weren\u0027t documented\n\u003e\n\u003e But the return value is! People regularly forget to do that. And\n\u003e they frequently forget to document the locking prerequisites and the\n\u003e permissible calling contexts (process/might_sleep/hardirq, etc)\n\u003e\n\u003e (please check all ecryptfs kerneldoc for this stuff sometime)\n\nThis patch cleans up some of the existing comments and makes a couple\nof line break tweaks. There is more work to do to bring eCryptfs into\nfull kerneldoc-compliance.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "fcd12835666b059b95613778819eb3ae9bc73642", "tree": "bd825395368d5039e039f930288b3997a2a96263", "parents": [ "af655dc6a9d5028d89aa35b65781631451aadc19" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:01 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: grammatical fix (destruct to destroy)\n\nAndrew Morton wrote:\n\u003e \u003e +int ecryptfs_destruct_crypto(void)\n\u003e\n\u003e ecryptfs_destroy_crypto would be more grammatically correct ;)\n\nGrammatical fix for some function names.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "af655dc6a9d5028d89aa35b65781631451aadc19", "tree": "aab30213366f9077b44fc09387a61bb140ca8240", "parents": [ "c59c2eb53f002de96f48dbc51e4f3bd946cf2458" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:00 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: collapse flag set into one statement\n\nAndrew Morton wrote:\n\u003e \u003e + crypt_stat-\u003eflags |\u003d ECRYPTFS_ENCRYPTED;\n\u003e \u003e + crypt_stat-\u003eflags |\u003d ECRYPTFS_KEY_VALID;\n\u003e\n\u003e Maybe the compiler can optimise those two statements, but we\u0027d\n\u003e normally provide it with some manual help.\n\nThis patch provides the compiler with some manual help for\noptimizing the setting of some flags.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "c59c2eb53f002de96f48dbc51e4f3bd946cf2458", "tree": "af9c826e357e1edd2c8f3410b98833141a154365", "parents": [ "81acbcd6c54c89a9eb09c1b9ca3bd952f6989c10" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:28:00 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: remove unnecessary BUG_ON\n\nAndrew Morton wrote:\n\u003e \u003e + mutex_lock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n\u003e \u003e + BUG_ON(mount_crypt_stat-\u003enum_global_auth_toks \u003d\u003d 0);\n\u003e \u003e + mutex_unlock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n\u003e\n\u003e That\u0027s odd-looking. If it was a bug for num_global_auth_toks to be\n\u003e zero, and if that mutex protects num_global_auth_toks then as soon\n\u003e as the lock gets dropped, another thread can make\n\u003e num_global_auth_toks zero, hence the bug is present. Perhaps?\n\nThat was serving as an internal sanity check that should not have made\nit into the final patch set in the first place. This patch removes it.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "ca939e79e395ce2b9ffb8e97763024b61b1e2ad8", "tree": "3bde47fb58c071b5fe4a654d7275b21ab63aa39f", "parents": [ "146a46063b282375015d4b2dad4a94f206bbea4e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:27:58 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:11 2007 -0700" }, "message": "eCryptfs: update comment and debug statement\n\nTrivial updates to comment and debug statement.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f4aad16adfb8f0a2d666fdf8af4bd0dff2ce75e4", "tree": "42e7f191d1a3a1e1375af24acc5c336b30c5c4d1", "parents": [ "cce76f9b9696a59974be9ed43478c000c57e597a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Oct 16 01:27:53 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Oct 16 09:43:10 2007 -0700" }, "message": "eCryptfs: add key list structure; search keyring\n\nAdd support structures for handling multiple keys. The list in crypt_stat\ncontains the key identifiers for all of the keys that should be used for\nencrypting each file\u0027s File Encryption Key (FEK). For now, each inode\ninherits this list from the mount-wide crypt_stat struct, via the\necryptfs_copy_mount_wide_sigs_to_inode_sigs() function.\n\nThis patch also removes the global key tfm from the mount-wide crypt_stat\nstruct, instead keeping a list of tfm\u0027s meant for dealing with the various\ninode FEK\u0027s. eCryptfs will now search the user\u0027s keyring for FEK\u0027s parsed\nfrom the existing file metadata, so the user can make keys available at any\ntime before or after mounting.\n\nNow that multiple FEK packets can be written to the file metadata, we need to\nbe more meticulous about size limits. The updates to the code for writing out\npackets to the file metadata makes sizes and limits more explicit, uniformly\nexpressed, and (hopefully) easier to follow.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: \"Serge E. Hallyn\" \u003cserge@hallyn.com\u003e\nCc: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "e2bd99ec5c0e20ed6aeb079fa8f975c2dcd78a2c", "tree": "78892d49cf55fa4cf22ce9b8b226c63bac8b227c", "parents": [ "9d8b8ce5561890464c54645cdea4d6b157159fec" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:49 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:37 2007 -0800" }, "message": "[PATCH] eCryptfs: open-code flag checking and manipulation\n\nOpen-code flag checking and manipulation.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Trevor Highland \u003ctshighla@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "9d8b8ce5561890464c54645cdea4d6b157159fec", "tree": "94e7f2cdd3a392806ba7b35e5d2722024ddf4098", "parents": [ "70456600f42f85cfcbdd9d7a6029c03b6f9c5d1e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:48 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:37 2007 -0800" }, "message": "[PATCH] eCryptfs: convert kmap() to kmap_atomic()\n\nReplace kmap() with kmap_atomic(). Reduce the amount of time that mappings\nare held.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Trevor Highland \u003ctshighla@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "70456600f42f85cfcbdd9d7a6029c03b6f9c5d1e", "tree": "1b47957d59bfe3b4e5e5244106678f5542f8f295", "parents": [ "e77a56ddceeec87575a13a60fc1a394af6a1f4bc" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:48 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:37 2007 -0800" }, "message": "[PATCH] eCryptfs: convert f_op-\u003ewrite() to vfs_write()\n\nsys_write() takes a local copy of f_pos and writes that back\ninto the struct file. It does this so that two concurrent write()\ncallers don\u0027t make a mess of f_pos, and of the file contents.\n\necryptfs should be calling vfs_write(). That way we also get the fsnotify\nnotifications, which ecryptfs presently appears to have subverted.\n\nConvert direct calls to f_op-\u003ewrite() into calls to vfs_write().\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "e77a56ddceeec87575a13a60fc1a394af6a1f4bc", "tree": "8be21cc4afbc0596716bc9d4d8dd145dd8c74252", "parents": [ "dd2a3b7ad98f8482cae481cad89dfed5eee48365" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:47 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:36 2007 -0800" }, "message": "[PATCH] eCryptfs: Encrypted passthrough\n\nProvide an option to provide a view of the encrypted files such that the\nmetadata is always in the header of the files, regardless of whether the\nmetadata is actually in the header or in the extended attribute. This mode of\noperation is useful for applications like incremental backup utilities that do\nnot preserve the extended attributes when directly accessing the lower files.\n\nWith this option enabled, the files under the eCryptfs mount point will be\nread-only.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "dd2a3b7ad98f8482cae481cad89dfed5eee48365", "tree": "986c09754176ea4c6e8308c6e2cdbf3fc0658a0b", "parents": [ "17398957aa0a05ef62535060b41d103590dcc533" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:46 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:36 2007 -0800" }, "message": "[PATCH] eCryptfs: Generalize metadata read/write\n\nGeneralize the metadata reading and writing mechanisms, with two targets for\nnow: metadata in file header and metadata in the user.ecryptfs xattr of the\nlower file.\n\n[akpm@osdl.org: printk warning fix]\n[bunk@stusta.de: make some needlessly global code static]\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "17398957aa0a05ef62535060b41d103590dcc533", "tree": "bfb1d65281863811ad46d54f82e52e8924df3284", "parents": [ "dddfa461fc8951f9b5f951c13565b6cac678635a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Feb 12 00:53:45 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Feb 12 09:48:36 2007 -0800" }, "message": "[PATCH] eCryptfs: xattr flags and mount options\n\nThis patch set introduces the ability to store cryptographic metadata into an\nlower file extended attribute rather than the lower file header region.\n\nThis patch set implements two new mount options:\n\necryptfs_xattr_metadata\n - When set, newly created files will have their cryptographic\n metadata stored in the extended attribute region of the file rather\n than the header.\n\n When storing the data in the file header, there is a minimum of 8KB\n reserved for the header information for each file, making each file at\n least 12KB in size. This can take up a lot of extra disk space if the user\n creates a lot of small files. By storing the data in the extended\n attribute, each file will only occupy at least of 4KB of space.\n\n As the eCryptfs metadata set becomes larger with new features such as\n multi-key associations, most popular filesystems will not be able to store\n all of the information in the xattr region in some cases due to space\n constraints. However, the majority of users will only ever associate one\n key per file, so most users will be okay with storing their data in the\n xattr region.\n\n This option should be used with caution. I want to emphasize that the\n xattr must be maintained under all circumstances, or the file will be\n rendered permanently unrecoverable. The last thing I want is for a user to\n forget to set an xattr flag in a backup utility, only to later discover\n that their backups are worthless.\n\necryptfs_encrypted_view\n - When set, this option causes eCryptfs to present applications a\n view of encrypted files as if the cryptographic metadata were\n stored in the file header, whether the metadata is actually stored\n in the header or in the extended attributes.\n\n No matter what eCryptfs winds up doing in the lower filesystem, I want\n to preserve a baseline format compatibility for the encrypted files. As of\n right now, the metadata may be in the file header or in an xattr. There is\n no reason why the metadata could not be put in a separate file in future\n versions.\n\n Without the compatibility mode, backup utilities would have to know to\n back up the metadata file along with the files. The semantics of eCryptfs\n have always been that the lower files are self-contained units of encrypted\n data, and the only additional information required to decrypt any given\n eCryptfs file is the key. That is what has always been emphasized about\n eCryptfs lower files, and that is what users expect. Providing the\n encrypted view option will provide a way to userspace applications wherein\n they can always get to the same old familiar eCryptfs encrypted files,\n regardless of what eCryptfs winds up doing with the metadata behind the\n scenes.\n\nThis patch:\n\nAdd extended attribute support to version bit vector, flags to indicate when\nxattr or encrypted view modes are enabled, and support for the new mount\noptions.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "c376222960ae91d5ffb9197ee36771aaed1d9f90", "tree": "7f431c42529fec77433d33490bd9f2a8c47ba091", "parents": [ "1b135431abf5ea92e61bf4e91d93726c7b96da5f" ], "author": { "name": "Robert P. J. Day", "email": "rpjday@mindspring.com", "time": "Sat Feb 10 01:45:03 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Sun Feb 11 10:51:27 2007 -0800" }, "message": "[PATCH] Transform kmem_cache_alloc()+memset(0) -\u003e kmem_cache_zalloc().\n\nReplace appropriate pairs of \"kmem_cache_alloc()\" + \"memset(0)\" with the\ncorresponding \"kmem_cache_zalloc()\" call.\n\nSigned-off-by: Robert P. J. Day \u003crpjday@mindspring.com\u003e\nCc: \"Luck, Tony\" \u003ctony.luck@intel.com\u003e\nCc: Andi Kleen \u003cak@muc.de\u003e\nCc: Roland McGrath \u003croland@redhat.com\u003e\nCc: James Bottomley \u003cJames.Bottomley@steeleye.com\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nAcked-by: Joel Becker \u003cJoel.Becker@oracle.com\u003e\nCc: Steven Whitehouse \u003cswhiteho@redhat.com\u003e\nCc: Jan Kara \u003cjack@ucw.cz\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: \"David S. Miller\" \u003cdavem@davemloft.net\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Chris Wright \u003cchrisw@sous-sol.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f1ddcaf3393b7a3871809b97fae90fac841a1f39", "tree": "ed73db33ec9160ecafee9b8a12ba369f98fd21e0", "parents": [ "ba8da2a9485f22455dcb06dd17e2f6d94b81ba89" ], "author": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Sat Jan 27 10:05:15 2007 +1100" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Wed Feb 07 09:21:00 2007 +1100" }, "message": "[CRYPTO] api: Remove deprecated interface\n\nThis patch removes the old cipher interface and related code.\n\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "e94b1766097d53e6f3ccfb36c8baa562ffeda3fc", "tree": "93fa0a8ab84976d4e89c50768ca8b8878d642a0d", "parents": [ "54e6ecb23951b195d02433a741c7f7cb0b796c78" ], "author": { "name": "Christoph Lameter", "email": "clameter@sgi.com", "time": "Wed Dec 06 20:33:17 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Thu Dec 07 08:39:24 2006 -0800" }, "message": "[PATCH] slab: remove SLAB_KERNEL\n\nSLAB_KERNEL is an alias of GFP_KERNEL.\n\nSigned-off-by: Christoph Lameter \u003cclameter@sgi.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "f7267c0c0721fd02ad3dc37c3d6dd24ccd81d4d6", "tree": "4bbc467e881f9dce909de3d9d9d27bb068a8a3b4", "parents": [ "e6b4f8da3a88457148038bc952043e99a7fdba64" ], "author": { "name": "Christoph Lameter", "email": "clameter@sgi.com", "time": "Wed Dec 06 20:33:15 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Thu Dec 07 08:39:24 2006 -0800" }, "message": "[PATCH] slab: remove SLAB_USER\n\nSLAB_USER is an alias of GFP_USER\n\nSigned-off-by: Christoph Lameter \u003cclameter@sgi.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "de88777e6942de76410ad2eb2858f5fbb6eb9c35", "tree": "825106cd3660dd473920008669c07fa209b85d98", "parents": [ "3cce4856ff3dfa663b1a168dab48120d70820da6" ], "author": { "name": "Akinobu Mita", "email": "akinobu.mita@gmail.com", "time": "Tue Nov 28 12:29:49 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Tue Nov 28 17:26:50 2006 -0800" }, "message": "[PATCH] ecryptfs: fix crypto_alloc_blkcipher() error check\n\nThe return value of crypto_alloc_blkcipher() should be checked by IS_ERR().\n\nCc: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Phillip Hellewell \u003cphillip@hellewell.homeip.net\u003e\nSigned-off-by: Akinobu Mita \u003cakinobu.mita@gmail.com\u003e\nCc: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7bd473fcc217adec000f213e8864bf9a161d57e1", "tree": "ae9ee2396383d32ea443ef7131673e0522e53bf3", "parents": [ "2de6c39f389f25442389c3ab0f2d9b50e3f4a77d" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Thu Nov 02 22:06:56 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Nov 03 12:27:55 2006 -0800" }, "message": "[PATCH] eCryptfs: Fix pointer deref\n\nI missed a pointer dereference in this kmalloc result check.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7ff1d74f5670329ac4b5959a675f8698ba95be20", "tree": "1084427fcd0b979c8434315050033dd356623cf3", "parents": [ "8bba066f4e3854755a303cee37ea37bd080a46b3" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Oct 30 22:07:19 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Oct 31 08:07:01 2006 -0800" }, "message": "[PATCH] eCryptfs: Consolidate lower dentry_open\u0027s\n\nOpens on lower dentry objects happen in several places in eCryptfs, and they\nall involve the same steps (dget, mntget, dentry_open). This patch\nconsolidates the lower open events into a single function call.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "8bba066f4e3854755a303cee37ea37bd080a46b3", "tree": "3f8cf2df5da6459b0218b97b3799ceb896d4ba8a", "parents": [ "565d9724b8ce49b530287de34aa17f45f21624d5" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Oct 30 22:07:18 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Oct 31 08:07:01 2006 -0800" }, "message": "[PATCH] eCryptfs: Cipher code to new crypto API\n\nUpdate cipher block encryption code to the new crypto API.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "565d9724b8ce49b530287de34aa17f45f21624d5", "tree": "41df13f34a2715b2846061ea829cdb83407a9d82", "parents": [ "e5d9cbde6ce0001e49994df5fcdcbeff8be8037b" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Oct 30 22:07:17 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Oct 31 08:07:01 2006 -0800" }, "message": "[PATCH] eCryptfs: Hash code to new crypto API\n\nUpdate eCryptfs hash code to the new kernel crypto API.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "e5d9cbde6ce0001e49994df5fcdcbeff8be8037b", "tree": "aadfbeae4d48c56a0ca6e9612e87d7340dc3b1a1", "parents": [ "4a279ff1ea1cf325775ada983035123fcdc8e986" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Mon Oct 30 22:07:16 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Oct 31 08:07:00 2006 -0800" }, "message": "[PATCH] eCryptfs: Clean up crypto initialization\n\nClean up the crypto initialization code; let the crypto API take care of the\nkey size checks.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "237fead619984cc48818fe12ee0ceada3f55b012", "tree": "40c6cacf2331191139e847988882b168d111c12e", "parents": [ "f7aa2638f288f4c67acdb55947472740bd27d27a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Oct 04 02:16:22 2006 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Oct 04 07:55:24 2006 -0700" }, "message": "[PATCH] ecryptfs: fs/Makefile and fs/Kconfig\n\neCryptfs is a stacked cryptographic filesystem for Linux. It is derived from\nErez Zadok\u0027s Cryptfs, implemented through the FiST framework for generating\nstacked filesystems. eCryptfs extends Cryptfs to provide advanced key\nmanagement and policy features. eCryptfs stores cryptographic metadata in the\nheader of each file written, so that encrypted files can be copied between\nhosts; the file will be decryptable with the proper key, and there is no need\nto keep track of any additional information aside from what is already in the\nencrypted file itself.\n\n[akpm@osdl.org: updates for ongoing API changes]\n[bunk@stusta.de: cleanups]\n[akpm@osdl.org: alpha build fix]\n[akpm@osdl.org: cleanups]\n[tytso@mit.edu: inode-diet updates]\n[pbadari@us.ibm.com: generic_file_*_read/write() interface updates]\n[rdunlap@xenotime.net: printk format fixes]\n[akpm@osdl.org: make slab creation and teardown table-driven]\nSigned-off-by: Phillip Hellewell \u003cphillip@hellewell.homeip.net\u003e\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Erez Zadok \u003cezk@cs.sunysb.edu\u003e\nSigned-off-by: Adrian Bunk \u003cbunk@stusta.de\u003e\nSigned-off-by: Stephan Mueller \u003csmueller@chronox.de\u003e\nSigned-off-by: \"Theodore Ts\u0027o\" \u003ctytso@mit.edu\u003e\nSigned-off-by: Badari Pulavarty \u003cpbadari@us.ibm.com\u003e\nSigned-off-by: Randy Dunlap \u003crdunlap@xenotime.net\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" } ] }