)]}' { "log": [ { "commit": "36520be8e32b49bd85a63b7b8b40cd07c3da59a5", "tree": "09adf04fad980a8024de3c01d3560a0f263708cd", "parents": [ "ed1f21857e76a92a006e0f890a3d7f72953b1469" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Oct 05 14:25:44 2009 -0400" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Thu Oct 08 11:31:38 2009 -0500" }, "message": "ima: ecryptfs fix imbalance message\n\nThe unencrypted files are being measured. Update the counters to get\nrid of the ecryptfs imbalance message. (http://bugzilla.redhat.com/519737)\n\nReported-by: Sachin Garg\nCc: Eric Paris \u003ceparis@redhat.com\u003e\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: David Safford \u003csafford@watson.ibm.com\u003e\nCc: stable@kernel.org\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "ed1f21857e76a92a006e0f890a3d7f72953b1469", "tree": "21645c57e1011e86fe803fa99544b2314e231cec", "parents": [ "664fc5a4e7d0d7f3487e5c856b79f7dac79567fd" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Sep 29 02:33:59 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Thu Oct 08 11:31:36 2009 -0500" }, "message": "eCryptfs: Remove Kconfig NET dependency and select MD5\n\neCryptfs no longer uses a netlink interface to communicate with\necryptfsd, so NET is not a valid dependency anymore.\n\nMD5 is required and must be built for eCryptfs to be of any use.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "664fc5a4e7d0d7f3487e5c856b79f7dac79567fd", "tree": "9413c8d73c86ce091ab16bce2acadc4397bffba0", "parents": [ "0eca52a92735f43462165efe00a7e394345fb38e" ], "author": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Mon Sep 28 13:34:20 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Thu Oct 08 11:21:12 2009 -0500" }, "message": "ecryptfs: depends on CRYPTO\n\necryptfs uses crypto APIs so it should depend on CRYPTO.\nOtherwise many build errors occur. [63 lines not pasted]\n\nSigned-off-by: Randy Dunlap \u003crandy.dunlap@oracle.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "9c2d2056647790c5034d722bd24e9d913ebca73c", "tree": "38db96956ac0167b2a277429746c500b522bc5aa", "parents": [ "96a7b9c2f5df899f302ade45cf17ad753fe130fd" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Sep 22 12:52:17 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:34 2009 -0500" }, "message": "eCryptfs: Prevent lower dentry from going negative during unlink\n\nWhen calling vfs_unlink() on the lower dentry, d_delete() turns the\ndentry into a negative dentry when the d_count is 1. This eventually\ncaused a NULL pointer deref when a read() or write() was done and the\nnegative dentry\u0027s d_inode was dereferenced in\necryptfs_read_update_atime() or ecryptfs_getxattr().\n\nPlacing mutt\u0027s tmpdir in an eCryptfs mount is what initially triggered\nthe oops and I was able to reproduce it with the following sequence:\n\nopen(\"/tmp/upper/foo\", O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW, 0600) \u003d 3\nlink(\"/tmp/upper/foo\", \"/tmp/upper/bar\") \u003d 0\nunlink(\"/tmp/upper/foo\") \u003d 0\nopen(\"/tmp/upper/bar\", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) \u003d 4\nunlink(\"/tmp/upper/bar\") \u003d 0\nwrite(4, \"eCryptfs test\\n\"..., 14 \u003cunfinished ...\u003e\n+++ killed by SIGKILL +++\n\nhttps://bugs.launchpad.net/ecryptfs/+bug/387073\n\nReported-by: Loïc Minier \u003cloic.minier@canonical.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Dave Kleikamp \u003cshaggy@linux.vnet.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "96a7b9c2f5df899f302ade45cf17ad753fe130fd", "tree": "096b67dbaad8e795344554994e28433a1e5b5de1", "parents": [ "3891959846709a19f76628e33478cd85edb0e79f" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 16 19:04:20 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:34 2009 -0500" }, "message": "eCryptfs: Propagate vfs_read and vfs_write return codes\n\nErrors returned from vfs_read() and vfs_write() calls to the lower\nfilesystem were being masked as -EINVAL. This caused some confusion to\nusers who saw EINVAL instead of ENOSPC when the disk was full, for\ninstance.\n\nAlso, the actual bytes read or written were not accessible by callers to\necryptfs_read_lower() and ecryptfs_write_lower(), which may be useful in\nsome cases. This patch updates the error handling logic where those\nfunctions are called in order to accept positive return codes indicating\nsuccess.\n\nCc: Eric Sandeen \u003cesandeen@redhat.com\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "3891959846709a19f76628e33478cd85edb0e79f", "tree": "5916035dc686c93b42c6b6b0045059db7c066f9c", "parents": [ "df6ad33ba1b9846bd5f0e2b9016c30c20bc2d948" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Aug 26 01:54:56 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:32 2009 -0500" }, "message": "eCryptfs: Validate global auth tok keys\n\nWhen searching through the global authentication tokens for a given key\nsignature, verify that a matching key has not been revoked and has not\nexpired. This allows the `keyctl revoke` command to be properly used on\nkeys in use by eCryptfs.\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "df6ad33ba1b9846bd5f0e2b9016c30c20bc2d948", "tree": "5bed7a289830867f2bac4dc05f076b7121e41ae3", "parents": [ "ac22ba23b659e34a5961aec8c945608e471b0d5b" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Aug 21 04:27:46 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:32 2009 -0500" }, "message": "eCryptfs: Filename encryption only supports password auth tokens\n\nReturns -ENOTSUPP when attempting to use filename encryption with\nsomething other than a password authentication token, such as a private\ntoken from openssl. Using filename encryption with a userspace eCryptfs\nkey module is a future goal. Until then, this patch handles the\nsituation a little better than simply using a BUG_ON().\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "ac22ba23b659e34a5961aec8c945608e471b0d5b", "tree": "6629c15380fe2db238fa078e912f4cf393708161", "parents": [ "b0105eaefa7cce8f4a941d0fc6354b250d30e745" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Aug 12 01:06:54 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:32 2009 -0500" }, "message": "eCryptfs: Check for O_RDONLY lower inodes when opening lower files\n\nIf the lower inode is read-only, don\u0027t attempt to open the lower file\nread/write and don\u0027t hand off the open request to the privileged\neCryptfs kthread for opening it read/write. Instead, only try an\nunprivileged, read-only open of the file and give up if that fails.\nThis patch fixes an oops when eCryptfs is mounted on top of a read-only\nmount.\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Eric Sandeen \u003cesandeen@redhat.com\u003e\nCc: Dave Kleikamp \u003cshaggy@linux.vnet.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "b0105eaefa7cce8f4a941d0fc6354b250d30e745", "tree": "60bed48ff88aa22d9ee36b64d23421cf9e50d2a8", "parents": [ "382684984e93039a3bbd83b04d341b0ceb831519" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Aug 11 00:36:32 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:31 2009 -0500" }, "message": "eCryptfs: Handle unrecognized tag 3 cipher codes\n\nReturns an error when an unrecognized cipher code is present in a tag 3\npacket or an ecryptfs_crypt_stat cannot be initialized. Also sets an\ncrypt_stat-\u003etfm error pointer to NULL to ensure that it will not be\nincorrectly freed in ecryptfs_destroy_crypt_stat().\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "382684984e93039a3bbd83b04d341b0ceb831519", "tree": "039aa99f6651066a2aac7aec42b06da0a9b55402", "parents": [ "aa06117f19944573cda0c4bee026c916b5256090" ], "author": { "name": "Dave Hansen", "email": "dave@linux.vnet.ibm.com", "time": "Thu Aug 27 09:47:07 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:31 2009 -0500" }, "message": "ecryptfs: improved dependency checking and reporting\n\nSo, I compiled a 2.6.31-rc5 kernel with ecryptfs and loaded its module.\nWhen it came time to mount my filesystem, I got this in dmesg, and it\nrefused to mount:\n\n[93577.776637] Unable to allocate crypto cipher with name [aes]; rc \u003d [-2]\n[93577.783280] Error attempting to initialize key TFM cipher with name \u003d [aes]; rc \u003d [-2]\n[93577.791183] Error attempting to initialize cipher with name \u003d [aes] and key size \u003d [32]; rc \u003d [-2]\n[93577.800113] Error parsing options; rc \u003d [-22]\n\nI figured from the error message that I\u0027d either forgotten to load \"aes\"\nor that my key size was bogus. Neither one of those was the case. In\nfact, I was missing the CRYPTO_ECB config option and the \u0027ecb\u0027 module.\nUnfortunately, there\u0027s no trace of \u0027ecb\u0027 in that error message.\n\nI\u0027ve done two things to fix this. First, I\u0027ve modified ecryptfs\u0027s\nKconfig entry to select CRYPTO_ECB and CRYPTO_CBC. I also took CRYPTO\nout of the dependencies since the \u0027select\u0027 will take care of it for us.\n\nI\u0027ve also modified the error messages to print a string that should\ncontain both \u0027ecb\u0027 and \u0027aes\u0027 in my error case. That will give any\nfuture users a chance of finding the right modules and Kconfig options.\n\nI also wonder if we should:\n\n\tselect CRYPTO_AES if !EMBEDDED\n\nsince I think most ecryptfs users are using AES like me.\n\nCc: ecryptfs-devel@lists.launchpad.net\nCc: linux-fsdevel@vger.kernel.org\nCc: linux-kernel@vger.kernel.org\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\n[tyhicks@linux.vnet.ibm.com: Removed extra newline, 80-char violation]\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "aa06117f19944573cda0c4bee026c916b5256090", "tree": "e5cb24f500431a5201e7a50b1e9df62fbd24e1bb", "parents": [ "05dafedb906425fe935199f4c92700d87285e3e9" ], "author": { "name": "Roland Dreier", "email": "rdreier@cisco.com", "time": "Wed Jul 01 15:48:18 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:30 2009 -0500" }, "message": "eCryptfs: Fix lockdep-reported AB-BA mutex issue\n\nLockdep reports the following valid-looking possible AB-BA deadlock with\nglobal_auth_tok_list_mutex and keysig_list_mutex:\n\n ecryptfs_new_file_context() -\u003e\n ecryptfs_copy_mount_wide_sigs_to_inode_sigs() -\u003e\n mutex_lock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n -\u003e ecryptfs_add_keysig() -\u003e\n mutex_lock(\u0026crypt_stat-\u003ekeysig_list_mutex);\n\nvs\n\n ecryptfs_generate_key_packet_set() -\u003e\n mutex_lock(\u0026crypt_stat-\u003ekeysig_list_mutex);\n -\u003e ecryptfs_find_global_auth_tok_for_sig() -\u003e\n mutex_lock(\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex);\n\nie the two mutexes are taken in opposite orders in the two different\ncode paths. I\u0027m not sure if this is a real bug where two threads could\nactually hit the two paths in parallel and deadlock, but it at least\nmakes lockdep impossible to use with ecryptfs since this report triggers\nevery time and disables future lockdep reporting.\n\nSince ecryptfs_add_keysig() is called only from the single callsite in\necryptfs_copy_mount_wide_sigs_to_inode_sigs(), the simplest fix seems to\nbe to move the lock of keysig_list_mutex back up outside of the where\nglobal_auth_tok_list_mutex is taken. This patch does that, and fixes\nthe lockdep report on my system (and ecryptfs still works OK).\n\nThe full output of lockdep fixed by this patch is:\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: possible circular locking dependency detected ]\n2.6.31-2-generic #14~rbd2\n-------------------------------------------------------\ngdm/2640 is trying to acquire lock:\n (\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex){+.+.+.}, at: [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n\nbut task is already holding lock:\n (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}, at: [\u003cffffffff81217728\u003e] ecryptfs_generate_key_packet_set+0x58/0x2b0\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}:\n [\u003cffffffff8108c897\u003e] check_prev_add+0x2a7/0x370\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121526a\u003e] ecryptfs_add_keysig+0x5a/0xb0\n [\u003cffffffff81213299\u003e] ecryptfs_copy_mount_wide_sigs_to_inode_sigs+0x59/0xb0\n [\u003cffffffff81214b06\u003e] ecryptfs_new_file_context+0xa6/0x1a0\n [\u003cffffffff8120e42a\u003e] ecryptfs_initialize_file+0x4a/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\n\n-\u003e #0 (\u0026mount_crypt_stat-\u003eglobal_auth_tok_list_mutex){+.+.+.}:\n [\u003cffffffff8108c675\u003e] check_prev_add+0x85/0x370\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff812177d5\u003e] ecryptfs_generate_key_packet_set+0x105/0x2b0\n [\u003cffffffff81212f49\u003e] ecryptfs_write_headers_virt+0xc9/0x120\n [\u003cffffffff8121306d\u003e] ecryptfs_write_metadata+0xcd/0x200\n [\u003cffffffff8120e44b\u003e] ecryptfs_initialize_file+0x6b/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\n\nother info that might help us debug this:\n\n2 locks held by gdm/2640:\n #0: (\u0026sb-\u003es_type-\u003ei_mutex_key#11){+.+.+.}, at: [\u003cffffffff8113cb8b\u003e] do_filp_open+0x3cb/0xae0\n #1: (\u0026crypt_stat-\u003ekeysig_list_mutex){+.+.+.}, at: [\u003cffffffff81217728\u003e] ecryptfs_generate_key_packet_set+0x58/0x2b0\n\nstack backtrace:\nPid: 2640, comm: gdm Tainted: G C 2.6.31-2-generic #14~rbd2\nCall Trace:\n [\u003cffffffff8108b988\u003e] print_circular_bug_tail+0xa8/0xf0\n [\u003cffffffff8108c675\u003e] check_prev_add+0x85/0x370\n [\u003cffffffff81094912\u003e] ? __module_text_address+0x12/0x60\n [\u003cffffffff8108cfc1\u003e] validate_chain+0x661/0x750\n [\u003cffffffff81017275\u003e] ? print_context_stack+0x85/0x140\n [\u003cffffffff81089c68\u003e] ? find_usage_backwards+0x38/0x160\n [\u003cffffffff8108d2e7\u003e] __lock_acquire+0x237/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8108b0b0\u003e] ? check_usage_backwards+0x0/0xb0\n [\u003cffffffff815526cd\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8121591e\u003e] ? ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff8108c02c\u003e] ? mark_held_locks+0x6c/0xa0\n [\u003cffffffff81125b0d\u003e] ? kmem_cache_alloc+0xfd/0x1a0\n [\u003cffffffff8108c34d\u003e] ? trace_hardirqs_on_caller+0x14d/0x190\n [\u003cffffffff81552b56\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff8121591e\u003e] ecryptfs_find_global_auth_tok_for_sig+0x2e/0x90\n [\u003cffffffff812177d5\u003e] ecryptfs_generate_key_packet_set+0x105/0x2b0\n [\u003cffffffff81212f49\u003e] ecryptfs_write_headers_virt+0xc9/0x120\n [\u003cffffffff8121306d\u003e] ecryptfs_write_metadata+0xcd/0x200\n [\u003cffffffff81210240\u003e] ? ecryptfs_init_persistent_file+0x60/0xe0\n [\u003cffffffff8120e44b\u003e] ecryptfs_initialize_file+0x6b/0x140\n [\u003cffffffff8120e54d\u003e] ecryptfs_create+0x2d/0x60\n [\u003cffffffff8113a7d4\u003e] vfs_create+0xb4/0xe0\n [\u003cffffffff8113a8c4\u003e] __open_namei_create+0xc4/0x110\n [\u003cffffffff8113d1c1\u003e] do_filp_open+0xa01/0xae0\n [\u003cffffffff8129a93e\u003e] ? _raw_spin_unlock+0x5e/0xb0\n [\u003cffffffff8155410b\u003e] ? _spin_unlock+0x2b/0x40\n [\u003cffffffff81139e9b\u003e] ? getname+0x3b/0x240\n [\u003cffffffff81148a5a\u003e] ? alloc_fd+0xfa/0x140\n [\u003cffffffff8112d8d9\u003e] do_sys_open+0x69/0x140\n [\u003cffffffff81553b8f\u003e] ? trace_hardirqs_on_thunk+0x3a/0x3f\n [\u003cffffffff8112d9f0\u003e] sys_open+0x20/0x30\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: Roland Dreier \u003crolandd@cisco.com\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "05dafedb906425fe935199f4c92700d87285e3e9", "tree": "7f3162455188c322baf9c6ca9a2890394380201d", "parents": [ "94e0fb086fc5663c38bbc0fe86d698be8314f82f" ], "author": { "name": "Roland Dreier", "email": "roland@digitalvampire.org", "time": "Tue Jul 14 13:32:56 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:30 2009 -0500" }, "message": "ecryptfs: Remove unneeded locking that triggers lockdep false positives\n\nIn ecryptfs_destroy_inode(), inode_info-\u003elower_file_mutex is locked,\nand just after the mutex is unlocked, the code does:\n\n \tkmem_cache_free(ecryptfs_inode_info_cache, inode_info);\n\nThis means that if another context could possibly try to take the same\nmutex as ecryptfs_destroy_inode(), then it could end up getting the\nmutex just before the data structure containing the mutex is freed.\nSo any such use would be an obvious use-after-free bug (catchable with\nslab poisoning or mutex debugging), and therefore the locking in\necryptfs_destroy_inode() is not needed and can be dropped.\n\nSimilarly, in ecryptfs_destroy_crypt_stat(), crypt_stat-\u003ekeysig_list_mutex\nis locked, and then the mutex is unlocked just before the code does:\n\n \tmemset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));\n\nTherefore taking this mutex is similarly not necessary.\n\nRemoving this locking fixes false-positive lockdep reports such as the\nfollowing (and they are false-positives for exactly the same reason\nthat the locking is not needed):\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: inconsistent lock state ]\n2.6.31-2-generic #14~rbd3\n---------------------------------\ninconsistent {RECLAIM_FS-ON-W} -\u003e {IN-RECLAIM_FS-W} usage.\nkswapd0/323 [HC0[0]:SC0[0]:HE1:SE1] takes:\n (\u0026inode_info-\u003elower_file_mutex){+.+.?.}, at: [\u003cffffffff81210d34\u003e] ecryptfs_destroy_inode+0x34/0x100\n{RECLAIM_FS-ON-W} state was registered at:\n [\u003cffffffff8108c02c\u003e] mark_held_locks+0x6c/0xa0\n [\u003cffffffff8108c10f\u003e] lockdep_trace_alloc+0xaf/0xe0\n [\u003cffffffff81125a51\u003e] kmem_cache_alloc+0x41/0x1a0\n [\u003cffffffff8113117a\u003e] get_empty_filp+0x7a/0x1a0\n [\u003cffffffff8112dd46\u003e] dentry_open+0x36/0xc0\n [\u003cffffffff8121a36c\u003e] ecryptfs_privileged_open+0x5c/0x2e0\n [\u003cffffffff81210283\u003e] ecryptfs_init_persistent_file+0xa3/0xe0\n [\u003cffffffff8120e838\u003e] ecryptfs_lookup_and_interpose_lower+0x278/0x380\n [\u003cffffffff8120f97a\u003e] ecryptfs_lookup+0x12a/0x250\n [\u003cffffffff8113930a\u003e] real_lookup+0xea/0x160\n [\u003cffffffff8113afc8\u003e] do_lookup+0xb8/0xf0\n [\u003cffffffff8113b518\u003e] __link_path_walk+0x518/0x870\n [\u003cffffffff8113bd9c\u003e] path_walk+0x5c/0xc0\n [\u003cffffffff8113be5b\u003e] do_path_lookup+0x5b/0xa0\n [\u003cffffffff8113bfe7\u003e] user_path_at+0x57/0xa0\n [\u003cffffffff811340dc\u003e] vfs_fstatat+0x3c/0x80\n [\u003cffffffff8113424b\u003e] vfs_stat+0x1b/0x20\n [\u003cffffffff81134274\u003e] sys_newstat+0x24/0x50\n [\u003cffffffff81013132\u003e] system_call_fastpath+0x16/0x1b\n [\u003cffffffffffffffff\u003e] 0xffffffffffffffff\nirq event stamp: 7811\nhardirqs last enabled at (7811): [\u003cffffffff810c037f\u003e] call_rcu+0x5f/0x90\nhardirqs last disabled at (7810): [\u003cffffffff810c0353\u003e] call_rcu+0x33/0x90\nsoftirqs last enabled at (3764): [\u003cffffffff810631da\u003e] __do_softirq+0x14a/0x220\nsoftirqs last disabled at (3751): [\u003cffffffff8101440c\u003e] call_softirq+0x1c/0x30\n\nother info that might help us debug this:\n2 locks held by kswapd0/323:\n #0: (shrinker_rwsem){++++..}, at: [\u003cffffffff810f67ed\u003e] shrink_slab+0x3d/0x190\n #1: (\u0026type-\u003es_umount_key#35){.+.+..}, at: [\u003cffffffff811429a1\u003e] prune_dcache+0xd1/0x1b0\n\nstack backtrace:\nPid: 323, comm: kswapd0 Tainted: G C 2.6.31-2-generic #14~rbd3\nCall Trace:\n [\u003cffffffff8108ad6c\u003e] print_usage_bug+0x18c/0x1a0\n [\u003cffffffff8108aff0\u003e] ? check_usage_forwards+0x0/0xc0\n [\u003cffffffff8108bac2\u003e] mark_lock_irq+0xf2/0x280\n [\u003cffffffff8108bd87\u003e] mark_lock+0x137/0x1d0\n [\u003cffffffff81164710\u003e] ? fsnotify_clear_marks_by_inode+0x30/0xf0\n [\u003cffffffff8108bee6\u003e] mark_irqflags+0xc6/0x1a0\n [\u003cffffffff8108d337\u003e] __lock_acquire+0x287/0x430\n [\u003cffffffff8108d585\u003e] lock_acquire+0xa5/0x150\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff8108d2e7\u003e] ? __lock_acquire+0x237/0x430\n [\u003cffffffff815526ad\u003e] __mutex_lock_common+0x4d/0x3d0\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff81164710\u003e] ? fsnotify_clear_marks_by_inode+0x30/0xf0\n [\u003cffffffff81210d34\u003e] ? ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff8129a91e\u003e] ? _raw_spin_unlock+0x5e/0xb0\n [\u003cffffffff81552b36\u003e] mutex_lock_nested+0x46/0x60\n [\u003cffffffff81210d34\u003e] ecryptfs_destroy_inode+0x34/0x100\n [\u003cffffffff81145d27\u003e] destroy_inode+0x87/0xd0\n [\u003cffffffff81146b4c\u003e] generic_delete_inode+0x12c/0x1a0\n [\u003cffffffff81145832\u003e] iput+0x62/0x70\n [\u003cffffffff811423c8\u003e] dentry_iput+0x98/0x110\n [\u003cffffffff81142550\u003e] d_kill+0x50/0x80\n [\u003cffffffff81142623\u003e] prune_one_dentry+0xa3/0xc0\n [\u003cffffffff811428b1\u003e] __shrink_dcache_sb+0x271/0x290\n [\u003cffffffff811429d9\u003e] prune_dcache+0x109/0x1b0\n [\u003cffffffff81142abf\u003e] shrink_dcache_memory+0x3f/0x50\n [\u003cffffffff810f68dd\u003e] shrink_slab+0x12d/0x190\n [\u003cffffffff810f9377\u003e] balance_pgdat+0x4d7/0x640\n [\u003cffffffff8104c4c0\u003e] ? finish_task_switch+0x40/0x150\n [\u003cffffffff810f63c0\u003e] ? isolate_pages_global+0x0/0x60\n [\u003cffffffff810f95f7\u003e] kswapd+0x117/0x170\n [\u003cffffffff810777a0\u003e] ? autoremove_wake_function+0x0/0x40\n [\u003cffffffff810f94e0\u003e] ? kswapd+0x0/0x170\n [\u003cffffffff810773be\u003e] kthread+0x9e/0xb0\n [\u003cffffffff8101430a\u003e] child_rip+0xa/0x20\n [\u003cffffffff81013c90\u003e] ? restore_args+0x0/0x30\n [\u003cffffffff81077320\u003e] ? kthread+0x0/0xb0\n [\u003cffffffff81014300\u003e] ? child_rip+0x0/0x20\n\nSigned-off-by: Roland Dreier \u003croland@digitalvampire.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "7f09410bbc4306f592cfb43812389ea1c7905a20", "tree": "18f179435f70c4ec9231883501062d5ea0357af5", "parents": [ "ac4cfdd6d141c319a7af8655f750ed504c187a74" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Mon Sep 21 17:01:10 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Sep 22 07:17:24 2009 -0700" }, "message": "const: mark remaining address_space_operations const\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f151cd2c54ddc7714e2f740681350476cda03a28", "tree": "81591bb25357c0d02a0549efadb62b67ba166434", "parents": [ "6352a29305373ae6196491e6d4669f301e26492e" ], "author": { "name": "Ramon de Carvalho Valle", "email": "ramon@risesecurity.org", "time": "Tue Jul 28 13:58:22 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 28 14:26:06 2009 -0700" }, "message": "eCryptfs: parse_tag_3_packet check tag 3 packet encrypted key size\n\nThe parse_tag_3_packet function does not check if the tag 3 packet contains a\nencrypted key size larger than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES.\n\nSigned-off-by: Ramon de Carvalho Valle \u003cramon@risesecurity.org\u003e\n[tyhicks@linux.vnet.ibm.com: Added printk newline and changed goto to out_free]\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org (2.6.27 and 30)\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6352a29305373ae6196491e6d4669f301e26492e", "tree": "ef68d8601812e1b190f67b69373ff5210191ea45", "parents": [ "4733fd328f14280900435d9dbae1487d110a4d56" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Tue Jul 28 13:57:01 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 28 14:26:06 2009 -0700" }, "message": "eCryptfs: Check Tag 11 literal data buffer size\n\nTag 11 packets are stored in the metadata section of an eCryptfs file to\nstore the key signature(s) used to encrypt the file encryption key.\nAfter extracting the packet length field to determine the key signature\nlength, a check is not performed to see if the length would exceed the\nkey signature buffer size that was passed into parse_tag_11_packet().\n\nThanks to Ramon de Carvalho Valle for finding this bug using fsfuzzer.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org (2.6.27 and 30)\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6cfd0148425e528b859b26e436b01f23f6926224", "tree": "60e3257053554ff198fe5825e6f12a00c3b4422a", "parents": [ "a9e220f8322e2b0e0b8903fe00265461cffad3f0" ], "author": { "name": "Christoph Hellwig", "email": "hch@lst.de", "time": "Tue May 05 15:40:36 2009 +0200" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Jun 11 21:36:07 2009 -0400" }, "message": "push BKL down into -\u003eput_super\n\nMove BKL into -\u003eput_super from the only caller. A couple of\nfilesystems had trivial enough -\u003eput_super (only kfree and NULLing of\ns_fs_info + stuff in there) to not get any locking: coda, cramfs, efs,\nhugetlbfs, omfs, qnx4, shmem, all others got the full treatment. Most\nof them probably don\u0027t need it, but I\u0027d rather sort that out individually.\nPreferably after all the other BKL pushdowns in that area.\n\n[AV: original used to move lock_super() down as well; these changes are\nremoved since we don\u0027t do lock_super() at all in generic_shutdown_super()\nnow]\n[AV: fuse, btrfs and xfs are known to need no damn BKL, exempt]\n\nSigned-off-by: Christoph Hellwig \u003chch@lst.de\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "6f5bbff9a1b7d6864a495763448a363bbfa96324", "tree": "0067dca46f40def1c55541c34c262e06aeb8c4c8", "parents": [ "74dbbdd7fdc11763f4698d2f3e684cf4446951e6" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed May 06 01:34:22 2009 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat May 09 10:49:40 2009 -0400" }, "message": "Convert obvious places to deactivate_locked_super()\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "ac20100df7a7a042423dcb8847f42d9f6ddb8d00", "tree": "59aefe9f3a2a0a6216e60d3f4304862b26146047", "parents": [ "802b352f2934f799ec2e159f61db6506094a936e" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Apr 27 13:31:12 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Apr 27 13:31:12 2009 -0500" }, "message": "eCryptfs: Fix min function comparison warning\n\nThis warning shows up on 64 bit builds:\n\nfs/ecryptfs/inode.c:693: warning: comparison of distinct pointer types\nlacks a cast\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "802b352f2934f799ec2e159f61db6506094a936e", "tree": "969ddb6ff2432ae144e95d1c2558898f21da0da3", "parents": [ "3dacbdad2401c06b97d8d754974233a70c165536" ], "author": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Mon Apr 27 21:24:28 2009 -0700" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Apr 27 13:10:06 2009 -0500" }, "message": "ecryptfs: fix printk format warning\n\nfs/ecryptfs/inode.c:670: warning: format \u0027%d\u0027 expects type \u0027int\u0027, but argument 3 has type \u0027size_t\u0027\n\nSigned-off-by: Randy Dunlap \u003crandy.dunlap@oracle.com\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "3a6b42cadc112b01daf0525e5fcd90bb333a5bb3", "tree": "78cd37050a80e5c99eaa3ee97e20af834026c4d1", "parents": [ "ca8e34f2b05a8289b47907b083dc01dd654ecbde" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Thu Apr 16 18:35:37 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 17:02:46 2009 -0500" }, "message": "eCryptfs: Larger buffer for encrypted symlink targets\n\nWhen using filename encryption with eCryptfs, the value of the symlink\nin the lower filesystem is encrypted and stored as a Tag 70 packet.\nThis results in a longer symlink target than if the target value wasn\u0027t\nencrypted.\n\nUsers were reporting these messages in their syslog:\n\n[ 45.653441] ecryptfs_parse_tag_70_packet: max_packet_size is [56]; real\npacket size is [51]\n[ 45.653444] ecryptfs_decode_and_decrypt_filename: Could not parse tag\n70 packet from filename; copying through filename as-is\n\nThis was due to bufsiz, one the arguments in readlink(), being used to\nwhen allocating the buffer passed to the lower inode\u0027s readlink().\nThat symlink target may be very large, but when decoded and decrypted,\ncould end up being smaller than bufsize.\n\nTo fix this, the buffer passed to the lower inode\u0027s readlink() will\nalways be PATH_MAX in size when filename encryption is enabled. Any\nnecessary truncation occurs after the decoding and decrypting.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "ca8e34f2b05a8289b47907b083dc01dd654ecbde", "tree": "eeedcd559c8add0b8ebc87489f8daf78258d59a1", "parents": [ "e77cc8d243f9f1e1d3f0799e23cc14e837ccc8c6" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 16:27:12 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 16:27:12 2009 -0500" }, "message": "eCryptfs: Lock lower directory inode mutex during lookup\n\nThis patch locks the lower directory inode\u0027s i_mutex before calling\nlookup_one_len() to find the appropriate dentry in the lower filesystem.\nThis bug was found thanks to the warning set in commit 2f9092e1.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "e77cc8d243f9f1e1d3f0799e23cc14e837ccc8c6", "tree": "e71815e09c73e33bdd2c687f7508e3720c4d3ed7", "parents": [ "13a791b4e63eb0537a7f804a340d6527485983b4" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 04:08:46 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 04:08:46 2009 -0500" }, "message": "eCryptfs: Remove ecryptfs_unlink_sigs warnings\n\nA feature was added to the eCryptfs umount helper to automatically\nunlink the keys used for an eCryptfs mount from the kernel keyring upon\numount. This patch keeps the unrecognized mount option warnings for\necryptfs_unlink_sigs out of the logs.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "13a791b4e63eb0537a7f804a340d6527485983b4", "tree": "ad3c74093e8efe0da14644a0dc16ac0c61b2e6e5", "parents": [ "3a5203ab3c0c31e0f1434c69e893bfb85c6e6657" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Apr 13 15:29:27 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 03:54:13 2009 -0500" }, "message": "eCryptfs: Fix data corruption when using ecryptfs_passthrough\n\necryptfs_passthrough is a mount option that allows eCryptfs to allow\ndata to be written to non-eCryptfs files in the lower filesystem. The\npassthrough option was causing data corruption due to it not always\nbeing treated as a non-eCryptfs file.\n\nThe first 8 bytes of an eCryptfs file contains the decrypted file size.\nThis value was being written to the non-eCryptfs files, too. Also,\nextra 0x00 characters were being written to make the file size a\nmultiple of PAGE_CACHE_SIZE.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "3a5203ab3c0c31e0f1434c69e893bfb85c6e6657", "tree": "76edf493f4737f57448e5705cd7d29fddeb4a66a", "parents": [ "57ea34d19963781d05eb12f9b31bd4f70d61ec16" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Mon Mar 16 12:35:12 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 03:54:13 2009 -0500" }, "message": "eCryptfs: Print FNEK sig properly in /proc/mounts\n\nThe filename encryption key signature is not properly displayed in\n/proc/mounts. The \"ecryptfs_sig\u003d\" mount option name is displayed for\nall global authentication tokens, included those for filename keys.\n\nThis patch checks the global authentication token flags to determine if\nthe key is a FEKEK or FNEK and prints the appropriate mount option name\nbefore the signature.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "57ea34d19963781d05eb12f9b31bd4f70d61ec16", "tree": "5a912a7515234eb73147c32197ecbc7ca429bde8", "parents": [ "ae6e84596e7b321d9a08e81679c6a3f799634636" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Sun Mar 15 14:17:01 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 03:54:13 2009 -0500" }, "message": "eCryptfs: NULL pointer dereference in ecryptfs_send_miscdev()\n\nIf data is NULL, msg_ctx-\u003emsg is set to NULL and then dereferenced\nafterwards. ecryptfs_send_raw_message() is the only place that\necryptfs_send_miscdev() is called with data being NULL, but the only\ncaller of that function (ecryptfs_process_helo()) is never called. In\nshort, there is currently no way to trigger the NULL pointer\ndereference.\n\nThis patch removes the two unused functions and modifies\necryptfs_send_miscdev() to remove the NULL dereferences.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "ae6e84596e7b321d9a08e81679c6a3f799634636", "tree": "a81baed56b7384321cf3d282e2d41f785fe30853", "parents": [ "091069740304c979f957ceacec39c461d0192158" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Thu Mar 12 00:19:46 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Apr 22 03:54:12 2009 -0500" }, "message": "eCryptfs: Copy lower inode attrs before dentry instantiation\n\nCopies the lower inode attributes to the upper inode before passing the\nupper inode to d_instantiate(). This is important for\nsecurity_d_instantiate().\n\nThe problem was discovered by a user seeing SELinux denials like so:\n\ntype\u003dAVC msg\u003daudit(1236812817.898:47): avc: denied { 0x100000 } for\npid\u003d3584 comm\u003d\"httpd\" name\u003d\"testdir\" dev\u003decryptfs ino\u003d943872\nscontext\u003droot:system_r:httpd_t:s0\ntcontext\u003droot:object_r:httpd_sys_content_t:s0 tclass\u003dfile\n\nNotice target class is file while testdir is really a directory,\nconfusing the permission translation (0x100000) due to the wrong i_mode.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "fd56d242b3b80b6f2ca174272b20029aae61df75", "tree": "57f51b3471dc6fdb8bcb92bff5bfdc8f4c441cd1", "parents": [ "a9482ebcdedbc5872ed34a266e6a45c35116f264" ], "author": { "name": "Li Zefan", "email": "lizf@cn.fujitsu.com", "time": "Wed Apr 08 15:09:29 2009 +0800" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Apr 20 23:02:51 2009 -0400" }, "message": "ecryptfs: use memdup_user()\n\nRemove open-coded memdup_user().\n\nSigned-off-by: Li Zefan \u003clizf@cn.fujitsu.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "00fcf2cb6f6bb421851c3ba062c0a36760ea6e53", "tree": "741afc144a87af1aa7915d812924da7d7418611f", "parents": [ "e2801806de1c9c1d03b7d1bfcb2e01dd4d389e80" ], "author": { "name": "Johannes Weiner", "email": "hannes@cmpxchg.org", "time": "Tue Mar 31 15:24:42 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Apr 01 08:59:23 2009 -0700" }, "message": "ecryptfs: use kzfree()\n\nUse kzfree() instead of memset() + kfree().\n\nSigned-off-by: Johannes Weiner \u003channes@cmpxchg.org\u003e\nReviewed-by: Pekka Enberg \u003cpenberg@cs.helsinki.fi\u003e\nAcked-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "5a3fd05a9bb2f104020fbfc4551ad4aaed4660a4", "tree": "4614ad0df3002edbb8c40c451310a33033af053d", "parents": [ "4fd03e84d8f4e6304cef19698a24dee84039ef01" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Feb 20 05:57:52 2009 +0000" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Mar 27 14:44:01 2009 -0400" }, "message": "constify dentry_operations: ecryptfs\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "2aac0cf88681bfa092f731553bc7fbd23516be73", "tree": "b723cbe9c67b0cafa9081690d03b4ecec038d9f6", "parents": [ "8faece5f906725c10e7a1f6caf84452abadbdc7b" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 20 02:23:57 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Mar 22 11:20:43 2009 -0700" }, "message": "eCryptfs: NULL crypt_stat dereference during lookup\n\nIf ecryptfs_encrypted_view or ecryptfs_xattr_metadata were being\nspecified as mount options, a NULL pointer dereference of crypt_stat\nwas possible during lookup.\n\nThis patch moves the crypt_stat assignment into\necryptfs_lookup_and_interpose_lower(), ensuring that crypt_stat\nwill not be NULL before we attempt to dereference it.\n\nThanks to Dan Carpenter and his static analysis tool, smatch, for\nfinding this bug.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nCc: Dan Carpenter \u003cerror27@gmail.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8faece5f906725c10e7a1f6caf84452abadbdc7b", "tree": "bbe7d6cba67c909fbc86fc63dbfa1cf0d3cb12bc", "parents": [ "18a0d89e54ca0f6f33582f99ae39867b2c975559" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 20 01:25:09 2009 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Mar 22 11:20:43 2009 -0700" }, "message": "eCryptfs: Allocate a variable number of pages for file headers\n\nWhen allocating the memory used to store the eCryptfs header contents, a\nsingle, zeroed page was being allocated with get_zeroed_page().\nHowever, the size of an eCryptfs header is either PAGE_CACHE_SIZE or\nECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE (8192), whichever is larger, and is\nstored in the file\u0027s private_data-\u003ecrypt_stat-\u003enum_header_bytes_at_front\nfield.\n\necryptfs_write_metadata_to_contents() was using\nnum_header_bytes_at_front to decide how many bytes should be written to\nthe lower filesystem for the file header. Unfortunately, at least 8K\nwas being written from the page, despite the chance of the single,\nzeroed page being smaller than 8K. This resulted in random areas of\nkernel memory being written between the 0x1000 and 0x1FFF bytes offsets\nin the eCryptfs file headers if PAGE_SIZE was 4K.\n\nThis patch allocates a variable number of pages, calculated with\nnum_header_bytes_at_front, and passes the number of allocated pages\nalong to ecryptfs_write_metadata_to_contents().\n\nThanks to Florian Streibelt for reporting the data leak and working with\nme to find the problem. 2.6.28 is the only kernel release with this\nvulnerability. Corresponds to CVE-2009-0787\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nReviewed-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nReviewed-by: Eugene Teo \u003ceugeneteo@kernel.sg\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nCc: dann frazier \u003cdannf@dannf.org\u003e\nCc: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nCc: Florian Streibelt \u003cflorian@f-streibelt.de\u003e\nCc: stable@kernel.org\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "84814d642a4f1f294bd675ab11aae1ca54c6cedb", "tree": "4ae91cce54c8d9578dc3217b6454a921b91833a3", "parents": [ "15e7b8767605dc0cb9bd4594caabfec392385210" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Mar 13 13:51:59 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 14 11:57:22 2009 -0700" }, "message": "eCryptfs: don\u0027t encrypt file key with filename key\n\neCryptfs has file encryption keys (FEK), file encryption key encryption\nkeys (FEKEK), and filename encryption keys (FNEK). The per-file FEK is\nencrypted with one or more FEKEKs and stored in the header of the\nencrypted file. I noticed that the FEK is also being encrypted by the\nFNEK. This is a problem if a user wants to use a different FNEK than\ntheir FEKEK, as their file contents will still be accessible with the\nFNEK.\n\nThis is a minimalistic patch which prevents the FNEKs signatures from\nbeing copied to the inode signatures list. Ultimately, it keeps the FEK\nfrom being encrypted with a FNEK.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "fd9fc842bbab0cb5560b0d52ce4598c898707863", "tree": "ff8fc9b1c964debf18ba662558b26bf7bb7513cc", "parents": [ "eeb94855beeb7fde5f9e2ed72fe6a8b24cd5a3c7" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Fri Feb 06 18:06:51 2009 -0600" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Feb 06 18:36:40 2009 -0800" }, "message": "eCryptfs: Regression in unencrypted filename symlinks\n\nThe addition of filename encryption caused a regression in unencrypted\nfilename symlink support. ecryptfs_copy_filename() is used when dealing\nwith unencrypted filenames and it reported that the new, copied filename\nwas a character longer than it should have been.\n\nThis caused the return value of readlink() to count the NULL byte of the\nsymlink target. Most applications don\u0027t care about the extra NULL byte,\nbut a version control system (bzr) helped in discovering the bug.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "295c896cb95de18004ef5e1b53f44c2ad001f936", "tree": "ec81dda0af7cb2c683541385c329af3c3d064bb8", "parents": [ "10951bf05d952bf6d13094f66a0dccd11dec311e" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Thu Jan 22 10:50:50 2009 +0300" }, "committer": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Thu Jan 22 13:15:56 2009 +0300" }, "message": "fs/Kconfig: move ecryptfs out\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\n" }, { "commit": "f70f582f0072f37790d2984647198deb3e7782a3", "tree": "acdeaf347fdd017346c15d9da858ee02f1b99224", "parents": [ "71c11c378f46e42ca67c1e227646ce23bf43a8c6" ], "author": { "name": "Qinghuang Feng", "email": "qhfeng.kernel@gmail.com", "time": "Tue Jan 06 14:42:05 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "fs/ecryptfs/inode.c: cleanup kerneldoc\n\nArguments lower_dentry and ecryptfs_dentry in ecryptfs_create_underlying_file()\nhave been merged into dentry, now fix it.\n\nSigned-off-by: Qinghuang Feng \u003cqhfeng.kernel@gmail.com\u003e\nCc: Randy Dunlap \u003crandy.dunlap@oracle.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "71c11c378f46e42ca67c1e227646ce23bf43a8c6", "tree": "5762c267801a47bc5efd54242661820472827960", "parents": [ "7d8bc2be51706152828164b305e969b4a8471041" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:05 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Clean up ecryptfs_decode_from_filename()\n\nFlesh out the comments for ecryptfs_decode_from_filename(). Remove the\nreturn condition, since it is always 0.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7d8bc2be51706152828164b305e969b4a8471041", "tree": "3020b62d6e94005ed20e59361e10c0891ceba796", "parents": [ "a8f12864c52f8ab8520568dc97969c1749ae60bf" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:04 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: kerneldoc for ecryptfs_parse_tag_70_packet()\n\nKerneldoc updates for ecryptfs_parse_tag_70_packet().\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a8f12864c52f8ab8520568dc97969c1749ae60bf", "tree": "9b65cf578ce80fb0fc139371b7dd7594ed79a6f0", "parents": [ "df261c52abdef147084c76ecf14473184e907547" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:03 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Fix data types (int/size_t)\n\nCorrect several format string data type specifiers. Correct filename size\ndata types; they should be size_t rather than int when passed as\nparameters to some other functions (although note that the filenames will\nnever be larger than int).\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "df261c52abdef147084c76ecf14473184e907547", "tree": "f1f423ba612dbacace82193f2b088252f169a9c6", "parents": [ "87c94c4df0149786ad91d8a03c738a03369ee9c8" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:02 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Replace %Z with %z\n\n%Z is a gcc-ism. Using %z instead.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "87c94c4df0149786ad91d8a03c738a03369ee9c8", "tree": "6b7ee0b3c3e15d94fdeccb59e8bfab6c9d2a4498", "parents": [ "addd65ad8d19a7d7982130b16f957d5d01d3f8df" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:01 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Filename Encryption: mount option\n\nEnable mount-wide filename encryption by providing the Filename Encryption\nKey (FNEK) signature as a mount option. Note that the ecryptfs-utils\nuserspace package versions 61 or later support this option.\n\nWhen mounting with ecryptfs-utils version 61 or later, the mount helper\nwill detect the availability of the passphrase-based filename encryption\nin the kernel (via the eCryptfs sysfs handle) and query the user\ninteractively as to whether or not he wants to enable the feature for the\nmount. If the user enables filename encryption, the mount helper will\nthen prompt for the FNEK signature that the user wishes to use, suggesting\nby default the signature for the mount passphrase that the user has\nalready entered for encrypting the file contents.\n\nWhen not using the mount helper, the user can specify the signature for\nthe passphrase key with the ecryptfs_fnek_sig\u003d mount option. This key\nmust be available in the user\u0027s keyring. The mount helper usually takes\ncare of this step. If, however, the user is not mounting with the mount\nhelper, then he will need to enter the passphrase key into his keyring\nwith some other utility prior to mounting, such as ecryptfs-manager.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "addd65ad8d19a7d7982130b16f957d5d01d3f8df", "tree": "2263b4a4b7a6269410bd161a3995d2b4af3f7bcf", "parents": [ "51ca58dcc9f0d6b1e78954d08bd4954fb6a1421c" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:42:00 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:22 2009 -0800" }, "message": "eCryptfs: Filename Encryption: filldir, lookup, and readlink\n\nMake the requisite modifications to ecryptfs_filldir(), ecryptfs_lookup(),\nand ecryptfs_readlink() to call out to filename encryption functions.\nPropagate filename encryption policy flags from mount-wide crypt_stat to\ninode crypt_stat.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "51ca58dcc9f0d6b1e78954d08bd4954fb6a1421c", "tree": "0bd80a0a9322150527b2d2160d7b37d0e067f389", "parents": [ "a34f60f748c6fe5d791e9b54cffe442201428254" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:59 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Encoding and encryption functions\n\nThese functions support encrypting and encoding the filename contents.\nThe encrypted filename contents may consist of any ASCII characters. This\npatch includes a custom encoding mechanism to map the ASCII characters to\na reduced character set that is appropriate for filenames.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a34f60f748c6fe5d791e9b54cffe442201428254", "tree": "1b5378b49773c0f57bb5f892c3d2096da3c9a803", "parents": [ "9c79f34f7ee71cd28272332b424ca64b2be006ab" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:58 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Header updates\n\nExtensions to the header file to support filename encryption.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "9c79f34f7ee71cd28272332b424ca64b2be006ab", "tree": "1a818b78d8f0497c4b97a77a6464718dfaaf12c1", "parents": [ "14bca6c39d8245a0313f55309bfeb6bf60cc17c8" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Jan 06 14:41:57 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 06 15:59:21 2009 -0800" }, "message": "eCryptfs: Filename Encryption: Tag 70 packets\n\nThis patchset implements filename encryption via a passphrase-derived\nmount-wide Filename Encryption Key (FNEK) specified as a mount parameter.\nEach encrypted filename has a fixed prefix indicating that eCryptfs should\ntry to decrypt the filename. When eCryptfs encounters this prefix, it\ndecodes the filename into a tag 70 packet and then decrypts the packet\ncontents using the FNEK, setting the filename to the decrypted filename.\nBoth unencrypted and encrypted filenames can reside in the same lower\nfilesystem.\n\nBecause filename encryption expands the length of the filename during the\nencoding stage, eCryptfs will not properly handle filenames that are\nalready near the maximum filename length.\n\nIn the present implementation, eCryptfs must be able to produce a match\nagainst the lower encrypted and encoded filename representation when given\na plaintext filename. Therefore, two files having the same plaintext name\nwill encrypt and encode into the same lower filename if they are both\nencrypted using the same FNEK. This can be changed by finding a way to\nreplace the prepended bytes in the blocked-aligned filename with random\ncharacters; they are hashes of the FNEK right now, so that it is possible\nto deterministically map from a plaintext filename to an encrypted and\nencoded filename in the lower filesystem. An implementation using random\ncharacters will have to decode and decrypt every single directory entry in\nany given directory any time an event occurs wherein the VFS needs to\ndetermine whether a particular file exists in the lower directory and the\ndecrypted and decoded filenames have not yet been extracted for that\ndirectory.\n\nThanks to Tyler Hicks and David Kleikamp for assistance in the development\nof this patchset.\n\nThis patch:\n\nA tag 70 packet contains a filename encrypted with a Filename Encryption\nKey (FNEK). This patch implements functions for writing and parsing tag\n70 packets. This patch also adds definitions and extends structures to\nsupport filename encryption.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003cdustin.kirkland@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Tyler Hicks \u003ctchicks@us.ibm.com\u003e\nCc: David Kleikamp \u003cshaggy@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "520c85346666d4d9a6fcaaa8450542302dc28b91", "tree": "9c9cc9e2493b606104dd8602302ae28258ebeac0", "parents": [ "e8c82c2e23e3527e0c9dc195e432c16784d270fa", "4ae8978cf92a96257cd8998a49e781be83571d64" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jan 05 18:32:06 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jan 05 18:32:06 2009 -0800" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:\n inotify: fix type errors in interfaces\n fix breakage in reiserfs_new_inode()\n fix the treatment of jfs special inodes\n vfs: remove duplicate code in get_fs_type()\n add a vfs_fsync helper\n sys_execve and sys_uselib do not call into fsnotify\n zero i_uid/i_gid on inode allocation\n inode-\u003ei_op is never NULL\n ntfs: don\u0027t NULL i_op\n isofs check for NULL -\u003ei_op in root directory is dead code\n affs: do not zero -\u003ei_op\n kill suid bit only for regular files\n vfs: lseek(fd, 0, SEEK_CUR) race condition\n" }, { "commit": "4c728ef583b3d82266584da5cb068294c09df31e", "tree": "1252fa82b5a7cf60c0898c3da810228b4c34ebb3", "parents": [ "6110e3abbff8b785907d4db50240e63c1be726e3" ], "author": { "name": "Christoph Hellwig", "email": "hch@lst.de", "time": "Mon Dec 22 21:11:15 2008 +0100" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jan 05 11:54:28 2009 -0500" }, "message": "add a vfs_fsync helper\n\nFsync currently has a fdatawrite/fdatawait pair around the method call,\nand a mutex_lock/unlock of the inode mutex. All callers of fsync have\nto duplicate this, but we have a few and most of them don\u0027t quite get\nit right. This patch adds a new vfs_fsync that takes care of this.\nIt\u0027s a little more complicated as usual as -\u003efsync might get a NULL file\npointer and just a dentry from nfsd, but otherwise gets afile and we\nwant to take the mapping and file operations from it when it is there.\n\nNotes on the fsync callers:\n\n - ecryptfs wasn\u0027t calling filemap_fdatawrite / filemap_fdatawait on the\n \tlower file\n - coda wasn\u0027t calling filemap_fdatawrite / filemap_fdatawait on the host\n\tfile, and returning 0 when -\u003efsync was missing\n - shm wasn\u0027t calling either filemap_fdatawrite / filemap_fdatawait nor\n taking i_mutex. Now given that shared memory doesn\u0027t have disk\n backing not doing anything in fsync seems fine and I left it out of\n the vfs_fsync conversion for now, but in that case we might just\n not pass it through to the lower file at all but just call the no-op\n simple_sync_file directly.\n\n[and now actually export vfs_fsync]\n\nSigned-off-by: Christoph Hellwig \u003chch@lst.de\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "acfa4380efe77e290d3a96b11cd4c9f24f4fbb18", "tree": "d656232c7ef39c83681c2de4c8e28ba439242f66", "parents": [ "9742df331deb3fce95b321f38d4ea0c4e75edb63" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Dec 04 10:06:33 2008 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jan 05 11:54:28 2009 -0500" }, "message": "inode-\u003ei_op is never NULL\n\nWe used to have rather schizophrenic set of checks for NULL -\u003ei_op even\nthough it had been eliminated years ago. You\u0027d need to go out of your\nway to set it to NULL explicitly _and_ a bunch of code would die on\nsuch inodes anyway. After killing two remaining places that still\ndid that bogosity, all that crap can go away.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "54566b2c1594c2326a645a3551f9d989f7ba3c5e", "tree": "b373f3283fe5e197d0df29cd6b645c35adf1076c", "parents": [ "e687d691cb3790d25e31c74f5941fd7c565e9df5" ], "author": { "name": "Nick Piggin", "email": "npiggin@suse.de", "time": "Sun Jan 04 12:00:53 2009 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Jan 04 13:33:20 2009 -0800" }, "message": "fs: symlink write_begin allocation context fix\n\nWith the write_begin/write_end aops, page_symlink was broken because it\ncould no longer pass a GFP_NOFS type mask into the point where the\nallocations happened. They are done in write_begin, which would always\nassume that the filesystem can be entered from reclaim. This bug could\ncause filesystem deadlocks.\n\nThe funny thing with having a gfp_t mask there is that it doesn\u0027t really\nallow the caller to arbitrarily tinker with the context in which it can be\ncalled. It couldn\u0027t ever be GFP_ATOMIC, for example, because it needs to\ntake the page lock. The only thing any callers care about is __GFP_FS\nanyway, so turn that into a single flag.\n\nAdd a new flag for write_begin, AOP_FLAG_NOFS. Filesystems can now act on\nthis flag in their write_begin function. Change __grab_cache_page to\naccept a nofs argument as well, to honour that flag (while we\u0027re there,\nchange the name to grab_cache_page_write_begin which is more instructive\nand does away with random leading underscores).\n\nThis is really a more flexible way to go in the end anyway -- if a\nfilesystem happens to want any extra allocations aside from the pagecache\nones in ints write_begin function, it may now use GFP_KERNEL (rather than\nGFP_NOFS) for common case allocations (eg. ocfs2_alloc_write_ctxt, for a\nrandom example).\n\n[kosaki.motohiro@jp.fujitsu.com: fix ubifs]\n[kosaki.motohiro@jp.fujitsu.com: fix fuse]\nSigned-off-by: Nick Piggin \u003cnpiggin@suse.de\u003e\nReviewed-by: KOSAKI Motohiro \u003ckosaki.motohiro@jp.fujitsu.com\u003e\nCc: \u003cstable@kernel.org\u003e\t\t[2.6.28.x]\nSigned-off-by: KOSAKI Motohiro \u003ckosaki.motohiro@jp.fujitsu.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n[ Cleaned up the calling convention: just pass in the AOP flags\n untouched to the grab_cache_page_write_begin() function. That\n just simplifies everybody, and may even allow future expansion of the\n logic. - Linus ]\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a17d5232de7b53d34229de79ec22f4bb04adb7e4", "tree": "d42a96bf5e0806e4a67404709a8fdf0ed4e551c0", "parents": [ "5cc4a0341a1295ea56b2e62eb70d96d8fdb94ded" ], "author": { "name": "Duane Griffin", "email": "duaneg@dghda.com", "time": "Fri Dec 19 20:47:10 2008 +0000" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Dec 31 18:07:38 2008 -0500" }, "message": "eCryptfs: check readlink result was not an error before using it\n\nThe result from readlink is being used to index into the link name\nbuffer without checking whether it is a valid length. If readlink\nreturns an error this will fault or cause memory corruption.\n\nCc: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nSigned-off-by: Duane Griffin \u003cduaneg@dghda.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nAcked-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "ec98ce480ada787f2cfbd696980ff3564415505b", "tree": "1a4d644b38f9f1e4b4e086fde0b195df4a92cf84", "parents": [ "3496f92beb9aa99ef21fccc154a36c7698e9c538", "feaf3848a813a106f163013af6fcf6c4bfec92d9" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Dec 04 17:16:36 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Dec 04 17:16:36 2008 +1100" }, "message": "Merge branch \u0027master\u0027 into next\n\nConflicts:\n\tfs/nfsd/nfs4recover.c\n\nManually fixed above to use new creds API functions, e.g.\nnfs4_save_creds().\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "18b6e0414e42d95183f07d8177e3ff0241abd825", "tree": "91ca2f2d442055e31eb7bb551bf7060f3f4c4cc7", "parents": [ "9789cfe22e5d7bc10cad841a4ea96ecedb34b267" ], "author": { "name": "Serge Hallyn", "email": "serue@us.ibm.com", "time": "Wed Oct 15 16:38:45 2008 -0500" }, "committer": { "name": "Serge E. Hallyn", "email": "serue@us.ibm.com", "time": "Mon Nov 24 18:57:41 2008 -0500" }, "message": "User namespaces: set of cleanups (v2)\n\nThe user_ns is moved from nsproxy to user_struct, so that a struct\ncred by itself is sufficient to determine access (which it otherwise\nwould not be). Corresponding ecryptfs fixes (by David Howells) are\nhere as well.\n\nFix refcounting. The following rules now apply:\n 1. The task pins the user struct.\n 2. The user struct pins its user namespace.\n 3. The user namespace pins the struct user which created it.\n\nUser namespaces are cloned during copy_creds(). Unsharing a new user_ns\nis no longer possible. (We could re-add that, but it\u0027ll cause code\nduplication and doesn\u0027t seem useful if PAM doesn\u0027t need to clone user\nnamespaces).\n\nWhen a user namespace is created, its first user (uid 0) gets empty\nkeyrings and a clean group_info.\n\nThis incorporates a previous patch by David Howells. Here\nis his original patch description:\n\n\u003eI suggest adding the attached incremental patch. It makes the following\n\u003echanges:\n\u003e\n\u003e (1) Provides a current_user_ns() macro to wrap accesses to current\u0027s user\n\u003e namespace.\n\u003e\n\u003e (2) Fixes eCryptFS.\n\u003e\n\u003e (3) Renames create_new_userns() to create_user_ns() to be more consistent\n\u003e with the other associated functions and because the \u0027new\u0027 in the name is\n\u003e superfluous.\n\u003e\n\u003e (4) Moves the argument and permission checks made for CLONE_NEWUSER to the\n\u003e beginning of do_fork() so that they\u0027re done prior to making any attempts\n\u003e at allocation.\n\u003e\n\u003e (5) Calls create_user_ns() after prepare_creds(), and gives it the new creds\n\u003e to fill in rather than have it return the new root user. I don\u0027t imagine\n\u003e the new root user being used for anything other than filling in a cred\n\u003e struct.\n\u003e\n\u003e This also permits me to get rid of a get_uid() and a free_uid(), as the\n\u003e reference the creds were holding on the old user_struct can just be\n\u003e transferred to the new namespace\u0027s creator pointer.\n\u003e\n\u003e (6) Makes create_user_ns() reset the UIDs and GIDs of the creds under\n\u003e preparation rather than doing it in copy_creds().\n\u003e\n\u003eDavid\n\n\u003eSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\n\nChangelog:\n\tOct 20: integrate dhowells comments\n\t\t1. leave thread_keyring alone\n\t\t2. use current_user_ns() in set_user()\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\n" }, { "commit": "ac97b9f9a2d0b83488e0bbcb8517b229d5c9b142", "tree": "118785d6a53390fb15177fc762f744a1bc0a79a4", "parents": [ "3b45d6380c392e402adc460e4ccf7d41e0caf82a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Nov 19 15:36:28 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 19 18:49:58 2008 -0800" }, "message": "eCryptfs: Allocate up to two scatterlists for crypto ops on keys\n\nI have received some reports of out-of-memory errors on some older AMD\narchitectures. These errors are what I would expect to see if\ncrypt_stat-\u003ekey were split between two separate pages. eCryptfs should\nnot assume that any of the memory sent through virt_to_scatterlist() is\nall contained in a single page, and so this patch allocates two\nscatterlist structs instead of one when processing keys. I have received\nconfirmation from one person affected by this bug that this patch resolves\nthe issue for him, and so I am submitting it for inclusion in a future\nstable release.\n\nNote that virt_to_scatterlist() runs sg_init_table() on the scatterlist\nstructs passed to it, so the calls to sg_init_table() in\ndecrypt_passphrase_encrypted_session_key() are redundant.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nReported-by: Paulo J. S. Silva \u003cpjssilva@ime.usp.br\u003e\nCc: \"Leon Woestenberg\" \u003cleon.woestenberg@gmail.com\u003e\nCc: Tim Gardner \u003ctim.gardner@canonical.com\u003e\nCc: \u003cstable@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "745ca2475a6ac596e3d8d37c2759c0fbe2586227", "tree": "f87c34bdfbc8542477b16a014bbb4e3b415b286a", "parents": [ "88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:39:22 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:39:22 2008 +1100" }, "message": "CRED: Pass credentials through dentry_open()\n\nPass credentials through dentry_open() so that the COW creds patch can have\nSELinux\u0027s flush_unauthorized_files() pass the appropriate creds back to itself\nwhen it opens its null chardev.\n\nThe security_dentry_open() call also now takes a creds pointer, as does the\ndentry_open hook in struct security_operations.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4eea03539d9a8e3f5056aed690efde1f75535e7b", "tree": "1dd58dee9a286459c7a70b8f82edcb63d20b2c07", "parents": [ "ec4c2aacd16672febca053109eb9ddf672108ca1" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:38:49 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:38:49 2008 +1100" }, "message": "CRED: Wrap task credential accesses in the eCryptFS filesystem\n\nWrap access to task credentials so that they can be separated more easily from\nthe task_struct during the introduction of COW creds.\n\nChange most current-\u003e(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().\n\nChange some task-\u003ee?[ug]id to task_e?[ug]id(). In some places it makes more\nsense to use RCU directly rather than a convenient wrapper; these will be\naddressed by later patches.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Phillip Hellewell \u003cphillip@hellewell.homeip.net\u003e\nCc: ecryptfs-devel@lists.sourceforge.net\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "87b811c3f96559e466403e22b1fa99d472571625", "tree": "319179f5d9a1cffaa3ae32aa41076d0fb10aab10", "parents": [ "ce05fcc30ea41c85f9d50bee1ce289f7cb7fb223" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Oct 29 14:01:08 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 30 11:38:46 2008 -0700" }, "message": "ecryptfs: fix memory corruption when storing crypto info in xattrs\n\nWhen ecryptfs allocates space to write crypto headers into, before copying\nit out to file headers or to xattrs, it looks at the value of\ncrypt_stat-\u003enum_header_bytes_at_front to determine how much space it\nneeds. This is also used as the file offset to the actual encrypted data,\nso for xattr-stored crypto info, the value was zero.\n\nSo, we kzalloc\u0027d 0 bytes, and then ran off to write to that memory.\n(Which returned as ZERO_SIZE_PTR, so we explode quickly).\n\nThe right answer is to always allocate a page to write into; the current\ncode won\u0027t ever write more than that (this is enforced by the\n(PAGE_CACHE_SIZE - offset) length in the call to\necryptfs_generate_key_packet_set). To be explicit about this, we now send\nin a \"max\" parameter, rather than magically using PAGE_CACHE_SIZE there.\n\nAlso, since the pointer we pass down the callchain eventually gets the\nvirt_to_page() treatment, we should be using a alloc_page variant, not\nkzalloc (see also 7fcba054373d5dfc43d26e243a5c9b92069972ee)\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "421748ecde8e69a6364e5ae66eb3bf87e1f995c0", "tree": "50ef878f8c46b1ec729625ed678d04aaeaaee6dd", "parents": [ "a63bb99660d82dfe7c51588e1f9aadefb756ba51" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Aug 02 01:04:36 2008 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Oct 23 05:12:52 2008 -0400" }, "message": "[PATCH] assorted path_lookup() -\u003e kern_path() conversions\n\nmore nameidata eviction\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "624ae5284516870657505103ada531c64dba2a9a", "tree": "1098d75abc1f4d335e2276dd9dde00a60ee568b5", "parents": [ "807b7ebe41ab80d96e89a53bc290d49613e56f48" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Oct 15 22:02:51 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 16 11:21:39 2008 -0700" }, "message": "eCryptfs: remove netlink transport\n\nThe netlink transport code has not worked for a while and the miscdev\ntransport is a simpler solution. This patch removes the netlink code and\nmakes the miscdev transport the only eCryptfs kernel to userspace\ntransport.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dustin Kirkland \u003ckirkland@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "807b7ebe41ab80d96e89a53bc290d49613e56f48", "tree": "79a73c4982d4572c33bf7ad71e92b42650c1636e", "parents": [ "7d6c7045581d3736c5f14053eb59342aa0b2cc07" ], "author": { "name": "Badari Pulavarty", "email": "pbadari@us.ibm.com", "time": "Wed Oct 15 22:02:50 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 16 11:21:39 2008 -0700" }, "message": "ecryptfs: convert to use new aops\n\nConvert ecryptfs to use write_begin/write_end\n\nSigned-off-by: Nick Piggin \u003cnpiggin@suse.de\u003e\nSigned-off-by: Badari Pulavarty \u003cpbadari@us.ibm.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dave Kleikamp \u003cshaggy@austin.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7d6c7045581d3736c5f14053eb59342aa0b2cc07", "tree": "3906a3e8b0d4a2e4752c4eb19defc62691d200d7", "parents": [ "9d793b0bcbbbc37d80241862dfa5257963d5415e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Oct 15 22:02:49 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 16 11:21:38 2008 -0700" }, "message": "eCryptfs: remove retry loop in ecryptfs_readdir()\n\nThe retry block in ecryptfs_readdir() has been in the eCryptfs code base\nfor a while, apparently for no good reason. This loop could potentially\nrun without terminating. This patch removes the loop, instead erroring\nout if vfs_readdir() on the lower file fails.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nReported-by: Al Viro \u003cviro@ZinIV.linux.org.uk\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a447c0932445f92ce6f4c1bd020f62c5097a7842", "tree": "bacf05bc7f9764515cdd6f7dc5e2254776b4f160", "parents": [ "54cebc68c81eacac41a21bdfe99dc889d3882c60" ], "author": { "name": "Steven Whitehouse", "email": "swhiteho@redhat.com", "time": "Mon Oct 13 10:46:57 2008 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 13 10:10:37 2008 -0700" }, "message": "vfs: Use const for kernel parser table\n\nThis is a much better version of a previous patch to make the parser\ntables constant. Rather than changing the typedef, we put the \"const\" in\nall the various places where its required, allowing the __initconst\nexception for nfsroot which was the cause of the previous trouble.\n\nThis was posted for review some time ago and I believe its been in -mm\nsince then.\n\nSigned-off-by: Steven Whitehouse \u003cswhiteho@redhat.com\u003e\nCc: Alexander Viro \u003caviro@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7fcba054373d5dfc43d26e243a5c9b92069972ee", "tree": "3503fba122a654946b5455bc95fa3978cbc4f68b", "parents": [ "25947d5ac56004378d8c2d31ebf22600d5bc0c02" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Mon Jul 28 15:46:39 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 28 16:30:21 2008 -0700" }, "message": "eCryptfs: use page_alloc not kmalloc to get a page of memory\n\nWith SLUB debugging turned on in 2.6.26, I was getting memory corruption\nwhen testing eCryptfs. The root cause turned out to be that eCryptfs was\ndoing kmalloc(PAGE_CACHE_SIZE); virt_to_page() and treating that as a nice\npage-aligned chunk of memory. But at least with SLUB debugging on, this\nis not always true, and the page we get from virt_to_page does not\nnecessarily match the PAGE_CACHE_SIZE worth of memory we got from kmalloc.\n\nMy simple testcase was 2 loops doing \"rm -f fileX; cp /tmp/fileX .\" for 2\ndifferent multi-megabyte files. With this change I no longer see the\ncorruption.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nAcked-by: Rik van Riel \u003criel@redhat.com\u003e\nCc: \u003cstable@kernel.org\u003e\t\t[2.6.25.x, 2.6.26.x]\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f419a2e3b64def707e1384ee38abb77f99af5f6d", "tree": "adbe12c510f04cf25ca6f822ee8004c8679a3a63", "parents": [ "30524472c2f728c20d6bf35191042a5d455c0a64" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 22 00:07:17 2008 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Jul 26 20:53:31 2008 -0400" }, "message": "[PATCH] kill nameidata passing to permission(), rename to inode_permission()\n\nIncidentally, the name that gives hundreds of false positives on grep\nis not a good idea...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "db2e747b14991a4c6a5c98b0e5f552a193237c03", "tree": "8850e8ef9e1a7bb3d7bbc051f191cd8350093564", "parents": [ "7e79eedb3b22200cc8b774baea3a7bf28d766101" ], "author": { "name": "Miklos Szeredi", "email": "mszeredi@suse.cz", "time": "Tue Jun 24 16:50:16 2008 +0200" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Jul 26 20:53:18 2008 -0400" }, "message": "[patch 5/5] vfs: remove mode parameter from vfs_symlink()\n\nRemove the unused mode parameter from vfs_symlink and callers.\n\nThanks to Tetsuo Handa for noticing.\n\nCC: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Miklos Szeredi \u003cmszeredi@suse.cz\u003e\n" }, { "commit": "e6305c43eda10ebfd2ad9e35d6e172ccc7bb3695", "tree": "8a95bd0e27fb3ce895cca9ef91af2e1605e4cdab", "parents": [ "1bd5191d9f5d1928c4efdf604c4164b04bb88dbe" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 15 21:03:57 2008 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Jul 26 20:53:14 2008 -0400" }, "message": "[PATCH] sanitize -\u003epermission() prototype\n\n* kill nameidata * argument; map the 3 bits in -\u003eflags anybody cares\n about to new MAY_... ones and pass with the mask.\n* kill redundant gfs2_iop_permission()\n* sanitize ecryptfs_permission()\n* fix remaining places where -\u003epermission() instances might barf on new\n MAY_... found in mask.\n\nThe obvious next target in that direction is permission(9)\n\nfolded fix for nfs_permission() breakage from Miklos Szeredi \u003cmszeredi@suse.cz\u003e\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "51cc50685a4275c6a02653670af9f108a64e01cf", "tree": "819d47bd2b0c8a9d1835d863853804b0a0242b97", "parents": [ "d91958815d214ea365b98cbff6215383897edcb6" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Fri Jul 25 19:45:34 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Jul 26 12:00:07 2008 -0700" }, "message": "SL*B: drop kmem cache argument from constructor\n\nKmem cache passed to constructor is only needed for constructors that are\nthemselves multiplexeres. Nobody uses this \"feature\", nor does anybody uses\npassed kmem cache in non-trivial way, so pass only pointer to object.\n\nNon-trivial places are:\n\tarch/powerpc/mm/init_64.c\n\tarch/powerpc/mm/hugetlbpage.c\n\nThis is flag day, yes.\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nAcked-by: Pekka Enberg \u003cpenberg@cs.helsinki.fi\u003e\nAcked-by: Christoph Lameter \u003ccl@linux-foundation.org\u003e\nCc: Jon Tollefson \u003ckniht@linux.vnet.ibm.com\u003e\nCc: Nick Piggin \u003cnickpiggin@yahoo.com.au\u003e\nCc: Matt Mackall \u003cmpm@selenic.com\u003e\n[akpm@linux-foundation.org: fix arch/powerpc/mm/hugetlbpage.c]\n[akpm@linux-foundation.org: fix mm/slab.c]\n[akpm@linux-foundation.org: fix ubifs]\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "391b52f98cf2e9bff227dad8bf9ea206fec43fa4", "tree": "40eb4e0d6d399d9b98b791db497097a1ff44894e", "parents": [ "72b55fffd631a89e5be6fe1b4f2565bc4cd90deb" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Jul 23 21:30:08 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "eCryptfs: Make all persistent file opens delayed\n\nThere is no good reason to immediately open the lower file, and that can\ncause problems with files that the user does not intend to immediately\nopen, such as device nodes.\n\nThis patch removes the persistent file open from the interpose step and\npushes that to the locations where eCryptfs really does need the lower\npersistent file, such as just before reading or writing the metadata\nstored in the lower file header.\n\nTwo functions are jumping to out_dput when they should just be jumping to\nout on error paths. This patch also fixes these.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "72b55fffd631a89e5be6fe1b4f2565bc4cd90deb", "tree": "ece810c24655a6eeed96a6f2fbe14dea6478f031", "parents": [ "0a688ad713949643e201431d3f4a4ceddfeb70ca" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Jul 23 21:30:07 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "eCryptfs: do not try to open device files on mknod\n\nWhen creating device nodes, eCryptfs needs to delay actually opening the lower\npersistent file until an application tries to open. Device handles may not be\nbacked by anything when they first come into existence.\n\n[Valdis.Kletnieks@vt.edu: build fix]\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: \u003cValdis.Kletnieks@vt.edu}\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "0a688ad713949643e201431d3f4a4ceddfeb70ca", "tree": "d56c3258db6eb2ea0df39c5e5d86302caa72042c", "parents": [ "29335c6a41568d4708d4ec3b9187f9b6d302e5ea" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Wed Jul 23 21:30:07 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: inode.c mmap.c use unaligned byteorder helpers\n\nFixe sparse warnings:\nfs/ecryptfs/inode.c:368:15: warning: cast to restricted __be64\nfs/ecryptfs/mmap.c:385:12: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/mmap.c:385:12: expected unsigned long long [unsigned] [assigned] [usertype] file_size\nfs/ecryptfs/mmap.c:385:12: got restricted __be64 [usertype] \u003cnoident\u003e\nfs/ecryptfs/mmap.c:428:12: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/mmap.c:428:12: expected unsigned long long [unsigned] [assigned] [usertype] file_size\nfs/ecryptfs/mmap.c:428:12: got restricted __be64 [usertype] \u003cnoident\u003e\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "29335c6a41568d4708d4ec3b9187f9b6d302e5ea", "tree": "83be9a98e4b657b46377c32624d5d0cd9120ee5f", "parents": [ "8f2368095e25018838e1bf145041f58270ccd32e" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Wed Jul 23 21:30:06 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: crypto.c use unaligned byteorder helpers\n\nFixes the following sparse warnings:\nfs/ecryptfs/crypto.c:1036:8: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1038:8: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1077:10: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1103:6: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1105:6: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1124:8: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1241:21: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1244:30: warning: incorrect type in assignment (different base types)\nfs/ecryptfs/crypto.c:1414:23: warning: cast to restricted __be32\nfs/ecryptfs/crypto.c:1417:32: warning: cast to restricted __be16\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8f2368095e25018838e1bf145041f58270ccd32e", "tree": "c8ac94c024d0874f1955c1aa8880d3649dc7d4fc", "parents": [ "982363c97f8cad7aea4c3d2cfebffc1cc2d2f166" ], "author": { "name": "Miklos Szeredi", "email": "mszeredi@suse.cz", "time": "Wed Jul 23 21:30:05 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: string copy cleanup\n\nClean up overcomplicated string copy, which also gets rid of this\nbogus warning:\n\nfs/ecryptfs/main.c: In function \u0027ecryptfs_parse_options\u0027:\ninclude/asm/arch/string_32.h:75: warning: array subscript is above array bounds\n\nSigned-off-by: Miklos Szeredi \u003cmszeredi@suse.cz\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "982363c97f8cad7aea4c3d2cfebffc1cc2d2f166", "tree": "63459c8ea40c1f45f7a4e14b0630829ab2a43afc", "parents": [ "6c4c17b073cd4a5a61bc04329561632870bb21fc" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Jul 23 21:30:04 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: propagate key errors up at mount time\n\nMounting with invalid key signatures should probably fail, if they were\nspecifically requested but not available.\n\nAlso fix case checks in process_request_key_err() for the right sign of\nthe errnos, as spotted by Jan Tluka.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nReviewed-by: Jan Tluka \u003cjtluka@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6c4c17b073cd4a5a61bc04329561632870bb21fc", "tree": "22fea1e80df5665061f1cf2953c69a00dc097e9b", "parents": [ "746f1e558bc52b9693c1a1ecdab60f8392e5ff18" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Jul 23 21:30:04 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:31 2008 -0700" }, "message": "ecryptfs: discard ecryptfsd registration messages in miscdev\n\nThe userspace eCryptfs daemon sends HELO and QUIT messages to the kernel\nfor per-user daemon (un)registration. These messages are required when\nnetlink is used as the transport, but (un)registration is handled by\nopening and closing the device file when miscdev is the transport. These\nmessages should be discarded in the miscdev transport so that a daemon\nisn\u0027t registered twice.\n\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "746f1e558bc52b9693c1a1ecdab60f8392e5ff18", "tree": "a3253428affed93967c3ec67ba27ce8fe7d333c2", "parents": [ "0293902a4d66fab27d0ddcc0766e05dae68f004e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Jul 23 21:30:02 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:30 2008 -0700" }, "message": "eCryptfs: Privileged kthread for lower file opens\n\neCryptfs would really like to have read-write access to all files in the\nlower filesystem. Right now, the persistent lower file may be opened\nread-only if the attempt to open it read-write fails. One way to keep\nfrom having to do that is to have a privileged kthread that can open the\nlower persistent file on behalf of the user opening the eCryptfs file;\nthis patch implements this functionality.\n\nThis patch will properly allow a less-privileged user to open the eCryptfs\nfile, followed by a more-privileged user opening the eCryptfs file, with\nthe first user only being able to read and the second user being able to\nboth read and write. eCryptfs currently does this wrong; it will wind up\ncalling vfs_write() on a file that was opened read-only. This is fixed in\nthis patch.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dave Kleikamp \u003cshaggy@austin.ibm.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2fceef397f9880b212a74c418290ce69e7ac00eb", "tree": "d9cc09ab992825ef7fede4a688103503e3caf655", "parents": [ "feae1ef116ed381625d3731c5ae4f4ebcb3fa302", "bce7f793daec3e65ec5c5705d2457b81fe7b5725" ], "author": { "name": "Jonathan Corbet", "email": "corbet@lwn.net", "time": "Mon Jul 14 15:29:34 2008 -0600" }, "committer": { "name": "Jonathan Corbet", "email": "corbet@lwn.net", "time": "Mon Jul 14 15:29:34 2008 -0600" }, "message": "Merge commit \u0027v2.6.26\u0027 into bkl-removal\n" }, { "commit": "c4a2d7fbec3029c8891a3ad5fceec2992096a3b7", "tree": "73d1580628737c54c9d4fed86278e9edc4dab4d2", "parents": [ "10dd08dc04c881dcc9f7f19e2a3ad8e0778e4db5" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Fri Jul 04 09:59:35 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 04 10:40:05 2008 -0700" }, "message": "ecryptfs: remove unnecessary mux from ecryptfs_init_ecryptfs_miscdev()\n\nThe misc_mtx should provide all the protection required to keep the daemon\nhash table sane during miscdev registration. Since this mutex is causing\ngratuitous lockdep warnings, this patch removes it.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nReported-by: Cyrill Gorcunov \u003cgorcunov@gmail.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "dda6445e219b5d1fd67e9426ce8d23f8fbfaaf66", "tree": "7c29d5ab31ebeb63721ca98f5341fcd00b272db9", "parents": [ "dbfb2df7e9fbd6e5ab8cd9b94b27767fe311fa0d" ], "author": { "name": "Jonathan Corbet", "email": "corbet@lwn.net", "time": "Thu Jun 19 16:18:25 2008 -0600" }, "committer": { "name": "Jonathan Corbet", "email": "corbet@lwn.net", "time": "Wed Jul 02 15:06:28 2008 -0600" }, "message": "ecryptfs: fasync BKL pushdown\n\nSigned-off-by: Jonathan Corbet \u003ccorbet@lwn.net\u003e\n" }, { "commit": "d3e49afbb66109613c3474f2273f5830ac2dcb09", "tree": "d4c3330878741db68f1cac649e070b464ea59204", "parents": [ "c45dcabd2626c56f8c1235df9db065f584f3ac82" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Thu Jun 05 22:46:02 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jun 06 11:29:09 2008 -0700" }, "message": "eCryptfs: remove unnecessary page decrypt call\n\nThe page decrypt calls in ecryptfs_write() are both pointless and buggy.\nPointless because ecryptfs_get_locked_page() has already brought the page\nup to date, and buggy because prior mmap writes will just be blown away by\nthe decrypt call.\n\nThis patch also removes the declaration of a now-nonexistent function\necryptfs_write_zeros().\n\nThanks to Eric Sandeen and David Kleikamp for helping to track this\ndown.\n\nEric said:\n\n fsx w/ mmap dies quickly ( \u003c 100 ops) without this, and survives\n nicely (to millions of ops+) with it in place.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Dave Kleikamp \u003cshaggy@austin.ibm.com\u003e\nCc: \u003cstable@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "71fd5179e8d1d4d503b517e0c5374f7c49540bfc", "tree": "987196a5381e6d8e8b614544d1bc3ad4b4531a67", "parents": [ "03fb0bce01490c9bdedad861962c76f987531014" ], "author": { "name": "Cyrill Gorcunov", "email": "gorcunov@gmail.com", "time": "Fri May 23 13:04:20 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 24 09:56:07 2008 -0700" }, "message": "ecryptfs: fix missed mutex_unlock\n\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "79bc12a0a09c2eb1ccbb01c192045f994567bda2", "tree": "184c0e98c967f12b3805ebfbf9c69e6043ca6eb7", "parents": [ "4ec7ffa2df247054d422b48148ad82369a45e986" ], "author": { "name": "Al Viro", "email": "viro@ftp.linux.org.uk", "time": "Wed May 21 06:32:11 2008 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed May 21 16:55:59 2008 -0700" }, "message": "ecryptfs fixes\n\nmemcpy() from userland pointer is a Bad Thing(tm)\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "43f14d856f013a4cc63da2c765617c665274338c", "tree": "f43026859c7fb6c6d9268fb0d6ff05fecb002652", "parents": [ "d850a2fac11e4dd45d1d3d493a5a071b06c58c99" ], "author": { "name": "Cyrill Gorcunov", "email": "gorcunov@gmail.com", "time": "Mon May 12 14:02:40 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue May 13 08:02:26 2008 -0700" }, "message": "eCryptFS: fix imbalanced mutex locking\n\nFix imbalanced calls for mutex lock/unlock on ecryptfs_daemon_hash_mux\nRevealed by Ingo Molnar: http://lkml.org/lkml/2008/5/7/260\n\nSigned-off-by: Cyrill Gorcunov \u003cgorcunov@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8dc4e37362a5dc910d704d52ac6542bfd49ddc2f", "tree": "22f9a2e074a7718c90747bc0458845f54468d4fc", "parents": [ "64d032ba434ad41586460811148f01511e5612f9" ], "author": { "name": "Miklos Szeredi", "email": "mszeredi@suse.cz", "time": "Mon May 12 14:02:04 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue May 13 08:02:23 2008 -0700" }, "message": "ecryptfs: clean up (un)lock_parent\n\ndget(dentry-\u003ed_parent) --\u003e dget_parent(dentry)\n\nunlock_parent() is racy and unnecessary. Replace single caller with\nunlock_dir().\n\nThere are several other suspect uses of -\u003ed_parent in ecryptfs...\n\nSigned-off-by: Miklos Szeredi \u003cmszeredi@suse.cz\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Christoph Hellwig \u003chch@infradead.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "801678c5a3b4c79236970bcca27c733f5559e0d1", "tree": "5ad4761f539525077895f261b64fccda4d1303c4", "parents": [ "9a6f70bbed4e8b72dd340812d7c606bfd5e00b47" ], "author": { "name": "Hirofumi Nakagawa", "email": "hnakagawa@miraclelinux.com", "time": "Tue Apr 29 01:03:09 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:25 2008 -0700" }, "message": "Remove duplicated unlikely() in IS_ERR()\n\nSome drivers have duplicated unlikely() macros. IS_ERR() already has\nunlikely() in itself.\n\nThis patch cleans up such pointless code.\n\nSigned-off-by: Hirofumi Nakagawa \u003chnakagawa@miraclelinux.com\u003e\nAcked-by: David S. Miller \u003cdavem@davemloft.net\u003e\nAcked-by: Jeff Garzik \u003cjeff@garzik.org\u003e\nCc: Paul Clements \u003cpaul.clements@steeleye.com\u003e\nCc: Richard Purdie \u003crpurdie@rpsys.net\u003e\nCc: Alessandro Zummo \u003ca.zummo@towertech.it\u003e\nCc: David Brownell \u003cdavid-b@pacbell.net\u003e\nCc: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Anton Altaparmakov \u003caia21@cantab.net\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Carsten Otte \u003ccotte@de.ibm.com\u003e\nCc: Patrick McHardy \u003ckaber@trash.net\u003e\nCc: Paul Mundt \u003clethal@linux-sh.org\u003e\nCc: Jaroslav Kysela \u003cperex@perex.cz\u003e\nCc: Takashi Iwai \u003ctiwai@suse.de\u003e\nAcked-by: Mike Frysinger \u003cvapier@gentoo.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2f9b12a31fcb738ea8c9eb0d4ddf906c6f1d696c", "tree": "e6cde843b575c2b29396ee2b66af285da68c5a79", "parents": [ "6a3fd92e73fffd9e583650c56ad9558afe51dc5c" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Apr 29 00:59:52 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:07 2008 -0700" }, "message": "eCryptfs: protect crypt_stat-\u003eflags in ecryptfs_open()\n\nMake sure crypt_stat-\u003eflags is protected with a lock in ecryptfs_open().\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Al Viro \u003cviro@ZenIV.linux.org.uk\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6a3fd92e73fffd9e583650c56ad9558afe51dc5c", "tree": "d65917432ffd0e6223dab3500819205433de22bd", "parents": [ "f66e883eb6186bc43a79581b67aff7d1a69d0ff1" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Apr 29 00:59:52 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:07 2008 -0700" }, "message": "eCryptfs: make key module subsystem respect namespaces\n\nMake eCryptfs key module subsystem respect namespaces.\n\nSince I will be removing the netlink interface in a future patch, I just made\nchanges to the netlink.c code so that it will not break the build. With my\nrecent patches, the kernel module currently defaults to the device handle\ninterface rather than the netlink interface.\n\n[akpm@linux-foundation.org: export free_user_ns()]\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f66e883eb6186bc43a79581b67aff7d1a69d0ff1", "tree": "9fc1fb65586ff334a1f8c1afb9a43edf077d338f", "parents": [ "8bf2debd5f7bf12d122124e34fec14af5b1e8ecf" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Apr 29 00:59:51 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:07 2008 -0700" }, "message": "eCryptfs: integrate eCryptfs device handle into the module.\n\nUpdate the versioning information. Make the message types generic. Add an\noutgoing message queue to the daemon struct. Make the functions to parse\nand write the packet lengths available to the rest of the module. Add\nfunctions to create and destroy the daemon structs. Clean up some of the\ncomments and make the code a little more consistent with itself.\n\n[akpm@linux-foundation.org: printk fixes]\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8bf2debd5f7bf12d122124e34fec14af5b1e8ecf", "tree": "faa6ff4ad5a9ec3725279a6408ee783a9e65f35d", "parents": [ "9c3580aa52195699065bc2d7242b1c7e3e6903fa" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Apr 29 00:59:50 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:07 2008 -0700" }, "message": "eCryptfs: introduce device handle for userspace daemon communications\n\nA regular device file was my real preference from the get-go, but I went with\nnetlink at the time because I thought it would be less complex for managing\nsend queues (i.e., just do a unicast and move on). It turns out that we do\nnot really get that much complexity reduction with netlink, and netlink is\nmore heavyweight than a device handle.\n\nIn addition, the netlink interface to eCryptfs has been broken since 2.6.24.\nI am assuming this is a bug in how eCryptfs uses netlink, since the other\nin-kernel users of netlink do not seem to be having any problems. I have had\none report of a user successfully using eCryptfs with netlink on 2.6.24, but\nfor my own systems, when starting the userspace daemon, the initial helo\nmessage sent to the eCryptfs kernel module results in an oops right off the\nbat. I spent some time looking at it, but I have not yet found the cause.\nThe netlink interface breaking gave me the motivation to just finish my patch\nto migrate to a regular device handle. If I cannot find out soon why the\nnetlink interface in eCryptfs broke, I am likely to just send a patch to\ndisable it in 2.6.24 and 2.6.25. I would like the device handle to be the\npreferred means of communicating with the userspace daemon from 2.6.26 on\nforward.\n\nThis patch:\n\nFunctions to facilitate reading and writing to the eCryptfs miscellaneous\ndevice handle. This will replace the netlink interface as the preferred\nmechanism for communicating with the userspace eCryptfs daemon.\n\nEach user has his own daemon, which registers itself by opening the eCryptfs\ndevice handle. Only one daemon per euid may be registered at any given time.\nThe eCryptfs module sends a message to a daemon by adding its message to the\ndaemon\u0027s outgoing message queue. The daemon reads the device handle to get\nthe oldest message off the queue.\n\nIncoming messages from the userspace daemon are immediately handled. If the\nmessage is a response, then the corresponding process that is blocked waiting\nfor the response is awakened.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "9c3580aa52195699065bc2d7242b1c7e3e6903fa", "tree": "975320d4a2369ebffadf7273bb8f86377d03445f", "parents": [ "18d1dbf1d401e8f9d74cf1cf799fdb19cff150c6" ], "author": { "name": "Miklos Szeredi", "email": "mszeredi@suse.cz", "time": "Tue Apr 29 00:59:48 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:07 2008 -0700" }, "message": "ecryptfs: add missing lock around notify_change\n\nCallers of notify_change() need to hold i_mutex.\n\nSigned-off-by: Miklos Szeredi \u003cmszeredi@suse.cz\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "18d1dbf1d401e8f9d74cf1cf799fdb19cff150c6", "tree": "72e1e7061b4f630b971bc5ea7d20ba6e1a509988", "parents": [ "05db67a4f2c14dab5bcaa46c7d4e9237bd11b37c" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Tue Apr 29 00:59:48 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:06 2008 -0700" }, "message": "ecryptfs: replace remaining __FUNCTION__ occurrences\n\n__FUNCTION__ is gcc-specific, use __func__\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "05db67a4f2c14dab5bcaa46c7d4e9237bd11b37c", "tree": "6fde8311a2f3eeafb2617ef66ea4bb98377e9a29", "parents": [ "afe42d7dea2983faa593d289ab241ffdd94d37b3" ], "author": { "name": "Adrian Bunk", "email": "bunk@kernel.org", "time": "Tue Apr 29 00:59:47 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 29 08:06:06 2008 -0700" }, "message": "remove ecryptfs_header_cache_0\n\nRemove the no longer used ecryptfs_header_cache_0.\n\nSigned-off-by: Adrian Bunk \u003cbunk@kernel.org\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "5366dc9fd1cb74023790a8edf29e4fe42c886dcf", "tree": "f8efcd857540859b2dfe831c5fad063de13936bc", "parents": [ "ae66be9b71b12f16b84129860d06bbfe37fbec51" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Mar 19 17:00:58 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Mar 19 18:53:36 2008 -0700" }, "message": "eCryptfs: Swap dput() and mntput()\n\necryptfs_d_release() is doing a mntput before doing the dput. This patch\nmoves the dput before the mntput.\n\nThanks to Rajouri Jammu for reporting this.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Rajouri Jammu \u003crajouri.jammu@gmail.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "e4465fdaeb3f7b5ef47f389d3eac76db79ff20d8", "tree": "11dd43980a7df9ba7875a4d5fb55085d152bbdc6", "parents": [ "87ffbe679e21cbf82ff8e3302520ff0ea2beed9a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Tue Mar 04 14:29:24 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Mar 04 16:35:16 2008 -0800" }, "message": "eCryptfs: make ecryptfs_prepare_write decrypt the page\n\nWhen the page is not up to date, ecryptfs_prepare_write() should be\nacting much like ecryptfs_readpage(). This includes the painfully\nobvious step of actually decrypting the page contents read from the\nlower encrypted file.\n\nNote that this patch resolves a bug in eCryptfs in 2.6.24 that one can\nproduce with these steps:\n\n# mount -t ecryptfs /secret /secret\n# echo \"abc\" \u003e /secret/file.txt\n# umount /secret\n# mount -t ecryptfs /secret /secret\n# echo \"def\" \u003e\u003e /secret/file.txt\n# cat /secret/file.txt\n\nWithout this patch, the resulting data returned from cat is likely to\nbe something other than \"abc\\ndef\\n\".\n\n(Thanks to Benedikt Driessen for reporting this.)\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Benedikt Driessen \u003cbdriessen@escrypt.com\u003e\nCc: \u003cstable@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "1d957f9bf87da74f420424d16ece005202bbebd3", "tree": "363d4770c0c74a536524c99ccd2762ce96ee9bbe", "parents": [ "4ac9137858e08a19f29feac4e1f4df7c268b0ba5" ], "author": { "name": "Jan Blunck", "email": "jblunck@suse.de", "time": "Thu Feb 14 19:34:35 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Thu Feb 14 21:13:33 2008 -0800" }, "message": "Introduce path_put()\n\n* Add path_put() functions for releasing a reference to the dentry and\n vfsmount of a struct path in the right order\n\n* Switch from path_release(nd) to path_put(\u0026nd-\u003epath)\n\n* Rename dput_path() to path_put_conditional()\n\n[akpm@linux-foundation.org: fix cifs]\nSigned-off-by: Jan Blunck \u003cjblunck@suse.de\u003e\nSigned-off-by: Andreas Gruenbacher \u003cagruen@suse.de\u003e\nAcked-by: Christoph Hellwig \u003chch@lst.de\u003e\nCc: \u003clinux-fsdevel@vger.kernel.org\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Steven French \u003csfrench@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "4ac9137858e08a19f29feac4e1f4df7c268b0ba5", "tree": "f5b5d84fd12fcc2b0ba0e7ce1a79ff381ad8f5dd", "parents": [ "c5e725f33b733a77de622e91b6ba5645fcf070be" ], "author": { "name": "Jan Blunck", "email": "jblunck@suse.de", "time": "Thu Feb 14 19:34:32 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Thu Feb 14 21:13:33 2008 -0800" }, "message": "Embed a struct path into struct nameidata instead of nd-\u003e{dentry,mnt}\n\nThis is the central patch of a cleanup series. In most cases there is no good\nreason why someone would want to use a dentry for itself. This series reflects\nthat fact and embeds a struct path into nameidata.\n\nTogether with the other patches of this series\n- it enforced the correct order of getting/releasing the reference count on\n \u003cdentry,vfsmount\u003e pairs\n- it prepares the VFS for stacking support since it is essential to have a\n struct path in every place where the stack can be traversed\n- it reduces the overall code size:\n\nwithout patch series:\n text data bss dec hex filename\n5321639 858418 715768 6895825 6938d1 vmlinux\n\nwith patch series:\n text data bss dec hex filename\n5320026 858418 715768 6894212 693284 vmlinux\n\nThis patch:\n\nSwitch from nd-\u003e{dentry,mnt} to nd-\u003epath.{dentry,mnt} everywhere.\n\n[akpm@linux-foundation.org: coding-style fixes]\n[akpm@linux-foundation.org: fix cifs]\n[akpm@linux-foundation.org: fix smack]\nSigned-off-by: Jan Blunck \u003cjblunck@suse.de\u003e\nSigned-off-by: Andreas Gruenbacher \u003cagruen@suse.de\u003e\nAcked-by: Christoph Hellwig \u003chch@lst.de\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "af440f52927e4b6941aa94e3cfc698adb0f22663", "tree": "00a7fdc2b09e8e6146f0fd0bc055688d58eea939", "parents": [ "19e66a67e9b25874cd5e184e7d381ce1b955df11" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Feb 06 01:38:37 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:13 2008 -0800" }, "message": "ecryptfs: check for existing key_tfm at mount time\n\nJeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same\ncipher \u0026 other mount options, created a new ecryptfs_key_tfm_cache item\neach time, and the cache could grow quite large this way.\n\nLooking at this with mhalcrow, we saw that ecryptfs_parse_options()\nunconditionally called ecryptfs_add_new_key_tfm(), which is what was adding\nthese items.\n\nRefactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new\nhelper function, ecryptfs_tfm_exists(), which checks for the cipher on the\ncached key_tfm_list, and sets a pointer to it if it exists. This can then\nbe called from ecryptfs_parse_options(), and new key_tfm\u0027s can be added\nonly when a cached one is not found.\n\nWith list locking changes suggested by akpm.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Jeff Moyer \u003cjmoyer@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "19e66a67e9b25874cd5e184e7d381ce1b955df11", "tree": "6dfd5c9771a99ddf7f3978ff6be466267727e2d5", "parents": [ "25bd8174036036f427b039e4857feac6c6912a37" ], "author": { "name": "Trevor Highland", "email": "thighlan@gmail.com", "time": "Wed Feb 06 01:38:36 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:13 2008 -0800" }, "message": "eCryptfs: change the type of cipher_code from u16 to u8\n\nOnly the lower byte of cipher_code is ever used, so it makes sense\nfor its type to be u8.\n\nSigned-off-by: Trevor Highland \u003ctrevor.highland@gmail.com\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "25bd8174036036f427b039e4857feac6c6912a37", "tree": "89c15ca0adb40cd5b4c00b627de74d342a851fa4", "parents": [ "2830bfd6cf66133c86d4a32004fd99c3de7e23bf" ], "author": { "name": "Michael Halcrow", "email": "mike@halcrow.us", "time": "Wed Feb 06 01:38:35 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: Minor fixes to printk messages\n\nThe printk statements that result when the user does not have the\nproper key available could use some refining.\n\nSigned-off-by: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2830bfd6cf66133c86d4a32004fd99c3de7e23bf", "tree": "51f68453ad6b5a3a75667385369bbd9b5ba8a02c", "parents": [ "99db6e4a9764887842006a2b1aa804de6171db42" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Feb 06 01:38:34 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "ecryptfs: remove debug as mount option, and warn if set via modprobe\n\necryptfs_debug really should not be a mount option; it is not per-mount,\nbut rather sets a global \"ecryptfs_verbosity\" variable which affects all\nmounted filesysytems. It\u0027s already settable as a module load option,\nI think we can leave it at that.\n\nAlso, if set, since secret values come out in debug messages, kick\nthings off with a stern warning.\n\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Mike Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "99db6e4a9764887842006a2b1aa804de6171db42", "tree": "5d45cd3f74aaeeb9209dea2e9a00d197d4e2cc06", "parents": [ "8e3a6f16ba5874b69968cd450334829262513fd1" ], "author": { "name": "Eric Sandeen", "email": "sandeen@redhat.com", "time": "Wed Feb 06 01:38:34 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "ecryptfs: make show_options reflect actual mount options\n\nChange ecryptfs_show_options to reflect the actual mount options in use.\nNote that this does away with the \"dir\u003d\" output, which is not a valid mount\noption and appears to be unused.\n\nMount options such as \"ecryptfs_verbose\" and \"ecryptfs_xattr_metadata\" are\nsomewhat indeterminate for a given fs, but in any case the reported mount\noptions can be used in a new mount command to get the same behavior.\n\n[akpm@linux-foundation.org: fix printk warning]\nSigned-off-by: Eric Sandeen \u003csandeen@redhat.com\u003e\nAcked-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8e3a6f16ba5874b69968cd450334829262513fd1", "tree": "ae5f8535f87377c101eabda9c5508725f5f2b7bd", "parents": [ "cc11beffdf80ca31dff21422fa2a5e54d25f1494" ], "author": { "name": "Trevor Highland", "email": "trevor.highland@gmail.com", "time": "Wed Feb 06 01:38:33 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: set inode key only once per crypto operation\n\nThere is no need to keep re-setting the same key for any given eCryptfs inode.\nThis patch optimizes the use of the crypto API and helps performance a bit.\n\nSigned-off-by: Trevor Highland \u003ctrevor.highland@gmail.com\u003e\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "cc11beffdf80ca31dff21422fa2a5e54d25f1494", "tree": "3b0e28d18f493a7c59b089c4c6fc59c79945937e", "parents": [ "7896b631823c6e8f1a520d89390624a51445840e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Feb 06 01:38:32 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Wed Feb 06 10:41:12 2008 -0800" }, "message": "eCryptfs: track header bytes rather than extents\n\nRemove internal references to header extents; just keep track of header bytes\ninstead. Headers can easily span multiple pages with the recent persistent\nfile changes.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" } ], "next": "7896b631823c6e8f1a520d89390624a51445840e" }