messaging.c 13.5 KB
Newer Older
1 2 3
/**
 * eCryptfs: Linux filesystem encryption layer
 *
4
 * Copyright (C) 2004-2008 International Business Machines Corp.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
 *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
 *		Tyler Hicks <tyhicks@ou.edu>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version
 * 2 as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 * 02111-1307, USA.
 */
22
#include <linux/sched.h>
23
#include <linux/slab.h>
24 25
#include <linux/user_namespace.h>
#include <linux/nsproxy.h>
26 27
#include "ecryptfs_kernel.h"

28 29 30
static LIST_HEAD(ecryptfs_msg_ctx_free_list);
static LIST_HEAD(ecryptfs_msg_ctx_alloc_list);
static struct mutex ecryptfs_msg_ctx_lists_mux;
31

32 33
static struct hlist_head *ecryptfs_daemon_hash;
struct mutex ecryptfs_daemon_hash_mux;
34
static int ecryptfs_hash_bits;
35
#define ecryptfs_current_euid_hash(uid) \
36
	hash_long((unsigned long)from_kuid(&init_user_ns, current_euid()), ecryptfs_hash_bits)
37

38
static u32 ecryptfs_msg_counter;
39
static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
40 41 42 43 44 45

/**
 * ecryptfs_acquire_free_msg_ctx
 * @msg_ctx: The context that was acquired from the free list
 *
 * Acquires a context element from the free list and locks the mutex
46 47 48 49
 * on the context.  Sets the msg_ctx task to current.  Returns zero on
 * success; non-zero on error or upon failure to acquire a free
 * context element.  Must be called with ecryptfs_msg_ctx_lists_mux
 * held.
50 51 52 53 54 55 56
 */
static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
{
	struct list_head *p;
	int rc;

	if (list_empty(&ecryptfs_msg_ctx_free_list)) {
57 58 59 60 61
		printk(KERN_WARNING "%s: The eCryptfs free "
		       "context list is empty.  It may be helpful to "
		       "specify the ecryptfs_message_buf_len "
		       "parameter to be greater than the current "
		       "value of [%d]\n", __func__, ecryptfs_message_buf_len);
62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
		rc = -ENOMEM;
		goto out;
	}
	list_for_each(p, &ecryptfs_msg_ctx_free_list) {
		*msg_ctx = list_entry(p, struct ecryptfs_msg_ctx, node);
		if (mutex_trylock(&(*msg_ctx)->mux)) {
			(*msg_ctx)->task = current;
			rc = 0;
			goto out;
		}
	}
	rc = -ENOMEM;
out:
	return rc;
}

/**
 * ecryptfs_msg_ctx_free_to_alloc
 * @msg_ctx: The context to move from the free list to the alloc list
 *
82
 * Must be called with ecryptfs_msg_ctx_lists_mux held.
83 84 85 86 87 88 89 90 91 92 93 94
 */
static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
{
	list_move(&msg_ctx->node, &ecryptfs_msg_ctx_alloc_list);
	msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_PENDING;
	msg_ctx->counter = ++ecryptfs_msg_counter;
}

/**
 * ecryptfs_msg_ctx_alloc_to_free
 * @msg_ctx: The context to move from the alloc list to the free list
 *
95
 * Must be called with ecryptfs_msg_ctx_lists_mux held.
96
 */
97
void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx)
98 99
{
	list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list);
100
	kfree(msg_ctx->msg);
101
	msg_ctx->msg = NULL;
102 103 104 105
	msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE;
}

/**
106 107
 * ecryptfs_find_daemon_by_euid
 * @daemon: If return value is zero, points to the desired daemon pointer
108
 *
109 110
 * Must be called with ecryptfs_daemon_hash_mux held.
 *
111
 * Search the hash list for the current effective user id.
112 113
 *
 * Returns zero if the user id exists in the list; non-zero otherwise.
114
 */
115
int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon)
116 117 118
{
	int rc;

119
	hlist_for_each_entry(*daemon,
120 121
			    &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()],
			    euid_chain) {
122
		if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) {
123 124 125 126 127 128 129 130 131
			rc = 0;
			goto out;
		}
	}
	rc = -EINVAL;
out:
	return rc;
}

132 133 134
/**
 * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
 * @daemon: Pointer to set to newly allocated daemon struct
135
 * @file: File used when opening /dev/ecryptfs
136 137 138 139 140 141 142
 *
 * Must be called ceremoniously while in possession of
 * ecryptfs_sacred_daemon_hash_mux
 *
 * Returns zero on success; non-zero otherwise
 */
int
143
ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, struct file *file)
144 145 146 147 148 149 150 151
{
	int rc = 0;

	(*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL);
	if (!(*daemon)) {
		rc = -ENOMEM;
		goto out;
	}
152
	(*daemon)->file = file;
153 154 155 156 157
	mutex_init(&(*daemon)->mux);
	INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue);
	init_waitqueue_head(&(*daemon)->wait);
	(*daemon)->num_queued_msg_ctx = 0;
	hlist_add_head(&(*daemon)->euid_chain,
158
		       &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()]);
159
out:
160 161 162
	return rc;
}

163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190
/**
 * ecryptfs_exorcise_daemon - Destroy the daemon struct
 *
 * Must be called ceremoniously while in possession of
 * ecryptfs_daemon_hash_mux and the daemon's own mux.
 */
int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon)
{
	struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp;
	int rc = 0;

	mutex_lock(&daemon->mux);
	if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ)
	    || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) {
		rc = -EBUSY;
		mutex_unlock(&daemon->mux);
		goto out;
	}
	list_for_each_entry_safe(msg_ctx, msg_ctx_tmp,
				 &daemon->msg_ctx_out_queue, daemon_out_list) {
		list_del(&msg_ctx->daemon_out_list);
		daemon->num_queued_msg_ctx--;
		printk(KERN_WARNING "%s: Warning: dropping message that is in "
		       "the out queue of a dying daemon\n", __func__);
		ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
	}
	hlist_del(&daemon->euid_chain);
	mutex_unlock(&daemon->mux);
Johannes Weiner's avatar
Johannes Weiner committed
191
	kzfree(daemon);
192
out:
193 194 195 196 197 198
	return rc;
}

/**
 * ecryptfs_process_reponse
 * @msg: The ecryptfs message received; the caller should sanity check
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214
 *       msg->data_len and free the memory
 * @seq: The sequence number of the message; must match the sequence
 *       number for the existing message context waiting for this
 *       response
 *
 * Processes a response message after sending an operation request to
 * userspace. Some other process is awaiting this response. Before
 * sending out its first communications, the other process allocated a
 * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
 * response message contains this index so that we can copy over the
 * response message into the msg_ctx that the process holds a
 * reference to. The other process is going to wake up, check to see
 * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
 * proceed to read off and process the response message. Returns zero
 * upon delivery to desired context element; non-zero upon delivery
 * failure or error.
215
 *
216
 * Returns zero on success; non-zero otherwise
217
 */
218 219
int ecryptfs_process_response(struct ecryptfs_daemon *daemon,
			      struct ecryptfs_message *msg, u32 seq)
220 221
{
	struct ecryptfs_msg_ctx *msg_ctx;
222
	size_t msg_size;
223 224 225 226
	int rc;

	if (msg->index >= ecryptfs_message_buf_len) {
		rc = -EINVAL;
227 228 229 230
		printk(KERN_ERR "%s: Attempt to reference "
		       "context buffer at index [%d]; maximum "
		       "allowable is [%d]\n", __func__, msg->index,
		       (ecryptfs_message_buf_len - 1));
231 232 233 234 235 236
		goto out;
	}
	msg_ctx = &ecryptfs_msg_ctx_arr[msg->index];
	mutex_lock(&msg_ctx->mux);
	if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
		rc = -EINVAL;
237 238
		printk(KERN_WARNING "%s: Desired context element is not "
		       "pending a response\n", __func__);
239 240 241
		goto unlock;
	} else if (msg_ctx->counter != seq) {
		rc = -EINVAL;
242 243 244
		printk(KERN_WARNING "%s: Invalid message sequence; "
		       "expected [%d]; received [%d]\n", __func__,
		       msg_ctx->counter, seq);
245 246
		goto unlock;
	}
247
	msg_size = (sizeof(*msg) + msg->data_len);
248
	msg_ctx->msg = kmemdup(msg, msg_size, GFP_KERNEL);
249 250 251 252 253 254
	if (!msg_ctx->msg) {
		rc = -ENOMEM;
		goto unlock;
	}
	msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_DONE;
	wake_up_process(msg_ctx->task);
255
	rc = 0;
256 257 258 259 260 261 262
unlock:
	mutex_unlock(&msg_ctx->mux);
out:
	return rc;
}

/**
263
 * ecryptfs_send_message_locked
264 265 266
 * @data: The data to send
 * @data_len: The length of data
 * @msg_ctx: The message context allocated for the send
267 268 269 270
 *
 * Must be called with ecryptfs_daemon_hash_mux held.
 *
 * Returns zero on success; non-zero otherwise
271
 */
272
static int
273 274
ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,
			     struct ecryptfs_msg_ctx **msg_ctx)
275
{
276
	struct ecryptfs_daemon *daemon;
277 278
	int rc;

279
	rc = ecryptfs_find_daemon_by_euid(&daemon);
280
	if (rc) {
281 282 283 284 285 286 287
		rc = -ENOTCONN;
		goto out;
	}
	mutex_lock(&ecryptfs_msg_ctx_lists_mux);
	rc = ecryptfs_acquire_free_msg_ctx(msg_ctx);
	if (rc) {
		mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
288 289
		printk(KERN_WARNING "%s: Could not claim a free "
		       "context element\n", __func__);
290 291 292 293 294
		goto out;
	}
	ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);
	mutex_unlock(&(*msg_ctx)->mux);
	mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
295 296
	rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 0,
				   daemon);
297 298 299
	if (rc)
		printk(KERN_ERR "%s: Error attempting to send message to "
		       "userspace daemon; rc = [%d]\n", __func__, rc);
300 301 302 303
out:
	return rc;
}

304 305 306 307 308 309 310 311 312 313
/**
 * ecryptfs_send_message
 * @data: The data to send
 * @data_len: The length of data
 * @msg_ctx: The message context allocated for the send
 *
 * Grabs ecryptfs_daemon_hash_mux.
 *
 * Returns zero on success; non-zero otherwise
 */
314
int ecryptfs_send_message(char *data, int data_len,
315 316 317 318 319
			  struct ecryptfs_msg_ctx **msg_ctx)
{
	int rc;

	mutex_lock(&ecryptfs_daemon_hash_mux);
320 321
	rc = ecryptfs_send_message_locked(data, data_len, ECRYPTFS_MSG_REQUEST,
					  msg_ctx);
322 323 324 325
	mutex_unlock(&ecryptfs_daemon_hash_mux);
	return rc;
}

326 327 328 329 330 331 332 333 334
/**
 * ecryptfs_wait_for_response
 * @msg_ctx: The context that was assigned when sending a message
 * @msg: The incoming message from userspace; not set if rc != 0
 *
 * Sleeps until awaken by ecryptfs_receive_message or until the amount
 * of time exceeds ecryptfs_message_wait_timeout.  If zero is
 * returned, msg will point to a valid message from userspace; a
 * non-zero value is returned upon failure to receive a message or an
335
 * error occurs. Callee must free @msg on success.
336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363
 */
int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
			       struct ecryptfs_message **msg)
{
	signed long timeout = ecryptfs_message_wait_timeout * HZ;
	int rc = 0;

sleep:
	timeout = schedule_timeout_interruptible(timeout);
	mutex_lock(&ecryptfs_msg_ctx_lists_mux);
	mutex_lock(&msg_ctx->mux);
	if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_DONE) {
		if (timeout) {
			mutex_unlock(&msg_ctx->mux);
			mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
			goto sleep;
		}
		rc = -ENOMSG;
	} else {
		*msg = msg_ctx->msg;
		msg_ctx->msg = NULL;
	}
	ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
	mutex_unlock(&msg_ctx->mux);
	mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
	return rc;
}

364
int __init ecryptfs_init_messaging(void)
365 366 367 368 369 370
{
	int i;
	int rc = 0;

	if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) {
		ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS;
371 372 373
		printk(KERN_WARNING "%s: Specified number of users is "
		       "too large, defaulting to [%d] users\n", __func__,
		       ecryptfs_number_of_users);
374
	}
375 376
	mutex_init(&ecryptfs_daemon_hash_mux);
	mutex_lock(&ecryptfs_daemon_hash_mux);
377 378 379
	ecryptfs_hash_bits = 1;
	while (ecryptfs_number_of_users >> ecryptfs_hash_bits)
		ecryptfs_hash_bits++;
380
	ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head)
381 382
					* (1 << ecryptfs_hash_bits)),
				       GFP_KERNEL);
383
	if (!ecryptfs_daemon_hash) {
384
		rc = -ENOMEM;
385
		mutex_unlock(&ecryptfs_daemon_hash_mux);
386 387
		goto out;
	}
388
	for (i = 0; i < (1 << ecryptfs_hash_bits); i++)
389 390
		INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]);
	mutex_unlock(&ecryptfs_daemon_hash_mux);
391
	ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx)
392 393
					* ecryptfs_message_buf_len),
				       GFP_KERNEL);
394 395 396 397 398 399 400 401 402
	if (!ecryptfs_msg_ctx_arr) {
		rc = -ENOMEM;
		goto out;
	}
	mutex_init(&ecryptfs_msg_ctx_lists_mux);
	mutex_lock(&ecryptfs_msg_ctx_lists_mux);
	ecryptfs_msg_counter = 0;
	for (i = 0; i < ecryptfs_message_buf_len; i++) {
		INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node);
403
		INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list);
404 405 406 407 408 409 410 411 412 413 414 415
		mutex_init(&ecryptfs_msg_ctx_arr[i].mux);
		mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
		ecryptfs_msg_ctx_arr[i].index = i;
		ecryptfs_msg_ctx_arr[i].state = ECRYPTFS_MSG_CTX_STATE_FREE;
		ecryptfs_msg_ctx_arr[i].counter = 0;
		ecryptfs_msg_ctx_arr[i].task = NULL;
		ecryptfs_msg_ctx_arr[i].msg = NULL;
		list_add_tail(&ecryptfs_msg_ctx_arr[i].node,
			      &ecryptfs_msg_ctx_free_list);
		mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
	}
	mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
416 417 418
	rc = ecryptfs_init_ecryptfs_miscdev();
	if (rc)
		ecryptfs_release_messaging();
419 420 421 422
out:
	return rc;
}

423
void ecryptfs_release_messaging(void)
424 425 426 427 428 429 430
{
	if (ecryptfs_msg_ctx_arr) {
		int i;

		mutex_lock(&ecryptfs_msg_ctx_lists_mux);
		for (i = 0; i < ecryptfs_message_buf_len; i++) {
			mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
431
			kfree(ecryptfs_msg_ctx_arr[i].msg);
432 433 434 435 436
			mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
		}
		kfree(ecryptfs_msg_ctx_arr);
		mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
	}
437 438
	if (ecryptfs_daemon_hash) {
		struct ecryptfs_daemon *daemon;
439
		struct hlist_node *n;
440 441
		int i;

442
		mutex_lock(&ecryptfs_daemon_hash_mux);
443
		for (i = 0; i < (1 << ecryptfs_hash_bits); i++) {
444 445
			int rc;

446 447 448
			hlist_for_each_entry_safe(daemon, n,
						  &ecryptfs_daemon_hash[i],
						  euid_chain) {
449 450 451 452 453 454 455
				rc = ecryptfs_exorcise_daemon(daemon);
				if (rc)
					printk(KERN_ERR "%s: Error whilst "
					       "attempting to destroy daemon; "
					       "rc = [%d]. Dazed and confused, "
					       "but trying to continue.\n",
					       __func__, rc);
456 457
			}
		}
458 459
		kfree(ecryptfs_daemon_hash);
		mutex_unlock(&ecryptfs_daemon_hash_mux);
460
	}
461
	ecryptfs_destroy_ecryptfs_miscdev();
462 463
	return;
}