fs/ecryptfs/messaging.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * eCryptfs: Linux filesystem encryption layer
0004  *
0005  * Copyright (C) 2004-2008 International Business Machines Corp.
0006  *   Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
0007  *      Tyler Hicks <code@tyhicks.com>
0008  */
0009 #include <linux/sched.h>
0010 #include <linux/slab.h>
0011 #include <linux/user_namespace.h>
0012 #include <linux/nsproxy.h>
0013 #include "ecryptfs_kernel.h"
0014
0015 static LIST_HEAD(ecryptfs_msg_ctx_free_list);
0016 static LIST_HEAD(ecryptfs_msg_ctx_alloc_list);
0017 static DEFINE_MUTEX(ecryptfs_msg_ctx_lists_mux);
0018
0019 static struct hlist_head *ecryptfs_daemon_hash;
0020 DEFINE_MUTEX(ecryptfs_daemon_hash_mux);
0021 static int ecryptfs_hash_bits;
0022 #define ecryptfs_current_euid_hash(uid) \
0023     hash_long((unsigned long)from_kuid(&init_user_ns, current_euid()), ecryptfs_hash_bits)
0024
0025 static u32 ecryptfs_msg_counter;
0026 static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
0027
0028 /**
0029  * ecryptfs_acquire_free_msg_ctx
0030  * @msg_ctx: The context that was acquired from the free list
0031  *
0032  * Acquires a context element from the free list and locks the mutex
0033  * on the context.  Sets the msg_ctx task to current.  Returns zero on
0034  * success; non-zero on error or upon failure to acquire a free
0035  * context element.  Must be called with ecryptfs_msg_ctx_lists_mux
0036  * held.
0037  */
0038 static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
0039 {
0040     struct list_head *p;
0041     int rc;
0042
0043     if (list_empty(&ecryptfs_msg_ctx_free_list)) {
0044         printk(KERN_WARNING "%s: The eCryptfs free "
0045                "context list is empty.  It may be helpful to "
0046                "specify the ecryptfs_message_buf_len "
0047                "parameter to be greater than the current "
0048                "value of [%d]\n", __func__, ecryptfs_message_buf_len);
0049         rc = -ENOMEM;
0050         goto out;
0051     }
0052     list_for_each(p, &ecryptfs_msg_ctx_free_list) {
0053         *msg_ctx = list_entry(p, struct ecryptfs_msg_ctx, node);
0054         if (mutex_trylock(&(*msg_ctx)->mux)) {
0055             (*msg_ctx)->task = current;
0056             rc = 0;
0057             goto out;
0058         }
0059     }
0060     rc = -ENOMEM;
0061 out:
0062     return rc;
0063 }
0064
0065 /**
0066  * ecryptfs_msg_ctx_free_to_alloc
0067  * @msg_ctx: The context to move from the free list to the alloc list
0068  *
0069  * Must be called with ecryptfs_msg_ctx_lists_mux held.
0070  */
0071 static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
0072 {
0073     list_move(&msg_ctx->node, &ecryptfs_msg_ctx_alloc_list);
0074     msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_PENDING;
0075     msg_ctx->counter = ++ecryptfs_msg_counter;
0076 }
0077
0078 /**
0079  * ecryptfs_msg_ctx_alloc_to_free
0080  * @msg_ctx: The context to move from the alloc list to the free list
0081  *
0082  * Must be called with ecryptfs_msg_ctx_lists_mux held.
0083  */
0084 void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx)
0085 {
0086     list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list);
0087     kfree(msg_ctx->msg);
0088     msg_ctx->msg = NULL;
0089     msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE;
0090 }
0091
0092 /**
0093  * ecryptfs_find_daemon_by_euid
0094  * @daemon: If return value is zero, points to the desired daemon pointer
0095  *
0096  * Must be called with ecryptfs_daemon_hash_mux held.
0097  *
0098  * Search the hash list for the current effective user id.
0099  *
0100  * Returns zero if the user id exists in the list; non-zero otherwise.
0101  */
0102 int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon)
0103 {
0104     int rc;
0105
0106     hlist_for_each_entry(*daemon,
0107                 &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()],
0108                 euid_chain) {
0109         if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) {
0110             rc = 0;
0111             goto out;
0112         }
0113     }
0114     rc = -EINVAL;
0115 out:
0116     return rc;
0117 }
0118
0119 /**
0120  * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
0121  * @daemon: Pointer to set to newly allocated daemon struct
0122  * @file: File used when opening /dev/ecryptfs
0123  *
0124  * Must be called ceremoniously while in possession of
0125  * ecryptfs_sacred_daemon_hash_mux
0126  *
0127  * Returns zero on success; non-zero otherwise
0128  */
0129 int
0130 ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, struct file *file)
0131 {
0132     int rc = 0;
0133
0134     (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL);
0135     if (!(*daemon)) {
0136         rc = -ENOMEM;
0137         goto out;
0138     }
0139     (*daemon)->file = file;
0140     mutex_init(&(*daemon)->mux);
0141     INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue);
0142     init_waitqueue_head(&(*daemon)->wait);
0143     (*daemon)->num_queued_msg_ctx = 0;
0144     hlist_add_head(&(*daemon)->euid_chain,
0145                &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()]);
0146 out:
0147     return rc;
0148 }
0149
0150 /*
0151  * ecryptfs_exorcise_daemon - Destroy the daemon struct
0152  *
0153  * Must be called ceremoniously while in possession of
0154  * ecryptfs_daemon_hash_mux and the daemon's own mux.
0155  */
0156 int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon)
0157 {
0158     struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp;
0159     int rc = 0;
0160
0161     mutex_lock(&daemon->mux);
0162     if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ)
0163         || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) {
0164         rc = -EBUSY;
0165         mutex_unlock(&daemon->mux);
0166         goto out;
0167     }
0168     list_for_each_entry_safe(msg_ctx, msg_ctx_tmp,
0169                  &daemon->msg_ctx_out_queue, daemon_out_list) {
0170         list_del(&msg_ctx->daemon_out_list);
0171         daemon->num_queued_msg_ctx--;
0172         printk(KERN_WARNING "%s: Warning: dropping message that is in "
0173                "the out queue of a dying daemon\n", __func__);
0174         ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
0175     }
0176     hlist_del(&daemon->euid_chain);
0177     mutex_unlock(&daemon->mux);
0178     kfree_sensitive(daemon);
0179 out:
0180     return rc;
0181 }
0182
0183 /**
0184  * ecryptfs_process_response
0185  * @daemon: eCryptfs daemon object
0186  * @msg: The ecryptfs message received; the caller should sanity check
0187  *       msg->data_len and free the memory
0188  * @seq: The sequence number of the message; must match the sequence
0189  *       number for the existing message context waiting for this
0190  *       response
0191  *
0192  * Processes a response message after sending an operation request to
0193  * userspace. Some other process is awaiting this response. Before
0194  * sending out its first communications, the other process allocated a
0195  * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
0196  * response message contains this index so that we can copy over the
0197  * response message into the msg_ctx that the process holds a
0198  * reference to. The other process is going to wake up, check to see
0199  * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
0200  * proceed to read off and process the response message. Returns zero
0201  * upon delivery to desired context element; non-zero upon delivery
0202  * failure or error.
0203  *
0204  * Returns zero on success; non-zero otherwise
0205  */
0206 int ecryptfs_process_response(struct ecryptfs_daemon *daemon,
0207                   struct ecryptfs_message *msg, u32 seq)
0208 {
0209     struct ecryptfs_msg_ctx *msg_ctx;
0210     size_t msg_size;
0211     int rc;
0212
0213     if (msg->index >= ecryptfs_message_buf_len) {
0214         rc = -EINVAL;
0215         printk(KERN_ERR "%s: Attempt to reference "
0216                "context buffer at index [%d]; maximum "
0217                "allowable is [%d]\n", __func__, msg->index,
0218                (ecryptfs_message_buf_len - 1));
0219         goto out;
0220     }
0221     msg_ctx = &ecryptfs_msg_ctx_arr[msg->index];
0222     mutex_lock(&msg_ctx->mux);
0223     if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
0224         rc = -EINVAL;
0225         printk(KERN_WARNING "%s: Desired context element is not "
0226                "pending a response\n", __func__);
0227         goto unlock;
0228     } else if (msg_ctx->counter != seq) {
0229         rc = -EINVAL;
0230         printk(KERN_WARNING "%s: Invalid message sequence; "
0231                "expected [%d]; received [%d]\n", __func__,
0232                msg_ctx->counter, seq);
0233         goto unlock;
0234     }
0235     msg_size = (sizeof(*msg) + msg->data_len);
0236     msg_ctx->msg = kmemdup(msg, msg_size, GFP_KERNEL);
0237     if (!msg_ctx->msg) {
0238         rc = -ENOMEM;
0239         goto unlock;
0240     }
0241     msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_DONE;
0242     wake_up_process(msg_ctx->task);
0243     rc = 0;
0244 unlock:
0245     mutex_unlock(&msg_ctx->mux);
0246 out:
0247     return rc;
0248 }
0249
0250 /**
0251  * ecryptfs_send_message_locked
0252  * @data: The data to send
0253  * @data_len: The length of data
0254  * @msg_type: Type of message
0255  * @msg_ctx: The message context allocated for the send
0256  *
0257  * Must be called with ecryptfs_daemon_hash_mux held.
0258  *
0259  * Returns zero on success; non-zero otherwise
0260  */
0261 static int
0262 ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,
0263                  struct ecryptfs_msg_ctx **msg_ctx)
0264 {
0265     struct ecryptfs_daemon *daemon;
0266     int rc;
0267
0268     rc = ecryptfs_find_daemon_by_euid(&daemon);
0269     if (rc) {
0270         rc = -ENOTCONN;
0271         goto out;
0272     }
0273     mutex_lock(&ecryptfs_msg_ctx_lists_mux);
0274     rc = ecryptfs_acquire_free_msg_ctx(msg_ctx);
0275     if (rc) {
0276         mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0277         printk(KERN_WARNING "%s: Could not claim a free "
0278                "context element\n", __func__);
0279         goto out;
0280     }
0281     ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);
0282     mutex_unlock(&(*msg_ctx)->mux);
0283     mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0284     rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 0,
0285                    daemon);
0286     if (rc)
0287         printk(KERN_ERR "%s: Error attempting to send message to "
0288                "userspace daemon; rc = [%d]\n", __func__, rc);
0289 out:
0290     return rc;
0291 }
0292
0293 /**
0294  * ecryptfs_send_message
0295  * @data: The data to send
0296  * @data_len: The length of data
0297  * @msg_ctx: The message context allocated for the send
0298  *
0299  * Grabs ecryptfs_daemon_hash_mux.
0300  *
0301  * Returns zero on success; non-zero otherwise
0302  */
0303 int ecryptfs_send_message(char *data, int data_len,
0304               struct ecryptfs_msg_ctx **msg_ctx)
0305 {
0306     int rc;
0307
0308     mutex_lock(&ecryptfs_daemon_hash_mux);
0309     rc = ecryptfs_send_message_locked(data, data_len, ECRYPTFS_MSG_REQUEST,
0310                       msg_ctx);
0311     mutex_unlock(&ecryptfs_daemon_hash_mux);
0312     return rc;
0313 }
0314
0315 /**
0316  * ecryptfs_wait_for_response
0317  * @msg_ctx: The context that was assigned when sending a message
0318  * @msg: The incoming message from userspace; not set if rc != 0
0319  *
0320  * Sleeps until awaken by ecryptfs_receive_message or until the amount
0321  * of time exceeds ecryptfs_message_wait_timeout.  If zero is
0322  * returned, msg will point to a valid message from userspace; a
0323  * non-zero value is returned upon failure to receive a message or an
0324  * error occurs. Callee must free @msg on success.
0325  */
0326 int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
0327                    struct ecryptfs_message **msg)
0328 {
0329     signed long timeout = ecryptfs_message_wait_timeout * HZ;
0330     int rc = 0;
0331
0332 sleep:
0333     timeout = schedule_timeout_interruptible(timeout);
0334     mutex_lock(&ecryptfs_msg_ctx_lists_mux);
0335     mutex_lock(&msg_ctx->mux);
0336     if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_DONE) {
0337         if (timeout) {
0338             mutex_unlock(&msg_ctx->mux);
0339             mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0340             goto sleep;
0341         }
0342         rc = -ENOMSG;
0343     } else {
0344         *msg = msg_ctx->msg;
0345         msg_ctx->msg = NULL;
0346     }
0347     ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
0348     mutex_unlock(&msg_ctx->mux);
0349     mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0350     return rc;
0351 }
0352
0353 int __init ecryptfs_init_messaging(void)
0354 {
0355     int i;
0356     int rc = 0;
0357
0358     if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) {
0359         ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS;
0360         printk(KERN_WARNING "%s: Specified number of users is "
0361                "too large, defaulting to [%d] users\n", __func__,
0362                ecryptfs_number_of_users);
0363     }
0364     mutex_lock(&ecryptfs_daemon_hash_mux);
0365     ecryptfs_hash_bits = 1;
0366     while (ecryptfs_number_of_users >> ecryptfs_hash_bits)
0367         ecryptfs_hash_bits++;
0368     ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head)
0369                     * (1 << ecryptfs_hash_bits)),
0370                        GFP_KERNEL);
0371     if (!ecryptfs_daemon_hash) {
0372         rc = -ENOMEM;
0373         mutex_unlock(&ecryptfs_daemon_hash_mux);
0374         goto out;
0375     }
0376     for (i = 0; i < (1 << ecryptfs_hash_bits); i++)
0377         INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]);
0378     mutex_unlock(&ecryptfs_daemon_hash_mux);
0379     ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx)
0380                     * ecryptfs_message_buf_len),
0381                        GFP_KERNEL);
0382     if (!ecryptfs_msg_ctx_arr) {
0383         kfree(ecryptfs_daemon_hash);
0384         rc = -ENOMEM;
0385         goto out;
0386     }
0387     mutex_lock(&ecryptfs_msg_ctx_lists_mux);
0388     ecryptfs_msg_counter = 0;
0389     for (i = 0; i < ecryptfs_message_buf_len; i++) {
0390         INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node);
0391         INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list);
0392         mutex_init(&ecryptfs_msg_ctx_arr[i].mux);
0393         mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
0394         ecryptfs_msg_ctx_arr[i].index = i;
0395         ecryptfs_msg_ctx_arr[i].state = ECRYPTFS_MSG_CTX_STATE_FREE;
0396         ecryptfs_msg_ctx_arr[i].counter = 0;
0397         ecryptfs_msg_ctx_arr[i].task = NULL;
0398         ecryptfs_msg_ctx_arr[i].msg = NULL;
0399         list_add_tail(&ecryptfs_msg_ctx_arr[i].node,
0400                   &ecryptfs_msg_ctx_free_list);
0401         mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
0402     }
0403     mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0404     rc = ecryptfs_init_ecryptfs_miscdev();
0405     if (rc)
0406         ecryptfs_release_messaging();
0407 out:
0408     return rc;
0409 }
0410
0411 void ecryptfs_release_messaging(void)
0412 {
0413     if (ecryptfs_msg_ctx_arr) {
0414         int i;
0415
0416         mutex_lock(&ecryptfs_msg_ctx_lists_mux);
0417         for (i = 0; i < ecryptfs_message_buf_len; i++) {
0418             mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
0419             kfree(ecryptfs_msg_ctx_arr[i].msg);
0420             mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
0421         }
0422         kfree(ecryptfs_msg_ctx_arr);
0423         mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
0424     }
0425     if (ecryptfs_daemon_hash) {
0426         struct ecryptfs_daemon *daemon;
0427         struct hlist_node *n;
0428         int i;
0429
0430         mutex_lock(&ecryptfs_daemon_hash_mux);
0431         for (i = 0; i < (1 << ecryptfs_hash_bits); i++) {
0432             int rc;
0433
0434             hlist_for_each_entry_safe(daemon, n,
0435                           &ecryptfs_daemon_hash[i],
0436                           euid_chain) {
0437                 rc = ecryptfs_exorcise_daemon(daemon);
0438                 if (rc)
0439                     printk(KERN_ERR "%s: Error whilst "
0440                            "attempting to destroy daemon; "
0441                            "rc = [%d]. Dazed and confused, "
0442                            "but trying to continue.\n",
0443                            __func__, rc);
0444             }
0445         }
0446         kfree(ecryptfs_daemon_hash);
0447         mutex_unlock(&ecryptfs_daemon_hash_mux);
0448     }
0449     ecryptfs_destroy_ecryptfs_miscdev();
0450     return;
0451 }