fs/ecryptfs/super.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * eCryptfs: Linux filesystem encryption layer
0004  *
0005  * Copyright (C) 1997-2003 Erez Zadok
0006  * Copyright (C) 2001-2003 Stony Brook University
0007  * Copyright (C) 2004-2006 International Business Machines Corp.
0008  *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
0009  *              Michael C. Thompson <mcthomps@us.ibm.com>
0010  */
0011
0012 #include <linux/fs.h>
0013 #include <linux/mount.h>
0014 #include <linux/key.h>
0015 #include <linux/slab.h>
0016 #include <linux/seq_file.h>
0017 #include <linux/file.h>
0018 #include <linux/statfs.h>
0019 #include <linux/magic.h>
0020 #include "ecryptfs_kernel.h"
0021
0022 struct kmem_cache *ecryptfs_inode_info_cache;
0023
0024 /**
0025  * ecryptfs_alloc_inode - allocate an ecryptfs inode
0026  * @sb: Pointer to the ecryptfs super block
0027  *
0028  * Called to bring an inode into existence.
0029  *
0030  * Only handle allocation, setting up structures should be done in
0031  * ecryptfs_read_inode. This is because the kernel, between now and
0032  * then, will 0 out the private data pointer.
0033  *
0034  * Returns a pointer to a newly allocated inode, NULL otherwise
0035  */
0036 static struct inode *ecryptfs_alloc_inode(struct super_block *sb)
0037 {
0038     struct ecryptfs_inode_info *inode_info;
0039     struct inode *inode = NULL;
0040
0041     inode_info = alloc_inode_sb(sb, ecryptfs_inode_info_cache, GFP_KERNEL);
0042     if (unlikely(!inode_info))
0043         goto out;
0044     if (ecryptfs_init_crypt_stat(&inode_info->crypt_stat)) {
0045         kmem_cache_free(ecryptfs_inode_info_cache, inode_info);
0046         goto out;
0047     }
0048     mutex_init(&inode_info->lower_file_mutex);
0049     atomic_set(&inode_info->lower_file_count, 0);
0050     inode_info->lower_file = NULL;
0051     inode = &inode_info->vfs_inode;
0052 out:
0053     return inode;
0054 }
0055
0056 static void ecryptfs_free_inode(struct inode *inode)
0057 {
0058     struct ecryptfs_inode_info *inode_info;
0059     inode_info = ecryptfs_inode_to_private(inode);
0060
0061     kmem_cache_free(ecryptfs_inode_info_cache, inode_info);
0062 }
0063
0064 /**
0065  * ecryptfs_destroy_inode
0066  * @inode: The ecryptfs inode
0067  *
0068  * This is used during the final destruction of the inode.  All
0069  * allocation of memory related to the inode, including allocated
0070  * memory in the crypt_stat struct, will be released here.
0071  * There should be no chance that this deallocation will be missed.
0072  */
0073 static void ecryptfs_destroy_inode(struct inode *inode)
0074 {
0075     struct ecryptfs_inode_info *inode_info;
0076
0077     inode_info = ecryptfs_inode_to_private(inode);
0078     BUG_ON(inode_info->lower_file);
0079     ecryptfs_destroy_crypt_stat(&inode_info->crypt_stat);
0080 }
0081
0082 /**
0083  * ecryptfs_statfs
0084  * @dentry: The ecryptfs dentry
0085  * @buf: The struct kstatfs to fill in with stats
0086  *
0087  * Get the filesystem statistics. Currently, we let this pass right through
0088  * to the lower filesystem and take no action ourselves.
0089  */
0090 static int ecryptfs_statfs(struct dentry *dentry, struct kstatfs *buf)
0091 {
0092     struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
0093     int rc;
0094
0095     if (!lower_dentry->d_sb->s_op->statfs)
0096         return -ENOSYS;
0097
0098     rc = lower_dentry->d_sb->s_op->statfs(lower_dentry, buf);
0099     if (rc)
0100         return rc;
0101
0102     buf->f_type = ECRYPTFS_SUPER_MAGIC;
0103     rc = ecryptfs_set_f_namelen(&buf->f_namelen, buf->f_namelen,
0104            &ecryptfs_superblock_to_private(dentry->d_sb)->mount_crypt_stat);
0105
0106     return rc;
0107 }
0108
0109 /**
0110  * ecryptfs_evict_inode
0111  * @inode: The ecryptfs inode
0112  *
0113  * Called by iput() when the inode reference count reached zero
0114  * and the inode is not hashed anywhere.  Used to clear anything
0115  * that needs to be, before the inode is completely destroyed and put
0116  * on the inode free list. We use this to drop out reference to the
0117  * lower inode.
0118  */
0119 static void ecryptfs_evict_inode(struct inode *inode)
0120 {
0121     truncate_inode_pages_final(&inode->i_data);
0122     clear_inode(inode);
0123     iput(ecryptfs_inode_to_lower(inode));
0124 }
0125
0126 /*
0127  * ecryptfs_show_options
0128  *
0129  * Prints the mount options for a given superblock.
0130  * Returns zero; does not fail.
0131  */
0132 static int ecryptfs_show_options(struct seq_file *m, struct dentry *root)
0133 {
0134     struct super_block *sb = root->d_sb;
0135     struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
0136         &ecryptfs_superblock_to_private(sb)->mount_crypt_stat;
0137     struct ecryptfs_global_auth_tok *walker;
0138
0139     mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
0140     list_for_each_entry(walker,
0141                 &mount_crypt_stat->global_auth_tok_list,
0142                 mount_crypt_stat_list) {
0143         if (walker->flags & ECRYPTFS_AUTH_TOK_FNEK)
0144             seq_printf(m, ",ecryptfs_fnek_sig=%s", walker->sig);
0145         else
0146             seq_printf(m, ",ecryptfs_sig=%s", walker->sig);
0147     }
0148     mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
0149
0150     seq_printf(m, ",ecryptfs_cipher=%s",
0151         mount_crypt_stat->global_default_cipher_name);
0152
0153     if (mount_crypt_stat->global_default_cipher_key_size)
0154         seq_printf(m, ",ecryptfs_key_bytes=%zd",
0155                mount_crypt_stat->global_default_cipher_key_size);
0156     if (mount_crypt_stat->flags & ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED)
0157         seq_printf(m, ",ecryptfs_passthrough");
0158     if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED)
0159         seq_printf(m, ",ecryptfs_xattr_metadata");
0160     if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
0161         seq_printf(m, ",ecryptfs_encrypted_view");
0162     if (mount_crypt_stat->flags & ECRYPTFS_UNLINK_SIGS)
0163         seq_printf(m, ",ecryptfs_unlink_sigs");
0164     if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY)
0165         seq_printf(m, ",ecryptfs_mount_auth_tok_only");
0166
0167     return 0;
0168 }
0169
0170 const struct super_operations ecryptfs_sops = {
0171     .alloc_inode = ecryptfs_alloc_inode,
0172     .destroy_inode = ecryptfs_destroy_inode,
0173     .free_inode = ecryptfs_free_inode,
0174     .statfs = ecryptfs_statfs,
0175     .remount_fs = NULL,
0176     .evict_inode = ecryptfs_evict_inode,
0177     .show_options = ecryptfs_show_options
0178 };