miscdev.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512
  1. /**
  2. * eCryptfs: Linux filesystem encryption layer
  3. *
  4. * Copyright (C) 2008 International Business Machines Corp.
  5. * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
  6. *
  7. * This program is free software; you can redistribute it and/or
  8. * modify it under the terms of the GNU General Public License version
  9. * 2 as published by the Free Software Foundation.
  10. *
  11. * This program is distributed in the hope that it will be useful, but
  12. * WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  14. * General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with this program; if not, write to the Free Software
  18. * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  19. * 02111-1307, USA.
  20. */
  21. #include <linux/fs.h>
  22. #include <linux/hash.h>
  23. #include <linux/random.h>
  24. #include <linux/miscdevice.h>
  25. #include <linux/poll.h>
  26. #include <linux/slab.h>
  27. #include <linux/wait.h>
  28. #include <linux/module.h>
  29. #include "ecryptfs_kernel.h"
  30. static atomic_t ecryptfs_num_miscdev_opens;
  31. /**
  32. * ecryptfs_miscdev_poll
  33. * @file: dev file
  34. * @pt: dev poll table (ignored)
  35. *
  36. * Returns the poll mask
  37. */
  38. static unsigned int
  39. ecryptfs_miscdev_poll(struct file *file, poll_table *pt)
  40. {
  41. struct ecryptfs_daemon *daemon = file->private_data;
  42. unsigned int mask = 0;
  43. mutex_lock(&daemon->mux);
  44. if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
  45. printk(KERN_WARNING "%s: Attempt to poll on zombified "
  46. "daemon\n", __func__);
  47. goto out_unlock_daemon;
  48. }
  49. if (daemon->flags & ECRYPTFS_DAEMON_IN_READ)
  50. goto out_unlock_daemon;
  51. if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)
  52. goto out_unlock_daemon;
  53. daemon->flags |= ECRYPTFS_DAEMON_IN_POLL;
  54. mutex_unlock(&daemon->mux);
  55. poll_wait(file, &daemon->wait, pt);
  56. mutex_lock(&daemon->mux);
  57. if (!list_empty(&daemon->msg_ctx_out_queue))
  58. mask |= POLLIN | POLLRDNORM;
  59. out_unlock_daemon:
  60. daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL;
  61. mutex_unlock(&daemon->mux);
  62. return mask;
  63. }
  64. /**
  65. * ecryptfs_miscdev_open
  66. * @inode: inode of miscdev handle (ignored)
  67. * @file: file for miscdev handle
  68. *
  69. * Returns zero on success; non-zero otherwise
  70. */
  71. static int
  72. ecryptfs_miscdev_open(struct inode *inode, struct file *file)
  73. {
  74. struct ecryptfs_daemon *daemon = NULL;
  75. int rc;
  76. mutex_lock(&ecryptfs_daemon_hash_mux);
  77. rc = ecryptfs_find_daemon_by_euid(&daemon);
  78. if (!rc) {
  79. rc = -EINVAL;
  80. goto out_unlock_daemon_list;
  81. }
  82. rc = ecryptfs_spawn_daemon(&daemon, file);
  83. if (rc) {
  84. printk(KERN_ERR "%s: Error attempting to spawn daemon; "
  85. "rc = [%d]\n", __func__, rc);
  86. goto out_unlock_daemon_list;
  87. }
  88. mutex_lock(&daemon->mux);
  89. if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) {
  90. rc = -EBUSY;
  91. goto out_unlock_daemon;
  92. }
  93. daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN;
  94. file->private_data = daemon;
  95. atomic_inc(&ecryptfs_num_miscdev_opens);
  96. out_unlock_daemon:
  97. mutex_unlock(&daemon->mux);
  98. out_unlock_daemon_list:
  99. mutex_unlock(&ecryptfs_daemon_hash_mux);
  100. return rc;
  101. }
  102. /**
  103. * ecryptfs_miscdev_release
  104. * @inode: inode of fs/ecryptfs/euid handle (ignored)
  105. * @file: file for fs/ecryptfs/euid handle
  106. *
  107. * This keeps the daemon registered until the daemon sends another
  108. * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters.
  109. *
  110. * Returns zero on success; non-zero otherwise
  111. */
  112. static int
  113. ecryptfs_miscdev_release(struct inode *inode, struct file *file)
  114. {
  115. struct ecryptfs_daemon *daemon = file->private_data;
  116. int rc;
  117. mutex_lock(&daemon->mux);
  118. BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN));
  119. daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN;
  120. atomic_dec(&ecryptfs_num_miscdev_opens);
  121. mutex_unlock(&daemon->mux);
  122. mutex_lock(&ecryptfs_daemon_hash_mux);
  123. rc = ecryptfs_exorcise_daemon(daemon);
  124. mutex_unlock(&ecryptfs_daemon_hash_mux);
  125. if (rc) {
  126. printk(KERN_CRIT "%s: Fatal error whilst attempting to "
  127. "shut down daemon; rc = [%d]. Please report this "
  128. "bug.\n", __func__, rc);
  129. BUG();
  130. }
  131. return rc;
  132. }
  133. /**
  134. * ecryptfs_send_miscdev
  135. * @data: Data to send to daemon; may be NULL
  136. * @data_size: Amount of data to send to daemon
  137. * @msg_ctx: Message context, which is used to handle the reply. If
  138. * this is NULL, then we do not expect a reply.
  139. * @msg_type: Type of message
  140. * @msg_flags: Flags for message
  141. * @daemon: eCryptfs daemon object
  142. *
  143. * Add msg_ctx to queue and then, if it exists, notify the blocked
  144. * miscdevess about the data being available. Must be called with
  145. * ecryptfs_daemon_hash_mux held.
  146. *
  147. * Returns zero on success; non-zero otherwise
  148. */
  149. int ecryptfs_send_miscdev(char *data, size_t data_size,
  150. struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
  151. u16 msg_flags, struct ecryptfs_daemon *daemon)
  152. {
  153. struct ecryptfs_message *msg;
  154. msg = kmalloc((sizeof(*msg) + data_size), GFP_KERNEL);
  155. if (!msg) {
  156. printk(KERN_ERR "%s: Out of memory whilst attempting "
  157. "to kmalloc(%zd, GFP_KERNEL)\n", __func__,
  158. (sizeof(*msg) + data_size));
  159. return -ENOMEM;
  160. }
  161. mutex_lock(&msg_ctx->mux);
  162. msg_ctx->msg = msg;
  163. msg_ctx->msg->index = msg_ctx->index;
  164. msg_ctx->msg->data_len = data_size;
  165. msg_ctx->type = msg_type;
  166. memcpy(msg_ctx->msg->data, data, data_size);
  167. msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size);
  168. list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue);
  169. mutex_unlock(&msg_ctx->mux);
  170. mutex_lock(&daemon->mux);
  171. daemon->num_queued_msg_ctx++;
  172. wake_up_interruptible(&daemon->wait);
  173. mutex_unlock(&daemon->mux);
  174. return 0;
  175. }
  176. /*
  177. * miscdevfs packet format:
  178. * Octet 0: Type
  179. * Octets 1-4: network byte order msg_ctx->counter
  180. * Octets 5-N0: Size of struct ecryptfs_message to follow
  181. * Octets N0-N1: struct ecryptfs_message (including data)
  182. *
  183. * Octets 5-N1 not written if the packet type does not include a message
  184. */
  185. #define PKT_TYPE_SIZE 1
  186. #define PKT_CTR_SIZE 4
  187. #define MIN_NON_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE)
  188. #define MIN_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \
  189. + ECRYPTFS_MIN_PKT_LEN_SIZE)
  190. /* 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES comes from tag 65 packet format */
  191. #define MAX_MSG_PKT_SIZE (PKT_TYPE_SIZE + PKT_CTR_SIZE \
  192. + ECRYPTFS_MAX_PKT_LEN_SIZE \
  193. + sizeof(struct ecryptfs_message) \
  194. + 4 + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)
  195. #define PKT_TYPE_OFFSET 0
  196. #define PKT_CTR_OFFSET PKT_TYPE_SIZE
  197. #define PKT_LEN_OFFSET (PKT_TYPE_SIZE + PKT_CTR_SIZE)
  198. /**
  199. * ecryptfs_miscdev_read - format and send message from queue
  200. * @file: miscdevfs handle
  201. * @buf: User buffer into which to copy the next message on the daemon queue
  202. * @count: Amount of space available in @buf
  203. * @ppos: Offset in file (ignored)
  204. *
  205. * Pulls the most recent message from the daemon queue, formats it for
  206. * being sent via a miscdevfs handle, and copies it into @buf
  207. *
  208. * Returns the number of bytes copied into the user buffer
  209. */
  210. static ssize_t
  211. ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
  212. loff_t *ppos)
  213. {
  214. struct ecryptfs_daemon *daemon = file->private_data;
  215. struct ecryptfs_msg_ctx *msg_ctx;
  216. size_t packet_length_size;
  217. char packet_length[ECRYPTFS_MAX_PKT_LEN_SIZE];
  218. size_t i;
  219. size_t total_length;
  220. int rc;
  221. mutex_lock(&daemon->mux);
  222. if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
  223. rc = 0;
  224. printk(KERN_WARNING "%s: Attempt to read from zombified "
  225. "daemon\n", __func__);
  226. goto out_unlock_daemon;
  227. }
  228. if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) {
  229. rc = 0;
  230. goto out_unlock_daemon;
  231. }
  232. /* This daemon will not go away so long as this flag is set */
  233. daemon->flags |= ECRYPTFS_DAEMON_IN_READ;
  234. check_list:
  235. if (list_empty(&daemon->msg_ctx_out_queue)) {
  236. mutex_unlock(&daemon->mux);
  237. rc = wait_event_interruptible(
  238. daemon->wait, !list_empty(&daemon->msg_ctx_out_queue));
  239. mutex_lock(&daemon->mux);
  240. if (rc < 0) {
  241. rc = 0;
  242. goto out_unlock_daemon;
  243. }
  244. }
  245. if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
  246. rc = 0;
  247. goto out_unlock_daemon;
  248. }
  249. if (list_empty(&daemon->msg_ctx_out_queue)) {
  250. /* Something else jumped in since the
  251. * wait_event_interruptable() and removed the
  252. * message from the queue; try again */
  253. goto check_list;
  254. }
  255. msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue,
  256. struct ecryptfs_msg_ctx, daemon_out_list);
  257. BUG_ON(!msg_ctx);
  258. mutex_lock(&msg_ctx->mux);
  259. if (msg_ctx->msg) {
  260. rc = ecryptfs_write_packet_length(packet_length,
  261. msg_ctx->msg_size,
  262. &packet_length_size);
  263. if (rc) {
  264. rc = 0;
  265. printk(KERN_WARNING "%s: Error writing packet length; "
  266. "rc = [%d]\n", __func__, rc);
  267. goto out_unlock_msg_ctx;
  268. }
  269. } else {
  270. packet_length_size = 0;
  271. msg_ctx->msg_size = 0;
  272. }
  273. total_length = (PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_length_size
  274. + msg_ctx->msg_size);
  275. if (count < total_length) {
  276. rc = 0;
  277. printk(KERN_WARNING "%s: Only given user buffer of "
  278. "size [%zd], but we need [%zd] to read the "
  279. "pending message\n", __func__, count, total_length);
  280. goto out_unlock_msg_ctx;
  281. }
  282. rc = -EFAULT;
  283. if (put_user(msg_ctx->type, buf))
  284. goto out_unlock_msg_ctx;
  285. if (put_user(cpu_to_be32(msg_ctx->counter),
  286. (__be32 __user *)(&buf[PKT_CTR_OFFSET])))
  287. goto out_unlock_msg_ctx;
  288. i = PKT_TYPE_SIZE + PKT_CTR_SIZE;
  289. if (msg_ctx->msg) {
  290. if (copy_to_user(&buf[i], packet_length, packet_length_size))
  291. goto out_unlock_msg_ctx;
  292. i += packet_length_size;
  293. if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
  294. goto out_unlock_msg_ctx;
  295. i += msg_ctx->msg_size;
  296. }
  297. rc = i;
  298. list_del(&msg_ctx->daemon_out_list);
  299. kfree(msg_ctx->msg);
  300. msg_ctx->msg = NULL;
  301. /* We do not expect a reply from the userspace daemon for any
  302. * message type other than ECRYPTFS_MSG_REQUEST */
  303. if (msg_ctx->type != ECRYPTFS_MSG_REQUEST)
  304. ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
  305. out_unlock_msg_ctx:
  306. mutex_unlock(&msg_ctx->mux);
  307. out_unlock_daemon:
  308. daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ;
  309. mutex_unlock(&daemon->mux);
  310. return rc;
  311. }
  312. /**
  313. * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon
  314. * @data: Bytes comprising struct ecryptfs_message
  315. * @data_size: sizeof(struct ecryptfs_message) + data len
  316. * @seq: Sequence number for miscdev response packet
  317. *
  318. * Returns zero on success; non-zero otherwise
  319. */
  320. static int ecryptfs_miscdev_response(struct ecryptfs_daemon *daemon, char *data,
  321. size_t data_size, u32 seq)
  322. {
  323. struct ecryptfs_message *msg = (struct ecryptfs_message *)data;
  324. int rc;
  325. if ((sizeof(*msg) + msg->data_len) != data_size) {
  326. printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = "
  327. "[%zd]; data_size = [%zd]. Invalid packet.\n", __func__,
  328. (sizeof(*msg) + msg->data_len), data_size);
  329. rc = -EINVAL;
  330. goto out;
  331. }
  332. rc = ecryptfs_process_response(daemon, msg, seq);
  333. if (rc)
  334. printk(KERN_ERR
  335. "Error processing response message; rc = [%d]\n", rc);
  336. out:
  337. return rc;
  338. }
  339. /**
  340. * ecryptfs_miscdev_write - handle write to daemon miscdev handle
  341. * @file: File for misc dev handle
  342. * @buf: Buffer containing user data
  343. * @count: Amount of data in @buf
  344. * @ppos: Pointer to offset in file (ignored)
  345. *
  346. * Returns the number of bytes read from @buf
  347. */
  348. static ssize_t
  349. ecryptfs_miscdev_write(struct file *file, const char __user *buf,
  350. size_t count, loff_t *ppos)
  351. {
  352. __be32 counter_nbo;
  353. u32 seq;
  354. size_t packet_size, packet_size_length;
  355. char *data;
  356. unsigned char packet_size_peek[ECRYPTFS_MAX_PKT_LEN_SIZE];
  357. ssize_t rc;
  358. if (count == 0) {
  359. return 0;
  360. } else if (count == MIN_NON_MSG_PKT_SIZE) {
  361. /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */
  362. goto memdup;
  363. } else if (count < MIN_MSG_PKT_SIZE || count > MAX_MSG_PKT_SIZE) {
  364. printk(KERN_WARNING "%s: Acceptable packet size range is "
  365. "[%d-%zu], but amount of data written is [%zu].",
  366. __func__, MIN_MSG_PKT_SIZE, MAX_MSG_PKT_SIZE, count);
  367. return -EINVAL;
  368. }
  369. if (copy_from_user(packet_size_peek, &buf[PKT_LEN_OFFSET],
  370. sizeof(packet_size_peek))) {
  371. printk(KERN_WARNING "%s: Error while inspecting packet size\n",
  372. __func__);
  373. return -EFAULT;
  374. }
  375. rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size,
  376. &packet_size_length);
  377. if (rc) {
  378. printk(KERN_WARNING "%s: Error parsing packet length; "
  379. "rc = [%zd]\n", __func__, rc);
  380. return rc;
  381. }
  382. if ((PKT_TYPE_SIZE + PKT_CTR_SIZE + packet_size_length + packet_size)
  383. != count) {
  384. printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__,
  385. packet_size);
  386. return -EINVAL;
  387. }
  388. memdup:
  389. data = memdup_user(buf, count);
  390. if (IS_ERR(data)) {
  391. printk(KERN_ERR "%s: memdup_user returned error [%ld]\n",
  392. __func__, PTR_ERR(data));
  393. return PTR_ERR(data);
  394. }
  395. switch (data[PKT_TYPE_OFFSET]) {
  396. case ECRYPTFS_MSG_RESPONSE:
  397. if (count < (MIN_MSG_PKT_SIZE
  398. + sizeof(struct ecryptfs_message))) {
  399. printk(KERN_WARNING "%s: Minimum acceptable packet "
  400. "size is [%zd], but amount of data written is "
  401. "only [%zd]. Discarding response packet.\n",
  402. __func__,
  403. (MIN_MSG_PKT_SIZE
  404. + sizeof(struct ecryptfs_message)), count);
  405. rc = -EINVAL;
  406. goto out_free;
  407. }
  408. memcpy(&counter_nbo, &data[PKT_CTR_OFFSET], PKT_CTR_SIZE);
  409. seq = be32_to_cpu(counter_nbo);
  410. rc = ecryptfs_miscdev_response(file->private_data,
  411. &data[PKT_LEN_OFFSET + packet_size_length],
  412. packet_size, seq);
  413. if (rc) {
  414. printk(KERN_WARNING "%s: Failed to deliver miscdev "
  415. "response to requesting operation; rc = [%zd]\n",
  416. __func__, rc);
  417. goto out_free;
  418. }
  419. break;
  420. case ECRYPTFS_MSG_HELO:
  421. case ECRYPTFS_MSG_QUIT:
  422. break;
  423. default:
  424. ecryptfs_printk(KERN_WARNING, "Dropping miscdev "
  425. "message of unrecognized type [%d]\n",
  426. data[0]);
  427. rc = -EINVAL;
  428. goto out_free;
  429. }
  430. rc = count;
  431. out_free:
  432. kfree(data);
  433. return rc;
  434. }
  435. static const struct file_operations ecryptfs_miscdev_fops = {
  436. .owner = THIS_MODULE,
  437. .open = ecryptfs_miscdev_open,
  438. .poll = ecryptfs_miscdev_poll,
  439. .read = ecryptfs_miscdev_read,
  440. .write = ecryptfs_miscdev_write,
  441. .release = ecryptfs_miscdev_release,
  442. .llseek = noop_llseek,
  443. };
  444. static struct miscdevice ecryptfs_miscdev = {
  445. .minor = MISC_DYNAMIC_MINOR,
  446. .name = "ecryptfs",
  447. .fops = &ecryptfs_miscdev_fops
  448. };
  449. /**
  450. * ecryptfs_init_ecryptfs_miscdev
  451. *
  452. * Messages sent to the userspace daemon from the kernel are placed on
  453. * a queue associated with the daemon. The next read against the
  454. * miscdev handle by that daemon will return the oldest message placed
  455. * on the message queue for the daemon.
  456. *
  457. * Returns zero on success; non-zero otherwise
  458. */
  459. int __init ecryptfs_init_ecryptfs_miscdev(void)
  460. {
  461. int rc;
  462. atomic_set(&ecryptfs_num_miscdev_opens, 0);
  463. rc = misc_register(&ecryptfs_miscdev);
  464. if (rc)
  465. printk(KERN_ERR "%s: Failed to register miscellaneous device "
  466. "for communications with userspace daemons; rc = [%d]\n",
  467. __func__, rc);
  468. return rc;
  469. }
  470. /**
  471. * ecryptfs_destroy_ecryptfs_miscdev
  472. *
  473. * All of the daemons must be exorcised prior to calling this
  474. * function.
  475. */
  476. void ecryptfs_destroy_ecryptfs_miscdev(void)
  477. {
  478. BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0);
  479. misc_deregister(&ecryptfs_miscdev);
  480. }