messaging.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470
  1. /**
  2. * eCryptfs: Linux filesystem encryption layer
  3. *
  4. * Copyright (C) 2004-2008 International Business Machines Corp.
  5. * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
  6. * Tyler Hicks <tyhicks@ou.edu>
  7. *
  8. * This program is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU General Public License version
  10. * 2 as published by the Free Software Foundation.
  11. *
  12. * This program is distributed in the hope that it will be useful, but
  13. * WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  15. * General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  20. * 02111-1307, USA.
  21. */
  22. #include <linux/sched.h>
  23. #include <linux/slab.h>
  24. #include <linux/user_namespace.h>
  25. #include <linux/nsproxy.h>
  26. #include "ecryptfs_kernel.h"
  27. static LIST_HEAD(ecryptfs_msg_ctx_free_list);
  28. static LIST_HEAD(ecryptfs_msg_ctx_alloc_list);
  29. static struct mutex ecryptfs_msg_ctx_lists_mux;
  30. static struct hlist_head *ecryptfs_daemon_hash;
  31. struct mutex ecryptfs_daemon_hash_mux;
  32. static int ecryptfs_hash_bits;
  33. #define ecryptfs_current_euid_hash(uid) \
  34. hash_long((unsigned long)from_kuid(&init_user_ns, current_euid()), ecryptfs_hash_bits)
  35. static u32 ecryptfs_msg_counter;
  36. static struct ecryptfs_msg_ctx *ecryptfs_msg_ctx_arr;
  37. /**
  38. * ecryptfs_acquire_free_msg_ctx
  39. * @msg_ctx: The context that was acquired from the free list
  40. *
  41. * Acquires a context element from the free list and locks the mutex
  42. * on the context. Sets the msg_ctx task to current. Returns zero on
  43. * success; non-zero on error or upon failure to acquire a free
  44. * context element. Must be called with ecryptfs_msg_ctx_lists_mux
  45. * held.
  46. */
  47. static int ecryptfs_acquire_free_msg_ctx(struct ecryptfs_msg_ctx **msg_ctx)
  48. {
  49. struct list_head *p;
  50. int rc;
  51. if (list_empty(&ecryptfs_msg_ctx_free_list)) {
  52. printk(KERN_WARNING "%s: The eCryptfs free "
  53. "context list is empty. It may be helpful to "
  54. "specify the ecryptfs_message_buf_len "
  55. "parameter to be greater than the current "
  56. "value of [%d]\n", __func__, ecryptfs_message_buf_len);
  57. rc = -ENOMEM;
  58. goto out;
  59. }
  60. list_for_each(p, &ecryptfs_msg_ctx_free_list) {
  61. *msg_ctx = list_entry(p, struct ecryptfs_msg_ctx, node);
  62. if (mutex_trylock(&(*msg_ctx)->mux)) {
  63. (*msg_ctx)->task = current;
  64. rc = 0;
  65. goto out;
  66. }
  67. }
  68. rc = -ENOMEM;
  69. out:
  70. return rc;
  71. }
  72. /**
  73. * ecryptfs_msg_ctx_free_to_alloc
  74. * @msg_ctx: The context to move from the free list to the alloc list
  75. *
  76. * Must be called with ecryptfs_msg_ctx_lists_mux held.
  77. */
  78. static void ecryptfs_msg_ctx_free_to_alloc(struct ecryptfs_msg_ctx *msg_ctx)
  79. {
  80. list_move(&msg_ctx->node, &ecryptfs_msg_ctx_alloc_list);
  81. msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_PENDING;
  82. msg_ctx->counter = ++ecryptfs_msg_counter;
  83. }
  84. /**
  85. * ecryptfs_msg_ctx_alloc_to_free
  86. * @msg_ctx: The context to move from the alloc list to the free list
  87. *
  88. * Must be called with ecryptfs_msg_ctx_lists_mux held.
  89. */
  90. void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx)
  91. {
  92. list_move(&(msg_ctx->node), &ecryptfs_msg_ctx_free_list);
  93. kfree(msg_ctx->msg);
  94. msg_ctx->msg = NULL;
  95. msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_FREE;
  96. }
  97. /**
  98. * ecryptfs_find_daemon_by_euid
  99. * @daemon: If return value is zero, points to the desired daemon pointer
  100. *
  101. * Must be called with ecryptfs_daemon_hash_mux held.
  102. *
  103. * Search the hash list for the current effective user id.
  104. *
  105. * Returns zero if the user id exists in the list; non-zero otherwise.
  106. */
  107. int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon)
  108. {
  109. int rc;
  110. hlist_for_each_entry(*daemon,
  111. &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()],
  112. euid_chain) {
  113. if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) {
  114. rc = 0;
  115. goto out;
  116. }
  117. }
  118. rc = -EINVAL;
  119. out:
  120. return rc;
  121. }
  122. /**
  123. * ecryptfs_spawn_daemon - Create and initialize a new daemon struct
  124. * @daemon: Pointer to set to newly allocated daemon struct
  125. * @file: File used when opening /dev/ecryptfs
  126. *
  127. * Must be called ceremoniously while in possession of
  128. * ecryptfs_sacred_daemon_hash_mux
  129. *
  130. * Returns zero on success; non-zero otherwise
  131. */
  132. int
  133. ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, struct file *file)
  134. {
  135. int rc = 0;
  136. (*daemon) = kzalloc(sizeof(**daemon), GFP_KERNEL);
  137. if (!(*daemon)) {
  138. rc = -ENOMEM;
  139. printk(KERN_ERR "%s: Failed to allocate [%zd] bytes of "
  140. "GFP_KERNEL memory\n", __func__, sizeof(**daemon));
  141. goto out;
  142. }
  143. (*daemon)->file = file;
  144. mutex_init(&(*daemon)->mux);
  145. INIT_LIST_HEAD(&(*daemon)->msg_ctx_out_queue);
  146. init_waitqueue_head(&(*daemon)->wait);
  147. (*daemon)->num_queued_msg_ctx = 0;
  148. hlist_add_head(&(*daemon)->euid_chain,
  149. &ecryptfs_daemon_hash[ecryptfs_current_euid_hash()]);
  150. out:
  151. return rc;
  152. }
  153. /**
  154. * ecryptfs_exorcise_daemon - Destroy the daemon struct
  155. *
  156. * Must be called ceremoniously while in possession of
  157. * ecryptfs_daemon_hash_mux and the daemon's own mux.
  158. */
  159. int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon)
  160. {
  161. struct ecryptfs_msg_ctx *msg_ctx, *msg_ctx_tmp;
  162. int rc = 0;
  163. mutex_lock(&daemon->mux);
  164. if ((daemon->flags & ECRYPTFS_DAEMON_IN_READ)
  165. || (daemon->flags & ECRYPTFS_DAEMON_IN_POLL)) {
  166. rc = -EBUSY;
  167. mutex_unlock(&daemon->mux);
  168. goto out;
  169. }
  170. list_for_each_entry_safe(msg_ctx, msg_ctx_tmp,
  171. &daemon->msg_ctx_out_queue, daemon_out_list) {
  172. list_del(&msg_ctx->daemon_out_list);
  173. daemon->num_queued_msg_ctx--;
  174. printk(KERN_WARNING "%s: Warning: dropping message that is in "
  175. "the out queue of a dying daemon\n", __func__);
  176. ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
  177. }
  178. hlist_del(&daemon->euid_chain);
  179. mutex_unlock(&daemon->mux);
  180. kzfree(daemon);
  181. out:
  182. return rc;
  183. }
  184. /**
  185. * ecryptfs_process_reponse
  186. * @msg: The ecryptfs message received; the caller should sanity check
  187. * msg->data_len and free the memory
  188. * @seq: The sequence number of the message; must match the sequence
  189. * number for the existing message context waiting for this
  190. * response
  191. *
  192. * Processes a response message after sending an operation request to
  193. * userspace. Some other process is awaiting this response. Before
  194. * sending out its first communications, the other process allocated a
  195. * msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The
  196. * response message contains this index so that we can copy over the
  197. * response message into the msg_ctx that the process holds a
  198. * reference to. The other process is going to wake up, check to see
  199. * that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then
  200. * proceed to read off and process the response message. Returns zero
  201. * upon delivery to desired context element; non-zero upon delivery
  202. * failure or error.
  203. *
  204. * Returns zero on success; non-zero otherwise
  205. */
  206. int ecryptfs_process_response(struct ecryptfs_daemon *daemon,
  207. struct ecryptfs_message *msg, u32 seq)
  208. {
  209. struct ecryptfs_msg_ctx *msg_ctx;
  210. size_t msg_size;
  211. int rc;
  212. if (msg->index >= ecryptfs_message_buf_len) {
  213. rc = -EINVAL;
  214. printk(KERN_ERR "%s: Attempt to reference "
  215. "context buffer at index [%d]; maximum "
  216. "allowable is [%d]\n", __func__, msg->index,
  217. (ecryptfs_message_buf_len - 1));
  218. goto out;
  219. }
  220. msg_ctx = &ecryptfs_msg_ctx_arr[msg->index];
  221. mutex_lock(&msg_ctx->mux);
  222. if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) {
  223. rc = -EINVAL;
  224. printk(KERN_WARNING "%s: Desired context element is not "
  225. "pending a response\n", __func__);
  226. goto unlock;
  227. } else if (msg_ctx->counter != seq) {
  228. rc = -EINVAL;
  229. printk(KERN_WARNING "%s: Invalid message sequence; "
  230. "expected [%d]; received [%d]\n", __func__,
  231. msg_ctx->counter, seq);
  232. goto unlock;
  233. }
  234. msg_size = (sizeof(*msg) + msg->data_len);
  235. msg_ctx->msg = kmemdup(msg, msg_size, GFP_KERNEL);
  236. if (!msg_ctx->msg) {
  237. rc = -ENOMEM;
  238. printk(KERN_ERR "%s: Failed to allocate [%zd] bytes of "
  239. "GFP_KERNEL memory\n", __func__, msg_size);
  240. goto unlock;
  241. }
  242. msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_DONE;
  243. wake_up_process(msg_ctx->task);
  244. rc = 0;
  245. unlock:
  246. mutex_unlock(&msg_ctx->mux);
  247. out:
  248. return rc;
  249. }
  250. /**
  251. * ecryptfs_send_message_locked
  252. * @data: The data to send
  253. * @data_len: The length of data
  254. * @msg_ctx: The message context allocated for the send
  255. *
  256. * Must be called with ecryptfs_daemon_hash_mux held.
  257. *
  258. * Returns zero on success; non-zero otherwise
  259. */
  260. static int
  261. ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,
  262. struct ecryptfs_msg_ctx **msg_ctx)
  263. {
  264. struct ecryptfs_daemon *daemon;
  265. int rc;
  266. rc = ecryptfs_find_daemon_by_euid(&daemon);
  267. if (rc) {
  268. rc = -ENOTCONN;
  269. goto out;
  270. }
  271. mutex_lock(&ecryptfs_msg_ctx_lists_mux);
  272. rc = ecryptfs_acquire_free_msg_ctx(msg_ctx);
  273. if (rc) {
  274. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  275. printk(KERN_WARNING "%s: Could not claim a free "
  276. "context element\n", __func__);
  277. goto out;
  278. }
  279. ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);
  280. mutex_unlock(&(*msg_ctx)->mux);
  281. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  282. rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 0,
  283. daemon);
  284. if (rc)
  285. printk(KERN_ERR "%s: Error attempting to send message to "
  286. "userspace daemon; rc = [%d]\n", __func__, rc);
  287. out:
  288. return rc;
  289. }
  290. /**
  291. * ecryptfs_send_message
  292. * @data: The data to send
  293. * @data_len: The length of data
  294. * @msg_ctx: The message context allocated for the send
  295. *
  296. * Grabs ecryptfs_daemon_hash_mux.
  297. *
  298. * Returns zero on success; non-zero otherwise
  299. */
  300. int ecryptfs_send_message(char *data, int data_len,
  301. struct ecryptfs_msg_ctx **msg_ctx)
  302. {
  303. int rc;
  304. mutex_lock(&ecryptfs_daemon_hash_mux);
  305. rc = ecryptfs_send_message_locked(data, data_len, ECRYPTFS_MSG_REQUEST,
  306. msg_ctx);
  307. mutex_unlock(&ecryptfs_daemon_hash_mux);
  308. return rc;
  309. }
  310. /**
  311. * ecryptfs_wait_for_response
  312. * @msg_ctx: The context that was assigned when sending a message
  313. * @msg: The incoming message from userspace; not set if rc != 0
  314. *
  315. * Sleeps until awaken by ecryptfs_receive_message or until the amount
  316. * of time exceeds ecryptfs_message_wait_timeout. If zero is
  317. * returned, msg will point to a valid message from userspace; a
  318. * non-zero value is returned upon failure to receive a message or an
  319. * error occurs. Callee must free @msg on success.
  320. */
  321. int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
  322. struct ecryptfs_message **msg)
  323. {
  324. signed long timeout = ecryptfs_message_wait_timeout * HZ;
  325. int rc = 0;
  326. sleep:
  327. timeout = schedule_timeout_interruptible(timeout);
  328. mutex_lock(&ecryptfs_msg_ctx_lists_mux);
  329. mutex_lock(&msg_ctx->mux);
  330. if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_DONE) {
  331. if (timeout) {
  332. mutex_unlock(&msg_ctx->mux);
  333. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  334. goto sleep;
  335. }
  336. rc = -ENOMSG;
  337. } else {
  338. *msg = msg_ctx->msg;
  339. msg_ctx->msg = NULL;
  340. }
  341. ecryptfs_msg_ctx_alloc_to_free(msg_ctx);
  342. mutex_unlock(&msg_ctx->mux);
  343. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  344. return rc;
  345. }
  346. int __init ecryptfs_init_messaging(void)
  347. {
  348. int i;
  349. int rc = 0;
  350. if (ecryptfs_number_of_users > ECRYPTFS_MAX_NUM_USERS) {
  351. ecryptfs_number_of_users = ECRYPTFS_MAX_NUM_USERS;
  352. printk(KERN_WARNING "%s: Specified number of users is "
  353. "too large, defaulting to [%d] users\n", __func__,
  354. ecryptfs_number_of_users);
  355. }
  356. mutex_init(&ecryptfs_daemon_hash_mux);
  357. mutex_lock(&ecryptfs_daemon_hash_mux);
  358. ecryptfs_hash_bits = 1;
  359. while (ecryptfs_number_of_users >> ecryptfs_hash_bits)
  360. ecryptfs_hash_bits++;
  361. ecryptfs_daemon_hash = kmalloc((sizeof(struct hlist_head)
  362. * (1 << ecryptfs_hash_bits)),
  363. GFP_KERNEL);
  364. if (!ecryptfs_daemon_hash) {
  365. rc = -ENOMEM;
  366. printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
  367. mutex_unlock(&ecryptfs_daemon_hash_mux);
  368. goto out;
  369. }
  370. for (i = 0; i < (1 << ecryptfs_hash_bits); i++)
  371. INIT_HLIST_HEAD(&ecryptfs_daemon_hash[i]);
  372. mutex_unlock(&ecryptfs_daemon_hash_mux);
  373. ecryptfs_msg_ctx_arr = kmalloc((sizeof(struct ecryptfs_msg_ctx)
  374. * ecryptfs_message_buf_len),
  375. GFP_KERNEL);
  376. if (!ecryptfs_msg_ctx_arr) {
  377. rc = -ENOMEM;
  378. printk(KERN_ERR "%s: Failed to allocate memory\n", __func__);
  379. goto out;
  380. }
  381. mutex_init(&ecryptfs_msg_ctx_lists_mux);
  382. mutex_lock(&ecryptfs_msg_ctx_lists_mux);
  383. ecryptfs_msg_counter = 0;
  384. for (i = 0; i < ecryptfs_message_buf_len; i++) {
  385. INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].node);
  386. INIT_LIST_HEAD(&ecryptfs_msg_ctx_arr[i].daemon_out_list);
  387. mutex_init(&ecryptfs_msg_ctx_arr[i].mux);
  388. mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
  389. ecryptfs_msg_ctx_arr[i].index = i;
  390. ecryptfs_msg_ctx_arr[i].state = ECRYPTFS_MSG_CTX_STATE_FREE;
  391. ecryptfs_msg_ctx_arr[i].counter = 0;
  392. ecryptfs_msg_ctx_arr[i].task = NULL;
  393. ecryptfs_msg_ctx_arr[i].msg = NULL;
  394. list_add_tail(&ecryptfs_msg_ctx_arr[i].node,
  395. &ecryptfs_msg_ctx_free_list);
  396. mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
  397. }
  398. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  399. rc = ecryptfs_init_ecryptfs_miscdev();
  400. if (rc)
  401. ecryptfs_release_messaging();
  402. out:
  403. return rc;
  404. }
  405. void ecryptfs_release_messaging(void)
  406. {
  407. if (ecryptfs_msg_ctx_arr) {
  408. int i;
  409. mutex_lock(&ecryptfs_msg_ctx_lists_mux);
  410. for (i = 0; i < ecryptfs_message_buf_len; i++) {
  411. mutex_lock(&ecryptfs_msg_ctx_arr[i].mux);
  412. kfree(ecryptfs_msg_ctx_arr[i].msg);
  413. mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);
  414. }
  415. kfree(ecryptfs_msg_ctx_arr);
  416. mutex_unlock(&ecryptfs_msg_ctx_lists_mux);
  417. }
  418. if (ecryptfs_daemon_hash) {
  419. struct ecryptfs_daemon *daemon;
  420. struct hlist_node *n;
  421. int i;
  422. mutex_lock(&ecryptfs_daemon_hash_mux);
  423. for (i = 0; i < (1 << ecryptfs_hash_bits); i++) {
  424. int rc;
  425. hlist_for_each_entry_safe(daemon, n,
  426. &ecryptfs_daemon_hash[i],
  427. euid_chain) {
  428. rc = ecryptfs_exorcise_daemon(daemon);
  429. if (rc)
  430. printk(KERN_ERR "%s: Error whilst "
  431. "attempting to destroy daemon; "
  432. "rc = [%d]. Dazed and confused, "
  433. "but trying to continue.\n",
  434. __func__, rc);
  435. }
  436. }
  437. kfree(ecryptfs_daemon_hash);
  438. mutex_unlock(&ecryptfs_daemon_hash_mux);
  439. }
  440. ecryptfs_destroy_ecryptfs_miscdev();
  441. return;
  442. }