eCryptfs: remove netlink transport

obj-$(CONFIG_ECRYPT_FS) += ecryptfs.o

ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o netlink.o miscdev.o kthread.o debug.o

ecryptfs-objs := dentry.o file.o inode.o main.o super.o mmap.o read_write.o crypto.o keystore.o messaging.o miscdev.o kthread.o debug.o

#define ECRYPTFS_MAX_PKI_NAME_BYTES 16

#define ECRYPTFS_DEFAULT_NUM_USERS 4

#define ECRYPTFS_MAX_NUM_USERS 32768

#define ECRYPTFS_TRANSPORT_NETLINK 0

#define ECRYPTFS_TRANSPORT_CONNECTOR 1

#define ECRYPTFS_TRANSPORT_RELAYFS 2

#define ECRYPTFS_TRANSPORT_MISCDEV 3

#define ECRYPTFS_DEFAULT_TRANSPORT ECRYPTFS_TRANSPORT_MISCDEV

#define ECRYPTFS_XATTR_NAME "user.ecryptfs"

#define RFC2440_CIPHER_DES3_EDE 0x02

	struct mutex mux;

};

extern unsigned int ecryptfs_transport;

struct ecryptfs_daemon;

struct ecryptfs_daemon {

ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,

		  size_t size, int flags);

int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode);

int ecryptfs_process_helo(unsigned int transport, uid_t euid,

			  struct user_namespace *user_ns, struct pid *pid);

int ecryptfs_process_helo(uid_t euid, struct user_namespace *user_ns,

			  struct pid *pid);

int ecryptfs_process_quit(uid_t euid, struct user_namespace *user_ns,

			  struct pid *pid);

int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,

			      struct user_namespace *user_ns, struct pid *pid,

			      u32 seq);

int ecryptfs_send_message(unsigned int transport, char *data, int data_len,

int ecryptfs_send_message(char *data, int data_len,

			  struct ecryptfs_msg_ctx **msg_ctx);

int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,

			       struct ecryptfs_message **emsg);

int ecryptfs_init_messaging(unsigned int transport);

void ecryptfs_release_messaging(unsigned int transport);

int ecryptfs_init_messaging(void);

void ecryptfs_release_messaging(void);

int ecryptfs_send_netlink(char *data, int data_len,

			  struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,

			  u16 msg_flags, struct pid *daemon_pid);

int ecryptfs_init_netlink(void);

void ecryptfs_release_netlink(void);

int ecryptfs_send_connector(char *data, int data_len,

			    struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,

			    u16 msg_flags, struct pid *daemon_pid);

int ecryptfs_init_connector(void);

void ecryptfs_release_connector(void);

void

ecryptfs_write_header_metadata(char *virt,

			       struct ecryptfs_crypt_stat *crypt_stat,

	}

	i += data_len;

	if (message_len < (i + m_size)) {

		ecryptfs_printk(KERN_ERR, "The received netlink message is "

				"shorter than expected\n");

		ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd "

				"is shorter than expected\n");

		rc = -EIO;

		goto out;

	}

	struct ecryptfs_msg_ctx *msg_ctx;

	struct ecryptfs_message *msg = NULL;

	char *auth_tok_sig;

	char *netlink_message;

	size_t netlink_message_length;

	char *payload;

	size_t payload_len;

	int rc;

	rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok);

		goto out;

	}

	rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),

				 &netlink_message, &netlink_message_length);

				 &payload, &payload_len);

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n");

		goto out;

	}

	rc = ecryptfs_send_message(ecryptfs_transport, netlink_message,

				   netlink_message_length, &msg_ctx);

	rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Error sending netlink message\n");

		ecryptfs_printk(KERN_ERR, "Error sending message to "

				"ecryptfsd\n");

		goto out;

	}

	rc = ecryptfs_wait_for_response(msg_ctx, &msg);

			struct ecryptfs_key_record *key_rec)

{

	struct ecryptfs_msg_ctx *msg_ctx = NULL;

	char *netlink_payload;

	size_t netlink_payload_length;

	char *payload = NULL;

	size_t payload_len;

	struct ecryptfs_message *msg;

	int rc;

	rc = write_tag_66_packet(auth_tok->token.private_key.signature,

				 ecryptfs_code_for_cipher_string(crypt_stat),

				 crypt_stat, &netlink_payload,

				 &netlink_payload_length);

				 crypt_stat, &payload, &payload_len);

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n");

		goto out;

	}

	rc = ecryptfs_send_message(ecryptfs_transport, netlink_payload,

				   netlink_payload_length, &msg_ctx);

	rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);

	if (rc) {

		ecryptfs_printk(KERN_ERR, "Error sending netlink message\n");

		ecryptfs_printk(KERN_ERR, "Error sending message to "

				"ecryptfsd\n");

		goto out;

	}

	rc = ecryptfs_wait_for_response(msg_ctx, &msg);

		ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n");

	kfree(msg);

out:

	if (netlink_payload)

		kfree(netlink_payload);

	kfree(payload);

	return rc;

}

/**

#include <linux/namei.h>

#include <linux/skbuff.h>

#include <linux/crypto.h>

#include <linux/netlink.h>

#include <linux/mount.h>

#include <linux/pagemap.h>

#include <linux/key.h>

		 "0, which is Quiet)");

/**

 * Module parameter that defines the number of netlink message buffer

 * elements

 * Module parameter that defines the number of message buffer elements

 */

unsigned int ecryptfs_message_buf_len = ECRYPTFS_DEFAULT_MSG_CTX_ELEMS;

/**

 * Module parameter that defines the maximum guaranteed amount of time to wait

 * for a response through netlink.  The actual sleep time will be, more than

 * for a response from ecryptfsd.  The actual sleep time will be, more than

 * likely, a small amount greater than this specified value, but only less if

 * the netlink message successfully arrives.

 * the message successfully arrives.

 */

signed long ecryptfs_message_wait_timeout = ECRYPTFS_MAX_MSG_CTX_TTL / HZ;

MODULE_PARM_DESC(ecryptfs_number_of_users, "An estimate of the number of "

		 "concurrent users of eCryptfs");

unsigned int ecryptfs_transport = ECRYPTFS_DEFAULT_TRANSPORT;

void __ecryptfs_printk(const char *fmt, ...)

{

	va_list args;

		       "rc = [%d]\n", __func__, rc);

		goto out_do_sysfs_unregistration;

	}

	rc = ecryptfs_init_messaging(ecryptfs_transport);

	rc = ecryptfs_init_messaging();

	if (rc) {

		printk(KERN_ERR "Failure occured while attempting to "

				"initialize the eCryptfs netlink socket\n");

				"initialize the communications channel to "

				"ecryptfsd\n");

		goto out_destroy_kthread;

	}

	rc = ecryptfs_init_crypto();

	goto out;

out_release_messaging:

	ecryptfs_release_messaging(ecryptfs_transport);

	ecryptfs_release_messaging();

out_destroy_kthread:

	ecryptfs_destroy_kthread();

out_do_sysfs_unregistration:

	if (rc)

		printk(KERN_ERR "Failure whilst attempting to destroy crypto; "

		       "rc = [%d]\n", rc);

	ecryptfs_release_messaging(ecryptfs_transport);

	ecryptfs_release_messaging();

	ecryptfs_destroy_kthread();

	do_sysfs_unregistration();

	unregister_filesystem(&ecryptfs_fs_type);

}

static int

ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,

			     u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx);

ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,

			     struct ecryptfs_msg_ctx **msg_ctx);

/**

 * ecryptfs_send_raw_message

 * @transport: Transport type

 * @msg_type: Message type

 * @daemon: Daemon struct for recipient of message

 *

 *

 * Returns zero on success; non-zero otherwise

 */

static int ecryptfs_send_raw_message(unsigned int transport, u8 msg_type,

static int ecryptfs_send_raw_message(u8 msg_type,

				     struct ecryptfs_daemon *daemon)

{

	struct ecryptfs_msg_ctx *msg_ctx;

	int rc;

	switch(transport) {

	case ECRYPTFS_TRANSPORT_NETLINK:

		rc = ecryptfs_send_netlink(NULL, 0, NULL, msg_type, 0,

					   daemon->pid);

		break;

	case ECRYPTFS_TRANSPORT_MISCDEV:

		rc = ecryptfs_send_message_locked(transport, NULL, 0, msg_type,

						  &msg_ctx);

	rc = ecryptfs_send_message_locked(NULL, 0, msg_type, &msg_ctx);

	if (rc) {

		printk(KERN_ERR "%s: Error whilst attempting to send "

			       "message via procfs; rc = [%d]\n", __func__, rc);

		       "message to ecryptfsd; rc = [%d]\n", __func__, rc);

		goto out;

	}

	/* Raw messages are logically context-free (e.g., no

	 * reply is expected), so we set the state of the

	 * ecryptfs_msg_ctx object to indicate that it should

		 * be freed as soon as the transport sends out the message. */

	 * be freed as soon as the message is sent. */

	mutex_lock(&msg_ctx->mux);

	msg_ctx->state = ECRYPTFS_MSG_CTX_STATE_NO_REPLY;

	mutex_unlock(&msg_ctx->mux);

		break;

	case ECRYPTFS_TRANSPORT_CONNECTOR:

	case ECRYPTFS_TRANSPORT_RELAYFS:

	default:

		rc = -ENOSYS;

	}

out:

	return rc;

}

/**

 * ecryptfs_process_helo

 * @transport: The underlying transport (netlink, etc.)

 * @euid: The user ID owner of the message

 * @user_ns: The namespace in which @euid applies

 * @pid: The process ID for the userspace program that sent the

 * Returns zero after adding a new daemon to the hash list;

 * non-zero otherwise.

 */

int ecryptfs_process_helo(unsigned int transport, uid_t euid,

			  struct user_namespace *user_ns, struct pid *pid)

int ecryptfs_process_helo(uid_t euid, struct user_namespace *user_ns,

			  struct pid *pid)

{

	struct ecryptfs_daemon *new_daemon;

	struct ecryptfs_daemon *old_daemon;

		printk(KERN_WARNING "Received request from user [%d] "

		       "to register daemon [0x%p]; unregistering daemon "

		       "[0x%p]\n", euid, pid, old_daemon->pid);

		rc = ecryptfs_send_raw_message(transport, ECRYPTFS_MSG_QUIT,

					       old_daemon);

		rc = ecryptfs_send_raw_message(ECRYPTFS_MSG_QUIT, old_daemon);

		if (rc)

			printk(KERN_WARNING "Failed to send QUIT "

			       "message to daemon [0x%p]; rc = [%d]\n",

/**

 * ecryptfs_send_message_locked

 * @transport: The transport over which to send the message (i.e.,

 *             netlink)

 * @data: The data to send

 * @data_len: The length of data

 * @msg_ctx: The message context allocated for the send

 * Returns zero on success; non-zero otherwise

 */

static int

ecryptfs_send_message_locked(unsigned int transport, char *data, int data_len,

			     u8 msg_type, struct ecryptfs_msg_ctx **msg_ctx)

ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type,

			     struct ecryptfs_msg_ctx **msg_ctx)

{

	struct ecryptfs_daemon *daemon;

	int rc;

	ecryptfs_msg_ctx_free_to_alloc(*msg_ctx);

	mutex_unlock(&(*msg_ctx)->mux);

	mutex_unlock(&ecryptfs_msg_ctx_lists_mux);

	switch (transport) {

	case ECRYPTFS_TRANSPORT_NETLINK:

		rc = ecryptfs_send_netlink(data, data_len, *msg_ctx, msg_type,

					   0, daemon->pid);

		break;

	case ECRYPTFS_TRANSPORT_MISCDEV:

		rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type,

					   0, daemon);

		break;

	case ECRYPTFS_TRANSPORT_CONNECTOR:

	case ECRYPTFS_TRANSPORT_RELAYFS:

	default:

		rc = -ENOSYS;

	}

	rc = ecryptfs_send_miscdev(data, data_len, *msg_ctx, msg_type, 0,

				   daemon);

	if (rc)

		printk(KERN_ERR "%s: Error attempting to send message to "

		       "userspace daemon; rc = [%d]\n", __func__, rc);

/**

 * ecryptfs_send_message

 * @transport: The transport over which to send the message (i.e.,

 *             netlink)

 * @data: The data to send

 * @data_len: The length of data

 * @msg_ctx: The message context allocated for the send

 *

 * Returns zero on success; non-zero otherwise

 */

int ecryptfs_send_message(unsigned int transport, char *data, int data_len,

int ecryptfs_send_message(char *data, int data_len,

			  struct ecryptfs_msg_ctx **msg_ctx)

{

	int rc;

	mutex_lock(&ecryptfs_daemon_hash_mux);

	rc = ecryptfs_send_message_locked(transport, data, data_len,

					  ECRYPTFS_MSG_REQUEST, msg_ctx);

	rc = ecryptfs_send_message_locked(data, data_len, ECRYPTFS_MSG_REQUEST,

					  msg_ctx);

	mutex_unlock(&ecryptfs_daemon_hash_mux);

	return rc;

}

	return rc;

}

int ecryptfs_init_messaging(unsigned int transport)

int ecryptfs_init_messaging(void)

{

	int i;

	int rc = 0;

		mutex_unlock(&ecryptfs_msg_ctx_arr[i].mux);

	}

	mutex_unlock(&ecryptfs_msg_ctx_lists_mux);

	switch(transport) {

	case ECRYPTFS_TRANSPORT_NETLINK:

		rc = ecryptfs_init_netlink();

		if (rc)

			ecryptfs_release_messaging(transport);

		break;

	case ECRYPTFS_TRANSPORT_MISCDEV:

	rc = ecryptfs_init_ecryptfs_miscdev();

	if (rc)

			ecryptfs_release_messaging(transport);

		break;

	case ECRYPTFS_TRANSPORT_CONNECTOR:

	case ECRYPTFS_TRANSPORT_RELAYFS:

	default:

		rc = -ENOSYS;

	}

		ecryptfs_release_messaging();

out:

	return rc;

}

void ecryptfs_release_messaging(unsigned int transport)

void ecryptfs_release_messaging(void)

{

	if (ecryptfs_msg_ctx_arr) {

		int i;

		kfree(ecryptfs_daemon_hash);

		mutex_unlock(&ecryptfs_daemon_hash_mux);

	}

	switch(transport) {

	case ECRYPTFS_TRANSPORT_NETLINK:

		ecryptfs_release_netlink();

		break;

	case ECRYPTFS_TRANSPORT_MISCDEV:

	ecryptfs_destroy_ecryptfs_miscdev();

		break;

	case ECRYPTFS_TRANSPORT_CONNECTOR:

	case ECRYPTFS_TRANSPORT_RELAYFS:

	default:

		break;

	}

	return;

}