1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 2008 International Business Machines Corp. 5 * Author(s): Michael A. Halcrow <[email protected]> 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License version 9 * 2 as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 19 * 02111-1307, USA. 20 */ 21 22 #include <linux/fs.h> 23 #include <linux/hash.h> 24 #include <linux/random.h> 25 #include <linux/miscdevice.h> 26 #include <linux/poll.h> 27 #include <linux/wait.h> 28 #include <linux/module.h> 29 #include "ecryptfs_kernel.h" 30 31 static atomic_t ecryptfs_num_miscdev_opens; 32 33 /** 34 * ecryptfs_miscdev_poll 35 * @file: dev file (ignored) 36 * @pt: dev poll table (ignored) 37 * 38 * Returns the poll mask 39 */ 40 static unsigned int 41 ecryptfs_miscdev_poll(struct file *file, poll_table *pt) 42 { 43 struct ecryptfs_daemon *daemon; 44 unsigned int mask = 0; 45 uid_t euid = current_euid(); 46 int rc; 47 48 mutex_lock(&ecryptfs_daemon_hash_mux); 49 /* TODO: Just use file->private_data? */ 50 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, 51 current->nsproxy->user_ns); 52 BUG_ON(rc || !daemon); 53 mutex_lock(&daemon->mux); 54 mutex_unlock(&ecryptfs_daemon_hash_mux); 55 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 56 printk(KERN_WARNING "%s: Attempt to poll on zombified " 57 "daemon\n", __func__); 58 goto out_unlock_daemon; 59 } 60 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) 61 goto out_unlock_daemon; 62 if (daemon->flags & ECRYPTFS_DAEMON_IN_POLL) 63 goto out_unlock_daemon; 64 daemon->flags |= ECRYPTFS_DAEMON_IN_POLL; 65 mutex_unlock(&daemon->mux); 66 poll_wait(file, &daemon->wait, pt); 67 mutex_lock(&daemon->mux); 68 if (!list_empty(&daemon->msg_ctx_out_queue)) 69 mask |= POLLIN | POLLRDNORM; 70 out_unlock_daemon: 71 daemon->flags &= ~ECRYPTFS_DAEMON_IN_POLL; 72 mutex_unlock(&daemon->mux); 73 return mask; 74 } 75 76 /** 77 * ecryptfs_miscdev_open 78 * @inode: inode of miscdev handle (ignored) 79 * @file: file for miscdev handle (ignored) 80 * 81 * Returns zero on success; non-zero otherwise 82 */ 83 static int 84 ecryptfs_miscdev_open(struct inode *inode, struct file *file) 85 { 86 struct ecryptfs_daemon *daemon = NULL; 87 uid_t euid = current_euid(); 88 int rc; 89 90 mutex_lock(&ecryptfs_daemon_hash_mux); 91 rc = try_module_get(THIS_MODULE); 92 if (rc == 0) { 93 rc = -EIO; 94 printk(KERN_ERR "%s: Error attempting to increment module use " 95 "count; rc = [%d]\n", __func__, rc); 96 goto out_unlock_daemon_list; 97 } 98 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, 99 current->nsproxy->user_ns); 100 if (rc || !daemon) { 101 rc = ecryptfs_spawn_daemon(&daemon, euid, 102 current->nsproxy->user_ns, 103 task_pid(current)); 104 if (rc) { 105 printk(KERN_ERR "%s: Error attempting to spawn daemon; " 106 "rc = [%d]\n", __func__, rc); 107 goto out_module_put_unlock_daemon_list; 108 } 109 } 110 mutex_lock(&daemon->mux); 111 if (daemon->pid != task_pid(current)) { 112 rc = -EINVAL; 113 printk(KERN_ERR "%s: pid [0x%p] has registered with euid [%d], " 114 "but pid [0x%p] has attempted to open the handle " 115 "instead\n", __func__, daemon->pid, daemon->euid, 116 task_pid(current)); 117 goto out_unlock_daemon; 118 } 119 if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) { 120 rc = -EBUSY; 121 printk(KERN_ERR "%s: Miscellaneous device handle may only be " 122 "opened once per daemon; pid [0x%p] already has this " 123 "handle open\n", __func__, daemon->pid); 124 goto out_unlock_daemon; 125 } 126 daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; 127 atomic_inc(&ecryptfs_num_miscdev_opens); 128 out_unlock_daemon: 129 mutex_unlock(&daemon->mux); 130 out_module_put_unlock_daemon_list: 131 if (rc) 132 module_put(THIS_MODULE); 133 out_unlock_daemon_list: 134 mutex_unlock(&ecryptfs_daemon_hash_mux); 135 return rc; 136 } 137 138 /** 139 * ecryptfs_miscdev_release 140 * @inode: inode of fs/ecryptfs/euid handle (ignored) 141 * @file: file for fs/ecryptfs/euid handle (ignored) 142 * 143 * This keeps the daemon registered until the daemon sends another 144 * ioctl to fs/ecryptfs/ctl or until the kernel module unregisters. 145 * 146 * Returns zero on success; non-zero otherwise 147 */ 148 static int 149 ecryptfs_miscdev_release(struct inode *inode, struct file *file) 150 { 151 struct ecryptfs_daemon *daemon = NULL; 152 uid_t euid = current_euid(); 153 int rc; 154 155 mutex_lock(&ecryptfs_daemon_hash_mux); 156 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, 157 current->nsproxy->user_ns); 158 BUG_ON(rc || !daemon); 159 mutex_lock(&daemon->mux); 160 BUG_ON(daemon->pid != task_pid(current)); 161 BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); 162 daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; 163 atomic_dec(&ecryptfs_num_miscdev_opens); 164 mutex_unlock(&daemon->mux); 165 rc = ecryptfs_exorcise_daemon(daemon); 166 if (rc) { 167 printk(KERN_CRIT "%s: Fatal error whilst attempting to " 168 "shut down daemon; rc = [%d]. Please report this " 169 "bug.\n", __func__, rc); 170 BUG(); 171 } 172 module_put(THIS_MODULE); 173 mutex_unlock(&ecryptfs_daemon_hash_mux); 174 return rc; 175 } 176 177 /** 178 * ecryptfs_send_miscdev 179 * @data: Data to send to daemon; may be NULL 180 * @data_size: Amount of data to send to daemon 181 * @msg_ctx: Message context, which is used to handle the reply. If 182 * this is NULL, then we do not expect a reply. 183 * @msg_type: Type of message 184 * @msg_flags: Flags for message 185 * @daemon: eCryptfs daemon object 186 * 187 * Add msg_ctx to queue and then, if it exists, notify the blocked 188 * miscdevess about the data being available. Must be called with 189 * ecryptfs_daemon_hash_mux held. 190 * 191 * Returns zero on success; non-zero otherwise 192 */ 193 int ecryptfs_send_miscdev(char *data, size_t data_size, 194 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, 195 u16 msg_flags, struct ecryptfs_daemon *daemon) 196 { 197 int rc = 0; 198 199 mutex_lock(&msg_ctx->mux); 200 if (data) { 201 msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), 202 GFP_KERNEL); 203 if (!msg_ctx->msg) { 204 rc = -ENOMEM; 205 printk(KERN_ERR "%s: Out of memory whilst attempting " 206 "to kmalloc(%Zd, GFP_KERNEL)\n", __func__, 207 (sizeof(*msg_ctx->msg) + data_size)); 208 goto out_unlock; 209 } 210 } else 211 msg_ctx->msg = NULL; 212 msg_ctx->msg->index = msg_ctx->index; 213 msg_ctx->msg->data_len = data_size; 214 msg_ctx->type = msg_type; 215 if (data) { 216 memcpy(msg_ctx->msg->data, data, data_size); 217 msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); 218 } else 219 msg_ctx->msg_size = 0; 220 mutex_lock(&daemon->mux); 221 list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); 222 daemon->num_queued_msg_ctx++; 223 wake_up_interruptible(&daemon->wait); 224 mutex_unlock(&daemon->mux); 225 out_unlock: 226 mutex_unlock(&msg_ctx->mux); 227 return rc; 228 } 229 230 /** 231 * ecryptfs_miscdev_read - format and send message from queue 232 * @file: fs/ecryptfs/euid miscdevfs handle (ignored) 233 * @buf: User buffer into which to copy the next message on the daemon queue 234 * @count: Amount of space available in @buf 235 * @ppos: Offset in file (ignored) 236 * 237 * Pulls the most recent message from the daemon queue, formats it for 238 * being sent via a miscdevfs handle, and copies it into @buf 239 * 240 * Returns the number of bytes copied into the user buffer 241 */ 242 static ssize_t 243 ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, 244 loff_t *ppos) 245 { 246 struct ecryptfs_daemon *daemon; 247 struct ecryptfs_msg_ctx *msg_ctx; 248 size_t packet_length_size; 249 char packet_length[3]; 250 size_t i; 251 size_t total_length; 252 uid_t euid = current_euid(); 253 int rc; 254 255 mutex_lock(&ecryptfs_daemon_hash_mux); 256 /* TODO: Just use file->private_data? */ 257 rc = ecryptfs_find_daemon_by_euid(&daemon, euid, 258 current->nsproxy->user_ns); 259 BUG_ON(rc || !daemon); 260 mutex_lock(&daemon->mux); 261 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 262 rc = 0; 263 mutex_unlock(&ecryptfs_daemon_hash_mux); 264 printk(KERN_WARNING "%s: Attempt to read from zombified " 265 "daemon\n", __func__); 266 goto out_unlock_daemon; 267 } 268 if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) { 269 rc = 0; 270 mutex_unlock(&ecryptfs_daemon_hash_mux); 271 goto out_unlock_daemon; 272 } 273 /* This daemon will not go away so long as this flag is set */ 274 daemon->flags |= ECRYPTFS_DAEMON_IN_READ; 275 mutex_unlock(&ecryptfs_daemon_hash_mux); 276 check_list: 277 if (list_empty(&daemon->msg_ctx_out_queue)) { 278 mutex_unlock(&daemon->mux); 279 rc = wait_event_interruptible( 280 daemon->wait, !list_empty(&daemon->msg_ctx_out_queue)); 281 mutex_lock(&daemon->mux); 282 if (rc < 0) { 283 rc = 0; 284 goto out_unlock_daemon; 285 } 286 } 287 if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { 288 rc = 0; 289 goto out_unlock_daemon; 290 } 291 if (list_empty(&daemon->msg_ctx_out_queue)) { 292 /* Something else jumped in since the 293 * wait_event_interruptable() and removed the 294 * message from the queue; try again */ 295 goto check_list; 296 } 297 BUG_ON(euid != daemon->euid); 298 BUG_ON(current->nsproxy->user_ns != daemon->user_ns); 299 BUG_ON(task_pid(current) != daemon->pid); 300 msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, 301 struct ecryptfs_msg_ctx, daemon_out_list); 302 BUG_ON(!msg_ctx); 303 mutex_lock(&msg_ctx->mux); 304 if (msg_ctx->msg) { 305 rc = ecryptfs_write_packet_length(packet_length, 306 msg_ctx->msg_size, 307 &packet_length_size); 308 if (rc) { 309 rc = 0; 310 printk(KERN_WARNING "%s: Error writing packet length; " 311 "rc = [%d]\n", __func__, rc); 312 goto out_unlock_msg_ctx; 313 } 314 } else { 315 packet_length_size = 0; 316 msg_ctx->msg_size = 0; 317 } 318 /* miscdevfs packet format: 319 * Octet 0: Type 320 * Octets 1-4: network byte order msg_ctx->counter 321 * Octets 5-N0: Size of struct ecryptfs_message to follow 322 * Octets N0-N1: struct ecryptfs_message (including data) 323 * 324 * Octets 5-N1 not written if the packet type does not 325 * include a message */ 326 total_length = (1 + 4 + packet_length_size + msg_ctx->msg_size); 327 if (count < total_length) { 328 rc = 0; 329 printk(KERN_WARNING "%s: Only given user buffer of " 330 "size [%Zd], but we need [%Zd] to read the " 331 "pending message\n", __func__, count, total_length); 332 goto out_unlock_msg_ctx; 333 } 334 rc = -EFAULT; 335 if (put_user(msg_ctx->type, buf)) 336 goto out_unlock_msg_ctx; 337 if (put_user(cpu_to_be32(msg_ctx->counter), (__be32 __user *)(buf + 1))) 338 goto out_unlock_msg_ctx; 339 i = 5; 340 if (msg_ctx->msg) { 341 if (copy_to_user(&buf[i], packet_length, packet_length_size)) 342 goto out_unlock_msg_ctx; 343 i += packet_length_size; 344 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) 345 goto out_unlock_msg_ctx; 346 i += msg_ctx->msg_size; 347 } 348 rc = i; 349 list_del(&msg_ctx->daemon_out_list); 350 kfree(msg_ctx->msg); 351 msg_ctx->msg = NULL; 352 /* We do not expect a reply from the userspace daemon for any 353 * message type other than ECRYPTFS_MSG_REQUEST */ 354 if (msg_ctx->type != ECRYPTFS_MSG_REQUEST) 355 ecryptfs_msg_ctx_alloc_to_free(msg_ctx); 356 out_unlock_msg_ctx: 357 mutex_unlock(&msg_ctx->mux); 358 out_unlock_daemon: 359 daemon->flags &= ~ECRYPTFS_DAEMON_IN_READ; 360 mutex_unlock(&daemon->mux); 361 return rc; 362 } 363 364 /** 365 * ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon 366 * @data: Bytes comprising struct ecryptfs_message 367 * @data_size: sizeof(struct ecryptfs_message) + data len 368 * @euid: Effective user id of miscdevess sending the miscdev response 369 * @user_ns: The namespace in which @euid applies 370 * @pid: Miscdevess id of miscdevess sending the miscdev response 371 * @seq: Sequence number for miscdev response packet 372 * 373 * Returns zero on success; non-zero otherwise 374 */ 375 static int ecryptfs_miscdev_response(char *data, size_t data_size, 376 uid_t euid, struct user_namespace *user_ns, 377 struct pid *pid, u32 seq) 378 { 379 struct ecryptfs_message *msg = (struct ecryptfs_message *)data; 380 int rc; 381 382 if ((sizeof(*msg) + msg->data_len) != data_size) { 383 printk(KERN_WARNING "%s: (sizeof(*msg) + msg->data_len) = " 384 "[%Zd]; data_size = [%Zd]. Invalid packet.\n", __func__, 385 (sizeof(*msg) + msg->data_len), data_size); 386 rc = -EINVAL; 387 goto out; 388 } 389 rc = ecryptfs_process_response(msg, euid, user_ns, pid, seq); 390 if (rc) 391 printk(KERN_ERR 392 "Error processing response message; rc = [%d]\n", rc); 393 out: 394 return rc; 395 } 396 397 /** 398 * ecryptfs_miscdev_write - handle write to daemon miscdev handle 399 * @file: File for misc dev handle (ignored) 400 * @buf: Buffer containing user data 401 * @count: Amount of data in @buf 402 * @ppos: Pointer to offset in file (ignored) 403 * 404 * miscdevfs packet format: 405 * Octet 0: Type 406 * Octets 1-4: network byte order msg_ctx->counter (0's for non-response) 407 * Octets 5-N0: Size of struct ecryptfs_message to follow 408 * Octets N0-N1: struct ecryptfs_message (including data) 409 * 410 * Returns the number of bytes read from @buf 411 */ 412 static ssize_t 413 ecryptfs_miscdev_write(struct file *file, const char __user *buf, 414 size_t count, loff_t *ppos) 415 { 416 __be32 counter_nbo; 417 u32 seq; 418 size_t packet_size, packet_size_length, i; 419 ssize_t sz = 0; 420 char *data; 421 uid_t euid = current_euid(); 422 int rc; 423 424 if (count == 0) 425 goto out; 426 data = kmalloc(count, GFP_KERNEL); 427 if (!data) { 428 printk(KERN_ERR "%s: Out of memory whilst attempting to " 429 "kmalloc([%Zd], GFP_KERNEL)\n", __func__, count); 430 goto out; 431 } 432 rc = copy_from_user(data, buf, count); 433 if (rc) { 434 printk(KERN_ERR "%s: copy_from_user returned error [%d]\n", 435 __func__, rc); 436 goto out_free; 437 } 438 sz = count; 439 i = 0; 440 switch (data[i++]) { 441 case ECRYPTFS_MSG_RESPONSE: 442 if (count < (1 + 4 + 1 + sizeof(struct ecryptfs_message))) { 443 printk(KERN_WARNING "%s: Minimum acceptable packet " 444 "size is [%Zd], but amount of data written is " 445 "only [%Zd]. Discarding response packet.\n", 446 __func__, 447 (1 + 4 + 1 + sizeof(struct ecryptfs_message)), 448 count); 449 goto out_free; 450 } 451 memcpy(&counter_nbo, &data[i], 4); 452 seq = be32_to_cpu(counter_nbo); 453 i += 4; 454 rc = ecryptfs_parse_packet_length(&data[i], &packet_size, 455 &packet_size_length); 456 if (rc) { 457 printk(KERN_WARNING "%s: Error parsing packet length; " 458 "rc = [%d]\n", __func__, rc); 459 goto out_free; 460 } 461 i += packet_size_length; 462 if ((1 + 4 + packet_size_length + packet_size) != count) { 463 printk(KERN_WARNING "%s: (1 + packet_size_length([%Zd])" 464 " + packet_size([%Zd]))([%Zd]) != " 465 "count([%Zd]). Invalid packet format.\n", 466 __func__, packet_size_length, packet_size, 467 (1 + packet_size_length + packet_size), count); 468 goto out_free; 469 } 470 rc = ecryptfs_miscdev_response(&data[i], packet_size, 471 euid, current->nsproxy->user_ns, 472 task_pid(current), seq); 473 if (rc) 474 printk(KERN_WARNING "%s: Failed to deliver miscdev " 475 "response to requesting operation; rc = [%d]\n", 476 __func__, rc); 477 break; 478 case ECRYPTFS_MSG_HELO: 479 case ECRYPTFS_MSG_QUIT: 480 break; 481 default: 482 ecryptfs_printk(KERN_WARNING, "Dropping miscdev " 483 "message of unrecognized type [%d]\n", 484 data[0]); 485 break; 486 } 487 out_free: 488 kfree(data); 489 out: 490 return sz; 491 } 492 493 494 static const struct file_operations ecryptfs_miscdev_fops = { 495 .open = ecryptfs_miscdev_open, 496 .poll = ecryptfs_miscdev_poll, 497 .read = ecryptfs_miscdev_read, 498 .write = ecryptfs_miscdev_write, 499 .release = ecryptfs_miscdev_release, 500 }; 501 502 static struct miscdevice ecryptfs_miscdev = { 503 .minor = MISC_DYNAMIC_MINOR, 504 .name = "ecryptfs", 505 .fops = &ecryptfs_miscdev_fops 506 }; 507 508 /** 509 * ecryptfs_init_ecryptfs_miscdev 510 * 511 * Messages sent to the userspace daemon from the kernel are placed on 512 * a queue associated with the daemon. The next read against the 513 * miscdev handle by that daemon will return the oldest message placed 514 * on the message queue for the daemon. 515 * 516 * Returns zero on success; non-zero otherwise 517 */ 518 int ecryptfs_init_ecryptfs_miscdev(void) 519 { 520 int rc; 521 522 atomic_set(&ecryptfs_num_miscdev_opens, 0); 523 rc = misc_register(&ecryptfs_miscdev); 524 if (rc) 525 printk(KERN_ERR "%s: Failed to register miscellaneous device " 526 "for communications with userspace daemons; rc = [%d]\n", 527 __func__, rc); 528 return rc; 529 } 530 531 /** 532 * ecryptfs_destroy_ecryptfs_miscdev 533 * 534 * All of the daemons must be exorcised prior to calling this 535 * function. 536 */ 537 void ecryptfs_destroy_ecryptfs_miscdev(void) 538 { 539 BUG_ON(atomic_read(&ecryptfs_num_miscdev_opens) != 0); 540 misc_deregister(&ecryptfs_miscdev); 541 } 542