18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 28c2ecf20Sopenharmony_ci/** 38c2ecf20Sopenharmony_ci * eCryptfs: Linux filesystem encryption layer 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * Copyright (C) 2008 International Business Machines Corp. 68c2ecf20Sopenharmony_ci * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 78c2ecf20Sopenharmony_ci */ 88c2ecf20Sopenharmony_ci 98c2ecf20Sopenharmony_ci#include <linux/kthread.h> 108c2ecf20Sopenharmony_ci#include <linux/freezer.h> 118c2ecf20Sopenharmony_ci#include <linux/slab.h> 128c2ecf20Sopenharmony_ci#include <linux/wait.h> 138c2ecf20Sopenharmony_ci#include <linux/mount.h> 148c2ecf20Sopenharmony_ci#include "ecryptfs_kernel.h" 158c2ecf20Sopenharmony_ci 168c2ecf20Sopenharmony_cistruct ecryptfs_open_req { 178c2ecf20Sopenharmony_ci struct file **lower_file; 188c2ecf20Sopenharmony_ci struct path path; 198c2ecf20Sopenharmony_ci struct completion done; 208c2ecf20Sopenharmony_ci struct list_head kthread_ctl_list; 218c2ecf20Sopenharmony_ci}; 228c2ecf20Sopenharmony_ci 238c2ecf20Sopenharmony_cistatic struct ecryptfs_kthread_ctl { 248c2ecf20Sopenharmony_ci#define ECRYPTFS_KTHREAD_ZOMBIE 0x00000001 258c2ecf20Sopenharmony_ci u32 flags; 268c2ecf20Sopenharmony_ci struct mutex mux; 278c2ecf20Sopenharmony_ci struct list_head req_list; 288c2ecf20Sopenharmony_ci wait_queue_head_t wait; 298c2ecf20Sopenharmony_ci} ecryptfs_kthread_ctl; 308c2ecf20Sopenharmony_ci 318c2ecf20Sopenharmony_cistatic struct task_struct *ecryptfs_kthread; 328c2ecf20Sopenharmony_ci 338c2ecf20Sopenharmony_ci/** 348c2ecf20Sopenharmony_ci * ecryptfs_threadfn 358c2ecf20Sopenharmony_ci * @ignored: ignored 368c2ecf20Sopenharmony_ci * 378c2ecf20Sopenharmony_ci * The eCryptfs kernel thread that has the responsibility of getting 388c2ecf20Sopenharmony_ci * the lower file with RW permissions. 398c2ecf20Sopenharmony_ci * 408c2ecf20Sopenharmony_ci * Returns zero on success; non-zero otherwise 418c2ecf20Sopenharmony_ci */ 428c2ecf20Sopenharmony_cistatic int ecryptfs_threadfn(void *ignored) 438c2ecf20Sopenharmony_ci{ 448c2ecf20Sopenharmony_ci set_freezable(); 458c2ecf20Sopenharmony_ci while (1) { 468c2ecf20Sopenharmony_ci struct ecryptfs_open_req *req; 478c2ecf20Sopenharmony_ci 488c2ecf20Sopenharmony_ci wait_event_freezable( 498c2ecf20Sopenharmony_ci ecryptfs_kthread_ctl.wait, 508c2ecf20Sopenharmony_ci (!list_empty(&ecryptfs_kthread_ctl.req_list) 518c2ecf20Sopenharmony_ci || kthread_should_stop())); 528c2ecf20Sopenharmony_ci mutex_lock(&ecryptfs_kthread_ctl.mux); 538c2ecf20Sopenharmony_ci if (ecryptfs_kthread_ctl.flags & ECRYPTFS_KTHREAD_ZOMBIE) { 548c2ecf20Sopenharmony_ci mutex_unlock(&ecryptfs_kthread_ctl.mux); 558c2ecf20Sopenharmony_ci goto out; 568c2ecf20Sopenharmony_ci } 578c2ecf20Sopenharmony_ci while (!list_empty(&ecryptfs_kthread_ctl.req_list)) { 588c2ecf20Sopenharmony_ci req = list_first_entry(&ecryptfs_kthread_ctl.req_list, 598c2ecf20Sopenharmony_ci struct ecryptfs_open_req, 608c2ecf20Sopenharmony_ci kthread_ctl_list); 618c2ecf20Sopenharmony_ci list_del(&req->kthread_ctl_list); 628c2ecf20Sopenharmony_ci *req->lower_file = dentry_open(&req->path, 638c2ecf20Sopenharmony_ci (O_RDWR | O_LARGEFILE), current_cred()); 648c2ecf20Sopenharmony_ci complete(&req->done); 658c2ecf20Sopenharmony_ci } 668c2ecf20Sopenharmony_ci mutex_unlock(&ecryptfs_kthread_ctl.mux); 678c2ecf20Sopenharmony_ci } 688c2ecf20Sopenharmony_ciout: 698c2ecf20Sopenharmony_ci return 0; 708c2ecf20Sopenharmony_ci} 718c2ecf20Sopenharmony_ci 728c2ecf20Sopenharmony_ciint __init ecryptfs_init_kthread(void) 738c2ecf20Sopenharmony_ci{ 748c2ecf20Sopenharmony_ci int rc = 0; 758c2ecf20Sopenharmony_ci 768c2ecf20Sopenharmony_ci mutex_init(&ecryptfs_kthread_ctl.mux); 778c2ecf20Sopenharmony_ci init_waitqueue_head(&ecryptfs_kthread_ctl.wait); 788c2ecf20Sopenharmony_ci INIT_LIST_HEAD(&ecryptfs_kthread_ctl.req_list); 798c2ecf20Sopenharmony_ci ecryptfs_kthread = kthread_run(&ecryptfs_threadfn, NULL, 808c2ecf20Sopenharmony_ci "ecryptfs-kthread"); 818c2ecf20Sopenharmony_ci if (IS_ERR(ecryptfs_kthread)) { 828c2ecf20Sopenharmony_ci rc = PTR_ERR(ecryptfs_kthread); 838c2ecf20Sopenharmony_ci printk(KERN_ERR "%s: Failed to create kernel thread; rc = [%d]" 848c2ecf20Sopenharmony_ci "\n", __func__, rc); 858c2ecf20Sopenharmony_ci } 868c2ecf20Sopenharmony_ci return rc; 878c2ecf20Sopenharmony_ci} 888c2ecf20Sopenharmony_ci 898c2ecf20Sopenharmony_civoid ecryptfs_destroy_kthread(void) 908c2ecf20Sopenharmony_ci{ 918c2ecf20Sopenharmony_ci struct ecryptfs_open_req *req, *tmp; 928c2ecf20Sopenharmony_ci 938c2ecf20Sopenharmony_ci mutex_lock(&ecryptfs_kthread_ctl.mux); 948c2ecf20Sopenharmony_ci ecryptfs_kthread_ctl.flags |= ECRYPTFS_KTHREAD_ZOMBIE; 958c2ecf20Sopenharmony_ci list_for_each_entry_safe(req, tmp, &ecryptfs_kthread_ctl.req_list, 968c2ecf20Sopenharmony_ci kthread_ctl_list) { 978c2ecf20Sopenharmony_ci list_del(&req->kthread_ctl_list); 988c2ecf20Sopenharmony_ci *req->lower_file = ERR_PTR(-EIO); 998c2ecf20Sopenharmony_ci complete(&req->done); 1008c2ecf20Sopenharmony_ci } 1018c2ecf20Sopenharmony_ci mutex_unlock(&ecryptfs_kthread_ctl.mux); 1028c2ecf20Sopenharmony_ci kthread_stop(ecryptfs_kthread); 1038c2ecf20Sopenharmony_ci wake_up(&ecryptfs_kthread_ctl.wait); 1048c2ecf20Sopenharmony_ci} 1058c2ecf20Sopenharmony_ci 1068c2ecf20Sopenharmony_ci/** 1078c2ecf20Sopenharmony_ci * ecryptfs_privileged_open 1088c2ecf20Sopenharmony_ci * @lower_file: Result of dentry_open by root on lower dentry 1098c2ecf20Sopenharmony_ci * @lower_dentry: Lower dentry for file to open 1108c2ecf20Sopenharmony_ci * @lower_mnt: Lower vfsmount for file to open 1118c2ecf20Sopenharmony_ci * 1128c2ecf20Sopenharmony_ci * This function gets a r/w file opened against the lower dentry. 1138c2ecf20Sopenharmony_ci * 1148c2ecf20Sopenharmony_ci * Returns zero on success; non-zero otherwise 1158c2ecf20Sopenharmony_ci */ 1168c2ecf20Sopenharmony_ciint ecryptfs_privileged_open(struct file **lower_file, 1178c2ecf20Sopenharmony_ci struct dentry *lower_dentry, 1188c2ecf20Sopenharmony_ci struct vfsmount *lower_mnt, 1198c2ecf20Sopenharmony_ci const struct cred *cred) 1208c2ecf20Sopenharmony_ci{ 1218c2ecf20Sopenharmony_ci struct ecryptfs_open_req req; 1228c2ecf20Sopenharmony_ci int flags = O_LARGEFILE; 1238c2ecf20Sopenharmony_ci int rc = 0; 1248c2ecf20Sopenharmony_ci 1258c2ecf20Sopenharmony_ci init_completion(&req.done); 1268c2ecf20Sopenharmony_ci req.lower_file = lower_file; 1278c2ecf20Sopenharmony_ci req.path.dentry = lower_dentry; 1288c2ecf20Sopenharmony_ci req.path.mnt = lower_mnt; 1298c2ecf20Sopenharmony_ci 1308c2ecf20Sopenharmony_ci /* Corresponding dput() and mntput() are done when the 1318c2ecf20Sopenharmony_ci * lower file is fput() when all eCryptfs files for the inode are 1328c2ecf20Sopenharmony_ci * released. */ 1338c2ecf20Sopenharmony_ci flags |= IS_RDONLY(d_inode(lower_dentry)) ? O_RDONLY : O_RDWR; 1348c2ecf20Sopenharmony_ci (*lower_file) = dentry_open(&req.path, flags, cred); 1358c2ecf20Sopenharmony_ci if (!IS_ERR(*lower_file)) 1368c2ecf20Sopenharmony_ci goto out; 1378c2ecf20Sopenharmony_ci if ((flags & O_ACCMODE) == O_RDONLY) { 1388c2ecf20Sopenharmony_ci rc = PTR_ERR((*lower_file)); 1398c2ecf20Sopenharmony_ci goto out; 1408c2ecf20Sopenharmony_ci } 1418c2ecf20Sopenharmony_ci mutex_lock(&ecryptfs_kthread_ctl.mux); 1428c2ecf20Sopenharmony_ci if (ecryptfs_kthread_ctl.flags & ECRYPTFS_KTHREAD_ZOMBIE) { 1438c2ecf20Sopenharmony_ci rc = -EIO; 1448c2ecf20Sopenharmony_ci mutex_unlock(&ecryptfs_kthread_ctl.mux); 1458c2ecf20Sopenharmony_ci printk(KERN_ERR "%s: We are in the middle of shutting down; " 1468c2ecf20Sopenharmony_ci "aborting privileged request to open lower file\n", 1478c2ecf20Sopenharmony_ci __func__); 1488c2ecf20Sopenharmony_ci goto out; 1498c2ecf20Sopenharmony_ci } 1508c2ecf20Sopenharmony_ci list_add_tail(&req.kthread_ctl_list, &ecryptfs_kthread_ctl.req_list); 1518c2ecf20Sopenharmony_ci mutex_unlock(&ecryptfs_kthread_ctl.mux); 1528c2ecf20Sopenharmony_ci wake_up(&ecryptfs_kthread_ctl.wait); 1538c2ecf20Sopenharmony_ci wait_for_completion(&req.done); 1548c2ecf20Sopenharmony_ci if (IS_ERR(*lower_file)) 1558c2ecf20Sopenharmony_ci rc = PTR_ERR(*lower_file); 1568c2ecf20Sopenharmony_ciout: 1578c2ecf20Sopenharmony_ci return rc; 1588c2ecf20Sopenharmony_ci} 159