|
Linux Kernel
3.7.1
|
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
|
Linux Kernel
3.7.1
|
#include <keys/user-type.h>#include <keys/encrypted-type.h>#include <linux/fs.h>#include <linux/fs_stack.h>#include <linux/namei.h>#include <linux/scatterlist.h>#include <linux/hash.h>#include <linux/nsproxy.h>#include <linux/backing-dev.h>#include <linux/ecryptfs.h>Go to the source code of this file.
Data Structures | |
| struct | ecryptfs_key_record |
| struct | ecryptfs_auth_tok_list |
| struct | ecryptfs_page_crypt_context |
| struct | ecryptfs_key_sig |
| struct | ecryptfs_filename |
| struct | ecryptfs_crypt_stat |
| struct | ecryptfs_inode_info |
| struct | ecryptfs_dentry_info |
| struct | ecryptfs_global_auth_tok |
| struct | ecryptfs_key_tfm |
| struct | ecryptfs_mount_crypt_stat |
| struct | ecryptfs_sb_info |
| struct | ecryptfs_file_info |
| struct | ecryptfs_auth_tok_list_item |
| struct | ecryptfs_message |
| struct | ecryptfs_msg_ctx |
| struct | ecryptfs_daemon |
| #define ECRYPTFS_AUTH_TOK_FNEK 0x00000002 |
Definition at line 267 of file ecryptfs_kernel.h.
| #define ECRYPTFS_AUTH_TOK_INVALID 0x00000001 |
Definition at line 266 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DAEMON_IN_POLL 0x00000002 |
Definition at line 383 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DAEMON_IN_READ 0x00000001 |
Definition at line 382 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DAEMON_MISCDEV_OPEN 0x00000008 |
Definition at line 385 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DAEMON_ZOMBIE 0x00000004 |
Definition at line 384 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_CIPHER "aes" |
Definition at line 135 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096 |
Definition at line 43 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_HASH "md5" |
Definition at line 137 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_IV_BYTES 16 |
eCryptfs: Linux filesystem encryption layer Kernel declarations.
Copyright (C) 1997-2003 Erez Zadok Copyright (C) 2001-2003 Stony Brook University Copyright (C) 2004-2008 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com Trevor S. Highland trevor.highland@gmail.com Tyler Hicks tyhicks@ou.edu
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Definition at line 42 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_KEY_BYTES 16 |
Definition at line 136 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32 |
Definition at line 45 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_NUM_USERS 4 |
Definition at line 48 of file ecryptfs_kernel.h.
| #define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ |
Definition at line 46 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENABLE_HMAC 0x00000010 |
Definition at line 196 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCFN_USE_FEK 0x00001000 |
Definition at line 204 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00000800 |
Definition at line 203 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCRYPT_FILENAMES 0x00000400 |
Definition at line 202 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCRYPT_IV_PAGES 0x00000020 |
Definition at line 197 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCRYPTED 0x00000004 |
Definition at line 194 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32) |
Definition at line 166 of file ecryptfs_kernel.h.
| #define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004 |
Definition at line 308 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FEK_ENCRYPTED." |
Definition at line 162 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 23 |
Definition at line 163 of file ecryptfs_kernel.h.
Definition at line 132 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FILENAME_CONTAINS_DECRYPTED 0x00000001 |
Definition at line 175 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 16 |
Definition at line 154 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED." |
Definition at line 164 of file ecryptfs_kernel.h.
| #define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24 |
Definition at line 165 of file ecryptfs_kernel.h.
| #define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040 |
Definition at line 312 of file ecryptfs_kernel.h.
| #define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020 |
Definition at line 311 of file ecryptfs_kernel.h.
| #define ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES 0x00000010 |
Definition at line 310 of file ecryptfs_kernel.h.
| #define ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY 0x00000080 |
Definition at line 313 of file ecryptfs_kernel.h.
| #define ECRYPTFS_I_SIZE_INITIALIZED 0x00004000 |
Definition at line 206 of file ecryptfs_kernel.h.
| #define ECRYPTFS_KEY_SET 0x00000200 |
Definition at line 201 of file ecryptfs_kernel.h.
| #define ECRYPTFS_KEY_VALID 0x00000040 |
Definition at line 198 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_CIPHER_NAME_SIZE 32 |
Definition at line 126 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_IV_BYTES 16 /* 128 bits */ |
Definition at line 128 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_KEYSET_SIZE 1024 |
Definition at line 125 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3) |
Definition at line 47 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_NUM_ENC_KEYS 64 |
Definition at line 127 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_NUM_USERS 32768 |
Definition at line 49 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MAX_PKT_LEN_SIZE |
Definition at line 151 of file ecryptfs_kernel.h.
| #define ECRYPTFS_METADATA_IN_XATTR 0x00000080 |
Definition at line 199 of file ecryptfs_kernel.h.
Definition at line 150 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192 |
Definition at line 44 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008 |
Definition at line 309 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_CTX_STATE_DONE 0x03 |
Definition at line 358 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_CTX_STATE_FREE 0x01 |
Definition at line 356 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_CTX_STATE_NO_REPLY 0x04 |
Definition at line 359 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_CTX_STATE_PENDING 0x02 |
Definition at line 357 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_HELO 100 |
Definition at line 361 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_QUIT 101 |
Definition at line 362 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_REQUEST 102 |
Definition at line 363 of file ecryptfs_kernel.h.
| #define ECRYPTFS_MSG_RESPONSE 103 |
Definition at line 364 of file ecryptfs_kernel.h.
| #define ECRYPTFS_NON_NULL 0x42 /* A reasonable substitute for NULL */ |
Definition at line 155 of file ecryptfs_kernel.h.
| #define ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED 0x00000001 |
Definition at line 306 of file ecryptfs_kernel.h.
| #define ECRYPTFS_POLICY_APPLIED 0x00000002 |
Definition at line 193 of file ecryptfs_kernel.h.
| #define ECRYPTFS_PREPARE_COMMIT_MODE 0 |
Definition at line 73 of file ecryptfs_kernel.h.
| #define ecryptfs_printk | ( | type, | |
| fmt, | |||
| arg... | |||
| ) | __ecryptfs_printk(type "%s: " fmt, __func__, ## arg); |
Definition at line 512 of file ecryptfs_kernel.h.
| #define ECRYPTFS_SALT_BYTES 2 |
Definition at line 129 of file ecryptfs_kernel.h.
| #define ECRYPTFS_SECURITY_WARNING 0x00000008 |
Definition at line 195 of file ecryptfs_kernel.h.
| #define ECRYPTFS_SIZE_AND_MARKER_BYTES |
Definition at line 133 of file ecryptfs_kernel.h.
| #define ECRYPTFS_STRUCT_INITIALIZED 0x00000001 |
Definition at line 192 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_11_PACKET_TYPE 0xED |
Definition at line 141 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_1_PACKET_TYPE 0x01 |
Definition at line 139 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C |
Definition at line 140 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_64_PACKET_TYPE 0x40 |
Definition at line 142 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_65_PACKET_TYPE 0x41 |
Definition at line 143 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_66_PACKET_TYPE 0x42 |
Definition at line 144 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_67_PACKET_TYPE 0x43 |
Definition at line 145 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_70_DIGEST ECRYPTFS_DEFAULT_HASH |
Definition at line 138 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_70_DIGEST_SIZE MD5_DIGEST_SIZE |
Definition at line 157 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_70_MAX_METADATA_SIZE |
Definition at line 160 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_70_MIN_METADATA_SIZE |
Definition at line 158 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_70_PACKET_TYPE |
Definition at line 146 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_71_PACKET_TYPE |
Definition at line 147 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_72_PACKET_TYPE |
Definition at line 148 of file ecryptfs_kernel.h.
| #define ECRYPTFS_TAG_73_PACKET_TYPE |
Definition at line 149 of file ecryptfs_kernel.h.
| #define ECRYPTFS_UNLINK_SIGS 0x00002000 |
Definition at line 205 of file ecryptfs_kernel.h.
| #define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000100 |
Definition at line 200 of file ecryptfs_kernel.h.
| #define ECRYPTFS_WRITEPAGE_MODE 1 |
Definition at line 74 of file ecryptfs_kernel.h.
| #define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002 |
Definition at line 307 of file ecryptfs_kernel.h.
| #define ECRYPTFS_XATTR_NAME "user.ecryptfs" |
Definition at line 50 of file ecryptfs_kernel.h.
| #define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5 |
Definition at line 130 of file ecryptfs_kernel.h.
| #define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8 /* 4*2 */ |
Definition at line 131 of file ecryptfs_kernel.h.
| #define MD5_DIGEST_SIZE 16 |
Definition at line 156 of file ecryptfs_kernel.h.
| __printf | ( | 1 | , |
| 2 | |||
| ) | const |
| int ecryptfs_add_global_auth_tok | ( | struct ecryptfs_mount_crypt_stat * | mount_crypt_stat, |
| char * | sig, | ||
| u32 | global_auth_tok_flags | ||
| ) |
Definition at line 2507 of file keystore.c.
| int ecryptfs_add_keysig | ( | struct ecryptfs_crypt_stat * | crypt_stat, |
| char * | sig | ||
| ) |
Definition at line 2486 of file keystore.c.
| int ecryptfs_add_new_key_tfm | ( | struct ecryptfs_key_tfm ** | key_tfm, |
| char * | cipher_name, | ||
| size_t | key_size | ||
| ) |
| int ecryptfs_compute_root_iv | ( | struct ecryptfs_crypt_stat * | crypt_stat | ) |
| int ecryptfs_derive_iv | ( | char * | iv, |
| struct ecryptfs_crypt_stat * | crypt_stat, | ||
| loff_t | offset | ||
| ) |
| void ecryptfs_destroy_crypt_stat | ( | struct ecryptfs_crypt_stat * | crypt_stat | ) |
| void ecryptfs_destroy_mount_crypt_stat | ( | struct ecryptfs_mount_crypt_stat * | mount_crypt_stat | ) |
| void ecryptfs_dump_auth_tok | ( | struct ecryptfs_auth_tok * | auth_tok | ) |
eCryptfs: Linux filesystem encryption layer Functions only useful for debugging.
Copyright (C) 2006 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ecryptfs_dump_auth_tok - debug function to print auth toks
This function will print the contents of an ecryptfs authentication token.
| int ecryptfs_encrypt_and_encode_filename | ( | char ** | encoded_name, |
| size_t * | encoded_name_size, | ||
| struct ecryptfs_crypt_stat * | crypt_stat, | ||
| struct ecryptfs_mount_crypt_stat * | mount_crypt_stat, | ||
| const char * | name, | ||
| size_t | name_size | ||
| ) |
| int ecryptfs_exorcise_daemon | ( | struct ecryptfs_daemon * | daemon | ) |
ecryptfs_exorcise_daemon - Destroy the daemon struct
Must be called ceremoniously while in possession of ecryptfs_daemon_hash_mux and the daemon's own mux.
Definition at line 173 of file messaging.c.
| int ecryptfs_find_daemon_by_euid | ( | struct ecryptfs_daemon ** | daemon | ) |
ecryptfs_find_daemon_by_euid : If return value is zero, points to the desired daemon pointer
Must be called with ecryptfs_daemon_hash_mux held.
Search the hash list for the current effective user id.
Returns zero if the user id exists in the list; non-zero otherwise.
Definition at line 116 of file messaging.c.
| int ecryptfs_generate_key_packet_set | ( | char * | dest_base, |
| struct ecryptfs_crypt_stat * | crypt_stat, | ||
| struct dentry * | ecryptfs_dentry, | ||
| size_t * | len, | ||
| size_t | max | ||
| ) |
ecryptfs_generate_key_packet_set : Virtual address from which to write the key record set : The cryptographic context from which the authentication tokens will be retrieved : The dentry, used to retrieve the mount crypt stat for the global parameters : The amount written : The maximum amount of data allowed to be written
Generates a key packet set and writes it to the virtual address passed in.
Returns zero on success; non-zero on error.
Definition at line 2392 of file keystore.c.
| int ecryptfs_get_global_auth_tok_for_sig | ( | struct ecryptfs_global_auth_tok ** | global_auth_tok, |
| struct ecryptfs_mount_crypt_stat * | mount_crypt_stat, | ||
| char * | sig | ||
| ) |
eCryptfs: Linux filesystem encryption layer This is where eCryptfs coordinates the symmetric encryption and decryption of the file data as it passes between the lower encrypted file and the upper decrypted file.
Copyright (C) 1997-2003 Erez Zadok Copyright (C) 2001-2003 Stony Brook University Copyright (C) 2004-2007 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ecryptfs_get_locked_page
Get one page from cache or lower f/s, return error otherwise.
Returns locked and up-to-date page (if ok), with increased refcnt.
| int ecryptfs_get_tfm_and_mutex_for_cipher_name | ( | struct crypto_blkcipher ** | tfm, |
| struct mutex ** | tfm_mutex, | ||
| char * | cipher_name | ||
| ) |
ecryptfs_get_tfm_and_mutex_for_cipher_name
: set to cached tfm found, or new tfm created : set to mutex for cached tfm found, or new tfm created : the name of the cipher to search for and/or add
Sets pointers to & matching . Searches for cached item first, and creates new if not found. Returns 0 on success, non-zero if adding new cipher failed
| int ecryptfs_init_crypt_ctx | ( | struct ecryptfs_crypt_stat * | crypt_stat | ) |
| void ecryptfs_init_crypt_stat | ( | struct ecryptfs_crypt_stat * | crypt_stat | ) |
ecryptfs_init_ecryptfs_miscdev
Messages sent to the userspace daemon from the kernel are placed on a queue associated with the daemon. The next read against the miscdev handle by that daemon will return the oldest message placed on the message queue for the daemon.
Returns zero on success; non-zero otherwise
Definition at line 371 of file messaging.c.
| int ecryptfs_keyring_auth_tok_for_sig | ( | struct key ** | auth_tok_key, |
| struct ecryptfs_auth_tok ** | auth_tok, | ||
| char * | sig | ||
| ) |
Definition at line 1628 of file keystore.c.
| void ecryptfs_msg_ctx_alloc_to_free | ( | struct ecryptfs_msg_ctx * | msg_ctx | ) |
ecryptfs_msg_ctx_alloc_to_free : The context to move from the alloc list to the free list
Must be called with ecryptfs_msg_ctx_lists_mux held.
Definition at line 97 of file messaging.c.
ecryptfs_new_file_context : The eCryptfs inode
If the crypto context for the file has not yet been established, this is where we do that. Establishing a new crypto context involves the following decisions:
Returns zero on success; non-zero otherwise
ecryptfs_parse_packet_length : Pointer to memory containing length at offset : This function writes the decoded size to this memory address; zero on error : The number of bytes occupied by the encoded length
Returns zero on success; non-zero on error
Definition at line 95 of file keystore.c.
| int ecryptfs_parse_packet_set | ( | struct ecryptfs_crypt_stat * | crypt_stat, |
| unsigned char * | src, | ||
| struct dentry * | ecryptfs_dentry | ||
| ) |
ecryptfs_parse_packet_set : The cryptographic context : Virtual address of region of memory containing the packets : The eCryptfs dentry associated with the packet set
Get crypt_stat to have the file's session key if the requisite key is available to decrypt the session key.
Returns Zero if a valid authentication token was retrieved and processed; negative value for file not encrypted or for error conditions.
Definition at line 1758 of file keystore.c.
| int ecryptfs_parse_tag_70_packet | ( | char ** | filename, |
| size_t * | filename_size, | ||
| size_t * | packet_size, | ||
| struct ecryptfs_mount_crypt_stat * | mount_crypt_stat, | ||
| char * | data, | ||
| size_t | max_packet_size | ||
| ) |
parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet : This function kmalloc's the memory for the filename : This function sets this to the amount of memory kmalloc'd for the filename : This function sets this to the the number of octets in the packet parsed : The mount-wide cryptographic context : The memory location containing the start of the tag 70 packet : The maximum legal size of the packet to be parsed from
Returns zero on success; non-zero otherwise
Definition at line 914 of file keystore.c.
| int ecryptfs_process_response | ( | struct ecryptfs_daemon * | daemon, |
| struct ecryptfs_message * | msg, | ||
| u32 | seq | ||
| ) |
ecryptfs_process_reponse : The ecryptfs message received; the caller should sanity check msg->data_len and free the memory : The sequence number of the message; must match the sequence number for the existing message context waiting for this response
Processes a response message after sending an operation request to userspace. Some other process is awaiting this response. Before sending out its first communications, the other process allocated a msg_ctx from the ecryptfs_msg_ctx_arr at a particular index. The response message contains this index so that we can copy over the response message into the msg_ctx that the process holds a reference to. The other process is going to wake up, check to see that msg_ctx->state == ECRYPTFS_MSG_CTX_STATE_DONE, and then proceed to read off and process the response message. Returns zero upon delivery to desired context element; non-zero upon delivery failure or error.
Returns zero on success; non-zero otherwise
Definition at line 222 of file messaging.c.
ecryptfs_read_lower : The read data is stored here by this function : Byte offset in the lower file from which to read the data : Number of bytes to read from of the lower file and store into : The eCryptfs inode
Read bytes of data at byte offset from the lower inode into memory location .
Returns bytes read on success; 0 on EOF; less than zero on error
Definition at line 235 of file read_write.c.
| int ecryptfs_read_lower_page_segment | ( | struct page * | page_for_ecryptfs, |
| pgoff_t | page_index, | ||
| size_t | offset_in_page, | ||
| size_t | size, | ||
| struct inode * | ecryptfs_inode | ||
| ) |
ecryptfs_read_lower_page_segment : The page into which data for eCryptfs will be written : Offset in from which to start writing : The number of bytes to write into : The eCryptfs inode
Determines the byte offset in the file for the given page and offset within the page, maps the page, and makes the call to read the contents of from the lower inode.
Returns zero on success; non-zero otherwise
Definition at line 267 of file read_write.c.
ecryptfs_read_metadata
Common entry point for reading file metadata. From here, we could retrieve the header information from the header region of the file, the xattr region of the file, or some other repostory that is stored separately from the file itself. The current implementation supports retrieving the metadata information from the file contents and from the xattr region.
Returns zero if valid headers found and parsed; non-zero otherwise
Definition at line 432 of file messaging.c.
| int ecryptfs_send_message | ( | char * | data, |
| int | data_len, | ||
| struct ecryptfs_msg_ctx ** | msg_ctx | ||
| ) |
| int ecryptfs_send_miscdev | ( | char * | data, |
| size_t | data_size, | ||
| struct ecryptfs_msg_ctx * | msg_ctx, | ||
| u8 | msg_type, | ||
| u16 | msg_flags, | ||
| struct ecryptfs_daemon * | daemon | ||
| ) |
ecryptfs_send_miscdev : Data to send to daemon; may be NULL : Amount of data to send to daemon : Message context, which is used to handle the reply. If this is NULL, then we do not expect a reply. : Type of message : Flags for message : eCryptfs daemon object
Add msg_ctx to queue and then, if it exists, notify the blocked miscdevess about the data being available. Must be called with ecryptfs_daemon_hash_mux held.
Returns zero on success; non-zero otherwise
| void ecryptfs_set_default_sizes | ( | struct ecryptfs_crypt_stat * | crypt_stat | ) |
| int ecryptfs_set_f_namelen | ( | long * | namelen, |
| long | lower_namelen, | ||
| struct ecryptfs_mount_crypt_stat * | mount_crypt_stat | ||
| ) |
| int ecryptfs_spawn_daemon | ( | struct ecryptfs_daemon ** | daemon, |
| struct file * | file | ||
| ) |
Definition at line 145 of file messaging.c.
| int ecryptfs_tfm_exists | ( | char * | cipher_name, |
| struct ecryptfs_key_tfm ** | key_tfm | ||
| ) |
| int ecryptfs_wait_for_response | ( | struct ecryptfs_msg_ctx * | msg_ctx, |
| struct ecryptfs_message ** | msg | ||
| ) |
ecryptfs_wait_for_response : The context that was assigned when sending a message : The incoming message from userspace; not set if rc != 0
Sleeps until awaken by ecryptfs_receive_message or until the amount of time exceeds ecryptfs_message_wait_timeout. If zero is returned, msg will point to a valid message from userspace; a non-zero value is returned upon failure to receive a message or an error occurs. Callee must free on success.
Definition at line 344 of file messaging.c.
ecryptfs_write : The eCryptfs file into which to write : Virtual address where data to write is located : Offset in the eCryptfs file at which to begin writing the data from : The number of bytes to write from
Write an arbitrary amount of data to an arbitrary location in the eCryptfs inode page cache. This is done on a page-by-page, and then by an extent-by-extent, basis; individual extents are encrypted and written to the lower page cache (via VFS writes). This function takes care of all the address translation to locations in the lower filesystem; it also handles truncate events, writing out zeros where necessary.
Returns zero on success; non-zero otherwise
Definition at line 109 of file read_write.c.
| void ecryptfs_write_crypt_stat_flags | ( | char * | page_virt, |
| struct ecryptfs_crypt_stat * | crypt_stat, | ||
| size_t * | written | ||
| ) |
| void ecryptfs_write_header_metadata | ( | char * | virt, |
| struct ecryptfs_crypt_stat * | crypt_stat, | ||
| size_t * | written | ||
| ) |
eCryptfs: Linux filesystem encryption layer
Copyright (C) 2007 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ecryptfs_write_lower : The eCryptfs inode : Data to write : Byte offset in the lower file to which to write the data : Number of bytes from to write at in the lower file
Write data to the lower file.
Returns bytes written on success; less than zero on error
Definition at line 39 of file read_write.c.
| int ecryptfs_write_lower_page_segment | ( | struct inode * | ecryptfs_inode, |
| struct page * | page_for_lower, | ||
| size_t | offset_in_page, | ||
| size_t | size | ||
| ) |
ecryptfs_write_lower_page_segment : The eCryptfs inode : The page containing the data to be written to the lower file : The offset in the from which to start writing the data : The amount of data from to write to the lower file
Determines the byte offset in the file for the given page and offset within the page, maps the page, and makes the call to write the contents of to the lower inode.
Returns zero on success; non-zero otherwise
Definition at line 73 of file read_write.c.
ecryptfs_write_metadata : The eCryptfs dentry, which should be negative : The newly created eCryptfs inode
Write the file headers out. This will likely involve a userspace callout, in which the session key is encrypted with one or more public keys and/or the passphrase necessary to do the encryption is retrieved via a prompt. Exactly what happens at this point should be policy-dependent.
Returns zero on success; non-zero on error
ecryptfs_write_packet_length : The byte array target into which to write the length. Must have at least ECRYPTFS_MAX_PKT_LEN_SIZE bytes allocated. : The length to write. : The number of bytes used to encode the packet length is written to this address.
Returns zero on success; non-zero on error.
Definition at line 136 of file keystore.c.
| int ecryptfs_write_tag_70_packet | ( | char * | dest, |
| size_t * | remaining_bytes, | ||
| size_t * | packet_size, | ||
| struct ecryptfs_mount_crypt_stat * | mount_crypt_stat, | ||
| char * | filename, | ||
| size_t | filename_size | ||
| ) |
write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK : NULL-terminated filename string
This is the simplest mechanism for achieving filename encryption in eCryptfs. It encrypts the given filename with the mount-wide filename encryption key (FNEK) and stores it in a packet to , which the callee will encode and write directly into the dentry name.
Definition at line 624 of file keystore.c.
virt_to_scatterlist : Virtual address : Size of data; should be an even multiple of the block size : Pointer to scatterlist array; set to NULL to obtain only the number of scatterlist structs required in array : Max array size
Fills in a scatterlist array with page references for a passed virtual address.
Returns the number of scatterlist structs in array used
| struct address_space_operations ecryptfs_aops |
| struct kmem_cache* ecryptfs_auth_tok_list_item_cache |
Definition at line 1223 of file keystore.c.
Definition at line 33 of file messaging.c.
| struct kmem_cache* ecryptfs_dentry_info_cache |
| struct file_operations ecryptfs_dir_fops |
| struct inode_operations ecryptfs_dir_iops |
| struct dentry_operations ecryptfs_dops |
| struct kmem_cache* ecryptfs_file_info_cache |
| struct kmem_cache* ecryptfs_global_auth_tok_cache |
Definition at line 2504 of file keystore.c.
| struct kmem_cache* ecryptfs_header_cache |
| struct kmem_cache* ecryptfs_inode_info_cache |
eCryptfs: Linux filesystem encryption layer
Copyright (C) 1997-2003 Erez Zadok Copyright (C) 2001-2003 Stony Brook University Copyright (C) 2004-2006 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com Michael C. Thompson mcthomps@us.ibm.com
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
| struct kmem_cache* ecryptfs_key_record_cache |
Definition at line 2374 of file keystore.c.
| struct kmem_cache* ecryptfs_key_sig_cache |
Definition at line 2484 of file keystore.c.
| struct kmem_cache* ecryptfs_key_tfm_cache |
| struct file_operations ecryptfs_main_fops |
| struct inode_operations ecryptfs_main_iops |
| unsigned int ecryptfs_message_buf_len |
| signed long ecryptfs_message_wait_timeout |
| unsigned int ecryptfs_number_of_users |
| struct kmem_cache* ecryptfs_sb_info_cache |
| struct super_operations ecryptfs_sops |
| struct inode_operations ecryptfs_symlink_iops |
| int ecryptfs_verbosity |
eCryptfs: Linux filesystem encryption layer
Copyright (C) 1997-2003 Erez Zadok Copyright (C) 2001-2003 Stony Brook University Copyright (C) 2004-2007 International Business Machines Corp. Author(s): Michael A. Halcrow mahalcro@us.ibm.com Michael C. Thompson mcthomps@us.ibm.com Tyler Hicks tyhicks@ou.edu
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Module parameter that defines the ecryptfs_verbosity level.
| struct kmem_cache* ecryptfs_xattr_cache |
1.8.2