With ecryptfs_create_plain mount option, newly created file will be
plain lower fs file
For those who want to read encrypted files, but want no more encrypted files
Signed-off-by: Ethan.Du <ethan.too@xxxxxxxxx>
---
fs/ecryptfs/ecryptfs_kernel.h | 1 +
fs/ecryptfs/inode.c | 8 ++++++++
fs/ecryptfs/main.c | 5 +++++
fs/ecryptfs/mmap.c | 33 +++++++++++++++++++++++++--------
fs/ecryptfs/super.c | 2 ++
5 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index e007534..4d0c5c4 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -377,6 +377,7 @@ struct ecryptfs_mount_crypt_stat {
#define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020
#define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040
#define ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY 0x00000080
+#define ECRYPTFS_CREATE_PLAIN_FILE 0x00000100
u32 flags;
struct list_head global_auth_tok_list;
struct mutex global_auth_tok_list_mutex;
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index b592938..a6ffe89 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -174,6 +174,9 @@ static int ecryptfs_initialize_file(struct dentry
*ecryptfs_dentry)
{
struct ecryptfs_crypt_stat *crypt_stat =
&ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
+ struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
+ &ecryptfs_superblock_to_private(ecryptfs_dentry->d_sb)->
+ mount_crypt_stat;
int rc = 0;
if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {
@@ -182,6 +185,11 @@ static int ecryptfs_initialize_file(struct dentry
*ecryptfs_dentry)
goto out;
}
crypt_stat->flags |= ECRYPTFS_NEW_FILE;
+ if (mount_crypt_stat && (mount_crypt_stat->flags
+ & ECRYPTFS_CREATE_PLAIN_FILE)) {
+ crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
+ goto out;
+ }
ecryptfs_printk(KERN_DEBUG, "Initializing crypto context\n");
rc = ecryptfs_new_file_context(ecryptfs_dentry);
if (rc) {
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 758323a..ee4e286 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -218,6 +218,7 @@ enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig,
ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig,
ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes,
ecryptfs_opt_unlink_sigs, ecryptfs_opt_mount_auth_tok_only,
+ ecryptfs_opt_create_plain,
ecryptfs_opt_err };
static const match_table_t tokens = {
@@ -234,6 +235,7 @@ static const match_table_t tokens = {
{ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"},
{ecryptfs_opt_unlink_sigs, "ecryptfs_unlink_sigs"},
{ecryptfs_opt_mount_auth_tok_only, "ecryptfs_mount_auth_tok_only"},
+ {ecryptfs_opt_create_plain, "ecryptfs_create_plain"},
{ecryptfs_opt_err, NULL}
};
@@ -421,6 +423,9 @@ static int ecryptfs_parse_options(struct
ecryptfs_sb_info *sbi, char *options)
mount_crypt_stat->flags |=
ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY;
break;
+ case ecryptfs_opt_create_plain:
+ mount_crypt_stat->flags |= ECRYPTFS_CREATE_PLAIN_FILE;
+ break;
case ecryptfs_opt_err:
default:
printk(KERN_WARNING
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
index cc64fca..6c5786b 100644
--- a/fs/ecryptfs/mmap.c
+++ b/fs/ecryptfs/mmap.c
@@ -60,18 +60,35 @@ struct page *ecryptfs_get_locked_page(struct inode
*inode, loff_t index)
*/
static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc)
{
- int rc;
+ struct inode *ecryptfs_inode;
+ struct ecryptfs_crypt_stat *crypt_stat;
+ int rc = 0;
- rc = ecryptfs_encrypt_page(page);
- if (rc) {
- ecryptfs_printk(KERN_WARNING, "Error encrypting "
+ ecryptfs_inode = page->mapping->host;
+ crypt_stat =
+ &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
+
+ if (!crypt_stat
+ || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED)
+ || (crypt_stat->flags & ECRYPTFS_NEW_FILE)) {
+ ecryptfs_printk(KERN_DEBUG,
+ "Passing through unencrypted page\n");
+ rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page,
+ 0, PAGE_CACHE_SIZE);
+ } else {
+ rc = ecryptfs_encrypt_page(page);
+ if (rc)
+ ecryptfs_printk(KERN_ERR, "Error encrypting "
"page (upper index [0x%.16lx])\n", page->index);
+ }
+
+ if (rc)
ClearPageUptodate(page);
- goto out;
+ else {
+ SetPageUptodate(page);
+ unlock_page(page);
}
- SetPageUptodate(page);
- unlock_page(page);
-out:
+
return rc;
}
diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c
index 3042fe1..dd19570 100644
--- a/fs/ecryptfs/super.c
+++ b/fs/ecryptfs/super.c
@@ -191,6 +191,8 @@ static int ecryptfs_show_options(struct seq_file
*m, struct vfsmount *mnt)
seq_printf(m, ",ecryptfs_unlink_sigs");
if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY)
seq_printf(m, ",ecryptfs_mount_auth_tok_only");
+ if (mount_crypt_stat->flags & ECRYPTFS_CREATE_PLAIN_FILE)
+ seq_printf(m, ",ecryptfs_create_plain");
return 0;
}
--
1.7.2.3
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
