Anyone interested in this?
On Wed, Mar 2, 2011 at 11:09 AM, Ethan Du <ethan.too@xxxxxxxxx> wrote:
> With ecryptfs_create_plain mount option, newly created file will be
> plain lower fs file
> For those who want to read encrypted files, but want no more encrypted files
>
> Signed-off-by: Ethan.Du <ethan.too@xxxxxxxxx>
> ---
> fs/ecryptfs/ecryptfs_kernel.h | 1 +
> fs/ecryptfs/inode.c | 8 ++++++++
> fs/ecryptfs/main.c | 5 +++++
> fs/ecryptfs/mmap.c | 33 +++++++++++++++++++++++++--------
> fs/ecryptfs/super.c | 2 ++
> 5 files changed, 41 insertions(+), 8 deletions(-)
>
> diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
> index e007534..4d0c5c4 100644
> --- a/fs/ecryptfs/ecryptfs_kernel.h
> +++ b/fs/ecryptfs/ecryptfs_kernel.h
> @@ -377,6 +377,7 @@ struct ecryptfs_mount_crypt_stat {
> #define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020
> #define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040
> #define ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY 0x00000080
> +#define ECRYPTFS_CREATE_PLAIN_FILE 0x00000100
> u32 flags;
> struct list_head global_auth_tok_list;
> struct mutex global_auth_tok_list_mutex;
> diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> index b592938..a6ffe89 100644
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -174,6 +174,9 @@ static int ecryptfs_initialize_file(struct dentry
> *ecryptfs_dentry)
> {
> struct ecryptfs_crypt_stat *crypt_stat =
>
> &ecryptfs_inode_to_private(ecryptfs_dentry->d_inode)->crypt_stat;
> + struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
> + &ecryptfs_superblock_to_private(ecryptfs_dentry->d_sb)->
> + mount_crypt_stat;
> int rc = 0;
>
> if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {
> @@ -182,6 +185,11 @@ static int ecryptfs_initialize_file(struct dentry
> *ecryptfs_dentry)
> goto out;
> }
> crypt_stat->flags |= ECRYPTFS_NEW_FILE;
> + if (mount_crypt_stat && (mount_crypt_stat->flags
> + & ECRYPTFS_CREATE_PLAIN_FILE)) {
> + crypt_stat->flags &= ~(ECRYPTFS_ENCRYPTED);
> + goto out;
> + }
> ecryptfs_printk(KERN_DEBUG, "Initializing crypto context\n");
> rc = ecryptfs_new_file_context(ecryptfs_dentry);
> if (rc) {
> diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
> index 758323a..ee4e286 100644
> --- a/fs/ecryptfs/main.c
> +++ b/fs/ecryptfs/main.c
> @@ -218,6 +218,7 @@ enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig,
> ecryptfs_opt_encrypted_view, ecryptfs_opt_fnek_sig,
> ecryptfs_opt_fn_cipher, ecryptfs_opt_fn_cipher_key_bytes,
> ecryptfs_opt_unlink_sigs, ecryptfs_opt_mount_auth_tok_only,
> + ecryptfs_opt_create_plain,
> ecryptfs_opt_err };
>
> static const match_table_t tokens = {
> @@ -234,6 +235,7 @@ static const match_table_t tokens = {
> {ecryptfs_opt_fn_cipher_key_bytes, "ecryptfs_fn_key_bytes=%u"},
> {ecryptfs_opt_unlink_sigs, "ecryptfs_unlink_sigs"},
> {ecryptfs_opt_mount_auth_tok_only, "ecryptfs_mount_auth_tok_only"},
> + {ecryptfs_opt_create_plain, "ecryptfs_create_plain"},
> {ecryptfs_opt_err, NULL}
> };
>
> @@ -421,6 +423,9 @@ static int ecryptfs_parse_options(struct
> ecryptfs_sb_info *sbi, char *options)
> mount_crypt_stat->flags |=
> ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY;
> break;
> + case ecryptfs_opt_create_plain:
> + mount_crypt_stat->flags |=
> ECRYPTFS_CREATE_PLAIN_FILE;
> + break;
> case ecryptfs_opt_err:
> default:
> printk(KERN_WARNING
> diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
> index cc64fca..6c5786b 100644
> --- a/fs/ecryptfs/mmap.c
> +++ b/fs/ecryptfs/mmap.c
> @@ -60,18 +60,35 @@ struct page *ecryptfs_get_locked_page(struct inode
> *inode, loff_t index)
> */
> static int ecryptfs_writepage(struct page *page, struct writeback_control
> *wbc)
> {
> - int rc;
> + struct inode *ecryptfs_inode;
> + struct ecryptfs_crypt_stat *crypt_stat;
> + int rc = 0;
>
> - rc = ecryptfs_encrypt_page(page);
> - if (rc) {
> - ecryptfs_printk(KERN_WARNING, "Error encrypting "
> + ecryptfs_inode = page->mapping->host;
> + crypt_stat =
> + &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
> +
> + if (!crypt_stat
> + || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED)
> + || (crypt_stat->flags & ECRYPTFS_NEW_FILE)) {
> + ecryptfs_printk(KERN_DEBUG,
> + "Passing through unencrypted page\n");
> + rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page,
> + 0, PAGE_CACHE_SIZE);
> + } else {
> + rc = ecryptfs_encrypt_page(page);
> + if (rc)
> + ecryptfs_printk(KERN_ERR, "Error encrypting "
> "page (upper index [0x%.16lx])\n",
> page->index);
> + }
> +
> + if (rc)
> ClearPageUptodate(page);
> - goto out;
> + else {
> + SetPageUptodate(page);
> + unlock_page(page);
> }
> - SetPageUptodate(page);
> - unlock_page(page);
> -out:
> +
> return rc;
> }
>
> diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c
> index 3042fe1..dd19570 100644
> --- a/fs/ecryptfs/super.c
> +++ b/fs/ecryptfs/super.c
> @@ -191,6 +191,8 @@ static int ecryptfs_show_options(struct seq_file
> *m, struct vfsmount *mnt)
> seq_printf(m, ",ecryptfs_unlink_sigs");
> if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY)
> seq_printf(m, ",ecryptfs_mount_auth_tok_only");
> + if (mount_crypt_stat->flags & ECRYPTFS_CREATE_PLAIN_FILE)
> + seq_printf(m, ",ecryptfs_create_plain");
>
> return 0;
> }
> --
> 1.7.2.3
>
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
