The patch titled ecryptfs: add ecryptfs_ prefix to mount options; key size parameter has been added to the -mm tree. Its filename is ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find out what to do about this ------------------------------------------------------ Subject: ecryptfs: add ecryptfs_ prefix to mount options; key size parameter From: Mike Halcrow <mhalcrow@xxxxxxxxxx> Add ecryptfs_ prefix to ecryptfs-specific mount options to avoid conflicts from changes to /bin/mount. Debian's addition of ``keybits'' in its mount program left us scratching our heads when we happened to pick the exact same parameter name at first for this patch. This patch includes an aptly-named parameter to set the number of key bytes. Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxx> --- fs/ecryptfs/ecryptfs_kernel.h | 1 fs/ecryptfs/main.c | 36 +++++++++++++++++++++++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff -puN fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter fs/ecryptfs/ecryptfs_kernel.h --- 25/fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter Tue Jun 20 17:37:33 2006 +++ 25-akpm/fs/ecryptfs/ecryptfs_kernel.h Tue Jun 20 17:37:33 2006 @@ -220,6 +220,7 @@ struct ecryptfs_mount_crypt_stat { /* Pointers to memory we do not own, do not free these */ struct ecryptfs_auth_tok *global_auth_tok; struct key *global_auth_tok_key; + unsigned int global_default_cipher_key_bits; unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1]; unsigned char global_auth_tok_sig[ECRYPTFS_SIG_SIZE_HEX + 1]; diff -puN fs/ecryptfs/main.c~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter fs/ecryptfs/main.c --- 25/fs/ecryptfs/main.c~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter Tue Jun 20 17:37:33 2006 +++ 25-akpm/fs/ecryptfs/main.c Tue Jun 20 17:37:33 2006 @@ -125,13 +125,19 @@ out: return rc; } -enum { ecryptfs_opt_sig, ecryptfs_opt_debug, ecryptfs_opt_cipher, +enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ecryptfs_opt_debug, + ecryptfs_opt_ecryptfs_debug, ecryptfs_opt_cipher, + ecryptfs_opt_ecryptfs_cipher, ecryptfs_opt_ecryptfs_key_bytes, ecryptfs_opt_err }; static match_table_t tokens = { {ecryptfs_opt_sig, "sig=%s"}, + {ecryptfs_opt_ecryptfs_sig, "ecryptfs_sig=%s"}, {ecryptfs_opt_debug, "debug=%u"}, + {ecryptfs_opt_ecryptfs_debug, "ecryptfs_debug=%u"}, {ecryptfs_opt_cipher, "cipher=%s"}, + {ecryptfs_opt_ecryptfs_cipher, "ecryptfs_cipher=%s"}, + {ecryptfs_opt_ecryptfs_key_bytes, "ecryptfs_key_bytes=%u"}, {ecryptfs_opt_err, NULL} }; @@ -192,6 +198,8 @@ static int ecryptfs_parse_options(struct int rc = 0; int sig_set = 0; int cipher_name_set = 0; + int cipher_key_bytes; + int cipher_key_bytes_set = 0; struct key *auth_tok_key = NULL; struct ecryptfs_auth_tok *auth_tok = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = @@ -203,6 +211,7 @@ static int ecryptfs_parse_options(struct char *debug_src; char *cipher_name_dst; char *cipher_name_src; + char *cipher_key_bytes_src; int cipher_name_len; if (!options) { @@ -215,6 +224,7 @@ static int ecryptfs_parse_options(struct token = match_token(p, tokens, args); switch (token) { case ecryptfs_opt_sig: + case ecryptfs_opt_ecryptfs_sig: sig_src = args[0].from; sig_dst = mount_crypt_stat->global_auth_tok_sig; @@ -227,6 +237,7 @@ static int ecryptfs_parse_options(struct sig_set = 1; break; case ecryptfs_opt_debug: + case ecryptfs_opt_ecryptfs_debug: debug_src = args[0].from; ecryptfs_verbosity = (int)simple_strtol(debug_src, &debug_src, @@ -236,6 +247,7 @@ static int ecryptfs_parse_options(struct ecryptfs_verbosity); break; case ecryptfs_opt_cipher: + case ecryptfs_opt_ecryptfs_cipher: cipher_name_src = args[0].from; cipher_name_dst = mount_crypt_stat-> @@ -248,6 +260,20 @@ static int ecryptfs_parse_options(struct "[%s]\n", cipher_name_dst); cipher_name_set = 1; break; + case ecryptfs_opt_ecryptfs_key_bytes: + cipher_key_bytes_src = args[0].from; + cipher_key_bytes = + (int)simple_strtol(cipher_key_bytes_src, + &cipher_key_bytes_src, 0); + mount_crypt_stat->global_default_cipher_key_bits = + cipher_key_bytes << 3; + ecryptfs_printk(KERN_DEBUG, + "The mount_crypt_stat " + "global_default_cipher_key_bits " + "set to: [%d]\n", mount_crypt_stat-> + global_default_cipher_key_bits); + cipher_key_bytes_set = 1; + break; case ecryptfs_opt_err: default: ecryptfs_printk(KERN_WARNING, @@ -277,6 +303,14 @@ static int ecryptfs_parse_options(struct mount_crypt_stat->global_default_cipher_name[cipher_name_len] = '\0'; } + if (!cipher_key_bytes_set) { + mount_crypt_stat->global_default_cipher_key_bits = + ECRYPTFS_DEFAULT_KEY_BYTES << 3; + ecryptfs_printk(KERN_DEBUG, "Cipher key bits were not " + "specified. Defaulting to [%d]\n", + mount_crypt_stat-> + global_default_cipher_key_bits); + } ecryptfs_printk(KERN_DEBUG, "Requesting the key with description: " "[%s]\n", mount_crypt_stat->global_auth_tok_sig); /* The reference to this key is held until umount is done The _ Patches currently in -mm which might be from mhalcrow@xxxxxxxxxx are ecryptfs-fs-makefile-and-fs-kconfig.patch ecryptfs-fs-makefile-and-fs-kconfig-remove-ecrypt_debug-from-fs-kconfig.patch ecryptfs-documentation.patch ecryptfs-makefile.patch ecryptfs-main-module-functions.patch ecryptfs-main-module-functions-uint16_t-u16.patch ecryptfs-header-declarations.patch ecryptfs-header-declarations-update.patch ecryptfs-header-declarations-update-convert-signed-data-types-to-unsigned-data-types.patch ecryptfs-header-declarations-remove-unnecessary-ifndefs.patch ecryptfs-superblock-operations.patch ecryptfs-dentry-operations.patch ecryptfs-file-operations.patch ecryptfs-file-operations-remove-null-==-syntax.patch ecryptfs-file-operations-remove-extraneous-read-of-inode-size-from-header.patch ecryptfs-file-operations-fix.patch ecryptfs-file-operations-fix-premature-release-of-file_info-memory.patch ecryptfs-inode-operations.patch ecryptfs-mmap-operations.patch mark-address_space_operations-const-vs-ecryptfs-mmap-operations.patch ecryptfs-keystore.patch ecryptfs-crypto-functions.patch ecryptfs-debug-functions.patch ecryptfs-alpha-build-fix.patch ecryptfs-convert-assert-to-bug_on.patch ecryptfs-remove-unnecessary-null-checks.patch ecryptfs-rewrite-ecryptfs_fsync.patch ecryptfs-overhaul-file-locking.patch ecryptfs-dont-muck-with-the-existing-nameidata-structures.patch ecryptfs-asm-scatterlisth-linux-scatterlisth.patch ecryptfs-support-for-larger-maximum-key-size.patch ecryptfs-add-codes-for-additional-ciphers.patch ecryptfs-unencrypted-key-size-based-on-encrypted-key-size.patch ecryptfs-packet-and-key-management-update-for-variable-key-size.patch ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch ecryptfs-check-for-weak-keys.patch ecryptfs-add-define-values-for-cipher-codes-from-rfc2440-openpgp.patch ecryptfs-convert-bits-to-bytes.patch ecryptfs-more-elegant-aes-key-size-manipulation.patch ecryptfs-more-elegant-aes-key-size-manipulation-tidy.patch ecryptfs-more-intelligent-use-of-tfm-objects.patch - To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html