+ ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch added to -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The patch titled

     ecryptfs: add ecryptfs_ prefix to mount options; key size parameter

has been added to the -mm tree.  Its filename is

     ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch

See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this

------------------------------------------------------
Subject: ecryptfs: add ecryptfs_ prefix to mount options; key size parameter
From: Mike Halcrow <mhalcrow@xxxxxxxxxx>


Add ecryptfs_ prefix to ecryptfs-specific mount options to avoid conflicts
from changes to /bin/mount.  Debian's addition of ``keybits'' in its mount
program left us scratching our heads when we happened to pick the exact same
parameter name at first for this patch.  This patch includes an aptly-named
parameter to set the number of key bytes.

Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 fs/ecryptfs/ecryptfs_kernel.h |    1 
 fs/ecryptfs/main.c            |   36 +++++++++++++++++++++++++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff -puN fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter fs/ecryptfs/ecryptfs_kernel.h
--- 25/fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter	Tue Jun 20 17:37:33 2006
+++ 25-akpm/fs/ecryptfs/ecryptfs_kernel.h	Tue Jun 20 17:37:33 2006
@@ -220,6 +220,7 @@ struct ecryptfs_mount_crypt_stat {
 	/* Pointers to memory we do not own, do not free these */
 	struct ecryptfs_auth_tok *global_auth_tok;
 	struct key *global_auth_tok_key;
+	unsigned int global_default_cipher_key_bits;
 	unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE
 						 + 1];
 	unsigned char global_auth_tok_sig[ECRYPTFS_SIG_SIZE_HEX + 1];
diff -puN fs/ecryptfs/main.c~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter fs/ecryptfs/main.c
--- 25/fs/ecryptfs/main.c~ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter	Tue Jun 20 17:37:33 2006
+++ 25-akpm/fs/ecryptfs/main.c	Tue Jun 20 17:37:33 2006
@@ -125,13 +125,19 @@ out:
 	return rc;
 }
 
-enum { ecryptfs_opt_sig, ecryptfs_opt_debug, ecryptfs_opt_cipher,
+enum { ecryptfs_opt_sig, ecryptfs_opt_ecryptfs_sig, ecryptfs_opt_debug,
+       ecryptfs_opt_ecryptfs_debug, ecryptfs_opt_cipher,
+       ecryptfs_opt_ecryptfs_cipher, ecryptfs_opt_ecryptfs_key_bytes,
        ecryptfs_opt_err };
 
 static match_table_t tokens = {
 	{ecryptfs_opt_sig, "sig=%s"},
+	{ecryptfs_opt_ecryptfs_sig, "ecryptfs_sig=%s"},
 	{ecryptfs_opt_debug, "debug=%u"},
+	{ecryptfs_opt_ecryptfs_debug, "ecryptfs_debug=%u"},
 	{ecryptfs_opt_cipher, "cipher=%s"},
+	{ecryptfs_opt_ecryptfs_cipher, "ecryptfs_cipher=%s"},
+	{ecryptfs_opt_ecryptfs_key_bytes, "ecryptfs_key_bytes=%u"},
 	{ecryptfs_opt_err, NULL}
 };
 
@@ -192,6 +198,8 @@ static int ecryptfs_parse_options(struct
 	int rc = 0;
 	int sig_set = 0;
 	int cipher_name_set = 0;
+	int cipher_key_bytes;
+	int cipher_key_bytes_set = 0;
 	struct key *auth_tok_key = NULL;
 	struct ecryptfs_auth_tok *auth_tok = NULL;
 	struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
@@ -203,6 +211,7 @@ static int ecryptfs_parse_options(struct
 	char *debug_src;
 	char *cipher_name_dst;
 	char *cipher_name_src;
+	char *cipher_key_bytes_src;
 	int cipher_name_len;
 
 	if (!options) {
@@ -215,6 +224,7 @@ static int ecryptfs_parse_options(struct
 		token = match_token(p, tokens, args);
 		switch (token) {
 		case ecryptfs_opt_sig:
+		case ecryptfs_opt_ecryptfs_sig:
 			sig_src = args[0].from;
 			sig_dst =
 				mount_crypt_stat->global_auth_tok_sig;
@@ -227,6 +237,7 @@ static int ecryptfs_parse_options(struct
 			sig_set = 1;
 			break;
 		case ecryptfs_opt_debug:
+		case ecryptfs_opt_ecryptfs_debug:
 			debug_src = args[0].from;
 			ecryptfs_verbosity =
 				(int)simple_strtol(debug_src, &debug_src,
@@ -236,6 +247,7 @@ static int ecryptfs_parse_options(struct
 					ecryptfs_verbosity);
 			break;
 		case ecryptfs_opt_cipher:
+		case ecryptfs_opt_ecryptfs_cipher:
 			cipher_name_src = args[0].from;
 			cipher_name_dst =
 				mount_crypt_stat->
@@ -248,6 +260,20 @@ static int ecryptfs_parse_options(struct
 					"[%s]\n", cipher_name_dst);
 			cipher_name_set = 1;
 			break;
+		case ecryptfs_opt_ecryptfs_key_bytes:
+			cipher_key_bytes_src = args[0].from;
+			cipher_key_bytes =
+				(int)simple_strtol(cipher_key_bytes_src,
+						   &cipher_key_bytes_src, 0);
+			mount_crypt_stat->global_default_cipher_key_bits =
+				cipher_key_bytes << 3;
+			ecryptfs_printk(KERN_DEBUG,
+					"The mount_crypt_stat "
+					"global_default_cipher_key_bits "
+					"set to: [%d]\n", mount_crypt_stat->
+					global_default_cipher_key_bits);
+			cipher_key_bytes_set = 1;
+			break;
 		case ecryptfs_opt_err:
 		default:
 			ecryptfs_printk(KERN_WARNING,
@@ -277,6 +303,14 @@ static int ecryptfs_parse_options(struct
 		mount_crypt_stat->global_default_cipher_name[cipher_name_len]
 		    = '\0';
 	}
+	if (!cipher_key_bytes_set) {
+		mount_crypt_stat->global_default_cipher_key_bits =
+				ECRYPTFS_DEFAULT_KEY_BYTES << 3;
+		ecryptfs_printk(KERN_DEBUG, "Cipher key bits were not "
+				"specified.  Defaulting to [%d]\n",
+				mount_crypt_stat->
+				global_default_cipher_key_bits);
+	}
 	ecryptfs_printk(KERN_DEBUG, "Requesting the key with description: "
 			"[%s]\n", mount_crypt_stat->global_auth_tok_sig);
 	/* The reference to this key is held until umount is done The
_

Patches currently in -mm which might be from mhalcrow@xxxxxxxxxx are

ecryptfs-fs-makefile-and-fs-kconfig.patch
ecryptfs-fs-makefile-and-fs-kconfig-remove-ecrypt_debug-from-fs-kconfig.patch
ecryptfs-documentation.patch
ecryptfs-makefile.patch
ecryptfs-main-module-functions.patch
ecryptfs-main-module-functions-uint16_t-u16.patch
ecryptfs-header-declarations.patch
ecryptfs-header-declarations-update.patch
ecryptfs-header-declarations-update-convert-signed-data-types-to-unsigned-data-types.patch
ecryptfs-header-declarations-remove-unnecessary-ifndefs.patch
ecryptfs-superblock-operations.patch
ecryptfs-dentry-operations.patch
ecryptfs-file-operations.patch
ecryptfs-file-operations-remove-null-==-syntax.patch
ecryptfs-file-operations-remove-extraneous-read-of-inode-size-from-header.patch
ecryptfs-file-operations-fix.patch
ecryptfs-file-operations-fix-premature-release-of-file_info-memory.patch
ecryptfs-inode-operations.patch
ecryptfs-mmap-operations.patch
mark-address_space_operations-const-vs-ecryptfs-mmap-operations.patch
ecryptfs-keystore.patch
ecryptfs-crypto-functions.patch
ecryptfs-debug-functions.patch
ecryptfs-alpha-build-fix.patch
ecryptfs-convert-assert-to-bug_on.patch
ecryptfs-remove-unnecessary-null-checks.patch
ecryptfs-rewrite-ecryptfs_fsync.patch
ecryptfs-overhaul-file-locking.patch
ecryptfs-dont-muck-with-the-existing-nameidata-structures.patch
ecryptfs-asm-scatterlisth-linux-scatterlisth.patch
ecryptfs-support-for-larger-maximum-key-size.patch
ecryptfs-add-codes-for-additional-ciphers.patch
ecryptfs-unencrypted-key-size-based-on-encrypted-key-size.patch
ecryptfs-packet-and-key-management-update-for-variable-key-size.patch
ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch
ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch
ecryptfs-check-for-weak-keys.patch
ecryptfs-add-define-values-for-cipher-codes-from-rfc2440-openpgp.patch
ecryptfs-convert-bits-to-bytes.patch
ecryptfs-more-elegant-aes-key-size-manipulation.patch
ecryptfs-more-elegant-aes-key-size-manipulation-tidy.patch
ecryptfs-more-intelligent-use-of-tfm-objects.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel Newbies FAQ]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Photo]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux