linux/fs/ecryptfs/ecryptfs_kernel.h, branch v2.6.26

eCryptfs: remove unnecessary page decrypt call

2008-06-06T18:29:09Z

The page decrypt calls in ecryptfs_write() are both pointless and buggy. Pointless because ecryptfs_get_locked_page() has already brought the page up to date, and buggy because prior mmap writes will just be blown away by the decrypt call. This patch also removes the declaration of a now-nonexistent function ecryptfs_write_zeros(). Thanks to Eric Sandeen and David Kleikamp for helping to track this down. Eric said: fsx w/ mmap dies quickly ( < 100 ops) without this, and survives nicely (to millions of ops+) with it in place. Signed-off-by: Michael Halcrow Cc: Eric Sandeen Cc: Dave Kleikamp Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

eCryptfs: make key module subsystem respect namespaces

2008-04-29T15:06:07Z

Make eCryptfs key module subsystem respect namespaces. Since I will be removing the netlink interface in a future patch, I just made changes to the netlink.c code so that it will not break the build. With my recent patches, the kernel module currently defaults to the device handle interface rather than the netlink interface. [akpm@linux-foundation.org: export free_user_ns()] Signed-off-by: Michael Halcrow Acked-by: Serge Hallyn Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

eCryptfs: integrate eCryptfs device handle into the module.

2008-04-29T15:06:07Z

Update the versioning information. Make the message types generic. Add an outgoing message queue to the daemon struct. Make the functions to parse and write the packet lengths available to the rest of the module. Add functions to create and destroy the daemon structs. Clean up some of the comments and make the code a little more consistent with itself. [akpm@linux-foundation.org: printk fixes] Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

ecryptfs: replace remaining FUNCTION occurrences

2008-04-29T15:06:06Z

__FUNCTION__ is gcc-specific, use __func__ Signed-off-by: Harvey Harrison Cc: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

ecryptfs: check for existing key_tfm at mount time

2008-02-06T18:41:13Z

Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same cipher & other mount options, created a new ecryptfs_key_tfm_cache item each time, and the cache could grow quite large this way. Looking at this with mhalcrow, we saw that ecryptfs_parse_options() unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding these items. Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new helper function, ecryptfs_tfm_exists(), which checks for the cipher on the cached key_tfm_list, and sets a pointer to it if it exists. This can then be called from ecryptfs_parse_options(), and new key_tfm's can be added only when a cached one is not found. With list locking changes suggested by akpm. Signed-off-by: Eric Sandeen Cc: Michael Halcrow Cc: Jeff Moyer Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

eCryptfs: change the type of cipher_code from u16 to u8

2008-02-06T18:41:13Z

Only the lower byte of cipher_code is ever used, so it makes sense for its type to be u8. Signed-off-by: Trevor Highland Cc: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

eCryptfs: set inode key only once per crypto operation

2008-02-06T18:41:12Z

There is no need to keep re-setting the same key for any given eCryptfs inode. This patch optimizes the use of the crypto API and helps performance a bit. Signed-off-by: Trevor Highland Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

eCryptfs: track header bytes rather than extents

2008-02-06T18:41:12Z

Remove internal references to header extents; just keep track of header bytes instead. Headers can easily span multiple pages with the recent persistent file changes. Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

fs/ecryptfs/: possible cleanups

2008-02-06T18:41:12Z

- make the following needlessly global code static: - crypto.c:ecryptfs_lower_offset_for_extent() - crypto.c:key_tfm_list - crypto.c:key_tfm_list_mutex - inode.c:ecryptfs_getxattr() - main.c:ecryptfs_init_persistent_file() - remove the no longer used mmap.c:ecryptfs_lower_page_cache - #if 0 the unused read_write.c:ecryptfs_read() Signed-off-by: Adrian Bunk Cc: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

ecryptfs: clean up page flag handling

2007-10-16T16:43:12Z

The functions that eventually call down to ecryptfs_read_lower(), ecryptfs_decrypt_page(), and ecryptfs_copy_up_encrypted_with_header() should have the responsibility of managing the page Uptodate status. This patch gets rid of some of the ugliness that resulted from trying to push some of the page flag setting too far down the stack. Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

linux/fs/ecryptfs/ecryptfs_kernel.h, branch v2.6.26

eCryptfs: remove unnecessary page decrypt call

eCryptfs: make key module subsystem respect namespaces

eCryptfs: integrate eCryptfs device handle into the module.

ecryptfs: replace remaining __FUNCTION__ occurrences

ecryptfs: check for existing key_tfm at mount time

eCryptfs: change the type of cipher_code from u16 to u8

eCryptfs: set inode key only once per crypto operation

eCryptfs: track header bytes rather than extents

fs/ecryptfs/: possible cleanups

ecryptfs: clean up page flag handling

ecryptfs: replace remaining FUNCTION occurrences