[PATCH] ecryptfs: check for existing key_tfm at mount time - Kernel

This is a discussion on [PATCH] ecryptfs: check for existing key_tfm at mount time - Kernel ; Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same cipher & other mount options, created a new ecryptfs_key_tfm_cache item each time, and the cache could grow quite large this way. Looking at this with mhalcrow, ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: [PATCH] ecryptfs: check for existing key_tfm at mount time

  1. [PATCH] ecryptfs: check for existing key_tfm at mount time

    Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    with the same cipher & other mount options, created a new
    ecryptfs_key_tfm_cache item each time, and the cache could
    grow quite large this way.

    Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    unconditionally called ecryptfs_add_new_key_tfm(), which is what
    was adding these items.

    Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    new helper function, ecryptfs_tfm_exists(), which checks for the
    cipher on the cached key_tfm_list, and sets a pointer
    to it if it exists. This can then be called from
    ecryptfs_parse_options(), and new key_tfm's can be added only when
    a cached one is not found.

    Signed-off-by: Eric Sandeen
    ---

    Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    @@ -1868,6 +1868,33 @@ out:
    return rc;
    }

    +/**
    + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    + * @cipher_name: the name of the cipher to search for
    + * @key_tfm: set to corresponding tfm if found
    + *
    + * Returns 1 if found, with key_tfm set
    + * Returns 0 if not found, key_tfm set to NULL
    + */
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    +{
    + struct ecryptfs_key_tfm *tmp_key_tfm;
    +
    + mutex_lock(&key_tfm_list_mutex);
    + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    + mutex_unlock(&key_tfm_list_mutex);
    + if (key_tfm)
    + (*key_tfm) = tmp_key_tfm;
    + return 1;
    + }
    + }
    + mutex_unlock(&key_tfm_list_mutex);
    + if (key_tfm)
    + (*key_tfm) = NULL;
    + return 0;
    +}
    +
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name)
    @@ -1877,22 +1904,15 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe

    (*tfm) = NULL;
    (*tfm_mutex) = NULL;
    - mutex_lock(&key_tfm_list_mutex);
    - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    - (*tfm) = key_tfm->key_tfm;
    - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    - mutex_unlock(&key_tfm_list_mutex);
    +
    + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
    + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    + if (rc) {
    + printk(KERN_ERR "Error adding new key_tfm to list; "
    + "rc = [%d]\n", rc);
    goto out;
    }
    }
    - mutex_unlock(&key_tfm_list_mutex);
    - rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    - if (rc) {
    - printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n",
    - rc);
    - goto out;
    - }
    (*tfm) = key_tfm->key_tfm;
    (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    out:
    Index: linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/ecryptfs_kernel.h
    +++ linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    @@ -623,6 +623,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    size_t key_size);
    int ecryptfs_init_crypto(void);
    int ecryptfs_destroy_crypto(void);
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name);
    Index: linux-2.6.24-rc3/fs/ecryptfs/main.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/main.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/main.c
    @@ -410,9 +410,11 @@ static int ecryptfs_parse_options(struct
    if (!cipher_key_bytes_set) {
    mount_crypt_stat->global_default_cipher_key_size = 0;
    }
    - rc = ecryptfs_add_new_key_tfm(
    - NULL, mount_crypt_stat->global_default_cipher_name,
    - mount_crypt_stat->global_default_cipher_key_size);
    + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    + NULL))
    + rc = ecryptfs_add_new_key_tfm(
    + NULL, mount_crypt_stat->global_default_cipher_name,
    + mount_crypt_stat->global_default_cipher_key_size);
    if (rc) {
    printk(KERN_ERR "Error attempting to initialize cipher with "
    "name = [%s] and key size = [%td]; rc = [%d]\n",

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: [PATCH] ecryptfs: check for existing key_tfm at mount time

    On Thu, Dec 20, 2007 at 11:18:49PM -0600, Eric Sandeen wrote:
    > Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    > with the same cipher & other mount options, created a new
    > ecryptfs_key_tfm_cache item each time, and the cache could
    > grow quite large this way.
    >
    > Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    > unconditionally called ecryptfs_add_new_key_tfm(), which is what
    > was adding these items.
    >
    > Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    > new helper function, ecryptfs_tfm_exists(), which checks for the
    > cipher on the cached key_tfm_list, and sets a pointer
    > to it if it exists. This can then be called from
    > ecryptfs_parse_options(), and new key_tfm's can be added only when
    > a cached one is not found.
    >
    > Signed-off-by: Eric Sandeen


    Acked-by: Mike Halcrow

    > ---
    >
    > Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    > ================================================== =================
    > --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c
    > +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    > @@ -1868,6 +1868,33 @@ out:
    > return rc;
    > }
    >
    > +/**
    > + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    > + * @cipher_name: the name of the cipher to search for
    > + * @key_tfm: set to corresponding tfm if found
    > + *
    > + * Returns 1 if found, with key_tfm set
    > + * Returns 0 if not found, key_tfm set to NULL
    > + */
    > +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    > +{
    > + struct ecryptfs_key_tfm *tmp_key_tfm;
    > +
    > + mutex_lock(&key_tfm_list_mutex);
    > + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    > + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    > + mutex_unlock(&key_tfm_list_mutex);
    > + if (key_tfm)
    > + (*key_tfm) = tmp_key_tfm;
    > + return 1;
    > + }
    > + }
    > + mutex_unlock(&key_tfm_list_mutex);
    > + if (key_tfm)
    > + (*key_tfm) = NULL;
    > + return 0;
    > +}
    > +
    > int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    > struct mutex **tfm_mutex,
    > char *cipher_name)
    > @@ -1877,22 +1904,15 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe
    >
    > (*tfm) = NULL;
    > (*tfm_mutex) = NULL;
    > - mutex_lock(&key_tfm_list_mutex);
    > - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    > - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    > - (*tfm) = key_tfm->key_tfm;
    > - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    > - mutex_unlock(&key_tfm_list_mutex);
    > +
    > + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
    > + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    > + if (rc) {
    > + printk(KERN_ERR "Error adding new key_tfm to list; "
    > + "rc = [%d]\n", rc);
    > goto out;
    > }
    > }
    > - mutex_unlock(&key_tfm_list_mutex);
    > - rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    > - if (rc) {
    > - printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n",
    > - rc);
    > - goto out;
    > - }
    > (*tfm) = key_tfm->key_tfm;
    > (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    > out:
    > Index: linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    > ================================================== =================
    > --- linux-2.6.24-rc3.orig/fs/ecryptfs/ecryptfs_kernel.h
    > +++ linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    > @@ -623,6 +623,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    > size_t key_size);
    > int ecryptfs_init_crypto(void);
    > int ecryptfs_destroy_crypto(void);
    > +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
    > int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    > struct mutex **tfm_mutex,
    > char *cipher_name);
    > Index: linux-2.6.24-rc3/fs/ecryptfs/main.c
    > ================================================== =================
    > --- linux-2.6.24-rc3.orig/fs/ecryptfs/main.c
    > +++ linux-2.6.24-rc3/fs/ecryptfs/main.c
    > @@ -410,9 +410,11 @@ static int ecryptfs_parse_options(struct
    > if (!cipher_key_bytes_set) {
    > mount_crypt_stat->global_default_cipher_key_size = 0;
    > }
    > - rc = ecryptfs_add_new_key_tfm(
    > - NULL, mount_crypt_stat->global_default_cipher_name,
    > - mount_crypt_stat->global_default_cipher_key_size);
    > + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    > + NULL))
    > + rc = ecryptfs_add_new_key_tfm(
    > + NULL, mount_crypt_stat->global_default_cipher_name,
    > + mount_crypt_stat->global_default_cipher_key_size);
    > if (rc) {
    > printk(KERN_ERR "Error attempting to initialize cipher with "
    > "name = [%s] and key size = [%td]; rc = [%d]\n",
    >

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  3. Re: [PATCH] ecryptfs: check for existing key_tfm at mount time

    On Thu, 20 Dec 2007 23:18:49 -0600 Eric Sandeen wrote:

    > Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    > with the same cipher & other mount options, created a new
    > ecryptfs_key_tfm_cache item each time, and the cache could
    > grow quite large this way.
    >
    > Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    > unconditionally called ecryptfs_add_new_key_tfm(), which is what
    > was adding these items.
    >
    > Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    > new helper function, ecryptfs_tfm_exists(), which checks for the
    > cipher on the cached key_tfm_list, and sets a pointer
    > to it if it exists. This can then be called from
    > ecryptfs_parse_options(), and new key_tfm's can be added only when
    > a cached one is not found.
    >


    This change looks fishy.

    > +/**
    > + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    > + * @cipher_name: the name of the cipher to search for
    > + * @key_tfm: set to corresponding tfm if found
    > + *
    > + * Returns 1 if found, with key_tfm set
    > + * Returns 0 if not found, key_tfm set to NULL
    > + */
    > +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    > +{
    > + struct ecryptfs_key_tfm *tmp_key_tfm;
    > +
    > + mutex_lock(&key_tfm_list_mutex);
    > + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    > + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    > + mutex_unlock(&key_tfm_list_mutex);
    > + if (key_tfm)
    > + (*key_tfm) = tmp_key_tfm;


    Here we return a pointer to an object without holding the lock and without
    taking a refcount on it. What prevents it from getting moved/freed/etc
    while this thread of control is playing with it?

    > + return 1;
    > + }
    > + }
    > + mutex_unlock(&key_tfm_list_mutex);
    > + if (key_tfm)
    > + (*key_tfm) = NULL;
    > + return 0;
    > +}
    > +
    > int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    > struct mutex **tfm_mutex,
    > char *cipher_name)
    > @@ -1877,22 +1904,15 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe
    >
    > (*tfm) = NULL;
    > (*tfm_mutex) = NULL;
    > - mutex_lock(&key_tfm_list_mutex);
    > - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    > - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    > - (*tfm) = key_tfm->key_tfm;
    > - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    > - mutex_unlock(&key_tfm_list_mutex);
    > +
    > + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {


    And given that we've just unlocked key_tfm_list_mutex, how do we know that
    the return value from ecryptfs_tfm_exists() is still true in this window?


    > + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    > + if (rc) {
    > + printk(KERN_ERR "Error adding new key_tfm to list; "
    > + "rc = [%d]\n", rc);
    > goto out;
    > }
    > }
    > - mutex_unlock(&key_tfm_list_mutex);


    It would all look a lot more solid if this locking was retained and both
    ecryptfs_tfm_exists() and ecryptfs_add_new_key_tfm() were designed to be
    called under key_tfm_list_mutex.

    > @@ -410,9 +410,11 @@ static int ecryptfs_parse_options(struct
    > if (!cipher_key_bytes_set) {
    > mount_crypt_stat->global_default_cipher_key_size = 0;
    > }
    > - rc = ecryptfs_add_new_key_tfm(
    > - NULL, mount_crypt_stat->global_default_cipher_name,
    > - mount_crypt_stat->global_default_cipher_key_size);
    > + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    > + NULL))
    > + rc = ecryptfs_add_new_key_tfm(
    > + NULL, mount_crypt_stat->global_default_cipher_name,
    > + mount_crypt_stat->global_default_cipher_key_size);


    dittoes.
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  4. [PATCH] (UPDATED) ecryptfs: check for existing key_tfm at mount time

    Andrew Morton wrote:

    > It would all look a lot more solid if this locking was retained and both
    > ecryptfs_tfm_exists() and ecryptfs_add_new_key_tfm() were designed to be
    > called under key_tfm_list_mutex.


    Hmm good point, sorry for missing that. How's this look?

    ===========

    Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    with the same cipher & other mount options, created a new
    ecryptfs_key_tfm_cache item each time, and the cache could
    grow quite large this way.

    Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    unconditionally called ecryptfs_add_new_key_tfm(), which is what
    was adding these items.

    Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    new helper function, ecryptfs_tfm_exists(), which checks for the
    cipher on the cached key_tfm_list, and sets a pointer
    to it if it exists. This can then be called from
    ecryptfs_parse_options(), and new key_tfm's can be added only when
    a cached one is not found.

    With list locking changes suggested by akpm.

    Signed-off-by: Eric Sandeen
    ---



    Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    @@ -1812,6 +1812,11 @@ int ecryptfs_init_crypto(void)
    return 0;
    }

    +/**
    + * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
    + *
    + * Called only at module unload time
    + */
    int ecryptfs_destroy_crypto(void)
    {
    struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
    @@ -1835,6 +1840,8 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    struct ecryptfs_key_tfm *tmp_tfm;
    int rc = 0;

    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
    if (key_tfm != NULL)
    (*key_tfm) = tmp_tfm;
    @@ -1861,13 +1868,51 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    (*key_tfm) = NULL;
    goto out;
    }
    - mutex_lock(&key_tfm_list_mutex);
    list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
    - mutex_unlock(&key_tfm_list_mutex);
    out:
    return rc;
    }

    +/**
    + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    + * @cipher_name: the name of the cipher to search for
    + * @key_tfm: set to corresponding tfm if found
    + *
    + * Searches for cached key_tfm matching @cipher_name
    + * Must be called with &key_tfm_list_mutex held
    + * Returns 1 if found, with @key_tfm set
    + * Returns 0 if not found, with @key_tfm set to NULL
    + */
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    +{
    + struct ecryptfs_key_tfm *tmp_key_tfm;
    +
    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    + mutex_unlock(&key_tfm_list_mutex);
    + if (key_tfm)
    + (*key_tfm) = tmp_key_tfm;
    + return 1;
    + }
    + }
    + if (key_tfm)
    + (*key_tfm) = NULL;
    + return 0;
    +}
    +
    +/**
    + * ecryptfs_get_tfm_and_mutex_for_cipher_name
    + *
    + * @tfm: set to cached tfm found, or new tfm created
    + * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
    + * @cipher_name: the name of the cipher to search for and/or add
    + *
    + * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
    + * Searches for cached item first, and creates new if not found.
    + * Returns 0 on success, non-zero if adding new cipher failed
    + */
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name)
    @@ -1877,22 +1922,17 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe

    (*tfm) = NULL;
    (*tfm_mutex) = NULL;
    +
    mutex_lock(&key_tfm_list_mutex);
    - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    - (*tfm) = key_tfm->key_tfm;
    - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    - mutex_unlock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
    + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    + if (rc) {
    + printk(KERN_ERR "Error adding new key_tfm to list; "
    + "rc = [%d]\n", rc);
    goto out;
    }
    }
    mutex_unlock(&key_tfm_list_mutex);
    - rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    - if (rc) {
    - printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n",
    - rc);
    - goto out;
    - }
    (*tfm) = key_tfm->key_tfm;
    (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    out:
    Index: linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/ecryptfs_kernel.h
    +++ linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    @@ -623,6 +623,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    size_t key_size);
    int ecryptfs_init_crypto(void);
    int ecryptfs_destroy_crypto(void);
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name);
    Index: linux-2.6.24-rc3/fs/ecryptfs/main.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/main.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/main.c
    @@ -410,9 +410,13 @@ static int ecryptfs_parse_options(struct
    if (!cipher_key_bytes_set) {
    mount_crypt_stat->global_default_cipher_key_size = 0;
    }
    - rc = ecryptfs_add_new_key_tfm(
    - NULL, mount_crypt_stat->global_default_cipher_name,
    - mount_crypt_stat->global_default_cipher_key_size);
    + mutex_lock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    + NULL))
    + rc = ecryptfs_add_new_key_tfm(
    + NULL, mount_crypt_stat->global_default_cipher_name,
    + mount_crypt_stat->global_default_cipher_key_size);
    + mutex_unlock(&key_tfm_list_mutex);
    if (rc) {
    printk(KERN_ERR "Error attempting to initialize cipher with "
    "name = [%s] and key size = [%td]; rc = [%d]\n",

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  5. Re: [PATCH] (UPDATED) ecryptfs: check for existing key_tfm at mount time

    On Sat, 22 Dec 2007 11:42:37 -0600 Eric Sandeen wrote:

    > Andrew Morton wrote:
    >
    > > It would all look a lot more solid if this locking was retained and both
    > > ecryptfs_tfm_exists() and ecryptfs_add_new_key_tfm() were designed to be
    > > called under key_tfm_list_mutex.

    >
    > Hmm good point, sorry for missing that. How's this look?


    key_tfm_list_mutex gets used in fs/ecryptfs/main.c but it is static in
    fs/ecryptfs/crypto.c

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  6. Re: [PATCH] (UPDATED) ecryptfs: check for existing key_tfm at mount time

    Andrew Morton wrote:
    > On Sat, 22 Dec 2007 11:42:37 -0600 Eric Sandeen wrote:
    >
    >> Andrew Morton wrote:
    >>
    >>> It would all look a lot more solid if this locking was retained and both
    >>> ecryptfs_tfm_exists() and ecryptfs_add_new_key_tfm() were designed to be
    >>> called under key_tfm_list_mutex.

    >> Hmm good point, sorry for missing that. How's this look?

    >
    > key_tfm_list_mutex gets used in fs/ecryptfs/main.c but it is static in
    > fs/ecryptfs/crypto.c
    >


    Ah crud that was a bunk-ism in -mm that I missed.

    I'll send another updated patch soon.

    -Eric
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  7. [PATCH] (UPDATED2) ecryptfs: check for existing key_tfm at mount time

    Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    with the same cipher & other mount options, created a new
    ecryptfs_key_tfm_cache item each time, and the cache could
    grow quite large this way.

    Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    unconditionally called ecryptfs_add_new_key_tfm(), which is what
    was adding these items.

    Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    new helper function, ecryptfs_tfm_exists(), which checks for the
    cipher on the cached key_tfm_list, and sets a pointer
    to it if it exists. This can then be called from
    ecryptfs_parse_options(), and new key_tfm's can be added only when
    a cached one is not found.

    With list locking changes suggested by akpm.

    Signed-off-by: Eric Sandeen
    ---

    Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    @@ -1778,7 +1778,7 @@ out:

    struct kmem_cache *ecryptfs_key_tfm_cache;
    static struct list_head key_tfm_list;
    -static struct mutex key_tfm_list_mutex;
    +struct mutex key_tfm_list_mutex;

    int ecryptfs_init_crypto(void)
    {
    @@ -1787,6 +1787,11 @@ int ecryptfs_init_crypto(void)
    return 0;
    }

    +/**
    + * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
    + *
    + * Called only at module unload time
    + */
    int ecryptfs_destroy_crypto(void)
    {
    struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
    @@ -1810,6 +1815,8 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    struct ecryptfs_key_tfm *tmp_tfm;
    int rc = 0;

    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
    if (key_tfm != NULL)
    (*key_tfm) = tmp_tfm;
    @@ -1835,13 +1842,51 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    (*key_tfm) = NULL;
    goto out;
    }
    - mutex_lock(&key_tfm_list_mutex);
    list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
    - mutex_unlock(&key_tfm_list_mutex);
    out:
    return rc;
    }

    +/**
    + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    + * @cipher_name: the name of the cipher to search for
    + * @key_tfm: set to corresponding tfm if found
    + *
    + * Searches for cached key_tfm matching @cipher_name
    + * Must be called with &key_tfm_list_mutex held
    + * Returns 1 if found, with @key_tfm set
    + * Returns 0 if not found, with @key_tfm set to NULL
    + */
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    +{
    + struct ecryptfs_key_tfm *tmp_key_tfm;
    +
    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    + mutex_unlock(&key_tfm_list_mutex);
    + if (key_tfm)
    + (*key_tfm) = tmp_key_tfm;
    + return 1;
    + }
    + }
    + if (key_tfm)
    + (*key_tfm) = NULL;
    + return 0;
    +}
    +
    +/**
    + * ecryptfs_get_tfm_and_mutex_for_cipher_name
    + *
    + * @tfm: set to cached tfm found, or new tfm created
    + * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
    + * @cipher_name: the name of the cipher to search for and/or add
    + *
    + * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
    + * Searches for cached item first, and creates new if not found.
    + * Returns 0 on success, non-zero if adding new cipher failed
    + */
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name)
    @@ -1851,22 +1896,17 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe

    (*tfm) = NULL;
    (*tfm_mutex) = NULL;
    +
    mutex_lock(&key_tfm_list_mutex);
    - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    - (*tfm) = key_tfm->key_tfm;
    - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    - mutex_unlock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
    + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    + if (rc) {
    + printk(KERN_ERR "Error adding new key_tfm to list; "
    + "rc = [%d]\n", rc);
    goto out;
    }
    }
    mutex_unlock(&key_tfm_list_mutex);
    - rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    - if (rc) {
    - printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n",
    - rc);
    - goto out;
    - }
    (*tfm) = key_tfm->key_tfm;
    (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    out:
    Index: linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/ecryptfs_kernel.h
    +++ linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    @@ -323,6 +323,8 @@ struct ecryptfs_key_tfm {
    unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
    };

    +extern struct mutex key_tfm_list_mutex;
    +
    /**
    * This struct is to enable a mount-wide passphrase/salt combo. This
    * is more or less a stopgap to provide similar functionality to other
    @@ -617,6 +619,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    size_t key_size);
    int ecryptfs_init_crypto(void);
    int ecryptfs_destroy_crypto(void);
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name);
    Index: linux-2.6.24-rc3/fs/ecryptfs/main.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/main.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/main.c
    @@ -420,9 +420,13 @@ static int ecryptfs_parse_options(struct
    if (!cipher_key_bytes_set) {
    mount_crypt_stat->global_default_cipher_key_size = 0;
    }
    - rc = ecryptfs_add_new_key_tfm(
    - NULL, mount_crypt_stat->global_default_cipher_name,
    - mount_crypt_stat->global_default_cipher_key_size);
    + mutex_lock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    + NULL))
    + rc = ecryptfs_add_new_key_tfm(
    + NULL, mount_crypt_stat->global_default_cipher_name,
    + mount_crypt_stat->global_default_cipher_key_size);
    + mutex_unlock(&key_tfm_list_mutex);
    if (rc) {
    printk(KERN_ERR "Error attempting to initialize cipher with "
    "name = [%s] and key size = [%td]; rc = [%d]\n",

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  8. [PATCH] (UPDATED3) ecryptfs: check for existing key_tfm at mount time

    (ugh, remove extra mutex_unlock I missed when changing locking
    per Andrew's suggestion...)

    Jeff Moyer pointed out that a mount; umount loop of ecryptfs,
    with the same cipher & other mount options, created a new
    ecryptfs_key_tfm_cache item each time, and the cache could
    grow quite large this way.

    Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
    unconditionally called ecryptfs_add_new_key_tfm(), which is what
    was adding these items.

    Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a
    new helper function, ecryptfs_tfm_exists(), which checks for the
    cipher on the cached key_tfm_list, and sets a pointer
    to it if it exists. This can then be called from
    ecryptfs_parse_options(), and new key_tfm's can be added only when
    a cached one is not found.

    With list locking changes suggested by akpm.

    Signed-off-by: Eric Sandeen
    ---

    Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c
    @@ -1780,7 +1780,7 @@ out:

    struct kmem_cache *ecryptfs_key_tfm_cache;
    static struct list_head key_tfm_list;
    -static struct mutex key_tfm_list_mutex;
    +struct mutex key_tfm_list_mutex;

    int ecryptfs_init_crypto(void)
    {
    @@ -1789,6 +1789,11 @@ int ecryptfs_init_crypto(void)
    return 0;
    }

    +/**
    + * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
    + *
    + * Called only at module unload time
    + */
    int ecryptfs_destroy_crypto(void)
    {
    struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
    @@ -1812,6 +1817,8 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    struct ecryptfs_key_tfm *tmp_tfm;
    int rc = 0;

    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
    if (key_tfm != NULL)
    (*key_tfm) = tmp_tfm;
    @@ -1838,13 +1845,50 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    (*key_tfm) = NULL;
    goto out;
    }
    - mutex_lock(&key_tfm_list_mutex);
    list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
    - mutex_unlock(&key_tfm_list_mutex);
    out:
    return rc;
    }

    +/**
    + * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
    + * @cipher_name: the name of the cipher to search for
    + * @key_tfm: set to corresponding tfm if found
    + *
    + * Searches for cached key_tfm matching @cipher_name
    + * Must be called with &key_tfm_list_mutex held
    + * Returns 1 if found, with @key_tfm set
    + * Returns 0 if not found, with @key_tfm set to NULL
    + */
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
    +{
    + struct ecryptfs_key_tfm *tmp_key_tfm;
    +
    + BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
    +
    + list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
    + if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
    + if (key_tfm)
    + (*key_tfm) = tmp_key_tfm;
    + return 1;
    + }
    + }
    + if (key_tfm)
    + (*key_tfm) = NULL;
    + return 0;
    +}
    +
    +/**
    + * ecryptfs_get_tfm_and_mutex_for_cipher_name
    + *
    + * @tfm: set to cached tfm found, or new tfm created
    + * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
    + * @cipher_name: the name of the cipher to search for and/or add
    + *
    + * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
    + * Searches for cached item first, and creates new if not found.
    + * Returns 0 on success, non-zero if adding new cipher failed
    + */
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name)
    @@ -1854,22 +1898,17 @@ int ecryptfs_get_tfm_and_mutex_for_ciphe

    (*tfm) = NULL;
    (*tfm_mutex) = NULL;
    +
    mutex_lock(&key_tfm_list_mutex);
    - list_for_each_entry(key_tfm, &key_tfm_list, key_tfm_list) {
    - if (strcmp(key_tfm->cipher_name, cipher_name) == 0) {
    - (*tfm) = key_tfm->key_tfm;
    - (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    - mutex_unlock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
    + rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    + if (rc) {
    + printk(KERN_ERR "Error adding new key_tfm to list; "
    + "rc = [%d]\n", rc);
    goto out;
    }
    }
    mutex_unlock(&key_tfm_list_mutex);
    - rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
    - if (rc) {
    - printk(KERN_ERR "Error adding new key_tfm to list; rc = [%d]\n",
    - rc);
    - goto out;
    - }
    (*tfm) = key_tfm->key_tfm;
    (*tfm_mutex) = &key_tfm->key_tfm_mutex;
    out:
    Index: linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/ecryptfs_kernel.h
    +++ linux-2.6.24-rc3/fs/ecryptfs/ecryptfs_kernel.h
    @@ -323,6 +323,8 @@ struct ecryptfs_key_tfm {
    unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
    };

    +extern struct mutex key_tfm_list_mutex;
    +
    /**
    * This struct is to enable a mount-wide passphrase/salt combo. This
    * is more or less a stopgap to provide similar functionality to other
    @@ -617,6 +619,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs
    size_t key_size);
    int ecryptfs_init_crypto(void);
    int ecryptfs_destroy_crypto(void);
    +int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
    int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
    struct mutex **tfm_mutex,
    char *cipher_name);
    Index: linux-2.6.24-rc3/fs/ecryptfs/main.c
    ================================================== =================
    --- linux-2.6.24-rc3.orig/fs/ecryptfs/main.c
    +++ linux-2.6.24-rc3/fs/ecryptfs/main.c
    @@ -410,9 +410,13 @@ static int ecryptfs_parse_options(struct
    if (!cipher_key_bytes_set) {
    mount_crypt_stat->global_default_cipher_key_size = 0;
    }
    - rc = ecryptfs_add_new_key_tfm(
    - NULL, mount_crypt_stat->global_default_cipher_name,
    - mount_crypt_stat->global_default_cipher_key_size);
    + mutex_lock(&key_tfm_list_mutex);
    + if (!ecryptfs_tfm_exists(mount_crypt_stat->global_default_cipher_name,
    + NULL))
    + rc = ecryptfs_add_new_key_tfm(
    + NULL, mount_crypt_stat->global_default_cipher_name,
    + mount_crypt_stat->global_default_cipher_key_size);
    + mutex_unlock(&key_tfm_list_mutex);
    if (rc) {
    printk(KERN_ERR "Error attempting to initialize cipher with "
    "name = [%s] and key size = [%td]; rc = [%d]\n",

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread