mutex_lock(&ecryptfs_daemon_hash_mux);
/* TODO: Just use file->private_data? */
- rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
+ rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid,
+ current->nsproxy->user_ns);
BUG_ON(rc || !daemon);
mutex_lock(&daemon->mux);
mutex_unlock(&ecryptfs_daemon_hash_mux);
"count; rc = [%d]\n", __func__, rc);
goto out_unlock_daemon_list;
}
- rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
+ rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid,
+ current->nsproxy->user_ns);
if (rc || !daemon) {
rc = ecryptfs_spawn_daemon(&daemon, current->euid,
- current->pid);
+ current->nsproxy->user_ns,
+ task_pid(current));
if (rc) {
printk(KERN_ERR "%s: Error attempting to spawn daemon; "
"rc = [%d]\n", __func__, rc);
}
}
mutex_lock(&daemon->mux);
- if (daemon->pid != current->pid) {
+ if (daemon->pid != task_pid(current)) {
rc = -EINVAL;
- printk(KERN_ERR "%s: pid [%d] has registered with euid [%d], "
- "but pid [%d] has attempted to open the handle "
+ printk(KERN_ERR "%s: pid [0x%p] has registered with euid [%d], "
+ "but pid [0x%p] has attempted to open the handle "
"instead\n", __func__, daemon->pid, daemon->euid,
- current->pid);
+ task_pid(current));
goto out_unlock_daemon;
}
if (daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN) {
rc = -EBUSY;
printk(KERN_ERR "%s: Miscellaneous device handle may only be "
- "opened once per daemon; pid [%d] already has this "
+ "opened once per daemon; pid [0x%p] already has this "
"handle open\n", __func__, daemon->pid);
goto out_unlock_daemon;
}
int rc;
mutex_lock(&ecryptfs_daemon_hash_mux);
- rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
+ rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid,
+ current->nsproxy->user_ns);
BUG_ON(rc || !daemon);
mutex_lock(&daemon->mux);
- BUG_ON(daemon->pid != current->pid);
+ BUG_ON(daemon->pid != task_pid(current));
BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN));
daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN;
atomic_dec(&ecryptfs_num_miscdev_opens);
if (!msg_ctx->msg) {
rc = -ENOMEM;
printk(KERN_ERR "%s: Out of memory whilst attempting "
- "to kmalloc(%d, GFP_KERNEL)\n", __func__,
+ "to kmalloc(%Zd, GFP_KERNEL)\n", __func__,
(sizeof(*msg_ctx->msg) + data_size));
goto out_unlock;
}
*
* Returns the number of bytes copied into the user buffer
*/
-static int
+static ssize_t
ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count,
loff_t *ppos)
{
struct ecryptfs_daemon *daemon;
struct ecryptfs_msg_ctx *msg_ctx;
size_t packet_length_size;
- u32 counter_nbo;
char packet_length[3];
size_t i;
size_t total_length;
mutex_lock(&ecryptfs_daemon_hash_mux);
/* TODO: Just use file->private_data? */
- rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid);
+ rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid,
+ current->nsproxy->user_ns);
BUG_ON(rc || !daemon);
mutex_lock(&daemon->mux);
if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) {
rc = 0;
+ mutex_unlock(&ecryptfs_daemon_hash_mux);
printk(KERN_WARNING "%s: Attempt to read from zombified "
"daemon\n", __func__);
goto out_unlock_daemon;
}
if (daemon->flags & ECRYPTFS_DAEMON_IN_READ) {
rc = 0;
+ mutex_unlock(&ecryptfs_daemon_hash_mux);
goto out_unlock_daemon;
}
/* This daemon will not go away so long as this flag is set */
goto check_list;
}
BUG_ON(current->euid != daemon->euid);
- BUG_ON(current->pid != daemon->pid);
+ BUG_ON(current->nsproxy->user_ns != daemon->user_ns);
+ BUG_ON(task_pid(current) != daemon->pid);
msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue,
struct ecryptfs_msg_ctx, daemon_out_list);
BUG_ON(!msg_ctx);
"pending message\n", __func__, count, total_length);
goto out_unlock_msg_ctx;
}
- i = 0;
- buf[i++] = msg_ctx->type;
- counter_nbo = cpu_to_be32(msg_ctx->counter);
- memcpy(&buf[i], (char *)&counter_nbo, 4);
- i += 4;
+ rc = -EFAULT;
+ if (put_user(msg_ctx->type, buf))
+ goto out_unlock_msg_ctx;
+ if (put_user(cpu_to_be32(msg_ctx->counter), (__be32 __user *)(buf + 1)))
+ goto out_unlock_msg_ctx;
+ i = 5;
if (msg_ctx->msg) {
- memcpy(&buf[i], packet_length, packet_length_size);
+ if (copy_to_user(&buf[i], packet_length, packet_length_size))
+ goto out_unlock_msg_ctx;
i += packet_length_size;
- rc = copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size);
- if (rc) {
- printk(KERN_ERR "%s: copy_to_user returned error "
- "[%d]\n", __func__, rc);
+ if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
goto out_unlock_msg_ctx;
- }
i += msg_ctx->msg_size;
}
rc = i;
}
/**
- * ecryptfs_miscdev_helo
- * @euid: effective user id of miscdevess sending helo packet
- * @pid: miscdevess id of miscdevess sending helo packet
- *
- * Returns zero on success; non-zero otherwise
- */
-static int ecryptfs_miscdev_helo(uid_t uid, pid_t pid)
-{
- int rc;
-
- rc = ecryptfs_process_helo(ECRYPTFS_TRANSPORT_MISCDEV, uid, pid);
- if (rc)
- printk(KERN_WARNING "Error processing HELO; rc = [%d]\n", rc);
- return rc;
-}
-
-/**
- * ecryptfs_miscdev_quit
- * @euid: effective user id of miscdevess sending quit packet
- * @pid: miscdevess id of miscdevess sending quit packet
- *
- * Returns zero on success; non-zero otherwise
- */
-static int ecryptfs_miscdev_quit(uid_t euid, pid_t pid)
-{
- int rc;
-
- rc = ecryptfs_process_quit(euid, pid);
- if (rc)
- printk(KERN_WARNING
- "Error processing QUIT message; rc = [%d]\n", rc);
- return rc;
-}
-
-/**
* ecryptfs_miscdev_response - miscdevess response to message previously sent to daemon
* @data: Bytes comprising struct ecryptfs_message
* @data_size: sizeof(struct ecryptfs_message) + data len
* @euid: Effective user id of miscdevess sending the miscdev response
+ * @user_ns: The namespace in which @euid applies
* @pid: Miscdevess id of miscdevess sending the miscdev response
* @seq: Sequence number for miscdev response packet
*
* Returns zero on success; non-zero otherwise
*/
static int ecryptfs_miscdev_response(char *data, size_t data_size,
- uid_t euid, pid_t pid, u32 seq)
+ uid_t euid, struct user_namespace *user_ns,
+ struct pid *pid, u32 seq)
{
struct ecryptfs_message *msg = (struct ecryptfs_message *)data;
int rc;
rc = -EINVAL;
goto out;
}
- rc = ecryptfs_process_response(msg, euid, pid, seq);
+ rc = ecryptfs_process_response(msg, euid, user_ns, pid, seq);
if (rc)
printk(KERN_ERR
"Error processing response message; rc = [%d]\n", rc);
ecryptfs_miscdev_write(struct file *file, const char __user *buf,
size_t count, loff_t *ppos)
{
- u32 counter_nbo, seq;
+ __be32 counter_nbo;
+ u32 seq;
size_t packet_size, packet_size_length, i;
ssize_t sz = 0;
char *data;
count);
goto out_free;
}
- memcpy((char *)&counter_nbo, &data[i], 4);
+ memcpy(&counter_nbo, &data[i], 4);
seq = be32_to_cpu(counter_nbo);
i += 4;
rc = ecryptfs_parse_packet_length(&data[i], &packet_size,
}
rc = ecryptfs_miscdev_response(&data[i], packet_size,
current->euid,
- current->pid, seq);
+ current->nsproxy->user_ns,
+ task_pid(current), seq);
if (rc)
printk(KERN_WARNING "%s: Failed to deliver miscdev "
"response to requesting operation; rc = [%d]\n",
__func__, rc);
break;
case ECRYPTFS_MSG_HELO:
- rc = ecryptfs_miscdev_helo(current->euid, current->pid);
- if (rc) {
- printk(KERN_ERR "%s: Error attempting to process "
- "helo from pid [%d]; rc = [%d]\n", __func__,
- current->pid, rc);
- goto out_free;
- }
- break;
case ECRYPTFS_MSG_QUIT:
- rc = ecryptfs_miscdev_quit(current->euid, current->pid);
- if (rc) {
- printk(KERN_ERR "%s: Error attempting to process "
- "quit from pid [%d]; rc = [%d]\n", __func__,
- current->pid, rc);
- goto out_free;
- }
break;
default:
ecryptfs_printk(KERN_WARNING, "Dropping miscdev "
int rc;
atomic_set(&ecryptfs_num_miscdev_opens, 0);
- mutex_lock(&ecryptfs_daemon_hash_mux);
rc = misc_register(&ecryptfs_miscdev);
if (rc)
printk(KERN_ERR "%s: Failed to register miscellaneous device "
"for communications with userspace daemons; rc = [%d]\n",
__func__, rc);
- mutex_unlock(&ecryptfs_daemon_hash_mux);
return rc;
}