From: Michael Halcrow Introduce kmem_cache objects for handling multiple keys per inode. Add calls in the module init and exit code to call the key list initialization/destruction functions. Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton --- fs/ecryptfs/main.c | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-) diff -puN fs/ecryptfs/main.c~ecryptfs-kmem_cache-objects-for-multiple-keys-init-exit-functions fs/ecryptfs/main.c --- a/fs/ecryptfs/main.c~ecryptfs-kmem_cache-objects-for-multiple-keys-init-exit-functions +++ a/fs/ecryptfs/main.c @@ -239,14 +239,11 @@ static int ecryptfs_parse_options(struct int cipher_name_set = 0; int cipher_key_bytes; int cipher_key_bytes_set = 0; - struct key *auth_tok_key = NULL; - struct ecryptfs_auth_tok *auth_tok = NULL; struct ecryptfs_mount_crypt_stat *mount_crypt_stat = &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; substring_t args[MAX_OPT_ARGS]; int token; char *sig_src; - char *sig_dst; char *debug_src; char *cipher_name_dst; char *cipher_name_src; @@ -257,6 +254,7 @@ static int ecryptfs_parse_options(struct rc = -EINVAL; goto out; } + ecryptfs_init_mount_crypt_stat(mount_crypt_stat); while ((p = strsep(&options, ",")) != NULL) { if (!*p) continue; @@ -333,12 +331,10 @@ static int ecryptfs_parse_options(struct p); } } - /* Do not support lack of mount-wide signature in 0.1 - * release */ if (!sig_set) { rc = -EINVAL; - ecryptfs_printk(KERN_ERR, "You must supply a valid " - "passphrase auth tok signature as a mount " + ecryptfs_printk(KERN_ERR, "You must supply at least one valid " + "auth tok signature as a mount " "parameter; see the eCryptfs README\n"); goto out; } @@ -614,6 +610,21 @@ static struct ecryptfs_cache_info { .name = "ecryptfs_key_record_cache", .size = sizeof(struct ecryptfs_key_record), }, + { + .cache = &ecryptfs_key_sig_cache, + .name = "ecryptfs_key_sig_cache", + .size = sizeof(struct ecryptfs_key_sig), + }, + { + .cache = &ecryptfs_global_auth_tok_cache, + .name = "ecryptfs_global_auth_tok_cache", + .size = sizeof(struct ecryptfs_global_auth_tok), + }, + { + .cache = &ecryptfs_key_tfm_cache, + .name = "ecryptfs_key_tfm_cache", + .size = sizeof(struct ecryptfs_key_tfm), + }, }; static void ecryptfs_free_kmem_caches(void) @@ -716,7 +727,8 @@ static struct ecryptfs_version_str_map_e {ECRYPTFS_VERSIONING_PUBKEY, "pubkey"}, {ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH, "plaintext passthrough"}, {ECRYPTFS_VERSIONING_POLICY, "policy"}, - {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"} + {ECRYPTFS_VERSIONING_XATTR, "metadata in extended attribute"}, + {ECRYPTFS_VERSIONING_MULTKEY, "multiple keys per file"} }; static ssize_t version_str_show(struct ecryptfs_obj *obj, char *buff) @@ -817,6 +829,11 @@ static int __init ecryptfs_init(void) if (rc) { ecryptfs_printk(KERN_ERR, "Failure occured while attempting to " "initialize the eCryptfs netlink socket\n"); + goto out; + } + if ((rc = ecryptfs_init_crypto())) { + printk(KERN_ERR "Failure whilst attempting to init crypto; " + "rc = [%d]\n", rc); } out: return rc; @@ -824,6 +841,12 @@ out: static void __exit ecryptfs_exit(void) { + int rc; + + if ((rc = ecryptfs_destruct_crypto())) { + printk(KERN_ERR "Failure whilst attempting to destruct crypto; " + "rc = [%d]\n", rc); + } sysfs_remove_file(&ecryptfs_subsys.kobj, &sysfs_attr_version.attr); sysfs_remove_file(&ecryptfs_subsys.kobj, _