Commit | Line | Data |
---|---|---|
09c434b8 | 1 | // SPDX-License-Identifier: GPL-2.0-only |
0b81d077 JK |
2 | /* |
3 | * This contains encryption functions for per-file encryption. | |
4 | * | |
5 | * Copyright (C) 2015, Google, Inc. | |
6 | * Copyright (C) 2015, Motorola Mobility | |
7 | * | |
8 | * Written by Michael Halcrow, 2014. | |
9 | * | |
10 | * Filename encryption additions | |
11 | * Uday Savagaonkar, 2014 | |
12 | * Encryption policy handling additions | |
13 | * Ildar Muslukhov, 2014 | |
14 | * Add fscrypt_pullback_bio_page() | |
15 | * Jaegeuk Kim, 2015. | |
16 | * | |
17 | * This has not yet undergone a rigorous security audit. | |
18 | * | |
19 | * The usage of AES-XTS should conform to recommendations in NIST | |
20 | * Special Publication 800-38E and IEEE P1619/D16. | |
21 | */ | |
22 | ||
0b81d077 JK |
23 | #include <linux/pagemap.h> |
24 | #include <linux/mempool.h> | |
25 | #include <linux/module.h> | |
26 | #include <linux/scatterlist.h> | |
27 | #include <linux/ratelimit.h> | |
0b81d077 | 28 | #include <linux/dcache.h> |
03a8bb0e | 29 | #include <linux/namei.h> |
b7e7cf7a | 30 | #include <crypto/aes.h> |
a575784c | 31 | #include <crypto/skcipher.h> |
cc4e0df0 | 32 | #include "fscrypt_private.h" |
0b81d077 JK |
33 | |
34 | static unsigned int num_prealloc_crypto_pages = 32; | |
35 | static unsigned int num_prealloc_crypto_ctxs = 128; | |
36 | ||
37 | module_param(num_prealloc_crypto_pages, uint, 0444); | |
38 | MODULE_PARM_DESC(num_prealloc_crypto_pages, | |
39 | "Number of crypto pages to preallocate"); | |
40 | module_param(num_prealloc_crypto_ctxs, uint, 0444); | |
41 | MODULE_PARM_DESC(num_prealloc_crypto_ctxs, | |
42 | "Number of crypto contexts to preallocate"); | |
43 | ||
44 | static mempool_t *fscrypt_bounce_page_pool = NULL; | |
45 | ||
46 | static LIST_HEAD(fscrypt_free_ctxs); | |
47 | static DEFINE_SPINLOCK(fscrypt_ctx_lock); | |
48 | ||
0cb8dae4 | 49 | static struct workqueue_struct *fscrypt_read_workqueue; |
0b81d077 JK |
50 | static DEFINE_MUTEX(fscrypt_init_mutex); |
51 | ||
52 | static struct kmem_cache *fscrypt_ctx_cachep; | |
53 | struct kmem_cache *fscrypt_info_cachep; | |
54 | ||
0cb8dae4 EB |
55 | void fscrypt_enqueue_decrypt_work(struct work_struct *work) |
56 | { | |
57 | queue_work(fscrypt_read_workqueue, work); | |
58 | } | |
59 | EXPORT_SYMBOL(fscrypt_enqueue_decrypt_work); | |
60 | ||
0b81d077 | 61 | /** |
2a415a02 EB |
62 | * fscrypt_release_ctx() - Release a decryption context |
63 | * @ctx: The decryption context to release. | |
0b81d077 | 64 | * |
2a415a02 EB |
65 | * If the decryption context was allocated from the pre-allocated pool, return |
66 | * it to that pool. Else, free it. | |
0b81d077 JK |
67 | */ |
68 | void fscrypt_release_ctx(struct fscrypt_ctx *ctx) | |
69 | { | |
70 | unsigned long flags; | |
71 | ||
0b81d077 JK |
72 | if (ctx->flags & FS_CTX_REQUIRES_FREE_ENCRYPT_FL) { |
73 | kmem_cache_free(fscrypt_ctx_cachep, ctx); | |
74 | } else { | |
75 | spin_lock_irqsave(&fscrypt_ctx_lock, flags); | |
76 | list_add(&ctx->free_list, &fscrypt_free_ctxs); | |
77 | spin_unlock_irqrestore(&fscrypt_ctx_lock, flags); | |
78 | } | |
79 | } | |
80 | EXPORT_SYMBOL(fscrypt_release_ctx); | |
81 | ||
82 | /** | |
2a415a02 | 83 | * fscrypt_get_ctx() - Get a decryption context |
b32e4482 | 84 | * @gfp_flags: The gfp flag for memory allocation |
0b81d077 | 85 | * |
2a415a02 | 86 | * Allocate and initialize a decryption context. |
0b81d077 | 87 | * |
2a415a02 | 88 | * Return: A new decryption context on success; an ERR_PTR() otherwise. |
0b81d077 | 89 | */ |
cd0265fc | 90 | struct fscrypt_ctx *fscrypt_get_ctx(gfp_t gfp_flags) |
0b81d077 | 91 | { |
cd0265fc | 92 | struct fscrypt_ctx *ctx; |
0b81d077 JK |
93 | unsigned long flags; |
94 | ||
0b81d077 | 95 | /* |
d2d0727b EB |
96 | * First try getting a ctx from the free list so that we don't have to |
97 | * call into the slab allocator. | |
0b81d077 JK |
98 | */ |
99 | spin_lock_irqsave(&fscrypt_ctx_lock, flags); | |
100 | ctx = list_first_entry_or_null(&fscrypt_free_ctxs, | |
101 | struct fscrypt_ctx, free_list); | |
102 | if (ctx) | |
103 | list_del(&ctx->free_list); | |
104 | spin_unlock_irqrestore(&fscrypt_ctx_lock, flags); | |
105 | if (!ctx) { | |
b32e4482 | 106 | ctx = kmem_cache_zalloc(fscrypt_ctx_cachep, gfp_flags); |
0b81d077 JK |
107 | if (!ctx) |
108 | return ERR_PTR(-ENOMEM); | |
109 | ctx->flags |= FS_CTX_REQUIRES_FREE_ENCRYPT_FL; | |
110 | } else { | |
111 | ctx->flags &= ~FS_CTX_REQUIRES_FREE_ENCRYPT_FL; | |
112 | } | |
0b81d077 JK |
113 | return ctx; |
114 | } | |
115 | EXPORT_SYMBOL(fscrypt_get_ctx); | |
116 | ||
d2d0727b EB |
117 | struct page *fscrypt_alloc_bounce_page(gfp_t gfp_flags) |
118 | { | |
119 | return mempool_alloc(fscrypt_bounce_page_pool, gfp_flags); | |
120 | } | |
121 | ||
122 | /** | |
123 | * fscrypt_free_bounce_page() - free a ciphertext bounce page | |
124 | * | |
53bc1d85 EB |
125 | * Free a bounce page that was allocated by fscrypt_encrypt_pagecache_blocks(), |
126 | * or by fscrypt_alloc_bounce_page() directly. | |
d2d0727b EB |
127 | */ |
128 | void fscrypt_free_bounce_page(struct page *bounce_page) | |
129 | { | |
130 | if (!bounce_page) | |
131 | return; | |
132 | set_page_private(bounce_page, (unsigned long)NULL); | |
133 | ClearPagePrivate(bounce_page); | |
134 | mempool_free(bounce_page, fscrypt_bounce_page_pool); | |
135 | } | |
136 | EXPORT_SYMBOL(fscrypt_free_bounce_page); | |
137 | ||
8094c3ce EB |
138 | void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num, |
139 | const struct fscrypt_info *ci) | |
140 | { | |
141 | memset(iv, 0, ci->ci_mode->ivsize); | |
142 | iv->lblk_num = cpu_to_le64(lblk_num); | |
143 | ||
144 | if (ci->ci_flags & FS_POLICY_FLAG_DIRECT_KEY) | |
145 | memcpy(iv->nonce, ci->ci_nonce, FS_KEY_DERIVATION_NONCE_SIZE); | |
146 | ||
147 | if (ci->ci_essiv_tfm != NULL) | |
148 | crypto_cipher_encrypt_one(ci->ci_essiv_tfm, iv->raw, iv->raw); | |
149 | } | |
150 | ||
f47fcbb2 EB |
151 | /* Encrypt or decrypt a single filesystem block of file contents */ |
152 | int fscrypt_crypt_block(const struct inode *inode, fscrypt_direction_t rw, | |
153 | u64 lblk_num, struct page *src_page, | |
154 | struct page *dest_page, unsigned int len, | |
155 | unsigned int offs, gfp_t gfp_flags) | |
0b81d077 | 156 | { |
8094c3ce | 157 | union fscrypt_iv iv; |
d407574e | 158 | struct skcipher_request *req = NULL; |
d0082e1a | 159 | DECLARE_CRYPTO_WAIT(wait); |
0b81d077 JK |
160 | struct scatterlist dst, src; |
161 | struct fscrypt_info *ci = inode->i_crypt_info; | |
d407574e | 162 | struct crypto_skcipher *tfm = ci->ci_ctfm; |
0b81d077 JK |
163 | int res = 0; |
164 | ||
eeacfdc6 EB |
165 | if (WARN_ON_ONCE(len <= 0)) |
166 | return -EINVAL; | |
167 | if (WARN_ON_ONCE(len % FS_CRYPTO_BLOCK_SIZE != 0)) | |
168 | return -EINVAL; | |
1400451f | 169 | |
8094c3ce | 170 | fscrypt_generate_iv(&iv, lblk_num, ci); |
b7e7cf7a | 171 | |
b32e4482 | 172 | req = skcipher_request_alloc(tfm, gfp_flags); |
c90fd775 | 173 | if (!req) |
0b81d077 | 174 | return -ENOMEM; |
0b81d077 | 175 | |
d407574e | 176 | skcipher_request_set_callback( |
0b81d077 | 177 | req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, |
d0082e1a | 178 | crypto_req_done, &wait); |
0b81d077 | 179 | |
0b81d077 | 180 | sg_init_table(&dst, 1); |
1400451f | 181 | sg_set_page(&dst, dest_page, len, offs); |
0b81d077 | 182 | sg_init_table(&src, 1); |
1400451f | 183 | sg_set_page(&src, src_page, len, offs); |
b7e7cf7a | 184 | skcipher_request_set_crypt(req, &src, &dst, len, &iv); |
0b81d077 | 185 | if (rw == FS_DECRYPT) |
d0082e1a | 186 | res = crypto_wait_req(crypto_skcipher_decrypt(req), &wait); |
0b81d077 | 187 | else |
d0082e1a | 188 | res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait); |
d407574e | 189 | skcipher_request_free(req); |
0b81d077 | 190 | if (res) { |
544d08fd EB |
191 | fscrypt_err(inode->i_sb, |
192 | "%scryption failed for inode %lu, block %llu: %d", | |
193 | (rw == FS_DECRYPT ? "de" : "en"), | |
194 | inode->i_ino, lblk_num, res); | |
0b81d077 JK |
195 | return res; |
196 | } | |
197 | return 0; | |
198 | } | |
199 | ||
0b81d077 | 200 | /** |
53bc1d85 EB |
201 | * fscrypt_encrypt_pagecache_blocks() - Encrypt filesystem blocks from a pagecache page |
202 | * @page: The locked pagecache page containing the block(s) to encrypt | |
203 | * @len: Total size of the block(s) to encrypt. Must be a nonzero | |
204 | * multiple of the filesystem's block size. | |
205 | * @offs: Byte offset within @page of the first block to encrypt. Must be | |
206 | * a multiple of the filesystem's block size. | |
207 | * @gfp_flags: Memory allocation flags | |
208 | * | |
209 | * A new bounce page is allocated, and the specified block(s) are encrypted into | |
210 | * it. In the bounce page, the ciphertext block(s) will be located at the same | |
211 | * offsets at which the plaintext block(s) were located in the source page; any | |
212 | * other parts of the bounce page will be left uninitialized. However, normally | |
213 | * blocksize == PAGE_SIZE and the whole page is encrypted at once. | |
0b81d077 | 214 | * |
53bc1d85 | 215 | * This is for use by the filesystem's ->writepages() method. |
0b81d077 | 216 | * |
53bc1d85 | 217 | * Return: the new encrypted bounce page on success; an ERR_PTR() on failure |
0b81d077 | 218 | */ |
53bc1d85 EB |
219 | struct page *fscrypt_encrypt_pagecache_blocks(struct page *page, |
220 | unsigned int len, | |
221 | unsigned int offs, | |
222 | gfp_t gfp_flags) | |
7821d4dd | 223 | |
0b81d077 | 224 | { |
53bc1d85 EB |
225 | const struct inode *inode = page->mapping->host; |
226 | const unsigned int blockbits = inode->i_blkbits; | |
227 | const unsigned int blocksize = 1 << blockbits; | |
03569f2f | 228 | struct page *ciphertext_page; |
53bc1d85 EB |
229 | u64 lblk_num = ((u64)page->index << (PAGE_SHIFT - blockbits)) + |
230 | (offs >> blockbits); | |
231 | unsigned int i; | |
0b81d077 JK |
232 | int err; |
233 | ||
eeacfdc6 EB |
234 | if (WARN_ON_ONCE(!PageLocked(page))) |
235 | return ERR_PTR(-EINVAL); | |
bd7b8290 | 236 | |
53bc1d85 EB |
237 | if (WARN_ON_ONCE(len <= 0 || !IS_ALIGNED(len | offs, blocksize))) |
238 | return ERR_PTR(-EINVAL); | |
239 | ||
d2d0727b EB |
240 | ciphertext_page = fscrypt_alloc_bounce_page(gfp_flags); |
241 | if (!ciphertext_page) | |
242 | return ERR_PTR(-ENOMEM); | |
0b81d077 | 243 | |
53bc1d85 EB |
244 | for (i = offs; i < offs + len; i += blocksize, lblk_num++) { |
245 | err = fscrypt_crypt_block(inode, FS_ENCRYPT, lblk_num, | |
246 | page, ciphertext_page, | |
247 | blocksize, i, gfp_flags); | |
248 | if (err) { | |
249 | fscrypt_free_bounce_page(ciphertext_page); | |
250 | return ERR_PTR(err); | |
251 | } | |
0b81d077 | 252 | } |
9e532772 | 253 | SetPagePrivate(ciphertext_page); |
d2d0727b | 254 | set_page_private(ciphertext_page, (unsigned long)page); |
0b81d077 JK |
255 | return ciphertext_page; |
256 | } | |
53bc1d85 | 257 | EXPORT_SYMBOL(fscrypt_encrypt_pagecache_blocks); |
0b81d077 | 258 | |
03569f2f EB |
259 | /** |
260 | * fscrypt_encrypt_block_inplace() - Encrypt a filesystem block in-place | |
261 | * @inode: The inode to which this block belongs | |
262 | * @page: The page containing the block to encrypt | |
263 | * @len: Size of block to encrypt. Doesn't need to be a multiple of the | |
264 | * fs block size, but must be a multiple of FS_CRYPTO_BLOCK_SIZE. | |
265 | * @offs: Byte offset within @page at which the block to encrypt begins | |
266 | * @lblk_num: Filesystem logical block number of the block, i.e. the 0-based | |
267 | * number of the block within the file | |
268 | * @gfp_flags: Memory allocation flags | |
269 | * | |
270 | * Encrypt a possibly-compressed filesystem block that is located in an | |
271 | * arbitrary page, not necessarily in the original pagecache page. The @inode | |
272 | * and @lblk_num must be specified, as they can't be determined from @page. | |
273 | * | |
274 | * Return: 0 on success; -errno on failure | |
275 | */ | |
276 | int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page, | |
277 | unsigned int len, unsigned int offs, | |
278 | u64 lblk_num, gfp_t gfp_flags) | |
279 | { | |
280 | return fscrypt_crypt_block(inode, FS_ENCRYPT, lblk_num, page, page, | |
281 | len, offs, gfp_flags); | |
282 | } | |
283 | EXPORT_SYMBOL(fscrypt_encrypt_block_inplace); | |
284 | ||
0b81d077 | 285 | /** |
aa8bc1ac EB |
286 | * fscrypt_decrypt_pagecache_blocks() - Decrypt filesystem blocks in a pagecache page |
287 | * @page: The locked pagecache page containing the block(s) to decrypt | |
288 | * @len: Total size of the block(s) to decrypt. Must be a nonzero | |
289 | * multiple of the filesystem's block size. | |
290 | * @offs: Byte offset within @page of the first block to decrypt. Must be | |
291 | * a multiple of the filesystem's block size. | |
0b81d077 | 292 | * |
aa8bc1ac EB |
293 | * The specified block(s) are decrypted in-place within the pagecache page, |
294 | * which must still be locked and not uptodate. Normally, blocksize == | |
295 | * PAGE_SIZE and the whole page is decrypted at once. | |
0b81d077 | 296 | * |
aa8bc1ac | 297 | * This is for use by the filesystem's ->readpages() method. |
0b81d077 | 298 | * |
aa8bc1ac | 299 | * Return: 0 on success; -errno on failure |
0b81d077 | 300 | */ |
aa8bc1ac EB |
301 | int fscrypt_decrypt_pagecache_blocks(struct page *page, unsigned int len, |
302 | unsigned int offs) | |
0b81d077 | 303 | { |
aa8bc1ac EB |
304 | const struct inode *inode = page->mapping->host; |
305 | const unsigned int blockbits = inode->i_blkbits; | |
306 | const unsigned int blocksize = 1 << blockbits; | |
307 | u64 lblk_num = ((u64)page->index << (PAGE_SHIFT - blockbits)) + | |
308 | (offs >> blockbits); | |
309 | unsigned int i; | |
310 | int err; | |
311 | ||
41adbcb7 | 312 | if (WARN_ON_ONCE(!PageLocked(page))) |
eeacfdc6 | 313 | return -EINVAL; |
bd7b8290 | 314 | |
aa8bc1ac EB |
315 | if (WARN_ON_ONCE(len <= 0 || !IS_ALIGNED(len | offs, blocksize))) |
316 | return -EINVAL; | |
317 | ||
318 | for (i = offs; i < offs + len; i += blocksize, lblk_num++) { | |
319 | err = fscrypt_crypt_block(inode, FS_DECRYPT, lblk_num, page, | |
320 | page, blocksize, i, GFP_NOFS); | |
321 | if (err) | |
322 | return err; | |
323 | } | |
324 | return 0; | |
0b81d077 | 325 | } |
aa8bc1ac | 326 | EXPORT_SYMBOL(fscrypt_decrypt_pagecache_blocks); |
0b81d077 | 327 | |
41adbcb7 EB |
328 | /** |
329 | * fscrypt_decrypt_block_inplace() - Decrypt a filesystem block in-place | |
330 | * @inode: The inode to which this block belongs | |
331 | * @page: The page containing the block to decrypt | |
332 | * @len: Size of block to decrypt. Doesn't need to be a multiple of the | |
333 | * fs block size, but must be a multiple of FS_CRYPTO_BLOCK_SIZE. | |
334 | * @offs: Byte offset within @page at which the block to decrypt begins | |
335 | * @lblk_num: Filesystem logical block number of the block, i.e. the 0-based | |
336 | * number of the block within the file | |
337 | * | |
338 | * Decrypt a possibly-compressed filesystem block that is located in an | |
339 | * arbitrary page, not necessarily in the original pagecache page. The @inode | |
340 | * and @lblk_num must be specified, as they can't be determined from @page. | |
341 | * | |
342 | * Return: 0 on success; -errno on failure | |
343 | */ | |
344 | int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page, | |
345 | unsigned int len, unsigned int offs, | |
346 | u64 lblk_num) | |
347 | { | |
348 | return fscrypt_crypt_block(inode, FS_DECRYPT, lblk_num, page, page, | |
349 | len, offs, GFP_NOFS); | |
350 | } | |
351 | EXPORT_SYMBOL(fscrypt_decrypt_block_inplace); | |
352 | ||
0b81d077 | 353 | /* |
6cc24868 EB |
354 | * Validate dentries in encrypted directories to make sure we aren't potentially |
355 | * caching stale dentries after a key has been added. | |
0b81d077 JK |
356 | */ |
357 | static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags) | |
358 | { | |
d7d75352 | 359 | struct dentry *dir; |
6cc24868 EB |
360 | int err; |
361 | int valid; | |
362 | ||
363 | /* | |
364 | * Plaintext names are always valid, since fscrypt doesn't support | |
365 | * reverting to ciphertext names without evicting the directory's inode | |
366 | * -- which implies eviction of the dentries in the directory. | |
367 | */ | |
368 | if (!(dentry->d_flags & DCACHE_ENCRYPTED_NAME)) | |
369 | return 1; | |
370 | ||
371 | /* | |
372 | * Ciphertext name; valid if the directory's key is still unavailable. | |
373 | * | |
374 | * Although fscrypt forbids rename() on ciphertext names, we still must | |
375 | * use dget_parent() here rather than use ->d_parent directly. That's | |
376 | * because a corrupted fs image may contain directory hard links, which | |
377 | * the VFS handles by moving the directory's dentry tree in the dcache | |
378 | * each time ->lookup() finds the directory and it already has a dentry | |
379 | * elsewhere. Thus ->d_parent can be changing, and we must safely grab | |
380 | * a reference to some ->d_parent to prevent it from being freed. | |
381 | */ | |
0b81d077 | 382 | |
03a8bb0e JK |
383 | if (flags & LOOKUP_RCU) |
384 | return -ECHILD; | |
385 | ||
d7d75352 | 386 | dir = dget_parent(dentry); |
6cc24868 EB |
387 | err = fscrypt_get_encryption_info(d_inode(dir)); |
388 | valid = !fscrypt_has_encryption_key(d_inode(dir)); | |
d7d75352 | 389 | dput(dir); |
0b81d077 | 390 | |
6cc24868 EB |
391 | if (err < 0) |
392 | return err; | |
393 | ||
394 | return valid; | |
0b81d077 JK |
395 | } |
396 | ||
397 | const struct dentry_operations fscrypt_d_ops = { | |
398 | .d_revalidate = fscrypt_d_revalidate, | |
399 | }; | |
0b81d077 | 400 | |
0b81d077 JK |
401 | static void fscrypt_destroy(void) |
402 | { | |
403 | struct fscrypt_ctx *pos, *n; | |
404 | ||
405 | list_for_each_entry_safe(pos, n, &fscrypt_free_ctxs, free_list) | |
406 | kmem_cache_free(fscrypt_ctx_cachep, pos); | |
407 | INIT_LIST_HEAD(&fscrypt_free_ctxs); | |
408 | mempool_destroy(fscrypt_bounce_page_pool); | |
409 | fscrypt_bounce_page_pool = NULL; | |
410 | } | |
411 | ||
412 | /** | |
413 | * fscrypt_initialize() - allocate major buffers for fs encryption. | |
f32d7ac2 | 414 | * @cop_flags: fscrypt operations flags |
0b81d077 JK |
415 | * |
416 | * We only call this when we start accessing encrypted files, since it | |
417 | * results in memory getting allocated that wouldn't otherwise be used. | |
418 | * | |
419 | * Return: Zero on success, non-zero otherwise. | |
420 | */ | |
f32d7ac2 | 421 | int fscrypt_initialize(unsigned int cop_flags) |
0b81d077 JK |
422 | { |
423 | int i, res = -ENOMEM; | |
424 | ||
a0b3bc85 EB |
425 | /* No need to allocate a bounce page pool if this FS won't use it. */ |
426 | if (cop_flags & FS_CFLG_OWN_PAGES) | |
0b81d077 JK |
427 | return 0; |
428 | ||
429 | mutex_lock(&fscrypt_init_mutex); | |
430 | if (fscrypt_bounce_page_pool) | |
431 | goto already_initialized; | |
432 | ||
433 | for (i = 0; i < num_prealloc_crypto_ctxs; i++) { | |
434 | struct fscrypt_ctx *ctx; | |
435 | ||
436 | ctx = kmem_cache_zalloc(fscrypt_ctx_cachep, GFP_NOFS); | |
437 | if (!ctx) | |
438 | goto fail; | |
439 | list_add(&ctx->free_list, &fscrypt_free_ctxs); | |
440 | } | |
441 | ||
442 | fscrypt_bounce_page_pool = | |
443 | mempool_create_page_pool(num_prealloc_crypto_pages, 0); | |
444 | if (!fscrypt_bounce_page_pool) | |
445 | goto fail; | |
446 | ||
447 | already_initialized: | |
448 | mutex_unlock(&fscrypt_init_mutex); | |
449 | return 0; | |
450 | fail: | |
451 | fscrypt_destroy(); | |
452 | mutex_unlock(&fscrypt_init_mutex); | |
453 | return res; | |
454 | } | |
0b81d077 | 455 | |
544d08fd EB |
456 | void fscrypt_msg(struct super_block *sb, const char *level, |
457 | const char *fmt, ...) | |
458 | { | |
459 | static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, | |
460 | DEFAULT_RATELIMIT_BURST); | |
461 | struct va_format vaf; | |
462 | va_list args; | |
463 | ||
464 | if (!__ratelimit(&rs)) | |
465 | return; | |
466 | ||
467 | va_start(args, fmt); | |
468 | vaf.fmt = fmt; | |
469 | vaf.va = &args; | |
470 | if (sb) | |
471 | printk("%sfscrypt (%s): %pV\n", level, sb->s_id, &vaf); | |
472 | else | |
473 | printk("%sfscrypt: %pV\n", level, &vaf); | |
474 | va_end(args); | |
475 | } | |
476 | ||
0b81d077 JK |
477 | /** |
478 | * fscrypt_init() - Set up for fs encryption. | |
479 | */ | |
480 | static int __init fscrypt_init(void) | |
481 | { | |
36dd26e0 EB |
482 | /* |
483 | * Use an unbound workqueue to allow bios to be decrypted in parallel | |
484 | * even when they happen to complete on the same CPU. This sacrifices | |
485 | * locality, but it's worthwhile since decryption is CPU-intensive. | |
486 | * | |
487 | * Also use a high-priority workqueue to prioritize decryption work, | |
488 | * which blocks reads from completing, over regular application tasks. | |
489 | */ | |
0b81d077 | 490 | fscrypt_read_workqueue = alloc_workqueue("fscrypt_read_queue", |
36dd26e0 EB |
491 | WQ_UNBOUND | WQ_HIGHPRI, |
492 | num_online_cpus()); | |
0b81d077 JK |
493 | if (!fscrypt_read_workqueue) |
494 | goto fail; | |
495 | ||
496 | fscrypt_ctx_cachep = KMEM_CACHE(fscrypt_ctx, SLAB_RECLAIM_ACCOUNT); | |
497 | if (!fscrypt_ctx_cachep) | |
498 | goto fail_free_queue; | |
499 | ||
500 | fscrypt_info_cachep = KMEM_CACHE(fscrypt_info, SLAB_RECLAIM_ACCOUNT); | |
501 | if (!fscrypt_info_cachep) | |
502 | goto fail_free_ctx; | |
503 | ||
504 | return 0; | |
505 | ||
506 | fail_free_ctx: | |
507 | kmem_cache_destroy(fscrypt_ctx_cachep); | |
508 | fail_free_queue: | |
509 | destroy_workqueue(fscrypt_read_workqueue); | |
510 | fail: | |
511 | return -ENOMEM; | |
512 | } | |
75798f85 | 513 | late_initcall(fscrypt_init) |