linux/fs/ecryptfs
Michael Halcrow 8bf2debd5f eCryptfs: introduce device handle for userspace daemon communications
A regular device file was my real preference from the get-go, but I went with
netlink at the time because I thought it would be less complex for managing
send queues (i.e., just do a unicast and move on).  It turns out that we do
not really get that much complexity reduction with netlink, and netlink is
more heavyweight than a device handle.

In addition, the netlink interface to eCryptfs has been broken since 2.6.24.
I am assuming this is a bug in how eCryptfs uses netlink, since the other
in-kernel users of netlink do not seem to be having any problems.  I have had
one report of a user successfully using eCryptfs with netlink on 2.6.24, but
for my own systems, when starting the userspace daemon, the initial helo
message sent to the eCryptfs kernel module results in an oops right off the
bat.  I spent some time looking at it, but I have not yet found the cause.
The netlink interface breaking gave me the motivation to just finish my patch
to migrate to a regular device handle.  If I cannot find out soon why the
netlink interface in eCryptfs broke, I am likely to just send a patch to
disable it in 2.6.24 and 2.6.25.  I would like the device handle to be the
preferred means of communicating with the userspace daemon from 2.6.26 on
forward.

This patch:

Functions to facilitate reading and writing to the eCryptfs miscellaneous
device handle.  This will replace the netlink interface as the preferred
mechanism for communicating with the userspace eCryptfs daemon.

Each user has his own daemon, which registers itself by opening the eCryptfs
device handle.  Only one daemon per euid may be registered at any given time.
The eCryptfs module sends a message to a daemon by adding its message to the
daemon's outgoing message queue.  The daemon reads the device handle to get
the oldest message off the queue.

Incoming messages from the userspace daemon are immediately handled.  If the
message is a response, then the corresponding process that is blocked waiting
for the response is awakened.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-29 08:06:07 -07:00
..
crypto.c ecryptfs: replace remaining __FUNCTION__ occurrences 2008-04-29 08:06:06 -07:00
debug.c eCryptfs: update comment and debug statement 2007-10-16 09:43:11 -07:00
dentry.c eCryptfs: Swap dput() and mntput() 2008-03-19 18:53:36 -07:00
ecryptfs_kernel.h ecryptfs: replace remaining __FUNCTION__ occurrences 2008-04-29 08:06:06 -07:00
file.c eCryptfs: Minor fixes to printk messages 2008-02-06 10:41:12 -08:00
inode.c ecryptfs: add missing lock around notify_change 2008-04-29 08:06:07 -07:00
keystore.c eCryptfs: change the type of cipher_code from u16 to u8 2008-02-06 10:41:13 -08:00
main.c ecryptfs: replace remaining __FUNCTION__ occurrences 2008-04-29 08:06:06 -07:00
Makefile eCryptfs: read_write.c routines 2007-10-16 09:43:12 -07:00
messaging.c ecryptfs: fix unlocking in error paths 2007-12-23 12:54:37 -08:00
miscdev.c eCryptfs: introduce device handle for userspace daemon communications 2008-04-29 08:06:07 -07:00
mmap.c ecryptfs: replace remaining __FUNCTION__ occurrences 2008-04-29 08:06:06 -07:00
netlink.c [NETNS]: Consolidate kernel netlink socket destruction. 2008-01-28 15:08:07 -08:00
read_write.c ecryptfs: replace remaining __FUNCTION__ occurrences 2008-04-29 08:06:06 -07:00
super.c ecryptfs: remove debug as mount option, and warn if set via modprobe 2008-02-06 10:41:12 -08:00