08 Mar, 2013

1 commit

• e2e091fd9   Merge tag 'ecryptfs-3.9-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs ... Browse Code »

  Pull ecryptfs fixes from Tyler Hicks:
  "Minor code cleanups and new Kconfig option to disable /dev/ecryptfs

  The code cleanups fix up W=1 compiler warnings and some unnecessary
  checks. The new Kconfig option, defaulting to N, allows the rarely
  used eCryptfs kernel to userspace communication channel to be compiled
  out. This may be the first step in it being eventually removed."

  Hmm. I'm not sure whether these should be called "fixes", and it
  probably should have gone in the merge window. But I'll let it slide.

  * tag 'ecryptfs-3.9-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs:
  eCryptfs: allow userspace messaging to be disabled
  eCryptfs: Fix redundant error check on ecryptfs_find_daemon_by_euid()
  ecryptfs: ecryptfs_msg_ctx_alloc_to_free(): remove kfree() redundant null check
  eCryptfs: decrypt_pki_encrypted_session_key(): remove kfree() redundant null check
  eCryptfs: remove unneeded checks in virt_to_scatterlist()
  eCryptfs: Fix -Wmissing-prototypes warnings
  eCryptfs: Fix -Wunused-but-set-variable warnings
  eCryptfs: initialize payload_len in keystore.c

  Linus Torvalds

  2013-03-08 04:47:24 +0800  

04 Mar, 2013

1 commit

• 290502bee   eCryptfs: allow userspace messaging to be disabled ... Browse Code »

  When the userspace messaging (for the less common case of userspace key
  wrap/unwrap via ecryptfsd) is not needed, allow eCryptfs to build with
  it removed. This saves on kernel code size and reduces potential attack
  surface by removing the /dev/ecryptfs node.

  Signed-off-by: Kees Cook
  Signed-off-by: Tyler Hicks

  Kees Cook

  2013-03-04 15:59:59 +0800  

12 Jan, 2013

1 commit

• 336d6d032   fs/ecryptfs: remove depends on CONFIG_EXPERIMENTAL ... Browse Code »

  The CONFIG_EXPERIMENTAL config item has not carried much meaning for a
  while now and is almost always enabled by default. As agreed during the
  Linux kernel summit, remove it from any "depends on" lines in Kconfigs.

  CC: Tyler Hicks
  CC: Dustin Kirkland
  Signed-off-by: Kees Cook
  Acked-by: Tyler Hicks

  Kees Cook

  2013-01-12 03:39:04 +0800  

10 Aug, 2011

1 commit

• 4b6fee17b   eCryptfs: fix compile error ... Browse Code »

  This patch fixes the compile error reported at the address:

  https://bugzilla.kernel.org/show_bug.cgi?id=40292

  The problem arises when compiling eCryptfs as built-in and the 'encrypted'
  key type as a module. The patch prevents this combination from being set in
  the kernel configuration, by fixing the eCryptfs dependencies.

  Signed-off-by: Roberto Sassu
  Reported-by: David Hill
  Signed-off-by: Tyler Hicks

  Roberto Sassu

  2011-08-10 02:42:46 +0800  

09 Oct, 2009

2 commits

• ed1f21857   eCryptfs: Remove Kconfig NET dependency and select MD5 ... Browse Code »

  eCryptfs no longer uses a netlink interface to communicate with
  ecryptfsd, so NET is not a valid dependency anymore.

  MD5 is required and must be built for eCryptfs to be of any use.

  Signed-off-by: Tyler Hicks

  Tyler Hicks

  2009-10-09 00:31:36 +0800  
• 664fc5a4e   ecryptfs: depends on CRYPTO ... Browse Code »

  ecryptfs uses crypto APIs so it should depend on CRYPTO.
  Otherwise many build errors occur. [63 lines not pasted]

  Signed-off-by: Randy Dunlap
  Cc: Andrew Morton
  Cc: ecryptfs-devel@lists.launchpad.net
  Signed-off-by: Tyler Hicks

  Randy Dunlap

  2009-10-09 00:21:12 +0800  

23 Sep, 2009

1 commit

• 382684984   ecryptfs: improved dependency checking and reporting ... Browse Code »

  So, I compiled a 2.6.31-rc5 kernel with ecryptfs and loaded its module.
  When it came time to mount my filesystem, I got this in dmesg, and it
  refused to mount:

  [93577.776637] Unable to allocate crypto cipher with name [aes]; rc = [-2]
  [93577.783280] Error attempting to initialize key TFM cipher with name = [aes]; rc = [-2]
  [93577.791183] Error attempting to initialize cipher with name = [aes] and key size = [32]; rc = [-2]
  [93577.800113] Error parsing options; rc = [-22]

  I figured from the error message that I'd either forgotten to load "aes"
  or that my key size was bogus. Neither one of those was the case. In
  fact, I was missing the CRYPTO_ECB config option and the 'ecb' module.
  Unfortunately, there's no trace of 'ecb' in that error message.

  I've done two things to fix this. First, I've modified ecryptfs's
  Kconfig entry to select CRYPTO_ECB and CRYPTO_CBC. I also took CRYPTO
  out of the dependencies since the 'select' will take care of it for us.

  I've also modified the error messages to print a string that should
  contain both 'ecb' and 'aes' in my error case. That will give any
  future users a chance of finding the right modules and Kconfig options.

  I also wonder if we should:

  select CRYPTO_AES if !EMBEDDED

  since I think most ecryptfs users are using AES like me.

  Cc: ecryptfs-devel@lists.launchpad.net
  Cc: linux-fsdevel@vger.kernel.org
  Cc: linux-kernel@vger.kernel.org
  Cc: Dustin Kirkland
  Signed-off-by: Dave Hansen
  [tyhicks@linux.vnet.ibm.com: Removed extra newline, 80-char violation]
  Signed-off-by: Tyler Hicks

  Dave Hansen

  2009-09-23 22:10:31 +0800  

22 Jan, 2009

1 commit

• 295c896cb   fs/Kconfig: move ecryptfs out ... Browse Code »

  Signed-off-by: Alexey Dobriyan

  Alexey Dobriyan

  2009-01-22 18:15:56 +0800