From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 27 Sep 2012 18:50:22 +0000 (-0700)
Subject: remove queue-3.0/ecryptfs-improve-statfs-reporting.patch
X-Git-Tag: v3.0.44~36
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b6b5138e800d495e2ca8b6ba6cacb34981760951;p=thirdparty%2Fkernel%2Fstable-queue.git

remove queue-3.0/ecryptfs-improve-statfs-reporting.patch
---

diff --git a/queue-3.0/ecryptfs-improve-statfs-reporting.patch b/queue-3.0/ecryptfs-improve-statfs-reporting.patch
deleted file mode 100644
index 981164fb2e7..00000000000
--- a/queue-3.0/ecryptfs-improve-statfs-reporting.patch
+++ /dev/null
@@ -1,219 +0,0 @@
-From 4a26620df451ad46151ad21d711ed43e963c004e Mon Sep 17 00:00:00 2001
-From: Tyler Hicks <tyhicks@canonical.com>
-Date: Sat, 5 Nov 2011 13:45:08 -0400
-Subject: eCryptfs: Improve statfs reporting
-
-From: Tyler Hicks <tyhicks@canonical.com>
-
-commit 4a26620df451ad46151ad21d711ed43e963c004e upstream.
-
-statfs() calls on eCryptfs files returned the wrong filesystem type and,
-when using filename encryption, the wrong maximum filename length.
-
-If mount-wide filename encryption is enabled, the cipher block size and
-the lower filesystem's max filename length will determine the max
-eCryptfs filename length. Pre-tested, known good lengths are used when
-the lower filesystem's namelen is 255 and a cipher with 8 or 16 byte
-block sizes is used. In other, less common cases, we fall back to a safe
-rounded-down estimate when determining the eCryptfs namelen.
-
-https://launchpad.net/bugs/885744
-
-Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-Reported-by: Kees Cook <keescook@chromium.org>
-Reviewed-by: Kees Cook <keescook@chromium.org>
-Reviewed-by: John Johansen <john.johansen@canonical.com>
-Cc: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
-Signed-off-by: Colin Ian King <colin.king@canonical.com>
-Acked-by: Stefan Bader <stefan.bader@canonical.com>
-Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- fs/ecryptfs/crypto.c          |   68 +++++++++++++++++++++++++++++++++++++-----
- fs/ecryptfs/ecryptfs_kernel.h |   11 ++++++
- fs/ecryptfs/keystore.c        |    9 +----
- fs/ecryptfs/super.c           |   14 ++++++++
- 4 files changed, 88 insertions(+), 14 deletions(-)
-
---- a/fs/ecryptfs/crypto.c
-+++ b/fs/ecryptfs/crypto.c
-@@ -1987,6 +1987,17 @@ out:
- 	return;
- }
- 
-+static size_t ecryptfs_max_decoded_size(size_t encoded_size)
-+{
-+	/* Not exact; conservatively long. Every block of 4
-+	 * encoded characters decodes into a block of 3
-+	 * decoded characters. This segment of code provides
-+	 * the caller with the maximum amount of allocated
-+	 * space that @dst will need to point to in a
-+	 * subsequent call. */
-+	return ((encoded_size + 1) * 3) / 4;
-+}
-+
- /**
-  * ecryptfs_decode_from_filename
-  * @dst: If NULL, this function only sets @dst_size and returns. If
-@@ -2005,13 +2016,7 @@ ecryptfs_decode_from_filename(unsigned c
- 	size_t dst_byte_offset = 0;
- 
- 	if (dst == NULL) {
--		/* Not exact; conservatively long. Every block of 4
--		 * encoded characters decodes into a block of 3
--		 * decoded characters. This segment of code provides
--		 * the caller with the maximum amount of allocated
--		 * space that @dst will need to point to in a
--		 * subsequent call. */
--		(*dst_size) = (((src_size + 1) * 3) / 4);
-+		(*dst_size) = ecryptfs_max_decoded_size(src_size);
- 		goto out;
- 	}
- 	while (src_byte_offset < src_size) {
-@@ -2236,3 +2241,52 @@ out_free:
- out:
- 	return rc;
- }
-+
-+#define ENC_NAME_MAX_BLOCKLEN_8_OR_16	143
-+
-+int ecryptfs_set_f_namelen(long *namelen, long lower_namelen,
-+			   struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
-+{
-+	struct blkcipher_desc desc;
-+	struct mutex *tfm_mutex;
-+	size_t cipher_blocksize;
-+	int rc;
-+
-+	if (!(mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) {
-+		(*namelen) = lower_namelen;
-+		return 0;
-+	}
-+
-+	rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex,
-+			mount_crypt_stat->global_default_fn_cipher_name);
-+	if (unlikely(rc)) {
-+		(*namelen) = 0;
-+		return rc;
-+	}
-+
-+	mutex_lock(tfm_mutex);
-+	cipher_blocksize = crypto_blkcipher_blocksize(desc.tfm);
-+	mutex_unlock(tfm_mutex);
-+
-+	/* Return an exact amount for the common cases */
-+	if (lower_namelen == NAME_MAX
-+	    && (cipher_blocksize == 8 || cipher_blocksize == 16)) {
-+		(*namelen) = ENC_NAME_MAX_BLOCKLEN_8_OR_16;
-+		return 0;
-+	}
-+
-+	/* Return a safe estimate for the uncommon cases */
-+	(*namelen) = lower_namelen;
-+	(*namelen) -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
-+	/* Since this is the max decoded size, subtract 1 "decoded block" len */
-+	(*namelen) = ecryptfs_max_decoded_size(*namelen) - 3;
-+	(*namelen) -= ECRYPTFS_TAG_70_MAX_METADATA_SIZE;
-+	(*namelen) -= ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES;
-+	/* Worst case is that the filename is padded nearly a full block size */
-+	(*namelen) -= cipher_blocksize - 1;
-+
-+	if ((*namelen) < 0)
-+		(*namelen) = 0;
-+
-+	return 0;
-+}
---- a/fs/ecryptfs/ecryptfs_kernel.h
-+++ b/fs/ecryptfs/ecryptfs_kernel.h
-@@ -221,12 +221,21 @@ ecryptfs_get_key_payload_data(struct key
- 					  * dentry name */
- #define ECRYPTFS_TAG_73_PACKET_TYPE 0x49 /* FEK-encrypted filename as
- 					  * metadata */
-+#define ECRYPTFS_MIN_PKT_LEN_SIZE 1 /* Min size to specify packet length */
-+#define ECRYPTFS_MAX_PKT_LEN_SIZE 2 /* Pass at least this many bytes to
-+				     * ecryptfs_parse_packet_length() and
-+				     * ecryptfs_write_packet_length()
-+				     */
- /* Constraint: ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES >=
-  * ECRYPTFS_MAX_IV_BYTES */
- #define ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 16
- #define ECRYPTFS_NON_NULL 0x42 /* A reasonable substitute for NULL */
- #define MD5_DIGEST_SIZE 16
- #define ECRYPTFS_TAG_70_DIGEST_SIZE MD5_DIGEST_SIZE
-+#define ECRYPTFS_TAG_70_MIN_METADATA_SIZE (1 + ECRYPTFS_MIN_PKT_LEN_SIZE \
-+					   + ECRYPTFS_SIG_SIZE + 1 + 1)
-+#define ECRYPTFS_TAG_70_MAX_METADATA_SIZE (1 + ECRYPTFS_MAX_PKT_LEN_SIZE \
-+					   + ECRYPTFS_SIG_SIZE + 1 + 1)
- #define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FEK_ENCRYPTED."
- #define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 23
- #define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
-@@ -765,6 +774,8 @@ ecryptfs_parse_tag_70_packet(char **file
- 			     size_t *packet_size,
- 			     struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
- 			     char *data, size_t max_packet_size);
-+int ecryptfs_set_f_namelen(long *namelen, long lower_namelen,
-+			   struct ecryptfs_mount_crypt_stat *mount_crypt_stat);
- int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
- 		       loff_t offset);
- 
---- a/fs/ecryptfs/keystore.c
-+++ b/fs/ecryptfs/keystore.c
-@@ -678,10 +678,7 @@ ecryptfs_write_tag_70_packet(char *dest,
- 	 * Octets N3-N4: Block-aligned encrypted filename
- 	 *  - Consists of a minimum number of random characters, a \0
- 	 *    separator, and then the filename */
--	s->max_packet_size = (1                   /* Tag 70 identifier */
--			      + 3                 /* Max Tag 70 packet size */
--			      + ECRYPTFS_SIG_SIZE /* FNEK sig */
--			      + 1                 /* Cipher identifier */
-+	s->max_packet_size = (ECRYPTFS_TAG_70_MAX_METADATA_SIZE
- 			      + s->block_aligned_filename_size);
- 	if (dest == NULL) {
- 		(*packet_size) = s->max_packet_size;
-@@ -933,10 +930,10 @@ ecryptfs_parse_tag_70_packet(char **file
- 		goto out;
- 	}
- 	s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
--	if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) {
-+	if (max_packet_size < ECRYPTFS_TAG_70_MIN_METADATA_SIZE) {
- 		printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be "
- 		       "at least [%d]\n", __func__, max_packet_size,
--			(1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1));
-+		       ECRYPTFS_TAG_70_MIN_METADATA_SIZE);
- 		rc = -EINVAL;
- 		goto out;
- 	}
---- a/fs/ecryptfs/super.c
-+++ b/fs/ecryptfs/super.c
-@@ -30,6 +30,8 @@
- #include <linux/seq_file.h>
- #include <linux/file.h>
- #include <linux/crypto.h>
-+#include <linux/statfs.h>
-+#include <linux/magic.h>
- #include "ecryptfs_kernel.h"
- 
- struct kmem_cache *ecryptfs_inode_info_cache;
-@@ -103,10 +105,20 @@ static void ecryptfs_destroy_inode(struc
- static int ecryptfs_statfs(struct dentry *dentry, struct kstatfs *buf)
- {
- 	struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
-+	int rc;
- 
- 	if (!lower_dentry->d_sb->s_op->statfs)
- 		return -ENOSYS;
--	return lower_dentry->d_sb->s_op->statfs(lower_dentry, buf);
-+
-+	rc = lower_dentry->d_sb->s_op->statfs(lower_dentry, buf);
-+	if (rc)
-+		return rc;
-+
-+	buf->f_type = ECRYPTFS_SUPER_MAGIC;
-+	rc = ecryptfs_set_f_namelen(&buf->f_namelen, buf->f_namelen,
-+	       &ecryptfs_superblock_to_private(dentry->d_sb)->mount_crypt_stat);
-+
-+	return rc;
- }
- 
- /**
diff --git a/queue-3.0/series b/queue-3.0/series
index 8cf8f114563..39cc3008046 100644
--- a/queue-3.0/series
+++ b/queue-3.0/series
@@ -105,7 +105,6 @@ libata-prevent-interface-errors-with-seagate-freeagent-goflex.patch
 cpufreq-acpi-fix-not-loading-acpi-cpufreq-driver-regression.patch
 sched-fix-race-in-task_group.patch
 media-lirc_sir-make-device-registration-work.patch
-ecryptfs-improve-statfs-reporting.patch
 drop_monitor-fix-sleeping-in-invalid-context-warning.patch
 drop_monitor-make-updating-data-skb-smp-safe.patch
 drop_monitor-prevent-init-path-from-scheduling-on-the-wrong-cpu.patch