summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTyler Hicks <tyhicks@canonical.com>2013-04-06 00:41:48 -0700
committerTyler Hicks <tyhicks@canonical.com>2013-06-07 17:28:25 -0700
commit9c6043f41222b448a314b0b8370f33b579f777ea (patch)
tree9ce1fceedb274ed8ed223d5fcb770fe7cc23b2e8
parent28916d1ac1dd658773717e8eddc7c4ceeefc19b8 (diff)
downloadtalos-obmc-linux-9c6043f41222b448a314b0b8370f33b579f777ea.tar.gz
talos-obmc-linux-9c6043f41222b448a314b0b8370f33b579f777ea.zip
eCryptfs: Decrypt pages in-place
When reading in a page, eCryptfs would allocate a helper page, fill it with encrypted data from the lower filesytem, and then decrypt the data from the encrypted page and store the result in the eCryptfs page cache page. The crypto API supports in-place crypto operations which means that the allocation of the helper page is unnecessary when decrypting. This patch gets rid of the unneeded page allocation by reading encrypted data from the lower filesystem directly into the page cache page. The page cache page is then decrypted in-place. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-rw-r--r--fs/ecryptfs/crypto.c21
1 files changed, 5 insertions, 16 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index ec640ebcdea8..35b409bda841 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -586,8 +586,7 @@ int ecryptfs_decrypt_page(struct page *page)
{
struct inode *ecryptfs_inode;
struct ecryptfs_crypt_stat *crypt_stat;
- char *enc_extent_virt;
- struct page *enc_extent_page = NULL;
+ char *page_virt;
unsigned long extent_offset;
loff_t lower_offset;
int rc = 0;
@@ -596,19 +595,12 @@ int ecryptfs_decrypt_page(struct page *page)
crypt_stat =
&(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
- enc_extent_page = alloc_page(GFP_USER);
- if (!enc_extent_page) {
- rc = -ENOMEM;
- ecryptfs_printk(KERN_ERR, "Error allocating memory for "
- "encrypted extent\n");
- goto out;
- }
lower_offset = lower_offset_for_page(crypt_stat, page);
- enc_extent_virt = kmap(enc_extent_page);
- rc = ecryptfs_read_lower(enc_extent_virt, lower_offset, PAGE_CACHE_SIZE,
+ page_virt = kmap(page);
+ rc = ecryptfs_read_lower(page_virt, lower_offset, PAGE_CACHE_SIZE,
ecryptfs_inode);
- kunmap(enc_extent_page);
+ kunmap(page);
if (rc < 0) {
ecryptfs_printk(KERN_ERR,
"Error attempting to read lower page; rc = [%d]\n",
@@ -619,7 +611,7 @@ int ecryptfs_decrypt_page(struct page *page)
for (extent_offset = 0;
extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size);
extent_offset++) {
- rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page,
+ rc = ecryptfs_decrypt_extent(page, crypt_stat, page,
extent_offset);
if (rc) {
printk(KERN_ERR "%s: Error encrypting extent; "
@@ -628,9 +620,6 @@ int ecryptfs_decrypt_page(struct page *page)
}
}
out:
- if (enc_extent_page) {
- __free_page(enc_extent_page);
- }
return rc;
}
OpenPOWER on IntegriCloud