fa6e951a2a
- Fix read-only file creation when the eCryptfs mount is configured to store metadata in xattrs - Minor code cleanups -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABCgAGBQJdK9CKAAoJENaSAD2qAscK6c0P/R7TCVq7hj8HW78dGxcfMK6S 5ASSlTS5lbb9UKdlluFt58XNSpoH4aNACwmwsYCbRJiwfddndnMayQC9lu+8mnjs nBzNo3atZeC4x2SZxdUOCpAfeAT4eaclkVC5GnIaF4dpBePkj/+PVzBrCDkMq/fx c9oz56Z7t+V9Urv6904fr/WBl1UmCfgMqYuoyFiApdhWJirLCsG/1/GJHgio50tu CvZK7jckF8yePBlovSYpDaPP6+w1Y+XDbQ4ATo5984KEBnApR1HxwbY5AgH2ZSVw 7PEVRa1FdNS9OTh79R0VAz4jKZumgN/fCPGzd2sMbymZcQdhQThpMPbRwY17yTIO 9MGsVIG7ZZfosR5g3t5xJ2jq/uc5KCGQ+FGshwn0WrTa3VyA5sACS66co18ZEo3f G3K7oZG6BqPBytSzPp/uAl1a2CkIJjQX1Q0ywrzZXe2vS6NSZZKl0rkIcM+HiqSl xjznVpQp1hEURdrRu26/th/pIf5DoyjTULo5E7UG9Br0tk7VUXTZjq5nTDlIKL1C 2rwVUOSQS4Hr1LA+01UAK+Vda+XOvJpsMzLhp8P6q7ozRMKyZ5KfeqdLXgOIxVNH 1LUdur2wQHpImsrs71fRCPiZ961FulsYC4XPAqm7tTXfd5X3v062PAmwQQVpj4l0 qlBQz3bkkB40I0yezd+A =C+HK -----END PGP SIGNATURE----- Merge tag 'ecryptfs-5.3-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs Pull eCryptfs updates from Tyler Hicks: - Fix error handling when ecryptfs_read_lower() encounters an error - Fix read-only file creation when the eCryptfs mount is configured to store metadata in xattrs - Minor code cleanups * tag 'ecryptfs-5.3-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs: ecryptfs: Change return type of ecryptfs_process_flags ecryptfs: Make ecryptfs_xattr_handler static ecryptfs: remove unnessesary null check in ecryptfs_keyring_auth_tok_for_sig ecryptfs: use print_hex_dump_bytes for hexdump eCryptfs: fix permission denied with ecryptfs_xattr mount option when create readonly file ecryptfs: re-order a condition for static checkers eCryptfs: fix a couple type promotion bugs
92 lines
3.0 KiB
C
92 lines
3.0 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/**
|
|
* eCryptfs: Linux filesystem encryption layer
|
|
* Functions only useful for debugging.
|
|
*
|
|
* Copyright (C) 2006 International Business Machines Corp.
|
|
* Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
|
|
*/
|
|
|
|
#include "ecryptfs_kernel.h"
|
|
|
|
/**
|
|
* ecryptfs_dump_auth_tok - debug function to print auth toks
|
|
*
|
|
* This function will print the contents of an ecryptfs authentication
|
|
* token.
|
|
*/
|
|
void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok)
|
|
{
|
|
char salt[ECRYPTFS_SALT_SIZE * 2 + 1];
|
|
char sig[ECRYPTFS_SIG_SIZE_HEX + 1];
|
|
|
|
ecryptfs_printk(KERN_DEBUG, "Auth tok at mem loc [%p]:\n",
|
|
auth_tok);
|
|
if (auth_tok->flags & ECRYPTFS_PRIVATE_KEY) {
|
|
ecryptfs_printk(KERN_DEBUG, " * private key type\n");
|
|
} else {
|
|
ecryptfs_printk(KERN_DEBUG, " * passphrase type\n");
|
|
ecryptfs_to_hex(salt, auth_tok->token.password.salt,
|
|
ECRYPTFS_SALT_SIZE);
|
|
salt[ECRYPTFS_SALT_SIZE * 2] = '\0';
|
|
ecryptfs_printk(KERN_DEBUG, " * salt = [%s]\n", salt);
|
|
if (auth_tok->token.password.flags &
|
|
ECRYPTFS_PERSISTENT_PASSWORD) {
|
|
ecryptfs_printk(KERN_DEBUG, " * persistent\n");
|
|
}
|
|
memcpy(sig, auth_tok->token.password.signature,
|
|
ECRYPTFS_SIG_SIZE_HEX);
|
|
sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
|
|
ecryptfs_printk(KERN_DEBUG, " * signature = [%s]\n", sig);
|
|
}
|
|
ecryptfs_printk(KERN_DEBUG, " * session_key.flags = [0x%x]\n",
|
|
auth_tok->session_key.flags);
|
|
if (auth_tok->session_key.flags
|
|
& ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT)
|
|
ecryptfs_printk(KERN_DEBUG,
|
|
" * Userspace decrypt request set\n");
|
|
if (auth_tok->session_key.flags
|
|
& ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT)
|
|
ecryptfs_printk(KERN_DEBUG,
|
|
" * Userspace encrypt request set\n");
|
|
if (auth_tok->session_key.flags & ECRYPTFS_CONTAINS_DECRYPTED_KEY) {
|
|
ecryptfs_printk(KERN_DEBUG, " * Contains decrypted key\n");
|
|
ecryptfs_printk(KERN_DEBUG,
|
|
" * session_key.decrypted_key_size = [0x%x]\n",
|
|
auth_tok->session_key.decrypted_key_size);
|
|
ecryptfs_printk(KERN_DEBUG, " * Decrypted session key "
|
|
"dump:\n");
|
|
if (ecryptfs_verbosity > 0)
|
|
ecryptfs_dump_hex(auth_tok->session_key.decrypted_key,
|
|
ECRYPTFS_DEFAULT_KEY_BYTES);
|
|
}
|
|
if (auth_tok->session_key.flags & ECRYPTFS_CONTAINS_ENCRYPTED_KEY) {
|
|
ecryptfs_printk(KERN_DEBUG, " * Contains encrypted key\n");
|
|
ecryptfs_printk(KERN_DEBUG,
|
|
" * session_key.encrypted_key_size = [0x%x]\n",
|
|
auth_tok->session_key.encrypted_key_size);
|
|
ecryptfs_printk(KERN_DEBUG, " * Encrypted session key "
|
|
"dump:\n");
|
|
if (ecryptfs_verbosity > 0)
|
|
ecryptfs_dump_hex(auth_tok->session_key.encrypted_key,
|
|
auth_tok->session_key.
|
|
encrypted_key_size);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* ecryptfs_dump_hex - debug hex printer
|
|
* @data: string of bytes to be printed
|
|
* @bytes: number of bytes to print
|
|
*
|
|
* Dump hexadecimal representation of char array
|
|
*/
|
|
void ecryptfs_dump_hex(char *data, int bytes)
|
|
{
|
|
if (ecryptfs_verbosity < 1)
|
|
return;
|
|
|
|
print_hex_dump(KERN_DEBUG, "ecryptfs: ", DUMP_PREFIX_OFFSET, 16, 1,
|
|
data, bytes, false);
|
|
}
|