Hi Linus,
The eCryptfs patches for 2.6.39-rc1 are mainly fixes. Roberto's patches
add key locking so keys aren't modified underneath us. Thieu's patch
moves encryption to writepage so userspace isn't waiting on page
encryption during each write(). My patches remove a wasteful
encrypt/write operation during file creation and fix a missing page
unlock in an error path.
The following changes since commit 40471856f2e38e9bfa8d605295e8234421110dd6:
Merge branch 'nfs-for-2.6.39' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 (2011-03-25 10:03:28 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git for-linus
Roberto Sassu (6):
eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
eCryptfs: removed num_global_auth_toks from ecryptfs_mount_crypt_stat
eCryptfs: modified size of keysig in the ecryptfs_key_sig structure
eCryptfs: verify authentication tokens before their use
eCryptfs: move ecryptfs_find_auth_tok_for_sig() call before mutex_lock
eCryptfs: write lock requested keys
Thieu Le (1):
ecryptfs: modify write path to encrypt page in writepage
Tyler Hicks (3):
eCryptfs: Remove unnecessary grow_file() function
eCryptfs: Remove ECRYPTFS_NEW_FILE crypt stat flag
eCryptfs: Unlock page in write_begin error path
fs/ecryptfs/crypto.c | 2 +-
fs/ecryptfs/ecryptfs_kernel.h | 30 ++---
fs/ecryptfs/file.c | 9 ++-
fs/ecryptfs/inode.c | 24 ----
fs/ecryptfs/keystore.c | 272 ++++++++++++++++++++++++++---------------
fs/ecryptfs/main.c | 10 +-
fs/ecryptfs/mmap.c | 61 +++++----
fs/ecryptfs/read_write.c | 12 +--
fs/ecryptfs/super.c | 3 +-
9 files changed, 235 insertions(+), 188 deletions(-)
On 03/28/2011 05:02 PM, Tyler Hicks wrote:
> Hi Linus,
>
> The eCryptfs patches for 2.6.39-rc1 are mainly fixes. Roberto's patches
> add key locking so keys aren't modified underneath us. Thieu's patch
> moves encryption to writepage so userspace isn't waiting on page
> encryption during each write(). My patches remove a wasteful
> encrypt/write operation during file creation and fix a missing page
> unlock in an error path.
>
> The following changes since commit 40471856f2e38e9bfa8d605295e8234421110dd6:
>
> Merge branch 'nfs-for-2.6.39' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 (2011-03-25 10:03:28 -0700)
>
> are available in the git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git for-linus
>
> Roberto Sassu (6):
> eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
> eCryptfs: removed num_global_auth_toks from ecryptfs_mount_crypt_stat
> eCryptfs: modified size of keysig in the ecryptfs_key_sig structure
> eCryptfs: verify authentication tokens before their use
> eCryptfs: move ecryptfs_find_auth_tok_for_sig() call before mutex_lock
> eCryptfs: write lock requested keys
>
> Thieu Le (1):
> ecryptfs: modify write path to encrypt page in writepage
>
> Tyler Hicks (3):
> eCryptfs: Remove unnecessary grow_file() function
> eCryptfs: Remove ECRYPTFS_NEW_FILE crypt stat flag
> eCryptfs: Unlock page in write_begin error path
Is "eCryptfs: Handle failed metadata read in lookup" going into 2.6.39?
Paolo
On Wed Mar 30, 2011 at 12:50:24PM +0200, Paolo Bonzini <[email protected]> wrote:
> On 03/28/2011 05:02 PM, Tyler Hicks wrote:
> >Hi Linus,
> >
> >The eCryptfs patches for 2.6.39-rc1 are mainly fixes. Roberto's patches
> >add key locking so keys aren't modified underneath us. Thieu's patch
> >moves encryption to writepage so userspace isn't waiting on page
> >encryption during each write(). My patches remove a wasteful
> >encrypt/write operation during file creation and fix a missing page
> >unlock in an error path.
> >
> >The following changes since commit 40471856f2e38e9bfa8d605295e8234421110dd6:
> >
> > Merge branch 'nfs-for-2.6.39' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 (2011-03-25 10:03:28 -0700)
> >
> >are available in the git repository at:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git for-linus
> >
> >Roberto Sassu (6):
> > eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
> > eCryptfs: removed num_global_auth_toks from ecryptfs_mount_crypt_stat
> > eCryptfs: modified size of keysig in the ecryptfs_key_sig structure
> > eCryptfs: verify authentication tokens before their use
> > eCryptfs: move ecryptfs_find_auth_tok_for_sig() call before mutex_lock
> > eCryptfs: write lock requested keys
> >
> >Thieu Le (1):
> > ecryptfs: modify write path to encrypt page in writepage
> >
> >Tyler Hicks (3):
> > eCryptfs: Remove unnecessary grow_file() function
> > eCryptfs: Remove ECRYPTFS_NEW_FILE crypt stat flag
> > eCryptfs: Unlock page in write_begin error path
>
> Is "eCryptfs: Handle failed metadata read in lookup" going into 2.6.39?
Yes - while testing the above changes, I found some other issues with
the upper i_size and decided to hold off on pushing that patch until I
have a complete fix. It will definitely go into one of the 2.6.39-rcX
releases.
Tyler
>
> Paolo