the eCryptfs fops splice_read to use
generic_file_splice_read.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
--- linux-2.6.23-rc4-mm1.orig/fs/ecryptfs/file.c
+++ linux-2.6.23-rc4-mm1/fs/ecryptfs/file.c
@@ -338,21 +338,6 @@ static int ecryptfs_fasync(int fd, struc
return rc;
}
-static ssize_t
the eCryptfs getxattr.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/crypto.c | 126 +++--
fs/ecryptfs/ecryptfs_kernel.h | 15 +++--
fs/ecryptfs/file.c|2 +-
fs/ecryptfs/inode.c | 101
Convert readpage, prepare_write, and commit_write to use read_write.c
routines. Remove sync_page; I cannot think of a good reason for
implementing that in eCryptfs.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/mmap.c | 199
Initialize persistent lower file on inode create.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/super.c | 13 +++--
1 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/fs/ecryptfs/super.c b/fs/ecryptfs/super.c
index b97e210..f8cdab2 100644
--- a/fs
://lkml.org/lkml/2007/9/15/55
In order to avoid this possibility, eCryptfs must allocate an
intermediate block of memory to use with vfs_read() and vfs_write(),
copying the data through this memory region, since kmap_atomic()
cannot be held during calls which may block.
Signed-off-by: Michael Halcrow
On Sun, Sep 30, 2007 at 07:56:59AM +0200, Alon Bar-Lev wrote:
I see you have gone a long way since I last updated [1].
I offer my help in implementing and supporting the PKCS#11 key
module.
Great; the more hands, the merrier.
I maintain some PKCS#11 implementation in different projects,
On Wed, Oct 03, 2007 at 04:13:30PM -0700, Rajouri Jammu wrote:
Are there any performance advantages to doing readpages() vs
readpage ?
It enables readahead, so it will probably help performance. By how
much, I have no idea.
Mike
On 10/3/07, Michael Halcrow [EMAIL PROTECTED] wrote:
On Wed
On Tue, Oct 09, 2007 at 05:16:58PM -0500, Michael Halcrow wrote:
On Tue, Oct 09, 2007 at 11:32:48PM +0300, Alon Bar-Lev wrote:
On 10/9/07, Kent Yoder [EMAIL PROTECTED] wrote:
Having both pkcs11-helper and a pure pkcs11 interface is not
competing with one another. Obviously
On Sat, Oct 13, 2007 at 11:51:07PM +0200, Alon Bar-Lev wrote:
On 10/13/07, Michael Halcrow [EMAIL PROTECTED] wrote:
There's a timeout on receiving the reply from the daemon; see
fs/ecryptfs/messaging.c::ecryptfs_wait_for_response(). That needs to
be tweaked if there is going
On Sun, Oct 21, 2007 at 12:00:20AM +0200, Alon Bar-Lev wrote:
Except for the passphrase keys which are used directly by the kernel
module, why should the other keys modules use the key store anyway?
By keeping the keys in the user's persistent in-memory keyring, keys
and daemon instances are
There is no need to keep re-setting the same key for any given
eCryptfs inode. This patch optimizes the use of the crypto API and
helps performance a bit.
Signed-off-by: Trevor Highland [EMAIL PROTECTED]
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/crypto.c |7
Remove internal references to header extents; just keep track of
header bytes instead. Headers can easily span multiple pages with the
recent persistent file changes.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/crypto.c | 98
.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/crypto.c | 26 ++
1 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index a0f53aa..70f7aab 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs
files?
Cruft; deleted.
Thanks,
Mike
Alon.
On 11/9/07, Alon Bar-Lev [EMAIL PROTECTED] wrote:
On 11/7/07, Michael Halcrow [EMAIL PROTECTED] wrote:
On Mon, Oct 08, 2007 at 08:48:49PM +0200, Alon Bar-Lev wrote:
And BTW, where do you keep your source control? The CVS at
sourceforge
On Fri, Nov 09, 2007 at 11:38:37PM +0200, Alon Bar-Lev wrote:
Also very strange...
I cannot access the repository using git protocol.
And when I use http, I don't see your recent changes.
Hmmm?
It looks like it takes a little while for the external GIT view to
sync up with the master GIT
On Sat, Nov 10, 2007 at 01:05:55AM +0200, Alon Bar-Lev wrote:
I guess we are back on business?
Can you please address these point?
Your suggestions make sense. I don't have a lot of time over the next
4 weeks to work on anything but critical bugfixes (kernel
oops/segfault type stuff). If
On Tue, Nov 20, 2007 at 08:06:12PM +0200, Alon Bar-Lev wrote:
Use gpgme-config.
Merged.
---
diff --git a/configure.ac b/configure.ac
index 6778105..ba6484d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -93,6 +93,13 @@ AC_ARG_ENABLE(
)
AC_ARG_WITH(
+ [gpgme-prefix],
+
On Sat, Dec 08, 2007 at 12:05:04AM +0200, Alon Bar-Lev wrote:
On Dec 8, 2007 12:00 AM, Michael Halcrow [EMAIL PROTECTED] wrote:
On Fri, Dec 07, 2007 at 09:20:45AM +0200, Alon Bar-Lev wrote:
The changes are in your repository but not in the public one...
Strange... 5 days
, Michael Halcrow [EMAIL PROTECTED] wrote:
Also note that Karsten Hopp [EMAIL PROTECTED] recently fixed a bug
that kept ecryptfs-utils from installing correctly in ia64:
Please CC me on build modifications... I will be happy to review.
Also please push updates...
This was taken from
On Mon, Dec 31, 2007 at 01:15:36AM -0600, Trevor Highland wrote:
When configuring mount options eCryptfs is not prompting for
passthrough support. This patch fixes it.
In addition, all mount options directed at eCryptfs should be prefixed
with ecryptfs_. The README is already updated with this
On Fri, Feb 29, 2008 at 12:28:01PM +0100, Benedikt Driessen wrote:
I'd like to begin with two issues which seem to affect only the
pkcs11_helper-module.
1. Entering a PIN via ssh-askpass (or equivalent) does NOT work,
the kernel-userspace communication seems to be disrupted by the
fork()
On Sun, Mar 09, 2008 at 10:45:28PM +0200, Alon Bar-Lev wrote:
This is a cleanup for libtool statements.
It looks like if you define --module -avoid-version it does what you
want... :)
Thanks; patch merged.
---
diff --git a/src/key_mod/Makefile.am b/src/key_mod/Makefile.am
index
On Wed, Apr 02, 2008 at 06:56:22PM -0700, Rajouri Jammu wrote:
How can I setup ecryptfs to mount on the automounted mnt points via
automount?
It depends on exactly how you want to provide the key, but this guide
gives a starting point:
http://ecryptfs.sourceforge.net/ecryptfs-pam-doc.txt
On Mon, Apr 07, 2008 at 03:31:53PM +0200, Benedikt Driessen wrote:
Starting ecryptfsd (the one from the git-repository) with both
patches applied to 2.6.24 results in a kernel-oops (which is an
improvement, at least not the whole system crashes..).
In that case, I would bet that you still get
On Mon, Apr 07, 2008 at 03:31:53PM +0200, Benedikt Driessen wrote:
Starting ecryptfsd (the one from the git-repository) with both
patches applied to 2.6.24 results in a kernel-oops (which is an
improvement, at least not the whole system crashes..).
One of these days I am going to learn to test
On Tue, Apr 08, 2008 at 10:07:45PM -0700, Rajouri Jammu wrote:
Is there a way to export an ecryptfs mount point over NFS?I tried
doing it but it didn't work.
eCryptfs cannot be exported via NFS because eCryptfs does not
currently implement export_ops.
Mike
signature.asc
Description: Digital
On Wed, Apr 09, 2008 at 10:59:17AM -0700, Rajouri Jammu wrote:
Are there plans to implement export_ops?
I would like to see export_ops implemented, but I probably will not
get around to it until I am done with the procfs (which is probably
going to morph into dev/misc, by the way) and filename
On Tue, Apr 15, 2008 at 02:04:53PM -0700, Andrew Morton wrote:
On Tue, 15 Apr 2008 15:23:13 -0500
Michael Halcrow [EMAIL PROTECTED] wrote:
Functions to facilitate reading and writing to the eCryptfs
miscellaneous device handle. This will replace the netlink interface
as the preferred
On Tue, Apr 15, 2008 at 04:34:02PM -0500, Serge E. Hallyn wrote:
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Tue, 15 Apr 2008 15:23:13 -0500
Michael Halcrow [EMAIL PROTECTED] wrote:
...
+ rc = ecryptfs_find_daemon_by_euid(daemon, current-euid);
+ if (daemon-pid != current-pid
Remove the obsolete and buggy netlink interface to the userspace
daemon.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED]
---
fs/ecryptfs/Makefile |2 +-
fs/ecryptfs/ecryptfs_kernel.h | 12 --
fs/ecryptfs/main.c| 15 +--
fs/ecryptfs/messaging.c | 31
On Thu, Apr 17, 2008 at 10:34:06AM -0500, Serge E. Hallyn wrote:
Quoting Michael Halcrow ([EMAIL PROTECTED]):
@@ -206,6 +210,7 @@ ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon,
uid_t euid, pid_t pid)
goto out;
}
(*daemon)-euid = euid;
+ (*daemon)-user_ns
On Tue, Jun 10, 2008 at 11:41:23AM -0500, Tyler Hicks wrote:
Remove colons following short opts that don't require arguments.
If foreground functionality is requested, log syslog messages to
stderr and system logs. Also, add daemon name and pid as syslog
prefix.
Merged.
Signed-off-by:
On Tue, Jun 10, 2008 at 12:02:19AM +0300, Alon Bar-Lev wrote:
I am going over all projects I help to allow libtool-2 migration and
cleanups.
Please review.
If you like I can split this into smaller parts.
Merged; in release 47. It worked okay for me on Gentoo and Fedora;
please test on your
On Wed, Aug 20, 2008 at 11:45:21PM +0100, Dustin Kirkland wrote:
[PATCH] ecryptfs-setup-private: don't echo passwords to screen
Merged.
This patch fixes some mostly debug code I've used for a while. It's
ready for prime time now, and shouldn't really be displaying these on
standard out for
On Fri, Aug 22, 2008 at 12:46:57PM +0100, Dustin Kirkland wrote:
[PATCH] ecryptfs-setup-private: check that directories are empty
before setting up
Merged.
ecryptfs-setup-private should check that Private and .Private are
empty before setting up.
If data already exists in ~/Private, and
,
which is written to the disk in the clear anyway and is not
sensitive.
Acked-by: Michael Halcrow [EMAIL PROTECTED]
---
Index: linux-2.6.27.x86_64/fs/ecryptfs/crypto.c
===
--- linux-2.6.27.x86_64.orig/fs/ecryptfs/crypto.c
, such as stunnel for
client-server communications, some kind of authentication mechanism,
and the ability to specify the remote server and storage
location. This patch just gives a convenient base from which to flesh
out a real key escrow capability.
Signed-off-by: Michael Halcrow [EMAIL PROTECTED
On Thu, Oct 30, 2008 at 11:26:35AM -0500, Dustin Kirkland wrote:
On Thu, Oct 30, 2008 at 11:18 AM, Dustin Kirkland
[EMAIL PROTECTED] wrote:
Also, Mike, do you have any documents, discussing the overarching
design?
In particular, I'm interested in the use case for key escrow
The use case
...@dghda.com
Acked-by: Michael Halcrow mhalc...@us.ibm.com
---
fs/ecryptfs/inode.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
index 89209f0..5e78fc1 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
39 matches
Mail list logo