[Ecryptfs-devel] [PATCH] Allow unloaded crypto_algapi module

Tyler Hicks Mon, 09 Jun 2008 09:09:51 -0700

If all ciphers are built as kernel modules, crypto_algapi will
also be built as a module.  /proc/crypto is only created when
crypto_algapi is loaded.


This patch allows an eCryptfs mount to continue if /proc/crypto
is not present, but cipher modules are found.

Signed-off-by: Tyler Hicks <[EMAIL PROTECTED]>
---
 src/libecryptfs/cipher_list.c |   21 ++++++++++++++-------
 1 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/src/libecryptfs/cipher_list.c b/src/libecryptfs/cipher_list.c
index 4573ac3..467fb4c 100644
--- a/src/libecryptfs/cipher_list.c
+++ b/src/libecryptfs/cipher_list.c
@@ -177,7 +177,13 @@ int ecryptfs_get_loaded_ciphers(struct 
ecryptfs_cipher_elem *cipher_list_head)
                        goto out;
        }
        if (!(crypto_file = fopen(crypto_full_path, "r"))) {
-               rc = -EIO;
+               syslog(LOG_WARNING, "%s: Failed to open [%s] for reading; This "
+                      "is not a problem if the Kernel Crypto API is built as "
+                      "a kernel module (called crypto_algapi) and is not "
+                      "loaded. If this is not the case, eCryptfs will not be "
+                      "able to use ciphers that are directly built into the "
+                      "kernel.\n", __FUNCTION__, crypto_full_path);
+               rc = 0;
                goto out;
        }
        while (fgets(buf, MAX_BUF_LEN, crypto_file)) {
@@ -368,12 +374,13 @@ int ecryptfs_get_kernel_ciphers(struct cipher_descriptor 
*cd_head)
                        goto out;
        }
        if (!(crypto_file = fopen(crypto_full_path, "r"))) {
-               syslog(LOG_INFO, "%s: Error attempting to open [%s] for "
-                      "reading; cannot detect loaded ciphers in your kernel. "
-                      "Bailing out. Make sure you have crypto support in your "
-                      "kernel and that /etc/mtab has your /proc mount point."
-                      "\n", __FUNCTION__, crypto_full_path);
-               rc = -EIO;
+               syslog(LOG_WARNING, "%s: Failed to open [%s] for reading; This "
+                      "is not a problem if the Kernel Crypto API is built as "
+                      "a kernel module (called crypto_algapi) and is not "
+                      "loaded. If this is not the case, eCryptfs will not be "
+                      "able to use ciphers that are directly built into the "
+                      "kernel.\n", __FUNCTION__, crypto_full_path);
+               rc = 0;
                goto out;
        }
        while (fgets(buf, MAX_BUF_LEN, crypto_file)) {
-- 
1.5.3.7


-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
eCryptfs-devel mailing list
eCryptfs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ecryptfs-devel

[Ecryptfs-devel] [PATCH] Allow unloaded crypto_algapi module

Reply via email to