summaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs/keystore.c
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2007-02-16 01:28:40 -0800
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-02-16 08:14:01 -0800
commiteb95e7ffa50fa2921ef1845a5dcb2fe5b21e83a2 (patch)
tree665bc814f571b88988b668e34cf45f2981853e57 /fs/ecryptfs/keystore.c
parent29dbb3fc8020f025bc38b262ec494e19fd3eac02 (diff)
downloadkernel-crypto-eb95e7ffa50fa2921ef1845a5dcb2fe5b21e83a2.tar.gz
kernel-crypto-eb95e7ffa50fa2921ef1845a5dcb2fe5b21e83a2.tar.xz
kernel-crypto-eb95e7ffa50fa2921ef1845a5dcb2fe5b21e83a2.zip
[PATCH] eCryptfs: Reduce stack usage in ecryptfs_generate_key_packet_set()
eCryptfs is gobbling a lot of stack in ecryptfs_generate_key_packet_set() because it allocates a temporary memory-hungry ecryptfs_key_record struct. This patch introduces a new kmem_cache for that struct and converts ecryptfs_generate_key_packet_set() to use it. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/ecryptfs/keystore.c')
-rw-r--r--fs/ecryptfs/keystore.c26
1 files changed, 18 insertions, 8 deletions
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 81156e95ef8..b550dea8eee 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1638,6 +1638,8 @@ out:
return rc;
}
+struct kmem_cache *ecryptfs_key_record_cache;
+
/**
* ecryptfs_generate_key_packet_set
* @dest: Virtual address from which to write the key record set
@@ -1664,50 +1666,55 @@ ecryptfs_generate_key_packet_set(char *dest_base,
&ecryptfs_superblock_to_private(
ecryptfs_dentry->d_sb)->mount_crypt_stat;
size_t written;
- struct ecryptfs_key_record key_rec;
+ struct ecryptfs_key_record *key_rec;
int rc = 0;
(*len) = 0;
+ key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL);
+ if (!key_rec) {
+ rc = -ENOMEM;
+ goto out;
+ }
if (mount_crypt_stat->global_auth_tok) {
auth_tok = mount_crypt_stat->global_auth_tok;
if (auth_tok->token_type == ECRYPTFS_PASSWORD) {
rc = write_tag_3_packet((dest_base + (*len)),
max, auth_tok,
- crypt_stat, &key_rec,
+ crypt_stat, key_rec,
&written);
if (rc) {
ecryptfs_printk(KERN_WARNING, "Error "
"writing tag 3 packet\n");
- goto out;
+ goto out_free;
}
(*len) += written;
/* Write auth tok signature packet */
rc = write_tag_11_packet(
(dest_base + (*len)),
(max - (*len)),
- key_rec.sig, ECRYPTFS_SIG_SIZE, &written);
+ key_rec->sig, ECRYPTFS_SIG_SIZE, &written);
if (rc) {
ecryptfs_printk(KERN_ERR, "Error writing "
"auth tok signature packet\n");
- goto out;
+ goto out_free;
}
(*len) += written;
} else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
rc = write_tag_1_packet(dest_base + (*len),
max, auth_tok,
crypt_stat,mount_crypt_stat,
- &key_rec, &written);
+ key_rec, &written);
if (rc) {
ecryptfs_printk(KERN_WARNING, "Error "
"writing tag 1 packet\n");
- goto out;
+ goto out_free;
}
(*len) += written;
} else {
ecryptfs_printk(KERN_WARNING, "Unsupported "
"authentication token type\n");
rc = -EINVAL;
- goto out;
+ goto out_free;
}
} else
BUG();
@@ -1717,6 +1724,9 @@ ecryptfs_generate_key_packet_set(char *dest_base,
ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n");
rc = -EIO;
}
+
+out_free:
+ kmem_cache_free(ecryptfs_key_record_cache, key_rec);
out:
if (rc)
(*len) = 0;