]> err.no Git - linux-2.6/commit
ecryptfs: check for existing key_tfm at mount time
authorEric Sandeen <sandeen@redhat.com>
Wed, 6 Feb 2008 09:38:37 +0000 (01:38 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Wed, 6 Feb 2008 18:41:13 +0000 (10:41 -0800)
commitaf440f52927e4b6941aa94e3cfc698adb0f22663
tree00a7fdc2b09e8e6146f0fd0bc055688d58eea939
parent19e66a67e9b25874cd5e184e7d381ce1b955df11
ecryptfs: check for existing key_tfm at mount time

Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same
cipher & other mount options, created a new ecryptfs_key_tfm_cache item
each time, and the cache could grow quite large this way.

Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding
these items.

Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new
helper function, ecryptfs_tfm_exists(), which checks for the cipher on the
cached key_tfm_list, and sets a pointer to it if it exists.  This can then
be called from ecryptfs_parse_options(), and new key_tfm's can be added
only when a cached one is not found.

With list locking changes suggested by akpm.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ecryptfs/crypto.c
fs/ecryptfs/ecryptfs_kernel.h
fs/ecryptfs/main.c