Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...
[linux-3.10.git] / fs / ecryptfs / keystore.c
index 81156e9..c472533 100644 (file)
@@ -32,6 +32,7 @@
 #include <linux/random.h>
 #include <linux/crypto.h>
 #include <linux/scatterlist.h>
+#include <linux/slab.h>
 #include "ecryptfs_kernel.h"
 
 /**
  * determine the type of error, make appropriate log entries, and
  * return an error code.
  */
-int process_request_key_err(long err_code)
+static int process_request_key_err(long err_code)
 {
        int rc = 0;
 
        switch (err_code) {
-       case ENOKEY:
+       case -ENOKEY:
                ecryptfs_printk(KERN_WARNING, "No key\n");
                rc = -ENOENT;
                break;
-       case EKEYEXPIRED:
+       case -EKEYEXPIRED:
                ecryptfs_printk(KERN_WARNING, "Key expired\n");
                rc = -ETIME;
                break;
-       case EKEYREVOKED:
+       case -EKEYREVOKED:
                ecryptfs_printk(KERN_WARNING, "Key revoked\n");
                rc = -EINVAL;
                break;
        default:
                ecryptfs_printk(KERN_WARNING, "Unknown error code: "
-                               "[0x%.16x]\n", err_code);
+                               "[0x%.16lx]\n", err_code);
                rc = -EINVAL;
        }
        return rc;
 }
 
+static int process_find_global_auth_tok_for_sig_err(int err_code)
+{
+       int rc = err_code;
+
+       switch (err_code) {
+       case -ENOENT:
+               ecryptfs_printk(KERN_WARNING, "Missing auth tok\n");
+               break;
+       case -EINVAL:
+               ecryptfs_printk(KERN_WARNING, "Invalid auth tok\n");
+               break;
+       default:
+               rc = process_request_key_err(err_code);
+               break;
+       }
+       return rc;
+}
+
 /**
- * parse_packet_length
+ * ecryptfs_parse_packet_length
  * @data: Pointer to memory containing length at offset
  * @size: This function writes the decoded size to this memory
  *        address; zero on error
  * @length_size: The number of bytes occupied by the encoded length
  *
- * Returns Zero on success
+ * Returns zero on success; non-zero on error
  */
-static int parse_packet_length(unsigned char *data, size_t *size,
-                              size_t *length_size)
+int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
+                                size_t *length_size)
 {
        int rc = 0;
 
@@ -105,17 +124,17 @@ out:
 }
 
 /**
- * write_packet_length
- * @dest: The byte array target into which to write the
- *       length. Must have at least 5 bytes allocated.
+ * ecryptfs_write_packet_length
+ * @dest: The byte array target into which to write the length. Must
+ *        have at least 5 bytes allocated.
  * @size: The length to write.
- * @packet_size_length: The number of bytes used to encode the
- *                      packet length is written to this address.
+ * @packet_size_length: The number of bytes used to encode the packet
+ *                      length is written to this address.
  *
  * Returns zero on success; non-zero on error.
  */
-static int write_packet_length(char *dest, size_t size,
-                              size_t *packet_size_length)
+int ecryptfs_write_packet_length(char *dest, size_t size,
+                                size_t *packet_size_length)
 {
        int rc = 0;
 
@@ -129,7 +148,7 @@ static int write_packet_length(char *dest, size_t size,
        } else {
                rc = -EINVAL;
                ecryptfs_printk(KERN_WARNING,
-                               "Unsupported packet size: [%d]\n", size);
+                               "Unsupported packet size: [%zd]\n", size);
        }
        return rc;
 }
@@ -162,8 +181,8 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
                goto out;
        }
        message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE;
-       rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
-                                &packet_size_len);
+       rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
+                                         &packet_size_len);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
                                "header; cannot generate packet length\n");
@@ -172,8 +191,9 @@ write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key,
        i += packet_size_len;
        memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
        i += ECRYPTFS_SIG_SIZE_HEX;
-       rc = write_packet_length(&message[i], session_key->encrypted_key_size,
-                                &packet_size_len);
+       rc = ecryptfs_write_packet_length(&message[i],
+                                         session_key->encrypted_key_size,
+                                         &packet_size_len);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet "
                                "header; cannot generate packet length\n");
@@ -189,7 +209,7 @@ out:
 }
 
 static int
-parse_tag_65_packet(struct ecryptfs_session_key *session_key, u16 *cipher_code,
+parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code,
                    struct ecryptfs_message *msg)
 {
        size_t i = 0;
@@ -225,7 +245,7 @@ parse_tag_65_packet(struct ecryptfs_session_key *session_key, u16 *cipher_code,
                rc = -EIO;
                goto out;
        }
-       rc = parse_packet_length(&data[i], &m_size, &data_len);
+       rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len);
        if (rc) {
                ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
                                "rc = [%d]\n", rc);
@@ -233,8 +253,8 @@ parse_tag_65_packet(struct ecryptfs_session_key *session_key, u16 *cipher_code,
        }
        i += data_len;
        if (message_len < (i + m_size)) {
-               ecryptfs_printk(KERN_ERR, "The received netlink message is "
-                               "shorter than expected\n");
+               ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd "
+                               "is shorter than expected\n");
                rc = -EIO;
                goto out;
        }
@@ -275,7 +295,7 @@ out:
 
 
 static int
-write_tag_66_packet(char *signature, size_t cipher_code,
+write_tag_66_packet(char *signature, u8 cipher_code,
                    struct ecryptfs_crypt_stat *crypt_stat, char **packet,
                    size_t *packet_len)
 {
@@ -304,8 +324,8 @@ write_tag_66_packet(char *signature, size_t cipher_code,
                goto out;
        }
        message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE;
-       rc = write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
-                                &packet_size_len);
+       rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX,
+                                         &packet_size_len);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
                                "header; cannot generate packet length\n");
@@ -315,8 +335,8 @@ write_tag_66_packet(char *signature, size_t cipher_code,
        memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX);
        i += ECRYPTFS_SIG_SIZE_HEX;
        /* The encrypted key includes 1 byte cipher code and 2 byte checksum */
-       rc = write_packet_length(&message[i], crypt_stat->key_size + 3,
-                                &packet_size_len);
+       rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3,
+                                         &packet_size_len);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet "
                                "header; cannot generate packet length\n");
@@ -357,20 +377,25 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
        /* verify that everything through the encrypted FEK size is present */
        if (message_len < 4) {
                rc = -EIO;
+               printk(KERN_ERR "%s: message_len is [%zd]; minimum acceptable "
+                      "message length is [%d]\n", __func__, message_len, 4);
                goto out;
        }
        if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) {
-               ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_67\n");
                rc = -EIO;
+               printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n",
+                      __func__);
                goto out;
        }
        if (data[i++]) {
-               ecryptfs_printk(KERN_ERR, "Status indicator has non zero value"
-                               " [%d]\n", data[i-1]);
                rc = -EIO;
+               printk(KERN_ERR "%s: Status indicator has non zero "
+                      "value [%d]\n", __func__, data[i-1]);
+
                goto out;
        }
-       rc = parse_packet_length(&data[i], &key_rec->enc_key_size, &data_len);
+       rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size,
+                                         &data_len);
        if (rc) {
                ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
                                "rc = [%d]\n", rc);
@@ -378,17 +403,17 @@ parse_tag_67_packet(struct ecryptfs_key_record *key_rec,
        }
        i += data_len;
        if (message_len < (i + key_rec->enc_key_size)) {
-               ecryptfs_printk(KERN_ERR, "message_len [%d]; max len is [%d]\n",
-                               message_len, (i + key_rec->enc_key_size));
                rc = -EIO;
+               printk(KERN_ERR "%s: message_len [%zd]; max len is [%zd]\n",
+                      __func__, message_len, (i + key_rec->enc_key_size));
                goto out;
        }
        if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
-               ecryptfs_printk(KERN_ERR, "Encrypted key_size [%d] larger than "
-                               "the maximum key size [%d]\n",
-                               key_rec->enc_key_size,
-                               ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
                rc = -EIO;
+               printk(KERN_ERR "%s: Encrypted key_size [%zd] larger than "
+                      "the maximum key size [%d]\n", __func__,
+                      key_rec->enc_key_size,
+                      ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES);
                goto out;
        }
        memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size);
@@ -397,34 +422,755 @@ out:
 }
 
 /**
- * decrypt_pki_encrypted_session_key - Decrypt the session key with
- * the given auth_tok.
+ * ecryptfs_verify_version
+ * @version: The version number to confirm
  *
- * Returns Zero on success; non-zero error otherwise.
+ * Returns zero on good version; non-zero otherwise
  */
-static int decrypt_pki_encrypted_session_key(
+static int ecryptfs_verify_version(u16 version)
+{
+       int rc = 0;
+       unsigned char major;
+       unsigned char minor;
+
+       major = ((version >> 8) & 0xFF);
+       minor = (version & 0xFF);
+       if (major != ECRYPTFS_VERSION_MAJOR) {
+               ecryptfs_printk(KERN_ERR, "Major version number mismatch. "
+                               "Expected [%d]; got [%d]\n",
+                               ECRYPTFS_VERSION_MAJOR, major);
+               rc = -EINVAL;
+               goto out;
+       }
+       if (minor != ECRYPTFS_VERSION_MINOR) {
+               ecryptfs_printk(KERN_ERR, "Minor version number mismatch. "
+                               "Expected [%d]; got [%d]\n",
+                               ECRYPTFS_VERSION_MINOR, minor);
+               rc = -EINVAL;
+               goto out;
+       }
+out:
+       return rc;
+}
+
+/**
+ * ecryptfs_verify_auth_tok_from_key
+ * @auth_tok_key: key containing the authentication token
+ * @auth_tok: authentication token
+ *
+ * Returns zero on valid auth tok; -EINVAL otherwise
+ */
+static int
+ecryptfs_verify_auth_tok_from_key(struct key *auth_tok_key,
+                                 struct ecryptfs_auth_tok **auth_tok)
+{
+       int rc = 0;
+
+       (*auth_tok) = ecryptfs_get_key_payload_data(auth_tok_key);
+       if (ecryptfs_verify_version((*auth_tok)->version)) {
+               printk(KERN_ERR "Data structure version mismatch. Userspace "
+                      "tools must match eCryptfs kernel module with major "
+                      "version [%d] and minor version [%d]\n",
+                      ECRYPTFS_VERSION_MAJOR, ECRYPTFS_VERSION_MINOR);
+               rc = -EINVAL;
+               goto out;
+       }
+       if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD
+           && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) {
+               printk(KERN_ERR "Invalid auth_tok structure "
+                      "returned from key query\n");
+               rc = -EINVAL;
+               goto out;
+       }
+out:
+       return rc;
+}
+
+static int
+ecryptfs_find_global_auth_tok_for_sig(
+       struct key **auth_tok_key,
+       struct ecryptfs_auth_tok **auth_tok,
+       struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig)
+{
+       struct ecryptfs_global_auth_tok *walker;
+       int rc = 0;
+
+       (*auth_tok_key) = NULL;
+       (*auth_tok) = NULL;
+       mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
+       list_for_each_entry(walker,
+                           &mount_crypt_stat->global_auth_tok_list,
+                           mount_crypt_stat_list) {
+               if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX))
+                       continue;
+
+               if (walker->flags & ECRYPTFS_AUTH_TOK_INVALID) {
+                       rc = -EINVAL;
+                       goto out;
+               }
+
+               rc = key_validate(walker->global_auth_tok_key);
+               if (rc) {
+                       if (rc == -EKEYEXPIRED)
+                               goto out;
+                       goto out_invalid_auth_tok;
+               }
+
+               down_write(&(walker->global_auth_tok_key->sem));
+               rc = ecryptfs_verify_auth_tok_from_key(
+                               walker->global_auth_tok_key, auth_tok);
+               if (rc)
+                       goto out_invalid_auth_tok_unlock;
+
+               (*auth_tok_key) = walker->global_auth_tok_key;
+               key_get(*auth_tok_key);
+               goto out;
+       }
+       rc = -ENOENT;
+       goto out;
+out_invalid_auth_tok_unlock:
+       up_write(&(walker->global_auth_tok_key->sem));
+out_invalid_auth_tok:
+       printk(KERN_WARNING "Invalidating auth tok with sig = [%s]\n", sig);
+       walker->flags |= ECRYPTFS_AUTH_TOK_INVALID;
+       key_put(walker->global_auth_tok_key);
+       walker->global_auth_tok_key = NULL;
+out:
+       mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
+       return rc;
+}
+
+/**
+ * ecryptfs_find_auth_tok_for_sig
+ * @auth_tok: Set to the matching auth_tok; NULL if not found
+ * @crypt_stat: inode crypt_stat crypto context
+ * @sig: Sig of auth_tok to find
+ *
+ * For now, this function simply looks at the registered auth_tok's
+ * linked off the mount_crypt_stat, so all the auth_toks that can be
+ * used must be registered at mount time. This function could
+ * potentially try a lot harder to find auth_tok's (e.g., by calling
+ * out to ecryptfsd to dynamically retrieve an auth_tok object) so
+ * that static registration of auth_tok's will no longer be necessary.
+ *
+ * Returns zero on no error; non-zero on error
+ */
+static int
+ecryptfs_find_auth_tok_for_sig(
+       struct key **auth_tok_key,
+       struct ecryptfs_auth_tok **auth_tok,
        struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
-       struct ecryptfs_auth_tok *auth_tok,
-       struct ecryptfs_crypt_stat *crypt_stat)
+       char *sig)
+{
+       int rc = 0;
+
+       rc = ecryptfs_find_global_auth_tok_for_sig(auth_tok_key, auth_tok,
+                                                  mount_crypt_stat, sig);
+       if (rc == -ENOENT) {
+               /* if the flag ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY is set in the
+                * mount_crypt_stat structure, we prevent to use auth toks that
+                * are not inserted through the ecryptfs_add_global_auth_tok
+                * function.
+                */
+               if (mount_crypt_stat->flags
+                               & ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY)
+                       return -EINVAL;
+
+               rc = ecryptfs_keyring_auth_tok_for_sig(auth_tok_key, auth_tok,
+                                                      sig);
+       }
+       return rc;
+}
+
+/**
+ * write_tag_70_packet can gobble a lot of stack space. We stuff most
+ * of the function's parameters in a kmalloc'd struct to help reduce
+ * eCryptfs' overall stack usage.
+ */
+struct ecryptfs_write_tag_70_packet_silly_stack {
+       u8 cipher_code;
+       size_t max_packet_size;
+       size_t packet_size_len;
+       size_t block_aligned_filename_size;
+       size_t block_size;
+       size_t i;
+       size_t j;
+       size_t num_rand_bytes;
+       struct mutex *tfm_mutex;
+       char *block_aligned_filename;
+       struct ecryptfs_auth_tok *auth_tok;
+       struct scatterlist src_sg[2];
+       struct scatterlist dst_sg[2];
+       struct blkcipher_desc desc;
+       char iv[ECRYPTFS_MAX_IV_BYTES];
+       char hash[ECRYPTFS_TAG_70_DIGEST_SIZE];
+       char tmp_hash[ECRYPTFS_TAG_70_DIGEST_SIZE];
+       struct hash_desc hash_desc;
+       struct scatterlist hash_sg;
+};
+
+/**
+ * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK
+ * @filename: NULL-terminated filename string
+ *
+ * This is the simplest mechanism for achieving filename encryption in
+ * eCryptfs. It encrypts the given filename with the mount-wide
+ * filename encryption key (FNEK) and stores it in a packet to @dest,
+ * which the callee will encode and write directly into the dentry
+ * name.
+ */
+int
+ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,
+                            size_t *packet_size,
+                            struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
+                            char *filename, size_t filename_size)
+{
+       struct ecryptfs_write_tag_70_packet_silly_stack *s;
+       struct key *auth_tok_key = NULL;
+       int rc = 0;
+
+       s = kmalloc(sizeof(*s), GFP_KERNEL);
+       if (!s) {
+               printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc "
+                      "[%zd] bytes of kernel memory\n", __func__, sizeof(*s));
+               rc = -ENOMEM;
+               goto out;
+       }
+       s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+       (*packet_size) = 0;
+       rc = ecryptfs_find_auth_tok_for_sig(
+               &auth_tok_key,
+               &s->auth_tok, mount_crypt_stat,
+               mount_crypt_stat->global_default_fnek_sig);
+       if (rc) {
+               printk(KERN_ERR "%s: Error attempting to find auth tok for "
+                      "fnek sig [%s]; rc = [%d]\n", __func__,
+                      mount_crypt_stat->global_default_fnek_sig, rc);
+               goto out;
+       }
+       rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(
+               &s->desc.tfm,
+               &s->tfm_mutex, mount_crypt_stat->global_default_fn_cipher_name);
+       if (unlikely(rc)) {
+               printk(KERN_ERR "Internal error whilst attempting to get "
+                      "tfm and mutex for cipher name [%s]; rc = [%d]\n",
+                      mount_crypt_stat->global_default_fn_cipher_name, rc);
+               goto out;
+       }
+       mutex_lock(s->tfm_mutex);
+       s->block_size = crypto_blkcipher_blocksize(s->desc.tfm);
+       /* Plus one for the \0 separator between the random prefix
+        * and the plaintext filename */
+       s->num_rand_bytes = (ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES + 1);
+       s->block_aligned_filename_size = (s->num_rand_bytes + filename_size);
+       if ((s->block_aligned_filename_size % s->block_size) != 0) {
+               s->num_rand_bytes += (s->block_size
+                                     - (s->block_aligned_filename_size
+                                        % s->block_size));
+               s->block_aligned_filename_size = (s->num_rand_bytes
+                                                 + filename_size);
+       }
+       /* Octet 0: Tag 70 identifier
+        * Octets 1-N1: Tag 70 packet size (includes cipher identifier
+        *              and block-aligned encrypted filename size)
+        * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE)
+        * Octet N2-N3: Cipher identifier (1 octet)
+        * Octets N3-N4: Block-aligned encrypted filename
+        *  - Consists of a minimum number of random characters, a \0
+        *    separator, and then the filename */
+       s->max_packet_size = (1                   /* Tag 70 identifier */
+                             + 3                 /* Max Tag 70 packet size */
+                             + ECRYPTFS_SIG_SIZE /* FNEK sig */
+                             + 1                 /* Cipher identifier */
+                             + s->block_aligned_filename_size);
+       if (dest == NULL) {
+               (*packet_size) = s->max_packet_size;
+               goto out_unlock;
+       }
+       if (s->max_packet_size > (*remaining_bytes)) {
+               printk(KERN_WARNING "%s: Require [%zd] bytes to write; only "
+                      "[%zd] available\n", __func__, s->max_packet_size,
+                      (*remaining_bytes));
+               rc = -EINVAL;
+               goto out_unlock;
+       }
+       s->block_aligned_filename = kzalloc(s->block_aligned_filename_size,
+                                           GFP_KERNEL);
+       if (!s->block_aligned_filename) {
+               printk(KERN_ERR "%s: Out of kernel memory whilst attempting to "
+                      "kzalloc [%zd] bytes\n", __func__,
+                      s->block_aligned_filename_size);
+               rc = -ENOMEM;
+               goto out_unlock;
+       }
+       s->i = 0;
+       dest[s->i++] = ECRYPTFS_TAG_70_PACKET_TYPE;
+       rc = ecryptfs_write_packet_length(&dest[s->i],
+                                         (ECRYPTFS_SIG_SIZE
+                                          + 1 /* Cipher code */
+                                          + s->block_aligned_filename_size),
+                                         &s->packet_size_len);
+       if (rc) {
+               printk(KERN_ERR "%s: Error generating tag 70 packet "
+                      "header; cannot generate packet length; rc = [%d]\n",
+                      __func__, rc);
+               goto out_free_unlock;
+       }
+       s->i += s->packet_size_len;
+       ecryptfs_from_hex(&dest[s->i],
+                         mount_crypt_stat->global_default_fnek_sig,
+                         ECRYPTFS_SIG_SIZE);
+       s->i += ECRYPTFS_SIG_SIZE;
+       s->cipher_code = ecryptfs_code_for_cipher_string(
+               mount_crypt_stat->global_default_fn_cipher_name,
+               mount_crypt_stat->global_default_fn_cipher_key_bytes);
+       if (s->cipher_code == 0) {
+               printk(KERN_WARNING "%s: Unable to generate code for "
+                      "cipher [%s] with key bytes [%zd]\n", __func__,
+                      mount_crypt_stat->global_default_fn_cipher_name,
+                      mount_crypt_stat->global_default_fn_cipher_key_bytes);
+               rc = -EINVAL;
+               goto out_free_unlock;
+       }
+       dest[s->i++] = s->cipher_code;
+       /* TODO: Support other key modules than passphrase for
+        * filename encryption */
+       if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
+               rc = -EOPNOTSUPP;
+               printk(KERN_INFO "%s: Filename encryption only supports "
+                      "password tokens\n", __func__);
+               goto out_free_unlock;
+       }
+       sg_init_one(
+               &s->hash_sg,
+               (u8 *)s->auth_tok->token.password.session_key_encryption_key,
+               s->auth_tok->token.password.session_key_encryption_key_bytes);
+       s->hash_desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+       s->hash_desc.tfm = crypto_alloc_hash(ECRYPTFS_TAG_70_DIGEST, 0,
+                                            CRYPTO_ALG_ASYNC);
+       if (IS_ERR(s->hash_desc.tfm)) {
+                       rc = PTR_ERR(s->hash_desc.tfm);
+                       printk(KERN_ERR "%s: Error attempting to "
+                              "allocate hash crypto context; rc = [%d]\n",
+                              __func__, rc);
+                       goto out_free_unlock;
+       }
+       rc = crypto_hash_init(&s->hash_desc);
+       if (rc) {
+               printk(KERN_ERR
+                      "%s: Error initializing crypto hash; rc = [%d]\n",
+                      __func__, rc);
+               goto out_release_free_unlock;
+       }
+       rc = crypto_hash_update(
+               &s->hash_desc, &s->hash_sg,
+               s->auth_tok->token.password.session_key_encryption_key_bytes);
+       if (rc) {
+               printk(KERN_ERR
+                      "%s: Error updating crypto hash; rc = [%d]\n",
+                      __func__, rc);
+               goto out_release_free_unlock;
+       }
+       rc = crypto_hash_final(&s->hash_desc, s->hash);
+       if (rc) {
+               printk(KERN_ERR
+                      "%s: Error finalizing crypto hash; rc = [%d]\n",
+                      __func__, rc);
+               goto out_release_free_unlock;
+       }
+       for (s->j = 0; s->j < (s->num_rand_bytes - 1); s->j++) {
+               s->block_aligned_filename[s->j] =
+                       s->hash[(s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)];
+               if ((s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)
+                   == (ECRYPTFS_TAG_70_DIGEST_SIZE - 1)) {
+                       sg_init_one(&s->hash_sg, (u8 *)s->hash,
+                                   ECRYPTFS_TAG_70_DIGEST_SIZE);
+                       rc = crypto_hash_init(&s->hash_desc);
+                       if (rc) {
+                               printk(KERN_ERR
+                                      "%s: Error initializing crypto hash; "
+                                      "rc = [%d]\n", __func__, rc);
+                               goto out_release_free_unlock;
+                       }
+                       rc = crypto_hash_update(&s->hash_desc, &s->hash_sg,
+                                               ECRYPTFS_TAG_70_DIGEST_SIZE);
+                       if (rc) {
+                               printk(KERN_ERR
+                                      "%s: Error updating crypto hash; "
+                                      "rc = [%d]\n", __func__, rc);
+                               goto out_release_free_unlock;
+                       }
+                       rc = crypto_hash_final(&s->hash_desc, s->tmp_hash);
+                       if (rc) {
+                               printk(KERN_ERR
+                                      "%s: Error finalizing crypto hash; "
+                                      "rc = [%d]\n", __func__, rc);
+                               goto out_release_free_unlock;
+                       }
+                       memcpy(s->hash, s->tmp_hash,
+                              ECRYPTFS_TAG_70_DIGEST_SIZE);
+               }
+               if (s->block_aligned_filename[s->j] == '\0')
+                       s->block_aligned_filename[s->j] = ECRYPTFS_NON_NULL;
+       }
+       memcpy(&s->block_aligned_filename[s->num_rand_bytes], filename,
+              filename_size);
+       rc = virt_to_scatterlist(s->block_aligned_filename,
+                                s->block_aligned_filename_size, s->src_sg, 2);
+       if (rc < 1) {
+               printk(KERN_ERR "%s: Internal error whilst attempting to "
+                      "convert filename memory to scatterlist; rc = [%d]. "
+                      "block_aligned_filename_size = [%zd]\n", __func__, rc,
+                      s->block_aligned_filename_size);
+               goto out_release_free_unlock;
+       }
+       rc = virt_to_scatterlist(&dest[s->i], s->block_aligned_filename_size,
+                                s->dst_sg, 2);
+       if (rc < 1) {
+               printk(KERN_ERR "%s: Internal error whilst attempting to "
+                      "convert encrypted filename memory to scatterlist; "
+                      "rc = [%d]. block_aligned_filename_size = [%zd]\n",
+                      __func__, rc, s->block_aligned_filename_size);
+               goto out_release_free_unlock;
+       }
+       /* The characters in the first block effectively do the job
+        * of the IV here, so we just use 0's for the IV. Note the
+        * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES
+        * >= ECRYPTFS_MAX_IV_BYTES. */
+       memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES);
+       s->desc.info = s->iv;
+       rc = crypto_blkcipher_setkey(
+               s->desc.tfm,
+               s->auth_tok->token.password.session_key_encryption_key,
+               mount_crypt_stat->global_default_fn_cipher_key_bytes);
+       if (rc < 0) {
+               printk(KERN_ERR "%s: Error setting key for crypto context; "
+                      "rc = [%d]. s->auth_tok->token.password.session_key_"
+                      "encryption_key = [0x%p]; mount_crypt_stat->"
+                      "global_default_fn_cipher_key_bytes = [%zd]\n", __func__,
+                      rc,
+                      s->auth_tok->token.password.session_key_encryption_key,
+                      mount_crypt_stat->global_default_fn_cipher_key_bytes);
+               goto out_release_free_unlock;
+       }
+       rc = crypto_blkcipher_encrypt_iv(&s->desc, s->dst_sg, s->src_sg,
+                                        s->block_aligned_filename_size);
+       if (rc) {
+               printk(KERN_ERR "%s: Error attempting to encrypt filename; "
+                      "rc = [%d]\n", __func__, rc);
+               goto out_release_free_unlock;
+       }
+       s->i += s->block_aligned_filename_size;
+       (*packet_size) = s->i;
+       (*remaining_bytes) -= (*packet_size);
+out_release_free_unlock:
+       crypto_free_hash(s->hash_desc.tfm);
+out_free_unlock:
+       kzfree(s->block_aligned_filename);
+out_unlock:
+       mutex_unlock(s->tfm_mutex);
+out:
+       if (auth_tok_key) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+       }
+       kfree(s);
+       return rc;
+}
+
+struct ecryptfs_parse_tag_70_packet_silly_stack {
+       u8 cipher_code;
+       size_t max_packet_size;
+       size_t packet_size_len;
+       size_t parsed_tag_70_packet_size;
+       size_t block_aligned_filename_size;
+       size_t block_size;
+       size_t i;
+       struct mutex *tfm_mutex;
+       char *decrypted_filename;
+       struct ecryptfs_auth_tok *auth_tok;
+       struct scatterlist src_sg[2];
+       struct scatterlist dst_sg[2];
+       struct blkcipher_desc desc;
+       char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1];
+       char iv[ECRYPTFS_MAX_IV_BYTES];
+       char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE];
+};
+
+/**
+ * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet
+ * @filename: This function kmalloc's the memory for the filename
+ * @filename_size: This function sets this to the amount of memory
+ *                 kmalloc'd for the filename
+ * @packet_size: This function sets this to the the number of octets
+ *               in the packet parsed
+ * @mount_crypt_stat: The mount-wide cryptographic context
+ * @data: The memory location containing the start of the tag 70
+ *        packet
+ * @max_packet_size: The maximum legal size of the packet to be parsed
+ *                   from @data
+ *
+ * Returns zero on success; non-zero otherwise
+ */
+int
+ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size,
+                            size_t *packet_size,
+                            struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
+                            char *data, size_t max_packet_size)
 {
-       u16 cipher_code = 0;
+       struct ecryptfs_parse_tag_70_packet_silly_stack *s;
+       struct key *auth_tok_key = NULL;
+       int rc = 0;
+
+       (*packet_size) = 0;
+       (*filename_size) = 0;
+       (*filename) = NULL;
+       s = kmalloc(sizeof(*s), GFP_KERNEL);
+       if (!s) {
+               printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc "
+                      "[%zd] bytes of kernel memory\n", __func__, sizeof(*s));
+               rc = -ENOMEM;
+               goto out;
+       }
+       s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+       if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) {
+               printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be "
+                      "at least [%d]\n", __func__, max_packet_size,
+                       (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1));
+               rc = -EINVAL;
+               goto out;
+       }
+       /* Octet 0: Tag 70 identifier
+        * Octets 1-N1: Tag 70 packet size (includes cipher identifier
+        *              and block-aligned encrypted filename size)
+        * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE)
+        * Octet N2-N3: Cipher identifier (1 octet)
+        * Octets N3-N4: Block-aligned encrypted filename
+        *  - Consists of a minimum number of random numbers, a \0
+        *    separator, and then the filename */
+       if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) {
+               printk(KERN_WARNING "%s: Invalid packet tag [0x%.2x]; must be "
+                      "tag [0x%.2x]\n", __func__,
+                      data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE);
+               rc = -EINVAL;
+               goto out;
+       }
+       rc = ecryptfs_parse_packet_length(&data[(*packet_size)],
+                                         &s->parsed_tag_70_packet_size,
+                                         &s->packet_size_len);
+       if (rc) {
+               printk(KERN_WARNING "%s: Error parsing packet length; "
+                      "rc = [%d]\n", __func__, rc);
+               goto out;
+       }
+       s->block_aligned_filename_size = (s->parsed_tag_70_packet_size
+                                         - ECRYPTFS_SIG_SIZE - 1);
+       if ((1 + s->packet_size_len + s->parsed_tag_70_packet_size)
+           > max_packet_size) {
+               printk(KERN_WARNING "%s: max_packet_size is [%zd]; real packet "
+                      "size is [%zd]\n", __func__, max_packet_size,
+                      (1 + s->packet_size_len + 1
+                       + s->block_aligned_filename_size));
+               rc = -EINVAL;
+               goto out;
+       }
+       (*packet_size) += s->packet_size_len;
+       ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)],
+                       ECRYPTFS_SIG_SIZE);
+       s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+       (*packet_size) += ECRYPTFS_SIG_SIZE;
+       s->cipher_code = data[(*packet_size)++];
+       rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code);
+       if (rc) {
+               printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n",
+                      __func__, s->cipher_code);
+               goto out;
+       }
+       rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+                                           &s->auth_tok, mount_crypt_stat,
+                                           s->fnek_sig_hex);
+       if (rc) {
+               printk(KERN_ERR "%s: Error attempting to find auth tok for "
+                      "fnek sig [%s]; rc = [%d]\n", __func__, s->fnek_sig_hex,
+                      rc);
+               goto out;
+       }
+       rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&s->desc.tfm,
+                                                       &s->tfm_mutex,
+                                                       s->cipher_string);
+       if (unlikely(rc)) {
+               printk(KERN_ERR "Internal error whilst attempting to get "
+                      "tfm and mutex for cipher name [%s]; rc = [%d]\n",
+                      s->cipher_string, rc);
+               goto out;
+       }
+       mutex_lock(s->tfm_mutex);
+       rc = virt_to_scatterlist(&data[(*packet_size)],
+                                s->block_aligned_filename_size, s->src_sg, 2);
+       if (rc < 1) {
+               printk(KERN_ERR "%s: Internal error whilst attempting to "
+                      "convert encrypted filename memory to scatterlist; "
+                      "rc = [%d]. block_aligned_filename_size = [%zd]\n",
+                      __func__, rc, s->block_aligned_filename_size);
+               goto out_unlock;
+       }
+       (*packet_size) += s->block_aligned_filename_size;
+       s->decrypted_filename = kmalloc(s->block_aligned_filename_size,
+                                       GFP_KERNEL);
+       if (!s->decrypted_filename) {
+               printk(KERN_ERR "%s: Out of memory whilst attempting to "
+                      "kmalloc [%zd] bytes\n", __func__,
+                      s->block_aligned_filename_size);
+               rc = -ENOMEM;
+               goto out_unlock;
+       }
+       rc = virt_to_scatterlist(s->decrypted_filename,
+                                s->block_aligned_filename_size, s->dst_sg, 2);
+       if (rc < 1) {
+               printk(KERN_ERR "%s: Internal error whilst attempting to "
+                      "convert decrypted filename memory to scatterlist; "
+                      "rc = [%d]. block_aligned_filename_size = [%zd]\n",
+                      __func__, rc, s->block_aligned_filename_size);
+               goto out_free_unlock;
+       }
+       /* The characters in the first block effectively do the job of
+        * the IV here, so we just use 0's for the IV. Note the
+        * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES
+        * >= ECRYPTFS_MAX_IV_BYTES. */
+       memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES);
+       s->desc.info = s->iv;
+       /* TODO: Support other key modules than passphrase for
+        * filename encryption */
+       if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
+               rc = -EOPNOTSUPP;
+               printk(KERN_INFO "%s: Filename encryption only supports "
+                      "password tokens\n", __func__);
+               goto out_free_unlock;
+       }
+       rc = crypto_blkcipher_setkey(
+               s->desc.tfm,
+               s->auth_tok->token.password.session_key_encryption_key,
+               mount_crypt_stat->global_default_fn_cipher_key_bytes);
+       if (rc < 0) {
+               printk(KERN_ERR "%s: Error setting key for crypto context; "
+                      "rc = [%d]. s->auth_tok->token.password.session_key_"
+                      "encryption_key = [0x%p]; mount_crypt_stat->"
+                      "global_default_fn_cipher_key_bytes = [%zd]\n", __func__,
+                      rc,
+                      s->auth_tok->token.password.session_key_encryption_key,
+                      mount_crypt_stat->global_default_fn_cipher_key_bytes);
+               goto out_free_unlock;
+       }
+       rc = crypto_blkcipher_decrypt_iv(&s->desc, s->dst_sg, s->src_sg,
+                                        s->block_aligned_filename_size);
+       if (rc) {
+               printk(KERN_ERR "%s: Error attempting to decrypt filename; "
+                      "rc = [%d]\n", __func__, rc);
+               goto out_free_unlock;
+       }
+       s->i = 0;
+       while (s->decrypted_filename[s->i] != '\0'
+              && s->i < s->block_aligned_filename_size)
+               s->i++;
+       if (s->i == s->block_aligned_filename_size) {
+               printk(KERN_WARNING "%s: Invalid tag 70 packet; could not "
+                      "find valid separator between random characters and "
+                      "the filename\n", __func__);
+               rc = -EINVAL;
+               goto out_free_unlock;
+       }
+       s->i++;
+       (*filename_size) = (s->block_aligned_filename_size - s->i);
+       if (!((*filename_size) > 0 && (*filename_size < PATH_MAX))) {
+               printk(KERN_WARNING "%s: Filename size is [%zd], which is "
+                      "invalid\n", __func__, (*filename_size));
+               rc = -EINVAL;
+               goto out_free_unlock;
+       }
+       (*filename) = kmalloc(((*filename_size) + 1), GFP_KERNEL);
+       if (!(*filename)) {
+               printk(KERN_ERR "%s: Out of memory whilst attempting to "
+                      "kmalloc [%zd] bytes\n", __func__,
+                      ((*filename_size) + 1));
+               rc = -ENOMEM;
+               goto out_free_unlock;
+       }
+       memcpy((*filename), &s->decrypted_filename[s->i], (*filename_size));
+       (*filename)[(*filename_size)] = '\0';
+out_free_unlock:
+       kfree(s->decrypted_filename);
+out_unlock:
+       mutex_unlock(s->tfm_mutex);
+out:
+       if (rc) {
+               (*packet_size) = 0;
+               (*filename_size) = 0;
+               (*filename) = NULL;
+       }
+       if (auth_tok_key) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+       }
+       kfree(s);
+       return rc;
+}
+
+static int
+ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok)
+{
+       int rc = 0;
+
+       (*sig) = NULL;
+       switch (auth_tok->token_type) {
+       case ECRYPTFS_PASSWORD:
+               (*sig) = auth_tok->token.password.signature;
+               break;
+       case ECRYPTFS_PRIVATE_KEY:
+               (*sig) = auth_tok->token.private_key.signature;
+               break;
+       default:
+               printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n",
+                      auth_tok->token_type);
+               rc = -EINVAL;
+       }
+       return rc;
+}
+
+/**
+ * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok.
+ * @auth_tok: The key authentication token used to decrypt the session key
+ * @crypt_stat: The cryptographic context
+ *
+ * Returns zero on success; non-zero error otherwise.
+ */
+static int
+decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
+                                 struct ecryptfs_crypt_stat *crypt_stat)
+{
+       u8 cipher_code = 0;
        struct ecryptfs_msg_ctx *msg_ctx;
        struct ecryptfs_message *msg = NULL;
-       char *netlink_message;
-       size_t netlink_message_length;
+       char *auth_tok_sig;
+       char *payload;
+       size_t payload_len;
        int rc;
 
-       rc = write_tag_64_packet(mount_crypt_stat->global_auth_tok_sig,
-                                &(auth_tok->session_key),
-                                &netlink_message, &netlink_message_length);
+       rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok);
+       if (rc) {
+               printk(KERN_ERR "Unrecognized auth tok type: [%d]\n",
+                      auth_tok->token_type);
+               goto out;
+       }
+       rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),
+                                &payload, &payload_len);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet");
+               ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n");
                goto out;
        }
-       rc = ecryptfs_send_message(ecryptfs_transport, netlink_message,
-                                  netlink_message_length, &msg_ctx);
+       rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Error sending netlink message\n");
+               ecryptfs_printk(KERN_ERR, "Error sending message to "
+                               "ecryptfsd\n");
                goto out;
        }
        rc = ecryptfs_wait_for_response(msg_ctx, &msg);
@@ -465,40 +1211,33 @@ out:
 
 static void wipe_auth_tok_list(struct list_head *auth_tok_list_head)
 {
-       struct list_head *walker;
        struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
+       struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp;
 
-       walker = auth_tok_list_head->next;
-       while (walker != auth_tok_list_head) {
-               auth_tok_list_item =
-                   list_entry(walker, struct ecryptfs_auth_tok_list_item,
-                              list);
-               walker = auth_tok_list_item->list.next;
-               memset(auth_tok_list_item, 0,
-                      sizeof(struct ecryptfs_auth_tok_list_item));
+       list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp,
+                                auth_tok_list_head, list) {
+               list_del(&auth_tok_list_item->list);
                kmem_cache_free(ecryptfs_auth_tok_list_item_cache,
                                auth_tok_list_item);
        }
-       auth_tok_list_head->next = NULL;
 }
 
 struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
 
-
 /**
  * parse_tag_1_packet
- * @crypt_stat: The cryptographic context to modify based on packet
- *              contents.
+ * @crypt_stat: The cryptographic context to modify based on packet contents
  * @data: The raw bytes of the packet.
  * @auth_tok_list: eCryptfs parses packets into authentication tokens;
- *                 a new authentication token will be placed at the end
- *                 of this list for this packet.
+ *                 a new authentication token will be placed at the
+ *                 end of this list for this packet.
  * @new_auth_tok: Pointer to a pointer to memory that this function
  *                allocates; sets the memory address of the pointer to
  *                NULL on error. This object is added to the
  *                auth_tok_list.
  * @packet_size: This function writes the size of the parsed packet
  *               into this memory location; zero on error.
+ * @max_packet_size: The maximum allowable packet size
  *
  * Returns zero on success; non-zero on error.
  */
@@ -515,72 +1254,65 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat,
 
        (*packet_size) = 0;
        (*new_auth_tok) = NULL;
-
-       /* we check that:
-        *   one byte for the Tag 1 ID flag
-        *   two bytes for the body size
-        * do not exceed the maximum_packet_size
+       /**
+        * This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 1
+        *
+        * Tag 1 identifier (1 byte)
+        * Max Tag 1 packet size (max 3 bytes)
+        * Version (1 byte)
+        * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE)
+        * Cipher identifier (1 byte)
+        * Encrypted key size (arbitrary)
+        *
+        * 12 bytes minimum packet size
         */
-       if (unlikely((*packet_size) + 3 > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+       if (unlikely(max_packet_size < 12)) {
+               printk(KERN_ERR "Invalid max packet size; must be >=12\n");
                rc = -EINVAL;
                goto out;
        }
-       /* check for Tag 1 identifier - one byte */
        if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) {
-               ecryptfs_printk(KERN_ERR, "Enter w/ first byte != 0x%.2x\n",
-                               ECRYPTFS_TAG_1_PACKET_TYPE);
+               printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n",
+                      ECRYPTFS_TAG_1_PACKET_TYPE);
                rc = -EINVAL;
                goto out;
        }
        /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or
         * at end of function upon failure */
        auth_tok_list_item =
-               kmem_cache_alloc(ecryptfs_auth_tok_list_item_cache,
-                                GFP_KERNEL);
+               kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache,
+                                 GFP_KERNEL);
        if (!auth_tok_list_item) {
-               ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n");
+               printk(KERN_ERR "Unable to allocate memory\n");
                rc = -ENOMEM;
                goto out;
        }
-       memset(auth_tok_list_item, 0,
-              sizeof(struct ecryptfs_auth_tok_list_item));
        (*new_auth_tok) = &auth_tok_list_item->auth_tok;
-       /* check for body size - one to two bytes
-        *
-        *              ***** TAG 1 Packet Format *****
-        *    | version number                     | 1 byte       |
-        *    | key ID                             | 8 bytes      |
-        *    | public key algorithm               | 1 byte       |
-        *    | encrypted session key              | arbitrary    |
-        */
-       rc = parse_packet_length(&data[(*packet_size)], &body_size,
-                                &length_size);
+       rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
+                                         &length_size);
        if (rc) {
-               ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
-                               "rc = [%d]\n", rc);
+               printk(KERN_WARNING "Error parsing packet length; "
+                      "rc = [%d]\n", rc);
                goto out_free;
        }
-       if (unlikely(body_size < (0x02 + ECRYPTFS_SIG_SIZE))) {
-               ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n",
-                               body_size);
+       if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) {
+               printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
                rc = -EINVAL;
                goto out_free;
        }
        (*packet_size) += length_size;
        if (unlikely((*packet_size) + body_size > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+               printk(KERN_WARNING "Packet size exceeds max\n");
                rc = -EINVAL;
                goto out_free;
        }
-       /* Version 3 (from RFC2440) - one byte */
        if (unlikely(data[(*packet_size)++] != 0x03)) {
-               ecryptfs_printk(KERN_DEBUG, "Unknown version number "
-                               "[%d]\n", data[(*packet_size) - 1]);
+               printk(KERN_WARNING "Unknown version number [%d]\n",
+                      data[(*packet_size) - 1]);
                rc = -EINVAL;
                goto out_free;
        }
-       /* Read Signature */
        ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature,
                        &data[(*packet_size)], ECRYPTFS_SIG_SIZE);
        *packet_size += ECRYPTFS_SIG_SIZE;
@@ -588,27 +1320,23 @@ parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat,
         * know which public key encryption algorithm was used */
        (*packet_size)++;
        (*new_auth_tok)->session_key.encrypted_key_size =
-               body_size - (0x02 + ECRYPTFS_SIG_SIZE);
+               body_size - (ECRYPTFS_SIG_SIZE + 2);
        if ((*new_auth_tok)->session_key.encrypted_key_size
            > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
-               ecryptfs_printk(KERN_ERR, "Tag 1 packet contains key larger "
-                               "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES");
+               printk(KERN_WARNING "Tag 1 packet contains key larger "
+                      "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES");
                rc = -EINVAL;
                goto out;
        }
-       ecryptfs_printk(KERN_DEBUG, "Encrypted key size = [%d]\n",
-                       (*new_auth_tok)->session_key.encrypted_key_size);
        memcpy((*new_auth_tok)->session_key.encrypted_key,
-              &data[(*packet_size)], (body_size - 0x02 - ECRYPTFS_SIG_SIZE));
+              &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2)));
        (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size;
        (*new_auth_tok)->session_key.flags &=
                ~ECRYPTFS_CONTAINS_DECRYPTED_KEY;
        (*new_auth_tok)->session_key.flags |=
                ECRYPTFS_CONTAINS_ENCRYPTED_KEY;
        (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY;
-       (*new_auth_tok)->flags |= ECRYPTFS_PRIVATE_KEY;
-       /* TODO: Why are we setting this flag here? Don't we want the
-        * userspace to decrypt the session key? */
+       (*new_auth_tok)->flags = 0;
        (*new_auth_tok)->session_key.flags &=
                ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT);
        (*new_auth_tok)->session_key.flags &=
@@ -658,22 +1386,30 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
 
        (*packet_size) = 0;
        (*new_auth_tok) = NULL;
-
-       /* we check that:
-        *   one byte for the Tag 3 ID flag
-        *   two bytes for the body size
-        * do not exceed the maximum_packet_size
+       /**
+        *This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 3
+        *
+        * Tag 3 identifier (1 byte)
+        * Max Tag 3 packet size (max 3 bytes)
+        * Version (1 byte)
+        * Cipher code (1 byte)
+        * S2K specifier (1 byte)
+        * Hash identifier (1 byte)
+        * Salt (ECRYPTFS_SALT_SIZE)
+        * Hash iterations (1 byte)
+        * Encrypted key (arbitrary)
+        *
+        * (ECRYPTFS_SALT_SIZE + 7) minimum packet size
         */
-       if (unlikely((*packet_size) + 3 > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+       if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) {
+               printk(KERN_ERR "Max packet size too large\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* check for Tag 3 identifyer - one byte */
        if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) {
-               ecryptfs_printk(KERN_ERR, "Enter w/ first byte != 0x%.2x\n",
-                               ECRYPTFS_TAG_3_PACKET_TYPE);
+               printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n",
+                      ECRYPTFS_TAG_3_PACKET_TYPE);
                rc = -EINVAL;
                goto out;
        }
@@ -682,58 +1418,48 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
        auth_tok_list_item =
            kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL);
        if (!auth_tok_list_item) {
-               ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n");
+               printk(KERN_ERR "Unable to allocate memory\n");
                rc = -ENOMEM;
                goto out;
        }
        (*new_auth_tok) = &auth_tok_list_item->auth_tok;
-
-       /* check for body size - one to two bytes */
-       rc = parse_packet_length(&data[(*packet_size)], &body_size,
-                                &length_size);
+       rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
+                                         &length_size);
        if (rc) {
-               ecryptfs_printk(KERN_WARNING, "Error parsing packet length; "
-                               "rc = [%d]\n", rc);
+               printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n",
+                      rc);
                goto out_free;
        }
-       if (unlikely(body_size < (0x05 + ECRYPTFS_SALT_SIZE))) {
-               ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n",
-                               body_size);
+       if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) {
+               printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
                rc = -EINVAL;
                goto out_free;
        }
        (*packet_size) += length_size;
-
-       /* now we know the length of the remainting Tag 3 packet size:
-        *   5 fix bytes for: version string, cipher, S2K ID, hash algo,
-        *                    number of hash iterations
-        *   ECRYPTFS_SALT_SIZE bytes for salt
-        *   body_size bytes minus the stuff above is the encrypted key size
-        */
        if (unlikely((*packet_size) + body_size > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+               printk(KERN_ERR "Packet size exceeds max\n");
                rc = -EINVAL;
                goto out_free;
        }
-
-       /* There are 5 characters of additional information in the
-        * packet */
        (*new_auth_tok)->session_key.encrypted_key_size =
-               body_size - (0x05 + ECRYPTFS_SALT_SIZE);
-       ecryptfs_printk(KERN_DEBUG, "Encrypted key size = [%d]\n",
-                       (*new_auth_tok)->session_key.encrypted_key_size);
-
-       /* Version 4 (from RFC2440) - one byte */
+               (body_size - (ECRYPTFS_SALT_SIZE + 5));
+       if ((*new_auth_tok)->session_key.encrypted_key_size
+           > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) {
+               printk(KERN_WARNING "Tag 3 packet contains key larger "
+                      "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES\n");
+               rc = -EINVAL;
+               goto out_free;
+       }
        if (unlikely(data[(*packet_size)++] != 0x04)) {
-               ecryptfs_printk(KERN_DEBUG, "Unknown version number "
-                               "[%d]\n", data[(*packet_size) - 1]);
+               printk(KERN_WARNING "Unknown version number [%d]\n",
+                      data[(*packet_size) - 1]);
                rc = -EINVAL;
                goto out_free;
        }
-
-       /* cipher - one byte */
-       ecryptfs_cipher_code_to_string(crypt_stat->cipher,
-                                      (u16)data[(*packet_size)]);
+       rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
+                                           (u16)data[(*packet_size)]);
+       if (rc)
+               goto out_free;
        /* A little extra work to differentiate among the AES key
         * sizes; see RFC2440 */
        switch(data[(*packet_size)++]) {
@@ -744,34 +1470,29 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
                crypt_stat->key_size =
                        (*new_auth_tok)->session_key.encrypted_key_size;
        }
-       ecryptfs_init_crypt_ctx(crypt_stat);
-       /* S2K identifier 3 (from RFC2440) */
+       rc = ecryptfs_init_crypt_ctx(crypt_stat);
+       if (rc)
+               goto out_free;
        if (unlikely(data[(*packet_size)++] != 0x03)) {
-               ecryptfs_printk(KERN_ERR, "Only S2K ID 3 is currently "
-                               "supported\n");
+               printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
                rc = -ENOSYS;
                goto out_free;
        }
-
        /* TODO: finish the hash mapping */
-       /* hash algorithm - one byte */
        switch (data[(*packet_size)++]) {
        case 0x01: /* See RFC2440 for these numbers and their mappings */
                /* Choose MD5 */
-               /* salt - ECRYPTFS_SALT_SIZE bytes */
                memcpy((*new_auth_tok)->token.password.salt,
                       &data[(*packet_size)], ECRYPTFS_SALT_SIZE);
                (*packet_size) += ECRYPTFS_SALT_SIZE;
-
                /* This conversion was taken straight from RFC2440 */
-               /* number of hash iterations - one byte */
                (*new_auth_tok)->token.password.hash_iterations =
                        ((u32) 16 + (data[(*packet_size)] & 15))
                                << ((data[(*packet_size)] >> 4) + 6);
                (*packet_size)++;
-
-               /* encrypted session key -
-                *   (body_size-5-ECRYPTFS_SALT_SIZE) bytes */
+               /* Friendly reminder:
+                * (*new_auth_tok)->session_key.encrypted_key_size =
+                *         (body_size - (ECRYPTFS_SALT_SIZE + 5)); */
                memcpy((*new_auth_tok)->session_key.encrypted_key,
                       &data[(*packet_size)],
                       (*new_auth_tok)->session_key.encrypted_key_size);
@@ -781,7 +1502,7 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat,
                        ~ECRYPTFS_CONTAINS_DECRYPTED_KEY;
                (*new_auth_tok)->session_key.flags |=
                        ECRYPTFS_CONTAINS_ENCRYPTED_KEY;
-               (*new_auth_tok)->token.password.hash_algo = 0x01;
+               (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */
                break;
        default:
                ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: "
@@ -837,82 +1558,67 @@ parse_tag_11_packet(unsigned char *data, unsigned char *contents,
 
        (*packet_size) = 0;
        (*tag_11_contents_size) = 0;
-
-       /* check that:
-        *   one byte for the Tag 11 ID flag
-        *   two bytes for the Tag 11 length
-        * do not exceed the maximum_packet_size
+       /* This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 11
+        *
+        * Tag 11 identifier (1 byte)
+        * Max Tag 11 packet size (max 3 bytes)
+        * Binary format specifier (1 byte)
+        * Filename length (1 byte)
+        * Filename ("_CONSOLE") (8 bytes)
+        * Modification date (4 bytes)
+        * Literal data (arbitrary)
+        *
+        * We need at least 16 bytes of data for the packet to even be
+        * valid.
         */
-       if (unlikely((*packet_size) + 3 > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+       if (max_packet_size < 16) {
+               printk(KERN_ERR "Maximum packet size too small\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* check for Tag 11 identifyer - one byte */
        if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) {
-               ecryptfs_printk(KERN_WARNING,
-                               "Invalid tag 11 packet format\n");
+               printk(KERN_WARNING "Invalid tag 11 packet format\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* get Tag 11 content length - one or two bytes */
-       rc = parse_packet_length(&data[(*packet_size)], &body_size,
-                                &length_size);
+       rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size,
+                                         &length_size);
        if (rc) {
-               ecryptfs_printk(KERN_WARNING,
-                               "Invalid tag 11 packet format\n");
+               printk(KERN_WARNING "Invalid tag 11 packet format\n");
                goto out;
        }
-       (*packet_size) += length_size;
-
-       if (body_size < 13) {
-               ecryptfs_printk(KERN_WARNING, "Invalid body size ([%d])\n",
-                               body_size);
+       if (body_size < 14) {
+               printk(KERN_WARNING "Invalid body size ([%td])\n", body_size);
                rc = -EINVAL;
                goto out;
        }
-       /* We have 13 bytes of surrounding packet values */
-       (*tag_11_contents_size) = (body_size - 13);
-
-       /* now we know the length of the remainting Tag 11 packet size:
-        *   14 fix bytes for: special flag one, special flag two,
-        *                     12 skipped bytes
-        *   body_size bytes minus the stuff above is the Tag 11 content
-        */
-       /* FIXME why is the body size one byte smaller than the actual
-        * size of the body?
-        * this seems to be an error here as well as in
-        * write_tag_11_packet() */
+       (*packet_size) += length_size;
+       (*tag_11_contents_size) = (body_size - 14);
        if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) {
-               ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
+               printk(KERN_ERR "Packet size exceeds max\n");
+               rc = -EINVAL;
+               goto out;
+       }
+       if (unlikely((*tag_11_contents_size) > max_contents_bytes)) {
+               printk(KERN_ERR "Literal data section in tag 11 packet exceeds "
+                      "expected size\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* special flag one - one byte */
        if (data[(*packet_size)++] != 0x62) {
-               ecryptfs_printk(KERN_WARNING, "Unrecognizable packet\n");
+               printk(KERN_WARNING "Unrecognizable packet\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* special flag two - one byte */
        if (data[(*packet_size)++] != 0x08) {
-               ecryptfs_printk(KERN_WARNING, "Unrecognizable packet\n");
+               printk(KERN_WARNING "Unrecognizable packet\n");
                rc = -EINVAL;
                goto out;
        }
-
-       /* skip the next 12 bytes */
-       (*packet_size) += 12; /* We don't care about the filename or
-                              * the timestamp */
-
-       /* get the Tag 11 contents - tag_11_contents_size bytes */
+       (*packet_size) += 12; /* Ignore filename and modification date */
        memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size));
        (*packet_size) += (*tag_11_contents_size);
-
 out:
        if (rc) {
                (*packet_size) = 0;
@@ -921,130 +1627,128 @@ out:
        return rc;
 }
 
+int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key,
+                                     struct ecryptfs_auth_tok **auth_tok,
+                                     char *sig)
+{
+       int rc = 0;
+
+       (*auth_tok_key) = request_key(&key_type_user, sig, NULL);
+       if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
+               (*auth_tok_key) = ecryptfs_get_encrypted_key(sig);
+               if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
+                       printk(KERN_ERR "Could not find key with description: [%s]\n",
+                             sig);
+                       rc = process_request_key_err(PTR_ERR(*auth_tok_key));
+                       (*auth_tok_key) = NULL;
+                       goto out;
+               }
+       }
+       down_write(&(*auth_tok_key)->sem);
+       rc = ecryptfs_verify_auth_tok_from_key(*auth_tok_key, auth_tok);
+       if (rc) {
+               up_write(&(*auth_tok_key)->sem);
+               key_put(*auth_tok_key);
+               (*auth_tok_key) = NULL;
+               goto out;
+       }
+out:
+       return rc;
+}
+
 /**
- * decrypt_session_key - Decrypt the session key with the given auth_tok.
+ * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok.
+ * @auth_tok: The passphrase authentication token to use to encrypt the FEK
+ * @crypt_stat: The cryptographic context
  *
- * Returns Zero on success; non-zero error otherwise.
+ * Returns zero on success; non-zero error otherwise
  */
-static int decrypt_session_key(struct ecryptfs_auth_tok *auth_tok,
-                              struct ecryptfs_crypt_stat *crypt_stat)
+static int
+decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
+                                        struct ecryptfs_crypt_stat *crypt_stat)
 {
-       struct ecryptfs_password *password_s_ptr;
-       struct scatterlist src_sg[2], dst_sg[2];
-       struct mutex *tfm_mutex = NULL;
-       char *encrypted_session_key;
-       char *session_key;
+       struct scatterlist dst_sg[2];
+       struct scatterlist src_sg[2];
+       struct mutex *tfm_mutex;
        struct blkcipher_desc desc = {
                .flags = CRYPTO_TFM_REQ_MAY_SLEEP
        };
        int rc = 0;
 
-       password_s_ptr = &auth_tok->token.password;
-       if (password_s_ptr->flags & ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET)
-               ecryptfs_printk(KERN_DEBUG, "Session key encryption key "
-                               "set; skipping key generation\n");
-       ecryptfs_printk(KERN_DEBUG, "Session key encryption key (size [%d])"
-                       ":\n",
-                       password_s_ptr->session_key_encryption_key_bytes);
-       if (ecryptfs_verbosity > 0)
-               ecryptfs_dump_hex(password_s_ptr->session_key_encryption_key,
-                                 password_s_ptr->
-                                 session_key_encryption_key_bytes);
-       if (!strcmp(crypt_stat->cipher,
-                   crypt_stat->mount_crypt_stat->global_default_cipher_name)
-           && crypt_stat->mount_crypt_stat->global_key_tfm) {
-               desc.tfm = crypt_stat->mount_crypt_stat->global_key_tfm;
-               tfm_mutex = &crypt_stat->mount_crypt_stat->global_key_tfm_mutex;
-       } else {
-               char *full_alg_name;
-
-               rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
-                                                           crypt_stat->cipher,
-                                                           "ecb");
-               if (rc)
-                       goto out;
-               desc.tfm = crypto_alloc_blkcipher(full_alg_name, 0,
-                                                 CRYPTO_ALG_ASYNC);
-               kfree(full_alg_name);
-               if (IS_ERR(desc.tfm)) {
-                       rc = PTR_ERR(desc.tfm);
-                       printk(KERN_ERR "Error allocating crypto context; "
-                              "rc = [%d]\n", rc);
-                       goto out;
-               }
-               crypto_blkcipher_set_flags(desc.tfm, CRYPTO_TFM_REQ_WEAK_KEY);
+       if (unlikely(ecryptfs_verbosity > 0)) {
+               ecryptfs_printk(
+                       KERN_DEBUG, "Session key encryption key (size [%d]):\n",
+                       auth_tok->token.password.session_key_encryption_key_bytes);
+               ecryptfs_dump_hex(
+                       auth_tok->token.password.session_key_encryption_key,
+                       auth_tok->token.password.session_key_encryption_key_bytes);
+       }
+       rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex,
+                                                       crypt_stat->cipher);
+       if (unlikely(rc)) {
+               printk(KERN_ERR "Internal error whilst attempting to get "
+                      "tfm and mutex for cipher name [%s]; rc = [%d]\n",
+                      crypt_stat->cipher, rc);
+               goto out;
        }
-       if (tfm_mutex)
-               mutex_lock(tfm_mutex);
-       rc = crypto_blkcipher_setkey(desc.tfm,
-                                    password_s_ptr->session_key_encryption_key,
-                                    crypt_stat->key_size);
-       if (rc < 0) {
+       rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key,
+                                auth_tok->session_key.encrypted_key_size,
+                                src_sg, 2);
+       if (rc < 1 || rc > 2) {
+               printk(KERN_ERR "Internal error whilst attempting to convert "
+                       "auth_tok->session_key.encrypted_key to scatterlist; "
+                       "expected rc = 1; got rc = [%d]. "
+                      "auth_tok->session_key.encrypted_key_size = [%d]\n", rc,
+                       auth_tok->session_key.encrypted_key_size);
+               goto out;
+       }
+       auth_tok->session_key.decrypted_key_size =
+               auth_tok->session_key.encrypted_key_size;
+       rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key,
+                                auth_tok->session_key.decrypted_key_size,
+                                dst_sg, 2);
+       if (rc < 1 || rc > 2) {
+               printk(KERN_ERR "Internal error whilst attempting to convert "
+                       "auth_tok->session_key.decrypted_key to scatterlist; "
+                       "expected rc = 1; got rc = [%d]\n", rc);
+               goto out;
+       }
+       mutex_lock(tfm_mutex);
+       rc = crypto_blkcipher_setkey(
+               desc.tfm, auth_tok->token.password.session_key_encryption_key,
+               crypt_stat->key_size);
+       if (unlikely(rc < 0)) {
+               mutex_unlock(tfm_mutex);
                printk(KERN_ERR "Error setting key for crypto context\n");
                rc = -EINVAL;
-               goto out_free_tfm;
-       }
-       /* TODO: virt_to_scatterlist */
-       encrypted_session_key = (char *)__get_free_page(GFP_KERNEL);
-       if (!encrypted_session_key) {
-               ecryptfs_printk(KERN_ERR, "Out of memory\n");
-               rc = -ENOMEM;
-               goto out_free_tfm;
+               goto out;
        }
-       session_key = (char *)__get_free_page(GFP_KERNEL);
-       if (!session_key) {
-               kfree(encrypted_session_key);
-               ecryptfs_printk(KERN_ERR, "Out of memory\n");
-               rc = -ENOMEM;
-               goto out_free_tfm;
-       }
-       memcpy(encrypted_session_key, auth_tok->session_key.encrypted_key,
-              auth_tok->session_key.encrypted_key_size);
-       src_sg[0].page = virt_to_page(encrypted_session_key);
-       src_sg[0].offset = 0;
-       BUG_ON(auth_tok->session_key.encrypted_key_size > PAGE_CACHE_SIZE);
-       src_sg[0].length = auth_tok->session_key.encrypted_key_size;
-       dst_sg[0].page = virt_to_page(session_key);
-       dst_sg[0].offset = 0;
-       auth_tok->session_key.decrypted_key_size =
-           auth_tok->session_key.encrypted_key_size;
-       dst_sg[0].length = auth_tok->session_key.encrypted_key_size;
        rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg,
                                      auth_tok->session_key.encrypted_key_size);
-       if (rc) {
+       mutex_unlock(tfm_mutex);
+       if (unlikely(rc)) {
                printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc);
-               goto out_free_memory;
+               goto out;
        }
-       auth_tok->session_key.decrypted_key_size =
-           auth_tok->session_key.encrypted_key_size;
-       memcpy(auth_tok->session_key.decrypted_key, session_key,
-              auth_tok->session_key.decrypted_key_size);
        auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY;
        memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,
               auth_tok->session_key.decrypted_key_size);
        crypt_stat->flags |= ECRYPTFS_KEY_VALID;
-       ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n");
-       if (ecryptfs_verbosity > 0)
+       if (unlikely(ecryptfs_verbosity > 0)) {
+               ecryptfs_printk(KERN_DEBUG, "FEK of size [%zd]:\n",
+                               crypt_stat->key_size);
                ecryptfs_dump_hex(crypt_stat->key,
                                  crypt_stat->key_size);
-out_free_memory:
-       memset(encrypted_session_key, 0, PAGE_CACHE_SIZE);
-       free_page((unsigned long)encrypted_session_key);
-       memset(session_key, 0, PAGE_CACHE_SIZE);
-       free_page((unsigned long)session_key);
-out_free_tfm:
-       if (tfm_mutex)
-               mutex_unlock(tfm_mutex);
-       else
-               crypto_free_blkcipher(desc.tfm);
+       }
 out:
        return rc;
 }
 
 /**
  * ecryptfs_parse_packet_set
- * @dest: The header page in memory
- * @version: Version of file format, to guide parsing behavior
+ * @crypt_stat: The cryptographic context
+ * @src: Virtual address of region of memory containing the packets
+ * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set
  *
  * Get crypt_stat to have the file's session key if the requisite key
  * is available to decrypt the session key.
@@ -1058,25 +1762,23 @@ int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
                              struct dentry *ecryptfs_dentry)
 {
        size_t i = 0;
-       size_t found_auth_tok = 0;
+       size_t found_auth_tok;
        size_t next_packet_is_auth_tok_packet;
-       char sig[ECRYPTFS_SIG_SIZE_HEX];
        struct list_head auth_tok_list;
-       struct list_head *walker;
-       struct ecryptfs_auth_tok *chosen_auth_tok = NULL;
-       struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
-               &ecryptfs_superblock_to_private(
-                       ecryptfs_dentry->d_sb)->mount_crypt_stat;
-       struct ecryptfs_auth_tok *candidate_auth_tok = NULL;
+       struct ecryptfs_auth_tok *matching_auth_tok;
+       struct ecryptfs_auth_tok *candidate_auth_tok;
+       char *candidate_auth_tok_sig;
        size_t packet_size;
        struct ecryptfs_auth_tok *new_auth_tok;
        unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE];
+       struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
        size_t tag_11_contents_size;
        size_t tag_11_packet_size;
+       struct key *auth_tok_key = NULL;
        int rc = 0;
 
        INIT_LIST_HEAD(&auth_tok_list);
-       /* Parse the header to find as many packets as we can, these will be
+       /* Parse the header to find as many packets as we can; these will be
         * added the our &auth_tok_list */
        next_packet_is_auth_tok_packet = 1;
        while (next_packet_is_auth_tok_packet) {
@@ -1115,7 +1817,7 @@ int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
                        if (ECRYPTFS_SIG_SIZE != tag_11_contents_size) {
                                ecryptfs_printk(KERN_ERR, "Expected "
                                                "signature of size [%d]; "
-                                               "read size [%d]\n",
+                                               "read size [%zd]\n",
                                                ECRYPTFS_SIG_SIZE,
                                                tag_11_contents_size);
                                rc = -EIO;
@@ -1148,80 +1850,99 @@ int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
                        goto out_wipe_list;
                        break;
                default:
-                       ecryptfs_printk(KERN_DEBUG, "No packet at offset "
-                                       "[%d] of the file header; hex value of "
+                       ecryptfs_printk(KERN_DEBUG, "No packet at offset [%zd] "
+                                       "of the file header; hex value of "
                                        "character is [0x%.2x]\n", i, src[i]);
                        next_packet_is_auth_tok_packet = 0;
                }
        }
        if (list_empty(&auth_tok_list)) {
-               rc = -EINVAL; /* Do not support non-encrypted files in
-                              * the 0.1 release */
+               printk(KERN_ERR "The lower file appears to be a non-encrypted "
+                      "eCryptfs file; this is not supported in this version "
+                      "of the eCryptfs kernel module\n");
+               rc = -EINVAL;
                goto out;
        }
-       /* If we have a global auth tok, then we should try to use
-        * it */
-       if (mount_crypt_stat->global_auth_tok) {
-               memcpy(sig, mount_crypt_stat->global_auth_tok_sig,
-                      ECRYPTFS_SIG_SIZE_HEX);
-               chosen_auth_tok = mount_crypt_stat->global_auth_tok;
-       } else
-               BUG(); /* We should always have a global auth tok in
-                       * the 0.1 release */
-       /* Scan list to see if our chosen_auth_tok works */
-       list_for_each(walker, &auth_tok_list) {
-               struct ecryptfs_auth_tok_list_item *auth_tok_list_item;
-               auth_tok_list_item =
-                   list_entry(walker, struct ecryptfs_auth_tok_list_item,
-                              list);
+       /* auth_tok_list contains the set of authentication tokens
+        * parsed from the metadata. We need to find a matching
+        * authentication token that has the secret component(s)
+        * necessary to decrypt the EFEK in the auth_tok parsed from
+        * the metadata. There may be several potential matches, but
+        * just one will be sufficient to decrypt to get the FEK. */
+find_next_matching_auth_tok:
+       found_auth_tok = 0;
+       if (auth_tok_key) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+               auth_tok_key = NULL;
+       }
+       list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) {
                candidate_auth_tok = &auth_tok_list_item->auth_tok;
                if (unlikely(ecryptfs_verbosity > 0)) {
                        ecryptfs_printk(KERN_DEBUG,
                                        "Considering cadidate auth tok:\n");
                        ecryptfs_dump_auth_tok(candidate_auth_tok);
                }
-               /* TODO: Replace ECRYPTFS_SIG_SIZE_HEX w/ dynamic value */
-               if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD
-                   && !strncmp(candidate_auth_tok->token.password.signature,
-                               sig, ECRYPTFS_SIG_SIZE_HEX)) {
-                       found_auth_tok = 1;
-                       goto leave_list;
-                       /* TODO: Transfer the common salt into the
-                        * crypt_stat salt */
-               } else if ((candidate_auth_tok->token_type
-                           == ECRYPTFS_PRIVATE_KEY)
-                          && !strncmp(candidate_auth_tok->token.private_key.signature,
-                                    sig, ECRYPTFS_SIG_SIZE_HEX)) {
+               rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig,
+                                              candidate_auth_tok);
+               if (rc) {
+                       printk(KERN_ERR
+                              "Unrecognized candidate auth tok type: [%d]\n",
+                              candidate_auth_tok->token_type);
+                       rc = -EINVAL;
+                       goto out_wipe_list;
+               }
+               rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+                                              &matching_auth_tok,
+                                              crypt_stat->mount_crypt_stat,
+                                              candidate_auth_tok_sig);
+               if (!rc) {
                        found_auth_tok = 1;
-                       goto leave_list;
+                       goto found_matching_auth_tok;
                }
        }
        if (!found_auth_tok) {
-               ecryptfs_printk(KERN_ERR, "Could not find authentication "
-                               "token on temporary list for sig [%.*s]\n",
-                               ECRYPTFS_SIG_SIZE_HEX, sig);
+               ecryptfs_printk(KERN_ERR, "Could not find a usable "
+                               "authentication token\n");
                rc = -EIO;
                goto out_wipe_list;
        }
-leave_list:
-       rc = -ENOTSUPP;
+found_matching_auth_tok:
        if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
                memcpy(&(candidate_auth_tok->token.private_key),
-                      &(chosen_auth_tok->token.private_key),
+                      &(matching_auth_tok->token.private_key),
                       sizeof(struct ecryptfs_private_key));
-               rc = decrypt_pki_encrypted_session_key(mount_crypt_stat,
-                                                      candidate_auth_tok,
+               rc = decrypt_pki_encrypted_session_key(candidate_auth_tok,
                                                       crypt_stat);
        } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) {
                memcpy(&(candidate_auth_tok->token.password),
-                      &(chosen_auth_tok->token.password),
+                      &(matching_auth_tok->token.password),
                       sizeof(struct ecryptfs_password));
-               rc = decrypt_session_key(candidate_auth_tok, crypt_stat);
+               rc = decrypt_passphrase_encrypted_session_key(
+                       candidate_auth_tok, crypt_stat);
        }
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Error decrypting the "
-                               "session key; rc = [%d]\n", rc);
-               goto out_wipe_list;
+               struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp;
+
+               ecryptfs_printk(KERN_WARNING, "Error decrypting the "
+                               "session key for authentication token with sig "
+                               "[%.*s]; rc = [%d]. Removing auth tok "
+                               "candidate from the list and searching for "
+                               "the next match.\n", ECRYPTFS_SIG_SIZE_HEX,
+                               candidate_auth_tok_sig, rc);
+               list_for_each_entry_safe(auth_tok_list_item,
+                                        auth_tok_list_item_tmp,
+                                        &auth_tok_list, list) {
+                       if (candidate_auth_tok
+                           == &auth_tok_list_item->auth_tok) {
+                               list_del(&auth_tok_list_item->list);
+                               kmem_cache_free(
+                                       ecryptfs_auth_tok_list_item_cache,
+                                       auth_tok_list_item);
+                               goto find_next_matching_auth_tok;
+                       }
+               }
+               BUG();
        }
        rc = ecryptfs_compute_root_iv(crypt_stat);
        if (rc) {
@@ -1238,31 +1959,37 @@ leave_list:
 out_wipe_list:
        wipe_auth_tok_list(&auth_tok_list);
 out:
+       if (auth_tok_key) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+       }
        return rc;
 }
+
 static int
 pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok,
                        struct ecryptfs_crypt_stat *crypt_stat,
                        struct ecryptfs_key_record *key_rec)
 {
        struct ecryptfs_msg_ctx *msg_ctx = NULL;
-       char *netlink_payload;
-       size_t netlink_payload_length;
+       char *payload = NULL;
+       size_t payload_len;
        struct ecryptfs_message *msg;
        int rc;
 
        rc = write_tag_66_packet(auth_tok->token.private_key.signature,
-                                ecryptfs_code_for_cipher_string(crypt_stat),
-                                crypt_stat, &netlink_payload,
-                                &netlink_payload_length);
+                                ecryptfs_code_for_cipher_string(
+                                        crypt_stat->cipher,
+                                        crypt_stat->key_size),
+                                crypt_stat, &payload, &payload_len);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n");
                goto out;
        }
-       rc = ecryptfs_send_message(ecryptfs_transport, netlink_payload,
-                                  netlink_payload_length, &msg_ctx);
+       rc = ecryptfs_send_message(payload, payload_len, &msg_ctx);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Error sending netlink message\n");
+               ecryptfs_printk(KERN_ERR, "Error sending message to "
+                               "ecryptfsd\n");
                goto out;
        }
        rc = ecryptfs_wait_for_response(msg_ctx, &msg);
@@ -1277,29 +2004,31 @@ pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok,
                ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n");
        kfree(msg);
 out:
-       if (netlink_payload)
-               kfree(netlink_payload);
+       kfree(payload);
        return rc;
 }
 /**
  * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet
  * @dest: Buffer into which to write the packet
- * @max: Maximum number of bytes that can be writtn
+ * @remaining_bytes: Maximum number of bytes that can be writtn
+ * @auth_tok: The authentication token used for generating the tag 1 packet
+ * @crypt_stat: The cryptographic context
+ * @key_rec: The key record struct for the tag 1 packet
  * @packet_size: This function will write the number of bytes that end
  *               up constituting the packet; set to zero on error
  *
  * Returns zero on success; non-zero on error.
  */
 static int
-write_tag_1_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
+write_tag_1_packet(char *dest, size_t *remaining_bytes,
+                  struct ecryptfs_auth_tok *auth_tok,
                   struct ecryptfs_crypt_stat *crypt_stat,
-                  struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
                   struct ecryptfs_key_record *key_rec, size_t *packet_size)
 {
        size_t i;
        size_t encrypted_session_key_valid = 0;
-       size_t key_rec_size;
        size_t packet_size_length;
+       size_t max_packet_size;
        int rc = 0;
 
        (*packet_size) = 0;
@@ -1320,8 +2049,8 @@ write_tag_1_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
                        auth_tok->token.private_key.key_size;
        rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Failed to encrypt session key "
-                               "via a pki");
+               printk(KERN_ERR "Failed to encrypt session key via a key "
+                      "module; rc = [%d]\n", rc);
                goto out;
        }
        if (ecryptfs_verbosity > 0) {
@@ -1329,38 +2058,25 @@ write_tag_1_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
                ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size);
        }
 encrypted_session_key_set:
-       /* Now we have a valid key_rec.  Append it to the
-        * key_rec set. */
-       key_rec_size = (sizeof(struct ecryptfs_key_record)
-                       - ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES
-                       + (key_rec->enc_key_size));
-       /* TODO: Include a packet size limit as a parameter to this
-        * function once we have multi-packet headers (for versions
-        * later than 0.1 */
-       if (key_rec_size >= ECRYPTFS_MAX_KEYSET_SIZE) {
-               ecryptfs_printk(KERN_ERR, "Keyset too large\n");
-               rc = -EINVAL;
-               goto out;
-       }
-       /*              ***** TAG 1 Packet Format *****
-        *    | version number                     | 1 byte       |
-        *    | key ID                             | 8 bytes      |
-        *    | public key algorithm               | 1 byte       |
-        *    | encrypted session key              | arbitrary    |
-        */
-       if ((0x02 + ECRYPTFS_SIG_SIZE + key_rec->enc_key_size) >= max) {
-               ecryptfs_printk(KERN_ERR,
-                               "Authentication token is too large\n");
+       /* This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 1 */
+       max_packet_size = (1                         /* Tag 1 identifier */
+                          + 3                       /* Max Tag 1 packet size */
+                          + 1                       /* Version */
+                          + ECRYPTFS_SIG_SIZE       /* Key identifier */
+                          + 1                       /* Cipher identifier */
+                          + key_rec->enc_key_size); /* Encrypted key size */
+       if (max_packet_size > (*remaining_bytes)) {
+               printk(KERN_ERR "Packet length larger than maximum allowable; "
+                      "need up to [%td] bytes, but there are only [%td] "
+                      "available\n", max_packet_size, (*remaining_bytes));
                rc = -EINVAL;
                goto out;
        }
        dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE;
-       /* This format is inspired by OpenPGP; see RFC 2440
-        * packet tag 1 */
-       rc = write_packet_length(&dest[(*packet_size)],
-                                (0x02 + ECRYPTFS_SIG_SIZE +
-                                key_rec->enc_key_size),
-                                &packet_size_length);
+       rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
+                                         (max_packet_size - 4),
+                                         &packet_size_length);
        if (rc) {
                ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet "
                                "header; cannot generate packet length\n");
@@ -1377,13 +2093,15 @@ encrypted_session_key_set:
 out:
        if (rc)
                (*packet_size) = 0;
+       else
+               (*remaining_bytes) -= (*packet_size);
        return rc;
 }
 
 /**
  * write_tag_11_packet
  * @dest: Target into which Tag 11 packet is to be written
- * @max: Maximum packet length
+ * @remaining_bytes: Maximum packet length
  * @contents: Byte array of contents to copy in
  * @contents_length: Number of bytes in contents
  * @packet_length: Length of the Tag 11 packet written; zero on error
@@ -1391,54 +2109,60 @@ out:
  * Returns zero on success; non-zero on error.
  */
 static int
-write_tag_11_packet(char *dest, int max, char *contents, size_t contents_length,
-                   size_t *packet_length)
+write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents,
+                   size_t contents_length, size_t *packet_length)
 {
        size_t packet_size_length;
+       size_t max_packet_size;
        int rc = 0;
 
        (*packet_length) = 0;
-       if ((13 + contents_length) > max) {
+       /* This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 11 */
+       max_packet_size = (1                   /* Tag 11 identifier */
+                          + 3                 /* Max Tag 11 packet size */
+                          + 1                 /* Binary format specifier */
+                          + 1                 /* Filename length */
+                          + 8                 /* Filename ("_CONSOLE") */
+                          + 4                 /* Modification date */
+                          + contents_length); /* Literal data */
+       if (max_packet_size > (*remaining_bytes)) {
+               printk(KERN_ERR "Packet length larger than maximum allowable; "
+                      "need up to [%td] bytes, but there are only [%td] "
+                      "available\n", max_packet_size, (*remaining_bytes));
                rc = -EINVAL;
-               ecryptfs_printk(KERN_ERR, "Packet length larger than "
-                               "maximum allowable\n");
                goto out;
        }
-       /* General packet header */
-       /* Packet tag */
        dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE;
-       /* Packet length */
-       rc = write_packet_length(&dest[(*packet_length)],
-                                (13 + contents_length), &packet_size_length);
+       rc = ecryptfs_write_packet_length(&dest[(*packet_length)],
+                                         (max_packet_size - 4),
+                                         &packet_size_length);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Error generating tag 11 packet "
-                               "header; cannot generate packet length\n");
+               printk(KERN_ERR "Error generating tag 11 packet header; cannot "
+                      "generate packet length. rc = [%d]\n", rc);
                goto out;
        }
        (*packet_length) += packet_size_length;
-       /* Tag 11 specific */
-       /* One-octet field that describes how the data is formatted */
-       dest[(*packet_length)++] = 0x62; /* binary data */
-       /* One-octet filename length followed by filename */
+       dest[(*packet_length)++] = 0x62; /* binary data format specifier */
        dest[(*packet_length)++] = 8;
        memcpy(&dest[(*packet_length)], "_CONSOLE", 8);
        (*packet_length) += 8;
-       /* Four-octet number indicating modification date */
        memset(&dest[(*packet_length)], 0x00, 4);
        (*packet_length) += 4;
-       /* Remainder is literal data */
        memcpy(&dest[(*packet_length)], contents, contents_length);
        (*packet_length) += contents_length;
  out:
        if (rc)
                (*packet_length) = 0;
+       else
+               (*remaining_bytes) -= (*packet_length);
        return rc;
 }
 
 /**
  * write_tag_3_packet
  * @dest: Buffer into which to write the packet
- * @max: Maximum number of bytes that can be written
+ * @remaining_bytes: Maximum number of bytes that can be written
  * @auth_tok: Authentication token
  * @crypt_stat: The cryptographic context
  * @key_rec: encrypted key
@@ -1448,19 +2172,22 @@ write_tag_11_packet(char *dest, int max, char *contents, size_t contents_length,
  * Returns zero on success; non-zero on error.
  */
 static int
-write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
+write_tag_3_packet(char *dest, size_t *remaining_bytes,
+                  struct ecryptfs_auth_tok *auth_tok,
                   struct ecryptfs_crypt_stat *crypt_stat,
                   struct ecryptfs_key_record *key_rec, size_t *packet_size)
 {
        size_t i;
        size_t encrypted_session_key_valid = 0;
        char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES];
-       struct scatterlist dest_sg[2];
+       struct scatterlist dst_sg[2];
        struct scatterlist src_sg[2];
        struct mutex *tfm_mutex = NULL;
-       size_t key_rec_size;
+       u8 cipher_code;
        size_t packet_size_length;
-       size_t cipher_code;
+       size_t max_packet_size;
+       struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
+               crypt_stat->mount_crypt_stat;
        struct blkcipher_desc desc = {
                .tfm = NULL,
                .flags = CRYPTO_TFM_REQ_MAY_SLEEP
@@ -1470,16 +2197,25 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
        (*packet_size) = 0;
        ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature,
                          ECRYPTFS_SIG_SIZE);
-       encrypted_session_key_valid = 0;
-       for (i = 0; i < crypt_stat->key_size; i++)
-               encrypted_session_key_valid |=
-                       auth_tok->session_key.encrypted_key[i];
-       if (encrypted_session_key_valid) {
-               memcpy(key_rec->enc_key,
-                      auth_tok->session_key.encrypted_key,
-                      auth_tok->session_key.encrypted_key_size);
-               goto encrypted_session_key_set;
+       rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex,
+                                                       crypt_stat->cipher);
+       if (unlikely(rc)) {
+               printk(KERN_ERR "Internal error whilst attempting to get "
+                      "tfm and mutex for cipher name [%s]; rc = [%d]\n",
+                      crypt_stat->cipher, rc);
+               goto out;
        }
+       if (mount_crypt_stat->global_default_cipher_key_size == 0) {
+               struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm);
+
+               printk(KERN_WARNING "No key size specified at mount; "
+                      "defaulting to [%d]\n", alg->max_keysize);
+               mount_crypt_stat->global_default_cipher_key_size =
+                       alg->max_keysize;
+       }
+       if (crypt_stat->key_size == 0)
+               crypt_stat->key_size =
+                       mount_crypt_stat->global_default_cipher_key_size;
        if (auth_tok->session_key.encrypted_key_size == 0)
                auth_tok->session_key.encrypted_key_size =
                        crypt_stat->key_size;
@@ -1487,9 +2223,24 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
            && strcmp("aes", crypt_stat->cipher) == 0) {
                memset((crypt_stat->key + 24), 0, 8);
                auth_tok->session_key.encrypted_key_size = 32;
-       }
+       } else
+               auth_tok->session_key.encrypted_key_size = crypt_stat->key_size;
        key_rec->enc_key_size =
                auth_tok->session_key.encrypted_key_size;
+       encrypted_session_key_valid = 0;
+       for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++)
+               encrypted_session_key_valid |=
+                       auth_tok->session_key.encrypted_key[i];
+       if (encrypted_session_key_valid) {
+               ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; "
+                               "using auth_tok->session_key.encrypted_key, "
+                               "where key_rec->enc_key_size = [%zd]\n",
+                               key_rec->enc_key_size);
+               memcpy(key_rec->enc_key,
+                      auth_tok->session_key.encrypted_key,
+                      key_rec->enc_key_size);
+               goto encrypted_session_key_set;
+       }
        if (auth_tok->token.password.flags &
            ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) {
                ecryptfs_printk(KERN_DEBUG, "Using previously generated "
@@ -1500,7 +2251,7 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
                       auth_tok->token.password.session_key_encryption_key,
                       crypt_stat->key_size);
                ecryptfs_printk(KERN_DEBUG,
-                               "Cached session key " "encryption key: \n");
+                               "Cached session key encryption key:\n");
                if (ecryptfs_verbosity > 0)
                        ecryptfs_dump_hex(session_key_encryption_key, 16);
        }
@@ -1508,112 +2259,89 @@ write_tag_3_packet(char *dest, size_t max, struct ecryptfs_auth_tok *auth_tok,
                ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n");
                ecryptfs_dump_hex(session_key_encryption_key, 16);
        }
-       rc = virt_to_scatterlist(crypt_stat->key,
-                                key_rec->enc_key_size, src_sg, 2);
-       if (!rc) {
+       rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size,
+                                src_sg, 2);
+       if (rc < 1 || rc > 2) {
                ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
-                               "for crypt_stat session key\n");
+                               "for crypt_stat session key; expected rc = 1; "
+                               "got rc = [%d]. key_rec->enc_key_size = [%zd]\n",
+                               rc, key_rec->enc_key_size);
                rc = -ENOMEM;
                goto out;
        }
-       rc = virt_to_scatterlist(key_rec->enc_key,
-                                key_rec->enc_key_size, dest_sg, 2);
-       if (!rc) {
+       rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size,
+                                dst_sg, 2);
+       if (rc < 1 || rc > 2) {
                ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
-                               "for crypt_stat encrypted session key\n");
+                               "for crypt_stat encrypted session key; "
+                               "expected rc = 1; got rc = [%d]. "
+                               "key_rec->enc_key_size = [%zd]\n", rc,
+                               key_rec->enc_key_size);
                rc = -ENOMEM;
                goto out;
        }
-       if (!strcmp(crypt_stat->cipher,
-                   crypt_stat->mount_crypt_stat->global_default_cipher_name)
-           && crypt_stat->mount_crypt_stat->global_key_tfm) {
-               desc.tfm = crypt_stat->mount_crypt_stat->global_key_tfm;
-               tfm_mutex = &crypt_stat->mount_crypt_stat->global_key_tfm_mutex;
-       } else {
-               char *full_alg_name;
-
-               rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
-                                                           crypt_stat->cipher,
-                                                           "ecb");
-               if (rc)
-                       goto out;
-               desc.tfm = crypto_alloc_blkcipher(full_alg_name, 0,
-                                                 CRYPTO_ALG_ASYNC);
-               kfree(full_alg_name);
-               if (IS_ERR(desc.tfm)) {
-                       rc = PTR_ERR(desc.tfm);
-                       ecryptfs_printk(KERN_ERR, "Could not initialize crypto "
-                                       "context for cipher [%s]; rc = [%d]\n",
-                                       crypt_stat->cipher, rc);
-                       goto out;
-               }
-               crypto_blkcipher_set_flags(desc.tfm, CRYPTO_TFM_REQ_WEAK_KEY);
-       }
-       if (tfm_mutex)
-               mutex_lock(tfm_mutex);
+       mutex_lock(tfm_mutex);
        rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key,
                                     crypt_stat->key_size);
        if (rc < 0) {
-               if (tfm_mutex)
-                       mutex_unlock(tfm_mutex);
+               mutex_unlock(tfm_mutex);
                ecryptfs_printk(KERN_ERR, "Error setting key for crypto "
                                "context; rc = [%d]\n", rc);
                goto out;
        }
        rc = 0;
-       ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n",
+       ecryptfs_printk(KERN_DEBUG, "Encrypting [%zd] bytes of the key\n",
                        crypt_stat->key_size);
-       rc = crypto_blkcipher_encrypt(&desc, dest_sg, src_sg,
+       rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg,
                                      (*key_rec).enc_key_size);
+       mutex_unlock(tfm_mutex);
        if (rc) {
                printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc);
                goto out;
        }
-       if (tfm_mutex)
-               mutex_unlock(tfm_mutex);
        ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n");
-       if (ecryptfs_verbosity > 0)
+       if (ecryptfs_verbosity > 0) {
+               ecryptfs_printk(KERN_DEBUG, "EFEK of size [%zd]:\n",
+                               key_rec->enc_key_size);
                ecryptfs_dump_hex(key_rec->enc_key,
                                  key_rec->enc_key_size);
-encrypted_session_key_set:
-       /* Now we have a valid key_rec.  Append it to the
-        * key_rec set. */
-       key_rec_size = (sizeof(struct ecryptfs_key_record)
-                       - ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES
-                       + (key_rec->enc_key_size));
-       /* TODO: Include a packet size limit as a parameter to this
-        * function once we have multi-packet headers (for versions
-        * later than 0.1 */
-       if (key_rec_size >= ECRYPTFS_MAX_KEYSET_SIZE) {
-               ecryptfs_printk(KERN_ERR, "Keyset too large\n");
-               rc = -EINVAL;
-               goto out;
        }
-       /* TODO: Packet size limit */
-       /* We have 5 bytes of surrounding packet data */
-       if ((0x05 + ECRYPTFS_SALT_SIZE
-            + key_rec->enc_key_size) >= max) {
-               ecryptfs_printk(KERN_ERR, "Authentication token is too "
-                               "large\n");
+encrypted_session_key_set:
+       /* This format is inspired by OpenPGP; see RFC 2440
+        * packet tag 3 */
+       max_packet_size = (1                         /* Tag 3 identifier */
+                          + 3                       /* Max Tag 3 packet size */
+                          + 1                       /* Version */
+                          + 1                       /* Cipher code */
+                          + 1                       /* S2K specifier */
+                          + 1                       /* Hash identifier */
+                          + ECRYPTFS_SALT_SIZE      /* Salt */
+                          + 1                       /* Hash iterations */
+                          + key_rec->enc_key_size); /* Encrypted key size */
+       if (max_packet_size > (*remaining_bytes)) {
+               printk(KERN_ERR "Packet too large; need up to [%td] bytes, but "
+                      "there are only [%td] available\n", max_packet_size,
+                      (*remaining_bytes));
                rc = -EINVAL;
                goto out;
        }
-       /* This format is inspired by OpenPGP; see RFC 2440
-        * packet tag 3 */
        dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE;
-       /* ver+cipher+s2k+hash+salt+iter+enc_key */
-       rc = write_packet_length(&dest[(*packet_size)],
-                                (0x05 + ECRYPTFS_SALT_SIZE
-                                 + key_rec->enc_key_size),
-                                &packet_size_length);
+       /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3)
+        * to get the number of octets in the actual Tag 3 packet */
+       rc = ecryptfs_write_packet_length(&dest[(*packet_size)],
+                                         (max_packet_size - 4),
+                                         &packet_size_length);
        if (rc) {
-               ecryptfs_printk(KERN_ERR, "Error generating tag 3 packet "
-                               "header; cannot generate packet length\n");
+               printk(KERN_ERR "Error generating tag 3 packet header; cannot "
+                      "generate packet length. rc = [%d]\n", rc);
                goto out;
        }
        (*packet_size) += packet_size_length;
        dest[(*packet_size)++] = 0x04; /* version 4 */
-       cipher_code = ecryptfs_code_for_cipher_string(crypt_stat);
+       /* TODO: Break from RFC2440 so that arbitrary ciphers can be
+        * specified with strings */
+       cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher,
+                                                     crypt_stat->key_size);
        if (cipher_code == 0) {
                ecryptfs_printk(KERN_WARNING, "Unable to generate code for "
                                "cipher [%s]\n", crypt_stat->cipher);
@@ -1631,16 +2359,18 @@ encrypted_session_key_set:
               key_rec->enc_key_size);
        (*packet_size) += key_rec->enc_key_size;
 out:
-       if (desc.tfm && !tfm_mutex)
-               crypto_free_blkcipher(desc.tfm);
        if (rc)
                (*packet_size) = 0;
+       else
+               (*remaining_bytes) -= (*packet_size);
        return rc;
 }
 
+struct kmem_cache *ecryptfs_key_record_cache;
+
 /**
  * ecryptfs_generate_key_packet_set
- * @dest: Virtual address from which to write the key record set
+ * @dest_base: Virtual address from which to write the key record set
  * @crypt_stat: The cryptographic context from which the
  *              authentication tokens will be retrieved
  * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat
@@ -1660,65 +2390,141 @@ ecryptfs_generate_key_packet_set(char *dest_base,
                                 size_t max)
 {
        struct ecryptfs_auth_tok *auth_tok;
+       struct key *auth_tok_key = NULL;
        struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
                &ecryptfs_superblock_to_private(
                        ecryptfs_dentry->d_sb)->mount_crypt_stat;
        size_t written;
-       struct ecryptfs_key_record key_rec;
+       struct ecryptfs_key_record *key_rec;
+       struct ecryptfs_key_sig *key_sig;
        int rc = 0;
 
        (*len) = 0;
-       if (mount_crypt_stat->global_auth_tok) {
-               auth_tok = mount_crypt_stat->global_auth_tok;
+       mutex_lock(&crypt_stat->keysig_list_mutex);
+       key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL);
+       if (!key_rec) {
+               rc = -ENOMEM;
+               goto out;
+       }
+       list_for_each_entry(key_sig, &crypt_stat->keysig_list,
+                           crypt_stat_list) {
+               memset(key_rec, 0, sizeof(*key_rec));
+               rc = ecryptfs_find_global_auth_tok_for_sig(&auth_tok_key,
+                                                          &auth_tok,
+                                                          mount_crypt_stat,
+                                                          key_sig->keysig);
+               if (rc) {
+                       printk(KERN_WARNING "Unable to retrieve auth tok with "
+                              "sig = [%s]\n", key_sig->keysig);
+                       rc = process_find_global_auth_tok_for_sig_err(rc);
+                       goto out_free;
+               }
                if (auth_tok->token_type == ECRYPTFS_PASSWORD) {
                        rc = write_tag_3_packet((dest_base + (*len)),
-                                               max, auth_tok,
-                                               crypt_stat, &key_rec,
+                                               &max, auth_tok,
+                                               crypt_stat, key_rec,
                                                &written);
                        if (rc) {
                                ecryptfs_printk(KERN_WARNING, "Error "
                                                "writing tag 3 packet\n");
-                               goto out;
+                               goto out_free;
                        }
                        (*len) += written;
                        /* Write auth tok signature packet */
-                       rc = write_tag_11_packet(
-                               (dest_base + (*len)),
-                               (max - (*len)),
-                               key_rec.sig, ECRYPTFS_SIG_SIZE, &written);
+                       rc = write_tag_11_packet((dest_base + (*len)), &max,
+                                                key_rec->sig,
+                                                ECRYPTFS_SIG_SIZE, &written);
                        if (rc) {
                                ecryptfs_printk(KERN_ERR, "Error writing "
                                                "auth tok signature packet\n");
-                               goto out;
+                               goto out_free;
                        }
                        (*len) += written;
                } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
                        rc = write_tag_1_packet(dest_base + (*len),
-                                               max, auth_tok,
-                                               crypt_stat,mount_crypt_stat,
-                                               &key_rec, &written);
+                                               &max, auth_tok,
+                                               crypt_stat, key_rec, &written);
                        if (rc) {
                                ecryptfs_printk(KERN_WARNING, "Error "
                                                "writing tag 1 packet\n");
-                               goto out;
+                               goto out_free;
                        }
                        (*len) += written;
                } else {
                        ecryptfs_printk(KERN_WARNING, "Unsupported "
                                        "authentication token type\n");
                        rc = -EINVAL;
-                       goto out;
+                       goto out_free;
                }
-       } else
-               BUG();
-       if (likely((max - (*len)) > 0)) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+               auth_tok_key = NULL;
+       }
+       if (likely(max > 0)) {
                dest_base[(*len)] = 0x00;
        } else {
                ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n");
                rc = -EIO;
        }
+out_free:
+       kmem_cache_free(ecryptfs_key_record_cache, key_rec);
 out:
        if (rc)
                (*len) = 0;
+       if (auth_tok_key) {
+               up_write(&(auth_tok_key->sem));
+               key_put(auth_tok_key);
+       }
+
+       mutex_unlock(&crypt_stat->keysig_list_mutex);
+       return rc;
+}
+
+struct kmem_cache *ecryptfs_key_sig_cache;
+
+int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig)
+{
+       struct ecryptfs_key_sig *new_key_sig;
+
+       new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL);
+       if (!new_key_sig) {
+               printk(KERN_ERR
+                      "Error allocating from ecryptfs_key_sig_cache\n");
+               return -ENOMEM;
+       }
+       memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX);
+       new_key_sig->keysig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+       /* Caller must hold keysig_list_mutex */
+       list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list);
+
+       return 0;
+}
+
+struct kmem_cache *ecryptfs_global_auth_tok_cache;
+
+int
+ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
+                            char *sig, u32 global_auth_tok_flags)
+{
+       struct ecryptfs_global_auth_tok *new_auth_tok;
+       int rc = 0;
+
+       new_auth_tok = kmem_cache_zalloc(ecryptfs_global_auth_tok_cache,
+                                       GFP_KERNEL);
+       if (!new_auth_tok) {
+               rc = -ENOMEM;
+               printk(KERN_ERR "Error allocating from "
+                      "ecryptfs_global_auth_tok_cache\n");
+               goto out;
+       }
+       memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX);
+       new_auth_tok->flags = global_auth_tok_flags;
+       new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
+       mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
+       list_add(&new_auth_tok->mount_crypt_stat_list,
+                &mount_crypt_stat->global_auth_tok_list);
+       mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
+out:
        return rc;
 }
+