| ecryptfs_kernel.h (9c79f34f7ee71cd28272332b424ca64b2be006ab) | ecryptfs_kernel.h (a34f60f748c6fe5d791e9b54cffe442201428254) |
|---|---|
| 1/** 2 * eCryptfs: Linux filesystem encryption layer 3 * Kernel declarations. 4 * 5 * Copyright (C) 1997-2003 Erez Zadok 6 * Copyright (C) 2001-2003 Stony Brook University 7 * Copyright (C) 2004-2008 International Business Machines Corp. 8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> --- 37 unchanged lines hidden (view full) --- 46 * how to behave. */ 47#define ECRYPTFS_VERSIONING_PASSPHRASE 0x00000001 48#define ECRYPTFS_VERSIONING_PUBKEY 0x00000002 49#define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004 50#define ECRYPTFS_VERSIONING_POLICY 0x00000008 51#define ECRYPTFS_VERSIONING_XATTR 0x00000010 52#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020 53#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040 | 1/** 2 * eCryptfs: Linux filesystem encryption layer 3 * Kernel declarations. 4 * 5 * Copyright (C) 1997-2003 Erez Zadok 6 * Copyright (C) 2001-2003 Stony Brook University 7 * Copyright (C) 2004-2008 International Business Machines Corp. 8 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> --- 37 unchanged lines hidden (view full) --- 46 * how to behave. */ 47#define ECRYPTFS_VERSIONING_PASSPHRASE 0x00000001 48#define ECRYPTFS_VERSIONING_PUBKEY 0x00000002 49#define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004 50#define ECRYPTFS_VERSIONING_POLICY 0x00000008 51#define ECRYPTFS_VERSIONING_XATTR 0x00000010 52#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020 53#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040 |
| 54#define ECRYPTFS_VERSIONING_HMAC 0x00000080 55#define ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION 0x00000100 56#define ECRYPTFS_VERSIONING_GCM 0x00000200 |
|
| 54#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \ 55 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \ 56 | ECRYPTFS_VERSIONING_PUBKEY \ 57 | ECRYPTFS_VERSIONING_XATTR \ 58 | ECRYPTFS_VERSIONING_MULTKEY \ | 57#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \ 58 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \ 59 | ECRYPTFS_VERSIONING_PUBKEY \ 60 | ECRYPTFS_VERSIONING_XATTR \ 61 | ECRYPTFS_VERSIONING_MULTKEY \ |
| 59 | ECRYPTFS_VERSIONING_DEVMISC) | 62 | ECRYPTFS_VERSIONING_DEVMISC \ 63 | ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION) |
| 60#define ECRYPTFS_MAX_PASSWORD_LENGTH 64 61#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH 62#define ECRYPTFS_SALT_SIZE 8 63#define ECRYPTFS_SALT_SIZE_HEX (ECRYPTFS_SALT_SIZE*2) 64/* The original signature size is only for what is stored on disk; all 65 * in-memory representations are expanded hex, so it better adapted to 66 * be passed around or referenced on the command line */ 67#define ECRYPTFS_SIG_SIZE 8 --- 159 unchanged lines hidden (view full) --- 227#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24 228#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32) 229 230struct ecryptfs_key_sig { 231 struct list_head crypt_stat_list; 232 char keysig[ECRYPTFS_SIG_SIZE_HEX]; 233}; 234 | 64#define ECRYPTFS_MAX_PASSWORD_LENGTH 64 65#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH 66#define ECRYPTFS_SALT_SIZE 8 67#define ECRYPTFS_SALT_SIZE_HEX (ECRYPTFS_SALT_SIZE*2) 68/* The original signature size is only for what is stored on disk; all 69 * in-memory representations are expanded hex, so it better adapted to 70 * be passed around or referenced on the command line */ 71#define ECRYPTFS_SIG_SIZE 8 --- 159 unchanged lines hidden (view full) --- 231#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24 232#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32) 233 234struct ecryptfs_key_sig { 235 struct list_head crypt_stat_list; 236 char keysig[ECRYPTFS_SIG_SIZE_HEX]; 237}; 238 |
| 239struct ecryptfs_filename { 240 struct list_head crypt_stat_list; 241#define ECRYPTFS_FILENAME_CONTAINS_DECRYPTED 0x00000001 242 u32 flags; 243 u32 seq_no; 244 char *filename; 245 char *encrypted_filename; 246 size_t filename_size; 247 size_t encrypted_filename_size; 248 char fnek_sig[ECRYPTFS_SIG_SIZE_HEX]; 249 char dentry_name[ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN + 1]; 250}; 251 |
|
| 235/** 236 * This is the primary struct associated with each encrypted file. 237 * 238 * TODO: cache align/pack? 239 */ 240struct ecryptfs_crypt_stat { | 252/** 253 * This is the primary struct associated with each encrypted file. 254 * 255 * TODO: cache align/pack? 256 */ 257struct ecryptfs_crypt_stat { |
| 241#define ECRYPTFS_STRUCT_INITIALIZED 0x00000001 242#define ECRYPTFS_POLICY_APPLIED 0x00000002 243#define ECRYPTFS_NEW_FILE 0x00000004 244#define ECRYPTFS_ENCRYPTED 0x00000008 245#define ECRYPTFS_SECURITY_WARNING 0x00000010 246#define ECRYPTFS_ENABLE_HMAC 0x00000020 247#define ECRYPTFS_ENCRYPT_IV_PAGES 0x00000040 248#define ECRYPTFS_KEY_VALID 0x00000080 249#define ECRYPTFS_METADATA_IN_XATTR 0x00000100 250#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200 251#define ECRYPTFS_KEY_SET 0x00000400 | 258#define ECRYPTFS_STRUCT_INITIALIZED 0x00000001 259#define ECRYPTFS_POLICY_APPLIED 0x00000002 260#define ECRYPTFS_NEW_FILE 0x00000004 261#define ECRYPTFS_ENCRYPTED 0x00000008 262#define ECRYPTFS_SECURITY_WARNING 0x00000010 263#define ECRYPTFS_ENABLE_HMAC 0x00000020 264#define ECRYPTFS_ENCRYPT_IV_PAGES 0x00000040 265#define ECRYPTFS_KEY_VALID 0x00000080 266#define ECRYPTFS_METADATA_IN_XATTR 0x00000100 267#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200 268#define ECRYPTFS_KEY_SET 0x00000400 269#define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800 270#define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000 271#define ECRYPTFS_ENCFN_USE_FEK 0x00002000 |
| 252 u32 flags; 253 unsigned int file_version; 254 size_t iv_bytes; 255 size_t num_header_bytes_at_front; 256 size_t extent_size; /* Data extent size; default is 4096 */ 257 size_t key_size; 258 size_t extent_shift; 259 unsigned int extent_mask; --- 332 unchanged lines hidden (view full) --- 592 struct mutex mux; 593 struct list_head kthread_ctl_list; 594}; 595 596#define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001 597int ecryptfs_interpose(struct dentry *hidden_dentry, 598 struct dentry *this_dentry, struct super_block *sb, 599 u32 flags); | 272 u32 flags; 273 unsigned int file_version; 274 size_t iv_bytes; 275 size_t num_header_bytes_at_front; 276 size_t extent_size; /* Data extent size; default is 4096 */ 277 size_t key_size; 278 size_t extent_shift; 279 unsigned int extent_mask; --- 332 unchanged lines hidden (view full) --- 612 struct mutex mux; 613 struct list_head kthread_ctl_list; 614}; 615 616#define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001 617int ecryptfs_interpose(struct dentry *hidden_dentry, 618 struct dentry *this_dentry, struct super_block *sb, 619 u32 flags); |
| 620int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry, 621 struct dentry *lower_dentry, 622 struct ecryptfs_crypt_stat *crypt_stat, 623 struct inode *ecryptfs_dir_inode, 624 struct nameidata *ecryptfs_nd); 625int ecryptfs_decode_and_decrypt_filename(char **decrypted_name, 626 size_t *decrypted_name_size, 627 struct dentry *ecryptfs_dentry, 628 const char *name, size_t name_size); |
|
| 600int ecryptfs_fill_zeros(struct file *file, loff_t new_length); 601int ecryptfs_decode_filename(struct ecryptfs_crypt_stat *crypt_stat, 602 const char *name, int length, 603 char **decrypted_name); 604int ecryptfs_encode_filename(struct ecryptfs_crypt_stat *crypt_stat, 605 const char *name, int length, 606 char **encoded_name); | 629int ecryptfs_fill_zeros(struct file *file, loff_t new_length); 630int ecryptfs_decode_filename(struct ecryptfs_crypt_stat *crypt_stat, 631 const char *name, int length, 632 char **decrypted_name); 633int ecryptfs_encode_filename(struct ecryptfs_crypt_stat *crypt_stat, 634 const char *name, int length, 635 char **encoded_name); |
| 636int ecryptfs_encrypt_and_encode_filename( 637 char **encoded_name, 638 size_t *encoded_name_size, 639 struct ecryptfs_crypt_stat *crypt_stat, 640 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 641 const char *name, size_t name_size); |
|
| 607struct dentry *ecryptfs_lower_dentry(struct dentry *this_dentry); 608void ecryptfs_dump_hex(char *data, int bytes); 609int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg, 610 int sg_size); 611int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat); 612void ecryptfs_rotate_iv(unsigned char *iv); 613void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); 614void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); --- 110 unchanged lines hidden (view full) --- 725 size_t *packet_size, 726 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 727 char *filename, size_t filename_size); 728int 729ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 730 size_t *packet_size, 731 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 732 char *data, size_t max_packet_size); | 642struct dentry *ecryptfs_lower_dentry(struct dentry *this_dentry); 643void ecryptfs_dump_hex(char *data, int bytes); 644int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg, 645 int sg_size); 646int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat); 647void ecryptfs_rotate_iv(unsigned char *iv); 648void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); 649void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat); --- 110 unchanged lines hidden (view full) --- 760 size_t *packet_size, 761 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 762 char *filename, size_t filename_size); 763int 764ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 765 size_t *packet_size, 766 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 767 char *data, size_t max_packet_size); |
| 768int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, 769 loff_t offset); |
|
| 733 734#endif /* #ifndef ECRYPTFS_KERNEL_H */ | 770 771#endif /* #ifndef ECRYPTFS_KERNEL_H */ |