xref: /openbmc/linux/fs/crypto/policy.c (revision 41b2ad80) 
1b2441318SGreg Kroah-Hartman // SPDX-License-Identifier: GPL-2.0
20b81d077SJaegeuk Kim /*
30b81d077SJaegeuk Kim  * Encryption policy functions for per-file encryption support.
40b81d077SJaegeuk Kim  *
50b81d077SJaegeuk Kim  * Copyright (C) 2015, Google, Inc.
60b81d077SJaegeuk Kim  * Copyright (C) 2015, Motorola Mobility.
70b81d077SJaegeuk Kim  *
85dae460cSEric Biggers  * Originally written by Michael Halcrow, 2015.
90b81d077SJaegeuk Kim  * Modified by Jaegeuk Kim, 2015.
105dae460cSEric Biggers  * Modified by Eric Biggers, 2019 for v2 policy support.
110b81d077SJaegeuk Kim  */
120b81d077SJaegeuk Kim 
13218d921bSEric Biggers #include <linux/fs_context.h>
140b81d077SJaegeuk Kim #include <linux/random.h>
15ed318a6cSEric Biggers #include <linux/seq_file.h>
160b81d077SJaegeuk Kim #include <linux/string.h>
17ba63f23dSEric Biggers #include <linux/mount.h>
18cc4e0df0STheodore Ts'o #include "fscrypt_private.h"
190b81d077SJaegeuk Kim 
205dae460cSEric Biggers /**
21d2fe9754SEric Biggers  * fscrypt_policies_equal() - check whether two encryption policies are the same
22d2fe9754SEric Biggers  * @policy1: the first policy
23d2fe9754SEric Biggers  * @policy2: the second policy
245dae460cSEric Biggers  *
255dae460cSEric Biggers  * Return: %true if equal, else %false
260b81d077SJaegeuk Kim  */
fscrypt_policies_equal(const union fscrypt_policy * policy1,const union fscrypt_policy * policy2)275dae460cSEric Biggers bool fscrypt_policies_equal(const union fscrypt_policy *policy1,
285dae460cSEric Biggers 			    const union fscrypt_policy *policy2)
290b81d077SJaegeuk Kim {
305dae460cSEric Biggers 	if (policy1->version != policy2->version)
315dae460cSEric Biggers 		return false;
325dae460cSEric Biggers 
335dae460cSEric Biggers 	return !memcmp(policy1, policy2, fscrypt_policy_size(policy1));
340b81d077SJaegeuk Kim }
350b81d077SJaegeuk Kim 
fscrypt_policy_to_key_spec(const union fscrypt_policy * policy,struct fscrypt_key_specifier * key_spec)36bfb9700bSEric Biggers int fscrypt_policy_to_key_spec(const union fscrypt_policy *policy,
37bfb9700bSEric Biggers 			       struct fscrypt_key_specifier *key_spec)
38bfb9700bSEric Biggers {
39bfb9700bSEric Biggers 	switch (policy->version) {
40bfb9700bSEric Biggers 	case FSCRYPT_POLICY_V1:
41bfb9700bSEric Biggers 		key_spec->type = FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR;
42bfb9700bSEric Biggers 		memcpy(key_spec->u.descriptor, policy->v1.master_key_descriptor,
43bfb9700bSEric Biggers 		       FSCRYPT_KEY_DESCRIPTOR_SIZE);
44bfb9700bSEric Biggers 		return 0;
45bfb9700bSEric Biggers 	case FSCRYPT_POLICY_V2:
46bfb9700bSEric Biggers 		key_spec->type = FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER;
47bfb9700bSEric Biggers 		memcpy(key_spec->u.identifier, policy->v2.master_key_identifier,
48bfb9700bSEric Biggers 		       FSCRYPT_KEY_IDENTIFIER_SIZE);
49bfb9700bSEric Biggers 		return 0;
50bfb9700bSEric Biggers 	default:
51*41b2ad80SEric Biggers 		WARN_ON_ONCE(1);
52bfb9700bSEric Biggers 		return -EINVAL;
53bfb9700bSEric Biggers 	}
54bfb9700bSEric Biggers }
55bfb9700bSEric Biggers 
fscrypt_get_dummy_policy(struct super_block * sb)5660e463f0SEric Biggers const union fscrypt_policy *fscrypt_get_dummy_policy(struct super_block *sb)
57ac4acb1fSEric Biggers {
58ac4acb1fSEric Biggers 	if (!sb->s_cop->get_dummy_policy)
59ac4acb1fSEric Biggers 		return NULL;
60ac4acb1fSEric Biggers 	return sb->s_cop->get_dummy_policy(sb);
61ac4acb1fSEric Biggers }
62ac4acb1fSEric Biggers 
63aa997990SEric Biggers /*
64aa997990SEric Biggers  * Return %true if the given combination of encryption modes is supported for v1
65aa997990SEric Biggers  * (and later) encryption policies.
66aa997990SEric Biggers  *
67aa997990SEric Biggers  * Do *not* add anything new here, since v1 encryption policies are deprecated.
68aa997990SEric Biggers  * New combinations of modes should go in fscrypt_valid_enc_modes_v2() only.
69aa997990SEric Biggers  */
fscrypt_valid_enc_modes_v1(u32 contents_mode,u32 filenames_mode)706b2a51ffSNathan Huckleberry static bool fscrypt_valid_enc_modes_v1(u32 contents_mode, u32 filenames_mode)
71ef5b18b0SEric Biggers {
72ef5b18b0SEric Biggers 	if (contents_mode == FSCRYPT_MODE_AES_256_XTS &&
73ef5b18b0SEric Biggers 	    filenames_mode == FSCRYPT_MODE_AES_256_CTS)
74ef5b18b0SEric Biggers 		return true;
75ef5b18b0SEric Biggers 
76ef5b18b0SEric Biggers 	if (contents_mode == FSCRYPT_MODE_AES_128_CBC &&
77ef5b18b0SEric Biggers 	    filenames_mode == FSCRYPT_MODE_AES_128_CTS)
78ef5b18b0SEric Biggers 		return true;
79ef5b18b0SEric Biggers 
80ef5b18b0SEric Biggers 	if (contents_mode == FSCRYPT_MODE_ADIANTUM &&
81ef5b18b0SEric Biggers 	    filenames_mode == FSCRYPT_MODE_ADIANTUM)
82ef5b18b0SEric Biggers 		return true;
83ef5b18b0SEric Biggers 
84ef5b18b0SEric Biggers 	return false;
85ef5b18b0SEric Biggers }
86ef5b18b0SEric Biggers 
fscrypt_valid_enc_modes_v2(u32 contents_mode,u32 filenames_mode)876b2a51ffSNathan Huckleberry static bool fscrypt_valid_enc_modes_v2(u32 contents_mode, u32 filenames_mode)
886b2a51ffSNathan Huckleberry {
896b2a51ffSNathan Huckleberry 	if (contents_mode == FSCRYPT_MODE_AES_256_XTS &&
906b2a51ffSNathan Huckleberry 	    filenames_mode == FSCRYPT_MODE_AES_256_HCTR2)
916b2a51ffSNathan Huckleberry 		return true;
92e0cefadaSTianjia Zhang 
93e0cefadaSTianjia Zhang 	if (contents_mode == FSCRYPT_MODE_SM4_XTS &&
94e0cefadaSTianjia Zhang 	    filenames_mode == FSCRYPT_MODE_SM4_CTS)
95e0cefadaSTianjia Zhang 		return true;
96e0cefadaSTianjia Zhang 
976b2a51ffSNathan Huckleberry 	return fscrypt_valid_enc_modes_v1(contents_mode, filenames_mode);
986b2a51ffSNathan Huckleberry }
996b2a51ffSNathan Huckleberry 
supported_direct_key_modes(const struct inode * inode,u32 contents_mode,u32 filenames_mode)10085af90e5SEric Biggers static bool supported_direct_key_modes(const struct inode *inode,
10185af90e5SEric Biggers 				       u32 contents_mode, u32 filenames_mode)
10285af90e5SEric Biggers {
10385af90e5SEric Biggers 	const struct fscrypt_mode *mode;
10485af90e5SEric Biggers 
10585af90e5SEric Biggers 	if (contents_mode != filenames_mode) {
10685af90e5SEric Biggers 		fscrypt_warn(inode,
10785af90e5SEric Biggers 			     "Direct key flag not allowed with different contents and filenames modes");
10885af90e5SEric Biggers 		return false;
10985af90e5SEric Biggers 	}
11085af90e5SEric Biggers 	mode = &fscrypt_modes[contents_mode];
11185af90e5SEric Biggers 
11285af90e5SEric Biggers 	if (mode->ivsize < offsetofend(union fscrypt_iv, nonce)) {
11385af90e5SEric Biggers 		fscrypt_warn(inode, "Direct key flag not allowed with %s",
11485af90e5SEric Biggers 			     mode->friendly_name);
11585af90e5SEric Biggers 		return false;
11685af90e5SEric Biggers 	}
11785af90e5SEric Biggers 	return true;
11885af90e5SEric Biggers }
11985af90e5SEric Biggers 
supported_iv_ino_lblk_policy(const struct fscrypt_policy_v2 * policy,const struct inode * inode,const char * type,int max_ino_bits,int max_lblk_bits)120e3b1078bSEric Biggers static bool supported_iv_ino_lblk_policy(const struct fscrypt_policy_v2 *policy,
121e3b1078bSEric Biggers 					 const struct inode *inode,
122e3b1078bSEric Biggers 					 const char *type,
123e3b1078bSEric Biggers 					 int max_ino_bits, int max_lblk_bits)
124b103fb76SEric Biggers {
125b103fb76SEric Biggers 	struct super_block *sb = inode->i_sb;
126b103fb76SEric Biggers 	int ino_bits = 64, lblk_bits = 64;
127b103fb76SEric Biggers 
128b103fb76SEric Biggers 	/*
129f000223cSEric Biggers 	 * IV_INO_LBLK_* exist only because of hardware limitations, and
130f000223cSEric Biggers 	 * currently the only known use case for them involves AES-256-XTS.
131f000223cSEric Biggers 	 * That's also all we test currently.  For these reasons, for now only
132f000223cSEric Biggers 	 * allow AES-256-XTS here.  This can be relaxed later if a use case for
133f000223cSEric Biggers 	 * IV_INO_LBLK_* with other encryption modes arises.
134f000223cSEric Biggers 	 */
135f000223cSEric Biggers 	if (policy->contents_encryption_mode != FSCRYPT_MODE_AES_256_XTS) {
136f000223cSEric Biggers 		fscrypt_warn(inode,
137f000223cSEric Biggers 			     "Can't use %s policy with contents mode other than AES-256-XTS",
138f000223cSEric Biggers 			     type);
139f000223cSEric Biggers 		return false;
140f000223cSEric Biggers 	}
141f000223cSEric Biggers 
142f000223cSEric Biggers 	/*
143b103fb76SEric Biggers 	 * It's unsafe to include inode numbers in the IVs if the filesystem can
144b103fb76SEric Biggers 	 * potentially renumber inodes, e.g. via filesystem shrinking.
145b103fb76SEric Biggers 	 */
146b103fb76SEric Biggers 	if (!sb->s_cop->has_stable_inodes ||
147b103fb76SEric Biggers 	    !sb->s_cop->has_stable_inodes(sb)) {
148b103fb76SEric Biggers 		fscrypt_warn(inode,
149e3b1078bSEric Biggers 			     "Can't use %s policy on filesystem '%s' because it doesn't have stable inode numbers",
150e3b1078bSEric Biggers 			     type, sb->s_id);
151b103fb76SEric Biggers 		return false;
152b103fb76SEric Biggers 	}
153b103fb76SEric Biggers 	if (sb->s_cop->get_ino_and_lblk_bits)
154b103fb76SEric Biggers 		sb->s_cop->get_ino_and_lblk_bits(sb, &ino_bits, &lblk_bits);
155e3b1078bSEric Biggers 	if (ino_bits > max_ino_bits) {
156b103fb76SEric Biggers 		fscrypt_warn(inode,
157e3b1078bSEric Biggers 			     "Can't use %s policy on filesystem '%s' because its inode numbers are too long",
158e3b1078bSEric Biggers 			     type, sb->s_id);
159e3b1078bSEric Biggers 		return false;
160e3b1078bSEric Biggers 	}
161e3b1078bSEric Biggers 	if (lblk_bits > max_lblk_bits) {
162e3b1078bSEric Biggers 		fscrypt_warn(inode,
163e3b1078bSEric Biggers 			     "Can't use %s policy on filesystem '%s' because its block numbers are too long",
164e3b1078bSEric Biggers 			     type, sb->s_id);
165b103fb76SEric Biggers 		return false;
166b103fb76SEric Biggers 	}
167b103fb76SEric Biggers 	return true;
168b103fb76SEric Biggers }
169b103fb76SEric Biggers 
fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 * policy,const struct inode * inode)170393a24a7SEric Biggers static bool fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 *policy,
1715dae460cSEric Biggers 					const struct inode *inode)
1720b81d077SJaegeuk Kim {
1736b2a51ffSNathan Huckleberry 	if (!fscrypt_valid_enc_modes_v1(policy->contents_encryption_mode,
1745dae460cSEric Biggers 				     policy->filenames_encryption_mode)) {
1755dae460cSEric Biggers 		fscrypt_warn(inode,
1765dae460cSEric Biggers 			     "Unsupported encryption modes (contents %d, filenames %d)",
1775dae460cSEric Biggers 			     policy->contents_encryption_mode,
1785dae460cSEric Biggers 			     policy->filenames_encryption_mode);
1795dae460cSEric Biggers 		return false;
1805dae460cSEric Biggers 	}
1815dae460cSEric Biggers 
182b103fb76SEric Biggers 	if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |
183b103fb76SEric Biggers 			      FSCRYPT_POLICY_FLAG_DIRECT_KEY)) {
184393a24a7SEric Biggers 		fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)",
1855dae460cSEric Biggers 			     policy->flags);
1865dae460cSEric Biggers 		return false;
1875dae460cSEric Biggers 	}
1885dae460cSEric Biggers 
18985af90e5SEric Biggers 	if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&
19085af90e5SEric Biggers 	    !supported_direct_key_modes(inode, policy->contents_encryption_mode,
19185af90e5SEric Biggers 					policy->filenames_encryption_mode))
19285af90e5SEric Biggers 		return false;
19385af90e5SEric Biggers 
1946e1918cfSDaniel Rosenberg 	if (IS_CASEFOLDED(inode)) {
1956e1918cfSDaniel Rosenberg 		/* With v1, there's no way to derive dirhash keys. */
1966e1918cfSDaniel Rosenberg 		fscrypt_warn(inode,
1976e1918cfSDaniel Rosenberg 			     "v1 policies can't be used on casefolded directories");
1986e1918cfSDaniel Rosenberg 		return false;
1996e1918cfSDaniel Rosenberg 	}
2006e1918cfSDaniel Rosenberg 
2015dae460cSEric Biggers 	return true;
2025dae460cSEric Biggers }
2035dae460cSEric Biggers 
fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 * policy,const struct inode * inode)204393a24a7SEric Biggers static bool fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 *policy,
205393a24a7SEric Biggers 					const struct inode *inode)
206393a24a7SEric Biggers {
207e3b1078bSEric Biggers 	int count = 0;
208e3b1078bSEric Biggers 
2096b2a51ffSNathan Huckleberry 	if (!fscrypt_valid_enc_modes_v2(policy->contents_encryption_mode,
2105dae460cSEric Biggers 				     policy->filenames_encryption_mode)) {
2115dae460cSEric Biggers 		fscrypt_warn(inode,
2125dae460cSEric Biggers 			     "Unsupported encryption modes (contents %d, filenames %d)",
2135dae460cSEric Biggers 			     policy->contents_encryption_mode,
2145dae460cSEric Biggers 			     policy->filenames_encryption_mode);
2155dae460cSEric Biggers 		return false;
2165dae460cSEric Biggers 	}
2175dae460cSEric Biggers 
2183ceb6543SEric Biggers 	if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |
2193ceb6543SEric Biggers 			      FSCRYPT_POLICY_FLAG_DIRECT_KEY |
2203ceb6543SEric Biggers 			      FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 |
2213ceb6543SEric Biggers 			      FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)) {
222393a24a7SEric Biggers 		fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)",
2235dae460cSEric Biggers 			     policy->flags);
2245dae460cSEric Biggers 		return false;
2255dae460cSEric Biggers 	}
2265dae460cSEric Biggers 
227e3b1078bSEric Biggers 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY);
228e3b1078bSEric Biggers 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64);
229e3b1078bSEric Biggers 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32);
230e3b1078bSEric Biggers 	if (count > 1) {
231e3b1078bSEric Biggers 		fscrypt_warn(inode, "Mutually exclusive encryption flags (0x%02x)",
232e3b1078bSEric Biggers 			     policy->flags);
233e3b1078bSEric Biggers 		return false;
234e3b1078bSEric Biggers 	}
235e3b1078bSEric Biggers 
23685af90e5SEric Biggers 	if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&
23785af90e5SEric Biggers 	    !supported_direct_key_modes(inode, policy->contents_encryption_mode,
23885af90e5SEric Biggers 					policy->filenames_encryption_mode))
23985af90e5SEric Biggers 		return false;
24085af90e5SEric Biggers 
241b103fb76SEric Biggers 	if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) &&
242e3b1078bSEric Biggers 	    !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_64",
243e3b1078bSEric Biggers 					  32, 32))
244e3b1078bSEric Biggers 		return false;
245e3b1078bSEric Biggers 
2465e895bd4SEric Biggers 	/*
2475e895bd4SEric Biggers 	 * IV_INO_LBLK_32 hashes the inode number, so in principle it can
2485e895bd4SEric Biggers 	 * support any ino_bits.  However, currently the inode number is gotten
2495e895bd4SEric Biggers 	 * from inode::i_ino which is 'unsigned long'.  So for now the
2505e895bd4SEric Biggers 	 * implementation limit is 32 bits.
2515e895bd4SEric Biggers 	 */
252e3b1078bSEric Biggers 	if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) &&
253e3b1078bSEric Biggers 	    !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_32",
2545e895bd4SEric Biggers 					  32, 32))
255b103fb76SEric Biggers 		return false;
256b103fb76SEric Biggers 
257393a24a7SEric Biggers 	if (memchr_inv(policy->__reserved, 0, sizeof(policy->__reserved))) {
258393a24a7SEric Biggers 		fscrypt_warn(inode, "Reserved bits set in encryption policy");
2595dae460cSEric Biggers 		return false;
2605dae460cSEric Biggers 	}
2615dae460cSEric Biggers 
2625dae460cSEric Biggers 	return true;
2635dae460cSEric Biggers }
264393a24a7SEric Biggers 
265393a24a7SEric Biggers /**
266d2fe9754SEric Biggers  * fscrypt_supported_policy() - check whether an encryption policy is supported
267d2fe9754SEric Biggers  * @policy_u: the encryption policy
268d2fe9754SEric Biggers  * @inode: the inode on which the policy will be used
269393a24a7SEric Biggers  *
270393a24a7SEric Biggers  * Given an encryption policy, check whether all its encryption modes and other
271393a24a7SEric Biggers  * settings are supported by this kernel on the given inode.  (But we don't
272393a24a7SEric Biggers  * currently don't check for crypto API support here, so attempting to use an
273393a24a7SEric Biggers  * algorithm not configured into the crypto API will still fail later.)
274393a24a7SEric Biggers  *
275393a24a7SEric Biggers  * Return: %true if supported, else %false
276393a24a7SEric Biggers  */
fscrypt_supported_policy(const union fscrypt_policy * policy_u,const struct inode * inode)277393a24a7SEric Biggers bool fscrypt_supported_policy(const union fscrypt_policy *policy_u,
278393a24a7SEric Biggers 			      const struct inode *inode)
279393a24a7SEric Biggers {
280393a24a7SEric Biggers 	switch (policy_u->version) {
281393a24a7SEric Biggers 	case FSCRYPT_POLICY_V1:
282393a24a7SEric Biggers 		return fscrypt_supported_v1_policy(&policy_u->v1, inode);
283393a24a7SEric Biggers 	case FSCRYPT_POLICY_V2:
284393a24a7SEric Biggers 		return fscrypt_supported_v2_policy(&policy_u->v2, inode);
2855dae460cSEric Biggers 	}
2865dae460cSEric Biggers 	return false;
2875dae460cSEric Biggers }
2885dae460cSEric Biggers 
2895dae460cSEric Biggers /**
290a992b20cSEric Biggers  * fscrypt_new_context() - create a new fscrypt_context
291d2fe9754SEric Biggers  * @ctx_u: output context
292d2fe9754SEric Biggers  * @policy_u: input policy
293a992b20cSEric Biggers  * @nonce: nonce to use
2945dae460cSEric Biggers  *
2955dae460cSEric Biggers  * Create an fscrypt_context for an inode that is being assigned the given
296a992b20cSEric Biggers  * encryption policy.  @nonce must be a new random nonce.
2975dae460cSEric Biggers  *
2985dae460cSEric Biggers  * Return: the size of the new context in bytes.
2995dae460cSEric Biggers  */
fscrypt_new_context(union fscrypt_context * ctx_u,const union fscrypt_policy * policy_u,const u8 nonce[FSCRYPT_FILE_NONCE_SIZE])300a992b20cSEric Biggers static int fscrypt_new_context(union fscrypt_context *ctx_u,
301a992b20cSEric Biggers 			       const union fscrypt_policy *policy_u,
302a992b20cSEric Biggers 			       const u8 nonce[FSCRYPT_FILE_NONCE_SIZE])
3035dae460cSEric Biggers {
3045dae460cSEric Biggers 	memset(ctx_u, 0, sizeof(*ctx_u));
3055dae460cSEric Biggers 
3065dae460cSEric Biggers 	switch (policy_u->version) {
3075dae460cSEric Biggers 	case FSCRYPT_POLICY_V1: {
3085dae460cSEric Biggers 		const struct fscrypt_policy_v1 *policy = &policy_u->v1;
3095dae460cSEric Biggers 		struct fscrypt_context_v1 *ctx = &ctx_u->v1;
3105dae460cSEric Biggers 
3115dae460cSEric Biggers 		ctx->version = FSCRYPT_CONTEXT_V1;
3125dae460cSEric Biggers 		ctx->contents_encryption_mode =
3135dae460cSEric Biggers 			policy->contents_encryption_mode;
3145dae460cSEric Biggers 		ctx->filenames_encryption_mode =
3155dae460cSEric Biggers 			policy->filenames_encryption_mode;
3165dae460cSEric Biggers 		ctx->flags = policy->flags;
3175dae460cSEric Biggers 		memcpy(ctx->master_key_descriptor,
3185dae460cSEric Biggers 		       policy->master_key_descriptor,
3195dae460cSEric Biggers 		       sizeof(ctx->master_key_descriptor));
320a992b20cSEric Biggers 		memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE);
3215dae460cSEric Biggers 		return sizeof(*ctx);
3225dae460cSEric Biggers 	}
3235dae460cSEric Biggers 	case FSCRYPT_POLICY_V2: {
3245dae460cSEric Biggers 		const struct fscrypt_policy_v2 *policy = &policy_u->v2;
3255dae460cSEric Biggers 		struct fscrypt_context_v2 *ctx = &ctx_u->v2;
3265dae460cSEric Biggers 
3275dae460cSEric Biggers 		ctx->version = FSCRYPT_CONTEXT_V2;
3285dae460cSEric Biggers 		ctx->contents_encryption_mode =
3295dae460cSEric Biggers 			policy->contents_encryption_mode;
3305dae460cSEric Biggers 		ctx->filenames_encryption_mode =
3315dae460cSEric Biggers 			policy->filenames_encryption_mode;
3325dae460cSEric Biggers 		ctx->flags = policy->flags;
3335dae460cSEric Biggers 		memcpy(ctx->master_key_identifier,
3345dae460cSEric Biggers 		       policy->master_key_identifier,
3355dae460cSEric Biggers 		       sizeof(ctx->master_key_identifier));
336a992b20cSEric Biggers 		memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE);
3375dae460cSEric Biggers 		return sizeof(*ctx);
3385dae460cSEric Biggers 	}
3395dae460cSEric Biggers 	}
3405dae460cSEric Biggers 	BUG();
3415dae460cSEric Biggers }
3425dae460cSEric Biggers 
3435dae460cSEric Biggers /**
344d2fe9754SEric Biggers  * fscrypt_policy_from_context() - convert an fscrypt_context to
345d2fe9754SEric Biggers  *				   an fscrypt_policy
346d2fe9754SEric Biggers  * @policy_u: output policy
347d2fe9754SEric Biggers  * @ctx_u: input context
348d2fe9754SEric Biggers  * @ctx_size: size of input context in bytes
3495dae460cSEric Biggers  *
3505dae460cSEric Biggers  * Given an fscrypt_context, build the corresponding fscrypt_policy.
3515dae460cSEric Biggers  *
3525dae460cSEric Biggers  * Return: 0 on success, or -EINVAL if the fscrypt_context has an unrecognized
3535dae460cSEric Biggers  * version number or size.
3545dae460cSEric Biggers  *
3555dae460cSEric Biggers  * This does *not* validate the settings within the policy itself, e.g. the
3565dae460cSEric Biggers  * modes, flags, and reserved bits.  Use fscrypt_supported_policy() for that.
3575dae460cSEric Biggers  */
fscrypt_policy_from_context(union fscrypt_policy * policy_u,const union fscrypt_context * ctx_u,int ctx_size)3585dae460cSEric Biggers int fscrypt_policy_from_context(union fscrypt_policy *policy_u,
3595dae460cSEric Biggers 				const union fscrypt_context *ctx_u,
3605dae460cSEric Biggers 				int ctx_size)
3615dae460cSEric Biggers {
3625dae460cSEric Biggers 	memset(policy_u, 0, sizeof(*policy_u));
3635dae460cSEric Biggers 
364e98ad464SEric Biggers 	if (!fscrypt_context_is_valid(ctx_u, ctx_size))
3650b81d077SJaegeuk Kim 		return -EINVAL;
3660b81d077SJaegeuk Kim 
3675dae460cSEric Biggers 	switch (ctx_u->version) {
3685dae460cSEric Biggers 	case FSCRYPT_CONTEXT_V1: {
3695dae460cSEric Biggers 		const struct fscrypt_context_v1 *ctx = &ctx_u->v1;
3705dae460cSEric Biggers 		struct fscrypt_policy_v1 *policy = &policy_u->v1;
3715dae460cSEric Biggers 
3725dae460cSEric Biggers 		policy->version = FSCRYPT_POLICY_V1;
3735dae460cSEric Biggers 		policy->contents_encryption_mode =
3745dae460cSEric Biggers 			ctx->contents_encryption_mode;
3755dae460cSEric Biggers 		policy->filenames_encryption_mode =
3765dae460cSEric Biggers 			ctx->filenames_encryption_mode;
3775dae460cSEric Biggers 		policy->flags = ctx->flags;
3785dae460cSEric Biggers 		memcpy(policy->master_key_descriptor,
3795dae460cSEric Biggers 		       ctx->master_key_descriptor,
3805dae460cSEric Biggers 		       sizeof(policy->master_key_descriptor));
3815dae460cSEric Biggers 		return 0;
3825dae460cSEric Biggers 	}
3835dae460cSEric Biggers 	case FSCRYPT_CONTEXT_V2: {
3845dae460cSEric Biggers 		const struct fscrypt_context_v2 *ctx = &ctx_u->v2;
3855dae460cSEric Biggers 		struct fscrypt_policy_v2 *policy = &policy_u->v2;
3865dae460cSEric Biggers 
3875dae460cSEric Biggers 		policy->version = FSCRYPT_POLICY_V2;
3885dae460cSEric Biggers 		policy->contents_encryption_mode =
3895dae460cSEric Biggers 			ctx->contents_encryption_mode;
3905dae460cSEric Biggers 		policy->filenames_encryption_mode =
3915dae460cSEric Biggers 			ctx->filenames_encryption_mode;
3925dae460cSEric Biggers 		policy->flags = ctx->flags;
3935dae460cSEric Biggers 		memcpy(policy->__reserved, ctx->__reserved,
3945dae460cSEric Biggers 		       sizeof(policy->__reserved));
3955dae460cSEric Biggers 		memcpy(policy->master_key_identifier,
3965dae460cSEric Biggers 		       ctx->master_key_identifier,
3975dae460cSEric Biggers 		       sizeof(policy->master_key_identifier));
3985dae460cSEric Biggers 		return 0;
3995dae460cSEric Biggers 	}
4005dae460cSEric Biggers 	}
4015dae460cSEric Biggers 	/* unreachable */
4025dae460cSEric Biggers 	return -EINVAL;
4035dae460cSEric Biggers }
4045dae460cSEric Biggers 
4055dae460cSEric Biggers /* Retrieve an inode's encryption policy */
fscrypt_get_policy(struct inode * inode,union fscrypt_policy * policy)4065dae460cSEric Biggers static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy)
4075dae460cSEric Biggers {
4085dae460cSEric Biggers 	const struct fscrypt_info *ci;
4095dae460cSEric Biggers 	union fscrypt_context ctx;
4105dae460cSEric Biggers 	int ret;
4115dae460cSEric Biggers 
412ab673b98SEric Biggers 	ci = fscrypt_get_info(inode);
4135dae460cSEric Biggers 	if (ci) {
4145dae460cSEric Biggers 		/* key available, use the cached policy */
4155dae460cSEric Biggers 		*policy = ci->ci_policy;
4165dae460cSEric Biggers 		return 0;
4175dae460cSEric Biggers 	}
4185dae460cSEric Biggers 
4195dae460cSEric Biggers 	if (!IS_ENCRYPTED(inode))
4205dae460cSEric Biggers 		return -ENODATA;
4215dae460cSEric Biggers 
4225dae460cSEric Biggers 	ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
4235dae460cSEric Biggers 	if (ret < 0)
4245dae460cSEric Biggers 		return (ret == -ERANGE) ? -EINVAL : ret;
4255dae460cSEric Biggers 
4265dae460cSEric Biggers 	return fscrypt_policy_from_context(policy, &ctx, ret);
4275dae460cSEric Biggers }
4285dae460cSEric Biggers 
set_encryption_policy(struct inode * inode,const union fscrypt_policy * policy)4295dae460cSEric Biggers static int set_encryption_policy(struct inode *inode,
4305dae460cSEric Biggers 				 const union fscrypt_policy *policy)
4315dae460cSEric Biggers {
432a992b20cSEric Biggers 	u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
4335dae460cSEric Biggers 	union fscrypt_context ctx;
4345dae460cSEric Biggers 	int ctxsize;
4355ab7189aSEric Biggers 	int err;
4365dae460cSEric Biggers 
4375dae460cSEric Biggers 	if (!fscrypt_supported_policy(policy, inode))
4380b81d077SJaegeuk Kim 		return -EINVAL;
4390b81d077SJaegeuk Kim 
4405ab7189aSEric Biggers 	switch (policy->version) {
4415ab7189aSEric Biggers 	case FSCRYPT_POLICY_V1:
4425dae460cSEric Biggers 		/*
4435dae460cSEric Biggers 		 * The original encryption policy version provided no way of
4445dae460cSEric Biggers 		 * verifying that the correct master key was supplied, which was
4455dae460cSEric Biggers 		 * insecure in scenarios where multiple users have access to the
4465dae460cSEric Biggers 		 * same encrypted files (even just read-only access).  The new
4475dae460cSEric Biggers 		 * encryption policy version fixes this and also implies use of
4485dae460cSEric Biggers 		 * an improved key derivation function and allows non-root users
4495dae460cSEric Biggers 		 * to securely remove keys.  So as long as compatibility with
4505dae460cSEric Biggers 		 * old kernels isn't required, it is recommended to use the new
4515dae460cSEric Biggers 		 * policy version for all new encrypted directories.
4525dae460cSEric Biggers 		 */
4535dae460cSEric Biggers 		pr_warn_once("%s (pid %d) is setting deprecated v1 encryption policy; recommend upgrading to v2.\n",
4545dae460cSEric Biggers 			     current->comm, current->pid);
4555ab7189aSEric Biggers 		break;
4565ab7189aSEric Biggers 	case FSCRYPT_POLICY_V2:
4575ab7189aSEric Biggers 		err = fscrypt_verify_key_added(inode->i_sb,
4585ab7189aSEric Biggers 					       policy->v2.master_key_identifier);
4595ab7189aSEric Biggers 		if (err)
4605ab7189aSEric Biggers 			return err;
461e3b1078bSEric Biggers 		if (policy->v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)
462e3b1078bSEric Biggers 			pr_warn_once("%s (pid %d) is setting an IV_INO_LBLK_32 encryption policy.  This should only be used if there are certain hardware limitations.\n",
463e3b1078bSEric Biggers 				     current->comm, current->pid);
4645ab7189aSEric Biggers 		break;
4655ab7189aSEric Biggers 	default:
466*41b2ad80SEric Biggers 		WARN_ON_ONCE(1);
4675ab7189aSEric Biggers 		return -EINVAL;
4685dae460cSEric Biggers 	}
4690b81d077SJaegeuk Kim 
470a992b20cSEric Biggers 	get_random_bytes(nonce, FSCRYPT_FILE_NONCE_SIZE);
471a992b20cSEric Biggers 	ctxsize = fscrypt_new_context(&ctx, policy, nonce);
4725dae460cSEric Biggers 
4735dae460cSEric Biggers 	return inode->i_sb->s_cop->set_context(inode, &ctx, ctxsize, NULL);
4740b81d077SJaegeuk Kim }
4750b81d077SJaegeuk Kim 
fscrypt_ioctl_set_policy(struct file * filp,const void __user * arg)476db717d8eSEric Biggers int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg)
4770b81d077SJaegeuk Kim {
4785dae460cSEric Biggers 	union fscrypt_policy policy;
4795dae460cSEric Biggers 	union fscrypt_policy existing_policy;
480ba63f23dSEric Biggers 	struct inode *inode = file_inode(filp);
4815dae460cSEric Biggers 	u8 version;
4825dae460cSEric Biggers 	int size;
483ba63f23dSEric Biggers 	int ret;
484ba63f23dSEric Biggers 
4855dae460cSEric Biggers 	if (get_user(policy.version, (const u8 __user *)arg))
486db717d8eSEric Biggers 		return -EFAULT;
487db717d8eSEric Biggers 
4885dae460cSEric Biggers 	size = fscrypt_policy_size(&policy);
4895dae460cSEric Biggers 	if (size <= 0)
4905dae460cSEric Biggers 		return -EINVAL;
4915dae460cSEric Biggers 
4925dae460cSEric Biggers 	/*
4935dae460cSEric Biggers 	 * We should just copy the remaining 'size - 1' bytes here, but a
4945dae460cSEric Biggers 	 * bizarre bug in gcc 7 and earlier (fixed by gcc r255731) causes gcc to
4955dae460cSEric Biggers 	 * think that size can be 0 here (despite the check above!) *and* that
4965dae460cSEric Biggers 	 * it's a compile-time constant.  Thus it would think copy_from_user()
4975dae460cSEric Biggers 	 * is passed compile-time constant ULONG_MAX, causing the compile-time
4985dae460cSEric Biggers 	 * buffer overflow check to fail, breaking the build. This only occurred
4995dae460cSEric Biggers 	 * when building an i386 kernel with -Os and branch profiling enabled.
5005dae460cSEric Biggers 	 *
5015dae460cSEric Biggers 	 * Work around it by just copying the first byte again...
5025dae460cSEric Biggers 	 */
5035dae460cSEric Biggers 	version = policy.version;
5045dae460cSEric Biggers 	if (copy_from_user(&policy, arg, size))
5055dae460cSEric Biggers 		return -EFAULT;
5065dae460cSEric Biggers 	policy.version = version;
5075dae460cSEric Biggers 
50801beba79SChristian Brauner 	if (!inode_owner_or_capable(&nop_mnt_idmap, inode))
509163ae1c6SEric Biggers 		return -EACCES;
510163ae1c6SEric Biggers 
511ba63f23dSEric Biggers 	ret = mnt_want_write_file(filp);
512ba63f23dSEric Biggers 	if (ret)
513ba63f23dSEric Biggers 		return ret;
514ba63f23dSEric Biggers 
5158906a822SEric Biggers 	inode_lock(inode);
5168906a822SEric Biggers 
5175dae460cSEric Biggers 	ret = fscrypt_get_policy(inode, &existing_policy);
518efee590eSEric Biggers 	if (ret == -ENODATA) {
519002ced4bSEric Biggers 		if (!S_ISDIR(inode->i_mode))
520dffd0cfaSEric Biggers 			ret = -ENOTDIR;
5215858bdadSHongjie Fang 		else if (IS_DEADDIR(inode))
5225858bdadSHongjie Fang 			ret = -ENOENT;
523ba63f23dSEric Biggers 		else if (!inode->i_sb->s_cop->empty_dir(inode))
524ba63f23dSEric Biggers 			ret = -ENOTEMPTY;
525ba63f23dSEric Biggers 		else
5265dae460cSEric Biggers 			ret = set_encryption_policy(inode, &policy);
5275dae460cSEric Biggers 	} else if (ret == -EINVAL ||
5285dae460cSEric Biggers 		   (ret == 0 && !fscrypt_policies_equal(&policy,
5295dae460cSEric Biggers 							&existing_policy))) {
530efee590eSEric Biggers 		/* The file already uses a different encryption policy. */
5318488cd96SEric Biggers 		ret = -EEXIST;
5320b81d077SJaegeuk Kim 	}
5330b81d077SJaegeuk Kim 
5348906a822SEric Biggers 	inode_unlock(inode);
5358906a822SEric Biggers 
536ba63f23dSEric Biggers 	mnt_drop_write_file(filp);
537ba63f23dSEric Biggers 	return ret;
5380b81d077SJaegeuk Kim }
539db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_set_policy);
5400b81d077SJaegeuk Kim 
5415dae460cSEric Biggers /* Original ioctl version; can only get the original policy version */
fscrypt_ioctl_get_policy(struct file * filp,void __user * arg)542db717d8eSEric Biggers int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
5430b81d077SJaegeuk Kim {
5445dae460cSEric Biggers 	union fscrypt_policy policy;
5455dae460cSEric Biggers 	int err;
5460b81d077SJaegeuk Kim 
5475dae460cSEric Biggers 	err = fscrypt_get_policy(file_inode(filp), &policy);
5485dae460cSEric Biggers 	if (err)
5495dae460cSEric Biggers 		return err;
5500b81d077SJaegeuk Kim 
5515dae460cSEric Biggers 	if (policy.version != FSCRYPT_POLICY_V1)
5520b81d077SJaegeuk Kim 		return -EINVAL;
5530b81d077SJaegeuk Kim 
5545dae460cSEric Biggers 	if (copy_to_user(arg, &policy, sizeof(policy.v1)))
555db717d8eSEric Biggers 		return -EFAULT;
5560b81d077SJaegeuk Kim 	return 0;
5570b81d077SJaegeuk Kim }
558db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_get_policy);
5590b81d077SJaegeuk Kim 
5605dae460cSEric Biggers /* Extended ioctl version; can get policies of any version */
fscrypt_ioctl_get_policy_ex(struct file * filp,void __user * uarg)5615dae460cSEric Biggers int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *uarg)
5625dae460cSEric Biggers {
5635dae460cSEric Biggers 	struct fscrypt_get_policy_ex_arg arg;
5645dae460cSEric Biggers 	union fscrypt_policy *policy = (union fscrypt_policy *)&arg.policy;
5655dae460cSEric Biggers 	size_t policy_size;
5665dae460cSEric Biggers 	int err;
5675dae460cSEric Biggers 
5685dae460cSEric Biggers 	/* arg is policy_size, then policy */
5695dae460cSEric Biggers 	BUILD_BUG_ON(offsetof(typeof(arg), policy_size) != 0);
5705dae460cSEric Biggers 	BUILD_BUG_ON(offsetofend(typeof(arg), policy_size) !=
5715dae460cSEric Biggers 		     offsetof(typeof(arg), policy));
5725dae460cSEric Biggers 	BUILD_BUG_ON(sizeof(arg.policy) != sizeof(*policy));
5735dae460cSEric Biggers 
5745dae460cSEric Biggers 	err = fscrypt_get_policy(file_inode(filp), policy);
5755dae460cSEric Biggers 	if (err)
5765dae460cSEric Biggers 		return err;
5775dae460cSEric Biggers 	policy_size = fscrypt_policy_size(policy);
5785dae460cSEric Biggers 
5795dae460cSEric Biggers 	if (copy_from_user(&arg, uarg, sizeof(arg.policy_size)))
5805dae460cSEric Biggers 		return -EFAULT;
5815dae460cSEric Biggers 
5825dae460cSEric Biggers 	if (policy_size > arg.policy_size)
5835dae460cSEric Biggers 		return -EOVERFLOW;
5845dae460cSEric Biggers 	arg.policy_size = policy_size;
5855dae460cSEric Biggers 
5865dae460cSEric Biggers 	if (copy_to_user(uarg, &arg, sizeof(arg.policy_size) + policy_size))
5875dae460cSEric Biggers 		return -EFAULT;
5885dae460cSEric Biggers 	return 0;
5895dae460cSEric Biggers }
5905dae460cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_policy_ex);
5915dae460cSEric Biggers 
592e98ad464SEric Biggers /* FS_IOC_GET_ENCRYPTION_NONCE: retrieve file's encryption nonce for testing */
fscrypt_ioctl_get_nonce(struct file * filp,void __user * arg)593e98ad464SEric Biggers int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
594e98ad464SEric Biggers {
595e98ad464SEric Biggers 	struct inode *inode = file_inode(filp);
596e98ad464SEric Biggers 	union fscrypt_context ctx;
597e98ad464SEric Biggers 	int ret;
598e98ad464SEric Biggers 
599e98ad464SEric Biggers 	ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
600e98ad464SEric Biggers 	if (ret < 0)
601e98ad464SEric Biggers 		return ret;
602e98ad464SEric Biggers 	if (!fscrypt_context_is_valid(&ctx, ret))
603e98ad464SEric Biggers 		return -EINVAL;
604e98ad464SEric Biggers 	if (copy_to_user(arg, fscrypt_context_nonce(&ctx),
6051d6217a4SEric Biggers 			 FSCRYPT_FILE_NONCE_SIZE))
606e98ad464SEric Biggers 		return -EFAULT;
607e98ad464SEric Biggers 	return 0;
608e98ad464SEric Biggers }
609e98ad464SEric Biggers EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_nonce);
610e98ad464SEric Biggers 
611272f98f6SEric Biggers /**
612272f98f6SEric Biggers  * fscrypt_has_permitted_context() - is a file's encryption policy permitted
613272f98f6SEric Biggers  *				     within its directory?
614272f98f6SEric Biggers  *
615272f98f6SEric Biggers  * @parent: inode for parent directory
616272f98f6SEric Biggers  * @child: inode for file being looked up, opened, or linked into @parent
617272f98f6SEric Biggers  *
618272f98f6SEric Biggers  * Filesystems must call this before permitting access to an inode in a
619272f98f6SEric Biggers  * situation where the parent directory is encrypted (either before allowing
620272f98f6SEric Biggers  * ->lookup() to succeed, or for a regular file before allowing it to be opened)
621272f98f6SEric Biggers  * and before any operation that involves linking an inode into an encrypted
622272f98f6SEric Biggers  * directory, including link, rename, and cross rename.  It enforces the
623272f98f6SEric Biggers  * constraint that within a given encrypted directory tree, all files use the
624272f98f6SEric Biggers  * same encryption policy.  The pre-access check is needed to detect potentially
625272f98f6SEric Biggers  * malicious offline violations of this constraint, while the link and rename
626272f98f6SEric Biggers  * checks are needed to prevent online violations of this constraint.
627272f98f6SEric Biggers  *
628f5e55e77SEric Biggers  * Return: 1 if permitted, 0 if forbidden.
629272f98f6SEric Biggers  */
fscrypt_has_permitted_context(struct inode * parent,struct inode * child)6300b81d077SJaegeuk Kim int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
6310b81d077SJaegeuk Kim {
6325dae460cSEric Biggers 	union fscrypt_policy parent_policy, child_policy;
633a14d0b67SEric Biggers 	int err, err1, err2;
6340b81d077SJaegeuk Kim 
63542d97eb0SEric Biggers 	/* No restrictions on file types which are never encrypted */
63642d97eb0SEric Biggers 	if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) &&
63742d97eb0SEric Biggers 	    !S_ISLNK(child->i_mode))
63842d97eb0SEric Biggers 		return 1;
63942d97eb0SEric Biggers 
640272f98f6SEric Biggers 	/* No restrictions if the parent directory is unencrypted */
641e0428a26SEric Biggers 	if (!IS_ENCRYPTED(parent))
6420b81d077SJaegeuk Kim 		return 1;
643272f98f6SEric Biggers 
644272f98f6SEric Biggers 	/* Encrypted directories must not contain unencrypted files */
645e0428a26SEric Biggers 	if (!IS_ENCRYPTED(child))
6460b81d077SJaegeuk Kim 		return 0;
647272f98f6SEric Biggers 
648272f98f6SEric Biggers 	/*
649272f98f6SEric Biggers 	 * Both parent and child are encrypted, so verify they use the same
650272f98f6SEric Biggers 	 * encryption policy.  Compare the fscrypt_info structs if the keys are
651272f98f6SEric Biggers 	 * available, otherwise retrieve and compare the fscrypt_contexts.
652272f98f6SEric Biggers 	 *
653272f98f6SEric Biggers 	 * Note that the fscrypt_context retrieval will be required frequently
654272f98f6SEric Biggers 	 * when accessing an encrypted directory tree without the key.
655272f98f6SEric Biggers 	 * Performance-wise this is not a big deal because we already don't
656272f98f6SEric Biggers 	 * really optimize for file access without the key (to the extent that
657272f98f6SEric Biggers 	 * such access is even possible), given that any attempted access
658272f98f6SEric Biggers 	 * already causes a fscrypt_context retrieval and keyring search.
659272f98f6SEric Biggers 	 *
660272f98f6SEric Biggers 	 * In any case, if an unexpected error occurs, fall back to "forbidden".
661272f98f6SEric Biggers 	 */
662272f98f6SEric Biggers 
663a14d0b67SEric Biggers 	err = fscrypt_get_encryption_info(parent, true);
6645dae460cSEric Biggers 	if (err)
6650b81d077SJaegeuk Kim 		return 0;
666a14d0b67SEric Biggers 	err = fscrypt_get_encryption_info(child, true);
6675dae460cSEric Biggers 	if (err)
668272f98f6SEric Biggers 		return 0;
669272f98f6SEric Biggers 
670a14d0b67SEric Biggers 	err1 = fscrypt_get_policy(parent, &parent_policy);
671a14d0b67SEric Biggers 	err2 = fscrypt_get_policy(child, &child_policy);
672272f98f6SEric Biggers 
673a14d0b67SEric Biggers 	/*
674a14d0b67SEric Biggers 	 * Allow the case where the parent and child both have an unrecognized
675a14d0b67SEric Biggers 	 * encryption policy, so that files with an unrecognized encryption
676a14d0b67SEric Biggers 	 * policy can be deleted.
677a14d0b67SEric Biggers 	 */
678a14d0b67SEric Biggers 	if (err1 == -EINVAL && err2 == -EINVAL)
679a14d0b67SEric Biggers 		return 1;
680a14d0b67SEric Biggers 
681a14d0b67SEric Biggers 	if (err1 || err2)
6825dae460cSEric Biggers 		return 0;
6835dae460cSEric Biggers 
6845dae460cSEric Biggers 	return fscrypt_policies_equal(&parent_policy, &child_policy);
6850b81d077SJaegeuk Kim }
6860b81d077SJaegeuk Kim EXPORT_SYMBOL(fscrypt_has_permitted_context);
6870b81d077SJaegeuk Kim 
688ac4acb1fSEric Biggers /*
689ac4acb1fSEric Biggers  * Return the encryption policy that new files in the directory will inherit, or
690ac4acb1fSEric Biggers  * NULL if none, or an ERR_PTR() on error.  If the directory is encrypted, also
691ac4acb1fSEric Biggers  * ensure that its key is set up, so that the new filename can be encrypted.
692ac4acb1fSEric Biggers  */
fscrypt_policy_to_inherit(struct inode * dir)693ac4acb1fSEric Biggers const union fscrypt_policy *fscrypt_policy_to_inherit(struct inode *dir)
694ac4acb1fSEric Biggers {
695ac4acb1fSEric Biggers 	int err;
696ac4acb1fSEric Biggers 
697ac4acb1fSEric Biggers 	if (IS_ENCRYPTED(dir)) {
698ac4acb1fSEric Biggers 		err = fscrypt_require_key(dir);
699ac4acb1fSEric Biggers 		if (err)
700ac4acb1fSEric Biggers 			return ERR_PTR(err);
701ac4acb1fSEric Biggers 		return &dir->i_crypt_info->ci_policy;
702ac4acb1fSEric Biggers 	}
703ac4acb1fSEric Biggers 
704ac4acb1fSEric Biggers 	return fscrypt_get_dummy_policy(dir->i_sb);
705ac4acb1fSEric Biggers }
706ac4acb1fSEric Biggers 
7070b81d077SJaegeuk Kim /**
708637fa738SJeff Layton  * fscrypt_context_for_new_inode() - create an encryption context for a new inode
709637fa738SJeff Layton  * @ctx: where context should be written
710637fa738SJeff Layton  * @inode: inode from which to fetch policy and nonce
711637fa738SJeff Layton  *
712637fa738SJeff Layton  * Given an in-core "prepared" (via fscrypt_prepare_new_inode) inode,
713637fa738SJeff Layton  * generate a new context and write it to ctx. ctx _must_ be at least
714637fa738SJeff Layton  * FSCRYPT_SET_CONTEXT_MAX_SIZE bytes.
715637fa738SJeff Layton  *
716637fa738SJeff Layton  * Return: size of the resulting context or a negative error code.
717637fa738SJeff Layton  */
fscrypt_context_for_new_inode(void * ctx,struct inode * inode)718637fa738SJeff Layton int fscrypt_context_for_new_inode(void *ctx, struct inode *inode)
719637fa738SJeff Layton {
720637fa738SJeff Layton 	struct fscrypt_info *ci = inode->i_crypt_info;
721637fa738SJeff Layton 
722637fa738SJeff Layton 	BUILD_BUG_ON(sizeof(union fscrypt_context) !=
723637fa738SJeff Layton 			FSCRYPT_SET_CONTEXT_MAX_SIZE);
724637fa738SJeff Layton 
725637fa738SJeff Layton 	/* fscrypt_prepare_new_inode() should have set up the key already. */
726637fa738SJeff Layton 	if (WARN_ON_ONCE(!ci))
727637fa738SJeff Layton 		return -ENOKEY;
728637fa738SJeff Layton 
729637fa738SJeff Layton 	return fscrypt_new_context(ctx, &ci->ci_policy, ci->ci_nonce);
730637fa738SJeff Layton }
731637fa738SJeff Layton EXPORT_SYMBOL_GPL(fscrypt_context_for_new_inode);
732637fa738SJeff Layton 
733637fa738SJeff Layton /**
734a992b20cSEric Biggers  * fscrypt_set_context() - Set the fscrypt context of a new inode
735a992b20cSEric Biggers  * @inode: a new inode
736a992b20cSEric Biggers  * @fs_data: private data given by FS and passed to ->set_context()
737a992b20cSEric Biggers  *
738a992b20cSEric Biggers  * This should be called after fscrypt_prepare_new_inode(), generally during a
739a992b20cSEric Biggers  * filesystem transaction.  Everything here must be %GFP_NOFS-safe.
740a992b20cSEric Biggers  *
741a992b20cSEric Biggers  * Return: 0 on success, -errno on failure
742a992b20cSEric Biggers  */
fscrypt_set_context(struct inode * inode,void * fs_data)743a992b20cSEric Biggers int fscrypt_set_context(struct inode *inode, void *fs_data)
744a992b20cSEric Biggers {
745a992b20cSEric Biggers 	struct fscrypt_info *ci = inode->i_crypt_info;
746a992b20cSEric Biggers 	union fscrypt_context ctx;
747a992b20cSEric Biggers 	int ctxsize;
748a992b20cSEric Biggers 
749637fa738SJeff Layton 	ctxsize = fscrypt_context_for_new_inode(&ctx, inode);
750637fa738SJeff Layton 	if (ctxsize < 0)
751637fa738SJeff Layton 		return ctxsize;
752a992b20cSEric Biggers 
753a992b20cSEric Biggers 	/*
754a992b20cSEric Biggers 	 * This may be the first time the inode number is available, so do any
755a992b20cSEric Biggers 	 * delayed key setup that requires the inode number.
756a992b20cSEric Biggers 	 */
757a992b20cSEric Biggers 	if (ci->ci_policy.version == FSCRYPT_POLICY_V2 &&
758d7e7b9afSEric Biggers 	    (ci->ci_policy.v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32))
759d7e7b9afSEric Biggers 		fscrypt_hash_inode_number(ci, ci->ci_master_key);
760a992b20cSEric Biggers 
761a992b20cSEric Biggers 	return inode->i_sb->s_cop->set_context(inode, &ctx, ctxsize, fs_data);
762a992b20cSEric Biggers }
763a992b20cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_set_context);
764a992b20cSEric Biggers 
765a992b20cSEric Biggers /**
766218d921bSEric Biggers  * fscrypt_parse_test_dummy_encryption() - parse the test_dummy_encryption mount option
767218d921bSEric Biggers  * @param: the mount option
768218d921bSEric Biggers  * @dummy_policy: (input/output) the place to write the dummy policy that will
769218d921bSEric Biggers  *	result from parsing the option.  Zero-initialize this.  If a policy is
770218d921bSEric Biggers  *	already set here (due to test_dummy_encryption being given multiple
771218d921bSEric Biggers  *	times), then this function will verify that the policies are the same.
772ed318a6cSEric Biggers  *
773218d921bSEric Biggers  * Return: 0 on success; -EINVAL if the argument is invalid; -EEXIST if the
774218d921bSEric Biggers  *	   argument conflicts with one already specified; or -ENOMEM.
775ed318a6cSEric Biggers  */
fscrypt_parse_test_dummy_encryption(const struct fs_parameter * param,struct fscrypt_dummy_policy * dummy_policy)776218d921bSEric Biggers int fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
777ac4acb1fSEric Biggers 				struct fscrypt_dummy_policy *dummy_policy)
778ed318a6cSEric Biggers {
779218d921bSEric Biggers 	const char *arg = "v2";
780218d921bSEric Biggers 	union fscrypt_policy *policy;
781ed318a6cSEric Biggers 	int err;
782ed318a6cSEric Biggers 
783218d921bSEric Biggers 	if (param->type == fs_value_is_string && *param->string)
784218d921bSEric Biggers 		arg = param->string;
785ed318a6cSEric Biggers 
786ac4acb1fSEric Biggers 	policy = kzalloc(sizeof(*policy), GFP_KERNEL);
787218d921bSEric Biggers 	if (!policy)
788218d921bSEric Biggers 		return -ENOMEM;
789ed318a6cSEric Biggers 
790218d921bSEric Biggers 	if (!strcmp(arg, "v1")) {
791218d921bSEric Biggers 		policy->version = FSCRYPT_POLICY_V1;
792ac4acb1fSEric Biggers 		policy->v1.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;
793ac4acb1fSEric Biggers 		policy->v1.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;
794218d921bSEric Biggers 		memset(policy->v1.master_key_descriptor, 0x42,
795ed318a6cSEric Biggers 		       FSCRYPT_KEY_DESCRIPTOR_SIZE);
796218d921bSEric Biggers 	} else if (!strcmp(arg, "v2")) {
797218d921bSEric Biggers 		policy->version = FSCRYPT_POLICY_V2;
798ac4acb1fSEric Biggers 		policy->v2.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;
799ac4acb1fSEric Biggers 		policy->v2.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;
800218d921bSEric Biggers 		err = fscrypt_get_test_dummy_key_identifier(
801218d921bSEric Biggers 				policy->v2.master_key_identifier);
802218d921bSEric Biggers 		if (err)
803218d921bSEric Biggers 			goto out;
804218d921bSEric Biggers 	} else {
805ed318a6cSEric Biggers 		err = -EINVAL;
806ed318a6cSEric Biggers 		goto out;
807ed318a6cSEric Biggers 	}
808ac4acb1fSEric Biggers 
809ac4acb1fSEric Biggers 	if (dummy_policy->policy) {
810ac4acb1fSEric Biggers 		if (fscrypt_policies_equal(policy, dummy_policy->policy))
811ac4acb1fSEric Biggers 			err = 0;
812ac4acb1fSEric Biggers 		else
813ac4acb1fSEric Biggers 			err = -EEXIST;
814ac4acb1fSEric Biggers 		goto out;
815ac4acb1fSEric Biggers 	}
816ac4acb1fSEric Biggers 	dummy_policy->policy = policy;
817ac4acb1fSEric Biggers 	policy = NULL;
818ed318a6cSEric Biggers 	err = 0;
819ed318a6cSEric Biggers out:
820ac4acb1fSEric Biggers 	kfree(policy);
821ed318a6cSEric Biggers 	return err;
822ed318a6cSEric Biggers }
823218d921bSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_parse_test_dummy_encryption);
824218d921bSEric Biggers 
825218d921bSEric Biggers /**
826218d921bSEric Biggers  * fscrypt_dummy_policies_equal() - check whether two dummy policies are equal
827218d921bSEric Biggers  * @p1: the first test dummy policy (may be unset)
828218d921bSEric Biggers  * @p2: the second test dummy policy (may be unset)
829218d921bSEric Biggers  *
830218d921bSEric Biggers  * Return: %true if the dummy policies are both set and equal, or both unset.
831218d921bSEric Biggers  */
fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy * p1,const struct fscrypt_dummy_policy * p2)832218d921bSEric Biggers bool fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
833218d921bSEric Biggers 				  const struct fscrypt_dummy_policy *p2)
834218d921bSEric Biggers {
835218d921bSEric Biggers 	if (!p1->policy && !p2->policy)
836218d921bSEric Biggers 		return true;
837218d921bSEric Biggers 	if (!p1->policy || !p2->policy)
838218d921bSEric Biggers 		return false;
839218d921bSEric Biggers 	return fscrypt_policies_equal(p1->policy, p2->policy);
840218d921bSEric Biggers }
841218d921bSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_dummy_policies_equal);
842218d921bSEric Biggers 
843ed318a6cSEric Biggers /**
844ed318a6cSEric Biggers  * fscrypt_show_test_dummy_encryption() - show '-o test_dummy_encryption'
845ed318a6cSEric Biggers  * @seq: the seq_file to print the option to
846ed318a6cSEric Biggers  * @sep: the separator character to use
847ed318a6cSEric Biggers  * @sb: the filesystem whose options are being shown
848ed318a6cSEric Biggers  *
849ed318a6cSEric Biggers  * Show the test_dummy_encryption mount option, if it was specified.
850ed318a6cSEric Biggers  * This is mainly used for /proc/mounts.
851ed318a6cSEric Biggers  */
fscrypt_show_test_dummy_encryption(struct seq_file * seq,char sep,struct super_block * sb)852ed318a6cSEric Biggers void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep,
853ed318a6cSEric Biggers 					struct super_block *sb)
854ed318a6cSEric Biggers {
855ac4acb1fSEric Biggers 	const union fscrypt_policy *policy = fscrypt_get_dummy_policy(sb);
856ac4acb1fSEric Biggers 	int vers;
857ed318a6cSEric Biggers 
858ac4acb1fSEric Biggers 	if (!policy)
859ed318a6cSEric Biggers 		return;
860ac4acb1fSEric Biggers 
861ac4acb1fSEric Biggers 	vers = policy->version;
862ac4acb1fSEric Biggers 	if (vers == FSCRYPT_POLICY_V1) /* Handle numbering quirk */
863ac4acb1fSEric Biggers 		vers = 1;
864ac4acb1fSEric Biggers 
865ac4acb1fSEric Biggers 	seq_printf(seq, "%ctest_dummy_encryption=v%d", sep, vers);
866ed318a6cSEric Biggers }
867ed318a6cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_show_test_dummy_encryption);
868