1b2441318SGreg Kroah-Hartman // SPDX-License-Identifier: GPL-2.0
20b81d077SJaegeuk Kim /*
30b81d077SJaegeuk Kim * Encryption policy functions for per-file encryption support.
40b81d077SJaegeuk Kim *
50b81d077SJaegeuk Kim * Copyright (C) 2015, Google, Inc.
60b81d077SJaegeuk Kim * Copyright (C) 2015, Motorola Mobility.
70b81d077SJaegeuk Kim *
85dae460cSEric Biggers * Originally written by Michael Halcrow, 2015.
90b81d077SJaegeuk Kim * Modified by Jaegeuk Kim, 2015.
105dae460cSEric Biggers * Modified by Eric Biggers, 2019 for v2 policy support.
110b81d077SJaegeuk Kim */
120b81d077SJaegeuk Kim
13218d921bSEric Biggers #include <linux/fs_context.h>
140b81d077SJaegeuk Kim #include <linux/random.h>
15ed318a6cSEric Biggers #include <linux/seq_file.h>
160b81d077SJaegeuk Kim #include <linux/string.h>
17ba63f23dSEric Biggers #include <linux/mount.h>
18cc4e0df0STheodore Ts'o #include "fscrypt_private.h"
190b81d077SJaegeuk Kim
205dae460cSEric Biggers /**
21d2fe9754SEric Biggers * fscrypt_policies_equal() - check whether two encryption policies are the same
22d2fe9754SEric Biggers * @policy1: the first policy
23d2fe9754SEric Biggers * @policy2: the second policy
245dae460cSEric Biggers *
255dae460cSEric Biggers * Return: %true if equal, else %false
260b81d077SJaegeuk Kim */
fscrypt_policies_equal(const union fscrypt_policy * policy1,const union fscrypt_policy * policy2)275dae460cSEric Biggers bool fscrypt_policies_equal(const union fscrypt_policy *policy1,
285dae460cSEric Biggers const union fscrypt_policy *policy2)
290b81d077SJaegeuk Kim {
305dae460cSEric Biggers if (policy1->version != policy2->version)
315dae460cSEric Biggers return false;
325dae460cSEric Biggers
335dae460cSEric Biggers return !memcmp(policy1, policy2, fscrypt_policy_size(policy1));
340b81d077SJaegeuk Kim }
350b81d077SJaegeuk Kim
fscrypt_policy_to_key_spec(const union fscrypt_policy * policy,struct fscrypt_key_specifier * key_spec)36bfb9700bSEric Biggers int fscrypt_policy_to_key_spec(const union fscrypt_policy *policy,
37bfb9700bSEric Biggers struct fscrypt_key_specifier *key_spec)
38bfb9700bSEric Biggers {
39bfb9700bSEric Biggers switch (policy->version) {
40bfb9700bSEric Biggers case FSCRYPT_POLICY_V1:
41bfb9700bSEric Biggers key_spec->type = FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR;
42bfb9700bSEric Biggers memcpy(key_spec->u.descriptor, policy->v1.master_key_descriptor,
43bfb9700bSEric Biggers FSCRYPT_KEY_DESCRIPTOR_SIZE);
44bfb9700bSEric Biggers return 0;
45bfb9700bSEric Biggers case FSCRYPT_POLICY_V2:
46bfb9700bSEric Biggers key_spec->type = FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER;
47bfb9700bSEric Biggers memcpy(key_spec->u.identifier, policy->v2.master_key_identifier,
48bfb9700bSEric Biggers FSCRYPT_KEY_IDENTIFIER_SIZE);
49bfb9700bSEric Biggers return 0;
50bfb9700bSEric Biggers default:
51*41b2ad80SEric Biggers WARN_ON_ONCE(1);
52bfb9700bSEric Biggers return -EINVAL;
53bfb9700bSEric Biggers }
54bfb9700bSEric Biggers }
55bfb9700bSEric Biggers
fscrypt_get_dummy_policy(struct super_block * sb)5660e463f0SEric Biggers const union fscrypt_policy *fscrypt_get_dummy_policy(struct super_block *sb)
57ac4acb1fSEric Biggers {
58ac4acb1fSEric Biggers if (!sb->s_cop->get_dummy_policy)
59ac4acb1fSEric Biggers return NULL;
60ac4acb1fSEric Biggers return sb->s_cop->get_dummy_policy(sb);
61ac4acb1fSEric Biggers }
62ac4acb1fSEric Biggers
63aa997990SEric Biggers /*
64aa997990SEric Biggers * Return %true if the given combination of encryption modes is supported for v1
65aa997990SEric Biggers * (and later) encryption policies.
66aa997990SEric Biggers *
67aa997990SEric Biggers * Do *not* add anything new here, since v1 encryption policies are deprecated.
68aa997990SEric Biggers * New combinations of modes should go in fscrypt_valid_enc_modes_v2() only.
69aa997990SEric Biggers */
fscrypt_valid_enc_modes_v1(u32 contents_mode,u32 filenames_mode)706b2a51ffSNathan Huckleberry static bool fscrypt_valid_enc_modes_v1(u32 contents_mode, u32 filenames_mode)
71ef5b18b0SEric Biggers {
72ef5b18b0SEric Biggers if (contents_mode == FSCRYPT_MODE_AES_256_XTS &&
73ef5b18b0SEric Biggers filenames_mode == FSCRYPT_MODE_AES_256_CTS)
74ef5b18b0SEric Biggers return true;
75ef5b18b0SEric Biggers
76ef5b18b0SEric Biggers if (contents_mode == FSCRYPT_MODE_AES_128_CBC &&
77ef5b18b0SEric Biggers filenames_mode == FSCRYPT_MODE_AES_128_CTS)
78ef5b18b0SEric Biggers return true;
79ef5b18b0SEric Biggers
80ef5b18b0SEric Biggers if (contents_mode == FSCRYPT_MODE_ADIANTUM &&
81ef5b18b0SEric Biggers filenames_mode == FSCRYPT_MODE_ADIANTUM)
82ef5b18b0SEric Biggers return true;
83ef5b18b0SEric Biggers
84ef5b18b0SEric Biggers return false;
85ef5b18b0SEric Biggers }
86ef5b18b0SEric Biggers
fscrypt_valid_enc_modes_v2(u32 contents_mode,u32 filenames_mode)876b2a51ffSNathan Huckleberry static bool fscrypt_valid_enc_modes_v2(u32 contents_mode, u32 filenames_mode)
886b2a51ffSNathan Huckleberry {
896b2a51ffSNathan Huckleberry if (contents_mode == FSCRYPT_MODE_AES_256_XTS &&
906b2a51ffSNathan Huckleberry filenames_mode == FSCRYPT_MODE_AES_256_HCTR2)
916b2a51ffSNathan Huckleberry return true;
92e0cefadaSTianjia Zhang
93e0cefadaSTianjia Zhang if (contents_mode == FSCRYPT_MODE_SM4_XTS &&
94e0cefadaSTianjia Zhang filenames_mode == FSCRYPT_MODE_SM4_CTS)
95e0cefadaSTianjia Zhang return true;
96e0cefadaSTianjia Zhang
976b2a51ffSNathan Huckleberry return fscrypt_valid_enc_modes_v1(contents_mode, filenames_mode);
986b2a51ffSNathan Huckleberry }
996b2a51ffSNathan Huckleberry
supported_direct_key_modes(const struct inode * inode,u32 contents_mode,u32 filenames_mode)10085af90e5SEric Biggers static bool supported_direct_key_modes(const struct inode *inode,
10185af90e5SEric Biggers u32 contents_mode, u32 filenames_mode)
10285af90e5SEric Biggers {
10385af90e5SEric Biggers const struct fscrypt_mode *mode;
10485af90e5SEric Biggers
10585af90e5SEric Biggers if (contents_mode != filenames_mode) {
10685af90e5SEric Biggers fscrypt_warn(inode,
10785af90e5SEric Biggers "Direct key flag not allowed with different contents and filenames modes");
10885af90e5SEric Biggers return false;
10985af90e5SEric Biggers }
11085af90e5SEric Biggers mode = &fscrypt_modes[contents_mode];
11185af90e5SEric Biggers
11285af90e5SEric Biggers if (mode->ivsize < offsetofend(union fscrypt_iv, nonce)) {
11385af90e5SEric Biggers fscrypt_warn(inode, "Direct key flag not allowed with %s",
11485af90e5SEric Biggers mode->friendly_name);
11585af90e5SEric Biggers return false;
11685af90e5SEric Biggers }
11785af90e5SEric Biggers return true;
11885af90e5SEric Biggers }
11985af90e5SEric Biggers
supported_iv_ino_lblk_policy(const struct fscrypt_policy_v2 * policy,const struct inode * inode,const char * type,int max_ino_bits,int max_lblk_bits)120e3b1078bSEric Biggers static bool supported_iv_ino_lblk_policy(const struct fscrypt_policy_v2 *policy,
121e3b1078bSEric Biggers const struct inode *inode,
122e3b1078bSEric Biggers const char *type,
123e3b1078bSEric Biggers int max_ino_bits, int max_lblk_bits)
124b103fb76SEric Biggers {
125b103fb76SEric Biggers struct super_block *sb = inode->i_sb;
126b103fb76SEric Biggers int ino_bits = 64, lblk_bits = 64;
127b103fb76SEric Biggers
128b103fb76SEric Biggers /*
129f000223cSEric Biggers * IV_INO_LBLK_* exist only because of hardware limitations, and
130f000223cSEric Biggers * currently the only known use case for them involves AES-256-XTS.
131f000223cSEric Biggers * That's also all we test currently. For these reasons, for now only
132f000223cSEric Biggers * allow AES-256-XTS here. This can be relaxed later if a use case for
133f000223cSEric Biggers * IV_INO_LBLK_* with other encryption modes arises.
134f000223cSEric Biggers */
135f000223cSEric Biggers if (policy->contents_encryption_mode != FSCRYPT_MODE_AES_256_XTS) {
136f000223cSEric Biggers fscrypt_warn(inode,
137f000223cSEric Biggers "Can't use %s policy with contents mode other than AES-256-XTS",
138f000223cSEric Biggers type);
139f000223cSEric Biggers return false;
140f000223cSEric Biggers }
141f000223cSEric Biggers
142f000223cSEric Biggers /*
143b103fb76SEric Biggers * It's unsafe to include inode numbers in the IVs if the filesystem can
144b103fb76SEric Biggers * potentially renumber inodes, e.g. via filesystem shrinking.
145b103fb76SEric Biggers */
146b103fb76SEric Biggers if (!sb->s_cop->has_stable_inodes ||
147b103fb76SEric Biggers !sb->s_cop->has_stable_inodes(sb)) {
148b103fb76SEric Biggers fscrypt_warn(inode,
149e3b1078bSEric Biggers "Can't use %s policy on filesystem '%s' because it doesn't have stable inode numbers",
150e3b1078bSEric Biggers type, sb->s_id);
151b103fb76SEric Biggers return false;
152b103fb76SEric Biggers }
153b103fb76SEric Biggers if (sb->s_cop->get_ino_and_lblk_bits)
154b103fb76SEric Biggers sb->s_cop->get_ino_and_lblk_bits(sb, &ino_bits, &lblk_bits);
155e3b1078bSEric Biggers if (ino_bits > max_ino_bits) {
156b103fb76SEric Biggers fscrypt_warn(inode,
157e3b1078bSEric Biggers "Can't use %s policy on filesystem '%s' because its inode numbers are too long",
158e3b1078bSEric Biggers type, sb->s_id);
159e3b1078bSEric Biggers return false;
160e3b1078bSEric Biggers }
161e3b1078bSEric Biggers if (lblk_bits > max_lblk_bits) {
162e3b1078bSEric Biggers fscrypt_warn(inode,
163e3b1078bSEric Biggers "Can't use %s policy on filesystem '%s' because its block numbers are too long",
164e3b1078bSEric Biggers type, sb->s_id);
165b103fb76SEric Biggers return false;
166b103fb76SEric Biggers }
167b103fb76SEric Biggers return true;
168b103fb76SEric Biggers }
169b103fb76SEric Biggers
fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 * policy,const struct inode * inode)170393a24a7SEric Biggers static bool fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 *policy,
1715dae460cSEric Biggers const struct inode *inode)
1720b81d077SJaegeuk Kim {
1736b2a51ffSNathan Huckleberry if (!fscrypt_valid_enc_modes_v1(policy->contents_encryption_mode,
1745dae460cSEric Biggers policy->filenames_encryption_mode)) {
1755dae460cSEric Biggers fscrypt_warn(inode,
1765dae460cSEric Biggers "Unsupported encryption modes (contents %d, filenames %d)",
1775dae460cSEric Biggers policy->contents_encryption_mode,
1785dae460cSEric Biggers policy->filenames_encryption_mode);
1795dae460cSEric Biggers return false;
1805dae460cSEric Biggers }
1815dae460cSEric Biggers
182b103fb76SEric Biggers if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |
183b103fb76SEric Biggers FSCRYPT_POLICY_FLAG_DIRECT_KEY)) {
184393a24a7SEric Biggers fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)",
1855dae460cSEric Biggers policy->flags);
1865dae460cSEric Biggers return false;
1875dae460cSEric Biggers }
1885dae460cSEric Biggers
18985af90e5SEric Biggers if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&
19085af90e5SEric Biggers !supported_direct_key_modes(inode, policy->contents_encryption_mode,
19185af90e5SEric Biggers policy->filenames_encryption_mode))
19285af90e5SEric Biggers return false;
19385af90e5SEric Biggers
1946e1918cfSDaniel Rosenberg if (IS_CASEFOLDED(inode)) {
1956e1918cfSDaniel Rosenberg /* With v1, there's no way to derive dirhash keys. */
1966e1918cfSDaniel Rosenberg fscrypt_warn(inode,
1976e1918cfSDaniel Rosenberg "v1 policies can't be used on casefolded directories");
1986e1918cfSDaniel Rosenberg return false;
1996e1918cfSDaniel Rosenberg }
2006e1918cfSDaniel Rosenberg
2015dae460cSEric Biggers return true;
2025dae460cSEric Biggers }
2035dae460cSEric Biggers
fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 * policy,const struct inode * inode)204393a24a7SEric Biggers static bool fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 *policy,
205393a24a7SEric Biggers const struct inode *inode)
206393a24a7SEric Biggers {
207e3b1078bSEric Biggers int count = 0;
208e3b1078bSEric Biggers
2096b2a51ffSNathan Huckleberry if (!fscrypt_valid_enc_modes_v2(policy->contents_encryption_mode,
2105dae460cSEric Biggers policy->filenames_encryption_mode)) {
2115dae460cSEric Biggers fscrypt_warn(inode,
2125dae460cSEric Biggers "Unsupported encryption modes (contents %d, filenames %d)",
2135dae460cSEric Biggers policy->contents_encryption_mode,
2145dae460cSEric Biggers policy->filenames_encryption_mode);
2155dae460cSEric Biggers return false;
2165dae460cSEric Biggers }
2175dae460cSEric Biggers
2183ceb6543SEric Biggers if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |
2193ceb6543SEric Biggers FSCRYPT_POLICY_FLAG_DIRECT_KEY |
2203ceb6543SEric Biggers FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 |
2213ceb6543SEric Biggers FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)) {
222393a24a7SEric Biggers fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)",
2235dae460cSEric Biggers policy->flags);
2245dae460cSEric Biggers return false;
2255dae460cSEric Biggers }
2265dae460cSEric Biggers
227e3b1078bSEric Biggers count += !!(policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY);
228e3b1078bSEric Biggers count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64);
229e3b1078bSEric Biggers count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32);
230e3b1078bSEric Biggers if (count > 1) {
231e3b1078bSEric Biggers fscrypt_warn(inode, "Mutually exclusive encryption flags (0x%02x)",
232e3b1078bSEric Biggers policy->flags);
233e3b1078bSEric Biggers return false;
234e3b1078bSEric Biggers }
235e3b1078bSEric Biggers
23685af90e5SEric Biggers if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&
23785af90e5SEric Biggers !supported_direct_key_modes(inode, policy->contents_encryption_mode,
23885af90e5SEric Biggers policy->filenames_encryption_mode))
23985af90e5SEric Biggers return false;
24085af90e5SEric Biggers
241b103fb76SEric Biggers if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) &&
242e3b1078bSEric Biggers !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_64",
243e3b1078bSEric Biggers 32, 32))
244e3b1078bSEric Biggers return false;
245e3b1078bSEric Biggers
2465e895bd4SEric Biggers /*
2475e895bd4SEric Biggers * IV_INO_LBLK_32 hashes the inode number, so in principle it can
2485e895bd4SEric Biggers * support any ino_bits. However, currently the inode number is gotten
2495e895bd4SEric Biggers * from inode::i_ino which is 'unsigned long'. So for now the
2505e895bd4SEric Biggers * implementation limit is 32 bits.
2515e895bd4SEric Biggers */
252e3b1078bSEric Biggers if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) &&
253e3b1078bSEric Biggers !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_32",
2545e895bd4SEric Biggers 32, 32))
255b103fb76SEric Biggers return false;
256b103fb76SEric Biggers
257393a24a7SEric Biggers if (memchr_inv(policy->__reserved, 0, sizeof(policy->__reserved))) {
258393a24a7SEric Biggers fscrypt_warn(inode, "Reserved bits set in encryption policy");
2595dae460cSEric Biggers return false;
2605dae460cSEric Biggers }
2615dae460cSEric Biggers
2625dae460cSEric Biggers return true;
2635dae460cSEric Biggers }
264393a24a7SEric Biggers
265393a24a7SEric Biggers /**
266d2fe9754SEric Biggers * fscrypt_supported_policy() - check whether an encryption policy is supported
267d2fe9754SEric Biggers * @policy_u: the encryption policy
268d2fe9754SEric Biggers * @inode: the inode on which the policy will be used
269393a24a7SEric Biggers *
270393a24a7SEric Biggers * Given an encryption policy, check whether all its encryption modes and other
271393a24a7SEric Biggers * settings are supported by this kernel on the given inode. (But we don't
272393a24a7SEric Biggers * currently don't check for crypto API support here, so attempting to use an
273393a24a7SEric Biggers * algorithm not configured into the crypto API will still fail later.)
274393a24a7SEric Biggers *
275393a24a7SEric Biggers * Return: %true if supported, else %false
276393a24a7SEric Biggers */
fscrypt_supported_policy(const union fscrypt_policy * policy_u,const struct inode * inode)277393a24a7SEric Biggers bool fscrypt_supported_policy(const union fscrypt_policy *policy_u,
278393a24a7SEric Biggers const struct inode *inode)
279393a24a7SEric Biggers {
280393a24a7SEric Biggers switch (policy_u->version) {
281393a24a7SEric Biggers case FSCRYPT_POLICY_V1:
282393a24a7SEric Biggers return fscrypt_supported_v1_policy(&policy_u->v1, inode);
283393a24a7SEric Biggers case FSCRYPT_POLICY_V2:
284393a24a7SEric Biggers return fscrypt_supported_v2_policy(&policy_u->v2, inode);
2855dae460cSEric Biggers }
2865dae460cSEric Biggers return false;
2875dae460cSEric Biggers }
2885dae460cSEric Biggers
2895dae460cSEric Biggers /**
290a992b20cSEric Biggers * fscrypt_new_context() - create a new fscrypt_context
291d2fe9754SEric Biggers * @ctx_u: output context
292d2fe9754SEric Biggers * @policy_u: input policy
293a992b20cSEric Biggers * @nonce: nonce to use
2945dae460cSEric Biggers *
2955dae460cSEric Biggers * Create an fscrypt_context for an inode that is being assigned the given
296a992b20cSEric Biggers * encryption policy. @nonce must be a new random nonce.
2975dae460cSEric Biggers *
2985dae460cSEric Biggers * Return: the size of the new context in bytes.
2995dae460cSEric Biggers */
fscrypt_new_context(union fscrypt_context * ctx_u,const union fscrypt_policy * policy_u,const u8 nonce[FSCRYPT_FILE_NONCE_SIZE])300a992b20cSEric Biggers static int fscrypt_new_context(union fscrypt_context *ctx_u,
301a992b20cSEric Biggers const union fscrypt_policy *policy_u,
302a992b20cSEric Biggers const u8 nonce[FSCRYPT_FILE_NONCE_SIZE])
3035dae460cSEric Biggers {
3045dae460cSEric Biggers memset(ctx_u, 0, sizeof(*ctx_u));
3055dae460cSEric Biggers
3065dae460cSEric Biggers switch (policy_u->version) {
3075dae460cSEric Biggers case FSCRYPT_POLICY_V1: {
3085dae460cSEric Biggers const struct fscrypt_policy_v1 *policy = &policy_u->v1;
3095dae460cSEric Biggers struct fscrypt_context_v1 *ctx = &ctx_u->v1;
3105dae460cSEric Biggers
3115dae460cSEric Biggers ctx->version = FSCRYPT_CONTEXT_V1;
3125dae460cSEric Biggers ctx->contents_encryption_mode =
3135dae460cSEric Biggers policy->contents_encryption_mode;
3145dae460cSEric Biggers ctx->filenames_encryption_mode =
3155dae460cSEric Biggers policy->filenames_encryption_mode;
3165dae460cSEric Biggers ctx->flags = policy->flags;
3175dae460cSEric Biggers memcpy(ctx->master_key_descriptor,
3185dae460cSEric Biggers policy->master_key_descriptor,
3195dae460cSEric Biggers sizeof(ctx->master_key_descriptor));
320a992b20cSEric Biggers memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE);
3215dae460cSEric Biggers return sizeof(*ctx);
3225dae460cSEric Biggers }
3235dae460cSEric Biggers case FSCRYPT_POLICY_V2: {
3245dae460cSEric Biggers const struct fscrypt_policy_v2 *policy = &policy_u->v2;
3255dae460cSEric Biggers struct fscrypt_context_v2 *ctx = &ctx_u->v2;
3265dae460cSEric Biggers
3275dae460cSEric Biggers ctx->version = FSCRYPT_CONTEXT_V2;
3285dae460cSEric Biggers ctx->contents_encryption_mode =
3295dae460cSEric Biggers policy->contents_encryption_mode;
3305dae460cSEric Biggers ctx->filenames_encryption_mode =
3315dae460cSEric Biggers policy->filenames_encryption_mode;
3325dae460cSEric Biggers ctx->flags = policy->flags;
3335dae460cSEric Biggers memcpy(ctx->master_key_identifier,
3345dae460cSEric Biggers policy->master_key_identifier,
3355dae460cSEric Biggers sizeof(ctx->master_key_identifier));
336a992b20cSEric Biggers memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE);
3375dae460cSEric Biggers return sizeof(*ctx);
3385dae460cSEric Biggers }
3395dae460cSEric Biggers }
3405dae460cSEric Biggers BUG();
3415dae460cSEric Biggers }
3425dae460cSEric Biggers
3435dae460cSEric Biggers /**
344d2fe9754SEric Biggers * fscrypt_policy_from_context() - convert an fscrypt_context to
345d2fe9754SEric Biggers * an fscrypt_policy
346d2fe9754SEric Biggers * @policy_u: output policy
347d2fe9754SEric Biggers * @ctx_u: input context
348d2fe9754SEric Biggers * @ctx_size: size of input context in bytes
3495dae460cSEric Biggers *
3505dae460cSEric Biggers * Given an fscrypt_context, build the corresponding fscrypt_policy.
3515dae460cSEric Biggers *
3525dae460cSEric Biggers * Return: 0 on success, or -EINVAL if the fscrypt_context has an unrecognized
3535dae460cSEric Biggers * version number or size.
3545dae460cSEric Biggers *
3555dae460cSEric Biggers * This does *not* validate the settings within the policy itself, e.g. the
3565dae460cSEric Biggers * modes, flags, and reserved bits. Use fscrypt_supported_policy() for that.
3575dae460cSEric Biggers */
fscrypt_policy_from_context(union fscrypt_policy * policy_u,const union fscrypt_context * ctx_u,int ctx_size)3585dae460cSEric Biggers int fscrypt_policy_from_context(union fscrypt_policy *policy_u,
3595dae460cSEric Biggers const union fscrypt_context *ctx_u,
3605dae460cSEric Biggers int ctx_size)
3615dae460cSEric Biggers {
3625dae460cSEric Biggers memset(policy_u, 0, sizeof(*policy_u));
3635dae460cSEric Biggers
364e98ad464SEric Biggers if (!fscrypt_context_is_valid(ctx_u, ctx_size))
3650b81d077SJaegeuk Kim return -EINVAL;
3660b81d077SJaegeuk Kim
3675dae460cSEric Biggers switch (ctx_u->version) {
3685dae460cSEric Biggers case FSCRYPT_CONTEXT_V1: {
3695dae460cSEric Biggers const struct fscrypt_context_v1 *ctx = &ctx_u->v1;
3705dae460cSEric Biggers struct fscrypt_policy_v1 *policy = &policy_u->v1;
3715dae460cSEric Biggers
3725dae460cSEric Biggers policy->version = FSCRYPT_POLICY_V1;
3735dae460cSEric Biggers policy->contents_encryption_mode =
3745dae460cSEric Biggers ctx->contents_encryption_mode;
3755dae460cSEric Biggers policy->filenames_encryption_mode =
3765dae460cSEric Biggers ctx->filenames_encryption_mode;
3775dae460cSEric Biggers policy->flags = ctx->flags;
3785dae460cSEric Biggers memcpy(policy->master_key_descriptor,
3795dae460cSEric Biggers ctx->master_key_descriptor,
3805dae460cSEric Biggers sizeof(policy->master_key_descriptor));
3815dae460cSEric Biggers return 0;
3825dae460cSEric Biggers }
3835dae460cSEric Biggers case FSCRYPT_CONTEXT_V2: {
3845dae460cSEric Biggers const struct fscrypt_context_v2 *ctx = &ctx_u->v2;
3855dae460cSEric Biggers struct fscrypt_policy_v2 *policy = &policy_u->v2;
3865dae460cSEric Biggers
3875dae460cSEric Biggers policy->version = FSCRYPT_POLICY_V2;
3885dae460cSEric Biggers policy->contents_encryption_mode =
3895dae460cSEric Biggers ctx->contents_encryption_mode;
3905dae460cSEric Biggers policy->filenames_encryption_mode =
3915dae460cSEric Biggers ctx->filenames_encryption_mode;
3925dae460cSEric Biggers policy->flags = ctx->flags;
3935dae460cSEric Biggers memcpy(policy->__reserved, ctx->__reserved,
3945dae460cSEric Biggers sizeof(policy->__reserved));
3955dae460cSEric Biggers memcpy(policy->master_key_identifier,
3965dae460cSEric Biggers ctx->master_key_identifier,
3975dae460cSEric Biggers sizeof(policy->master_key_identifier));
3985dae460cSEric Biggers return 0;
3995dae460cSEric Biggers }
4005dae460cSEric Biggers }
4015dae460cSEric Biggers /* unreachable */
4025dae460cSEric Biggers return -EINVAL;
4035dae460cSEric Biggers }
4045dae460cSEric Biggers
4055dae460cSEric Biggers /* Retrieve an inode's encryption policy */
fscrypt_get_policy(struct inode * inode,union fscrypt_policy * policy)4065dae460cSEric Biggers static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy)
4075dae460cSEric Biggers {
4085dae460cSEric Biggers const struct fscrypt_info *ci;
4095dae460cSEric Biggers union fscrypt_context ctx;
4105dae460cSEric Biggers int ret;
4115dae460cSEric Biggers
412ab673b98SEric Biggers ci = fscrypt_get_info(inode);
4135dae460cSEric Biggers if (ci) {
4145dae460cSEric Biggers /* key available, use the cached policy */
4155dae460cSEric Biggers *policy = ci->ci_policy;
4165dae460cSEric Biggers return 0;
4175dae460cSEric Biggers }
4185dae460cSEric Biggers
4195dae460cSEric Biggers if (!IS_ENCRYPTED(inode))
4205dae460cSEric Biggers return -ENODATA;
4215dae460cSEric Biggers
4225dae460cSEric Biggers ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
4235dae460cSEric Biggers if (ret < 0)
4245dae460cSEric Biggers return (ret == -ERANGE) ? -EINVAL : ret;
4255dae460cSEric Biggers
4265dae460cSEric Biggers return fscrypt_policy_from_context(policy, &ctx, ret);
4275dae460cSEric Biggers }
4285dae460cSEric Biggers
set_encryption_policy(struct inode * inode,const union fscrypt_policy * policy)4295dae460cSEric Biggers static int set_encryption_policy(struct inode *inode,
4305dae460cSEric Biggers const union fscrypt_policy *policy)
4315dae460cSEric Biggers {
432a992b20cSEric Biggers u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
4335dae460cSEric Biggers union fscrypt_context ctx;
4345dae460cSEric Biggers int ctxsize;
4355ab7189aSEric Biggers int err;
4365dae460cSEric Biggers
4375dae460cSEric Biggers if (!fscrypt_supported_policy(policy, inode))
4380b81d077SJaegeuk Kim return -EINVAL;
4390b81d077SJaegeuk Kim
4405ab7189aSEric Biggers switch (policy->version) {
4415ab7189aSEric Biggers case FSCRYPT_POLICY_V1:
4425dae460cSEric Biggers /*
4435dae460cSEric Biggers * The original encryption policy version provided no way of
4445dae460cSEric Biggers * verifying that the correct master key was supplied, which was
4455dae460cSEric Biggers * insecure in scenarios where multiple users have access to the
4465dae460cSEric Biggers * same encrypted files (even just read-only access). The new
4475dae460cSEric Biggers * encryption policy version fixes this and also implies use of
4485dae460cSEric Biggers * an improved key derivation function and allows non-root users
4495dae460cSEric Biggers * to securely remove keys. So as long as compatibility with
4505dae460cSEric Biggers * old kernels isn't required, it is recommended to use the new
4515dae460cSEric Biggers * policy version for all new encrypted directories.
4525dae460cSEric Biggers */
4535dae460cSEric Biggers pr_warn_once("%s (pid %d) is setting deprecated v1 encryption policy; recommend upgrading to v2.\n",
4545dae460cSEric Biggers current->comm, current->pid);
4555ab7189aSEric Biggers break;
4565ab7189aSEric Biggers case FSCRYPT_POLICY_V2:
4575ab7189aSEric Biggers err = fscrypt_verify_key_added(inode->i_sb,
4585ab7189aSEric Biggers policy->v2.master_key_identifier);
4595ab7189aSEric Biggers if (err)
4605ab7189aSEric Biggers return err;
461e3b1078bSEric Biggers if (policy->v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)
462e3b1078bSEric Biggers pr_warn_once("%s (pid %d) is setting an IV_INO_LBLK_32 encryption policy. This should only be used if there are certain hardware limitations.\n",
463e3b1078bSEric Biggers current->comm, current->pid);
4645ab7189aSEric Biggers break;
4655ab7189aSEric Biggers default:
466*41b2ad80SEric Biggers WARN_ON_ONCE(1);
4675ab7189aSEric Biggers return -EINVAL;
4685dae460cSEric Biggers }
4690b81d077SJaegeuk Kim
470a992b20cSEric Biggers get_random_bytes(nonce, FSCRYPT_FILE_NONCE_SIZE);
471a992b20cSEric Biggers ctxsize = fscrypt_new_context(&ctx, policy, nonce);
4725dae460cSEric Biggers
4735dae460cSEric Biggers return inode->i_sb->s_cop->set_context(inode, &ctx, ctxsize, NULL);
4740b81d077SJaegeuk Kim }
4750b81d077SJaegeuk Kim
fscrypt_ioctl_set_policy(struct file * filp,const void __user * arg)476db717d8eSEric Biggers int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg)
4770b81d077SJaegeuk Kim {
4785dae460cSEric Biggers union fscrypt_policy policy;
4795dae460cSEric Biggers union fscrypt_policy existing_policy;
480ba63f23dSEric Biggers struct inode *inode = file_inode(filp);
4815dae460cSEric Biggers u8 version;
4825dae460cSEric Biggers int size;
483ba63f23dSEric Biggers int ret;
484ba63f23dSEric Biggers
4855dae460cSEric Biggers if (get_user(policy.version, (const u8 __user *)arg))
486db717d8eSEric Biggers return -EFAULT;
487db717d8eSEric Biggers
4885dae460cSEric Biggers size = fscrypt_policy_size(&policy);
4895dae460cSEric Biggers if (size <= 0)
4905dae460cSEric Biggers return -EINVAL;
4915dae460cSEric Biggers
4925dae460cSEric Biggers /*
4935dae460cSEric Biggers * We should just copy the remaining 'size - 1' bytes here, but a
4945dae460cSEric Biggers * bizarre bug in gcc 7 and earlier (fixed by gcc r255731) causes gcc to
4955dae460cSEric Biggers * think that size can be 0 here (despite the check above!) *and* that
4965dae460cSEric Biggers * it's a compile-time constant. Thus it would think copy_from_user()
4975dae460cSEric Biggers * is passed compile-time constant ULONG_MAX, causing the compile-time
4985dae460cSEric Biggers * buffer overflow check to fail, breaking the build. This only occurred
4995dae460cSEric Biggers * when building an i386 kernel with -Os and branch profiling enabled.
5005dae460cSEric Biggers *
5015dae460cSEric Biggers * Work around it by just copying the first byte again...
5025dae460cSEric Biggers */
5035dae460cSEric Biggers version = policy.version;
5045dae460cSEric Biggers if (copy_from_user(&policy, arg, size))
5055dae460cSEric Biggers return -EFAULT;
5065dae460cSEric Biggers policy.version = version;
5075dae460cSEric Biggers
50801beba79SChristian Brauner if (!inode_owner_or_capable(&nop_mnt_idmap, inode))
509163ae1c6SEric Biggers return -EACCES;
510163ae1c6SEric Biggers
511ba63f23dSEric Biggers ret = mnt_want_write_file(filp);
512ba63f23dSEric Biggers if (ret)
513ba63f23dSEric Biggers return ret;
514ba63f23dSEric Biggers
5158906a822SEric Biggers inode_lock(inode);
5168906a822SEric Biggers
5175dae460cSEric Biggers ret = fscrypt_get_policy(inode, &existing_policy);
518efee590eSEric Biggers if (ret == -ENODATA) {
519002ced4bSEric Biggers if (!S_ISDIR(inode->i_mode))
520dffd0cfaSEric Biggers ret = -ENOTDIR;
5215858bdadSHongjie Fang else if (IS_DEADDIR(inode))
5225858bdadSHongjie Fang ret = -ENOENT;
523ba63f23dSEric Biggers else if (!inode->i_sb->s_cop->empty_dir(inode))
524ba63f23dSEric Biggers ret = -ENOTEMPTY;
525ba63f23dSEric Biggers else
5265dae460cSEric Biggers ret = set_encryption_policy(inode, &policy);
5275dae460cSEric Biggers } else if (ret == -EINVAL ||
5285dae460cSEric Biggers (ret == 0 && !fscrypt_policies_equal(&policy,
5295dae460cSEric Biggers &existing_policy))) {
530efee590eSEric Biggers /* The file already uses a different encryption policy. */
5318488cd96SEric Biggers ret = -EEXIST;
5320b81d077SJaegeuk Kim }
5330b81d077SJaegeuk Kim
5348906a822SEric Biggers inode_unlock(inode);
5358906a822SEric Biggers
536ba63f23dSEric Biggers mnt_drop_write_file(filp);
537ba63f23dSEric Biggers return ret;
5380b81d077SJaegeuk Kim }
539db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_set_policy);
5400b81d077SJaegeuk Kim
5415dae460cSEric Biggers /* Original ioctl version; can only get the original policy version */
fscrypt_ioctl_get_policy(struct file * filp,void __user * arg)542db717d8eSEric Biggers int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
5430b81d077SJaegeuk Kim {
5445dae460cSEric Biggers union fscrypt_policy policy;
5455dae460cSEric Biggers int err;
5460b81d077SJaegeuk Kim
5475dae460cSEric Biggers err = fscrypt_get_policy(file_inode(filp), &policy);
5485dae460cSEric Biggers if (err)
5495dae460cSEric Biggers return err;
5500b81d077SJaegeuk Kim
5515dae460cSEric Biggers if (policy.version != FSCRYPT_POLICY_V1)
5520b81d077SJaegeuk Kim return -EINVAL;
5530b81d077SJaegeuk Kim
5545dae460cSEric Biggers if (copy_to_user(arg, &policy, sizeof(policy.v1)))
555db717d8eSEric Biggers return -EFAULT;
5560b81d077SJaegeuk Kim return 0;
5570b81d077SJaegeuk Kim }
558db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_get_policy);
5590b81d077SJaegeuk Kim
5605dae460cSEric Biggers /* Extended ioctl version; can get policies of any version */
fscrypt_ioctl_get_policy_ex(struct file * filp,void __user * uarg)5615dae460cSEric Biggers int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *uarg)
5625dae460cSEric Biggers {
5635dae460cSEric Biggers struct fscrypt_get_policy_ex_arg arg;
5645dae460cSEric Biggers union fscrypt_policy *policy = (union fscrypt_policy *)&arg.policy;
5655dae460cSEric Biggers size_t policy_size;
5665dae460cSEric Biggers int err;
5675dae460cSEric Biggers
5685dae460cSEric Biggers /* arg is policy_size, then policy */
5695dae460cSEric Biggers BUILD_BUG_ON(offsetof(typeof(arg), policy_size) != 0);
5705dae460cSEric Biggers BUILD_BUG_ON(offsetofend(typeof(arg), policy_size) !=
5715dae460cSEric Biggers offsetof(typeof(arg), policy));
5725dae460cSEric Biggers BUILD_BUG_ON(sizeof(arg.policy) != sizeof(*policy));
5735dae460cSEric Biggers
5745dae460cSEric Biggers err = fscrypt_get_policy(file_inode(filp), policy);
5755dae460cSEric Biggers if (err)
5765dae460cSEric Biggers return err;
5775dae460cSEric Biggers policy_size = fscrypt_policy_size(policy);
5785dae460cSEric Biggers
5795dae460cSEric Biggers if (copy_from_user(&arg, uarg, sizeof(arg.policy_size)))
5805dae460cSEric Biggers return -EFAULT;
5815dae460cSEric Biggers
5825dae460cSEric Biggers if (policy_size > arg.policy_size)
5835dae460cSEric Biggers return -EOVERFLOW;
5845dae460cSEric Biggers arg.policy_size = policy_size;
5855dae460cSEric Biggers
5865dae460cSEric Biggers if (copy_to_user(uarg, &arg, sizeof(arg.policy_size) + policy_size))
5875dae460cSEric Biggers return -EFAULT;
5885dae460cSEric Biggers return 0;
5895dae460cSEric Biggers }
5905dae460cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_policy_ex);
5915dae460cSEric Biggers
592e98ad464SEric Biggers /* FS_IOC_GET_ENCRYPTION_NONCE: retrieve file's encryption nonce for testing */
fscrypt_ioctl_get_nonce(struct file * filp,void __user * arg)593e98ad464SEric Biggers int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
594e98ad464SEric Biggers {
595e98ad464SEric Biggers struct inode *inode = file_inode(filp);
596e98ad464SEric Biggers union fscrypt_context ctx;
597e98ad464SEric Biggers int ret;
598e98ad464SEric Biggers
599e98ad464SEric Biggers ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
600e98ad464SEric Biggers if (ret < 0)
601e98ad464SEric Biggers return ret;
602e98ad464SEric Biggers if (!fscrypt_context_is_valid(&ctx, ret))
603e98ad464SEric Biggers return -EINVAL;
604e98ad464SEric Biggers if (copy_to_user(arg, fscrypt_context_nonce(&ctx),
6051d6217a4SEric Biggers FSCRYPT_FILE_NONCE_SIZE))
606e98ad464SEric Biggers return -EFAULT;
607e98ad464SEric Biggers return 0;
608e98ad464SEric Biggers }
609e98ad464SEric Biggers EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_nonce);
610e98ad464SEric Biggers
611272f98f6SEric Biggers /**
612272f98f6SEric Biggers * fscrypt_has_permitted_context() - is a file's encryption policy permitted
613272f98f6SEric Biggers * within its directory?
614272f98f6SEric Biggers *
615272f98f6SEric Biggers * @parent: inode for parent directory
616272f98f6SEric Biggers * @child: inode for file being looked up, opened, or linked into @parent
617272f98f6SEric Biggers *
618272f98f6SEric Biggers * Filesystems must call this before permitting access to an inode in a
619272f98f6SEric Biggers * situation where the parent directory is encrypted (either before allowing
620272f98f6SEric Biggers * ->lookup() to succeed, or for a regular file before allowing it to be opened)
621272f98f6SEric Biggers * and before any operation that involves linking an inode into an encrypted
622272f98f6SEric Biggers * directory, including link, rename, and cross rename. It enforces the
623272f98f6SEric Biggers * constraint that within a given encrypted directory tree, all files use the
624272f98f6SEric Biggers * same encryption policy. The pre-access check is needed to detect potentially
625272f98f6SEric Biggers * malicious offline violations of this constraint, while the link and rename
626272f98f6SEric Biggers * checks are needed to prevent online violations of this constraint.
627272f98f6SEric Biggers *
628f5e55e77SEric Biggers * Return: 1 if permitted, 0 if forbidden.
629272f98f6SEric Biggers */
fscrypt_has_permitted_context(struct inode * parent,struct inode * child)6300b81d077SJaegeuk Kim int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
6310b81d077SJaegeuk Kim {
6325dae460cSEric Biggers union fscrypt_policy parent_policy, child_policy;
633a14d0b67SEric Biggers int err, err1, err2;
6340b81d077SJaegeuk Kim
63542d97eb0SEric Biggers /* No restrictions on file types which are never encrypted */
63642d97eb0SEric Biggers if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) &&
63742d97eb0SEric Biggers !S_ISLNK(child->i_mode))
63842d97eb0SEric Biggers return 1;
63942d97eb0SEric Biggers
640272f98f6SEric Biggers /* No restrictions if the parent directory is unencrypted */
641e0428a26SEric Biggers if (!IS_ENCRYPTED(parent))
6420b81d077SJaegeuk Kim return 1;
643272f98f6SEric Biggers
644272f98f6SEric Biggers /* Encrypted directories must not contain unencrypted files */
645e0428a26SEric Biggers if (!IS_ENCRYPTED(child))
6460b81d077SJaegeuk Kim return 0;
647272f98f6SEric Biggers
648272f98f6SEric Biggers /*
649272f98f6SEric Biggers * Both parent and child are encrypted, so verify they use the same
650272f98f6SEric Biggers * encryption policy. Compare the fscrypt_info structs if the keys are
651272f98f6SEric Biggers * available, otherwise retrieve and compare the fscrypt_contexts.
652272f98f6SEric Biggers *
653272f98f6SEric Biggers * Note that the fscrypt_context retrieval will be required frequently
654272f98f6SEric Biggers * when accessing an encrypted directory tree without the key.
655272f98f6SEric Biggers * Performance-wise this is not a big deal because we already don't
656272f98f6SEric Biggers * really optimize for file access without the key (to the extent that
657272f98f6SEric Biggers * such access is even possible), given that any attempted access
658272f98f6SEric Biggers * already causes a fscrypt_context retrieval and keyring search.
659272f98f6SEric Biggers *
660272f98f6SEric Biggers * In any case, if an unexpected error occurs, fall back to "forbidden".
661272f98f6SEric Biggers */
662272f98f6SEric Biggers
663a14d0b67SEric Biggers err = fscrypt_get_encryption_info(parent, true);
6645dae460cSEric Biggers if (err)
6650b81d077SJaegeuk Kim return 0;
666a14d0b67SEric Biggers err = fscrypt_get_encryption_info(child, true);
6675dae460cSEric Biggers if (err)
668272f98f6SEric Biggers return 0;
669272f98f6SEric Biggers
670a14d0b67SEric Biggers err1 = fscrypt_get_policy(parent, &parent_policy);
671a14d0b67SEric Biggers err2 = fscrypt_get_policy(child, &child_policy);
672272f98f6SEric Biggers
673a14d0b67SEric Biggers /*
674a14d0b67SEric Biggers * Allow the case where the parent and child both have an unrecognized
675a14d0b67SEric Biggers * encryption policy, so that files with an unrecognized encryption
676a14d0b67SEric Biggers * policy can be deleted.
677a14d0b67SEric Biggers */
678a14d0b67SEric Biggers if (err1 == -EINVAL && err2 == -EINVAL)
679a14d0b67SEric Biggers return 1;
680a14d0b67SEric Biggers
681a14d0b67SEric Biggers if (err1 || err2)
6825dae460cSEric Biggers return 0;
6835dae460cSEric Biggers
6845dae460cSEric Biggers return fscrypt_policies_equal(&parent_policy, &child_policy);
6850b81d077SJaegeuk Kim }
6860b81d077SJaegeuk Kim EXPORT_SYMBOL(fscrypt_has_permitted_context);
6870b81d077SJaegeuk Kim
688ac4acb1fSEric Biggers /*
689ac4acb1fSEric Biggers * Return the encryption policy that new files in the directory will inherit, or
690ac4acb1fSEric Biggers * NULL if none, or an ERR_PTR() on error. If the directory is encrypted, also
691ac4acb1fSEric Biggers * ensure that its key is set up, so that the new filename can be encrypted.
692ac4acb1fSEric Biggers */
fscrypt_policy_to_inherit(struct inode * dir)693ac4acb1fSEric Biggers const union fscrypt_policy *fscrypt_policy_to_inherit(struct inode *dir)
694ac4acb1fSEric Biggers {
695ac4acb1fSEric Biggers int err;
696ac4acb1fSEric Biggers
697ac4acb1fSEric Biggers if (IS_ENCRYPTED(dir)) {
698ac4acb1fSEric Biggers err = fscrypt_require_key(dir);
699ac4acb1fSEric Biggers if (err)
700ac4acb1fSEric Biggers return ERR_PTR(err);
701ac4acb1fSEric Biggers return &dir->i_crypt_info->ci_policy;
702ac4acb1fSEric Biggers }
703ac4acb1fSEric Biggers
704ac4acb1fSEric Biggers return fscrypt_get_dummy_policy(dir->i_sb);
705ac4acb1fSEric Biggers }
706ac4acb1fSEric Biggers
7070b81d077SJaegeuk Kim /**
708637fa738SJeff Layton * fscrypt_context_for_new_inode() - create an encryption context for a new inode
709637fa738SJeff Layton * @ctx: where context should be written
710637fa738SJeff Layton * @inode: inode from which to fetch policy and nonce
711637fa738SJeff Layton *
712637fa738SJeff Layton * Given an in-core "prepared" (via fscrypt_prepare_new_inode) inode,
713637fa738SJeff Layton * generate a new context and write it to ctx. ctx _must_ be at least
714637fa738SJeff Layton * FSCRYPT_SET_CONTEXT_MAX_SIZE bytes.
715637fa738SJeff Layton *
716637fa738SJeff Layton * Return: size of the resulting context or a negative error code.
717637fa738SJeff Layton */
fscrypt_context_for_new_inode(void * ctx,struct inode * inode)718637fa738SJeff Layton int fscrypt_context_for_new_inode(void *ctx, struct inode *inode)
719637fa738SJeff Layton {
720637fa738SJeff Layton struct fscrypt_info *ci = inode->i_crypt_info;
721637fa738SJeff Layton
722637fa738SJeff Layton BUILD_BUG_ON(sizeof(union fscrypt_context) !=
723637fa738SJeff Layton FSCRYPT_SET_CONTEXT_MAX_SIZE);
724637fa738SJeff Layton
725637fa738SJeff Layton /* fscrypt_prepare_new_inode() should have set up the key already. */
726637fa738SJeff Layton if (WARN_ON_ONCE(!ci))
727637fa738SJeff Layton return -ENOKEY;
728637fa738SJeff Layton
729637fa738SJeff Layton return fscrypt_new_context(ctx, &ci->ci_policy, ci->ci_nonce);
730637fa738SJeff Layton }
731637fa738SJeff Layton EXPORT_SYMBOL_GPL(fscrypt_context_for_new_inode);
732637fa738SJeff Layton
733637fa738SJeff Layton /**
734a992b20cSEric Biggers * fscrypt_set_context() - Set the fscrypt context of a new inode
735a992b20cSEric Biggers * @inode: a new inode
736a992b20cSEric Biggers * @fs_data: private data given by FS and passed to ->set_context()
737a992b20cSEric Biggers *
738a992b20cSEric Biggers * This should be called after fscrypt_prepare_new_inode(), generally during a
739a992b20cSEric Biggers * filesystem transaction. Everything here must be %GFP_NOFS-safe.
740a992b20cSEric Biggers *
741a992b20cSEric Biggers * Return: 0 on success, -errno on failure
742a992b20cSEric Biggers */
fscrypt_set_context(struct inode * inode,void * fs_data)743a992b20cSEric Biggers int fscrypt_set_context(struct inode *inode, void *fs_data)
744a992b20cSEric Biggers {
745a992b20cSEric Biggers struct fscrypt_info *ci = inode->i_crypt_info;
746a992b20cSEric Biggers union fscrypt_context ctx;
747a992b20cSEric Biggers int ctxsize;
748a992b20cSEric Biggers
749637fa738SJeff Layton ctxsize = fscrypt_context_for_new_inode(&ctx, inode);
750637fa738SJeff Layton if (ctxsize < 0)
751637fa738SJeff Layton return ctxsize;
752a992b20cSEric Biggers
753a992b20cSEric Biggers /*
754a992b20cSEric Biggers * This may be the first time the inode number is available, so do any
755a992b20cSEric Biggers * delayed key setup that requires the inode number.
756a992b20cSEric Biggers */
757a992b20cSEric Biggers if (ci->ci_policy.version == FSCRYPT_POLICY_V2 &&
758d7e7b9afSEric Biggers (ci->ci_policy.v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32))
759d7e7b9afSEric Biggers fscrypt_hash_inode_number(ci, ci->ci_master_key);
760a992b20cSEric Biggers
761a992b20cSEric Biggers return inode->i_sb->s_cop->set_context(inode, &ctx, ctxsize, fs_data);
762a992b20cSEric Biggers }
763a992b20cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_set_context);
764a992b20cSEric Biggers
765a992b20cSEric Biggers /**
766218d921bSEric Biggers * fscrypt_parse_test_dummy_encryption() - parse the test_dummy_encryption mount option
767218d921bSEric Biggers * @param: the mount option
768218d921bSEric Biggers * @dummy_policy: (input/output) the place to write the dummy policy that will
769218d921bSEric Biggers * result from parsing the option. Zero-initialize this. If a policy is
770218d921bSEric Biggers * already set here (due to test_dummy_encryption being given multiple
771218d921bSEric Biggers * times), then this function will verify that the policies are the same.
772ed318a6cSEric Biggers *
773218d921bSEric Biggers * Return: 0 on success; -EINVAL if the argument is invalid; -EEXIST if the
774218d921bSEric Biggers * argument conflicts with one already specified; or -ENOMEM.
775ed318a6cSEric Biggers */
fscrypt_parse_test_dummy_encryption(const struct fs_parameter * param,struct fscrypt_dummy_policy * dummy_policy)776218d921bSEric Biggers int fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
777ac4acb1fSEric Biggers struct fscrypt_dummy_policy *dummy_policy)
778ed318a6cSEric Biggers {
779218d921bSEric Biggers const char *arg = "v2";
780218d921bSEric Biggers union fscrypt_policy *policy;
781ed318a6cSEric Biggers int err;
782ed318a6cSEric Biggers
783218d921bSEric Biggers if (param->type == fs_value_is_string && *param->string)
784218d921bSEric Biggers arg = param->string;
785ed318a6cSEric Biggers
786ac4acb1fSEric Biggers policy = kzalloc(sizeof(*policy), GFP_KERNEL);
787218d921bSEric Biggers if (!policy)
788218d921bSEric Biggers return -ENOMEM;
789ed318a6cSEric Biggers
790218d921bSEric Biggers if (!strcmp(arg, "v1")) {
791218d921bSEric Biggers policy->version = FSCRYPT_POLICY_V1;
792ac4acb1fSEric Biggers policy->v1.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;
793ac4acb1fSEric Biggers policy->v1.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;
794218d921bSEric Biggers memset(policy->v1.master_key_descriptor, 0x42,
795ed318a6cSEric Biggers FSCRYPT_KEY_DESCRIPTOR_SIZE);
796218d921bSEric Biggers } else if (!strcmp(arg, "v2")) {
797218d921bSEric Biggers policy->version = FSCRYPT_POLICY_V2;
798ac4acb1fSEric Biggers policy->v2.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;
799ac4acb1fSEric Biggers policy->v2.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;
800218d921bSEric Biggers err = fscrypt_get_test_dummy_key_identifier(
801218d921bSEric Biggers policy->v2.master_key_identifier);
802218d921bSEric Biggers if (err)
803218d921bSEric Biggers goto out;
804218d921bSEric Biggers } else {
805ed318a6cSEric Biggers err = -EINVAL;
806ed318a6cSEric Biggers goto out;
807ed318a6cSEric Biggers }
808ac4acb1fSEric Biggers
809ac4acb1fSEric Biggers if (dummy_policy->policy) {
810ac4acb1fSEric Biggers if (fscrypt_policies_equal(policy, dummy_policy->policy))
811ac4acb1fSEric Biggers err = 0;
812ac4acb1fSEric Biggers else
813ac4acb1fSEric Biggers err = -EEXIST;
814ac4acb1fSEric Biggers goto out;
815ac4acb1fSEric Biggers }
816ac4acb1fSEric Biggers dummy_policy->policy = policy;
817ac4acb1fSEric Biggers policy = NULL;
818ed318a6cSEric Biggers err = 0;
819ed318a6cSEric Biggers out:
820ac4acb1fSEric Biggers kfree(policy);
821ed318a6cSEric Biggers return err;
822ed318a6cSEric Biggers }
823218d921bSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_parse_test_dummy_encryption);
824218d921bSEric Biggers
825218d921bSEric Biggers /**
826218d921bSEric Biggers * fscrypt_dummy_policies_equal() - check whether two dummy policies are equal
827218d921bSEric Biggers * @p1: the first test dummy policy (may be unset)
828218d921bSEric Biggers * @p2: the second test dummy policy (may be unset)
829218d921bSEric Biggers *
830218d921bSEric Biggers * Return: %true if the dummy policies are both set and equal, or both unset.
831218d921bSEric Biggers */
fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy * p1,const struct fscrypt_dummy_policy * p2)832218d921bSEric Biggers bool fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
833218d921bSEric Biggers const struct fscrypt_dummy_policy *p2)
834218d921bSEric Biggers {
835218d921bSEric Biggers if (!p1->policy && !p2->policy)
836218d921bSEric Biggers return true;
837218d921bSEric Biggers if (!p1->policy || !p2->policy)
838218d921bSEric Biggers return false;
839218d921bSEric Biggers return fscrypt_policies_equal(p1->policy, p2->policy);
840218d921bSEric Biggers }
841218d921bSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_dummy_policies_equal);
842218d921bSEric Biggers
843ed318a6cSEric Biggers /**
844ed318a6cSEric Biggers * fscrypt_show_test_dummy_encryption() - show '-o test_dummy_encryption'
845ed318a6cSEric Biggers * @seq: the seq_file to print the option to
846ed318a6cSEric Biggers * @sep: the separator character to use
847ed318a6cSEric Biggers * @sb: the filesystem whose options are being shown
848ed318a6cSEric Biggers *
849ed318a6cSEric Biggers * Show the test_dummy_encryption mount option, if it was specified.
850ed318a6cSEric Biggers * This is mainly used for /proc/mounts.
851ed318a6cSEric Biggers */
fscrypt_show_test_dummy_encryption(struct seq_file * seq,char sep,struct super_block * sb)852ed318a6cSEric Biggers void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep,
853ed318a6cSEric Biggers struct super_block *sb)
854ed318a6cSEric Biggers {
855ac4acb1fSEric Biggers const union fscrypt_policy *policy = fscrypt_get_dummy_policy(sb);
856ac4acb1fSEric Biggers int vers;
857ed318a6cSEric Biggers
858ac4acb1fSEric Biggers if (!policy)
859ed318a6cSEric Biggers return;
860ac4acb1fSEric Biggers
861ac4acb1fSEric Biggers vers = policy->version;
862ac4acb1fSEric Biggers if (vers == FSCRYPT_POLICY_V1) /* Handle numbering quirk */
863ac4acb1fSEric Biggers vers = 1;
864ac4acb1fSEric Biggers
865ac4acb1fSEric Biggers seq_printf(seq, "%ctest_dummy_encryption=v%d", sep, vers);
866ed318a6cSEric Biggers }
867ed318a6cSEric Biggers EXPORT_SYMBOL_GPL(fscrypt_show_test_dummy_encryption);
868