10b81d077SJaegeuk Kim /* 20b81d077SJaegeuk Kim * Encryption policy functions for per-file encryption support. 30b81d077SJaegeuk Kim * 40b81d077SJaegeuk Kim * Copyright (C) 2015, Google, Inc. 50b81d077SJaegeuk Kim * Copyright (C) 2015, Motorola Mobility. 60b81d077SJaegeuk Kim * 70b81d077SJaegeuk Kim * Written by Michael Halcrow, 2015. 80b81d077SJaegeuk Kim * Modified by Jaegeuk Kim, 2015. 90b81d077SJaegeuk Kim */ 100b81d077SJaegeuk Kim 110b81d077SJaegeuk Kim #include <linux/random.h> 120b81d077SJaegeuk Kim #include <linux/string.h> 13ba63f23dSEric Biggers #include <linux/mount.h> 14cc4e0df0STheodore Ts'o #include "fscrypt_private.h" 150b81d077SJaegeuk Kim 160b81d077SJaegeuk Kim /* 17efee590eSEric Biggers * check whether an encryption policy is consistent with an encryption context 180b81d077SJaegeuk Kim */ 19efee590eSEric Biggers static bool is_encryption_context_consistent_with_policy( 20efee590eSEric Biggers const struct fscrypt_context *ctx, 210b81d077SJaegeuk Kim const struct fscrypt_policy *policy) 220b81d077SJaegeuk Kim { 23efee590eSEric Biggers return memcmp(ctx->master_key_descriptor, policy->master_key_descriptor, 240b81d077SJaegeuk Kim FS_KEY_DESCRIPTOR_SIZE) == 0 && 25efee590eSEric Biggers (ctx->flags == policy->flags) && 26efee590eSEric Biggers (ctx->contents_encryption_mode == 270b81d077SJaegeuk Kim policy->contents_encryption_mode) && 28efee590eSEric Biggers (ctx->filenames_encryption_mode == 29efee590eSEric Biggers policy->filenames_encryption_mode); 300b81d077SJaegeuk Kim } 310b81d077SJaegeuk Kim 320b81d077SJaegeuk Kim static int create_encryption_context_from_policy(struct inode *inode, 330b81d077SJaegeuk Kim const struct fscrypt_policy *policy) 340b81d077SJaegeuk Kim { 350b81d077SJaegeuk Kim struct fscrypt_context ctx; 360b81d077SJaegeuk Kim 370b81d077SJaegeuk Kim ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 380b81d077SJaegeuk Kim memcpy(ctx.master_key_descriptor, policy->master_key_descriptor, 390b81d077SJaegeuk Kim FS_KEY_DESCRIPTOR_SIZE); 400b81d077SJaegeuk Kim 41b7e7cf7aSDaniel Walter if (!fscrypt_valid_enc_modes(policy->contents_encryption_mode, 42868e1bc6SEric Biggers policy->filenames_encryption_mode)) 430b81d077SJaegeuk Kim return -EINVAL; 440b81d077SJaegeuk Kim 450b81d077SJaegeuk Kim if (policy->flags & ~FS_POLICY_FLAGS_VALID) 460b81d077SJaegeuk Kim return -EINVAL; 470b81d077SJaegeuk Kim 480b81d077SJaegeuk Kim ctx.contents_encryption_mode = policy->contents_encryption_mode; 490b81d077SJaegeuk Kim ctx.filenames_encryption_mode = policy->filenames_encryption_mode; 500b81d077SJaegeuk Kim ctx.flags = policy->flags; 510b81d077SJaegeuk Kim BUILD_BUG_ON(sizeof(ctx.nonce) != FS_KEY_DERIVATION_NONCE_SIZE); 520b81d077SJaegeuk Kim get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 530b81d077SJaegeuk Kim 540b81d077SJaegeuk Kim return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL); 550b81d077SJaegeuk Kim } 560b81d077SJaegeuk Kim 57db717d8eSEric Biggers int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) 580b81d077SJaegeuk Kim { 59db717d8eSEric Biggers struct fscrypt_policy policy; 60ba63f23dSEric Biggers struct inode *inode = file_inode(filp); 61ba63f23dSEric Biggers int ret; 62efee590eSEric Biggers struct fscrypt_context ctx; 63ba63f23dSEric Biggers 64db717d8eSEric Biggers if (copy_from_user(&policy, arg, sizeof(policy))) 65db717d8eSEric Biggers return -EFAULT; 66db717d8eSEric Biggers 67163ae1c6SEric Biggers if (!inode_owner_or_capable(inode)) 68163ae1c6SEric Biggers return -EACCES; 69163ae1c6SEric Biggers 70db717d8eSEric Biggers if (policy.version != 0) 710b81d077SJaegeuk Kim return -EINVAL; 720b81d077SJaegeuk Kim 73ba63f23dSEric Biggers ret = mnt_want_write_file(filp); 74ba63f23dSEric Biggers if (ret) 75ba63f23dSEric Biggers return ret; 76ba63f23dSEric Biggers 778906a822SEric Biggers inode_lock(inode); 788906a822SEric Biggers 79efee590eSEric Biggers ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 80efee590eSEric Biggers if (ret == -ENODATA) { 81002ced4bSEric Biggers if (!S_ISDIR(inode->i_mode)) 82dffd0cfaSEric Biggers ret = -ENOTDIR; 83ba63f23dSEric Biggers else if (!inode->i_sb->s_cop->empty_dir(inode)) 84ba63f23dSEric Biggers ret = -ENOTEMPTY; 85ba63f23dSEric Biggers else 86ba63f23dSEric Biggers ret = create_encryption_context_from_policy(inode, 87db717d8eSEric Biggers &policy); 88efee590eSEric Biggers } else if (ret == sizeof(ctx) && 89efee590eSEric Biggers is_encryption_context_consistent_with_policy(&ctx, 90db717d8eSEric Biggers &policy)) { 91efee590eSEric Biggers /* The file already uses the same encryption policy. */ 92efee590eSEric Biggers ret = 0; 93efee590eSEric Biggers } else if (ret >= 0 || ret == -ERANGE) { 94efee590eSEric Biggers /* The file already uses a different encryption policy. */ 958488cd96SEric Biggers ret = -EEXIST; 960b81d077SJaegeuk Kim } 970b81d077SJaegeuk Kim 988906a822SEric Biggers inode_unlock(inode); 998906a822SEric Biggers 100ba63f23dSEric Biggers mnt_drop_write_file(filp); 101ba63f23dSEric Biggers return ret; 1020b81d077SJaegeuk Kim } 103db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_set_policy); 1040b81d077SJaegeuk Kim 105db717d8eSEric Biggers int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg) 1060b81d077SJaegeuk Kim { 107db717d8eSEric Biggers struct inode *inode = file_inode(filp); 1080b81d077SJaegeuk Kim struct fscrypt_context ctx; 109db717d8eSEric Biggers struct fscrypt_policy policy; 1100b81d077SJaegeuk Kim int res; 1110b81d077SJaegeuk Kim 112cd39e4baSEric Biggers if (!inode->i_sb->s_cop->is_encrypted(inode)) 1130b81d077SJaegeuk Kim return -ENODATA; 1140b81d077SJaegeuk Kim 1150b81d077SJaegeuk Kim res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 116efee590eSEric Biggers if (res < 0 && res != -ERANGE) 117efee590eSEric Biggers return res; 1180b81d077SJaegeuk Kim if (res != sizeof(ctx)) 119efee590eSEric Biggers return -EINVAL; 1200b81d077SJaegeuk Kim if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1) 1210b81d077SJaegeuk Kim return -EINVAL; 1220b81d077SJaegeuk Kim 123db717d8eSEric Biggers policy.version = 0; 124db717d8eSEric Biggers policy.contents_encryption_mode = ctx.contents_encryption_mode; 125db717d8eSEric Biggers policy.filenames_encryption_mode = ctx.filenames_encryption_mode; 126db717d8eSEric Biggers policy.flags = ctx.flags; 127db717d8eSEric Biggers memcpy(policy.master_key_descriptor, ctx.master_key_descriptor, 1280b81d077SJaegeuk Kim FS_KEY_DESCRIPTOR_SIZE); 129db717d8eSEric Biggers 130db717d8eSEric Biggers if (copy_to_user(arg, &policy, sizeof(policy))) 131db717d8eSEric Biggers return -EFAULT; 1320b81d077SJaegeuk Kim return 0; 1330b81d077SJaegeuk Kim } 134db717d8eSEric Biggers EXPORT_SYMBOL(fscrypt_ioctl_get_policy); 1350b81d077SJaegeuk Kim 136272f98f6SEric Biggers /** 137272f98f6SEric Biggers * fscrypt_has_permitted_context() - is a file's encryption policy permitted 138272f98f6SEric Biggers * within its directory? 139272f98f6SEric Biggers * 140272f98f6SEric Biggers * @parent: inode for parent directory 141272f98f6SEric Biggers * @child: inode for file being looked up, opened, or linked into @parent 142272f98f6SEric Biggers * 143272f98f6SEric Biggers * Filesystems must call this before permitting access to an inode in a 144272f98f6SEric Biggers * situation where the parent directory is encrypted (either before allowing 145272f98f6SEric Biggers * ->lookup() to succeed, or for a regular file before allowing it to be opened) 146272f98f6SEric Biggers * and before any operation that involves linking an inode into an encrypted 147272f98f6SEric Biggers * directory, including link, rename, and cross rename. It enforces the 148272f98f6SEric Biggers * constraint that within a given encrypted directory tree, all files use the 149272f98f6SEric Biggers * same encryption policy. The pre-access check is needed to detect potentially 150272f98f6SEric Biggers * malicious offline violations of this constraint, while the link and rename 151272f98f6SEric Biggers * checks are needed to prevent online violations of this constraint. 152272f98f6SEric Biggers * 153272f98f6SEric Biggers * Return: 1 if permitted, 0 if forbidden. If forbidden, the caller must fail 154272f98f6SEric Biggers * the filesystem operation with EPERM. 155272f98f6SEric Biggers */ 1560b81d077SJaegeuk Kim int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) 1570b81d077SJaegeuk Kim { 158272f98f6SEric Biggers const struct fscrypt_operations *cops = parent->i_sb->s_cop; 159272f98f6SEric Biggers const struct fscrypt_info *parent_ci, *child_ci; 160272f98f6SEric Biggers struct fscrypt_context parent_ctx, child_ctx; 1610b81d077SJaegeuk Kim int res; 1620b81d077SJaegeuk Kim 16342d97eb0SEric Biggers /* No restrictions on file types which are never encrypted */ 16442d97eb0SEric Biggers if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && 16542d97eb0SEric Biggers !S_ISLNK(child->i_mode)) 16642d97eb0SEric Biggers return 1; 16742d97eb0SEric Biggers 168272f98f6SEric Biggers /* No restrictions if the parent directory is unencrypted */ 169272f98f6SEric Biggers if (!cops->is_encrypted(parent)) 1700b81d077SJaegeuk Kim return 1; 171272f98f6SEric Biggers 172272f98f6SEric Biggers /* Encrypted directories must not contain unencrypted files */ 173272f98f6SEric Biggers if (!cops->is_encrypted(child)) 1740b81d077SJaegeuk Kim return 0; 175272f98f6SEric Biggers 176272f98f6SEric Biggers /* 177272f98f6SEric Biggers * Both parent and child are encrypted, so verify they use the same 178272f98f6SEric Biggers * encryption policy. Compare the fscrypt_info structs if the keys are 179272f98f6SEric Biggers * available, otherwise retrieve and compare the fscrypt_contexts. 180272f98f6SEric Biggers * 181272f98f6SEric Biggers * Note that the fscrypt_context retrieval will be required frequently 182272f98f6SEric Biggers * when accessing an encrypted directory tree without the key. 183272f98f6SEric Biggers * Performance-wise this is not a big deal because we already don't 184272f98f6SEric Biggers * really optimize for file access without the key (to the extent that 185272f98f6SEric Biggers * such access is even possible), given that any attempted access 186272f98f6SEric Biggers * already causes a fscrypt_context retrieval and keyring search. 187272f98f6SEric Biggers * 188272f98f6SEric Biggers * In any case, if an unexpected error occurs, fall back to "forbidden". 189272f98f6SEric Biggers */ 190272f98f6SEric Biggers 1910b81d077SJaegeuk Kim res = fscrypt_get_encryption_info(parent); 1920b81d077SJaegeuk Kim if (res) 1930b81d077SJaegeuk Kim return 0; 1940b81d077SJaegeuk Kim res = fscrypt_get_encryption_info(child); 1950b81d077SJaegeuk Kim if (res) 1960b81d077SJaegeuk Kim return 0; 1970b81d077SJaegeuk Kim parent_ci = parent->i_crypt_info; 1980b81d077SJaegeuk Kim child_ci = child->i_crypt_info; 1990b81d077SJaegeuk Kim 200272f98f6SEric Biggers if (parent_ci && child_ci) { 201272f98f6SEric Biggers return memcmp(parent_ci->ci_master_key, child_ci->ci_master_key, 2020b81d077SJaegeuk Kim FS_KEY_DESCRIPTOR_SIZE) == 0 && 2030b81d077SJaegeuk Kim (parent_ci->ci_data_mode == child_ci->ci_data_mode) && 204272f98f6SEric Biggers (parent_ci->ci_filename_mode == 205272f98f6SEric Biggers child_ci->ci_filename_mode) && 206272f98f6SEric Biggers (parent_ci->ci_flags == child_ci->ci_flags); 207272f98f6SEric Biggers } 208272f98f6SEric Biggers 209272f98f6SEric Biggers res = cops->get_context(parent, &parent_ctx, sizeof(parent_ctx)); 210272f98f6SEric Biggers if (res != sizeof(parent_ctx)) 211272f98f6SEric Biggers return 0; 212272f98f6SEric Biggers 213272f98f6SEric Biggers res = cops->get_context(child, &child_ctx, sizeof(child_ctx)); 214272f98f6SEric Biggers if (res != sizeof(child_ctx)) 215272f98f6SEric Biggers return 0; 216272f98f6SEric Biggers 217272f98f6SEric Biggers return memcmp(parent_ctx.master_key_descriptor, 218272f98f6SEric Biggers child_ctx.master_key_descriptor, 219272f98f6SEric Biggers FS_KEY_DESCRIPTOR_SIZE) == 0 && 220272f98f6SEric Biggers (parent_ctx.contents_encryption_mode == 221272f98f6SEric Biggers child_ctx.contents_encryption_mode) && 222272f98f6SEric Biggers (parent_ctx.filenames_encryption_mode == 223272f98f6SEric Biggers child_ctx.filenames_encryption_mode) && 224272f98f6SEric Biggers (parent_ctx.flags == child_ctx.flags); 2250b81d077SJaegeuk Kim } 2260b81d077SJaegeuk Kim EXPORT_SYMBOL(fscrypt_has_permitted_context); 2270b81d077SJaegeuk Kim 2280b81d077SJaegeuk Kim /** 2290b81d077SJaegeuk Kim * fscrypt_inherit_context() - Sets a child context from its parent 2300b81d077SJaegeuk Kim * @parent: Parent inode from which the context is inherited. 2310b81d077SJaegeuk Kim * @child: Child inode that inherits the context from @parent. 2320b81d077SJaegeuk Kim * @fs_data: private data given by FS. 2335bbdcbbbSTheodore Ts'o * @preload: preload child i_crypt_info if true 2340b81d077SJaegeuk Kim * 2355bbdcbbbSTheodore Ts'o * Return: 0 on success, -errno on failure 2360b81d077SJaegeuk Kim */ 2370b81d077SJaegeuk Kim int fscrypt_inherit_context(struct inode *parent, struct inode *child, 2380b81d077SJaegeuk Kim void *fs_data, bool preload) 2390b81d077SJaegeuk Kim { 2400b81d077SJaegeuk Kim struct fscrypt_context ctx; 2410b81d077SJaegeuk Kim struct fscrypt_info *ci; 2420b81d077SJaegeuk Kim int res; 2430b81d077SJaegeuk Kim 2440b81d077SJaegeuk Kim res = fscrypt_get_encryption_info(parent); 2450b81d077SJaegeuk Kim if (res < 0) 2460b81d077SJaegeuk Kim return res; 2470b81d077SJaegeuk Kim 2480b81d077SJaegeuk Kim ci = parent->i_crypt_info; 2490b81d077SJaegeuk Kim if (ci == NULL) 2500b81d077SJaegeuk Kim return -ENOKEY; 2510b81d077SJaegeuk Kim 2520b81d077SJaegeuk Kim ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 2530b81d077SJaegeuk Kim ctx.contents_encryption_mode = ci->ci_data_mode; 2540b81d077SJaegeuk Kim ctx.filenames_encryption_mode = ci->ci_filename_mode; 2550b81d077SJaegeuk Kim ctx.flags = ci->ci_flags; 2560b81d077SJaegeuk Kim memcpy(ctx.master_key_descriptor, ci->ci_master_key, 2570b81d077SJaegeuk Kim FS_KEY_DESCRIPTOR_SIZE); 2580b81d077SJaegeuk Kim get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 2590b81d077SJaegeuk Kim res = parent->i_sb->s_cop->set_context(child, &ctx, 2600b81d077SJaegeuk Kim sizeof(ctx), fs_data); 2610b81d077SJaegeuk Kim if (res) 2620b81d077SJaegeuk Kim return res; 2630b81d077SJaegeuk Kim return preload ? fscrypt_get_encryption_info(child): 0; 2640b81d077SJaegeuk Kim } 2650b81d077SJaegeuk Kim EXPORT_SYMBOL(fscrypt_inherit_context); 266