1 /* 2 * Encryption policy functions for per-file encryption support. 3 * 4 * Copyright (C) 2015, Google, Inc. 5 * Copyright (C) 2015, Motorola Mobility. 6 * 7 * Written by Michael Halcrow, 2015. 8 * Modified by Jaegeuk Kim, 2015. 9 */ 10 11 #include <linux/random.h> 12 #include <linux/string.h> 13 #include <linux/fscrypto.h> 14 15 static int inode_has_encryption_context(struct inode *inode) 16 { 17 if (!inode->i_sb->s_cop->get_context) 18 return 0; 19 return (inode->i_sb->s_cop->get_context(inode, NULL, 0L) > 0); 20 } 21 22 /* 23 * check whether the policy is consistent with the encryption context 24 * for the inode 25 */ 26 static int is_encryption_context_consistent_with_policy(struct inode *inode, 27 const struct fscrypt_policy *policy) 28 { 29 struct fscrypt_context ctx; 30 int res; 31 32 if (!inode->i_sb->s_cop->get_context) 33 return 0; 34 35 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 36 if (res != sizeof(ctx)) 37 return 0; 38 39 return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor, 40 FS_KEY_DESCRIPTOR_SIZE) == 0 && 41 (ctx.flags == policy->flags) && 42 (ctx.contents_encryption_mode == 43 policy->contents_encryption_mode) && 44 (ctx.filenames_encryption_mode == 45 policy->filenames_encryption_mode)); 46 } 47 48 static int create_encryption_context_from_policy(struct inode *inode, 49 const struct fscrypt_policy *policy) 50 { 51 struct fscrypt_context ctx; 52 int res; 53 54 if (!inode->i_sb->s_cop->set_context) 55 return -EOPNOTSUPP; 56 57 if (inode->i_sb->s_cop->prepare_context) { 58 res = inode->i_sb->s_cop->prepare_context(inode); 59 if (res) 60 return res; 61 } 62 63 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 64 memcpy(ctx.master_key_descriptor, policy->master_key_descriptor, 65 FS_KEY_DESCRIPTOR_SIZE); 66 67 if (!fscrypt_valid_contents_enc_mode( 68 policy->contents_encryption_mode)) { 69 printk(KERN_WARNING 70 "%s: Invalid contents encryption mode %d\n", __func__, 71 policy->contents_encryption_mode); 72 return -EINVAL; 73 } 74 75 if (!fscrypt_valid_filenames_enc_mode( 76 policy->filenames_encryption_mode)) { 77 printk(KERN_WARNING 78 "%s: Invalid filenames encryption mode %d\n", __func__, 79 policy->filenames_encryption_mode); 80 return -EINVAL; 81 } 82 83 if (policy->flags & ~FS_POLICY_FLAGS_VALID) 84 return -EINVAL; 85 86 ctx.contents_encryption_mode = policy->contents_encryption_mode; 87 ctx.filenames_encryption_mode = policy->filenames_encryption_mode; 88 ctx.flags = policy->flags; 89 BUILD_BUG_ON(sizeof(ctx.nonce) != FS_KEY_DERIVATION_NONCE_SIZE); 90 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 91 92 return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL); 93 } 94 95 int fscrypt_process_policy(struct inode *inode, 96 const struct fscrypt_policy *policy) 97 { 98 if (policy->version != 0) 99 return -EINVAL; 100 101 if (!inode_has_encryption_context(inode)) { 102 if (!inode->i_sb->s_cop->empty_dir) 103 return -EOPNOTSUPP; 104 if (!inode->i_sb->s_cop->empty_dir(inode)) 105 return -ENOTEMPTY; 106 return create_encryption_context_from_policy(inode, policy); 107 } 108 109 if (is_encryption_context_consistent_with_policy(inode, policy)) 110 return 0; 111 112 printk(KERN_WARNING "%s: Policy inconsistent with encryption context\n", 113 __func__); 114 return -EINVAL; 115 } 116 EXPORT_SYMBOL(fscrypt_process_policy); 117 118 int fscrypt_get_policy(struct inode *inode, struct fscrypt_policy *policy) 119 { 120 struct fscrypt_context ctx; 121 int res; 122 123 if (!inode->i_sb->s_cop->get_context || 124 !inode->i_sb->s_cop->is_encrypted(inode)) 125 return -ENODATA; 126 127 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 128 if (res != sizeof(ctx)) 129 return -ENODATA; 130 if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1) 131 return -EINVAL; 132 133 policy->version = 0; 134 policy->contents_encryption_mode = ctx.contents_encryption_mode; 135 policy->filenames_encryption_mode = ctx.filenames_encryption_mode; 136 policy->flags = ctx.flags; 137 memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor, 138 FS_KEY_DESCRIPTOR_SIZE); 139 return 0; 140 } 141 EXPORT_SYMBOL(fscrypt_get_policy); 142 143 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) 144 { 145 struct fscrypt_info *parent_ci, *child_ci; 146 int res; 147 148 if ((parent == NULL) || (child == NULL)) { 149 printk(KERN_ERR "parent %p child %p\n", parent, child); 150 BUG_ON(1); 151 } 152 153 /* no restrictions if the parent directory is not encrypted */ 154 if (!parent->i_sb->s_cop->is_encrypted(parent)) 155 return 1; 156 /* if the child directory is not encrypted, this is always a problem */ 157 if (!parent->i_sb->s_cop->is_encrypted(child)) 158 return 0; 159 res = fscrypt_get_encryption_info(parent); 160 if (res) 161 return 0; 162 res = fscrypt_get_encryption_info(child); 163 if (res) 164 return 0; 165 parent_ci = parent->i_crypt_info; 166 child_ci = child->i_crypt_info; 167 if (!parent_ci && !child_ci) 168 return 1; 169 if (!parent_ci || !child_ci) 170 return 0; 171 172 return (memcmp(parent_ci->ci_master_key, 173 child_ci->ci_master_key, 174 FS_KEY_DESCRIPTOR_SIZE) == 0 && 175 (parent_ci->ci_data_mode == child_ci->ci_data_mode) && 176 (parent_ci->ci_filename_mode == child_ci->ci_filename_mode) && 177 (parent_ci->ci_flags == child_ci->ci_flags)); 178 } 179 EXPORT_SYMBOL(fscrypt_has_permitted_context); 180 181 /** 182 * fscrypt_inherit_context() - Sets a child context from its parent 183 * @parent: Parent inode from which the context is inherited. 184 * @child: Child inode that inherits the context from @parent. 185 * @fs_data: private data given by FS. 186 * @preload: preload child i_crypt_info 187 * 188 * Return: Zero on success, non-zero otherwise 189 */ 190 int fscrypt_inherit_context(struct inode *parent, struct inode *child, 191 void *fs_data, bool preload) 192 { 193 struct fscrypt_context ctx; 194 struct fscrypt_info *ci; 195 int res; 196 197 if (!parent->i_sb->s_cop->set_context) 198 return -EOPNOTSUPP; 199 200 res = fscrypt_get_encryption_info(parent); 201 if (res < 0) 202 return res; 203 204 ci = parent->i_crypt_info; 205 if (ci == NULL) 206 return -ENOKEY; 207 208 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 209 if (fscrypt_dummy_context_enabled(parent)) { 210 ctx.contents_encryption_mode = FS_ENCRYPTION_MODE_AES_256_XTS; 211 ctx.filenames_encryption_mode = FS_ENCRYPTION_MODE_AES_256_CTS; 212 ctx.flags = 0; 213 memset(ctx.master_key_descriptor, 0x42, FS_KEY_DESCRIPTOR_SIZE); 214 res = 0; 215 } else { 216 ctx.contents_encryption_mode = ci->ci_data_mode; 217 ctx.filenames_encryption_mode = ci->ci_filename_mode; 218 ctx.flags = ci->ci_flags; 219 memcpy(ctx.master_key_descriptor, ci->ci_master_key, 220 FS_KEY_DESCRIPTOR_SIZE); 221 } 222 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 223 res = parent->i_sb->s_cop->set_context(child, &ctx, 224 sizeof(ctx), fs_data); 225 if (res) 226 return res; 227 return preload ? fscrypt_get_encryption_info(child): 0; 228 } 229 EXPORT_SYMBOL(fscrypt_inherit_context); 230