1 /* 2 * Encryption policy functions for per-file encryption support. 3 * 4 * Copyright (C) 2015, Google, Inc. 5 * Copyright (C) 2015, Motorola Mobility. 6 * 7 * Written by Michael Halcrow, 2015. 8 * Modified by Jaegeuk Kim, 2015. 9 */ 10 11 #include <linux/random.h> 12 #include <linux/string.h> 13 #include <linux/mount.h> 14 #include "fscrypt_private.h" 15 16 /* 17 * check whether an encryption policy is consistent with an encryption context 18 */ 19 static bool is_encryption_context_consistent_with_policy( 20 const struct fscrypt_context *ctx, 21 const struct fscrypt_policy *policy) 22 { 23 return memcmp(ctx->master_key_descriptor, policy->master_key_descriptor, 24 FS_KEY_DESCRIPTOR_SIZE) == 0 && 25 (ctx->flags == policy->flags) && 26 (ctx->contents_encryption_mode == 27 policy->contents_encryption_mode) && 28 (ctx->filenames_encryption_mode == 29 policy->filenames_encryption_mode); 30 } 31 32 static int create_encryption_context_from_policy(struct inode *inode, 33 const struct fscrypt_policy *policy) 34 { 35 struct fscrypt_context ctx; 36 37 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 38 memcpy(ctx.master_key_descriptor, policy->master_key_descriptor, 39 FS_KEY_DESCRIPTOR_SIZE); 40 41 if (!fscrypt_valid_contents_enc_mode( 42 policy->contents_encryption_mode)) 43 return -EINVAL; 44 45 if (!fscrypt_valid_filenames_enc_mode( 46 policy->filenames_encryption_mode)) 47 return -EINVAL; 48 49 if (policy->flags & ~FS_POLICY_FLAGS_VALID) 50 return -EINVAL; 51 52 ctx.contents_encryption_mode = policy->contents_encryption_mode; 53 ctx.filenames_encryption_mode = policy->filenames_encryption_mode; 54 ctx.flags = policy->flags; 55 BUILD_BUG_ON(sizeof(ctx.nonce) != FS_KEY_DERIVATION_NONCE_SIZE); 56 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 57 58 return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL); 59 } 60 61 int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) 62 { 63 struct fscrypt_policy policy; 64 struct inode *inode = file_inode(filp); 65 int ret; 66 struct fscrypt_context ctx; 67 68 if (copy_from_user(&policy, arg, sizeof(policy))) 69 return -EFAULT; 70 71 if (!inode_owner_or_capable(inode)) 72 return -EACCES; 73 74 if (policy.version != 0) 75 return -EINVAL; 76 77 ret = mnt_want_write_file(filp); 78 if (ret) 79 return ret; 80 81 inode_lock(inode); 82 83 ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 84 if (ret == -ENODATA) { 85 if (!S_ISDIR(inode->i_mode)) 86 ret = -ENOTDIR; 87 else if (!inode->i_sb->s_cop->empty_dir(inode)) 88 ret = -ENOTEMPTY; 89 else 90 ret = create_encryption_context_from_policy(inode, 91 &policy); 92 } else if (ret == sizeof(ctx) && 93 is_encryption_context_consistent_with_policy(&ctx, 94 &policy)) { 95 /* The file already uses the same encryption policy. */ 96 ret = 0; 97 } else if (ret >= 0 || ret == -ERANGE) { 98 /* The file already uses a different encryption policy. */ 99 ret = -EEXIST; 100 } 101 102 inode_unlock(inode); 103 104 mnt_drop_write_file(filp); 105 return ret; 106 } 107 EXPORT_SYMBOL(fscrypt_ioctl_set_policy); 108 109 int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg) 110 { 111 struct inode *inode = file_inode(filp); 112 struct fscrypt_context ctx; 113 struct fscrypt_policy policy; 114 int res; 115 116 if (!inode->i_sb->s_cop->is_encrypted(inode)) 117 return -ENODATA; 118 119 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 120 if (res < 0 && res != -ERANGE) 121 return res; 122 if (res != sizeof(ctx)) 123 return -EINVAL; 124 if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1) 125 return -EINVAL; 126 127 policy.version = 0; 128 policy.contents_encryption_mode = ctx.contents_encryption_mode; 129 policy.filenames_encryption_mode = ctx.filenames_encryption_mode; 130 policy.flags = ctx.flags; 131 memcpy(policy.master_key_descriptor, ctx.master_key_descriptor, 132 FS_KEY_DESCRIPTOR_SIZE); 133 134 if (copy_to_user(arg, &policy, sizeof(policy))) 135 return -EFAULT; 136 return 0; 137 } 138 EXPORT_SYMBOL(fscrypt_ioctl_get_policy); 139 140 /** 141 * fscrypt_has_permitted_context() - is a file's encryption policy permitted 142 * within its directory? 143 * 144 * @parent: inode for parent directory 145 * @child: inode for file being looked up, opened, or linked into @parent 146 * 147 * Filesystems must call this before permitting access to an inode in a 148 * situation where the parent directory is encrypted (either before allowing 149 * ->lookup() to succeed, or for a regular file before allowing it to be opened) 150 * and before any operation that involves linking an inode into an encrypted 151 * directory, including link, rename, and cross rename. It enforces the 152 * constraint that within a given encrypted directory tree, all files use the 153 * same encryption policy. The pre-access check is needed to detect potentially 154 * malicious offline violations of this constraint, while the link and rename 155 * checks are needed to prevent online violations of this constraint. 156 * 157 * Return: 1 if permitted, 0 if forbidden. If forbidden, the caller must fail 158 * the filesystem operation with EPERM. 159 */ 160 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) 161 { 162 const struct fscrypt_operations *cops = parent->i_sb->s_cop; 163 const struct fscrypt_info *parent_ci, *child_ci; 164 struct fscrypt_context parent_ctx, child_ctx; 165 int res; 166 167 /* No restrictions on file types which are never encrypted */ 168 if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && 169 !S_ISLNK(child->i_mode)) 170 return 1; 171 172 /* No restrictions if the parent directory is unencrypted */ 173 if (!cops->is_encrypted(parent)) 174 return 1; 175 176 /* Encrypted directories must not contain unencrypted files */ 177 if (!cops->is_encrypted(child)) 178 return 0; 179 180 /* 181 * Both parent and child are encrypted, so verify they use the same 182 * encryption policy. Compare the fscrypt_info structs if the keys are 183 * available, otherwise retrieve and compare the fscrypt_contexts. 184 * 185 * Note that the fscrypt_context retrieval will be required frequently 186 * when accessing an encrypted directory tree without the key. 187 * Performance-wise this is not a big deal because we already don't 188 * really optimize for file access without the key (to the extent that 189 * such access is even possible), given that any attempted access 190 * already causes a fscrypt_context retrieval and keyring search. 191 * 192 * In any case, if an unexpected error occurs, fall back to "forbidden". 193 */ 194 195 res = fscrypt_get_encryption_info(parent); 196 if (res) 197 return 0; 198 res = fscrypt_get_encryption_info(child); 199 if (res) 200 return 0; 201 parent_ci = parent->i_crypt_info; 202 child_ci = child->i_crypt_info; 203 204 if (parent_ci && child_ci) { 205 return memcmp(parent_ci->ci_master_key, child_ci->ci_master_key, 206 FS_KEY_DESCRIPTOR_SIZE) == 0 && 207 (parent_ci->ci_data_mode == child_ci->ci_data_mode) && 208 (parent_ci->ci_filename_mode == 209 child_ci->ci_filename_mode) && 210 (parent_ci->ci_flags == child_ci->ci_flags); 211 } 212 213 res = cops->get_context(parent, &parent_ctx, sizeof(parent_ctx)); 214 if (res != sizeof(parent_ctx)) 215 return 0; 216 217 res = cops->get_context(child, &child_ctx, sizeof(child_ctx)); 218 if (res != sizeof(child_ctx)) 219 return 0; 220 221 return memcmp(parent_ctx.master_key_descriptor, 222 child_ctx.master_key_descriptor, 223 FS_KEY_DESCRIPTOR_SIZE) == 0 && 224 (parent_ctx.contents_encryption_mode == 225 child_ctx.contents_encryption_mode) && 226 (parent_ctx.filenames_encryption_mode == 227 child_ctx.filenames_encryption_mode) && 228 (parent_ctx.flags == child_ctx.flags); 229 } 230 EXPORT_SYMBOL(fscrypt_has_permitted_context); 231 232 /** 233 * fscrypt_inherit_context() - Sets a child context from its parent 234 * @parent: Parent inode from which the context is inherited. 235 * @child: Child inode that inherits the context from @parent. 236 * @fs_data: private data given by FS. 237 * @preload: preload child i_crypt_info if true 238 * 239 * Return: 0 on success, -errno on failure 240 */ 241 int fscrypt_inherit_context(struct inode *parent, struct inode *child, 242 void *fs_data, bool preload) 243 { 244 struct fscrypt_context ctx; 245 struct fscrypt_info *ci; 246 int res; 247 248 res = fscrypt_get_encryption_info(parent); 249 if (res < 0) 250 return res; 251 252 ci = parent->i_crypt_info; 253 if (ci == NULL) 254 return -ENOKEY; 255 256 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 257 ctx.contents_encryption_mode = ci->ci_data_mode; 258 ctx.filenames_encryption_mode = ci->ci_filename_mode; 259 ctx.flags = ci->ci_flags; 260 memcpy(ctx.master_key_descriptor, ci->ci_master_key, 261 FS_KEY_DESCRIPTOR_SIZE); 262 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 263 res = parent->i_sb->s_cop->set_context(child, &ctx, 264 sizeof(ctx), fs_data); 265 if (res) 266 return res; 267 return preload ? fscrypt_get_encryption_info(child): 0; 268 } 269 EXPORT_SYMBOL(fscrypt_inherit_context); 270