1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * In-kernel key management code. Includes functions to parse and 4 * write authentication token-related packets with the underlying 5 * file. 6 * 7 * Copyright (C) 2004-2006 International Business Machines Corp. 8 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 9 * Michael C. Thompson <mcthomps@us.ibm.com> 10 * Trevor S. Highland <trevor.highland@gmail.com> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License as 14 * published by the Free Software Foundation; either version 2 of the 15 * License, or (at your option) any later version. 16 * 17 * This program is distributed in the hope that it will be useful, but 18 * WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 20 * General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, write to the Free Software 24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 25 * 02111-1307, USA. 26 */ 27 28 #include <linux/string.h> 29 #include <linux/syscalls.h> 30 #include <linux/pagemap.h> 31 #include <linux/key.h> 32 #include <linux/random.h> 33 #include <linux/crypto.h> 34 #include <linux/scatterlist.h> 35 #include "ecryptfs_kernel.h" 36 37 /** 38 * request_key returned an error instead of a valid key address; 39 * determine the type of error, make appropriate log entries, and 40 * return an error code. 41 */ 42 static int process_request_key_err(long err_code) 43 { 44 int rc = 0; 45 46 switch (err_code) { 47 case -ENOKEY: 48 ecryptfs_printk(KERN_WARNING, "No key\n"); 49 rc = -ENOENT; 50 break; 51 case -EKEYEXPIRED: 52 ecryptfs_printk(KERN_WARNING, "Key expired\n"); 53 rc = -ETIME; 54 break; 55 case -EKEYREVOKED: 56 ecryptfs_printk(KERN_WARNING, "Key revoked\n"); 57 rc = -EINVAL; 58 break; 59 default: 60 ecryptfs_printk(KERN_WARNING, "Unknown error code: " 61 "[0x%.16x]\n", err_code); 62 rc = -EINVAL; 63 } 64 return rc; 65 } 66 67 /** 68 * ecryptfs_parse_packet_length 69 * @data: Pointer to memory containing length at offset 70 * @size: This function writes the decoded size to this memory 71 * address; zero on error 72 * @length_size: The number of bytes occupied by the encoded length 73 * 74 * Returns zero on success; non-zero on error 75 */ 76 int ecryptfs_parse_packet_length(unsigned char *data, size_t *size, 77 size_t *length_size) 78 { 79 int rc = 0; 80 81 (*length_size) = 0; 82 (*size) = 0; 83 if (data[0] < 192) { 84 /* One-byte length */ 85 (*size) = (unsigned char)data[0]; 86 (*length_size) = 1; 87 } else if (data[0] < 224) { 88 /* Two-byte length */ 89 (*size) = (((unsigned char)(data[0]) - 192) * 256); 90 (*size) += ((unsigned char)(data[1]) + 192); 91 (*length_size) = 2; 92 } else if (data[0] == 255) { 93 /* Five-byte length; we're not supposed to see this */ 94 ecryptfs_printk(KERN_ERR, "Five-byte packet length not " 95 "supported\n"); 96 rc = -EINVAL; 97 goto out; 98 } else { 99 ecryptfs_printk(KERN_ERR, "Error parsing packet length\n"); 100 rc = -EINVAL; 101 goto out; 102 } 103 out: 104 return rc; 105 } 106 107 /** 108 * ecryptfs_write_packet_length 109 * @dest: The byte array target into which to write the length. Must 110 * have at least 5 bytes allocated. 111 * @size: The length to write. 112 * @packet_size_length: The number of bytes used to encode the packet 113 * length is written to this address. 114 * 115 * Returns zero on success; non-zero on error. 116 */ 117 int ecryptfs_write_packet_length(char *dest, size_t size, 118 size_t *packet_size_length) 119 { 120 int rc = 0; 121 122 if (size < 192) { 123 dest[0] = size; 124 (*packet_size_length) = 1; 125 } else if (size < 65536) { 126 dest[0] = (((size - 192) / 256) + 192); 127 dest[1] = ((size - 192) % 256); 128 (*packet_size_length) = 2; 129 } else { 130 rc = -EINVAL; 131 ecryptfs_printk(KERN_WARNING, 132 "Unsupported packet size: [%d]\n", size); 133 } 134 return rc; 135 } 136 137 static int 138 write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key, 139 char **packet, size_t *packet_len) 140 { 141 size_t i = 0; 142 size_t data_len; 143 size_t packet_size_len; 144 char *message; 145 int rc; 146 147 /* 148 * ***** TAG 64 Packet Format ***** 149 * | Content Type | 1 byte | 150 * | Key Identifier Size | 1 or 2 bytes | 151 * | Key Identifier | arbitrary | 152 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 153 * | Encrypted File Encryption Key | arbitrary | 154 */ 155 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX 156 + session_key->encrypted_key_size); 157 *packet = kmalloc(data_len, GFP_KERNEL); 158 message = *packet; 159 if (!message) { 160 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 161 rc = -ENOMEM; 162 goto out; 163 } 164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE; 165 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 166 &packet_size_len); 167 if (rc) { 168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 169 "header; cannot generate packet length\n"); 170 goto out; 171 } 172 i += packet_size_len; 173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 174 i += ECRYPTFS_SIG_SIZE_HEX; 175 rc = ecryptfs_write_packet_length(&message[i], 176 session_key->encrypted_key_size, 177 &packet_size_len); 178 if (rc) { 179 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 180 "header; cannot generate packet length\n"); 181 goto out; 182 } 183 i += packet_size_len; 184 memcpy(&message[i], session_key->encrypted_key, 185 session_key->encrypted_key_size); 186 i += session_key->encrypted_key_size; 187 *packet_len = i; 188 out: 189 return rc; 190 } 191 192 static int 193 parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code, 194 struct ecryptfs_message *msg) 195 { 196 size_t i = 0; 197 char *data; 198 size_t data_len; 199 size_t m_size; 200 size_t message_len; 201 u16 checksum = 0; 202 u16 expected_checksum = 0; 203 int rc; 204 205 /* 206 * ***** TAG 65 Packet Format ***** 207 * | Content Type | 1 byte | 208 * | Status Indicator | 1 byte | 209 * | File Encryption Key Size | 1 or 2 bytes | 210 * | File Encryption Key | arbitrary | 211 */ 212 message_len = msg->data_len; 213 data = msg->data; 214 if (message_len < 4) { 215 rc = -EIO; 216 goto out; 217 } 218 if (data[i++] != ECRYPTFS_TAG_65_PACKET_TYPE) { 219 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_65\n"); 220 rc = -EIO; 221 goto out; 222 } 223 if (data[i++]) { 224 ecryptfs_printk(KERN_ERR, "Status indicator has non-zero value " 225 "[%d]\n", data[i-1]); 226 rc = -EIO; 227 goto out; 228 } 229 rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len); 230 if (rc) { 231 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 232 "rc = [%d]\n", rc); 233 goto out; 234 } 235 i += data_len; 236 if (message_len < (i + m_size)) { 237 ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd " 238 "is shorter than expected\n"); 239 rc = -EIO; 240 goto out; 241 } 242 if (m_size < 3) { 243 ecryptfs_printk(KERN_ERR, 244 "The decrypted key is not long enough to " 245 "include a cipher code and checksum\n"); 246 rc = -EIO; 247 goto out; 248 } 249 *cipher_code = data[i++]; 250 /* The decrypted key includes 1 byte cipher code and 2 byte checksum */ 251 session_key->decrypted_key_size = m_size - 3; 252 if (session_key->decrypted_key_size > ECRYPTFS_MAX_KEY_BYTES) { 253 ecryptfs_printk(KERN_ERR, "key_size [%d] larger than " 254 "the maximum key size [%d]\n", 255 session_key->decrypted_key_size, 256 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 257 rc = -EIO; 258 goto out; 259 } 260 memcpy(session_key->decrypted_key, &data[i], 261 session_key->decrypted_key_size); 262 i += session_key->decrypted_key_size; 263 expected_checksum += (unsigned char)(data[i++]) << 8; 264 expected_checksum += (unsigned char)(data[i++]); 265 for (i = 0; i < session_key->decrypted_key_size; i++) 266 checksum += session_key->decrypted_key[i]; 267 if (expected_checksum != checksum) { 268 ecryptfs_printk(KERN_ERR, "Invalid checksum for file " 269 "encryption key; expected [%x]; calculated " 270 "[%x]\n", expected_checksum, checksum); 271 rc = -EIO; 272 } 273 out: 274 return rc; 275 } 276 277 278 static int 279 write_tag_66_packet(char *signature, u8 cipher_code, 280 struct ecryptfs_crypt_stat *crypt_stat, char **packet, 281 size_t *packet_len) 282 { 283 size_t i = 0; 284 size_t j; 285 size_t data_len; 286 size_t checksum = 0; 287 size_t packet_size_len; 288 char *message; 289 int rc; 290 291 /* 292 * ***** TAG 66 Packet Format ***** 293 * | Content Type | 1 byte | 294 * | Key Identifier Size | 1 or 2 bytes | 295 * | Key Identifier | arbitrary | 296 * | File Encryption Key Size | 1 or 2 bytes | 297 * | File Encryption Key | arbitrary | 298 */ 299 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX + crypt_stat->key_size); 300 *packet = kmalloc(data_len, GFP_KERNEL); 301 message = *packet; 302 if (!message) { 303 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 304 rc = -ENOMEM; 305 goto out; 306 } 307 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE; 308 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 309 &packet_size_len); 310 if (rc) { 311 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 312 "header; cannot generate packet length\n"); 313 goto out; 314 } 315 i += packet_size_len; 316 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 317 i += ECRYPTFS_SIG_SIZE_HEX; 318 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */ 319 rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3, 320 &packet_size_len); 321 if (rc) { 322 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 323 "header; cannot generate packet length\n"); 324 goto out; 325 } 326 i += packet_size_len; 327 message[i++] = cipher_code; 328 memcpy(&message[i], crypt_stat->key, crypt_stat->key_size); 329 i += crypt_stat->key_size; 330 for (j = 0; j < crypt_stat->key_size; j++) 331 checksum += crypt_stat->key[j]; 332 message[i++] = (checksum / 256) % 256; 333 message[i++] = (checksum % 256); 334 *packet_len = i; 335 out: 336 return rc; 337 } 338 339 static int 340 parse_tag_67_packet(struct ecryptfs_key_record *key_rec, 341 struct ecryptfs_message *msg) 342 { 343 size_t i = 0; 344 char *data; 345 size_t data_len; 346 size_t message_len; 347 int rc; 348 349 /* 350 * ***** TAG 65 Packet Format ***** 351 * | Content Type | 1 byte | 352 * | Status Indicator | 1 byte | 353 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 354 * | Encrypted File Encryption Key | arbitrary | 355 */ 356 message_len = msg->data_len; 357 data = msg->data; 358 /* verify that everything through the encrypted FEK size is present */ 359 if (message_len < 4) { 360 rc = -EIO; 361 printk(KERN_ERR "%s: message_len is [%zd]; minimum acceptable " 362 "message length is [%d]\n", __func__, message_len, 4); 363 goto out; 364 } 365 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) { 366 rc = -EIO; 367 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n", 368 __func__); 369 goto out; 370 } 371 if (data[i++]) { 372 rc = -EIO; 373 printk(KERN_ERR "%s: Status indicator has non zero " 374 "value [%d]\n", __func__, data[i-1]); 375 376 goto out; 377 } 378 rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size, 379 &data_len); 380 if (rc) { 381 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 382 "rc = [%d]\n", rc); 383 goto out; 384 } 385 i += data_len; 386 if (message_len < (i + key_rec->enc_key_size)) { 387 rc = -EIO; 388 printk(KERN_ERR "%s: message_len [%zd]; max len is [%zd]\n", 389 __func__, message_len, (i + key_rec->enc_key_size)); 390 goto out; 391 } 392 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 393 rc = -EIO; 394 printk(KERN_ERR "%s: Encrypted key_size [%zd] larger than " 395 "the maximum key size [%d]\n", __func__, 396 key_rec->enc_key_size, 397 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 398 goto out; 399 } 400 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size); 401 out: 402 return rc; 403 } 404 405 static int 406 ecryptfs_find_global_auth_tok_for_sig( 407 struct ecryptfs_global_auth_tok **global_auth_tok, 408 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig) 409 { 410 struct ecryptfs_global_auth_tok *walker; 411 int rc = 0; 412 413 (*global_auth_tok) = NULL; 414 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 415 list_for_each_entry(walker, 416 &mount_crypt_stat->global_auth_tok_list, 417 mount_crypt_stat_list) { 418 if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX) == 0) { 419 (*global_auth_tok) = walker; 420 goto out; 421 } 422 } 423 rc = -EINVAL; 424 out: 425 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 426 return rc; 427 } 428 429 /** 430 * ecryptfs_find_auth_tok_for_sig 431 * @auth_tok: Set to the matching auth_tok; NULL if not found 432 * @crypt_stat: inode crypt_stat crypto context 433 * @sig: Sig of auth_tok to find 434 * 435 * For now, this function simply looks at the registered auth_tok's 436 * linked off the mount_crypt_stat, so all the auth_toks that can be 437 * used must be registered at mount time. This function could 438 * potentially try a lot harder to find auth_tok's (e.g., by calling 439 * out to ecryptfsd to dynamically retrieve an auth_tok object) so 440 * that static registration of auth_tok's will no longer be necessary. 441 * 442 * Returns zero on no error; non-zero on error 443 */ 444 static int 445 ecryptfs_find_auth_tok_for_sig( 446 struct ecryptfs_auth_tok **auth_tok, 447 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 448 char *sig) 449 { 450 struct ecryptfs_global_auth_tok *global_auth_tok; 451 int rc = 0; 452 453 (*auth_tok) = NULL; 454 if (ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 455 mount_crypt_stat, sig)) { 456 struct key *auth_tok_key; 457 458 rc = ecryptfs_keyring_auth_tok_for_sig(&auth_tok_key, auth_tok, 459 sig); 460 } else 461 (*auth_tok) = global_auth_tok->global_auth_tok; 462 return rc; 463 } 464 465 /** 466 * write_tag_70_packet can gobble a lot of stack space. We stuff most 467 * of the function's parameters in a kmalloc'd struct to help reduce 468 * eCryptfs' overall stack usage. 469 */ 470 struct ecryptfs_write_tag_70_packet_silly_stack { 471 u8 cipher_code; 472 size_t max_packet_size; 473 size_t packet_size_len; 474 size_t block_aligned_filename_size; 475 size_t block_size; 476 size_t i; 477 size_t j; 478 size_t num_rand_bytes; 479 struct mutex *tfm_mutex; 480 char *block_aligned_filename; 481 struct ecryptfs_auth_tok *auth_tok; 482 struct scatterlist src_sg; 483 struct scatterlist dst_sg; 484 struct blkcipher_desc desc; 485 char iv[ECRYPTFS_MAX_IV_BYTES]; 486 char hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 487 char tmp_hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 488 struct hash_desc hash_desc; 489 struct scatterlist hash_sg; 490 }; 491 492 /** 493 * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK 494 * @filename: NULL-terminated filename string 495 * 496 * This is the simplest mechanism for achieving filename encryption in 497 * eCryptfs. It encrypts the given filename with the mount-wide 498 * filename encryption key (FNEK) and stores it in a packet to @dest, 499 * which the callee will encode and write directly into the dentry 500 * name. 501 */ 502 int 503 ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes, 504 size_t *packet_size, 505 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 506 char *filename, size_t filename_size) 507 { 508 struct ecryptfs_write_tag_70_packet_silly_stack *s; 509 int rc = 0; 510 511 s = kmalloc(sizeof(*s), GFP_KERNEL); 512 if (!s) { 513 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 514 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 515 goto out; 516 } 517 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 518 (*packet_size) = 0; 519 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name( 520 &s->desc.tfm, 521 &s->tfm_mutex, mount_crypt_stat->global_default_fn_cipher_name); 522 if (unlikely(rc)) { 523 printk(KERN_ERR "Internal error whilst attempting to get " 524 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 525 mount_crypt_stat->global_default_fn_cipher_name, rc); 526 goto out; 527 } 528 mutex_lock(s->tfm_mutex); 529 s->block_size = crypto_blkcipher_blocksize(s->desc.tfm); 530 /* Plus one for the \0 separator between the random prefix 531 * and the plaintext filename */ 532 s->num_rand_bytes = (ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES + 1); 533 s->block_aligned_filename_size = (s->num_rand_bytes + filename_size); 534 if ((s->block_aligned_filename_size % s->block_size) != 0) { 535 s->num_rand_bytes += (s->block_size 536 - (s->block_aligned_filename_size 537 % s->block_size)); 538 s->block_aligned_filename_size = (s->num_rand_bytes 539 + filename_size); 540 } 541 /* Octet 0: Tag 70 identifier 542 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 543 * and block-aligned encrypted filename size) 544 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 545 * Octet N2-N3: Cipher identifier (1 octet) 546 * Octets N3-N4: Block-aligned encrypted filename 547 * - Consists of a minimum number of random characters, a \0 548 * separator, and then the filename */ 549 s->max_packet_size = (1 /* Tag 70 identifier */ 550 + 3 /* Max Tag 70 packet size */ 551 + ECRYPTFS_SIG_SIZE /* FNEK sig */ 552 + 1 /* Cipher identifier */ 553 + s->block_aligned_filename_size); 554 if (dest == NULL) { 555 (*packet_size) = s->max_packet_size; 556 goto out_unlock; 557 } 558 if (s->max_packet_size > (*remaining_bytes)) { 559 printk(KERN_WARNING "%s: Require [%zd] bytes to write; only " 560 "[%zd] available\n", __func__, s->max_packet_size, 561 (*remaining_bytes)); 562 rc = -EINVAL; 563 goto out_unlock; 564 } 565 s->block_aligned_filename = kzalloc(s->block_aligned_filename_size, 566 GFP_KERNEL); 567 if (!s->block_aligned_filename) { 568 printk(KERN_ERR "%s: Out of kernel memory whilst attempting to " 569 "kzalloc [%zd] bytes\n", __func__, 570 s->block_aligned_filename_size); 571 rc = -ENOMEM; 572 goto out_unlock; 573 } 574 s->i = 0; 575 dest[s->i++] = ECRYPTFS_TAG_70_PACKET_TYPE; 576 rc = ecryptfs_write_packet_length(&dest[s->i], 577 (ECRYPTFS_SIG_SIZE 578 + 1 /* Cipher code */ 579 + s->block_aligned_filename_size), 580 &s->packet_size_len); 581 if (rc) { 582 printk(KERN_ERR "%s: Error generating tag 70 packet " 583 "header; cannot generate packet length; rc = [%d]\n", 584 __func__, rc); 585 goto out_free_unlock; 586 } 587 s->i += s->packet_size_len; 588 ecryptfs_from_hex(&dest[s->i], 589 mount_crypt_stat->global_default_fnek_sig, 590 ECRYPTFS_SIG_SIZE); 591 s->i += ECRYPTFS_SIG_SIZE; 592 s->cipher_code = ecryptfs_code_for_cipher_string( 593 mount_crypt_stat->global_default_fn_cipher_name, 594 mount_crypt_stat->global_default_fn_cipher_key_bytes); 595 if (s->cipher_code == 0) { 596 printk(KERN_WARNING "%s: Unable to generate code for " 597 "cipher [%s] with key bytes [%zd]\n", __func__, 598 mount_crypt_stat->global_default_fn_cipher_name, 599 mount_crypt_stat->global_default_fn_cipher_key_bytes); 600 rc = -EINVAL; 601 goto out_free_unlock; 602 } 603 dest[s->i++] = s->cipher_code; 604 rc = ecryptfs_find_auth_tok_for_sig( 605 &s->auth_tok, mount_crypt_stat, 606 mount_crypt_stat->global_default_fnek_sig); 607 if (rc) { 608 printk(KERN_ERR "%s: Error attempting to find auth tok for " 609 "fnek sig [%s]; rc = [%d]\n", __func__, 610 mount_crypt_stat->global_default_fnek_sig, rc); 611 goto out_free_unlock; 612 } 613 /* TODO: Support other key modules than passphrase for 614 * filename encryption */ 615 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 616 sg_init_one( 617 &s->hash_sg, 618 (u8 *)s->auth_tok->token.password.session_key_encryption_key, 619 s->auth_tok->token.password.session_key_encryption_key_bytes); 620 s->hash_desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 621 s->hash_desc.tfm = crypto_alloc_hash(ECRYPTFS_TAG_70_DIGEST, 0, 622 CRYPTO_ALG_ASYNC); 623 if (IS_ERR(s->hash_desc.tfm)) { 624 rc = PTR_ERR(s->hash_desc.tfm); 625 printk(KERN_ERR "%s: Error attempting to " 626 "allocate hash crypto context; rc = [%d]\n", 627 __func__, rc); 628 goto out_free_unlock; 629 } 630 rc = crypto_hash_init(&s->hash_desc); 631 if (rc) { 632 printk(KERN_ERR 633 "%s: Error initializing crypto hash; rc = [%d]\n", 634 __func__, rc); 635 goto out_release_free_unlock; 636 } 637 rc = crypto_hash_update( 638 &s->hash_desc, &s->hash_sg, 639 s->auth_tok->token.password.session_key_encryption_key_bytes); 640 if (rc) { 641 printk(KERN_ERR 642 "%s: Error updating crypto hash; rc = [%d]\n", 643 __func__, rc); 644 goto out_release_free_unlock; 645 } 646 rc = crypto_hash_final(&s->hash_desc, s->hash); 647 if (rc) { 648 printk(KERN_ERR 649 "%s: Error finalizing crypto hash; rc = [%d]\n", 650 __func__, rc); 651 goto out_release_free_unlock; 652 } 653 for (s->j = 0; s->j < (s->num_rand_bytes - 1); s->j++) { 654 s->block_aligned_filename[s->j] = 655 s->hash[(s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)]; 656 if ((s->j % ECRYPTFS_TAG_70_DIGEST_SIZE) 657 == (ECRYPTFS_TAG_70_DIGEST_SIZE - 1)) { 658 sg_init_one(&s->hash_sg, (u8 *)s->hash, 659 ECRYPTFS_TAG_70_DIGEST_SIZE); 660 rc = crypto_hash_init(&s->hash_desc); 661 if (rc) { 662 printk(KERN_ERR 663 "%s: Error initializing crypto hash; " 664 "rc = [%d]\n", __func__, rc); 665 goto out_release_free_unlock; 666 } 667 rc = crypto_hash_update(&s->hash_desc, &s->hash_sg, 668 ECRYPTFS_TAG_70_DIGEST_SIZE); 669 if (rc) { 670 printk(KERN_ERR 671 "%s: Error updating crypto hash; " 672 "rc = [%d]\n", __func__, rc); 673 goto out_release_free_unlock; 674 } 675 rc = crypto_hash_final(&s->hash_desc, s->tmp_hash); 676 if (rc) { 677 printk(KERN_ERR 678 "%s: Error finalizing crypto hash; " 679 "rc = [%d]\n", __func__, rc); 680 goto out_release_free_unlock; 681 } 682 memcpy(s->hash, s->tmp_hash, 683 ECRYPTFS_TAG_70_DIGEST_SIZE); 684 } 685 if (s->block_aligned_filename[s->j] == '\0') 686 s->block_aligned_filename[s->j] = ECRYPTFS_NON_NULL; 687 } 688 memcpy(&s->block_aligned_filename[s->num_rand_bytes], filename, 689 filename_size); 690 rc = virt_to_scatterlist(s->block_aligned_filename, 691 s->block_aligned_filename_size, &s->src_sg, 1); 692 if (rc != 1) { 693 printk(KERN_ERR "%s: Internal error whilst attempting to " 694 "convert filename memory to scatterlist; " 695 "expected rc = 1; got rc = [%d]. " 696 "block_aligned_filename_size = [%zd]\n", __func__, rc, 697 s->block_aligned_filename_size); 698 goto out_release_free_unlock; 699 } 700 rc = virt_to_scatterlist(&dest[s->i], s->block_aligned_filename_size, 701 &s->dst_sg, 1); 702 if (rc != 1) { 703 printk(KERN_ERR "%s: Internal error whilst attempting to " 704 "convert encrypted filename memory to scatterlist; " 705 "expected rc = 1; got rc = [%d]. " 706 "block_aligned_filename_size = [%zd]\n", __func__, rc, 707 s->block_aligned_filename_size); 708 goto out_release_free_unlock; 709 } 710 /* The characters in the first block effectively do the job 711 * of the IV here, so we just use 0's for the IV. Note the 712 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 713 * >= ECRYPTFS_MAX_IV_BYTES. */ 714 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 715 s->desc.info = s->iv; 716 rc = crypto_blkcipher_setkey( 717 s->desc.tfm, 718 s->auth_tok->token.password.session_key_encryption_key, 719 mount_crypt_stat->global_default_fn_cipher_key_bytes); 720 if (rc < 0) { 721 printk(KERN_ERR "%s: Error setting key for crypto context; " 722 "rc = [%d]. s->auth_tok->token.password.session_key_" 723 "encryption_key = [0x%p]; mount_crypt_stat->" 724 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 725 rc, 726 s->auth_tok->token.password.session_key_encryption_key, 727 mount_crypt_stat->global_default_fn_cipher_key_bytes); 728 goto out_release_free_unlock; 729 } 730 rc = crypto_blkcipher_encrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 731 s->block_aligned_filename_size); 732 if (rc) { 733 printk(KERN_ERR "%s: Error attempting to encrypt filename; " 734 "rc = [%d]\n", __func__, rc); 735 goto out_release_free_unlock; 736 } 737 s->i += s->block_aligned_filename_size; 738 (*packet_size) = s->i; 739 (*remaining_bytes) -= (*packet_size); 740 out_release_free_unlock: 741 crypto_free_hash(s->hash_desc.tfm); 742 out_free_unlock: 743 kzfree(s->block_aligned_filename); 744 out_unlock: 745 mutex_unlock(s->tfm_mutex); 746 out: 747 kfree(s); 748 return rc; 749 } 750 751 struct ecryptfs_parse_tag_70_packet_silly_stack { 752 u8 cipher_code; 753 size_t max_packet_size; 754 size_t packet_size_len; 755 size_t parsed_tag_70_packet_size; 756 size_t block_aligned_filename_size; 757 size_t block_size; 758 size_t i; 759 struct mutex *tfm_mutex; 760 char *decrypted_filename; 761 struct ecryptfs_auth_tok *auth_tok; 762 struct scatterlist src_sg; 763 struct scatterlist dst_sg; 764 struct blkcipher_desc desc; 765 char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1]; 766 char iv[ECRYPTFS_MAX_IV_BYTES]; 767 char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE]; 768 }; 769 770 /** 771 * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet 772 * @filename: This function kmalloc's the memory for the filename 773 * @filename_size: This function sets this to the amount of memory 774 * kmalloc'd for the filename 775 * @packet_size: This function sets this to the the number of octets 776 * in the packet parsed 777 * @mount_crypt_stat: The mount-wide cryptographic context 778 * @data: The memory location containing the start of the tag 70 779 * packet 780 * @max_packet_size: The maximum legal size of the packet to be parsed 781 * from @data 782 * 783 * Returns zero on success; non-zero otherwise 784 */ 785 int 786 ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 787 size_t *packet_size, 788 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 789 char *data, size_t max_packet_size) 790 { 791 struct ecryptfs_parse_tag_70_packet_silly_stack *s; 792 int rc = 0; 793 794 (*packet_size) = 0; 795 (*filename_size) = 0; 796 (*filename) = NULL; 797 s = kmalloc(sizeof(*s), GFP_KERNEL); 798 if (!s) { 799 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 800 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 801 goto out; 802 } 803 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 804 if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) { 805 printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be " 806 "at least [%d]\n", __func__, max_packet_size, 807 (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)); 808 rc = -EINVAL; 809 goto out; 810 } 811 /* Octet 0: Tag 70 identifier 812 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 813 * and block-aligned encrypted filename size) 814 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 815 * Octet N2-N3: Cipher identifier (1 octet) 816 * Octets N3-N4: Block-aligned encrypted filename 817 * - Consists of a minimum number of random numbers, a \0 818 * separator, and then the filename */ 819 if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) { 820 printk(KERN_WARNING "%s: Invalid packet tag [0x%.2x]; must be " 821 "tag [0x%.2x]\n", __func__, 822 data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE); 823 rc = -EINVAL; 824 goto out; 825 } 826 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], 827 &s->parsed_tag_70_packet_size, 828 &s->packet_size_len); 829 if (rc) { 830 printk(KERN_WARNING "%s: Error parsing packet length; " 831 "rc = [%d]\n", __func__, rc); 832 goto out; 833 } 834 s->block_aligned_filename_size = (s->parsed_tag_70_packet_size 835 - ECRYPTFS_SIG_SIZE - 1); 836 if ((1 + s->packet_size_len + s->parsed_tag_70_packet_size) 837 > max_packet_size) { 838 printk(KERN_WARNING "%s: max_packet_size is [%zd]; real packet " 839 "size is [%zd]\n", __func__, max_packet_size, 840 (1 + s->packet_size_len + 1 841 + s->block_aligned_filename_size)); 842 rc = -EINVAL; 843 goto out; 844 } 845 (*packet_size) += s->packet_size_len; 846 ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)], 847 ECRYPTFS_SIG_SIZE); 848 s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 849 (*packet_size) += ECRYPTFS_SIG_SIZE; 850 s->cipher_code = data[(*packet_size)++]; 851 rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code); 852 if (rc) { 853 printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n", 854 __func__, s->cipher_code); 855 goto out; 856 } 857 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&s->desc.tfm, 858 &s->tfm_mutex, 859 s->cipher_string); 860 if (unlikely(rc)) { 861 printk(KERN_ERR "Internal error whilst attempting to get " 862 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 863 s->cipher_string, rc); 864 goto out; 865 } 866 mutex_lock(s->tfm_mutex); 867 rc = virt_to_scatterlist(&data[(*packet_size)], 868 s->block_aligned_filename_size, &s->src_sg, 1); 869 if (rc != 1) { 870 printk(KERN_ERR "%s: Internal error whilst attempting to " 871 "convert encrypted filename memory to scatterlist; " 872 "expected rc = 1; got rc = [%d]. " 873 "block_aligned_filename_size = [%zd]\n", __func__, rc, 874 s->block_aligned_filename_size); 875 goto out_unlock; 876 } 877 (*packet_size) += s->block_aligned_filename_size; 878 s->decrypted_filename = kmalloc(s->block_aligned_filename_size, 879 GFP_KERNEL); 880 if (!s->decrypted_filename) { 881 printk(KERN_ERR "%s: Out of memory whilst attempting to " 882 "kmalloc [%zd] bytes\n", __func__, 883 s->block_aligned_filename_size); 884 rc = -ENOMEM; 885 goto out_unlock; 886 } 887 rc = virt_to_scatterlist(s->decrypted_filename, 888 s->block_aligned_filename_size, &s->dst_sg, 1); 889 if (rc != 1) { 890 printk(KERN_ERR "%s: Internal error whilst attempting to " 891 "convert decrypted filename memory to scatterlist; " 892 "expected rc = 1; got rc = [%d]. " 893 "block_aligned_filename_size = [%zd]\n", __func__, rc, 894 s->block_aligned_filename_size); 895 goto out_free_unlock; 896 } 897 /* The characters in the first block effectively do the job of 898 * the IV here, so we just use 0's for the IV. Note the 899 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 900 * >= ECRYPTFS_MAX_IV_BYTES. */ 901 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 902 s->desc.info = s->iv; 903 rc = ecryptfs_find_auth_tok_for_sig(&s->auth_tok, mount_crypt_stat, 904 s->fnek_sig_hex); 905 if (rc) { 906 printk(KERN_ERR "%s: Error attempting to find auth tok for " 907 "fnek sig [%s]; rc = [%d]\n", __func__, s->fnek_sig_hex, 908 rc); 909 goto out_free_unlock; 910 } 911 /* TODO: Support other key modules than passphrase for 912 * filename encryption */ 913 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 914 rc = crypto_blkcipher_setkey( 915 s->desc.tfm, 916 s->auth_tok->token.password.session_key_encryption_key, 917 mount_crypt_stat->global_default_fn_cipher_key_bytes); 918 if (rc < 0) { 919 printk(KERN_ERR "%s: Error setting key for crypto context; " 920 "rc = [%d]. s->auth_tok->token.password.session_key_" 921 "encryption_key = [0x%p]; mount_crypt_stat->" 922 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 923 rc, 924 s->auth_tok->token.password.session_key_encryption_key, 925 mount_crypt_stat->global_default_fn_cipher_key_bytes); 926 goto out_free_unlock; 927 } 928 rc = crypto_blkcipher_decrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 929 s->block_aligned_filename_size); 930 if (rc) { 931 printk(KERN_ERR "%s: Error attempting to decrypt filename; " 932 "rc = [%d]\n", __func__, rc); 933 goto out_free_unlock; 934 } 935 s->i = 0; 936 while (s->decrypted_filename[s->i] != '\0' 937 && s->i < s->block_aligned_filename_size) 938 s->i++; 939 if (s->i == s->block_aligned_filename_size) { 940 printk(KERN_WARNING "%s: Invalid tag 70 packet; could not " 941 "find valid separator between random characters and " 942 "the filename\n", __func__); 943 rc = -EINVAL; 944 goto out_free_unlock; 945 } 946 s->i++; 947 (*filename_size) = (s->block_aligned_filename_size - s->i); 948 if (!((*filename_size) > 0 && (*filename_size < PATH_MAX))) { 949 printk(KERN_WARNING "%s: Filename size is [%zd], which is " 950 "invalid\n", __func__, (*filename_size)); 951 rc = -EINVAL; 952 goto out_free_unlock; 953 } 954 (*filename) = kmalloc(((*filename_size) + 1), GFP_KERNEL); 955 if (!(*filename)) { 956 printk(KERN_ERR "%s: Out of memory whilst attempting to " 957 "kmalloc [%zd] bytes\n", __func__, 958 ((*filename_size) + 1)); 959 rc = -ENOMEM; 960 goto out_free_unlock; 961 } 962 memcpy((*filename), &s->decrypted_filename[s->i], (*filename_size)); 963 (*filename)[(*filename_size)] = '\0'; 964 out_free_unlock: 965 kfree(s->decrypted_filename); 966 out_unlock: 967 mutex_unlock(s->tfm_mutex); 968 out: 969 if (rc) { 970 (*packet_size) = 0; 971 (*filename_size) = 0; 972 (*filename) = NULL; 973 } 974 kfree(s); 975 return rc; 976 } 977 978 static int 979 ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) 980 { 981 int rc = 0; 982 983 (*sig) = NULL; 984 switch (auth_tok->token_type) { 985 case ECRYPTFS_PASSWORD: 986 (*sig) = auth_tok->token.password.signature; 987 break; 988 case ECRYPTFS_PRIVATE_KEY: 989 (*sig) = auth_tok->token.private_key.signature; 990 break; 991 default: 992 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", 993 auth_tok->token_type); 994 rc = -EINVAL; 995 } 996 return rc; 997 } 998 999 /** 1000 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. 1001 * @auth_tok: The key authentication token used to decrypt the session key 1002 * @crypt_stat: The cryptographic context 1003 * 1004 * Returns zero on success; non-zero error otherwise. 1005 */ 1006 static int 1007 decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1008 struct ecryptfs_crypt_stat *crypt_stat) 1009 { 1010 u8 cipher_code = 0; 1011 struct ecryptfs_msg_ctx *msg_ctx; 1012 struct ecryptfs_message *msg = NULL; 1013 char *auth_tok_sig; 1014 char *payload; 1015 size_t payload_len; 1016 int rc; 1017 1018 rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok); 1019 if (rc) { 1020 printk(KERN_ERR "Unrecognized auth tok type: [%d]\n", 1021 auth_tok->token_type); 1022 goto out; 1023 } 1024 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), 1025 &payload, &payload_len); 1026 if (rc) { 1027 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n"); 1028 goto out; 1029 } 1030 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1031 if (rc) { 1032 ecryptfs_printk(KERN_ERR, "Error sending message to " 1033 "ecryptfsd\n"); 1034 goto out; 1035 } 1036 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1037 if (rc) { 1038 ecryptfs_printk(KERN_ERR, "Failed to receive tag 65 packet " 1039 "from the user space daemon\n"); 1040 rc = -EIO; 1041 goto out; 1042 } 1043 rc = parse_tag_65_packet(&(auth_tok->session_key), 1044 &cipher_code, msg); 1045 if (rc) { 1046 printk(KERN_ERR "Failed to parse tag 65 packet; rc = [%d]\n", 1047 rc); 1048 goto out; 1049 } 1050 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1051 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1052 auth_tok->session_key.decrypted_key_size); 1053 crypt_stat->key_size = auth_tok->session_key.decrypted_key_size; 1054 rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); 1055 if (rc) { 1056 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", 1057 cipher_code) 1058 goto out; 1059 } 1060 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1061 if (ecryptfs_verbosity > 0) { 1062 ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n"); 1063 ecryptfs_dump_hex(crypt_stat->key, 1064 crypt_stat->key_size); 1065 } 1066 out: 1067 if (msg) 1068 kfree(msg); 1069 return rc; 1070 } 1071 1072 static void wipe_auth_tok_list(struct list_head *auth_tok_list_head) 1073 { 1074 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1075 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1076 1077 list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp, 1078 auth_tok_list_head, list) { 1079 list_del(&auth_tok_list_item->list); 1080 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1081 auth_tok_list_item); 1082 } 1083 } 1084 1085 struct kmem_cache *ecryptfs_auth_tok_list_item_cache; 1086 1087 /** 1088 * parse_tag_1_packet 1089 * @crypt_stat: The cryptographic context to modify based on packet contents 1090 * @data: The raw bytes of the packet. 1091 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1092 * a new authentication token will be placed at the 1093 * end of this list for this packet. 1094 * @new_auth_tok: Pointer to a pointer to memory that this function 1095 * allocates; sets the memory address of the pointer to 1096 * NULL on error. This object is added to the 1097 * auth_tok_list. 1098 * @packet_size: This function writes the size of the parsed packet 1099 * into this memory location; zero on error. 1100 * @max_packet_size: The maximum allowable packet size 1101 * 1102 * Returns zero on success; non-zero on error. 1103 */ 1104 static int 1105 parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat, 1106 unsigned char *data, struct list_head *auth_tok_list, 1107 struct ecryptfs_auth_tok **new_auth_tok, 1108 size_t *packet_size, size_t max_packet_size) 1109 { 1110 size_t body_size; 1111 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1112 size_t length_size; 1113 int rc = 0; 1114 1115 (*packet_size) = 0; 1116 (*new_auth_tok) = NULL; 1117 /** 1118 * This format is inspired by OpenPGP; see RFC 2440 1119 * packet tag 1 1120 * 1121 * Tag 1 identifier (1 byte) 1122 * Max Tag 1 packet size (max 3 bytes) 1123 * Version (1 byte) 1124 * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE) 1125 * Cipher identifier (1 byte) 1126 * Encrypted key size (arbitrary) 1127 * 1128 * 12 bytes minimum packet size 1129 */ 1130 if (unlikely(max_packet_size < 12)) { 1131 printk(KERN_ERR "Invalid max packet size; must be >=12\n"); 1132 rc = -EINVAL; 1133 goto out; 1134 } 1135 if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) { 1136 printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n", 1137 ECRYPTFS_TAG_1_PACKET_TYPE); 1138 rc = -EINVAL; 1139 goto out; 1140 } 1141 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1142 * at end of function upon failure */ 1143 auth_tok_list_item = 1144 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, 1145 GFP_KERNEL); 1146 if (!auth_tok_list_item) { 1147 printk(KERN_ERR "Unable to allocate memory\n"); 1148 rc = -ENOMEM; 1149 goto out; 1150 } 1151 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1152 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1153 &length_size); 1154 if (rc) { 1155 printk(KERN_WARNING "Error parsing packet length; " 1156 "rc = [%d]\n", rc); 1157 goto out_free; 1158 } 1159 if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) { 1160 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1161 rc = -EINVAL; 1162 goto out_free; 1163 } 1164 (*packet_size) += length_size; 1165 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1166 printk(KERN_WARNING "Packet size exceeds max\n"); 1167 rc = -EINVAL; 1168 goto out_free; 1169 } 1170 if (unlikely(data[(*packet_size)++] != 0x03)) { 1171 printk(KERN_WARNING "Unknown version number [%d]\n", 1172 data[(*packet_size) - 1]); 1173 rc = -EINVAL; 1174 goto out_free; 1175 } 1176 ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature, 1177 &data[(*packet_size)], ECRYPTFS_SIG_SIZE); 1178 *packet_size += ECRYPTFS_SIG_SIZE; 1179 /* This byte is skipped because the kernel does not need to 1180 * know which public key encryption algorithm was used */ 1181 (*packet_size)++; 1182 (*new_auth_tok)->session_key.encrypted_key_size = 1183 body_size - (ECRYPTFS_SIG_SIZE + 2); 1184 if ((*new_auth_tok)->session_key.encrypted_key_size 1185 > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 1186 printk(KERN_WARNING "Tag 1 packet contains key larger " 1187 "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES"); 1188 rc = -EINVAL; 1189 goto out; 1190 } 1191 memcpy((*new_auth_tok)->session_key.encrypted_key, 1192 &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2))); 1193 (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size; 1194 (*new_auth_tok)->session_key.flags &= 1195 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1196 (*new_auth_tok)->session_key.flags |= 1197 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1198 (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY; 1199 (*new_auth_tok)->flags = 0; 1200 (*new_auth_tok)->session_key.flags &= 1201 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1202 (*new_auth_tok)->session_key.flags &= 1203 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1204 list_add(&auth_tok_list_item->list, auth_tok_list); 1205 goto out; 1206 out_free: 1207 (*new_auth_tok) = NULL; 1208 memset(auth_tok_list_item, 0, 1209 sizeof(struct ecryptfs_auth_tok_list_item)); 1210 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1211 auth_tok_list_item); 1212 out: 1213 if (rc) 1214 (*packet_size) = 0; 1215 return rc; 1216 } 1217 1218 /** 1219 * parse_tag_3_packet 1220 * @crypt_stat: The cryptographic context to modify based on packet 1221 * contents. 1222 * @data: The raw bytes of the packet. 1223 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1224 * a new authentication token will be placed at the end 1225 * of this list for this packet. 1226 * @new_auth_tok: Pointer to a pointer to memory that this function 1227 * allocates; sets the memory address of the pointer to 1228 * NULL on error. This object is added to the 1229 * auth_tok_list. 1230 * @packet_size: This function writes the size of the parsed packet 1231 * into this memory location; zero on error. 1232 * @max_packet_size: maximum number of bytes to parse 1233 * 1234 * Returns zero on success; non-zero on error. 1235 */ 1236 static int 1237 parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, 1238 unsigned char *data, struct list_head *auth_tok_list, 1239 struct ecryptfs_auth_tok **new_auth_tok, 1240 size_t *packet_size, size_t max_packet_size) 1241 { 1242 size_t body_size; 1243 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1244 size_t length_size; 1245 int rc = 0; 1246 1247 (*packet_size) = 0; 1248 (*new_auth_tok) = NULL; 1249 /** 1250 *This format is inspired by OpenPGP; see RFC 2440 1251 * packet tag 3 1252 * 1253 * Tag 3 identifier (1 byte) 1254 * Max Tag 3 packet size (max 3 bytes) 1255 * Version (1 byte) 1256 * Cipher code (1 byte) 1257 * S2K specifier (1 byte) 1258 * Hash identifier (1 byte) 1259 * Salt (ECRYPTFS_SALT_SIZE) 1260 * Hash iterations (1 byte) 1261 * Encrypted key (arbitrary) 1262 * 1263 * (ECRYPTFS_SALT_SIZE + 7) minimum packet size 1264 */ 1265 if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) { 1266 printk(KERN_ERR "Max packet size too large\n"); 1267 rc = -EINVAL; 1268 goto out; 1269 } 1270 if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) { 1271 printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n", 1272 ECRYPTFS_TAG_3_PACKET_TYPE); 1273 rc = -EINVAL; 1274 goto out; 1275 } 1276 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1277 * at end of function upon failure */ 1278 auth_tok_list_item = 1279 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL); 1280 if (!auth_tok_list_item) { 1281 printk(KERN_ERR "Unable to allocate memory\n"); 1282 rc = -ENOMEM; 1283 goto out; 1284 } 1285 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1286 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1287 &length_size); 1288 if (rc) { 1289 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", 1290 rc); 1291 goto out_free; 1292 } 1293 if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) { 1294 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1295 rc = -EINVAL; 1296 goto out_free; 1297 } 1298 (*packet_size) += length_size; 1299 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1300 printk(KERN_ERR "Packet size exceeds max\n"); 1301 rc = -EINVAL; 1302 goto out_free; 1303 } 1304 (*new_auth_tok)->session_key.encrypted_key_size = 1305 (body_size - (ECRYPTFS_SALT_SIZE + 5)); 1306 if (unlikely(data[(*packet_size)++] != 0x04)) { 1307 printk(KERN_WARNING "Unknown version number [%d]\n", 1308 data[(*packet_size) - 1]); 1309 rc = -EINVAL; 1310 goto out_free; 1311 } 1312 ecryptfs_cipher_code_to_string(crypt_stat->cipher, 1313 (u16)data[(*packet_size)]); 1314 /* A little extra work to differentiate among the AES key 1315 * sizes; see RFC2440 */ 1316 switch(data[(*packet_size)++]) { 1317 case RFC2440_CIPHER_AES_192: 1318 crypt_stat->key_size = 24; 1319 break; 1320 default: 1321 crypt_stat->key_size = 1322 (*new_auth_tok)->session_key.encrypted_key_size; 1323 } 1324 ecryptfs_init_crypt_ctx(crypt_stat); 1325 if (unlikely(data[(*packet_size)++] != 0x03)) { 1326 printk(KERN_WARNING "Only S2K ID 3 is currently supported\n"); 1327 rc = -ENOSYS; 1328 goto out_free; 1329 } 1330 /* TODO: finish the hash mapping */ 1331 switch (data[(*packet_size)++]) { 1332 case 0x01: /* See RFC2440 for these numbers and their mappings */ 1333 /* Choose MD5 */ 1334 memcpy((*new_auth_tok)->token.password.salt, 1335 &data[(*packet_size)], ECRYPTFS_SALT_SIZE); 1336 (*packet_size) += ECRYPTFS_SALT_SIZE; 1337 /* This conversion was taken straight from RFC2440 */ 1338 (*new_auth_tok)->token.password.hash_iterations = 1339 ((u32) 16 + (data[(*packet_size)] & 15)) 1340 << ((data[(*packet_size)] >> 4) + 6); 1341 (*packet_size)++; 1342 /* Friendly reminder: 1343 * (*new_auth_tok)->session_key.encrypted_key_size = 1344 * (body_size - (ECRYPTFS_SALT_SIZE + 5)); */ 1345 memcpy((*new_auth_tok)->session_key.encrypted_key, 1346 &data[(*packet_size)], 1347 (*new_auth_tok)->session_key.encrypted_key_size); 1348 (*packet_size) += 1349 (*new_auth_tok)->session_key.encrypted_key_size; 1350 (*new_auth_tok)->session_key.flags &= 1351 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1352 (*new_auth_tok)->session_key.flags |= 1353 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1354 (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */ 1355 break; 1356 default: 1357 ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: " 1358 "[%d]\n", data[(*packet_size) - 1]); 1359 rc = -ENOSYS; 1360 goto out_free; 1361 } 1362 (*new_auth_tok)->token_type = ECRYPTFS_PASSWORD; 1363 /* TODO: Parametarize; we might actually want userspace to 1364 * decrypt the session key. */ 1365 (*new_auth_tok)->session_key.flags &= 1366 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1367 (*new_auth_tok)->session_key.flags &= 1368 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1369 list_add(&auth_tok_list_item->list, auth_tok_list); 1370 goto out; 1371 out_free: 1372 (*new_auth_tok) = NULL; 1373 memset(auth_tok_list_item, 0, 1374 sizeof(struct ecryptfs_auth_tok_list_item)); 1375 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1376 auth_tok_list_item); 1377 out: 1378 if (rc) 1379 (*packet_size) = 0; 1380 return rc; 1381 } 1382 1383 /** 1384 * parse_tag_11_packet 1385 * @data: The raw bytes of the packet 1386 * @contents: This function writes the data contents of the literal 1387 * packet into this memory location 1388 * @max_contents_bytes: The maximum number of bytes that this function 1389 * is allowed to write into contents 1390 * @tag_11_contents_size: This function writes the size of the parsed 1391 * contents into this memory location; zero on 1392 * error 1393 * @packet_size: This function writes the size of the parsed packet 1394 * into this memory location; zero on error 1395 * @max_packet_size: maximum number of bytes to parse 1396 * 1397 * Returns zero on success; non-zero on error. 1398 */ 1399 static int 1400 parse_tag_11_packet(unsigned char *data, unsigned char *contents, 1401 size_t max_contents_bytes, size_t *tag_11_contents_size, 1402 size_t *packet_size, size_t max_packet_size) 1403 { 1404 size_t body_size; 1405 size_t length_size; 1406 int rc = 0; 1407 1408 (*packet_size) = 0; 1409 (*tag_11_contents_size) = 0; 1410 /* This format is inspired by OpenPGP; see RFC 2440 1411 * packet tag 11 1412 * 1413 * Tag 11 identifier (1 byte) 1414 * Max Tag 11 packet size (max 3 bytes) 1415 * Binary format specifier (1 byte) 1416 * Filename length (1 byte) 1417 * Filename ("_CONSOLE") (8 bytes) 1418 * Modification date (4 bytes) 1419 * Literal data (arbitrary) 1420 * 1421 * We need at least 16 bytes of data for the packet to even be 1422 * valid. 1423 */ 1424 if (max_packet_size < 16) { 1425 printk(KERN_ERR "Maximum packet size too small\n"); 1426 rc = -EINVAL; 1427 goto out; 1428 } 1429 if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) { 1430 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1431 rc = -EINVAL; 1432 goto out; 1433 } 1434 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1435 &length_size); 1436 if (rc) { 1437 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1438 goto out; 1439 } 1440 if (body_size < 14) { 1441 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1442 rc = -EINVAL; 1443 goto out; 1444 } 1445 (*packet_size) += length_size; 1446 (*tag_11_contents_size) = (body_size - 14); 1447 if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) { 1448 printk(KERN_ERR "Packet size exceeds max\n"); 1449 rc = -EINVAL; 1450 goto out; 1451 } 1452 if (data[(*packet_size)++] != 0x62) { 1453 printk(KERN_WARNING "Unrecognizable packet\n"); 1454 rc = -EINVAL; 1455 goto out; 1456 } 1457 if (data[(*packet_size)++] != 0x08) { 1458 printk(KERN_WARNING "Unrecognizable packet\n"); 1459 rc = -EINVAL; 1460 goto out; 1461 } 1462 (*packet_size) += 12; /* Ignore filename and modification date */ 1463 memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size)); 1464 (*packet_size) += (*tag_11_contents_size); 1465 out: 1466 if (rc) { 1467 (*packet_size) = 0; 1468 (*tag_11_contents_size) = 0; 1469 } 1470 return rc; 1471 } 1472 1473 /** 1474 * ecryptfs_verify_version 1475 * @version: The version number to confirm 1476 * 1477 * Returns zero on good version; non-zero otherwise 1478 */ 1479 static int ecryptfs_verify_version(u16 version) 1480 { 1481 int rc = 0; 1482 unsigned char major; 1483 unsigned char minor; 1484 1485 major = ((version >> 8) & 0xFF); 1486 minor = (version & 0xFF); 1487 if (major != ECRYPTFS_VERSION_MAJOR) { 1488 ecryptfs_printk(KERN_ERR, "Major version number mismatch. " 1489 "Expected [%d]; got [%d]\n", 1490 ECRYPTFS_VERSION_MAJOR, major); 1491 rc = -EINVAL; 1492 goto out; 1493 } 1494 if (minor != ECRYPTFS_VERSION_MINOR) { 1495 ecryptfs_printk(KERN_ERR, "Minor version number mismatch. " 1496 "Expected [%d]; got [%d]\n", 1497 ECRYPTFS_VERSION_MINOR, minor); 1498 rc = -EINVAL; 1499 goto out; 1500 } 1501 out: 1502 return rc; 1503 } 1504 1505 int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key, 1506 struct ecryptfs_auth_tok **auth_tok, 1507 char *sig) 1508 { 1509 int rc = 0; 1510 1511 (*auth_tok_key) = request_key(&key_type_user, sig, NULL); 1512 if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) { 1513 printk(KERN_ERR "Could not find key with description: [%s]\n", 1514 sig); 1515 rc = process_request_key_err(PTR_ERR(*auth_tok_key)); 1516 goto out; 1517 } 1518 (*auth_tok) = ecryptfs_get_key_payload_data(*auth_tok_key); 1519 if (ecryptfs_verify_version((*auth_tok)->version)) { 1520 printk(KERN_ERR 1521 "Data structure version mismatch. " 1522 "Userspace tools must match eCryptfs " 1523 "kernel module with major version [%d] " 1524 "and minor version [%d]\n", 1525 ECRYPTFS_VERSION_MAJOR, 1526 ECRYPTFS_VERSION_MINOR); 1527 rc = -EINVAL; 1528 goto out; 1529 } 1530 if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD 1531 && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) { 1532 printk(KERN_ERR "Invalid auth_tok structure " 1533 "returned from key query\n"); 1534 rc = -EINVAL; 1535 goto out; 1536 } 1537 out: 1538 return rc; 1539 } 1540 1541 /** 1542 * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok. 1543 * @auth_tok: The passphrase authentication token to use to encrypt the FEK 1544 * @crypt_stat: The cryptographic context 1545 * 1546 * Returns zero on success; non-zero error otherwise 1547 */ 1548 static int 1549 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1550 struct ecryptfs_crypt_stat *crypt_stat) 1551 { 1552 struct scatterlist dst_sg[2]; 1553 struct scatterlist src_sg[2]; 1554 struct mutex *tfm_mutex; 1555 struct blkcipher_desc desc = { 1556 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 1557 }; 1558 int rc = 0; 1559 1560 if (unlikely(ecryptfs_verbosity > 0)) { 1561 ecryptfs_printk( 1562 KERN_DEBUG, "Session key encryption key (size [%d]):\n", 1563 auth_tok->token.password.session_key_encryption_key_bytes); 1564 ecryptfs_dump_hex( 1565 auth_tok->token.password.session_key_encryption_key, 1566 auth_tok->token.password.session_key_encryption_key_bytes); 1567 } 1568 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 1569 crypt_stat->cipher); 1570 if (unlikely(rc)) { 1571 printk(KERN_ERR "Internal error whilst attempting to get " 1572 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 1573 crypt_stat->cipher, rc); 1574 goto out; 1575 } 1576 rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key, 1577 auth_tok->session_key.encrypted_key_size, 1578 src_sg, 2); 1579 if (rc < 1 || rc > 2) { 1580 printk(KERN_ERR "Internal error whilst attempting to convert " 1581 "auth_tok->session_key.encrypted_key to scatterlist; " 1582 "expected rc = 1; got rc = [%d]. " 1583 "auth_tok->session_key.encrypted_key_size = [%d]\n", rc, 1584 auth_tok->session_key.encrypted_key_size); 1585 goto out; 1586 } 1587 auth_tok->session_key.decrypted_key_size = 1588 auth_tok->session_key.encrypted_key_size; 1589 rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key, 1590 auth_tok->session_key.decrypted_key_size, 1591 dst_sg, 2); 1592 if (rc < 1 || rc > 2) { 1593 printk(KERN_ERR "Internal error whilst attempting to convert " 1594 "auth_tok->session_key.decrypted_key to scatterlist; " 1595 "expected rc = 1; got rc = [%d]\n", rc); 1596 goto out; 1597 } 1598 mutex_lock(tfm_mutex); 1599 rc = crypto_blkcipher_setkey( 1600 desc.tfm, auth_tok->token.password.session_key_encryption_key, 1601 crypt_stat->key_size); 1602 if (unlikely(rc < 0)) { 1603 mutex_unlock(tfm_mutex); 1604 printk(KERN_ERR "Error setting key for crypto context\n"); 1605 rc = -EINVAL; 1606 goto out; 1607 } 1608 rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg, 1609 auth_tok->session_key.encrypted_key_size); 1610 mutex_unlock(tfm_mutex); 1611 if (unlikely(rc)) { 1612 printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc); 1613 goto out; 1614 } 1615 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1616 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1617 auth_tok->session_key.decrypted_key_size); 1618 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1619 if (unlikely(ecryptfs_verbosity > 0)) { 1620 ecryptfs_printk(KERN_DEBUG, "FEK of size [%d]:\n", 1621 crypt_stat->key_size); 1622 ecryptfs_dump_hex(crypt_stat->key, 1623 crypt_stat->key_size); 1624 } 1625 out: 1626 return rc; 1627 } 1628 1629 /** 1630 * ecryptfs_parse_packet_set 1631 * @crypt_stat: The cryptographic context 1632 * @src: Virtual address of region of memory containing the packets 1633 * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set 1634 * 1635 * Get crypt_stat to have the file's session key if the requisite key 1636 * is available to decrypt the session key. 1637 * 1638 * Returns Zero if a valid authentication token was retrieved and 1639 * processed; negative value for file not encrypted or for error 1640 * conditions. 1641 */ 1642 int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, 1643 unsigned char *src, 1644 struct dentry *ecryptfs_dentry) 1645 { 1646 size_t i = 0; 1647 size_t found_auth_tok; 1648 size_t next_packet_is_auth_tok_packet; 1649 struct list_head auth_tok_list; 1650 struct ecryptfs_auth_tok *matching_auth_tok; 1651 struct ecryptfs_auth_tok *candidate_auth_tok; 1652 char *candidate_auth_tok_sig; 1653 size_t packet_size; 1654 struct ecryptfs_auth_tok *new_auth_tok; 1655 unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE]; 1656 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1657 size_t tag_11_contents_size; 1658 size_t tag_11_packet_size; 1659 int rc = 0; 1660 1661 INIT_LIST_HEAD(&auth_tok_list); 1662 /* Parse the header to find as many packets as we can; these will be 1663 * added the our &auth_tok_list */ 1664 next_packet_is_auth_tok_packet = 1; 1665 while (next_packet_is_auth_tok_packet) { 1666 size_t max_packet_size = ((PAGE_CACHE_SIZE - 8) - i); 1667 1668 switch (src[i]) { 1669 case ECRYPTFS_TAG_3_PACKET_TYPE: 1670 rc = parse_tag_3_packet(crypt_stat, 1671 (unsigned char *)&src[i], 1672 &auth_tok_list, &new_auth_tok, 1673 &packet_size, max_packet_size); 1674 if (rc) { 1675 ecryptfs_printk(KERN_ERR, "Error parsing " 1676 "tag 3 packet\n"); 1677 rc = -EIO; 1678 goto out_wipe_list; 1679 } 1680 i += packet_size; 1681 rc = parse_tag_11_packet((unsigned char *)&src[i], 1682 sig_tmp_space, 1683 ECRYPTFS_SIG_SIZE, 1684 &tag_11_contents_size, 1685 &tag_11_packet_size, 1686 max_packet_size); 1687 if (rc) { 1688 ecryptfs_printk(KERN_ERR, "No valid " 1689 "(ecryptfs-specific) literal " 1690 "packet containing " 1691 "authentication token " 1692 "signature found after " 1693 "tag 3 packet\n"); 1694 rc = -EIO; 1695 goto out_wipe_list; 1696 } 1697 i += tag_11_packet_size; 1698 if (ECRYPTFS_SIG_SIZE != tag_11_contents_size) { 1699 ecryptfs_printk(KERN_ERR, "Expected " 1700 "signature of size [%d]; " 1701 "read size [%d]\n", 1702 ECRYPTFS_SIG_SIZE, 1703 tag_11_contents_size); 1704 rc = -EIO; 1705 goto out_wipe_list; 1706 } 1707 ecryptfs_to_hex(new_auth_tok->token.password.signature, 1708 sig_tmp_space, tag_11_contents_size); 1709 new_auth_tok->token.password.signature[ 1710 ECRYPTFS_PASSWORD_SIG_SIZE] = '\0'; 1711 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1712 break; 1713 case ECRYPTFS_TAG_1_PACKET_TYPE: 1714 rc = parse_tag_1_packet(crypt_stat, 1715 (unsigned char *)&src[i], 1716 &auth_tok_list, &new_auth_tok, 1717 &packet_size, max_packet_size); 1718 if (rc) { 1719 ecryptfs_printk(KERN_ERR, "Error parsing " 1720 "tag 1 packet\n"); 1721 rc = -EIO; 1722 goto out_wipe_list; 1723 } 1724 i += packet_size; 1725 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1726 break; 1727 case ECRYPTFS_TAG_11_PACKET_TYPE: 1728 ecryptfs_printk(KERN_WARNING, "Invalid packet set " 1729 "(Tag 11 not allowed by itself)\n"); 1730 rc = -EIO; 1731 goto out_wipe_list; 1732 break; 1733 default: 1734 ecryptfs_printk(KERN_DEBUG, "No packet at offset " 1735 "[%d] of the file header; hex value of " 1736 "character is [0x%.2x]\n", i, src[i]); 1737 next_packet_is_auth_tok_packet = 0; 1738 } 1739 } 1740 if (list_empty(&auth_tok_list)) { 1741 printk(KERN_ERR "The lower file appears to be a non-encrypted " 1742 "eCryptfs file; this is not supported in this version " 1743 "of the eCryptfs kernel module\n"); 1744 rc = -EINVAL; 1745 goto out; 1746 } 1747 /* auth_tok_list contains the set of authentication tokens 1748 * parsed from the metadata. We need to find a matching 1749 * authentication token that has the secret component(s) 1750 * necessary to decrypt the EFEK in the auth_tok parsed from 1751 * the metadata. There may be several potential matches, but 1752 * just one will be sufficient to decrypt to get the FEK. */ 1753 find_next_matching_auth_tok: 1754 found_auth_tok = 0; 1755 list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) { 1756 candidate_auth_tok = &auth_tok_list_item->auth_tok; 1757 if (unlikely(ecryptfs_verbosity > 0)) { 1758 ecryptfs_printk(KERN_DEBUG, 1759 "Considering cadidate auth tok:\n"); 1760 ecryptfs_dump_auth_tok(candidate_auth_tok); 1761 } 1762 rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig, 1763 candidate_auth_tok); 1764 if (rc) { 1765 printk(KERN_ERR 1766 "Unrecognized candidate auth tok type: [%d]\n", 1767 candidate_auth_tok->token_type); 1768 rc = -EINVAL; 1769 goto out_wipe_list; 1770 } 1771 ecryptfs_find_auth_tok_for_sig(&matching_auth_tok, 1772 crypt_stat->mount_crypt_stat, 1773 candidate_auth_tok_sig); 1774 if (matching_auth_tok) { 1775 found_auth_tok = 1; 1776 goto found_matching_auth_tok; 1777 } 1778 } 1779 if (!found_auth_tok) { 1780 ecryptfs_printk(KERN_ERR, "Could not find a usable " 1781 "authentication token\n"); 1782 rc = -EIO; 1783 goto out_wipe_list; 1784 } 1785 found_matching_auth_tok: 1786 if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 1787 memcpy(&(candidate_auth_tok->token.private_key), 1788 &(matching_auth_tok->token.private_key), 1789 sizeof(struct ecryptfs_private_key)); 1790 rc = decrypt_pki_encrypted_session_key(candidate_auth_tok, 1791 crypt_stat); 1792 } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) { 1793 memcpy(&(candidate_auth_tok->token.password), 1794 &(matching_auth_tok->token.password), 1795 sizeof(struct ecryptfs_password)); 1796 rc = decrypt_passphrase_encrypted_session_key( 1797 candidate_auth_tok, crypt_stat); 1798 } 1799 if (rc) { 1800 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1801 1802 ecryptfs_printk(KERN_WARNING, "Error decrypting the " 1803 "session key for authentication token with sig " 1804 "[%.*s]; rc = [%d]. Removing auth tok " 1805 "candidate from the list and searching for " 1806 "the next match.\n", candidate_auth_tok_sig, 1807 ECRYPTFS_SIG_SIZE_HEX, rc); 1808 list_for_each_entry_safe(auth_tok_list_item, 1809 auth_tok_list_item_tmp, 1810 &auth_tok_list, list) { 1811 if (candidate_auth_tok 1812 == &auth_tok_list_item->auth_tok) { 1813 list_del(&auth_tok_list_item->list); 1814 kmem_cache_free( 1815 ecryptfs_auth_tok_list_item_cache, 1816 auth_tok_list_item); 1817 goto find_next_matching_auth_tok; 1818 } 1819 } 1820 BUG(); 1821 } 1822 rc = ecryptfs_compute_root_iv(crypt_stat); 1823 if (rc) { 1824 ecryptfs_printk(KERN_ERR, "Error computing " 1825 "the root IV\n"); 1826 goto out_wipe_list; 1827 } 1828 rc = ecryptfs_init_crypt_ctx(crypt_stat); 1829 if (rc) { 1830 ecryptfs_printk(KERN_ERR, "Error initializing crypto " 1831 "context for cipher [%s]; rc = [%d]\n", 1832 crypt_stat->cipher, rc); 1833 } 1834 out_wipe_list: 1835 wipe_auth_tok_list(&auth_tok_list); 1836 out: 1837 return rc; 1838 } 1839 1840 static int 1841 pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok, 1842 struct ecryptfs_crypt_stat *crypt_stat, 1843 struct ecryptfs_key_record *key_rec) 1844 { 1845 struct ecryptfs_msg_ctx *msg_ctx = NULL; 1846 char *payload = NULL; 1847 size_t payload_len; 1848 struct ecryptfs_message *msg; 1849 int rc; 1850 1851 rc = write_tag_66_packet(auth_tok->token.private_key.signature, 1852 ecryptfs_code_for_cipher_string( 1853 crypt_stat->cipher, 1854 crypt_stat->key_size), 1855 crypt_stat, &payload, &payload_len); 1856 if (rc) { 1857 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n"); 1858 goto out; 1859 } 1860 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1861 if (rc) { 1862 ecryptfs_printk(KERN_ERR, "Error sending message to " 1863 "ecryptfsd\n"); 1864 goto out; 1865 } 1866 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1867 if (rc) { 1868 ecryptfs_printk(KERN_ERR, "Failed to receive tag 67 packet " 1869 "from the user space daemon\n"); 1870 rc = -EIO; 1871 goto out; 1872 } 1873 rc = parse_tag_67_packet(key_rec, msg); 1874 if (rc) 1875 ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n"); 1876 kfree(msg); 1877 out: 1878 kfree(payload); 1879 return rc; 1880 } 1881 /** 1882 * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet 1883 * @dest: Buffer into which to write the packet 1884 * @remaining_bytes: Maximum number of bytes that can be writtn 1885 * @auth_tok: The authentication token used for generating the tag 1 packet 1886 * @crypt_stat: The cryptographic context 1887 * @key_rec: The key record struct for the tag 1 packet 1888 * @packet_size: This function will write the number of bytes that end 1889 * up constituting the packet; set to zero on error 1890 * 1891 * Returns zero on success; non-zero on error. 1892 */ 1893 static int 1894 write_tag_1_packet(char *dest, size_t *remaining_bytes, 1895 struct ecryptfs_auth_tok *auth_tok, 1896 struct ecryptfs_crypt_stat *crypt_stat, 1897 struct ecryptfs_key_record *key_rec, size_t *packet_size) 1898 { 1899 size_t i; 1900 size_t encrypted_session_key_valid = 0; 1901 size_t packet_size_length; 1902 size_t max_packet_size; 1903 int rc = 0; 1904 1905 (*packet_size) = 0; 1906 ecryptfs_from_hex(key_rec->sig, auth_tok->token.private_key.signature, 1907 ECRYPTFS_SIG_SIZE); 1908 encrypted_session_key_valid = 0; 1909 for (i = 0; i < crypt_stat->key_size; i++) 1910 encrypted_session_key_valid |= 1911 auth_tok->session_key.encrypted_key[i]; 1912 if (encrypted_session_key_valid) { 1913 memcpy(key_rec->enc_key, 1914 auth_tok->session_key.encrypted_key, 1915 auth_tok->session_key.encrypted_key_size); 1916 goto encrypted_session_key_set; 1917 } 1918 if (auth_tok->session_key.encrypted_key_size == 0) 1919 auth_tok->session_key.encrypted_key_size = 1920 auth_tok->token.private_key.key_size; 1921 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec); 1922 if (rc) { 1923 printk(KERN_ERR "Failed to encrypt session key via a key " 1924 "module; rc = [%d]\n", rc); 1925 goto out; 1926 } 1927 if (ecryptfs_verbosity > 0) { 1928 ecryptfs_printk(KERN_DEBUG, "Encrypted key:\n"); 1929 ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size); 1930 } 1931 encrypted_session_key_set: 1932 /* This format is inspired by OpenPGP; see RFC 2440 1933 * packet tag 1 */ 1934 max_packet_size = (1 /* Tag 1 identifier */ 1935 + 3 /* Max Tag 1 packet size */ 1936 + 1 /* Version */ 1937 + ECRYPTFS_SIG_SIZE /* Key identifier */ 1938 + 1 /* Cipher identifier */ 1939 + key_rec->enc_key_size); /* Encrypted key size */ 1940 if (max_packet_size > (*remaining_bytes)) { 1941 printk(KERN_ERR "Packet length larger than maximum allowable; " 1942 "need up to [%td] bytes, but there are only [%td] " 1943 "available\n", max_packet_size, (*remaining_bytes)); 1944 rc = -EINVAL; 1945 goto out; 1946 } 1947 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; 1948 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 1949 (max_packet_size - 4), 1950 &packet_size_length); 1951 if (rc) { 1952 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " 1953 "header; cannot generate packet length\n"); 1954 goto out; 1955 } 1956 (*packet_size) += packet_size_length; 1957 dest[(*packet_size)++] = 0x03; /* version 3 */ 1958 memcpy(&dest[(*packet_size)], key_rec->sig, ECRYPTFS_SIG_SIZE); 1959 (*packet_size) += ECRYPTFS_SIG_SIZE; 1960 dest[(*packet_size)++] = RFC2440_CIPHER_RSA; 1961 memcpy(&dest[(*packet_size)], key_rec->enc_key, 1962 key_rec->enc_key_size); 1963 (*packet_size) += key_rec->enc_key_size; 1964 out: 1965 if (rc) 1966 (*packet_size) = 0; 1967 else 1968 (*remaining_bytes) -= (*packet_size); 1969 return rc; 1970 } 1971 1972 /** 1973 * write_tag_11_packet 1974 * @dest: Target into which Tag 11 packet is to be written 1975 * @remaining_bytes: Maximum packet length 1976 * @contents: Byte array of contents to copy in 1977 * @contents_length: Number of bytes in contents 1978 * @packet_length: Length of the Tag 11 packet written; zero on error 1979 * 1980 * Returns zero on success; non-zero on error. 1981 */ 1982 static int 1983 write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents, 1984 size_t contents_length, size_t *packet_length) 1985 { 1986 size_t packet_size_length; 1987 size_t max_packet_size; 1988 int rc = 0; 1989 1990 (*packet_length) = 0; 1991 /* This format is inspired by OpenPGP; see RFC 2440 1992 * packet tag 11 */ 1993 max_packet_size = (1 /* Tag 11 identifier */ 1994 + 3 /* Max Tag 11 packet size */ 1995 + 1 /* Binary format specifier */ 1996 + 1 /* Filename length */ 1997 + 8 /* Filename ("_CONSOLE") */ 1998 + 4 /* Modification date */ 1999 + contents_length); /* Literal data */ 2000 if (max_packet_size > (*remaining_bytes)) { 2001 printk(KERN_ERR "Packet length larger than maximum allowable; " 2002 "need up to [%td] bytes, but there are only [%td] " 2003 "available\n", max_packet_size, (*remaining_bytes)); 2004 rc = -EINVAL; 2005 goto out; 2006 } 2007 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 2008 rc = ecryptfs_write_packet_length(&dest[(*packet_length)], 2009 (max_packet_size - 4), 2010 &packet_size_length); 2011 if (rc) { 2012 printk(KERN_ERR "Error generating tag 11 packet header; cannot " 2013 "generate packet length. rc = [%d]\n", rc); 2014 goto out; 2015 } 2016 (*packet_length) += packet_size_length; 2017 dest[(*packet_length)++] = 0x62; /* binary data format specifier */ 2018 dest[(*packet_length)++] = 8; 2019 memcpy(&dest[(*packet_length)], "_CONSOLE", 8); 2020 (*packet_length) += 8; 2021 memset(&dest[(*packet_length)], 0x00, 4); 2022 (*packet_length) += 4; 2023 memcpy(&dest[(*packet_length)], contents, contents_length); 2024 (*packet_length) += contents_length; 2025 out: 2026 if (rc) 2027 (*packet_length) = 0; 2028 else 2029 (*remaining_bytes) -= (*packet_length); 2030 return rc; 2031 } 2032 2033 /** 2034 * write_tag_3_packet 2035 * @dest: Buffer into which to write the packet 2036 * @remaining_bytes: Maximum number of bytes that can be written 2037 * @auth_tok: Authentication token 2038 * @crypt_stat: The cryptographic context 2039 * @key_rec: encrypted key 2040 * @packet_size: This function will write the number of bytes that end 2041 * up constituting the packet; set to zero on error 2042 * 2043 * Returns zero on success; non-zero on error. 2044 */ 2045 static int 2046 write_tag_3_packet(char *dest, size_t *remaining_bytes, 2047 struct ecryptfs_auth_tok *auth_tok, 2048 struct ecryptfs_crypt_stat *crypt_stat, 2049 struct ecryptfs_key_record *key_rec, size_t *packet_size) 2050 { 2051 size_t i; 2052 size_t encrypted_session_key_valid = 0; 2053 char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES]; 2054 struct scatterlist dst_sg[2]; 2055 struct scatterlist src_sg[2]; 2056 struct mutex *tfm_mutex = NULL; 2057 u8 cipher_code; 2058 size_t packet_size_length; 2059 size_t max_packet_size; 2060 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2061 crypt_stat->mount_crypt_stat; 2062 struct blkcipher_desc desc = { 2063 .tfm = NULL, 2064 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 2065 }; 2066 int rc = 0; 2067 2068 (*packet_size) = 0; 2069 ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature, 2070 ECRYPTFS_SIG_SIZE); 2071 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 2072 crypt_stat->cipher); 2073 if (unlikely(rc)) { 2074 printk(KERN_ERR "Internal error whilst attempting to get " 2075 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 2076 crypt_stat->cipher, rc); 2077 goto out; 2078 } 2079 if (mount_crypt_stat->global_default_cipher_key_size == 0) { 2080 struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm); 2081 2082 printk(KERN_WARNING "No key size specified at mount; " 2083 "defaulting to [%d]\n", alg->max_keysize); 2084 mount_crypt_stat->global_default_cipher_key_size = 2085 alg->max_keysize; 2086 } 2087 if (crypt_stat->key_size == 0) 2088 crypt_stat->key_size = 2089 mount_crypt_stat->global_default_cipher_key_size; 2090 if (auth_tok->session_key.encrypted_key_size == 0) 2091 auth_tok->session_key.encrypted_key_size = 2092 crypt_stat->key_size; 2093 if (crypt_stat->key_size == 24 2094 && strcmp("aes", crypt_stat->cipher) == 0) { 2095 memset((crypt_stat->key + 24), 0, 8); 2096 auth_tok->session_key.encrypted_key_size = 32; 2097 } else 2098 auth_tok->session_key.encrypted_key_size = crypt_stat->key_size; 2099 key_rec->enc_key_size = 2100 auth_tok->session_key.encrypted_key_size; 2101 encrypted_session_key_valid = 0; 2102 for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++) 2103 encrypted_session_key_valid |= 2104 auth_tok->session_key.encrypted_key[i]; 2105 if (encrypted_session_key_valid) { 2106 ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; " 2107 "using auth_tok->session_key.encrypted_key, " 2108 "where key_rec->enc_key_size = [%d]\n", 2109 key_rec->enc_key_size); 2110 memcpy(key_rec->enc_key, 2111 auth_tok->session_key.encrypted_key, 2112 key_rec->enc_key_size); 2113 goto encrypted_session_key_set; 2114 } 2115 if (auth_tok->token.password.flags & 2116 ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) { 2117 ecryptfs_printk(KERN_DEBUG, "Using previously generated " 2118 "session key encryption key of size [%d]\n", 2119 auth_tok->token.password. 2120 session_key_encryption_key_bytes); 2121 memcpy(session_key_encryption_key, 2122 auth_tok->token.password.session_key_encryption_key, 2123 crypt_stat->key_size); 2124 ecryptfs_printk(KERN_DEBUG, 2125 "Cached session key " "encryption key: \n"); 2126 if (ecryptfs_verbosity > 0) 2127 ecryptfs_dump_hex(session_key_encryption_key, 16); 2128 } 2129 if (unlikely(ecryptfs_verbosity > 0)) { 2130 ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n"); 2131 ecryptfs_dump_hex(session_key_encryption_key, 16); 2132 } 2133 rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size, 2134 src_sg, 2); 2135 if (rc < 1 || rc > 2) { 2136 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2137 "for crypt_stat session key; expected rc = 1; " 2138 "got rc = [%d]. key_rec->enc_key_size = [%d]\n", 2139 rc, key_rec->enc_key_size); 2140 rc = -ENOMEM; 2141 goto out; 2142 } 2143 rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size, 2144 dst_sg, 2); 2145 if (rc < 1 || rc > 2) { 2146 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2147 "for crypt_stat encrypted session key; " 2148 "expected rc = 1; got rc = [%d]. " 2149 "key_rec->enc_key_size = [%d]\n", rc, 2150 key_rec->enc_key_size); 2151 rc = -ENOMEM; 2152 goto out; 2153 } 2154 mutex_lock(tfm_mutex); 2155 rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key, 2156 crypt_stat->key_size); 2157 if (rc < 0) { 2158 mutex_unlock(tfm_mutex); 2159 ecryptfs_printk(KERN_ERR, "Error setting key for crypto " 2160 "context; rc = [%d]\n", rc); 2161 goto out; 2162 } 2163 rc = 0; 2164 ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n", 2165 crypt_stat->key_size); 2166 rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg, 2167 (*key_rec).enc_key_size); 2168 mutex_unlock(tfm_mutex); 2169 if (rc) { 2170 printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc); 2171 goto out; 2172 } 2173 ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n"); 2174 if (ecryptfs_verbosity > 0) { 2175 ecryptfs_printk(KERN_DEBUG, "EFEK of size [%d]:\n", 2176 key_rec->enc_key_size); 2177 ecryptfs_dump_hex(key_rec->enc_key, 2178 key_rec->enc_key_size); 2179 } 2180 encrypted_session_key_set: 2181 /* This format is inspired by OpenPGP; see RFC 2440 2182 * packet tag 3 */ 2183 max_packet_size = (1 /* Tag 3 identifier */ 2184 + 3 /* Max Tag 3 packet size */ 2185 + 1 /* Version */ 2186 + 1 /* Cipher code */ 2187 + 1 /* S2K specifier */ 2188 + 1 /* Hash identifier */ 2189 + ECRYPTFS_SALT_SIZE /* Salt */ 2190 + 1 /* Hash iterations */ 2191 + key_rec->enc_key_size); /* Encrypted key size */ 2192 if (max_packet_size > (*remaining_bytes)) { 2193 printk(KERN_ERR "Packet too large; need up to [%td] bytes, but " 2194 "there are only [%td] available\n", max_packet_size, 2195 (*remaining_bytes)); 2196 rc = -EINVAL; 2197 goto out; 2198 } 2199 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; 2200 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) 2201 * to get the number of octets in the actual Tag 3 packet */ 2202 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 2203 (max_packet_size - 4), 2204 &packet_size_length); 2205 if (rc) { 2206 printk(KERN_ERR "Error generating tag 3 packet header; cannot " 2207 "generate packet length. rc = [%d]\n", rc); 2208 goto out; 2209 } 2210 (*packet_size) += packet_size_length; 2211 dest[(*packet_size)++] = 0x04; /* version 4 */ 2212 /* TODO: Break from RFC2440 so that arbitrary ciphers can be 2213 * specified with strings */ 2214 cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher, 2215 crypt_stat->key_size); 2216 if (cipher_code == 0) { 2217 ecryptfs_printk(KERN_WARNING, "Unable to generate code for " 2218 "cipher [%s]\n", crypt_stat->cipher); 2219 rc = -EINVAL; 2220 goto out; 2221 } 2222 dest[(*packet_size)++] = cipher_code; 2223 dest[(*packet_size)++] = 0x03; /* S2K */ 2224 dest[(*packet_size)++] = 0x01; /* MD5 (TODO: parameterize) */ 2225 memcpy(&dest[(*packet_size)], auth_tok->token.password.salt, 2226 ECRYPTFS_SALT_SIZE); 2227 (*packet_size) += ECRYPTFS_SALT_SIZE; /* salt */ 2228 dest[(*packet_size)++] = 0x60; /* hash iterations (65536) */ 2229 memcpy(&dest[(*packet_size)], key_rec->enc_key, 2230 key_rec->enc_key_size); 2231 (*packet_size) += key_rec->enc_key_size; 2232 out: 2233 if (rc) 2234 (*packet_size) = 0; 2235 else 2236 (*remaining_bytes) -= (*packet_size); 2237 return rc; 2238 } 2239 2240 struct kmem_cache *ecryptfs_key_record_cache; 2241 2242 /** 2243 * ecryptfs_generate_key_packet_set 2244 * @dest_base: Virtual address from which to write the key record set 2245 * @crypt_stat: The cryptographic context from which the 2246 * authentication tokens will be retrieved 2247 * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat 2248 * for the global parameters 2249 * @len: The amount written 2250 * @max: The maximum amount of data allowed to be written 2251 * 2252 * Generates a key packet set and writes it to the virtual address 2253 * passed in. 2254 * 2255 * Returns zero on success; non-zero on error. 2256 */ 2257 int 2258 ecryptfs_generate_key_packet_set(char *dest_base, 2259 struct ecryptfs_crypt_stat *crypt_stat, 2260 struct dentry *ecryptfs_dentry, size_t *len, 2261 size_t max) 2262 { 2263 struct ecryptfs_auth_tok *auth_tok; 2264 struct ecryptfs_global_auth_tok *global_auth_tok; 2265 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2266 &ecryptfs_superblock_to_private( 2267 ecryptfs_dentry->d_sb)->mount_crypt_stat; 2268 size_t written; 2269 struct ecryptfs_key_record *key_rec; 2270 struct ecryptfs_key_sig *key_sig; 2271 int rc = 0; 2272 2273 (*len) = 0; 2274 mutex_lock(&crypt_stat->keysig_list_mutex); 2275 key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL); 2276 if (!key_rec) { 2277 rc = -ENOMEM; 2278 goto out; 2279 } 2280 list_for_each_entry(key_sig, &crypt_stat->keysig_list, 2281 crypt_stat_list) { 2282 memset(key_rec, 0, sizeof(*key_rec)); 2283 rc = ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 2284 mount_crypt_stat, 2285 key_sig->keysig); 2286 if (rc) { 2287 printk(KERN_ERR "Error attempting to get the global " 2288 "auth_tok; rc = [%d]\n", rc); 2289 goto out_free; 2290 } 2291 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID) { 2292 printk(KERN_WARNING 2293 "Skipping invalid auth tok with sig = [%s]\n", 2294 global_auth_tok->sig); 2295 continue; 2296 } 2297 auth_tok = global_auth_tok->global_auth_tok; 2298 if (auth_tok->token_type == ECRYPTFS_PASSWORD) { 2299 rc = write_tag_3_packet((dest_base + (*len)), 2300 &max, auth_tok, 2301 crypt_stat, key_rec, 2302 &written); 2303 if (rc) { 2304 ecryptfs_printk(KERN_WARNING, "Error " 2305 "writing tag 3 packet\n"); 2306 goto out_free; 2307 } 2308 (*len) += written; 2309 /* Write auth tok signature packet */ 2310 rc = write_tag_11_packet((dest_base + (*len)), &max, 2311 key_rec->sig, 2312 ECRYPTFS_SIG_SIZE, &written); 2313 if (rc) { 2314 ecryptfs_printk(KERN_ERR, "Error writing " 2315 "auth tok signature packet\n"); 2316 goto out_free; 2317 } 2318 (*len) += written; 2319 } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 2320 rc = write_tag_1_packet(dest_base + (*len), 2321 &max, auth_tok, 2322 crypt_stat, key_rec, &written); 2323 if (rc) { 2324 ecryptfs_printk(KERN_WARNING, "Error " 2325 "writing tag 1 packet\n"); 2326 goto out_free; 2327 } 2328 (*len) += written; 2329 } else { 2330 ecryptfs_printk(KERN_WARNING, "Unsupported " 2331 "authentication token type\n"); 2332 rc = -EINVAL; 2333 goto out_free; 2334 } 2335 } 2336 if (likely(max > 0)) { 2337 dest_base[(*len)] = 0x00; 2338 } else { 2339 ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n"); 2340 rc = -EIO; 2341 } 2342 out_free: 2343 kmem_cache_free(ecryptfs_key_record_cache, key_rec); 2344 out: 2345 if (rc) 2346 (*len) = 0; 2347 mutex_unlock(&crypt_stat->keysig_list_mutex); 2348 return rc; 2349 } 2350 2351 struct kmem_cache *ecryptfs_key_sig_cache; 2352 2353 int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig) 2354 { 2355 struct ecryptfs_key_sig *new_key_sig; 2356 int rc = 0; 2357 2358 new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL); 2359 if (!new_key_sig) { 2360 rc = -ENOMEM; 2361 printk(KERN_ERR 2362 "Error allocating from ecryptfs_key_sig_cache\n"); 2363 goto out; 2364 } 2365 memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX); 2366 mutex_lock(&crypt_stat->keysig_list_mutex); 2367 list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list); 2368 mutex_unlock(&crypt_stat->keysig_list_mutex); 2369 out: 2370 return rc; 2371 } 2372 2373 struct kmem_cache *ecryptfs_global_auth_tok_cache; 2374 2375 int 2376 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 2377 char *sig, u32 global_auth_tok_flags) 2378 { 2379 struct ecryptfs_global_auth_tok *new_auth_tok; 2380 int rc = 0; 2381 2382 new_auth_tok = kmem_cache_zalloc(ecryptfs_global_auth_tok_cache, 2383 GFP_KERNEL); 2384 if (!new_auth_tok) { 2385 rc = -ENOMEM; 2386 printk(KERN_ERR "Error allocating from " 2387 "ecryptfs_global_auth_tok_cache\n"); 2388 goto out; 2389 } 2390 memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); 2391 new_auth_tok->flags = global_auth_tok_flags; 2392 new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 2393 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 2394 list_add(&new_auth_tok->mount_crypt_stat_list, 2395 &mount_crypt_stat->global_auth_tok_list); 2396 mount_crypt_stat->num_global_auth_toks++; 2397 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 2398 out: 2399 return rc; 2400 } 2401 2402