1 // SPDX-License-Identifier: GPL-2.0 2 3 #include <linux/quotaops.h> 4 5 #include "ext4.h" 6 #include "xattr.h" 7 #include "ext4_jbd2.h" 8 9 static int ext4_get_context(struct inode *inode, void *ctx, size_t len) 10 { 11 return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, 12 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); 13 } 14 15 static int ext4_set_context(struct inode *inode, const void *ctx, size_t len, 16 void *fs_data) 17 { 18 handle_t *handle = fs_data; 19 int res, res2, credits, retries = 0; 20 21 /* 22 * Encrypting the root directory is not allowed because e2fsck expects 23 * lost+found to exist and be unencrypted, and encrypting the root 24 * directory would imply encrypting the lost+found directory as well as 25 * the filename "lost+found" itself. 26 */ 27 if (inode->i_ino == EXT4_ROOT_INO) 28 return -EPERM; 29 30 if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode))) 31 return -EINVAL; 32 33 if (ext4_test_inode_flag(inode, EXT4_INODE_DAX)) 34 return -EOPNOTSUPP; 35 36 res = ext4_convert_inline_data(inode); 37 if (res) 38 return res; 39 40 /* 41 * If a journal handle was specified, then the encryption context is 42 * being set on a new inode via inheritance and is part of a larger 43 * transaction to create the inode. Otherwise the encryption context is 44 * being set on an existing inode in its own transaction. Only in the 45 * latter case should the "retry on ENOSPC" logic be used. 46 */ 47 48 if (handle) { 49 res = ext4_xattr_set_handle(handle, inode, 50 EXT4_XATTR_INDEX_ENCRYPTION, 51 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, 52 ctx, len, 0); 53 if (!res) { 54 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); 55 ext4_clear_inode_state(inode, 56 EXT4_STATE_MAY_INLINE_DATA); 57 /* 58 * Update inode->i_flags - S_ENCRYPTED will be enabled, 59 * S_DAX may be disabled 60 */ 61 ext4_set_inode_flags(inode, false); 62 } 63 return res; 64 } 65 66 res = dquot_initialize(inode); 67 if (res) 68 return res; 69 retry: 70 res = ext4_xattr_set_credits(inode, len, false /* is_create */, 71 &credits); 72 if (res) 73 return res; 74 75 handle = ext4_journal_start(inode, EXT4_HT_MISC, credits); 76 if (IS_ERR(handle)) 77 return PTR_ERR(handle); 78 79 res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION, 80 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, 81 ctx, len, 0); 82 if (!res) { 83 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); 84 /* 85 * Update inode->i_flags - S_ENCRYPTED will be enabled, 86 * S_DAX may be disabled 87 */ 88 ext4_set_inode_flags(inode, false); 89 res = ext4_mark_inode_dirty(handle, inode); 90 if (res) 91 EXT4_ERROR_INODE(inode, "Failed to mark inode dirty"); 92 } 93 res2 = ext4_journal_stop(handle); 94 95 if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) 96 goto retry; 97 if (!res) 98 res = res2; 99 return res; 100 } 101 102 static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb) 103 { 104 return EXT4_SB(sb)->s_dummy_enc_policy.policy; 105 } 106 107 static bool ext4_has_stable_inodes(struct super_block *sb) 108 { 109 return ext4_has_feature_stable_inodes(sb); 110 } 111 112 static void ext4_get_ino_and_lblk_bits(struct super_block *sb, 113 int *ino_bits_ret, int *lblk_bits_ret) 114 { 115 *ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count); 116 *lblk_bits_ret = 8 * sizeof(ext4_lblk_t); 117 } 118 119 const struct fscrypt_operations ext4_cryptops = { 120 .key_prefix = "ext4:", 121 .get_context = ext4_get_context, 122 .set_context = ext4_set_context, 123 .get_dummy_policy = ext4_get_dummy_policy, 124 .empty_dir = ext4_empty_dir, 125 .has_stable_inodes = ext4_has_stable_inodes, 126 .get_ino_and_lblk_bits = ext4_get_ino_and_lblk_bits, 127 }; 128