linux/fs/ubifs/crypto.c

#include "ubifs.h"

static int ubifs_crypt_get_context(struct inode *inode, void *ctx, size_t len)
{
	return ubifs_xattr_get(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
			       ctx, len);
}

static int ubifs_crypt_set_context(struct inode *inode, const void *ctx,
				   size_t len, void *fs_data)
{
	/*
	 * Creating an encryption context is done unlocked since we
	 * operate on a new inode which is not visible to other users
	 * at this point. So, no need to check whether inode is locked.
	 */
	return ubifs_xattr_set(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
			       ctx, len, 0, false);
}

static bool ubifs_crypt_empty_dir(struct inode *inode)
{
	return ubifs_check_dir_empty(inode) == 0;
}

static unsigned int ubifs_crypt_max_namelen(struct inode *inode)
{
	if (S_ISLNK(inode->i_mode))
		return UBIFS_MAX_INO_DATA;
	else
		return UBIFS_MAX_NLEN;
}

int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn,
		  unsigned int in_len, unsigned int *out_len, int block)
{
	struct ubifs_info *c = inode->i_sb->s_fs_info;
	void *p = &dn->data;
	struct page *ret;
	unsigned int pad_len = round_up(in_len, UBIFS_CIPHER_BLOCK_SIZE);

	ubifs_assert(pad_len <= *out_len);
	dn->compr_size = cpu_to_le16(in_len);

	/* pad to full block cipher length */
	if (pad_len != in_len)
		memset(p + in_len, 0, pad_len - in_len);

	ret = fscrypt_encrypt_page(inode, virt_to_page(&dn->data), pad_len,
			offset_in_page(&dn->data), block, GFP_NOFS);
	if (IS_ERR(ret)) {
		ubifs_err(c, "fscrypt_encrypt_page failed: %ld", PTR_ERR(ret));
		return PTR_ERR(ret);
	}
	*out_len = pad_len;

	return 0;
}

int ubifs_decrypt(const struct inode *inode, struct ubifs_data_node *dn,
		  unsigned int *out_len, int block)
{
	struct ubifs_info *c = inode->i_sb->s_fs_info;
	int err;
	unsigned int clen = le16_to_cpu(dn->compr_size);
	unsigned int dlen = *out_len;

	if (clen <= 0 || clen > UBIFS_BLOCK_SIZE || clen > dlen) {
		ubifs_err(c, "bad compr_size: %i", clen);
		return -EINVAL;
	}

	ubifs_assert(dlen <= UBIFS_BLOCK_SIZE);
	err = fscrypt_decrypt_page(inode, virt_to_page(&dn->data), dlen,
			offset_in_page(&dn->data), block);
	if (err) {
		ubifs_err(c, "fscrypt_decrypt_page failed: %i", err);
		return err;
	}
	*out_len = clen;

	return 0;
}

const struct fscrypt_operations ubifs_crypt_operations = {
	.flags			= FS_CFLG_OWN_PAGES,
	.key_prefix		= "ubifs:",
	.get_context		= ubifs_crypt_get_context,
	.set_context		= ubifs_crypt_set_context,
	.is_encrypted		= __ubifs_crypt_is_encrypted,
	.empty_dir		= ubifs_crypt_empty_dir,
	.max_namelen		= ubifs_crypt_max_namelen,
};
ubifs: Add skeleton for fscrypto This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-20 16:47:56 +02:00			`#include "ubifs.h"`

			`static int ubifs_crypt_get_context(struct inode inode, void ctx, size_t len)`
			`{`
			`return ubifs_xattr_get(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,`
			`ctx, len);`
			`}`

			`static int ubifs_crypt_set_context(struct inode inode, const void ctx,`
			`size_t len, void *fs_data)`
			`{`
ubifs: Massage assert in ubifs_xattr_set() wrt. init_xattrs The inode is not locked in init_xattrs when creating a new inode. Without this patch, there will occurs assert when booting or creating a new file, if the kernel config CONFIG_SECURITY_SMACK is enabled. Log likes: UBIFS assert failed in ubifs_xattr_set at 298 (pid 1156) CPU: 1 PID: 1156 Comm: ldconfig Tainted: G S 4.12.0-rc1-207440-g1e70b02 #2 Hardware name: MediaTek MT2712 evaluation board (DT) Call trace: [<ffff000008088538>] dump_backtrace+0x0/0x238 [<ffff000008088834>] show_stack+0x14/0x20 [<ffff0000083d98d4>] dump_stack+0x9c/0xc0 [<ffff00000835d524>] ubifs_xattr_set+0x374/0x5e0 [<ffff00000835d7ec>] init_xattrs+0x5c/0xb8 [<ffff000008385788>] security_inode_init_security+0x110/0x190 [<ffff00000835e058>] ubifs_init_security+0x30/0x68 [<ffff00000833ada0>] ubifs_mkdir+0x100/0x200 [<ffff00000820669c>] vfs_mkdir+0x11c/0x1b8 [<ffff00000820b73c>] SyS_mkdirat+0x74/0xd0 [<ffff000008082f8c>] __sys_trace_return+0x0/0x4 Signed-off-by: Xiaolei Li <xiaolei.li@mediatek.com> Signed-off-by: Richard Weinberger <richard@nod.at> 2017-06-23 10:37:23 +08:00			`/*`
			`* Creating an encryption context is done unlocked since we`
			`* operate on a new inode which is not visible to other users`
			`* at this point. So, no need to check whether inode is locked.`
			`*/`
ubifs: Add skeleton for fscrypto This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-20 16:47:56 +02:00			`return ubifs_xattr_set(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,`
ubifs: Massage assert in ubifs_xattr_set() wrt. init_xattrs The inode is not locked in init_xattrs when creating a new inode. Without this patch, there will occurs assert when booting or creating a new file, if the kernel config CONFIG_SECURITY_SMACK is enabled. Log likes: UBIFS assert failed in ubifs_xattr_set at 298 (pid 1156) CPU: 1 PID: 1156 Comm: ldconfig Tainted: G S 4.12.0-rc1-207440-g1e70b02 #2 Hardware name: MediaTek MT2712 evaluation board (DT) Call trace: [<ffff000008088538>] dump_backtrace+0x0/0x238 [<ffff000008088834>] show_stack+0x14/0x20 [<ffff0000083d98d4>] dump_stack+0x9c/0xc0 [<ffff00000835d524>] ubifs_xattr_set+0x374/0x5e0 [<ffff00000835d7ec>] init_xattrs+0x5c/0xb8 [<ffff000008385788>] security_inode_init_security+0x110/0x190 [<ffff00000835e058>] ubifs_init_security+0x30/0x68 [<ffff00000833ada0>] ubifs_mkdir+0x100/0x200 [<ffff00000820669c>] vfs_mkdir+0x11c/0x1b8 [<ffff00000820b73c>] SyS_mkdirat+0x74/0xd0 [<ffff000008082f8c>] __sys_trace_return+0x0/0x4 Signed-off-by: Xiaolei Li <xiaolei.li@mediatek.com> Signed-off-by: Richard Weinberger <richard@nod.at> 2017-06-23 10:37:23 +08:00			`ctx, len, 0, false);`
ubifs: Add skeleton for fscrypto This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-20 16:47:56 +02:00			`}`

			`static bool ubifs_crypt_empty_dir(struct inode *inode)`
			`{`
			`return ubifs_check_dir_empty(inode) == 0;`
			`}`

			`static unsigned int ubifs_crypt_max_namelen(struct inode *inode)`
			`{`
			`if (S_ISLNK(inode->i_mode))`
			`return UBIFS_MAX_INO_DATA;`
			`else`
			`return UBIFS_MAX_NLEN;`
			`}`

ubifs: Implement encrypt/decrypt for all IO Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Gstir <david@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at> 2016-09-29 22:20:19 +02:00			`int ubifs_encrypt(const struct inode inode, struct ubifs_data_node dn,`
			`unsigned int in_len, unsigned int *out_len, int block)`
			`{`
			`struct ubifs_info *c = inode->i_sb->s_fs_info;`
			`void *p = &dn->data;`
			`struct page *ret;`
			`unsigned int pad_len = round_up(in_len, UBIFS_CIPHER_BLOCK_SIZE);`

			`ubifs_assert(pad_len <= *out_len);`
			`dn->compr_size = cpu_to_le16(in_len);`

			`/* pad to full block cipher length */`
			`if (pad_len != in_len)`
			`memset(p + in_len, 0, pad_len - in_len);`

			`ret = fscrypt_encrypt_page(inode, virt_to_page(&dn->data), pad_len,`
			`offset_in_page(&dn->data), block, GFP_NOFS);`
			`if (IS_ERR(ret)) {`
			`ubifs_err(c, "fscrypt_encrypt_page failed: %ld", PTR_ERR(ret));`
			`return PTR_ERR(ret);`
			`}`
			`*out_len = pad_len;`

			`return 0;`
			`}`

			`int ubifs_decrypt(const struct inode inode, struct ubifs_data_node dn,`
			`unsigned int *out_len, int block)`
			`{`
			`struct ubifs_info *c = inode->i_sb->s_fs_info;`
			`int err;`
			`unsigned int clen = le16_to_cpu(dn->compr_size);`
			`unsigned int dlen = *out_len;`

			`if (clen <= 0 \|\| clen > UBIFS_BLOCK_SIZE \|\| clen > dlen) {`
			`ubifs_err(c, "bad compr_size: %i", clen);`
			`return -EINVAL;`
			`}`

			`ubifs_assert(dlen <= UBIFS_BLOCK_SIZE);`
			`err = fscrypt_decrypt_page(inode, virt_to_page(&dn->data), dlen,`
			`offset_in_page(&dn->data), block);`
			`if (err) {`
			`ubifs_err(c, "fscrypt_decrypt_page failed: %i", err);`
			`return err;`
			`}`
			`*out_len = clen;`

			`return 0;`
			`}`

fscrypt: constify struct fscrypt_operations Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Richard Weinberger <richard@nod.at> 2017-02-07 12:42:10 -08:00			`const struct fscrypt_operations ubifs_crypt_operations = {`
ubifs: Use FS_CFLG_OWN_PAGES Commit bd7b8290388d ("fscrypt: Cleanup page locking requirements for fscrypt_{decrypt,encrypt}_page()") renamed the flag. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-12-13 00:27:58 +01:00			`.flags = FS_CFLG_OWN_PAGES,`
fscrypt: make fscrypt_operations.key_prefix a string There was an unnecessary amount of complexity around requesting the filesystem-specific key prefix. It was unclear why; perhaps it was envisioned that different instances of the same filesystem type could use different key prefixes, or that key prefixes could be binary. However, neither of those things were implemented or really make sense at all. So simplify the code by making key_prefix a const char *. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Richard Weinberger <richard@nod.at> Signed-off-by: Theodore Ts'o <tytso@mit.edu> 2017-01-05 13:51:18 -08:00			`.key_prefix = "ubifs:",`
ubifs: Add skeleton for fscrypto This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-20 16:47:56 +02:00			`.get_context = ubifs_crypt_get_context,`
			`.set_context = ubifs_crypt_set_context,`
ubifs: Constify struct inode pointer in ubifs_crypt_is_encrypted() ...and provide a non const variant for fscrypto Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-21 14:03:19 +02:00			`.is_encrypted = __ubifs_crypt_is_encrypted,`
ubifs: Add skeleton for fscrypto This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at> 2016-10-20 16:47:56 +02:00			`.empty_dir = ubifs_crypt_empty_dir,`
			`.max_namelen = ubifs_crypt_max_namelen,`
			`};`