ext4 crypto: add padding to filenames before encrypting

This obscures the length of the filenames, to decrease the amount of information leakage. By default, we pad the filenames to the next 4 byte boundaries. This costs nothing, since the directory entries are aligned to 4 byte boundaries anyway. Filenames can also be padded to 8, 16, or 32 bytes, which will consume more directory space. Change-Id: Ibb7a0fb76d2c48e2061240a709358ff40b14f322 Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2015-05-01 16:56:50 -04:00
parent 5de0b4d0cd
commit a44cd7a054
5 changed files with 31 additions and 8 deletions
--- a/fs/ext4/ext4_crypto.h
+++ b/fs/ext4/ext4_crypto.h
@@ -20,12 +20,20 @@ struct ext4_encryption_policy {
 	char version;
 	char contents_encryption_mode;
 	char filenames_encryption_mode;
+	char flags;
 	char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
 } __attribute__((__packed__));

 #define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1
 #define EXT4_KEY_DERIVATION_NONCE_SIZE 16

+#define EXT4_POLICY_FLAGS_PAD_4		0x00
+#define EXT4_POLICY_FLAGS_PAD_8		0x01
+#define EXT4_POLICY_FLAGS_PAD_16	0x02
+#define EXT4_POLICY_FLAGS_PAD_32	0x03
+#define EXT4_POLICY_FLAGS_PAD_MASK	0x03
+#define EXT4_POLICY_FLAGS_VALID		0x03
+
 /**
 * Encryption context for inode
 *
@@ -41,7 +49,7 @@ struct ext4_encryption_context {
 	char format;
 	char contents_encryption_mode;
 	char filenames_encryption_mode;
-	char reserved;
+	char flags;
 	char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
 	char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE];
 } __attribute__((__packed__));
@@ -120,6 +128,7 @@ struct ext4_fname_crypto_ctx {
 	struct crypto_hash *htfm;
 	struct page *workpage;
 	struct ext4_encryption_key key;
+	unsigned flags : 8;
 	unsigned has_valid_key : 1;
 	unsigned ctfm_key_is_ready : 1;
 };