1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* |
3 | * eCryptfs: Linux filesystem encryption layer |
4 | * |
5 | * Copyright (C) 1997-2004 Erez Zadok |
6 | * Copyright (C) 2001-2004 Stony Brook University |
7 | * Copyright (C) 2004-2007 International Business Machines Corp. |
8 | * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> |
9 | * Michael C. Thompson <mcthomps@us.ibm.com> |
10 | */ |
11 | |
12 | #include <crypto/hash.h> |
13 | #include <crypto/skcipher.h> |
14 | #include <linux/fs.h> |
15 | #include <linux/mount.h> |
16 | #include <linux/pagemap.h> |
17 | #include <linux/random.h> |
18 | #include <linux/compiler.h> |
19 | #include <linux/key.h> |
20 | #include <linux/namei.h> |
21 | #include <linux/file.h> |
22 | #include <linux/scatterlist.h> |
23 | #include <linux/slab.h> |
24 | #include <asm/unaligned.h> |
25 | #include <linux/kernel.h> |
26 | #include <linux/xattr.h> |
27 | #include "ecryptfs_kernel.h" |
28 | |
29 | #define DECRYPT 0 |
30 | #define ENCRYPT 1 |
31 | |
32 | /** |
33 | * ecryptfs_from_hex |
34 | * @dst: Buffer to take the bytes from src hex; must be at least of |
35 | * size (src_size / 2) |
36 | * @src: Buffer to be converted from a hex string representation to raw value |
37 | * @dst_size: size of dst buffer, or number of hex characters pairs to convert |
38 | */ |
39 | void ecryptfs_from_hex(char *dst, char *src, int dst_size) |
40 | { |
41 | int x; |
42 | char tmp[3] = { 0, }; |
43 | |
44 | for (x = 0; x < dst_size; x++) { |
45 | tmp[0] = src[x * 2]; |
46 | tmp[1] = src[x * 2 + 1]; |
47 | dst[x] = (unsigned char)simple_strtol(tmp, NULL, 16); |
48 | } |
49 | } |
50 | |
51 | /** |
52 | * ecryptfs_calculate_md5 - calculates the md5 of @src |
53 | * @dst: Pointer to 16 bytes of allocated memory |
54 | * @crypt_stat: Pointer to crypt_stat struct for the current inode |
55 | * @src: Data to be md5'd |
56 | * @len: Length of @src |
57 | * |
58 | * Uses the allocated crypto context that crypt_stat references to |
59 | * generate the MD5 sum of the contents of src. |
60 | */ |
61 | static int ecryptfs_calculate_md5(char *dst, |
62 | struct ecryptfs_crypt_stat *crypt_stat, |
63 | char *src, int len) |
64 | { |
65 | int rc = crypto_shash_tfm_digest(tfm: crypt_stat->hash_tfm, data: src, len, out: dst); |
66 | |
67 | if (rc) { |
68 | printk(KERN_ERR |
69 | "%s: Error computing crypto hash; rc = [%d]\n" , |
70 | __func__, rc); |
71 | goto out; |
72 | } |
73 | out: |
74 | return rc; |
75 | } |
76 | |
77 | static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, |
78 | char *cipher_name, |
79 | char *chaining_modifier) |
80 | { |
81 | int cipher_name_len = strlen(cipher_name); |
82 | int chaining_modifier_len = strlen(chaining_modifier); |
83 | int algified_name_len; |
84 | int rc; |
85 | |
86 | algified_name_len = (chaining_modifier_len + cipher_name_len + 3); |
87 | (*algified_name) = kmalloc(size: algified_name_len, GFP_KERNEL); |
88 | if (!(*algified_name)) { |
89 | rc = -ENOMEM; |
90 | goto out; |
91 | } |
92 | snprintf(buf: (*algified_name), size: algified_name_len, fmt: "%s(%s)" , |
93 | chaining_modifier, cipher_name); |
94 | rc = 0; |
95 | out: |
96 | return rc; |
97 | } |
98 | |
99 | /** |
100 | * ecryptfs_derive_iv |
101 | * @iv: destination for the derived iv vale |
102 | * @crypt_stat: Pointer to crypt_stat struct for the current inode |
103 | * @offset: Offset of the extent whose IV we are to derive |
104 | * |
105 | * Generate the initialization vector from the given root IV and page |
106 | * offset. |
107 | * |
108 | * Returns zero on success; non-zero on error. |
109 | */ |
110 | int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, |
111 | loff_t offset) |
112 | { |
113 | int rc = 0; |
114 | char dst[MD5_DIGEST_SIZE]; |
115 | char src[ECRYPTFS_MAX_IV_BYTES + 16]; |
116 | |
117 | if (unlikely(ecryptfs_verbosity > 0)) { |
118 | ecryptfs_printk(KERN_DEBUG, "root iv:\n" ); |
119 | ecryptfs_dump_hex(data: crypt_stat->root_iv, bytes: crypt_stat->iv_bytes); |
120 | } |
121 | /* TODO: It is probably secure to just cast the least |
122 | * significant bits of the root IV into an unsigned long and |
123 | * add the offset to that rather than go through all this |
124 | * hashing business. -Halcrow */ |
125 | memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes); |
126 | memset((src + crypt_stat->iv_bytes), 0, 16); |
127 | snprintf(buf: (src + crypt_stat->iv_bytes), size: 16, fmt: "%lld" , offset); |
128 | if (unlikely(ecryptfs_verbosity > 0)) { |
129 | ecryptfs_printk(KERN_DEBUG, "source:\n" ); |
130 | ecryptfs_dump_hex(data: src, bytes: (crypt_stat->iv_bytes + 16)); |
131 | } |
132 | rc = ecryptfs_calculate_md5(dst, crypt_stat, src, |
133 | len: (crypt_stat->iv_bytes + 16)); |
134 | if (rc) { |
135 | ecryptfs_printk(KERN_WARNING, "Error attempting to compute " |
136 | "MD5 while generating IV for a page\n" ); |
137 | goto out; |
138 | } |
139 | memcpy(iv, dst, crypt_stat->iv_bytes); |
140 | if (unlikely(ecryptfs_verbosity > 0)) { |
141 | ecryptfs_printk(KERN_DEBUG, "derived iv:\n" ); |
142 | ecryptfs_dump_hex(data: iv, bytes: crypt_stat->iv_bytes); |
143 | } |
144 | out: |
145 | return rc; |
146 | } |
147 | |
148 | /** |
149 | * ecryptfs_init_crypt_stat |
150 | * @crypt_stat: Pointer to the crypt_stat struct to initialize. |
151 | * |
152 | * Initialize the crypt_stat structure. |
153 | */ |
154 | int ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) |
155 | { |
156 | struct crypto_shash *tfm; |
157 | int rc; |
158 | |
159 | tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, type: 0, mask: 0); |
160 | if (IS_ERR(ptr: tfm)) { |
161 | rc = PTR_ERR(ptr: tfm); |
162 | ecryptfs_printk(KERN_ERR, "Error attempting to " |
163 | "allocate crypto context; rc = [%d]\n" , |
164 | rc); |
165 | return rc; |
166 | } |
167 | |
168 | memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); |
169 | INIT_LIST_HEAD(list: &crypt_stat->keysig_list); |
170 | mutex_init(&crypt_stat->keysig_list_mutex); |
171 | mutex_init(&crypt_stat->cs_mutex); |
172 | mutex_init(&crypt_stat->cs_tfm_mutex); |
173 | crypt_stat->hash_tfm = tfm; |
174 | crypt_stat->flags |= ECRYPTFS_STRUCT_INITIALIZED; |
175 | |
176 | return 0; |
177 | } |
178 | |
179 | /** |
180 | * ecryptfs_destroy_crypt_stat |
181 | * @crypt_stat: Pointer to the crypt_stat struct to initialize. |
182 | * |
183 | * Releases all memory associated with a crypt_stat struct. |
184 | */ |
185 | void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) |
186 | { |
187 | struct ecryptfs_key_sig *key_sig, *key_sig_tmp; |
188 | |
189 | crypto_free_skcipher(tfm: crypt_stat->tfm); |
190 | crypto_free_shash(tfm: crypt_stat->hash_tfm); |
191 | list_for_each_entry_safe(key_sig, key_sig_tmp, |
192 | &crypt_stat->keysig_list, crypt_stat_list) { |
193 | list_del(entry: &key_sig->crypt_stat_list); |
194 | kmem_cache_free(s: ecryptfs_key_sig_cache, objp: key_sig); |
195 | } |
196 | memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); |
197 | } |
198 | |
199 | void ecryptfs_destroy_mount_crypt_stat( |
200 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
201 | { |
202 | struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp; |
203 | |
204 | if (!(mount_crypt_stat->flags & ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED)) |
205 | return; |
206 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); |
207 | list_for_each_entry_safe(auth_tok, auth_tok_tmp, |
208 | &mount_crypt_stat->global_auth_tok_list, |
209 | mount_crypt_stat_list) { |
210 | list_del(entry: &auth_tok->mount_crypt_stat_list); |
211 | if (!(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID)) |
212 | key_put(key: auth_tok->global_auth_tok_key); |
213 | kmem_cache_free(s: ecryptfs_global_auth_tok_cache, objp: auth_tok); |
214 | } |
215 | mutex_unlock(lock: &mount_crypt_stat->global_auth_tok_list_mutex); |
216 | memset(mount_crypt_stat, 0, sizeof(struct ecryptfs_mount_crypt_stat)); |
217 | } |
218 | |
219 | /** |
220 | * virt_to_scatterlist |
221 | * @addr: Virtual address |
222 | * @size: Size of data; should be an even multiple of the block size |
223 | * @sg: Pointer to scatterlist array; set to NULL to obtain only |
224 | * the number of scatterlist structs required in array |
225 | * @sg_size: Max array size |
226 | * |
227 | * Fills in a scatterlist array with page references for a passed |
228 | * virtual address. |
229 | * |
230 | * Returns the number of scatterlist structs in array used |
231 | */ |
232 | int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg, |
233 | int sg_size) |
234 | { |
235 | int i = 0; |
236 | struct page *pg; |
237 | int offset; |
238 | int remainder_of_page; |
239 | |
240 | sg_init_table(sg, sg_size); |
241 | |
242 | while (size > 0 && i < sg_size) { |
243 | pg = virt_to_page(addr); |
244 | offset = offset_in_page(addr); |
245 | sg_set_page(sg: &sg[i], page: pg, len: 0, offset); |
246 | remainder_of_page = PAGE_SIZE - offset; |
247 | if (size >= remainder_of_page) { |
248 | sg[i].length = remainder_of_page; |
249 | addr += remainder_of_page; |
250 | size -= remainder_of_page; |
251 | } else { |
252 | sg[i].length = size; |
253 | addr += size; |
254 | size = 0; |
255 | } |
256 | i++; |
257 | } |
258 | if (size > 0) |
259 | return -ENOMEM; |
260 | return i; |
261 | } |
262 | |
263 | /** |
264 | * crypt_scatterlist |
265 | * @crypt_stat: Pointer to the crypt_stat struct to initialize. |
266 | * @dst_sg: Destination of the data after performing the crypto operation |
267 | * @src_sg: Data to be encrypted or decrypted |
268 | * @size: Length of data |
269 | * @iv: IV to use |
270 | * @op: ENCRYPT or DECRYPT to indicate the desired operation |
271 | * |
272 | * Returns the number of bytes encrypted or decrypted; negative value on error |
273 | */ |
274 | static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat, |
275 | struct scatterlist *dst_sg, |
276 | struct scatterlist *src_sg, int size, |
277 | unsigned char *iv, int op) |
278 | { |
279 | struct skcipher_request *req = NULL; |
280 | DECLARE_CRYPTO_WAIT(ecr); |
281 | int rc = 0; |
282 | |
283 | if (unlikely(ecryptfs_verbosity > 0)) { |
284 | ecryptfs_printk(KERN_DEBUG, "Key size [%zd]; key:\n" , |
285 | crypt_stat->key_size); |
286 | ecryptfs_dump_hex(data: crypt_stat->key, |
287 | bytes: crypt_stat->key_size); |
288 | } |
289 | |
290 | mutex_lock(&crypt_stat->cs_tfm_mutex); |
291 | req = skcipher_request_alloc(tfm: crypt_stat->tfm, GFP_NOFS); |
292 | if (!req) { |
293 | mutex_unlock(lock: &crypt_stat->cs_tfm_mutex); |
294 | rc = -ENOMEM; |
295 | goto out; |
296 | } |
297 | |
298 | skcipher_request_set_callback(req, |
299 | CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, |
300 | compl: crypto_req_done, data: &ecr); |
301 | /* Consider doing this once, when the file is opened */ |
302 | if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) { |
303 | rc = crypto_skcipher_setkey(tfm: crypt_stat->tfm, key: crypt_stat->key, |
304 | keylen: crypt_stat->key_size); |
305 | if (rc) { |
306 | ecryptfs_printk(KERN_ERR, |
307 | "Error setting key; rc = [%d]\n" , |
308 | rc); |
309 | mutex_unlock(lock: &crypt_stat->cs_tfm_mutex); |
310 | rc = -EINVAL; |
311 | goto out; |
312 | } |
313 | crypt_stat->flags |= ECRYPTFS_KEY_SET; |
314 | } |
315 | mutex_unlock(lock: &crypt_stat->cs_tfm_mutex); |
316 | skcipher_request_set_crypt(req, src: src_sg, dst: dst_sg, cryptlen: size, iv); |
317 | rc = op == ENCRYPT ? crypto_skcipher_encrypt(req) : |
318 | crypto_skcipher_decrypt(req); |
319 | rc = crypto_wait_req(err: rc, wait: &ecr); |
320 | out: |
321 | skcipher_request_free(req); |
322 | return rc; |
323 | } |
324 | |
325 | /* |
326 | * lower_offset_for_page |
327 | * |
328 | * Convert an eCryptfs page index into a lower byte offset |
329 | */ |
330 | static loff_t lower_offset_for_page(struct ecryptfs_crypt_stat *crypt_stat, |
331 | struct page *page) |
332 | { |
333 | return ecryptfs_lower_header_size(crypt_stat) + |
334 | ((loff_t)page->index << PAGE_SHIFT); |
335 | } |
336 | |
337 | /** |
338 | * crypt_extent |
339 | * @crypt_stat: crypt_stat containing cryptographic context for the |
340 | * encryption operation |
341 | * @dst_page: The page to write the result into |
342 | * @src_page: The page to read from |
343 | * @extent_offset: Page extent offset for use in generating IV |
344 | * @op: ENCRYPT or DECRYPT to indicate the desired operation |
345 | * |
346 | * Encrypts or decrypts one extent of data. |
347 | * |
348 | * Return zero on success; non-zero otherwise |
349 | */ |
350 | static int crypt_extent(struct ecryptfs_crypt_stat *crypt_stat, |
351 | struct page *dst_page, |
352 | struct page *src_page, |
353 | unsigned long extent_offset, int op) |
354 | { |
355 | pgoff_t page_index = op == ENCRYPT ? src_page->index : dst_page->index; |
356 | loff_t extent_base; |
357 | char extent_iv[ECRYPTFS_MAX_IV_BYTES]; |
358 | struct scatterlist src_sg, dst_sg; |
359 | size_t extent_size = crypt_stat->extent_size; |
360 | int rc; |
361 | |
362 | extent_base = (((loff_t)page_index) * (PAGE_SIZE / extent_size)); |
363 | rc = ecryptfs_derive_iv(iv: extent_iv, crypt_stat, |
364 | offset: (extent_base + extent_offset)); |
365 | if (rc) { |
366 | ecryptfs_printk(KERN_ERR, "Error attempting to derive IV for " |
367 | "extent [0x%.16llx]; rc = [%d]\n" , |
368 | (unsigned long long)(extent_base + extent_offset), rc); |
369 | goto out; |
370 | } |
371 | |
372 | sg_init_table(&src_sg, 1); |
373 | sg_init_table(&dst_sg, 1); |
374 | |
375 | sg_set_page(sg: &src_sg, page: src_page, len: extent_size, |
376 | offset: extent_offset * extent_size); |
377 | sg_set_page(sg: &dst_sg, page: dst_page, len: extent_size, |
378 | offset: extent_offset * extent_size); |
379 | |
380 | rc = crypt_scatterlist(crypt_stat, dst_sg: &dst_sg, src_sg: &src_sg, size: extent_size, |
381 | iv: extent_iv, op); |
382 | if (rc < 0) { |
383 | printk(KERN_ERR "%s: Error attempting to crypt page with " |
384 | "page_index = [%ld], extent_offset = [%ld]; " |
385 | "rc = [%d]\n" , __func__, page_index, extent_offset, rc); |
386 | goto out; |
387 | } |
388 | rc = 0; |
389 | out: |
390 | return rc; |
391 | } |
392 | |
393 | /** |
394 | * ecryptfs_encrypt_page |
395 | * @page: Page mapped from the eCryptfs inode for the file; contains |
396 | * decrypted content that needs to be encrypted (to a temporary |
397 | * page; not in place) and written out to the lower file |
398 | * |
399 | * Encrypt an eCryptfs page. This is done on a per-extent basis. Note |
400 | * that eCryptfs pages may straddle the lower pages -- for instance, |
401 | * if the file was created on a machine with an 8K page size |
402 | * (resulting in an 8K header), and then the file is copied onto a |
403 | * host with a 32K page size, then when reading page 0 of the eCryptfs |
404 | * file, 24K of page 0 of the lower file will be read and decrypted, |
405 | * and then 8K of page 1 of the lower file will be read and decrypted. |
406 | * |
407 | * Returns zero on success; negative on error |
408 | */ |
409 | int ecryptfs_encrypt_page(struct page *page) |
410 | { |
411 | struct inode *ecryptfs_inode; |
412 | struct ecryptfs_crypt_stat *crypt_stat; |
413 | char *enc_extent_virt; |
414 | struct page *enc_extent_page = NULL; |
415 | loff_t extent_offset; |
416 | loff_t lower_offset; |
417 | int rc = 0; |
418 | |
419 | ecryptfs_inode = page->mapping->host; |
420 | crypt_stat = |
421 | &(ecryptfs_inode_to_private(inode: ecryptfs_inode)->crypt_stat); |
422 | BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); |
423 | enc_extent_page = alloc_page(GFP_USER); |
424 | if (!enc_extent_page) { |
425 | rc = -ENOMEM; |
426 | ecryptfs_printk(KERN_ERR, "Error allocating memory for " |
427 | "encrypted extent\n" ); |
428 | goto out; |
429 | } |
430 | |
431 | for (extent_offset = 0; |
432 | extent_offset < (PAGE_SIZE / crypt_stat->extent_size); |
433 | extent_offset++) { |
434 | rc = crypt_extent(crypt_stat, dst_page: enc_extent_page, src_page: page, |
435 | extent_offset, ENCRYPT); |
436 | if (rc) { |
437 | printk(KERN_ERR "%s: Error encrypting extent; " |
438 | "rc = [%d]\n" , __func__, rc); |
439 | goto out; |
440 | } |
441 | } |
442 | |
443 | lower_offset = lower_offset_for_page(crypt_stat, page); |
444 | enc_extent_virt = kmap_local_page(page: enc_extent_page); |
445 | rc = ecryptfs_write_lower(ecryptfs_inode, data: enc_extent_virt, offset: lower_offset, |
446 | PAGE_SIZE); |
447 | kunmap_local(enc_extent_virt); |
448 | if (rc < 0) { |
449 | ecryptfs_printk(KERN_ERR, |
450 | "Error attempting to write lower page; rc = [%d]\n" , |
451 | rc); |
452 | goto out; |
453 | } |
454 | rc = 0; |
455 | out: |
456 | if (enc_extent_page) { |
457 | __free_page(enc_extent_page); |
458 | } |
459 | return rc; |
460 | } |
461 | |
462 | /** |
463 | * ecryptfs_decrypt_page |
464 | * @page: Page mapped from the eCryptfs inode for the file; data read |
465 | * and decrypted from the lower file will be written into this |
466 | * page |
467 | * |
468 | * Decrypt an eCryptfs page. This is done on a per-extent basis. Note |
469 | * that eCryptfs pages may straddle the lower pages -- for instance, |
470 | * if the file was created on a machine with an 8K page size |
471 | * (resulting in an 8K header), and then the file is copied onto a |
472 | * host with a 32K page size, then when reading page 0 of the eCryptfs |
473 | * file, 24K of page 0 of the lower file will be read and decrypted, |
474 | * and then 8K of page 1 of the lower file will be read and decrypted. |
475 | * |
476 | * Returns zero on success; negative on error |
477 | */ |
478 | int ecryptfs_decrypt_page(struct page *page) |
479 | { |
480 | struct inode *ecryptfs_inode; |
481 | struct ecryptfs_crypt_stat *crypt_stat; |
482 | char *page_virt; |
483 | unsigned long extent_offset; |
484 | loff_t lower_offset; |
485 | int rc = 0; |
486 | |
487 | ecryptfs_inode = page->mapping->host; |
488 | crypt_stat = |
489 | &(ecryptfs_inode_to_private(inode: ecryptfs_inode)->crypt_stat); |
490 | BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); |
491 | |
492 | lower_offset = lower_offset_for_page(crypt_stat, page); |
493 | page_virt = kmap_local_page(page); |
494 | rc = ecryptfs_read_lower(data: page_virt, offset: lower_offset, PAGE_SIZE, |
495 | ecryptfs_inode); |
496 | kunmap_local(page_virt); |
497 | if (rc < 0) { |
498 | ecryptfs_printk(KERN_ERR, |
499 | "Error attempting to read lower page; rc = [%d]\n" , |
500 | rc); |
501 | goto out; |
502 | } |
503 | |
504 | for (extent_offset = 0; |
505 | extent_offset < (PAGE_SIZE / crypt_stat->extent_size); |
506 | extent_offset++) { |
507 | rc = crypt_extent(crypt_stat, dst_page: page, src_page: page, |
508 | extent_offset, DECRYPT); |
509 | if (rc) { |
510 | printk(KERN_ERR "%s: Error decrypting extent; " |
511 | "rc = [%d]\n" , __func__, rc); |
512 | goto out; |
513 | } |
514 | } |
515 | out: |
516 | return rc; |
517 | } |
518 | |
519 | #define ECRYPTFS_MAX_SCATTERLIST_LEN 4 |
520 | |
521 | /** |
522 | * ecryptfs_init_crypt_ctx |
523 | * @crypt_stat: Uninitialized crypt stats structure |
524 | * |
525 | * Initialize the crypto context. |
526 | * |
527 | * TODO: Performance: Keep a cache of initialized cipher contexts; |
528 | * only init if needed |
529 | */ |
530 | int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat) |
531 | { |
532 | char *full_alg_name; |
533 | int rc = -EINVAL; |
534 | |
535 | ecryptfs_printk(KERN_DEBUG, |
536 | "Initializing cipher [%s]; strlen = [%d]; " |
537 | "key_size_bits = [%zd]\n" , |
538 | crypt_stat->cipher, (int)strlen(crypt_stat->cipher), |
539 | crypt_stat->key_size << 3); |
540 | mutex_lock(&crypt_stat->cs_tfm_mutex); |
541 | if (crypt_stat->tfm) { |
542 | rc = 0; |
543 | goto out_unlock; |
544 | } |
545 | rc = ecryptfs_crypto_api_algify_cipher_name(algified_name: &full_alg_name, |
546 | cipher_name: crypt_stat->cipher, chaining_modifier: "cbc" ); |
547 | if (rc) |
548 | goto out_unlock; |
549 | crypt_stat->tfm = crypto_alloc_skcipher(alg_name: full_alg_name, type: 0, mask: 0); |
550 | if (IS_ERR(ptr: crypt_stat->tfm)) { |
551 | rc = PTR_ERR(ptr: crypt_stat->tfm); |
552 | crypt_stat->tfm = NULL; |
553 | ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): " |
554 | "Error initializing cipher [%s]\n" , |
555 | full_alg_name); |
556 | goto out_free; |
557 | } |
558 | crypto_skcipher_set_flags(tfm: crypt_stat->tfm, |
559 | CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); |
560 | rc = 0; |
561 | out_free: |
562 | kfree(objp: full_alg_name); |
563 | out_unlock: |
564 | mutex_unlock(lock: &crypt_stat->cs_tfm_mutex); |
565 | return rc; |
566 | } |
567 | |
568 | static void set_extent_mask_and_shift(struct ecryptfs_crypt_stat *crypt_stat) |
569 | { |
570 | int extent_size_tmp; |
571 | |
572 | crypt_stat->extent_mask = 0xFFFFFFFF; |
573 | crypt_stat->extent_shift = 0; |
574 | if (crypt_stat->extent_size == 0) |
575 | return; |
576 | extent_size_tmp = crypt_stat->extent_size; |
577 | while ((extent_size_tmp & 0x01) == 0) { |
578 | extent_size_tmp >>= 1; |
579 | crypt_stat->extent_mask <<= 1; |
580 | crypt_stat->extent_shift++; |
581 | } |
582 | } |
583 | |
584 | void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat) |
585 | { |
586 | /* Default values; may be overwritten as we are parsing the |
587 | * packets. */ |
588 | crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE; |
589 | set_extent_mask_and_shift(crypt_stat); |
590 | crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES; |
591 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
592 | crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; |
593 | else { |
594 | if (PAGE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) |
595 | crypt_stat->metadata_size = |
596 | ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; |
597 | else |
598 | crypt_stat->metadata_size = PAGE_SIZE; |
599 | } |
600 | } |
601 | |
602 | /* |
603 | * ecryptfs_compute_root_iv |
604 | * |
605 | * On error, sets the root IV to all 0's. |
606 | */ |
607 | int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat) |
608 | { |
609 | int rc = 0; |
610 | char dst[MD5_DIGEST_SIZE]; |
611 | |
612 | BUG_ON(crypt_stat->iv_bytes > MD5_DIGEST_SIZE); |
613 | BUG_ON(crypt_stat->iv_bytes <= 0); |
614 | if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { |
615 | rc = -EINVAL; |
616 | ecryptfs_printk(KERN_WARNING, "Session key not valid; " |
617 | "cannot generate root IV\n" ); |
618 | goto out; |
619 | } |
620 | rc = ecryptfs_calculate_md5(dst, crypt_stat, src: crypt_stat->key, |
621 | len: crypt_stat->key_size); |
622 | if (rc) { |
623 | ecryptfs_printk(KERN_WARNING, "Error attempting to compute " |
624 | "MD5 while generating root IV\n" ); |
625 | goto out; |
626 | } |
627 | memcpy(crypt_stat->root_iv, dst, crypt_stat->iv_bytes); |
628 | out: |
629 | if (rc) { |
630 | memset(crypt_stat->root_iv, 0, crypt_stat->iv_bytes); |
631 | crypt_stat->flags |= ECRYPTFS_SECURITY_WARNING; |
632 | } |
633 | return rc; |
634 | } |
635 | |
636 | static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat) |
637 | { |
638 | get_random_bytes(buf: crypt_stat->key, len: crypt_stat->key_size); |
639 | crypt_stat->flags |= ECRYPTFS_KEY_VALID; |
640 | ecryptfs_compute_root_iv(crypt_stat); |
641 | if (unlikely(ecryptfs_verbosity > 0)) { |
642 | ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n" ); |
643 | ecryptfs_dump_hex(data: crypt_stat->key, |
644 | bytes: crypt_stat->key_size); |
645 | } |
646 | } |
647 | |
648 | /** |
649 | * ecryptfs_copy_mount_wide_flags_to_inode_flags |
650 | * @crypt_stat: The inode's cryptographic context |
651 | * @mount_crypt_stat: The mount point's cryptographic context |
652 | * |
653 | * This function propagates the mount-wide flags to individual inode |
654 | * flags. |
655 | */ |
656 | static void ecryptfs_copy_mount_wide_flags_to_inode_flags( |
657 | struct ecryptfs_crypt_stat *crypt_stat, |
658 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
659 | { |
660 | if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED) |
661 | crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; |
662 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) |
663 | crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED; |
664 | if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) { |
665 | crypt_stat->flags |= ECRYPTFS_ENCRYPT_FILENAMES; |
666 | if (mount_crypt_stat->flags |
667 | & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK) |
668 | crypt_stat->flags |= ECRYPTFS_ENCFN_USE_MOUNT_FNEK; |
669 | else if (mount_crypt_stat->flags |
670 | & ECRYPTFS_GLOBAL_ENCFN_USE_FEK) |
671 | crypt_stat->flags |= ECRYPTFS_ENCFN_USE_FEK; |
672 | } |
673 | } |
674 | |
675 | static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( |
676 | struct ecryptfs_crypt_stat *crypt_stat, |
677 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
678 | { |
679 | struct ecryptfs_global_auth_tok *global_auth_tok; |
680 | int rc = 0; |
681 | |
682 | mutex_lock(&crypt_stat->keysig_list_mutex); |
683 | mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); |
684 | |
685 | list_for_each_entry(global_auth_tok, |
686 | &mount_crypt_stat->global_auth_tok_list, |
687 | mount_crypt_stat_list) { |
688 | if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK) |
689 | continue; |
690 | rc = ecryptfs_add_keysig(crypt_stat, sig: global_auth_tok->sig); |
691 | if (rc) { |
692 | printk(KERN_ERR "Error adding keysig; rc = [%d]\n" , rc); |
693 | goto out; |
694 | } |
695 | } |
696 | |
697 | out: |
698 | mutex_unlock(lock: &mount_crypt_stat->global_auth_tok_list_mutex); |
699 | mutex_unlock(lock: &crypt_stat->keysig_list_mutex); |
700 | return rc; |
701 | } |
702 | |
703 | /** |
704 | * ecryptfs_set_default_crypt_stat_vals |
705 | * @crypt_stat: The inode's cryptographic context |
706 | * @mount_crypt_stat: The mount point's cryptographic context |
707 | * |
708 | * Default values in the event that policy does not override them. |
709 | */ |
710 | static void ecryptfs_set_default_crypt_stat_vals( |
711 | struct ecryptfs_crypt_stat *crypt_stat, |
712 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
713 | { |
714 | ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, |
715 | mount_crypt_stat); |
716 | ecryptfs_set_default_sizes(crypt_stat); |
717 | strcpy(p: crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER); |
718 | crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES; |
719 | crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID); |
720 | crypt_stat->file_version = ECRYPTFS_FILE_VERSION; |
721 | crypt_stat->mount_crypt_stat = mount_crypt_stat; |
722 | } |
723 | |
724 | /** |
725 | * ecryptfs_new_file_context |
726 | * @ecryptfs_inode: The eCryptfs inode |
727 | * |
728 | * If the crypto context for the file has not yet been established, |
729 | * this is where we do that. Establishing a new crypto context |
730 | * involves the following decisions: |
731 | * - What cipher to use? |
732 | * - What set of authentication tokens to use? |
733 | * Here we just worry about getting enough information into the |
734 | * authentication tokens so that we know that they are available. |
735 | * We associate the available authentication tokens with the new file |
736 | * via the set of signatures in the crypt_stat struct. Later, when |
737 | * the headers are actually written out, we may again defer to |
738 | * userspace to perform the encryption of the session key; for the |
739 | * foreseeable future, this will be the case with public key packets. |
740 | * |
741 | * Returns zero on success; non-zero otherwise |
742 | */ |
743 | int ecryptfs_new_file_context(struct inode *ecryptfs_inode) |
744 | { |
745 | struct ecryptfs_crypt_stat *crypt_stat = |
746 | &ecryptfs_inode_to_private(inode: ecryptfs_inode)->crypt_stat; |
747 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = |
748 | &ecryptfs_superblock_to_private( |
749 | sb: ecryptfs_inode->i_sb)->mount_crypt_stat; |
750 | int cipher_name_len; |
751 | int rc = 0; |
752 | |
753 | ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat); |
754 | crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID); |
755 | ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, |
756 | mount_crypt_stat); |
757 | rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat, |
758 | mount_crypt_stat); |
759 | if (rc) { |
760 | printk(KERN_ERR "Error attempting to copy mount-wide key sigs " |
761 | "to the inode key sigs; rc = [%d]\n" , rc); |
762 | goto out; |
763 | } |
764 | cipher_name_len = |
765 | strlen(mount_crypt_stat->global_default_cipher_name); |
766 | memcpy(crypt_stat->cipher, |
767 | mount_crypt_stat->global_default_cipher_name, |
768 | cipher_name_len); |
769 | crypt_stat->cipher[cipher_name_len] = '\0'; |
770 | crypt_stat->key_size = |
771 | mount_crypt_stat->global_default_cipher_key_size; |
772 | ecryptfs_generate_new_key(crypt_stat); |
773 | rc = ecryptfs_init_crypt_ctx(crypt_stat); |
774 | if (rc) |
775 | ecryptfs_printk(KERN_ERR, "Error initializing cryptographic " |
776 | "context for cipher [%s]: rc = [%d]\n" , |
777 | crypt_stat->cipher, rc); |
778 | out: |
779 | return rc; |
780 | } |
781 | |
782 | /** |
783 | * ecryptfs_validate_marker - check for the ecryptfs marker |
784 | * @data: The data block in which to check |
785 | * |
786 | * Returns zero if marker found; -EINVAL if not found |
787 | */ |
788 | static int ecryptfs_validate_marker(char *data) |
789 | { |
790 | u32 m_1, m_2; |
791 | |
792 | m_1 = get_unaligned_be32(p: data); |
793 | m_2 = get_unaligned_be32(p: data + 4); |
794 | if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2) |
795 | return 0; |
796 | ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; " |
797 | "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n" , m_1, m_2, |
798 | MAGIC_ECRYPTFS_MARKER); |
799 | ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = " |
800 | "[0x%.8x]\n" , (m_1 ^ MAGIC_ECRYPTFS_MARKER)); |
801 | return -EINVAL; |
802 | } |
803 | |
804 | struct ecryptfs_flag_map_elem { |
805 | u32 file_flag; |
806 | u32 local_flag; |
807 | }; |
808 | |
809 | /* Add support for additional flags by adding elements here. */ |
810 | static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = { |
811 | {0x00000001, ECRYPTFS_ENABLE_HMAC}, |
812 | {0x00000002, ECRYPTFS_ENCRYPTED}, |
813 | {0x00000004, ECRYPTFS_METADATA_IN_XATTR}, |
814 | {0x00000008, ECRYPTFS_ENCRYPT_FILENAMES} |
815 | }; |
816 | |
817 | /** |
818 | * ecryptfs_process_flags |
819 | * @crypt_stat: The cryptographic context |
820 | * @page_virt: Source data to be parsed |
821 | * @bytes_read: Updated with the number of bytes read |
822 | */ |
823 | static void ecryptfs_process_flags(struct ecryptfs_crypt_stat *crypt_stat, |
824 | char *page_virt, int *bytes_read) |
825 | { |
826 | int i; |
827 | u32 flags; |
828 | |
829 | flags = get_unaligned_be32(p: page_virt); |
830 | for (i = 0; i < ARRAY_SIZE(ecryptfs_flag_map); i++) |
831 | if (flags & ecryptfs_flag_map[i].file_flag) { |
832 | crypt_stat->flags |= ecryptfs_flag_map[i].local_flag; |
833 | } else |
834 | crypt_stat->flags &= ~(ecryptfs_flag_map[i].local_flag); |
835 | /* Version is in top 8 bits of the 32-bit flag vector */ |
836 | crypt_stat->file_version = ((flags >> 24) & 0xFF); |
837 | (*bytes_read) = 4; |
838 | } |
839 | |
840 | /** |
841 | * write_ecryptfs_marker |
842 | * @page_virt: The pointer to in a page to begin writing the marker |
843 | * @written: Number of bytes written |
844 | * |
845 | * Marker = 0x3c81b7f5 |
846 | */ |
847 | static void write_ecryptfs_marker(char *page_virt, size_t *written) |
848 | { |
849 | u32 m_1, m_2; |
850 | |
851 | get_random_bytes(buf: &m_1, len: (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2)); |
852 | m_2 = (m_1 ^ MAGIC_ECRYPTFS_MARKER); |
853 | put_unaligned_be32(val: m_1, p: page_virt); |
854 | page_virt += (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2); |
855 | put_unaligned_be32(val: m_2, p: page_virt); |
856 | (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; |
857 | } |
858 | |
859 | void ecryptfs_write_crypt_stat_flags(char *page_virt, |
860 | struct ecryptfs_crypt_stat *crypt_stat, |
861 | size_t *written) |
862 | { |
863 | u32 flags = 0; |
864 | int i; |
865 | |
866 | for (i = 0; i < ARRAY_SIZE(ecryptfs_flag_map); i++) |
867 | if (crypt_stat->flags & ecryptfs_flag_map[i].local_flag) |
868 | flags |= ecryptfs_flag_map[i].file_flag; |
869 | /* Version is in top 8 bits of the 32-bit flag vector */ |
870 | flags |= ((((u8)crypt_stat->file_version) << 24) & 0xFF000000); |
871 | put_unaligned_be32(val: flags, p: page_virt); |
872 | (*written) = 4; |
873 | } |
874 | |
875 | struct ecryptfs_cipher_code_str_map_elem { |
876 | char cipher_str[16]; |
877 | u8 cipher_code; |
878 | }; |
879 | |
880 | /* Add support for additional ciphers by adding elements here. The |
881 | * cipher_code is whatever OpenPGP applications use to identify the |
882 | * ciphers. List in order of probability. */ |
883 | static struct ecryptfs_cipher_code_str_map_elem |
884 | ecryptfs_cipher_code_str_map[] = { |
885 | {"aes" ,RFC2440_CIPHER_AES_128 }, |
886 | {"blowfish" , RFC2440_CIPHER_BLOWFISH}, |
887 | {"des3_ede" , RFC2440_CIPHER_DES3_EDE}, |
888 | {"cast5" , RFC2440_CIPHER_CAST_5}, |
889 | {"twofish" , RFC2440_CIPHER_TWOFISH}, |
890 | {"cast6" , RFC2440_CIPHER_CAST_6}, |
891 | {"aes" , RFC2440_CIPHER_AES_192}, |
892 | {"aes" , RFC2440_CIPHER_AES_256} |
893 | }; |
894 | |
895 | /** |
896 | * ecryptfs_code_for_cipher_string |
897 | * @cipher_name: The string alias for the cipher |
898 | * @key_bytes: Length of key in bytes; used for AES code selection |
899 | * |
900 | * Returns zero on no match, or the cipher code on match |
901 | */ |
902 | u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes) |
903 | { |
904 | int i; |
905 | u8 code = 0; |
906 | struct ecryptfs_cipher_code_str_map_elem *map = |
907 | ecryptfs_cipher_code_str_map; |
908 | |
909 | if (strcmp(cipher_name, "aes" ) == 0) { |
910 | switch (key_bytes) { |
911 | case 16: |
912 | code = RFC2440_CIPHER_AES_128; |
913 | break; |
914 | case 24: |
915 | code = RFC2440_CIPHER_AES_192; |
916 | break; |
917 | case 32: |
918 | code = RFC2440_CIPHER_AES_256; |
919 | } |
920 | } else { |
921 | for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) |
922 | if (strcmp(cipher_name, map[i].cipher_str) == 0) { |
923 | code = map[i].cipher_code; |
924 | break; |
925 | } |
926 | } |
927 | return code; |
928 | } |
929 | |
930 | /** |
931 | * ecryptfs_cipher_code_to_string |
932 | * @str: Destination to write out the cipher name |
933 | * @cipher_code: The code to convert to cipher name string |
934 | * |
935 | * Returns zero on success |
936 | */ |
937 | int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) |
938 | { |
939 | int rc = 0; |
940 | int i; |
941 | |
942 | str[0] = '\0'; |
943 | for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) |
944 | if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code) |
945 | strcpy(p: str, q: ecryptfs_cipher_code_str_map[i].cipher_str); |
946 | if (str[0] == '\0') { |
947 | ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: " |
948 | "[%d]\n" , cipher_code); |
949 | rc = -EINVAL; |
950 | } |
951 | return rc; |
952 | } |
953 | |
954 | int ecryptfs_read_and_validate_header_region(struct inode *inode) |
955 | { |
956 | u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; |
957 | u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; |
958 | int rc; |
959 | |
960 | rc = ecryptfs_read_lower(data: file_size, offset: 0, ECRYPTFS_SIZE_AND_MARKER_BYTES, |
961 | ecryptfs_inode: inode); |
962 | if (rc < 0) |
963 | return rc; |
964 | else if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) |
965 | return -EINVAL; |
966 | rc = ecryptfs_validate_marker(data: marker); |
967 | if (!rc) |
968 | ecryptfs_i_size_init(page_virt: file_size, inode); |
969 | return rc; |
970 | } |
971 | |
972 | void |
973 | (char *virt, |
974 | struct ecryptfs_crypt_stat *crypt_stat, |
975 | size_t *written) |
976 | { |
977 | u32 ; |
978 | u16 ; |
979 | |
980 | header_extent_size = (u32)crypt_stat->extent_size; |
981 | num_header_extents_at_front = |
982 | (u16)(crypt_stat->metadata_size / crypt_stat->extent_size); |
983 | put_unaligned_be32(val: header_extent_size, p: virt); |
984 | virt += 4; |
985 | put_unaligned_be16(val: num_header_extents_at_front, p: virt); |
986 | (*written) = 6; |
987 | } |
988 | |
989 | struct kmem_cache *; |
990 | |
991 | /** |
992 | * ecryptfs_write_headers_virt |
993 | * @page_virt: The virtual address to write the headers to |
994 | * @max: The size of memory allocated at page_virt |
995 | * @size: Set to the number of bytes written by this function |
996 | * @crypt_stat: The cryptographic context |
997 | * @ecryptfs_dentry: The eCryptfs dentry |
998 | * |
999 | * Format version: 1 |
1000 | * |
1001 | * Header Extent: |
1002 | * Octets 0-7: Unencrypted file size (big-endian) |
1003 | * Octets 8-15: eCryptfs special marker |
1004 | * Octets 16-19: Flags |
1005 | * Octet 16: File format version number (between 0 and 255) |
1006 | * Octets 17-18: Reserved |
1007 | * Octet 19: Bit 1 (lsb): Reserved |
1008 | * Bit 2: Encrypted? |
1009 | * Bits 3-8: Reserved |
1010 | * Octets 20-23: Header extent size (big-endian) |
1011 | * Octets 24-25: Number of header extents at front of file |
1012 | * (big-endian) |
1013 | * Octet 26: Begin RFC 2440 authentication token packet set |
1014 | * Data Extent 0: |
1015 | * Lower data (CBC encrypted) |
1016 | * Data Extent 1: |
1017 | * Lower data (CBC encrypted) |
1018 | * ... |
1019 | * |
1020 | * Returns zero on success |
1021 | */ |
1022 | static int (char *page_virt, size_t max, |
1023 | size_t *size, |
1024 | struct ecryptfs_crypt_stat *crypt_stat, |
1025 | struct dentry *ecryptfs_dentry) |
1026 | { |
1027 | int rc; |
1028 | size_t written; |
1029 | size_t offset; |
1030 | |
1031 | offset = ECRYPTFS_FILE_SIZE_BYTES; |
1032 | write_ecryptfs_marker(page_virt: (page_virt + offset), written: &written); |
1033 | offset += written; |
1034 | ecryptfs_write_crypt_stat_flags(page_virt: (page_virt + offset), crypt_stat, |
1035 | written: &written); |
1036 | offset += written; |
1037 | ecryptfs_write_header_metadata(virt: (page_virt + offset), crypt_stat, |
1038 | written: &written); |
1039 | offset += written; |
1040 | rc = ecryptfs_generate_key_packet_set(dest_base: (page_virt + offset), crypt_stat, |
1041 | ecryptfs_dentry, len: &written, |
1042 | max: max - offset); |
1043 | if (rc) |
1044 | ecryptfs_printk(KERN_WARNING, "Error generating key packet " |
1045 | "set; rc = [%d]\n" , rc); |
1046 | if (size) { |
1047 | offset += written; |
1048 | *size = offset; |
1049 | } |
1050 | return rc; |
1051 | } |
1052 | |
1053 | static int |
1054 | ecryptfs_write_metadata_to_contents(struct inode *ecryptfs_inode, |
1055 | char *virt, size_t virt_len) |
1056 | { |
1057 | int rc; |
1058 | |
1059 | rc = ecryptfs_write_lower(ecryptfs_inode, data: virt, |
1060 | offset: 0, size: virt_len); |
1061 | if (rc < 0) |
1062 | printk(KERN_ERR "%s: Error attempting to write header " |
1063 | "information to lower file; rc = [%d]\n" , __func__, rc); |
1064 | else |
1065 | rc = 0; |
1066 | return rc; |
1067 | } |
1068 | |
1069 | static int |
1070 | ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, |
1071 | struct inode *ecryptfs_inode, |
1072 | char *page_virt, size_t size) |
1073 | { |
1074 | int rc; |
1075 | struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry: ecryptfs_dentry); |
1076 | struct inode *lower_inode = d_inode(dentry: lower_dentry); |
1077 | |
1078 | if (!(lower_inode->i_opflags & IOP_XATTR)) { |
1079 | rc = -EOPNOTSUPP; |
1080 | goto out; |
1081 | } |
1082 | |
1083 | inode_lock(inode: lower_inode); |
1084 | rc = __vfs_setxattr(&nop_mnt_idmap, lower_dentry, lower_inode, |
1085 | ECRYPTFS_XATTR_NAME, page_virt, size, 0); |
1086 | if (!rc && ecryptfs_inode) |
1087 | fsstack_copy_attr_all(dest: ecryptfs_inode, src: lower_inode); |
1088 | inode_unlock(inode: lower_inode); |
1089 | out: |
1090 | return rc; |
1091 | } |
1092 | |
1093 | static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask, |
1094 | unsigned int order) |
1095 | { |
1096 | struct page *page; |
1097 | |
1098 | page = alloc_pages(gfp: gfp_mask | __GFP_ZERO, order); |
1099 | if (page) |
1100 | return (unsigned long) page_address(page); |
1101 | return 0; |
1102 | } |
1103 | |
1104 | /** |
1105 | * ecryptfs_write_metadata |
1106 | * @ecryptfs_dentry: The eCryptfs dentry, which should be negative |
1107 | * @ecryptfs_inode: The newly created eCryptfs inode |
1108 | * |
1109 | * Write the file headers out. This will likely involve a userspace |
1110 | * callout, in which the session key is encrypted with one or more |
1111 | * public keys and/or the passphrase necessary to do the encryption is |
1112 | * retrieved via a prompt. Exactly what happens at this point should |
1113 | * be policy-dependent. |
1114 | * |
1115 | * Returns zero on success; non-zero on error |
1116 | */ |
1117 | int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, |
1118 | struct inode *ecryptfs_inode) |
1119 | { |
1120 | struct ecryptfs_crypt_stat *crypt_stat = |
1121 | &ecryptfs_inode_to_private(inode: ecryptfs_inode)->crypt_stat; |
1122 | unsigned int order; |
1123 | char *virt; |
1124 | size_t virt_len; |
1125 | size_t size = 0; |
1126 | int rc = 0; |
1127 | |
1128 | if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
1129 | if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { |
1130 | printk(KERN_ERR "Key is invalid; bailing out\n" ); |
1131 | rc = -EINVAL; |
1132 | goto out; |
1133 | } |
1134 | } else { |
1135 | printk(KERN_WARNING "%s: Encrypted flag not set\n" , |
1136 | __func__); |
1137 | rc = -EINVAL; |
1138 | goto out; |
1139 | } |
1140 | virt_len = crypt_stat->metadata_size; |
1141 | order = get_order(size: virt_len); |
1142 | /* Released in this function */ |
1143 | virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order); |
1144 | if (!virt) { |
1145 | printk(KERN_ERR "%s: Out of memory\n" , __func__); |
1146 | rc = -ENOMEM; |
1147 | goto out; |
1148 | } |
1149 | /* Zeroed page ensures the in-header unencrypted i_size is set to 0 */ |
1150 | rc = ecryptfs_write_headers_virt(page_virt: virt, max: virt_len, size: &size, crypt_stat, |
1151 | ecryptfs_dentry); |
1152 | if (unlikely(rc)) { |
1153 | printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n" , |
1154 | __func__, rc); |
1155 | goto out_free; |
1156 | } |
1157 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
1158 | rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, ecryptfs_inode, |
1159 | page_virt: virt, size); |
1160 | else |
1161 | rc = ecryptfs_write_metadata_to_contents(ecryptfs_inode, virt, |
1162 | virt_len); |
1163 | if (rc) { |
1164 | printk(KERN_ERR "%s: Error writing metadata out to lower file; " |
1165 | "rc = [%d]\n" , __func__, rc); |
1166 | goto out_free; |
1167 | } |
1168 | out_free: |
1169 | free_pages(addr: (unsigned long)virt, order); |
1170 | out: |
1171 | return rc; |
1172 | } |
1173 | |
1174 | #define 0 |
1175 | #define 1 |
1176 | static int (struct ecryptfs_crypt_stat *crypt_stat, |
1177 | char *virt, int *bytes_read, |
1178 | int ) |
1179 | { |
1180 | int rc = 0; |
1181 | u32 ; |
1182 | u16 ; |
1183 | |
1184 | header_extent_size = get_unaligned_be32(p: virt); |
1185 | virt += sizeof(__be32); |
1186 | num_header_extents_at_front = get_unaligned_be16(p: virt); |
1187 | crypt_stat->metadata_size = (((size_t)num_header_extents_at_front |
1188 | * (size_t)header_extent_size)); |
1189 | (*bytes_read) = (sizeof(__be32) + sizeof(__be16)); |
1190 | if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE) |
1191 | && (crypt_stat->metadata_size |
1192 | < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) { |
1193 | rc = -EINVAL; |
1194 | printk(KERN_WARNING "Invalid header size: [%zd]\n" , |
1195 | crypt_stat->metadata_size); |
1196 | } |
1197 | return rc; |
1198 | } |
1199 | |
1200 | /** |
1201 | * set_default_header_data |
1202 | * @crypt_stat: The cryptographic context |
1203 | * |
1204 | * For version 0 file format; this function is only for backwards |
1205 | * compatibility for files created with the prior versions of |
1206 | * eCryptfs. |
1207 | */ |
1208 | static void (struct ecryptfs_crypt_stat *crypt_stat) |
1209 | { |
1210 | crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; |
1211 | } |
1212 | |
1213 | void ecryptfs_i_size_init(const char *page_virt, struct inode *inode) |
1214 | { |
1215 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat; |
1216 | struct ecryptfs_crypt_stat *crypt_stat; |
1217 | u64 file_size; |
1218 | |
1219 | crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; |
1220 | mount_crypt_stat = |
1221 | &ecryptfs_superblock_to_private(sb: inode->i_sb)->mount_crypt_stat; |
1222 | if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) { |
1223 | file_size = i_size_read(inode: ecryptfs_inode_to_lower(inode)); |
1224 | if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) |
1225 | file_size += crypt_stat->metadata_size; |
1226 | } else |
1227 | file_size = get_unaligned_be64(p: page_virt); |
1228 | i_size_write(inode, i_size: (loff_t)file_size); |
1229 | crypt_stat->flags |= ECRYPTFS_I_SIZE_INITIALIZED; |
1230 | } |
1231 | |
1232 | /** |
1233 | * ecryptfs_read_headers_virt |
1234 | * @page_virt: The virtual address into which to read the headers |
1235 | * @crypt_stat: The cryptographic context |
1236 | * @ecryptfs_dentry: The eCryptfs dentry |
1237 | * @validate_header_size: Whether to validate the header size while reading |
1238 | * |
1239 | * Read/parse the header data. The header format is detailed in the |
1240 | * comment block for the ecryptfs_write_headers_virt() function. |
1241 | * |
1242 | * Returns zero on success |
1243 | */ |
1244 | static int (char *page_virt, |
1245 | struct ecryptfs_crypt_stat *crypt_stat, |
1246 | struct dentry *ecryptfs_dentry, |
1247 | int ) |
1248 | { |
1249 | int rc = 0; |
1250 | int offset; |
1251 | int bytes_read; |
1252 | |
1253 | ecryptfs_set_default_sizes(crypt_stat); |
1254 | crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private( |
1255 | sb: ecryptfs_dentry->d_sb)->mount_crypt_stat; |
1256 | offset = ECRYPTFS_FILE_SIZE_BYTES; |
1257 | rc = ecryptfs_validate_marker(data: page_virt + offset); |
1258 | if (rc) |
1259 | goto out; |
1260 | if (!(crypt_stat->flags & ECRYPTFS_I_SIZE_INITIALIZED)) |
1261 | ecryptfs_i_size_init(page_virt, inode: d_inode(dentry: ecryptfs_dentry)); |
1262 | offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; |
1263 | ecryptfs_process_flags(crypt_stat, page_virt: (page_virt + offset), bytes_read: &bytes_read); |
1264 | if (crypt_stat->file_version > ECRYPTFS_SUPPORTED_FILE_VERSION) { |
1265 | ecryptfs_printk(KERN_WARNING, "File version is [%d]; only " |
1266 | "file version [%d] is supported by this " |
1267 | "version of eCryptfs\n" , |
1268 | crypt_stat->file_version, |
1269 | ECRYPTFS_SUPPORTED_FILE_VERSION); |
1270 | rc = -EINVAL; |
1271 | goto out; |
1272 | } |
1273 | offset += bytes_read; |
1274 | if (crypt_stat->file_version >= 1) { |
1275 | rc = parse_header_metadata(crypt_stat, virt: (page_virt + offset), |
1276 | bytes_read: &bytes_read, validate_header_size); |
1277 | if (rc) { |
1278 | ecryptfs_printk(KERN_WARNING, "Error reading header " |
1279 | "metadata; rc = [%d]\n" , rc); |
1280 | } |
1281 | offset += bytes_read; |
1282 | } else |
1283 | set_default_header_data(crypt_stat); |
1284 | rc = ecryptfs_parse_packet_set(crypt_stat, src: (page_virt + offset), |
1285 | ecryptfs_dentry); |
1286 | out: |
1287 | return rc; |
1288 | } |
1289 | |
1290 | /** |
1291 | * ecryptfs_read_xattr_region |
1292 | * @page_virt: The vitual address into which to read the xattr data |
1293 | * @ecryptfs_inode: The eCryptfs inode |
1294 | * |
1295 | * Attempts to read the crypto metadata from the extended attribute |
1296 | * region of the lower file. |
1297 | * |
1298 | * Returns zero on success; non-zero on error |
1299 | */ |
1300 | int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode) |
1301 | { |
1302 | struct dentry *lower_dentry = |
1303 | ecryptfs_inode_to_private(inode: ecryptfs_inode)->lower_file->f_path.dentry; |
1304 | ssize_t size; |
1305 | int rc = 0; |
1306 | |
1307 | size = ecryptfs_getxattr_lower(lower_dentry, |
1308 | lower_inode: ecryptfs_inode_to_lower(inode: ecryptfs_inode), |
1309 | ECRYPTFS_XATTR_NAME, |
1310 | value: page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE); |
1311 | if (size < 0) { |
1312 | if (unlikely(ecryptfs_verbosity > 0)) |
1313 | printk(KERN_INFO "Error attempting to read the [%s] " |
1314 | "xattr from the lower file; return value = " |
1315 | "[%zd]\n" , ECRYPTFS_XATTR_NAME, size); |
1316 | rc = -EINVAL; |
1317 | goto out; |
1318 | } |
1319 | out: |
1320 | return rc; |
1321 | } |
1322 | |
1323 | int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, |
1324 | struct inode *inode) |
1325 | { |
1326 | u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; |
1327 | u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; |
1328 | int rc; |
1329 | |
1330 | rc = ecryptfs_getxattr_lower(lower_dentry: ecryptfs_dentry_to_lower(dentry), |
1331 | lower_inode: ecryptfs_inode_to_lower(inode), |
1332 | ECRYPTFS_XATTR_NAME, value: file_size, |
1333 | ECRYPTFS_SIZE_AND_MARKER_BYTES); |
1334 | if (rc < 0) |
1335 | return rc; |
1336 | else if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) |
1337 | return -EINVAL; |
1338 | rc = ecryptfs_validate_marker(data: marker); |
1339 | if (!rc) |
1340 | ecryptfs_i_size_init(page_virt: file_size, inode); |
1341 | return rc; |
1342 | } |
1343 | |
1344 | /* |
1345 | * ecryptfs_read_metadata |
1346 | * |
1347 | * Common entry point for reading file metadata. From here, we could |
1348 | * retrieve the header information from the header region of the file, |
1349 | * the xattr region of the file, or some other repository that is |
1350 | * stored separately from the file itself. The current implementation |
1351 | * supports retrieving the metadata information from the file contents |
1352 | * and from the xattr region. |
1353 | * |
1354 | * Returns zero if valid headers found and parsed; non-zero otherwise |
1355 | */ |
1356 | int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
1357 | { |
1358 | int rc; |
1359 | char *page_virt; |
1360 | struct inode *ecryptfs_inode = d_inode(dentry: ecryptfs_dentry); |
1361 | struct ecryptfs_crypt_stat *crypt_stat = |
1362 | &ecryptfs_inode_to_private(inode: ecryptfs_inode)->crypt_stat; |
1363 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = |
1364 | &ecryptfs_superblock_to_private( |
1365 | sb: ecryptfs_dentry->d_sb)->mount_crypt_stat; |
1366 | |
1367 | ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, |
1368 | mount_crypt_stat); |
1369 | /* Read the first page from the underlying file */ |
1370 | page_virt = kmem_cache_alloc(cachep: ecryptfs_header_cache, GFP_USER); |
1371 | if (!page_virt) { |
1372 | rc = -ENOMEM; |
1373 | goto out; |
1374 | } |
1375 | rc = ecryptfs_read_lower(data: page_virt, offset: 0, size: crypt_stat->extent_size, |
1376 | ecryptfs_inode); |
1377 | if (rc >= 0) |
1378 | rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, |
1379 | ecryptfs_dentry, |
1380 | ECRYPTFS_VALIDATE_HEADER_SIZE); |
1381 | if (rc) { |
1382 | /* metadata is not in the file header, so try xattrs */ |
1383 | memset(page_virt, 0, PAGE_SIZE); |
1384 | rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode); |
1385 | if (rc) { |
1386 | printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
1387 | "file header region or xattr region, inode %lu\n" , |
1388 | ecryptfs_inode->i_ino); |
1389 | rc = -EINVAL; |
1390 | goto out; |
1391 | } |
1392 | rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, |
1393 | ecryptfs_dentry, |
1394 | ECRYPTFS_DONT_VALIDATE_HEADER_SIZE); |
1395 | if (rc) { |
1396 | printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
1397 | "file xattr region either, inode %lu\n" , |
1398 | ecryptfs_inode->i_ino); |
1399 | rc = -EINVAL; |
1400 | } |
1401 | if (crypt_stat->mount_crypt_stat->flags |
1402 | & ECRYPTFS_XATTR_METADATA_ENABLED) { |
1403 | crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; |
1404 | } else { |
1405 | printk(KERN_WARNING "Attempt to access file with " |
1406 | "crypto metadata only in the extended attribute " |
1407 | "region, but eCryptfs was mounted without " |
1408 | "xattr support enabled. eCryptfs will not treat " |
1409 | "this like an encrypted file, inode %lu\n" , |
1410 | ecryptfs_inode->i_ino); |
1411 | rc = -EINVAL; |
1412 | } |
1413 | } |
1414 | out: |
1415 | if (page_virt) { |
1416 | memset(page_virt, 0, PAGE_SIZE); |
1417 | kmem_cache_free(s: ecryptfs_header_cache, objp: page_virt); |
1418 | } |
1419 | return rc; |
1420 | } |
1421 | |
1422 | /* |
1423 | * ecryptfs_encrypt_filename - encrypt filename |
1424 | * |
1425 | * CBC-encrypts the filename. We do not want to encrypt the same |
1426 | * filename with the same key and IV, which may happen with hard |
1427 | * links, so we prepend random bits to each filename. |
1428 | * |
1429 | * Returns zero on success; non-zero otherwise |
1430 | */ |
1431 | static int |
1432 | ecryptfs_encrypt_filename(struct ecryptfs_filename *filename, |
1433 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
1434 | { |
1435 | int rc = 0; |
1436 | |
1437 | filename->encrypted_filename = NULL; |
1438 | filename->encrypted_filename_size = 0; |
1439 | if (mount_crypt_stat && (mount_crypt_stat->flags |
1440 | & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)) { |
1441 | size_t packet_size; |
1442 | size_t remaining_bytes; |
1443 | |
1444 | rc = ecryptfs_write_tag_70_packet( |
1445 | NULL, NULL, |
1446 | packet_size: &filename->encrypted_filename_size, |
1447 | mount_crypt_stat, NULL, |
1448 | filename_size: filename->filename_size); |
1449 | if (rc) { |
1450 | printk(KERN_ERR "%s: Error attempting to get packet " |
1451 | "size for tag 72; rc = [%d]\n" , __func__, |
1452 | rc); |
1453 | filename->encrypted_filename_size = 0; |
1454 | goto out; |
1455 | } |
1456 | filename->encrypted_filename = |
1457 | kmalloc(size: filename->encrypted_filename_size, GFP_KERNEL); |
1458 | if (!filename->encrypted_filename) { |
1459 | rc = -ENOMEM; |
1460 | goto out; |
1461 | } |
1462 | remaining_bytes = filename->encrypted_filename_size; |
1463 | rc = ecryptfs_write_tag_70_packet(dest: filename->encrypted_filename, |
1464 | remaining_bytes: &remaining_bytes, |
1465 | packet_size: &packet_size, |
1466 | mount_crypt_stat, |
1467 | filename: filename->filename, |
1468 | filename_size: filename->filename_size); |
1469 | if (rc) { |
1470 | printk(KERN_ERR "%s: Error attempting to generate " |
1471 | "tag 70 packet; rc = [%d]\n" , __func__, |
1472 | rc); |
1473 | kfree(objp: filename->encrypted_filename); |
1474 | filename->encrypted_filename = NULL; |
1475 | filename->encrypted_filename_size = 0; |
1476 | goto out; |
1477 | } |
1478 | filename->encrypted_filename_size = packet_size; |
1479 | } else { |
1480 | printk(KERN_ERR "%s: No support for requested filename " |
1481 | "encryption method in this release\n" , __func__); |
1482 | rc = -EOPNOTSUPP; |
1483 | goto out; |
1484 | } |
1485 | out: |
1486 | return rc; |
1487 | } |
1488 | |
1489 | static int ecryptfs_copy_filename(char **copied_name, size_t *copied_name_size, |
1490 | const char *name, size_t name_size) |
1491 | { |
1492 | int rc = 0; |
1493 | |
1494 | (*copied_name) = kmalloc(size: (name_size + 1), GFP_KERNEL); |
1495 | if (!(*copied_name)) { |
1496 | rc = -ENOMEM; |
1497 | goto out; |
1498 | } |
1499 | memcpy((void *)(*copied_name), (void *)name, name_size); |
1500 | (*copied_name)[(name_size)] = '\0'; /* Only for convenience |
1501 | * in printing out the |
1502 | * string in debug |
1503 | * messages */ |
1504 | (*copied_name_size) = name_size; |
1505 | out: |
1506 | return rc; |
1507 | } |
1508 | |
1509 | /** |
1510 | * ecryptfs_process_key_cipher - Perform key cipher initialization. |
1511 | * @key_tfm: Crypto context for key material, set by this function |
1512 | * @cipher_name: Name of the cipher |
1513 | * @key_size: Size of the key in bytes |
1514 | * |
1515 | * Returns zero on success. Any crypto_tfm structs allocated here |
1516 | * should be released by other functions, such as on a superblock put |
1517 | * event, regardless of whether this function succeeds for fails. |
1518 | */ |
1519 | static int |
1520 | ecryptfs_process_key_cipher(struct crypto_skcipher **key_tfm, |
1521 | char *cipher_name, size_t *key_size) |
1522 | { |
1523 | char dummy_key[ECRYPTFS_MAX_KEY_BYTES]; |
1524 | char *full_alg_name = NULL; |
1525 | int rc; |
1526 | |
1527 | *key_tfm = NULL; |
1528 | if (*key_size > ECRYPTFS_MAX_KEY_BYTES) { |
1529 | rc = -EINVAL; |
1530 | printk(KERN_ERR "Requested key size is [%zd] bytes; maximum " |
1531 | "allowable is [%d]\n" , *key_size, ECRYPTFS_MAX_KEY_BYTES); |
1532 | goto out; |
1533 | } |
1534 | rc = ecryptfs_crypto_api_algify_cipher_name(algified_name: &full_alg_name, cipher_name, |
1535 | chaining_modifier: "ecb" ); |
1536 | if (rc) |
1537 | goto out; |
1538 | *key_tfm = crypto_alloc_skcipher(alg_name: full_alg_name, type: 0, CRYPTO_ALG_ASYNC); |
1539 | if (IS_ERR(ptr: *key_tfm)) { |
1540 | rc = PTR_ERR(ptr: *key_tfm); |
1541 | printk(KERN_ERR "Unable to allocate crypto cipher with name " |
1542 | "[%s]; rc = [%d]\n" , full_alg_name, rc); |
1543 | goto out; |
1544 | } |
1545 | crypto_skcipher_set_flags(tfm: *key_tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); |
1546 | if (*key_size == 0) |
1547 | *key_size = crypto_skcipher_max_keysize(tfm: *key_tfm); |
1548 | get_random_bytes(buf: dummy_key, len: *key_size); |
1549 | rc = crypto_skcipher_setkey(tfm: *key_tfm, key: dummy_key, keylen: *key_size); |
1550 | if (rc) { |
1551 | printk(KERN_ERR "Error attempting to set key of size [%zd] for " |
1552 | "cipher [%s]; rc = [%d]\n" , *key_size, full_alg_name, |
1553 | rc); |
1554 | rc = -EINVAL; |
1555 | goto out; |
1556 | } |
1557 | out: |
1558 | kfree(objp: full_alg_name); |
1559 | return rc; |
1560 | } |
1561 | |
1562 | struct kmem_cache *ecryptfs_key_tfm_cache; |
1563 | static struct list_head key_tfm_list; |
1564 | DEFINE_MUTEX(key_tfm_list_mutex); |
1565 | |
1566 | int __init ecryptfs_init_crypto(void) |
1567 | { |
1568 | INIT_LIST_HEAD(list: &key_tfm_list); |
1569 | return 0; |
1570 | } |
1571 | |
1572 | /** |
1573 | * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list |
1574 | * |
1575 | * Called only at module unload time |
1576 | */ |
1577 | int ecryptfs_destroy_crypto(void) |
1578 | { |
1579 | struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp; |
1580 | |
1581 | mutex_lock(&key_tfm_list_mutex); |
1582 | list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list, |
1583 | key_tfm_list) { |
1584 | list_del(entry: &key_tfm->key_tfm_list); |
1585 | crypto_free_skcipher(tfm: key_tfm->key_tfm); |
1586 | kmem_cache_free(s: ecryptfs_key_tfm_cache, objp: key_tfm); |
1587 | } |
1588 | mutex_unlock(lock: &key_tfm_list_mutex); |
1589 | return 0; |
1590 | } |
1591 | |
1592 | int |
1593 | ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name, |
1594 | size_t key_size) |
1595 | { |
1596 | struct ecryptfs_key_tfm *tmp_tfm; |
1597 | int rc = 0; |
1598 | |
1599 | BUG_ON(!mutex_is_locked(&key_tfm_list_mutex)); |
1600 | |
1601 | tmp_tfm = kmem_cache_alloc(cachep: ecryptfs_key_tfm_cache, GFP_KERNEL); |
1602 | if (key_tfm) |
1603 | (*key_tfm) = tmp_tfm; |
1604 | if (!tmp_tfm) { |
1605 | rc = -ENOMEM; |
1606 | goto out; |
1607 | } |
1608 | mutex_init(&tmp_tfm->key_tfm_mutex); |
1609 | strncpy(p: tmp_tfm->cipher_name, q: cipher_name, |
1610 | ECRYPTFS_MAX_CIPHER_NAME_SIZE); |
1611 | tmp_tfm->cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE] = '\0'; |
1612 | tmp_tfm->key_size = key_size; |
1613 | rc = ecryptfs_process_key_cipher(key_tfm: &tmp_tfm->key_tfm, |
1614 | cipher_name: tmp_tfm->cipher_name, |
1615 | key_size: &tmp_tfm->key_size); |
1616 | if (rc) { |
1617 | printk(KERN_ERR "Error attempting to initialize key TFM " |
1618 | "cipher with name = [%s]; rc = [%d]\n" , |
1619 | tmp_tfm->cipher_name, rc); |
1620 | kmem_cache_free(s: ecryptfs_key_tfm_cache, objp: tmp_tfm); |
1621 | if (key_tfm) |
1622 | (*key_tfm) = NULL; |
1623 | goto out; |
1624 | } |
1625 | list_add(new: &tmp_tfm->key_tfm_list, head: &key_tfm_list); |
1626 | out: |
1627 | return rc; |
1628 | } |
1629 | |
1630 | /** |
1631 | * ecryptfs_tfm_exists - Search for existing tfm for cipher_name. |
1632 | * @cipher_name: the name of the cipher to search for |
1633 | * @key_tfm: set to corresponding tfm if found |
1634 | * |
1635 | * Searches for cached key_tfm matching @cipher_name |
1636 | * Must be called with &key_tfm_list_mutex held |
1637 | * Returns 1 if found, with @key_tfm set |
1638 | * Returns 0 if not found, with @key_tfm set to NULL |
1639 | */ |
1640 | int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm) |
1641 | { |
1642 | struct ecryptfs_key_tfm *tmp_key_tfm; |
1643 | |
1644 | BUG_ON(!mutex_is_locked(&key_tfm_list_mutex)); |
1645 | |
1646 | list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) { |
1647 | if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) { |
1648 | if (key_tfm) |
1649 | (*key_tfm) = tmp_key_tfm; |
1650 | return 1; |
1651 | } |
1652 | } |
1653 | if (key_tfm) |
1654 | (*key_tfm) = NULL; |
1655 | return 0; |
1656 | } |
1657 | |
1658 | /** |
1659 | * ecryptfs_get_tfm_and_mutex_for_cipher_name |
1660 | * |
1661 | * @tfm: set to cached tfm found, or new tfm created |
1662 | * @tfm_mutex: set to mutex for cached tfm found, or new tfm created |
1663 | * @cipher_name: the name of the cipher to search for and/or add |
1664 | * |
1665 | * Sets pointers to @tfm & @tfm_mutex matching @cipher_name. |
1666 | * Searches for cached item first, and creates new if not found. |
1667 | * Returns 0 on success, non-zero if adding new cipher failed |
1668 | */ |
1669 | int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_skcipher **tfm, |
1670 | struct mutex **tfm_mutex, |
1671 | char *cipher_name) |
1672 | { |
1673 | struct ecryptfs_key_tfm *key_tfm; |
1674 | int rc = 0; |
1675 | |
1676 | (*tfm) = NULL; |
1677 | (*tfm_mutex) = NULL; |
1678 | |
1679 | mutex_lock(&key_tfm_list_mutex); |
1680 | if (!ecryptfs_tfm_exists(cipher_name, key_tfm: &key_tfm)) { |
1681 | rc = ecryptfs_add_new_key_tfm(key_tfm: &key_tfm, cipher_name, key_size: 0); |
1682 | if (rc) { |
1683 | printk(KERN_ERR "Error adding new key_tfm to list; " |
1684 | "rc = [%d]\n" , rc); |
1685 | goto out; |
1686 | } |
1687 | } |
1688 | (*tfm) = key_tfm->key_tfm; |
1689 | (*tfm_mutex) = &key_tfm->key_tfm_mutex; |
1690 | out: |
1691 | mutex_unlock(lock: &key_tfm_list_mutex); |
1692 | return rc; |
1693 | } |
1694 | |
1695 | /* 64 characters forming a 6-bit target field */ |
1696 | static unsigned char *portable_filename_chars = ("-.0123456789ABCD" |
1697 | "EFGHIJKLMNOPQRST" |
1698 | "UVWXYZabcdefghij" |
1699 | "klmnopqrstuvwxyz" ); |
1700 | |
1701 | /* We could either offset on every reverse map or just pad some 0x00's |
1702 | * at the front here */ |
1703 | static const unsigned char filename_rev_map[256] = { |
1704 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */ |
1705 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */ |
1706 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */ |
1707 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */ |
1708 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */ |
1709 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */ |
1710 | 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */ |
1711 | 0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */ |
1712 | 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */ |
1713 | 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */ |
1714 | 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */ |
1715 | 0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */ |
1716 | 0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */ |
1717 | 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */ |
1718 | 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */ |
1719 | 0x3D, 0x3E, 0x3F /* 123 - 255 initialized to 0x00 */ |
1720 | }; |
1721 | |
1722 | /** |
1723 | * ecryptfs_encode_for_filename |
1724 | * @dst: Destination location for encoded filename |
1725 | * @dst_size: Size of the encoded filename in bytes |
1726 | * @src: Source location for the filename to encode |
1727 | * @src_size: Size of the source in bytes |
1728 | */ |
1729 | static void ecryptfs_encode_for_filename(unsigned char *dst, size_t *dst_size, |
1730 | unsigned char *src, size_t src_size) |
1731 | { |
1732 | size_t num_blocks; |
1733 | size_t block_num = 0; |
1734 | size_t dst_offset = 0; |
1735 | unsigned char last_block[3]; |
1736 | |
1737 | if (src_size == 0) { |
1738 | (*dst_size) = 0; |
1739 | goto out; |
1740 | } |
1741 | num_blocks = (src_size / 3); |
1742 | if ((src_size % 3) == 0) { |
1743 | memcpy(last_block, (&src[src_size - 3]), 3); |
1744 | } else { |
1745 | num_blocks++; |
1746 | last_block[2] = 0x00; |
1747 | switch (src_size % 3) { |
1748 | case 1: |
1749 | last_block[0] = src[src_size - 1]; |
1750 | last_block[1] = 0x00; |
1751 | break; |
1752 | case 2: |
1753 | last_block[0] = src[src_size - 2]; |
1754 | last_block[1] = src[src_size - 1]; |
1755 | } |
1756 | } |
1757 | (*dst_size) = (num_blocks * 4); |
1758 | if (!dst) |
1759 | goto out; |
1760 | while (block_num < num_blocks) { |
1761 | unsigned char *src_block; |
1762 | unsigned char dst_block[4]; |
1763 | |
1764 | if (block_num == (num_blocks - 1)) |
1765 | src_block = last_block; |
1766 | else |
1767 | src_block = &src[block_num * 3]; |
1768 | dst_block[0] = ((src_block[0] >> 2) & 0x3F); |
1769 | dst_block[1] = (((src_block[0] << 4) & 0x30) |
1770 | | ((src_block[1] >> 4) & 0x0F)); |
1771 | dst_block[2] = (((src_block[1] << 2) & 0x3C) |
1772 | | ((src_block[2] >> 6) & 0x03)); |
1773 | dst_block[3] = (src_block[2] & 0x3F); |
1774 | dst[dst_offset++] = portable_filename_chars[dst_block[0]]; |
1775 | dst[dst_offset++] = portable_filename_chars[dst_block[1]]; |
1776 | dst[dst_offset++] = portable_filename_chars[dst_block[2]]; |
1777 | dst[dst_offset++] = portable_filename_chars[dst_block[3]]; |
1778 | block_num++; |
1779 | } |
1780 | out: |
1781 | return; |
1782 | } |
1783 | |
1784 | static size_t ecryptfs_max_decoded_size(size_t encoded_size) |
1785 | { |
1786 | /* Not exact; conservatively long. Every block of 4 |
1787 | * encoded characters decodes into a block of 3 |
1788 | * decoded characters. This segment of code provides |
1789 | * the caller with the maximum amount of allocated |
1790 | * space that @dst will need to point to in a |
1791 | * subsequent call. */ |
1792 | return ((encoded_size + 1) * 3) / 4; |
1793 | } |
1794 | |
1795 | /** |
1796 | * ecryptfs_decode_from_filename |
1797 | * @dst: If NULL, this function only sets @dst_size and returns. If |
1798 | * non-NULL, this function decodes the encoded octets in @src |
1799 | * into the memory that @dst points to. |
1800 | * @dst_size: Set to the size of the decoded string. |
1801 | * @src: The encoded set of octets to decode. |
1802 | * @src_size: The size of the encoded set of octets to decode. |
1803 | */ |
1804 | static void |
1805 | ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size, |
1806 | const unsigned char *src, size_t src_size) |
1807 | { |
1808 | u8 current_bit_offset = 0; |
1809 | size_t src_byte_offset = 0; |
1810 | size_t dst_byte_offset = 0; |
1811 | |
1812 | if (!dst) { |
1813 | (*dst_size) = ecryptfs_max_decoded_size(encoded_size: src_size); |
1814 | goto out; |
1815 | } |
1816 | while (src_byte_offset < src_size) { |
1817 | unsigned char src_byte = |
1818 | filename_rev_map[(int)src[src_byte_offset]]; |
1819 | |
1820 | switch (current_bit_offset) { |
1821 | case 0: |
1822 | dst[dst_byte_offset] = (src_byte << 2); |
1823 | current_bit_offset = 6; |
1824 | break; |
1825 | case 6: |
1826 | dst[dst_byte_offset++] |= (src_byte >> 4); |
1827 | dst[dst_byte_offset] = ((src_byte & 0xF) |
1828 | << 4); |
1829 | current_bit_offset = 4; |
1830 | break; |
1831 | case 4: |
1832 | dst[dst_byte_offset++] |= (src_byte >> 2); |
1833 | dst[dst_byte_offset] = (src_byte << 6); |
1834 | current_bit_offset = 2; |
1835 | break; |
1836 | case 2: |
1837 | dst[dst_byte_offset++] |= (src_byte); |
1838 | current_bit_offset = 0; |
1839 | break; |
1840 | } |
1841 | src_byte_offset++; |
1842 | } |
1843 | (*dst_size) = dst_byte_offset; |
1844 | out: |
1845 | return; |
1846 | } |
1847 | |
1848 | /** |
1849 | * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name to cipher text |
1850 | * @encoded_name: The encrypted name |
1851 | * @encoded_name_size: Length of the encrypted name |
1852 | * @mount_crypt_stat: The crypt_stat struct associated with the file name to encode |
1853 | * @name: The plaintext name |
1854 | * @name_size: The length of the plaintext name |
1855 | * |
1856 | * Encrypts and encodes a filename into something that constitutes a |
1857 | * valid filename for a filesystem, with printable characters. |
1858 | * |
1859 | * We assume that we have a properly initialized crypto context, |
1860 | * pointed to by crypt_stat->tfm. |
1861 | * |
1862 | * Returns zero on success; non-zero on otherwise |
1863 | */ |
1864 | int ecryptfs_encrypt_and_encode_filename( |
1865 | char **encoded_name, |
1866 | size_t *encoded_name_size, |
1867 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat, |
1868 | const char *name, size_t name_size) |
1869 | { |
1870 | size_t encoded_name_no_prefix_size; |
1871 | int rc = 0; |
1872 | |
1873 | (*encoded_name) = NULL; |
1874 | (*encoded_name_size) = 0; |
1875 | if (mount_crypt_stat && (mount_crypt_stat->flags |
1876 | & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) { |
1877 | struct ecryptfs_filename *filename; |
1878 | |
1879 | filename = kzalloc(size: sizeof(*filename), GFP_KERNEL); |
1880 | if (!filename) { |
1881 | rc = -ENOMEM; |
1882 | goto out; |
1883 | } |
1884 | filename->filename = (char *)name; |
1885 | filename->filename_size = name_size; |
1886 | rc = ecryptfs_encrypt_filename(filename, mount_crypt_stat); |
1887 | if (rc) { |
1888 | printk(KERN_ERR "%s: Error attempting to encrypt " |
1889 | "filename; rc = [%d]\n" , __func__, rc); |
1890 | kfree(objp: filename); |
1891 | goto out; |
1892 | } |
1893 | ecryptfs_encode_for_filename( |
1894 | NULL, dst_size: &encoded_name_no_prefix_size, |
1895 | src: filename->encrypted_filename, |
1896 | src_size: filename->encrypted_filename_size); |
1897 | if (mount_crypt_stat |
1898 | && (mount_crypt_stat->flags |
1899 | & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)) |
1900 | (*encoded_name_size) = |
1901 | (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE |
1902 | + encoded_name_no_prefix_size); |
1903 | else |
1904 | (*encoded_name_size) = |
1905 | (ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE |
1906 | + encoded_name_no_prefix_size); |
1907 | (*encoded_name) = kmalloc(size: (*encoded_name_size) + 1, GFP_KERNEL); |
1908 | if (!(*encoded_name)) { |
1909 | rc = -ENOMEM; |
1910 | kfree(objp: filename->encrypted_filename); |
1911 | kfree(objp: filename); |
1912 | goto out; |
1913 | } |
1914 | if (mount_crypt_stat |
1915 | && (mount_crypt_stat->flags |
1916 | & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)) { |
1917 | memcpy((*encoded_name), |
1918 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, |
1919 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE); |
1920 | ecryptfs_encode_for_filename( |
1921 | dst: ((*encoded_name) |
1922 | + ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE), |
1923 | dst_size: &encoded_name_no_prefix_size, |
1924 | src: filename->encrypted_filename, |
1925 | src_size: filename->encrypted_filename_size); |
1926 | (*encoded_name_size) = |
1927 | (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE |
1928 | + encoded_name_no_prefix_size); |
1929 | (*encoded_name)[(*encoded_name_size)] = '\0'; |
1930 | } else { |
1931 | rc = -EOPNOTSUPP; |
1932 | } |
1933 | if (rc) { |
1934 | printk(KERN_ERR "%s: Error attempting to encode " |
1935 | "encrypted filename; rc = [%d]\n" , __func__, |
1936 | rc); |
1937 | kfree(objp: (*encoded_name)); |
1938 | (*encoded_name) = NULL; |
1939 | (*encoded_name_size) = 0; |
1940 | } |
1941 | kfree(objp: filename->encrypted_filename); |
1942 | kfree(objp: filename); |
1943 | } else { |
1944 | rc = ecryptfs_copy_filename(copied_name: encoded_name, |
1945 | copied_name_size: encoded_name_size, |
1946 | name, name_size); |
1947 | } |
1948 | out: |
1949 | return rc; |
1950 | } |
1951 | |
1952 | static bool is_dot_dotdot(const char *name, size_t name_size) |
1953 | { |
1954 | if (name_size == 1 && name[0] == '.') |
1955 | return true; |
1956 | else if (name_size == 2 && name[0] == '.' && name[1] == '.') |
1957 | return true; |
1958 | |
1959 | return false; |
1960 | } |
1961 | |
1962 | /** |
1963 | * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher text name to decoded plaintext |
1964 | * @plaintext_name: The plaintext name |
1965 | * @plaintext_name_size: The plaintext name size |
1966 | * @sb: Ecryptfs's super_block |
1967 | * @name: The filename in cipher text |
1968 | * @name_size: The cipher text name size |
1969 | * |
1970 | * Decrypts and decodes the filename. |
1971 | * |
1972 | * Returns zero on error; non-zero otherwise |
1973 | */ |
1974 | int ecryptfs_decode_and_decrypt_filename(char **plaintext_name, |
1975 | size_t *plaintext_name_size, |
1976 | struct super_block *sb, |
1977 | const char *name, size_t name_size) |
1978 | { |
1979 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat = |
1980 | &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; |
1981 | char *decoded_name; |
1982 | size_t decoded_name_size; |
1983 | size_t packet_size; |
1984 | int rc = 0; |
1985 | |
1986 | if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) && |
1987 | !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)) { |
1988 | if (is_dot_dotdot(name, name_size)) { |
1989 | rc = ecryptfs_copy_filename(copied_name: plaintext_name, |
1990 | copied_name_size: plaintext_name_size, |
1991 | name, name_size); |
1992 | goto out; |
1993 | } |
1994 | |
1995 | if (name_size <= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE || |
1996 | strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, |
1997 | ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE)) { |
1998 | rc = -EINVAL; |
1999 | goto out; |
2000 | } |
2001 | |
2002 | name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; |
2003 | name_size -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; |
2004 | ecryptfs_decode_from_filename(NULL, dst_size: &decoded_name_size, |
2005 | src: name, src_size: name_size); |
2006 | decoded_name = kmalloc(size: decoded_name_size, GFP_KERNEL); |
2007 | if (!decoded_name) { |
2008 | rc = -ENOMEM; |
2009 | goto out; |
2010 | } |
2011 | ecryptfs_decode_from_filename(dst: decoded_name, dst_size: &decoded_name_size, |
2012 | src: name, src_size: name_size); |
2013 | rc = ecryptfs_parse_tag_70_packet(filename: plaintext_name, |
2014 | filename_size: plaintext_name_size, |
2015 | packet_size: &packet_size, |
2016 | mount_crypt_stat, |
2017 | data: decoded_name, |
2018 | max_packet_size: decoded_name_size); |
2019 | if (rc) { |
2020 | ecryptfs_printk(KERN_DEBUG, |
2021 | "%s: Could not parse tag 70 packet from filename\n" , |
2022 | __func__); |
2023 | goto out_free; |
2024 | } |
2025 | } else { |
2026 | rc = ecryptfs_copy_filename(copied_name: plaintext_name, |
2027 | copied_name_size: plaintext_name_size, |
2028 | name, name_size); |
2029 | goto out; |
2030 | } |
2031 | out_free: |
2032 | kfree(objp: decoded_name); |
2033 | out: |
2034 | return rc; |
2035 | } |
2036 | |
2037 | #define ENC_NAME_MAX_BLOCKLEN_8_OR_16 143 |
2038 | |
2039 | int ecryptfs_set_f_namelen(long *namelen, long lower_namelen, |
2040 | struct ecryptfs_mount_crypt_stat *mount_crypt_stat) |
2041 | { |
2042 | struct crypto_skcipher *tfm; |
2043 | struct mutex *tfm_mutex; |
2044 | size_t cipher_blocksize; |
2045 | int rc; |
2046 | |
2047 | if (!(mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) { |
2048 | (*namelen) = lower_namelen; |
2049 | return 0; |
2050 | } |
2051 | |
2052 | rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(tfm: &tfm, tfm_mutex: &tfm_mutex, |
2053 | cipher_name: mount_crypt_stat->global_default_fn_cipher_name); |
2054 | if (unlikely(rc)) { |
2055 | (*namelen) = 0; |
2056 | return rc; |
2057 | } |
2058 | |
2059 | mutex_lock(tfm_mutex); |
2060 | cipher_blocksize = crypto_skcipher_blocksize(tfm); |
2061 | mutex_unlock(lock: tfm_mutex); |
2062 | |
2063 | /* Return an exact amount for the common cases */ |
2064 | if (lower_namelen == NAME_MAX |
2065 | && (cipher_blocksize == 8 || cipher_blocksize == 16)) { |
2066 | (*namelen) = ENC_NAME_MAX_BLOCKLEN_8_OR_16; |
2067 | return 0; |
2068 | } |
2069 | |
2070 | /* Return a safe estimate for the uncommon cases */ |
2071 | (*namelen) = lower_namelen; |
2072 | (*namelen) -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; |
2073 | /* Since this is the max decoded size, subtract 1 "decoded block" len */ |
2074 | (*namelen) = ecryptfs_max_decoded_size(encoded_size: *namelen) - 3; |
2075 | (*namelen) -= ECRYPTFS_TAG_70_MAX_METADATA_SIZE; |
2076 | (*namelen) -= ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES; |
2077 | /* Worst case is that the filename is padded nearly a full block size */ |
2078 | (*namelen) -= cipher_blocksize - 1; |
2079 | |
2080 | if ((*namelen) < 0) |
2081 | (*namelen) = 0; |
2082 | |
2083 | return 0; |
2084 | } |
2085 | |