crypto.c 58 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * eCryptfs: Linux filesystem encryption layer
  4. *
  5. * Copyright (C) 1997-2004 Erez Zadok
  6. * Copyright (C) 2001-2004 Stony Brook University
  7. * Copyright (C) 2004-2007 International Business Machines Corp.
  8. * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
  9. * Michael C. Thompson <mcthomps@us.ibm.com>
  10. */
  11. #include <crypto/skcipher.h>
  12. #include <linux/fs.h>
  13. #include <linux/mount.h>
  14. #include <linux/pagemap.h>
  15. #include <linux/random.h>
  16. #include <linux/compiler.h>
  17. #include <linux/key.h>
  18. #include <linux/namei.h>
  19. #include <linux/file.h>
  20. #include <linux/scatterlist.h>
  21. #include <linux/slab.h>
  22. #include <linux/string.h>
  23. #include <linux/unaligned.h>
  24. #include <linux/kernel.h>
  25. #include <linux/xattr.h>
  26. #include "ecryptfs_kernel.h"
  27. #define DECRYPT 0
  28. #define ENCRYPT 1
  29. /**
  30. * ecryptfs_from_hex
  31. * @dst: Buffer to take the bytes from src hex; must be at least of
  32. * size (src_size / 2)
  33. * @src: Buffer to be converted from a hex string representation to raw value
  34. * @dst_size: size of dst buffer, or number of hex characters pairs to convert
  35. */
  36. void ecryptfs_from_hex(char *dst, char *src, int dst_size)
  37. {
  38. int x;
  39. char tmp[3] = { 0, };
  40. for (x = 0; x < dst_size; x++) {
  41. tmp[0] = src[x * 2];
  42. tmp[1] = src[x * 2 + 1];
  43. dst[x] = (unsigned char)simple_strtol(tmp, NULL, 16);
  44. }
  45. }
  46. static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name,
  47. char *cipher_name,
  48. char *chaining_modifier)
  49. {
  50. int cipher_name_len = strlen(cipher_name);
  51. int chaining_modifier_len = strlen(chaining_modifier);
  52. int algified_name_len;
  53. int rc;
  54. algified_name_len = (chaining_modifier_len + cipher_name_len + 3);
  55. (*algified_name) = kmalloc(algified_name_len, GFP_KERNEL);
  56. if (!(*algified_name)) {
  57. rc = -ENOMEM;
  58. goto out;
  59. }
  60. snprintf((*algified_name), algified_name_len, "%s(%s)",
  61. chaining_modifier, cipher_name);
  62. rc = 0;
  63. out:
  64. return rc;
  65. }
  66. /**
  67. * ecryptfs_derive_iv
  68. * @iv: destination for the derived iv vale
  69. * @crypt_stat: Pointer to crypt_stat struct for the current inode
  70. * @offset: Offset of the extent whose IV we are to derive
  71. *
  72. * Generate the initialization vector from the given root IV and page
  73. * offset.
  74. */
  75. void ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
  76. loff_t offset)
  77. {
  78. char dst[MD5_DIGEST_SIZE];
  79. char src[ECRYPTFS_MAX_IV_BYTES + 16];
  80. if (unlikely(ecryptfs_verbosity > 0)) {
  81. ecryptfs_printk(KERN_DEBUG, "root iv:\n");
  82. ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes);
  83. }
  84. /* TODO: It is probably secure to just cast the least
  85. * significant bits of the root IV into an unsigned long and
  86. * add the offset to that rather than go through all this
  87. * hashing business. -Halcrow */
  88. memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);
  89. memset((src + crypt_stat->iv_bytes), 0, 16);
  90. snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);
  91. if (unlikely(ecryptfs_verbosity > 0)) {
  92. ecryptfs_printk(KERN_DEBUG, "source:\n");
  93. ecryptfs_dump_hex(src, (crypt_stat->iv_bytes + 16));
  94. }
  95. md5(src, crypt_stat->iv_bytes + 16, dst);
  96. memcpy(iv, dst, crypt_stat->iv_bytes);
  97. if (unlikely(ecryptfs_verbosity > 0)) {
  98. ecryptfs_printk(KERN_DEBUG, "derived iv:\n");
  99. ecryptfs_dump_hex(iv, crypt_stat->iv_bytes);
  100. }
  101. }
  102. /**
  103. * ecryptfs_init_crypt_stat
  104. * @crypt_stat: Pointer to the crypt_stat struct to initialize.
  105. *
  106. * Initialize the crypt_stat structure.
  107. */
  108. void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
  109. {
  110. memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
  111. INIT_LIST_HEAD(&crypt_stat->keysig_list);
  112. mutex_init(&crypt_stat->keysig_list_mutex);
  113. mutex_init(&crypt_stat->cs_mutex);
  114. mutex_init(&crypt_stat->cs_tfm_mutex);
  115. crypt_stat->flags |= ECRYPTFS_STRUCT_INITIALIZED;
  116. }
  117. /**
  118. * ecryptfs_destroy_crypt_stat
  119. * @crypt_stat: Pointer to the crypt_stat struct to initialize.
  120. *
  121. * Releases all memory associated with a crypt_stat struct.
  122. */
  123. void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
  124. {
  125. struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
  126. crypto_free_skcipher(crypt_stat->tfm);
  127. list_for_each_entry_safe(key_sig, key_sig_tmp,
  128. &crypt_stat->keysig_list, crypt_stat_list) {
  129. list_del(&key_sig->crypt_stat_list);
  130. kmem_cache_free(ecryptfs_key_sig_cache, key_sig);
  131. }
  132. memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
  133. }
  134. void ecryptfs_destroy_mount_crypt_stat(
  135. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  136. {
  137. struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp;
  138. if (!(mount_crypt_stat->flags & ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED))
  139. return;
  140. mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
  141. list_for_each_entry_safe(auth_tok, auth_tok_tmp,
  142. &mount_crypt_stat->global_auth_tok_list,
  143. mount_crypt_stat_list) {
  144. list_del(&auth_tok->mount_crypt_stat_list);
  145. if (!(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID))
  146. key_put(auth_tok->global_auth_tok_key);
  147. kmem_cache_free(ecryptfs_global_auth_tok_cache, auth_tok);
  148. }
  149. mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
  150. memset(mount_crypt_stat, 0, sizeof(struct ecryptfs_mount_crypt_stat));
  151. }
  152. /**
  153. * virt_to_scatterlist
  154. * @addr: Virtual address
  155. * @size: Size of data; should be an even multiple of the block size
  156. * @sg: Pointer to scatterlist array; set to NULL to obtain only
  157. * the number of scatterlist structs required in array
  158. * @sg_size: Max array size
  159. *
  160. * Fills in a scatterlist array with page references for a passed
  161. * virtual address.
  162. *
  163. * Returns the number of scatterlist structs in array used
  164. */
  165. int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg,
  166. int sg_size)
  167. {
  168. int i = 0;
  169. struct page *pg;
  170. int offset;
  171. int remainder_of_page;
  172. sg_init_table(sg, sg_size);
  173. while (size > 0 && i < sg_size) {
  174. pg = virt_to_page(addr);
  175. offset = offset_in_page(addr);
  176. sg_set_page(&sg[i], pg, 0, offset);
  177. remainder_of_page = PAGE_SIZE - offset;
  178. if (size >= remainder_of_page) {
  179. sg[i].length = remainder_of_page;
  180. addr += remainder_of_page;
  181. size -= remainder_of_page;
  182. } else {
  183. sg[i].length = size;
  184. addr += size;
  185. size = 0;
  186. }
  187. i++;
  188. }
  189. if (size > 0)
  190. return -ENOMEM;
  191. return i;
  192. }
  193. /**
  194. * crypt_scatterlist
  195. * @crypt_stat: Pointer to the crypt_stat struct to initialize.
  196. * @dst_sg: Destination of the data after performing the crypto operation
  197. * @src_sg: Data to be encrypted or decrypted
  198. * @size: Length of data
  199. * @iv: IV to use
  200. * @op: ENCRYPT or DECRYPT to indicate the desired operation
  201. *
  202. * Returns the number of bytes encrypted or decrypted; negative value on error
  203. */
  204. static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat,
  205. struct scatterlist *dst_sg,
  206. struct scatterlist *src_sg, int size,
  207. unsigned char *iv, int op)
  208. {
  209. struct skcipher_request *req = NULL;
  210. DECLARE_CRYPTO_WAIT(ecr);
  211. int rc = 0;
  212. if (unlikely(ecryptfs_verbosity > 0)) {
  213. ecryptfs_printk(KERN_DEBUG, "Key size [%zd]; key:\n",
  214. crypt_stat->key_size);
  215. ecryptfs_dump_hex(crypt_stat->key,
  216. crypt_stat->key_size);
  217. }
  218. mutex_lock(&crypt_stat->cs_tfm_mutex);
  219. req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
  220. if (!req) {
  221. mutex_unlock(&crypt_stat->cs_tfm_mutex);
  222. rc = -ENOMEM;
  223. goto out;
  224. }
  225. skcipher_request_set_callback(req,
  226. CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
  227. crypto_req_done, &ecr);
  228. /* Consider doing this once, when the file is opened */
  229. if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) {
  230. rc = crypto_skcipher_setkey(crypt_stat->tfm, crypt_stat->key,
  231. crypt_stat->key_size);
  232. if (rc) {
  233. ecryptfs_printk(KERN_ERR,
  234. "Error setting key; rc = [%d]\n",
  235. rc);
  236. mutex_unlock(&crypt_stat->cs_tfm_mutex);
  237. rc = -EINVAL;
  238. goto out;
  239. }
  240. crypt_stat->flags |= ECRYPTFS_KEY_SET;
  241. }
  242. mutex_unlock(&crypt_stat->cs_tfm_mutex);
  243. skcipher_request_set_crypt(req, src_sg, dst_sg, size, iv);
  244. rc = op == ENCRYPT ? crypto_skcipher_encrypt(req) :
  245. crypto_skcipher_decrypt(req);
  246. rc = crypto_wait_req(rc, &ecr);
  247. out:
  248. skcipher_request_free(req);
  249. return rc;
  250. }
  251. /*
  252. * lower_offset_for_page
  253. *
  254. * Convert an eCryptfs page index into a lower byte offset
  255. */
  256. static loff_t lower_offset_for_page(struct ecryptfs_crypt_stat *crypt_stat,
  257. struct folio *folio)
  258. {
  259. return ecryptfs_lower_header_size(crypt_stat) +
  260. (loff_t)folio->index * PAGE_SIZE;
  261. }
  262. /**
  263. * crypt_extent
  264. * @crypt_stat: crypt_stat containing cryptographic context for the
  265. * encryption operation
  266. * @dst_page: The page to write the result into
  267. * @src_page: The page to read from
  268. * @page_index: The offset in the file (in units of PAGE_SIZE)
  269. * @extent_offset: Page extent offset for use in generating IV
  270. * @op: ENCRYPT or DECRYPT to indicate the desired operation
  271. *
  272. * Encrypts or decrypts one extent of data.
  273. *
  274. * Return zero on success; non-zero otherwise
  275. */
  276. static int crypt_extent(struct ecryptfs_crypt_stat *crypt_stat,
  277. struct page *dst_page,
  278. struct page *src_page,
  279. pgoff_t page_index,
  280. unsigned long extent_offset, int op)
  281. {
  282. loff_t extent_base;
  283. char extent_iv[ECRYPTFS_MAX_IV_BYTES];
  284. struct scatterlist src_sg, dst_sg;
  285. size_t extent_size = crypt_stat->extent_size;
  286. int rc;
  287. extent_base = (((loff_t)page_index) * (PAGE_SIZE / extent_size));
  288. ecryptfs_derive_iv(extent_iv, crypt_stat, extent_base + extent_offset);
  289. sg_init_table(&src_sg, 1);
  290. sg_init_table(&dst_sg, 1);
  291. sg_set_page(&src_sg, src_page, extent_size,
  292. extent_offset * extent_size);
  293. sg_set_page(&dst_sg, dst_page, extent_size,
  294. extent_offset * extent_size);
  295. rc = crypt_scatterlist(crypt_stat, &dst_sg, &src_sg, extent_size,
  296. extent_iv, op);
  297. if (rc < 0) {
  298. printk(KERN_ERR "%s: Error attempting to crypt page with "
  299. "page_index = [%ld], extent_offset = [%ld]; "
  300. "rc = [%d]\n", __func__, page_index, extent_offset, rc);
  301. goto out;
  302. }
  303. rc = 0;
  304. out:
  305. return rc;
  306. }
  307. /**
  308. * ecryptfs_encrypt_page
  309. * @folio: Folio mapped from the eCryptfs inode for the file; contains
  310. * decrypted content that needs to be encrypted (to a temporary
  311. * page; not in place) and written out to the lower file
  312. *
  313. * Encrypt an eCryptfs page. This is done on a per-extent basis. Note
  314. * that eCryptfs pages may straddle the lower pages -- for instance,
  315. * if the file was created on a machine with an 8K page size
  316. * (resulting in an 8K header), and then the file is copied onto a
  317. * host with a 32K page size, then when reading page 0 of the eCryptfs
  318. * file, 24K of page 0 of the lower file will be read and decrypted,
  319. * and then 8K of page 1 of the lower file will be read and decrypted.
  320. *
  321. * Returns zero on success; negative on error
  322. */
  323. int ecryptfs_encrypt_page(struct folio *folio)
  324. {
  325. struct inode *ecryptfs_inode;
  326. struct ecryptfs_crypt_stat *crypt_stat;
  327. char *enc_extent_virt;
  328. struct page *enc_extent_page = NULL;
  329. loff_t extent_offset;
  330. loff_t lower_offset;
  331. int rc = 0;
  332. ecryptfs_inode = folio->mapping->host;
  333. crypt_stat =
  334. &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
  335. BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
  336. enc_extent_page = alloc_page(GFP_USER);
  337. if (!enc_extent_page) {
  338. rc = -ENOMEM;
  339. ecryptfs_printk(KERN_ERR, "Error allocating memory for "
  340. "encrypted extent\n");
  341. goto out;
  342. }
  343. for (extent_offset = 0;
  344. extent_offset < (PAGE_SIZE / crypt_stat->extent_size);
  345. extent_offset++) {
  346. rc = crypt_extent(crypt_stat, enc_extent_page,
  347. folio_page(folio, 0), folio->index,
  348. extent_offset, ENCRYPT);
  349. if (rc) {
  350. printk(KERN_ERR "%s: Error encrypting extent; "
  351. "rc = [%d]\n", __func__, rc);
  352. goto out;
  353. }
  354. }
  355. lower_offset = lower_offset_for_page(crypt_stat, folio);
  356. enc_extent_virt = kmap_local_page(enc_extent_page);
  357. rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, lower_offset,
  358. PAGE_SIZE);
  359. kunmap_local(enc_extent_virt);
  360. if (rc < 0) {
  361. ecryptfs_printk(KERN_ERR,
  362. "Error attempting to write lower page; rc = [%d]\n",
  363. rc);
  364. goto out;
  365. }
  366. rc = 0;
  367. out:
  368. if (enc_extent_page) {
  369. __free_page(enc_extent_page);
  370. }
  371. return rc;
  372. }
  373. /**
  374. * ecryptfs_decrypt_page
  375. * @folio: Folio mapped from the eCryptfs inode for the file; data read
  376. * and decrypted from the lower file will be written into this
  377. * page
  378. *
  379. * Decrypt an eCryptfs page. This is done on a per-extent basis. Note
  380. * that eCryptfs pages may straddle the lower pages -- for instance,
  381. * if the file was created on a machine with an 8K page size
  382. * (resulting in an 8K header), and then the file is copied onto a
  383. * host with a 32K page size, then when reading page 0 of the eCryptfs
  384. * file, 24K of page 0 of the lower file will be read and decrypted,
  385. * and then 8K of page 1 of the lower file will be read and decrypted.
  386. *
  387. * Returns zero on success; negative on error
  388. */
  389. int ecryptfs_decrypt_page(struct folio *folio)
  390. {
  391. struct inode *ecryptfs_inode;
  392. struct ecryptfs_crypt_stat *crypt_stat;
  393. char *page_virt;
  394. unsigned long extent_offset;
  395. loff_t lower_offset;
  396. int rc = 0;
  397. ecryptfs_inode = folio->mapping->host;
  398. crypt_stat =
  399. &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat);
  400. BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
  401. lower_offset = lower_offset_for_page(crypt_stat, folio);
  402. page_virt = kmap_local_folio(folio, 0);
  403. rc = ecryptfs_read_lower(page_virt, lower_offset, PAGE_SIZE,
  404. ecryptfs_inode);
  405. kunmap_local(page_virt);
  406. if (rc < 0) {
  407. ecryptfs_printk(KERN_ERR,
  408. "Error attempting to read lower page; rc = [%d]\n",
  409. rc);
  410. goto out;
  411. }
  412. for (extent_offset = 0;
  413. extent_offset < (PAGE_SIZE / crypt_stat->extent_size);
  414. extent_offset++) {
  415. struct page *page = folio_page(folio, 0);
  416. rc = crypt_extent(crypt_stat, page, page, folio->index,
  417. extent_offset, DECRYPT);
  418. if (rc) {
  419. printk(KERN_ERR "%s: Error decrypting extent; "
  420. "rc = [%d]\n", __func__, rc);
  421. goto out;
  422. }
  423. }
  424. out:
  425. return rc;
  426. }
  427. #define ECRYPTFS_MAX_SCATTERLIST_LEN 4
  428. /**
  429. * ecryptfs_init_crypt_ctx
  430. * @crypt_stat: Uninitialized crypt stats structure
  431. *
  432. * Initialize the crypto context.
  433. *
  434. * TODO: Performance: Keep a cache of initialized cipher contexts;
  435. * only init if needed
  436. */
  437. int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat)
  438. {
  439. char *full_alg_name;
  440. int rc = -EINVAL;
  441. ecryptfs_printk(KERN_DEBUG,
  442. "Initializing cipher [%s]; strlen = [%d]; "
  443. "key_size_bits = [%zd]\n",
  444. crypt_stat->cipher, (int)strlen(crypt_stat->cipher),
  445. crypt_stat->key_size << 3);
  446. mutex_lock(&crypt_stat->cs_tfm_mutex);
  447. if (crypt_stat->tfm) {
  448. rc = 0;
  449. goto out_unlock;
  450. }
  451. rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name,
  452. crypt_stat->cipher, "cbc");
  453. if (rc)
  454. goto out_unlock;
  455. crypt_stat->tfm = crypto_alloc_skcipher(full_alg_name, 0, 0);
  456. if (IS_ERR(crypt_stat->tfm)) {
  457. rc = PTR_ERR(crypt_stat->tfm);
  458. crypt_stat->tfm = NULL;
  459. ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
  460. "Error initializing cipher [%s]\n",
  461. full_alg_name);
  462. goto out_free;
  463. }
  464. crypto_skcipher_set_flags(crypt_stat->tfm,
  465. CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
  466. rc = 0;
  467. out_free:
  468. kfree(full_alg_name);
  469. out_unlock:
  470. mutex_unlock(&crypt_stat->cs_tfm_mutex);
  471. return rc;
  472. }
  473. static void set_extent_mask_and_shift(struct ecryptfs_crypt_stat *crypt_stat)
  474. {
  475. int extent_size_tmp;
  476. crypt_stat->extent_mask = 0xFFFFFFFF;
  477. crypt_stat->extent_shift = 0;
  478. if (crypt_stat->extent_size == 0)
  479. return;
  480. extent_size_tmp = crypt_stat->extent_size;
  481. while ((extent_size_tmp & 0x01) == 0) {
  482. extent_size_tmp >>= 1;
  483. crypt_stat->extent_mask <<= 1;
  484. crypt_stat->extent_shift++;
  485. }
  486. }
  487. void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat)
  488. {
  489. /* Default values; may be overwritten as we are parsing the
  490. * packets. */
  491. crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE;
  492. set_extent_mask_and_shift(crypt_stat);
  493. crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES;
  494. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
  495. crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
  496. else {
  497. if (PAGE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)
  498. crypt_stat->metadata_size =
  499. ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
  500. else
  501. crypt_stat->metadata_size = PAGE_SIZE;
  502. }
  503. }
  504. /*
  505. * ecryptfs_compute_root_iv
  506. *
  507. * On error, sets the root IV to all 0's.
  508. */
  509. int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat)
  510. {
  511. char dst[MD5_DIGEST_SIZE];
  512. BUG_ON(crypt_stat->iv_bytes > MD5_DIGEST_SIZE);
  513. BUG_ON(crypt_stat->iv_bytes <= 0);
  514. if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
  515. ecryptfs_printk(KERN_WARNING, "Session key not valid; "
  516. "cannot generate root IV\n");
  517. memset(crypt_stat->root_iv, 0, crypt_stat->iv_bytes);
  518. crypt_stat->flags |= ECRYPTFS_SECURITY_WARNING;
  519. return -EINVAL;
  520. }
  521. md5(crypt_stat->key, crypt_stat->key_size, dst);
  522. memcpy(crypt_stat->root_iv, dst, crypt_stat->iv_bytes);
  523. return 0;
  524. }
  525. static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat)
  526. {
  527. get_random_bytes(crypt_stat->key, crypt_stat->key_size);
  528. crypt_stat->flags |= ECRYPTFS_KEY_VALID;
  529. ecryptfs_compute_root_iv(crypt_stat);
  530. if (unlikely(ecryptfs_verbosity > 0)) {
  531. ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n");
  532. ecryptfs_dump_hex(crypt_stat->key,
  533. crypt_stat->key_size);
  534. }
  535. }
  536. /**
  537. * ecryptfs_copy_mount_wide_flags_to_inode_flags
  538. * @crypt_stat: The inode's cryptographic context
  539. * @mount_crypt_stat: The mount point's cryptographic context
  540. *
  541. * This function propagates the mount-wide flags to individual inode
  542. * flags.
  543. */
  544. static void ecryptfs_copy_mount_wide_flags_to_inode_flags(
  545. struct ecryptfs_crypt_stat *crypt_stat,
  546. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  547. {
  548. if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED)
  549. crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
  550. if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)
  551. crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED;
  552. if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) {
  553. crypt_stat->flags |= ECRYPTFS_ENCRYPT_FILENAMES;
  554. if (mount_crypt_stat->flags
  555. & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)
  556. crypt_stat->flags |= ECRYPTFS_ENCFN_USE_MOUNT_FNEK;
  557. else if (mount_crypt_stat->flags
  558. & ECRYPTFS_GLOBAL_ENCFN_USE_FEK)
  559. crypt_stat->flags |= ECRYPTFS_ENCFN_USE_FEK;
  560. }
  561. }
  562. static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs(
  563. struct ecryptfs_crypt_stat *crypt_stat,
  564. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  565. {
  566. struct ecryptfs_global_auth_tok *global_auth_tok;
  567. int rc = 0;
  568. mutex_lock(&crypt_stat->keysig_list_mutex);
  569. mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
  570. list_for_each_entry(global_auth_tok,
  571. &mount_crypt_stat->global_auth_tok_list,
  572. mount_crypt_stat_list) {
  573. if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK)
  574. continue;
  575. rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig);
  576. if (rc) {
  577. printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc);
  578. goto out;
  579. }
  580. }
  581. out:
  582. mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
  583. mutex_unlock(&crypt_stat->keysig_list_mutex);
  584. return rc;
  585. }
  586. /**
  587. * ecryptfs_set_default_crypt_stat_vals
  588. * @crypt_stat: The inode's cryptographic context
  589. * @mount_crypt_stat: The mount point's cryptographic context
  590. *
  591. * Default values in the event that policy does not override them.
  592. */
  593. static void ecryptfs_set_default_crypt_stat_vals(
  594. struct ecryptfs_crypt_stat *crypt_stat,
  595. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  596. {
  597. ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
  598. mount_crypt_stat);
  599. ecryptfs_set_default_sizes(crypt_stat);
  600. strscpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER);
  601. crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES;
  602. crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID);
  603. crypt_stat->file_version = ECRYPTFS_FILE_VERSION;
  604. crypt_stat->mount_crypt_stat = mount_crypt_stat;
  605. }
  606. /**
  607. * ecryptfs_new_file_context
  608. * @ecryptfs_inode: The eCryptfs inode
  609. *
  610. * If the crypto context for the file has not yet been established,
  611. * this is where we do that. Establishing a new crypto context
  612. * involves the following decisions:
  613. * - What cipher to use?
  614. * - What set of authentication tokens to use?
  615. * Here we just worry about getting enough information into the
  616. * authentication tokens so that we know that they are available.
  617. * We associate the available authentication tokens with the new file
  618. * via the set of signatures in the crypt_stat struct. Later, when
  619. * the headers are actually written out, we may again defer to
  620. * userspace to perform the encryption of the session key; for the
  621. * foreseeable future, this will be the case with public key packets.
  622. *
  623. * Returns zero on success; non-zero otherwise
  624. */
  625. int ecryptfs_new_file_context(struct inode *ecryptfs_inode)
  626. {
  627. struct ecryptfs_crypt_stat *crypt_stat =
  628. &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
  629. struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
  630. &ecryptfs_superblock_to_private(
  631. ecryptfs_inode->i_sb)->mount_crypt_stat;
  632. int rc = 0;
  633. ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat);
  634. crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID);
  635. ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
  636. mount_crypt_stat);
  637. rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat,
  638. mount_crypt_stat);
  639. if (rc) {
  640. printk(KERN_ERR "Error attempting to copy mount-wide key sigs "
  641. "to the inode key sigs; rc = [%d]\n", rc);
  642. goto out;
  643. }
  644. strscpy(crypt_stat->cipher,
  645. mount_crypt_stat->global_default_cipher_name);
  646. crypt_stat->key_size =
  647. mount_crypt_stat->global_default_cipher_key_size;
  648. ecryptfs_generate_new_key(crypt_stat);
  649. rc = ecryptfs_init_crypt_ctx(crypt_stat);
  650. if (rc)
  651. ecryptfs_printk(KERN_ERR, "Error initializing cryptographic "
  652. "context for cipher [%s]: rc = [%d]\n",
  653. crypt_stat->cipher, rc);
  654. out:
  655. return rc;
  656. }
  657. /**
  658. * ecryptfs_validate_marker - check for the ecryptfs marker
  659. * @data: The data block in which to check
  660. *
  661. * Returns zero if marker found; -EINVAL if not found
  662. */
  663. static int ecryptfs_validate_marker(char *data)
  664. {
  665. u32 m_1, m_2;
  666. m_1 = get_unaligned_be32(data);
  667. m_2 = get_unaligned_be32(data + 4);
  668. if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2)
  669. return 0;
  670. ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; "
  671. "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n", m_1, m_2,
  672. MAGIC_ECRYPTFS_MARKER);
  673. ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = "
  674. "[0x%.8x]\n", (m_1 ^ MAGIC_ECRYPTFS_MARKER));
  675. return -EINVAL;
  676. }
  677. struct ecryptfs_flag_map_elem {
  678. u32 file_flag;
  679. u32 local_flag;
  680. };
  681. /* Add support for additional flags by adding elements here. */
  682. static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = {
  683. {0x00000001, ECRYPTFS_ENABLE_HMAC},
  684. {0x00000002, ECRYPTFS_ENCRYPTED},
  685. {0x00000004, ECRYPTFS_METADATA_IN_XATTR},
  686. {0x00000008, ECRYPTFS_ENCRYPT_FILENAMES}
  687. };
  688. /**
  689. * ecryptfs_process_flags
  690. * @crypt_stat: The cryptographic context
  691. * @page_virt: Source data to be parsed
  692. * @bytes_read: Updated with the number of bytes read
  693. */
  694. static void ecryptfs_process_flags(struct ecryptfs_crypt_stat *crypt_stat,
  695. char *page_virt, int *bytes_read)
  696. {
  697. int i;
  698. u32 flags;
  699. flags = get_unaligned_be32(page_virt);
  700. for (i = 0; i < ARRAY_SIZE(ecryptfs_flag_map); i++)
  701. if (flags & ecryptfs_flag_map[i].file_flag) {
  702. crypt_stat->flags |= ecryptfs_flag_map[i].local_flag;
  703. } else
  704. crypt_stat->flags &= ~(ecryptfs_flag_map[i].local_flag);
  705. /* Version is in top 8 bits of the 32-bit flag vector */
  706. crypt_stat->file_version = ((flags >> 24) & 0xFF);
  707. (*bytes_read) = 4;
  708. }
  709. /**
  710. * write_ecryptfs_marker
  711. * @page_virt: The pointer to in a page to begin writing the marker
  712. * @written: Number of bytes written
  713. *
  714. * Marker = 0x3c81b7f5
  715. */
  716. static void write_ecryptfs_marker(char *page_virt, size_t *written)
  717. {
  718. u32 m_1, m_2;
  719. get_random_bytes(&m_1, (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2));
  720. m_2 = (m_1 ^ MAGIC_ECRYPTFS_MARKER);
  721. put_unaligned_be32(m_1, page_virt);
  722. page_virt += (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2);
  723. put_unaligned_be32(m_2, page_virt);
  724. (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
  725. }
  726. void ecryptfs_write_crypt_stat_flags(char *page_virt,
  727. struct ecryptfs_crypt_stat *crypt_stat,
  728. size_t *written)
  729. {
  730. u32 flags = 0;
  731. int i;
  732. for (i = 0; i < ARRAY_SIZE(ecryptfs_flag_map); i++)
  733. if (crypt_stat->flags & ecryptfs_flag_map[i].local_flag)
  734. flags |= ecryptfs_flag_map[i].file_flag;
  735. /* Version is in top 8 bits of the 32-bit flag vector */
  736. flags |= ((((u8)crypt_stat->file_version) << 24) & 0xFF000000);
  737. put_unaligned_be32(flags, page_virt);
  738. (*written) = 4;
  739. }
  740. struct ecryptfs_cipher_code_str_map_elem {
  741. char cipher_str[16];
  742. u8 cipher_code;
  743. };
  744. /* Add support for additional ciphers by adding elements here. The
  745. * cipher_code is whatever OpenPGP applications use to identify the
  746. * ciphers. List in order of probability. */
  747. static struct ecryptfs_cipher_code_str_map_elem
  748. ecryptfs_cipher_code_str_map[] = {
  749. {"aes",RFC2440_CIPHER_AES_128 },
  750. {"blowfish", RFC2440_CIPHER_BLOWFISH},
  751. {"des3_ede", RFC2440_CIPHER_DES3_EDE},
  752. {"cast5", RFC2440_CIPHER_CAST_5},
  753. {"twofish", RFC2440_CIPHER_TWOFISH},
  754. {"cast6", RFC2440_CIPHER_CAST_6},
  755. {"aes", RFC2440_CIPHER_AES_192},
  756. {"aes", RFC2440_CIPHER_AES_256}
  757. };
  758. /**
  759. * ecryptfs_code_for_cipher_string
  760. * @cipher_name: The string alias for the cipher
  761. * @key_bytes: Length of key in bytes; used for AES code selection
  762. *
  763. * Returns zero on no match, or the cipher code on match
  764. */
  765. u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes)
  766. {
  767. int i;
  768. u8 code = 0;
  769. struct ecryptfs_cipher_code_str_map_elem *map =
  770. ecryptfs_cipher_code_str_map;
  771. if (strcmp(cipher_name, "aes") == 0) {
  772. switch (key_bytes) {
  773. case 16:
  774. code = RFC2440_CIPHER_AES_128;
  775. break;
  776. case 24:
  777. code = RFC2440_CIPHER_AES_192;
  778. break;
  779. case 32:
  780. code = RFC2440_CIPHER_AES_256;
  781. }
  782. } else {
  783. for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)
  784. if (strcmp(cipher_name, map[i].cipher_str) == 0) {
  785. code = map[i].cipher_code;
  786. break;
  787. }
  788. }
  789. return code;
  790. }
  791. /**
  792. * ecryptfs_cipher_code_to_string
  793. * @str: Destination to write out the cipher name
  794. * @size: Destination buffer size
  795. * @cipher_code: The code to convert to cipher name string
  796. *
  797. * Returns zero on success
  798. */
  799. int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code)
  800. {
  801. int rc = 0;
  802. int i;
  803. str[0] = '\0';
  804. for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++)
  805. if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code)
  806. strscpy(str, ecryptfs_cipher_code_str_map[i].cipher_str,
  807. size);
  808. if (str[0] == '\0') {
  809. ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: "
  810. "[%d]\n", cipher_code);
  811. rc = -EINVAL;
  812. }
  813. return rc;
  814. }
  815. int ecryptfs_read_and_validate_header_region(struct inode *inode)
  816. {
  817. u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES];
  818. u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES;
  819. int rc;
  820. rc = ecryptfs_read_lower(file_size, 0, ECRYPTFS_SIZE_AND_MARKER_BYTES,
  821. inode);
  822. if (rc < 0)
  823. return rc;
  824. else if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES)
  825. return -EINVAL;
  826. rc = ecryptfs_validate_marker(marker);
  827. if (!rc)
  828. ecryptfs_i_size_init(file_size, inode);
  829. return rc;
  830. }
  831. void
  832. ecryptfs_write_header_metadata(char *virt,
  833. struct ecryptfs_crypt_stat *crypt_stat,
  834. size_t *written)
  835. {
  836. u32 header_extent_size;
  837. u16 num_header_extents_at_front;
  838. header_extent_size = (u32)crypt_stat->extent_size;
  839. num_header_extents_at_front =
  840. (u16)(crypt_stat->metadata_size / crypt_stat->extent_size);
  841. put_unaligned_be32(header_extent_size, virt);
  842. virt += 4;
  843. put_unaligned_be16(num_header_extents_at_front, virt);
  844. (*written) = 6;
  845. }
  846. struct kmem_cache *ecryptfs_header_cache;
  847. /**
  848. * ecryptfs_write_headers_virt
  849. * @page_virt: The virtual address to write the headers to
  850. * @max: The size of memory allocated at page_virt
  851. * @size: Set to the number of bytes written by this function
  852. * @crypt_stat: The cryptographic context
  853. * @ecryptfs_dentry: The eCryptfs dentry
  854. *
  855. * Format version: 1
  856. *
  857. * Header Extent:
  858. * Octets 0-7: Unencrypted file size (big-endian)
  859. * Octets 8-15: eCryptfs special marker
  860. * Octets 16-19: Flags
  861. * Octet 16: File format version number (between 0 and 255)
  862. * Octets 17-18: Reserved
  863. * Octet 19: Bit 1 (lsb): Reserved
  864. * Bit 2: Encrypted?
  865. * Bits 3-8: Reserved
  866. * Octets 20-23: Header extent size (big-endian)
  867. * Octets 24-25: Number of header extents at front of file
  868. * (big-endian)
  869. * Octet 26: Begin RFC 2440 authentication token packet set
  870. * Data Extent 0:
  871. * Lower data (CBC encrypted)
  872. * Data Extent 1:
  873. * Lower data (CBC encrypted)
  874. * ...
  875. *
  876. * Returns zero on success
  877. */
  878. static int ecryptfs_write_headers_virt(char *page_virt, size_t max,
  879. size_t *size,
  880. struct ecryptfs_crypt_stat *crypt_stat,
  881. struct dentry *ecryptfs_dentry)
  882. {
  883. int rc;
  884. size_t written;
  885. size_t offset;
  886. offset = ECRYPTFS_FILE_SIZE_BYTES;
  887. write_ecryptfs_marker((page_virt + offset), &written);
  888. offset += written;
  889. ecryptfs_write_crypt_stat_flags((page_virt + offset), crypt_stat,
  890. &written);
  891. offset += written;
  892. ecryptfs_write_header_metadata((page_virt + offset), crypt_stat,
  893. &written);
  894. offset += written;
  895. rc = ecryptfs_generate_key_packet_set((page_virt + offset), crypt_stat,
  896. ecryptfs_dentry, &written,
  897. max - offset);
  898. if (rc)
  899. ecryptfs_printk(KERN_WARNING, "Error generating key packet "
  900. "set; rc = [%d]\n", rc);
  901. if (size) {
  902. offset += written;
  903. *size = offset;
  904. }
  905. return rc;
  906. }
  907. static int
  908. ecryptfs_write_metadata_to_contents(struct inode *ecryptfs_inode,
  909. char *virt, size_t virt_len)
  910. {
  911. int rc;
  912. rc = ecryptfs_write_lower(ecryptfs_inode, virt,
  913. 0, virt_len);
  914. if (rc < 0)
  915. printk(KERN_ERR "%s: Error attempting to write header "
  916. "information to lower file; rc = [%d]\n", __func__, rc);
  917. else
  918. rc = 0;
  919. return rc;
  920. }
  921. static int
  922. ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry,
  923. struct inode *ecryptfs_inode,
  924. char *page_virt, size_t size)
  925. {
  926. int rc;
  927. struct dentry *lower_dentry = ecryptfs_dentry_to_lower(ecryptfs_dentry);
  928. struct inode *lower_inode = d_inode(lower_dentry);
  929. if (!(lower_inode->i_opflags & IOP_XATTR)) {
  930. rc = -EOPNOTSUPP;
  931. goto out;
  932. }
  933. inode_lock(lower_inode);
  934. rc = __vfs_setxattr(&nop_mnt_idmap, lower_dentry, lower_inode,
  935. ECRYPTFS_XATTR_NAME, page_virt, size, 0);
  936. if (!rc && ecryptfs_inode)
  937. fsstack_copy_attr_all(ecryptfs_inode, lower_inode);
  938. inode_unlock(lower_inode);
  939. out:
  940. return rc;
  941. }
  942. static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask,
  943. unsigned int order)
  944. {
  945. struct page *page;
  946. page = alloc_pages(gfp_mask | __GFP_ZERO, order);
  947. if (page)
  948. return (unsigned long) page_address(page);
  949. return 0;
  950. }
  951. /**
  952. * ecryptfs_write_metadata
  953. * @ecryptfs_dentry: The eCryptfs dentry, which should be negative
  954. * @ecryptfs_inode: The newly created eCryptfs inode
  955. *
  956. * Write the file headers out. This will likely involve a userspace
  957. * callout, in which the session key is encrypted with one or more
  958. * public keys and/or the passphrase necessary to do the encryption is
  959. * retrieved via a prompt. Exactly what happens at this point should
  960. * be policy-dependent.
  961. *
  962. * Returns zero on success; non-zero on error
  963. */
  964. int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry,
  965. struct inode *ecryptfs_inode)
  966. {
  967. struct ecryptfs_crypt_stat *crypt_stat =
  968. &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
  969. unsigned int order;
  970. char *virt;
  971. size_t virt_len;
  972. size_t size = 0;
  973. int rc = 0;
  974. if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
  975. if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) {
  976. printk(KERN_ERR "Key is invalid; bailing out\n");
  977. rc = -EINVAL;
  978. goto out;
  979. }
  980. } else {
  981. printk(KERN_WARNING "%s: Encrypted flag not set\n",
  982. __func__);
  983. rc = -EINVAL;
  984. goto out;
  985. }
  986. virt_len = crypt_stat->metadata_size;
  987. order = get_order(virt_len);
  988. /* Released in this function */
  989. virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order);
  990. if (!virt) {
  991. printk(KERN_ERR "%s: Out of memory\n", __func__);
  992. rc = -ENOMEM;
  993. goto out;
  994. }
  995. /* Zeroed page ensures the in-header unencrypted i_size is set to 0 */
  996. rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat,
  997. ecryptfs_dentry);
  998. if (unlikely(rc)) {
  999. printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n",
  1000. __func__, rc);
  1001. goto out_free;
  1002. }
  1003. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
  1004. rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, ecryptfs_inode,
  1005. virt, size);
  1006. else
  1007. rc = ecryptfs_write_metadata_to_contents(ecryptfs_inode, virt,
  1008. virt_len);
  1009. if (rc) {
  1010. printk(KERN_ERR "%s: Error writing metadata out to lower file; "
  1011. "rc = [%d]\n", __func__, rc);
  1012. goto out_free;
  1013. }
  1014. out_free:
  1015. free_pages((unsigned long)virt, order);
  1016. out:
  1017. return rc;
  1018. }
  1019. #define ECRYPTFS_DONT_VALIDATE_HEADER_SIZE 0
  1020. #define ECRYPTFS_VALIDATE_HEADER_SIZE 1
  1021. static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat,
  1022. char *virt, int *bytes_read,
  1023. int validate_header_size)
  1024. {
  1025. int rc = 0;
  1026. u32 header_extent_size;
  1027. u16 num_header_extents_at_front;
  1028. header_extent_size = get_unaligned_be32(virt);
  1029. virt += sizeof(__be32);
  1030. num_header_extents_at_front = get_unaligned_be16(virt);
  1031. crypt_stat->metadata_size = (((size_t)num_header_extents_at_front
  1032. * (size_t)header_extent_size));
  1033. (*bytes_read) = (sizeof(__be32) + sizeof(__be16));
  1034. if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE)
  1035. && (crypt_stat->metadata_size
  1036. < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) {
  1037. rc = -EINVAL;
  1038. printk(KERN_WARNING "Invalid header size: [%zd]\n",
  1039. crypt_stat->metadata_size);
  1040. }
  1041. return rc;
  1042. }
  1043. /**
  1044. * set_default_header_data
  1045. * @crypt_stat: The cryptographic context
  1046. *
  1047. * For version 0 file format; this function is only for backwards
  1048. * compatibility for files created with the prior versions of
  1049. * eCryptfs.
  1050. */
  1051. static void set_default_header_data(struct ecryptfs_crypt_stat *crypt_stat)
  1052. {
  1053. crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE;
  1054. }
  1055. void ecryptfs_i_size_init(const char *page_virt, struct inode *inode)
  1056. {
  1057. struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
  1058. struct ecryptfs_crypt_stat *crypt_stat;
  1059. u64 file_size;
  1060. crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
  1061. mount_crypt_stat =
  1062. &ecryptfs_superblock_to_private(inode->i_sb)->mount_crypt_stat;
  1063. if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) {
  1064. file_size = i_size_read(ecryptfs_inode_to_lower(inode));
  1065. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
  1066. file_size += crypt_stat->metadata_size;
  1067. } else
  1068. file_size = get_unaligned_be64(page_virt);
  1069. i_size_write(inode, (loff_t)file_size);
  1070. crypt_stat->flags |= ECRYPTFS_I_SIZE_INITIALIZED;
  1071. }
  1072. /**
  1073. * ecryptfs_read_headers_virt
  1074. * @page_virt: The virtual address into which to read the headers
  1075. * @crypt_stat: The cryptographic context
  1076. * @ecryptfs_dentry: The eCryptfs dentry
  1077. * @validate_header_size: Whether to validate the header size while reading
  1078. *
  1079. * Read/parse the header data. The header format is detailed in the
  1080. * comment block for the ecryptfs_write_headers_virt() function.
  1081. *
  1082. * Returns zero on success
  1083. */
  1084. static int ecryptfs_read_headers_virt(char *page_virt,
  1085. struct ecryptfs_crypt_stat *crypt_stat,
  1086. struct dentry *ecryptfs_dentry,
  1087. int validate_header_size)
  1088. {
  1089. int rc = 0;
  1090. int offset;
  1091. int bytes_read;
  1092. ecryptfs_set_default_sizes(crypt_stat);
  1093. crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private(
  1094. ecryptfs_dentry->d_sb)->mount_crypt_stat;
  1095. offset = ECRYPTFS_FILE_SIZE_BYTES;
  1096. rc = ecryptfs_validate_marker(page_virt + offset);
  1097. if (rc)
  1098. goto out;
  1099. if (!(crypt_stat->flags & ECRYPTFS_I_SIZE_INITIALIZED))
  1100. ecryptfs_i_size_init(page_virt, d_inode(ecryptfs_dentry));
  1101. offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES;
  1102. ecryptfs_process_flags(crypt_stat, (page_virt + offset), &bytes_read);
  1103. if (crypt_stat->file_version > ECRYPTFS_SUPPORTED_FILE_VERSION) {
  1104. ecryptfs_printk(KERN_WARNING, "File version is [%d]; only "
  1105. "file version [%d] is supported by this "
  1106. "version of eCryptfs\n",
  1107. crypt_stat->file_version,
  1108. ECRYPTFS_SUPPORTED_FILE_VERSION);
  1109. rc = -EINVAL;
  1110. goto out;
  1111. }
  1112. offset += bytes_read;
  1113. if (crypt_stat->file_version >= 1) {
  1114. rc = parse_header_metadata(crypt_stat, (page_virt + offset),
  1115. &bytes_read, validate_header_size);
  1116. if (rc) {
  1117. ecryptfs_printk(KERN_WARNING, "Error reading header "
  1118. "metadata; rc = [%d]\n", rc);
  1119. }
  1120. offset += bytes_read;
  1121. } else
  1122. set_default_header_data(crypt_stat);
  1123. rc = ecryptfs_parse_packet_set(crypt_stat, (page_virt + offset),
  1124. ecryptfs_dentry);
  1125. out:
  1126. return rc;
  1127. }
  1128. /**
  1129. * ecryptfs_read_xattr_region
  1130. * @page_virt: The virtual address into which to read the xattr data
  1131. * @ecryptfs_inode: The eCryptfs inode
  1132. *
  1133. * Attempts to read the crypto metadata from the extended attribute
  1134. * region of the lower file.
  1135. *
  1136. * Returns zero on success; non-zero on error
  1137. */
  1138. int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode)
  1139. {
  1140. struct dentry *lower_dentry =
  1141. ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_path.dentry;
  1142. ssize_t size;
  1143. int rc = 0;
  1144. size = ecryptfs_getxattr_lower(lower_dentry,
  1145. ecryptfs_inode_to_lower(ecryptfs_inode),
  1146. ECRYPTFS_XATTR_NAME,
  1147. page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE);
  1148. if (size < 0) {
  1149. if (unlikely(ecryptfs_verbosity > 0))
  1150. printk(KERN_INFO "Error attempting to read the [%s] "
  1151. "xattr from the lower file; return value = "
  1152. "[%zd]\n", ECRYPTFS_XATTR_NAME, size);
  1153. rc = -EINVAL;
  1154. goto out;
  1155. }
  1156. out:
  1157. return rc;
  1158. }
  1159. int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry,
  1160. struct inode *inode)
  1161. {
  1162. u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES];
  1163. u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES;
  1164. int rc;
  1165. rc = ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry),
  1166. ecryptfs_inode_to_lower(inode),
  1167. ECRYPTFS_XATTR_NAME, file_size,
  1168. ECRYPTFS_SIZE_AND_MARKER_BYTES);
  1169. if (rc < 0)
  1170. return rc;
  1171. else if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES)
  1172. return -EINVAL;
  1173. rc = ecryptfs_validate_marker(marker);
  1174. if (!rc)
  1175. ecryptfs_i_size_init(file_size, inode);
  1176. return rc;
  1177. }
  1178. /*
  1179. * ecryptfs_read_metadata
  1180. *
  1181. * Common entry point for reading file metadata. From here, we could
  1182. * retrieve the header information from the header region of the file,
  1183. * the xattr region of the file, or some other repository that is
  1184. * stored separately from the file itself. The current implementation
  1185. * supports retrieving the metadata information from the file contents
  1186. * and from the xattr region.
  1187. *
  1188. * Returns zero if valid headers found and parsed; non-zero otherwise
  1189. */
  1190. int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry)
  1191. {
  1192. int rc;
  1193. char *page_virt;
  1194. struct inode *ecryptfs_inode = d_inode(ecryptfs_dentry);
  1195. struct ecryptfs_crypt_stat *crypt_stat =
  1196. &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
  1197. struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
  1198. &ecryptfs_superblock_to_private(
  1199. ecryptfs_dentry->d_sb)->mount_crypt_stat;
  1200. ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat,
  1201. mount_crypt_stat);
  1202. /* Read the first page from the underlying file */
  1203. page_virt = kmem_cache_alloc(ecryptfs_header_cache, GFP_USER);
  1204. if (!page_virt) {
  1205. rc = -ENOMEM;
  1206. goto out;
  1207. }
  1208. rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size,
  1209. ecryptfs_inode);
  1210. if (rc >= 0)
  1211. rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
  1212. ecryptfs_dentry,
  1213. ECRYPTFS_VALIDATE_HEADER_SIZE);
  1214. if (rc) {
  1215. /* metadata is not in the file header, so try xattrs */
  1216. memset(page_virt, 0, PAGE_SIZE);
  1217. rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode);
  1218. if (rc) {
  1219. printk(KERN_DEBUG "Valid eCryptfs headers not found in "
  1220. "file header region or xattr region, inode %lu\n",
  1221. ecryptfs_inode->i_ino);
  1222. rc = -EINVAL;
  1223. goto out;
  1224. }
  1225. rc = ecryptfs_read_headers_virt(page_virt, crypt_stat,
  1226. ecryptfs_dentry,
  1227. ECRYPTFS_DONT_VALIDATE_HEADER_SIZE);
  1228. if (rc) {
  1229. printk(KERN_DEBUG "Valid eCryptfs headers not found in "
  1230. "file xattr region either, inode %lu\n",
  1231. ecryptfs_inode->i_ino);
  1232. rc = -EINVAL;
  1233. }
  1234. if (crypt_stat->mount_crypt_stat->flags
  1235. & ECRYPTFS_XATTR_METADATA_ENABLED) {
  1236. crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
  1237. } else {
  1238. printk(KERN_WARNING "Attempt to access file with "
  1239. "crypto metadata only in the extended attribute "
  1240. "region, but eCryptfs was mounted without "
  1241. "xattr support enabled. eCryptfs will not treat "
  1242. "this like an encrypted file, inode %lu\n",
  1243. ecryptfs_inode->i_ino);
  1244. rc = -EINVAL;
  1245. }
  1246. }
  1247. out:
  1248. if (page_virt) {
  1249. memset(page_virt, 0, PAGE_SIZE);
  1250. kmem_cache_free(ecryptfs_header_cache, page_virt);
  1251. }
  1252. return rc;
  1253. }
  1254. /*
  1255. * ecryptfs_encrypt_filename - encrypt filename
  1256. *
  1257. * CBC-encrypts the filename. We do not want to encrypt the same
  1258. * filename with the same key and IV, which may happen with hard
  1259. * links, so we prepend random bits to each filename.
  1260. *
  1261. * Returns zero on success; non-zero otherwise
  1262. */
  1263. static int
  1264. ecryptfs_encrypt_filename(struct ecryptfs_filename *filename,
  1265. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  1266. {
  1267. int rc = 0;
  1268. filename->encrypted_filename = NULL;
  1269. filename->encrypted_filename_size = 0;
  1270. if (mount_crypt_stat && (mount_crypt_stat->flags
  1271. & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)) {
  1272. size_t packet_size;
  1273. size_t remaining_bytes;
  1274. rc = ecryptfs_write_tag_70_packet(
  1275. NULL, NULL,
  1276. &filename->encrypted_filename_size,
  1277. mount_crypt_stat, NULL,
  1278. filename->filename_size);
  1279. if (rc) {
  1280. printk(KERN_ERR "%s: Error attempting to get packet "
  1281. "size for tag 72; rc = [%d]\n", __func__,
  1282. rc);
  1283. filename->encrypted_filename_size = 0;
  1284. goto out;
  1285. }
  1286. filename->encrypted_filename =
  1287. kmalloc(filename->encrypted_filename_size, GFP_KERNEL);
  1288. if (!filename->encrypted_filename) {
  1289. rc = -ENOMEM;
  1290. goto out;
  1291. }
  1292. remaining_bytes = filename->encrypted_filename_size;
  1293. rc = ecryptfs_write_tag_70_packet(filename->encrypted_filename,
  1294. &remaining_bytes,
  1295. &packet_size,
  1296. mount_crypt_stat,
  1297. filename->filename,
  1298. filename->filename_size);
  1299. if (rc) {
  1300. printk(KERN_ERR "%s: Error attempting to generate "
  1301. "tag 70 packet; rc = [%d]\n", __func__,
  1302. rc);
  1303. kfree(filename->encrypted_filename);
  1304. filename->encrypted_filename = NULL;
  1305. filename->encrypted_filename_size = 0;
  1306. goto out;
  1307. }
  1308. filename->encrypted_filename_size = packet_size;
  1309. } else {
  1310. printk(KERN_ERR "%s: No support for requested filename "
  1311. "encryption method in this release\n", __func__);
  1312. rc = -EOPNOTSUPP;
  1313. goto out;
  1314. }
  1315. out:
  1316. return rc;
  1317. }
  1318. static int ecryptfs_copy_filename(char **copied_name, size_t *copied_name_size,
  1319. const char *name, size_t name_size)
  1320. {
  1321. (*copied_name) = kmemdup_nul(name, name_size, GFP_KERNEL);
  1322. if (!(*copied_name))
  1323. return -ENOMEM;
  1324. (*copied_name_size) = name_size;
  1325. return 0;
  1326. }
  1327. /**
  1328. * ecryptfs_process_key_cipher - Perform key cipher initialization.
  1329. * @key_tfm: Crypto context for key material, set by this function
  1330. * @cipher_name: Name of the cipher
  1331. * @key_size: Size of the key in bytes
  1332. *
  1333. * Returns zero on success. Any crypto_tfm structs allocated here
  1334. * should be released by other functions, such as on a superblock put
  1335. * event, regardless of whether this function succeeds for fails.
  1336. */
  1337. static int
  1338. ecryptfs_process_key_cipher(struct crypto_skcipher **key_tfm,
  1339. char *cipher_name, size_t *key_size)
  1340. {
  1341. char dummy_key[ECRYPTFS_MAX_KEY_BYTES];
  1342. char *full_alg_name = NULL;
  1343. int rc;
  1344. *key_tfm = NULL;
  1345. if (*key_size > ECRYPTFS_MAX_KEY_BYTES) {
  1346. rc = -EINVAL;
  1347. printk(KERN_ERR "Requested key size is [%zd] bytes; maximum "
  1348. "allowable is [%d]\n", *key_size, ECRYPTFS_MAX_KEY_BYTES);
  1349. goto out;
  1350. }
  1351. rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, cipher_name,
  1352. "ecb");
  1353. if (rc)
  1354. goto out;
  1355. *key_tfm = crypto_alloc_skcipher(full_alg_name, 0, CRYPTO_ALG_ASYNC);
  1356. if (IS_ERR(*key_tfm)) {
  1357. rc = PTR_ERR(*key_tfm);
  1358. printk(KERN_ERR "Unable to allocate crypto cipher with name "
  1359. "[%s]; rc = [%d]\n", full_alg_name, rc);
  1360. goto out;
  1361. }
  1362. crypto_skcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
  1363. if (*key_size == 0)
  1364. *key_size = crypto_skcipher_max_keysize(*key_tfm);
  1365. get_random_bytes(dummy_key, *key_size);
  1366. rc = crypto_skcipher_setkey(*key_tfm, dummy_key, *key_size);
  1367. if (rc) {
  1368. printk(KERN_ERR "Error attempting to set key of size [%zd] for "
  1369. "cipher [%s]; rc = [%d]\n", *key_size, full_alg_name,
  1370. rc);
  1371. rc = -EINVAL;
  1372. goto out;
  1373. }
  1374. out:
  1375. kfree(full_alg_name);
  1376. return rc;
  1377. }
  1378. struct kmem_cache *ecryptfs_key_tfm_cache;
  1379. static struct list_head key_tfm_list;
  1380. DEFINE_MUTEX(key_tfm_list_mutex);
  1381. int __init ecryptfs_init_crypto(void)
  1382. {
  1383. INIT_LIST_HEAD(&key_tfm_list);
  1384. return 0;
  1385. }
  1386. /**
  1387. * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list
  1388. *
  1389. * Called only at module unload time
  1390. */
  1391. int ecryptfs_destroy_crypto(void)
  1392. {
  1393. struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp;
  1394. mutex_lock(&key_tfm_list_mutex);
  1395. list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list,
  1396. key_tfm_list) {
  1397. list_del(&key_tfm->key_tfm_list);
  1398. crypto_free_skcipher(key_tfm->key_tfm);
  1399. kmem_cache_free(ecryptfs_key_tfm_cache, key_tfm);
  1400. }
  1401. mutex_unlock(&key_tfm_list_mutex);
  1402. return 0;
  1403. }
  1404. int
  1405. ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name,
  1406. size_t key_size)
  1407. {
  1408. struct ecryptfs_key_tfm *tmp_tfm;
  1409. int rc = 0;
  1410. BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
  1411. tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL);
  1412. if (key_tfm)
  1413. (*key_tfm) = tmp_tfm;
  1414. if (!tmp_tfm) {
  1415. rc = -ENOMEM;
  1416. goto out;
  1417. }
  1418. mutex_init(&tmp_tfm->key_tfm_mutex);
  1419. strscpy(tmp_tfm->cipher_name, cipher_name);
  1420. tmp_tfm->key_size = key_size;
  1421. rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm,
  1422. tmp_tfm->cipher_name,
  1423. &tmp_tfm->key_size);
  1424. if (rc) {
  1425. printk(KERN_ERR "Error attempting to initialize key TFM "
  1426. "cipher with name = [%s]; rc = [%d]\n",
  1427. tmp_tfm->cipher_name, rc);
  1428. kmem_cache_free(ecryptfs_key_tfm_cache, tmp_tfm);
  1429. if (key_tfm)
  1430. (*key_tfm) = NULL;
  1431. goto out;
  1432. }
  1433. list_add(&tmp_tfm->key_tfm_list, &key_tfm_list);
  1434. out:
  1435. return rc;
  1436. }
  1437. /**
  1438. * ecryptfs_tfm_exists - Search for existing tfm for cipher_name.
  1439. * @cipher_name: the name of the cipher to search for
  1440. * @key_tfm: set to corresponding tfm if found
  1441. *
  1442. * Searches for cached key_tfm matching @cipher_name
  1443. * Must be called with &key_tfm_list_mutex held
  1444. * Returns 1 if found, with @key_tfm set
  1445. * Returns 0 if not found, with @key_tfm set to NULL
  1446. */
  1447. int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm)
  1448. {
  1449. struct ecryptfs_key_tfm *tmp_key_tfm;
  1450. BUG_ON(!mutex_is_locked(&key_tfm_list_mutex));
  1451. list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) {
  1452. if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) {
  1453. if (key_tfm)
  1454. (*key_tfm) = tmp_key_tfm;
  1455. return 1;
  1456. }
  1457. }
  1458. if (key_tfm)
  1459. (*key_tfm) = NULL;
  1460. return 0;
  1461. }
  1462. /**
  1463. * ecryptfs_get_tfm_and_mutex_for_cipher_name
  1464. *
  1465. * @tfm: set to cached tfm found, or new tfm created
  1466. * @tfm_mutex: set to mutex for cached tfm found, or new tfm created
  1467. * @cipher_name: the name of the cipher to search for and/or add
  1468. *
  1469. * Sets pointers to @tfm & @tfm_mutex matching @cipher_name.
  1470. * Searches for cached item first, and creates new if not found.
  1471. * Returns 0 on success, non-zero if adding new cipher failed
  1472. */
  1473. int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_skcipher **tfm,
  1474. struct mutex **tfm_mutex,
  1475. char *cipher_name)
  1476. {
  1477. struct ecryptfs_key_tfm *key_tfm;
  1478. int rc = 0;
  1479. (*tfm) = NULL;
  1480. (*tfm_mutex) = NULL;
  1481. mutex_lock(&key_tfm_list_mutex);
  1482. if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) {
  1483. rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0);
  1484. if (rc) {
  1485. printk(KERN_ERR "Error adding new key_tfm to list; "
  1486. "rc = [%d]\n", rc);
  1487. goto out;
  1488. }
  1489. }
  1490. (*tfm) = key_tfm->key_tfm;
  1491. (*tfm_mutex) = &key_tfm->key_tfm_mutex;
  1492. out:
  1493. mutex_unlock(&key_tfm_list_mutex);
  1494. return rc;
  1495. }
  1496. /* 64 characters forming a 6-bit target field */
  1497. static unsigned char *portable_filename_chars = ("-.0123456789ABCD"
  1498. "EFGHIJKLMNOPQRST"
  1499. "UVWXYZabcdefghij"
  1500. "klmnopqrstuvwxyz");
  1501. /* We could either offset on every reverse map or just pad some 0x00's
  1502. * at the front here */
  1503. static const unsigned char filename_rev_map[256] = {
  1504. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */
  1505. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */
  1506. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */
  1507. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */
  1508. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */
  1509. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */
  1510. 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */
  1511. 0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */
  1512. 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */
  1513. 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */
  1514. 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */
  1515. 0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */
  1516. 0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */
  1517. 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */
  1518. 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */
  1519. 0x3D, 0x3E, 0x3F /* 123 - 255 initialized to 0x00 */
  1520. };
  1521. /**
  1522. * ecryptfs_encode_for_filename
  1523. * @dst: Destination location for encoded filename
  1524. * @dst_size: Size of the encoded filename in bytes
  1525. * @src: Source location for the filename to encode
  1526. * @src_size: Size of the source in bytes
  1527. */
  1528. static void ecryptfs_encode_for_filename(unsigned char *dst, size_t *dst_size,
  1529. unsigned char *src, size_t src_size)
  1530. {
  1531. size_t num_blocks;
  1532. size_t block_num = 0;
  1533. size_t dst_offset = 0;
  1534. unsigned char last_block[3];
  1535. if (src_size == 0) {
  1536. (*dst_size) = 0;
  1537. goto out;
  1538. }
  1539. num_blocks = (src_size / 3);
  1540. if ((src_size % 3) == 0) {
  1541. memcpy(last_block, (&src[src_size - 3]), 3);
  1542. } else {
  1543. num_blocks++;
  1544. last_block[2] = 0x00;
  1545. switch (src_size % 3) {
  1546. case 1:
  1547. last_block[0] = src[src_size - 1];
  1548. last_block[1] = 0x00;
  1549. break;
  1550. case 2:
  1551. last_block[0] = src[src_size - 2];
  1552. last_block[1] = src[src_size - 1];
  1553. }
  1554. }
  1555. (*dst_size) = (num_blocks * 4);
  1556. if (!dst)
  1557. goto out;
  1558. while (block_num < num_blocks) {
  1559. unsigned char *src_block;
  1560. unsigned char dst_block[4];
  1561. if (block_num == (num_blocks - 1))
  1562. src_block = last_block;
  1563. else
  1564. src_block = &src[block_num * 3];
  1565. dst_block[0] = ((src_block[0] >> 2) & 0x3F);
  1566. dst_block[1] = (((src_block[0] << 4) & 0x30)
  1567. | ((src_block[1] >> 4) & 0x0F));
  1568. dst_block[2] = (((src_block[1] << 2) & 0x3C)
  1569. | ((src_block[2] >> 6) & 0x03));
  1570. dst_block[3] = (src_block[2] & 0x3F);
  1571. dst[dst_offset++] = portable_filename_chars[dst_block[0]];
  1572. dst[dst_offset++] = portable_filename_chars[dst_block[1]];
  1573. dst[dst_offset++] = portable_filename_chars[dst_block[2]];
  1574. dst[dst_offset++] = portable_filename_chars[dst_block[3]];
  1575. block_num++;
  1576. }
  1577. out:
  1578. return;
  1579. }
  1580. static size_t ecryptfs_max_decoded_size(size_t encoded_size)
  1581. {
  1582. /* Not exact; conservatively long. Every block of 4
  1583. * encoded characters decodes into a block of 3
  1584. * decoded characters. This segment of code provides
  1585. * the caller with the maximum amount of allocated
  1586. * space that @dst will need to point to in a
  1587. * subsequent call. */
  1588. return ((encoded_size + 1) * 3) / 4;
  1589. }
  1590. /**
  1591. * ecryptfs_decode_from_filename
  1592. * @dst: If NULL, this function only sets @dst_size and returns. If
  1593. * non-NULL, this function decodes the encoded octets in @src
  1594. * into the memory that @dst points to.
  1595. * @dst_size: Set to the size of the decoded string.
  1596. * @src: The encoded set of octets to decode.
  1597. * @src_size: The size of the encoded set of octets to decode.
  1598. */
  1599. static void
  1600. ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
  1601. const unsigned char *src, size_t src_size)
  1602. {
  1603. u8 current_bit_offset = 0;
  1604. size_t src_byte_offset = 0;
  1605. size_t dst_byte_offset = 0;
  1606. if (!dst) {
  1607. (*dst_size) = ecryptfs_max_decoded_size(src_size);
  1608. goto out;
  1609. }
  1610. while (src_byte_offset < src_size) {
  1611. unsigned char src_byte =
  1612. filename_rev_map[(int)src[src_byte_offset]];
  1613. switch (current_bit_offset) {
  1614. case 0:
  1615. dst[dst_byte_offset] = (src_byte << 2);
  1616. current_bit_offset = 6;
  1617. break;
  1618. case 6:
  1619. dst[dst_byte_offset++] |= (src_byte >> 4);
  1620. dst[dst_byte_offset] = ((src_byte & 0xF)
  1621. << 4);
  1622. current_bit_offset = 4;
  1623. break;
  1624. case 4:
  1625. dst[dst_byte_offset++] |= (src_byte >> 2);
  1626. dst[dst_byte_offset] = (src_byte << 6);
  1627. current_bit_offset = 2;
  1628. break;
  1629. case 2:
  1630. dst[dst_byte_offset++] |= (src_byte);
  1631. current_bit_offset = 0;
  1632. break;
  1633. }
  1634. src_byte_offset++;
  1635. }
  1636. (*dst_size) = dst_byte_offset;
  1637. out:
  1638. return;
  1639. }
  1640. /**
  1641. * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name to cipher text
  1642. * @encoded_name: The encrypted name
  1643. * @encoded_name_size: Length of the encrypted name
  1644. * @mount_crypt_stat: The crypt_stat struct associated with the file name to encode
  1645. * @name: The plaintext name
  1646. * @name_size: The length of the plaintext name
  1647. *
  1648. * Encrypts and encodes a filename into something that constitutes a
  1649. * valid filename for a filesystem, with printable characters.
  1650. *
  1651. * We assume that we have a properly initialized crypto context,
  1652. * pointed to by crypt_stat->tfm.
  1653. *
  1654. * Returns zero on success; non-zero on otherwise
  1655. */
  1656. int ecryptfs_encrypt_and_encode_filename(
  1657. char **encoded_name,
  1658. size_t *encoded_name_size,
  1659. struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
  1660. const char *name, size_t name_size)
  1661. {
  1662. size_t encoded_name_no_prefix_size;
  1663. int rc = 0;
  1664. (*encoded_name) = NULL;
  1665. (*encoded_name_size) = 0;
  1666. if (mount_crypt_stat && (mount_crypt_stat->flags
  1667. & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) {
  1668. struct ecryptfs_filename *filename;
  1669. filename = kzalloc_obj(*filename);
  1670. if (!filename) {
  1671. rc = -ENOMEM;
  1672. goto out;
  1673. }
  1674. filename->filename = (char *)name;
  1675. filename->filename_size = name_size;
  1676. rc = ecryptfs_encrypt_filename(filename, mount_crypt_stat);
  1677. if (rc) {
  1678. printk(KERN_ERR "%s: Error attempting to encrypt "
  1679. "filename; rc = [%d]\n", __func__, rc);
  1680. kfree(filename);
  1681. goto out;
  1682. }
  1683. ecryptfs_encode_for_filename(
  1684. NULL, &encoded_name_no_prefix_size,
  1685. filename->encrypted_filename,
  1686. filename->encrypted_filename_size);
  1687. if (mount_crypt_stat
  1688. && (mount_crypt_stat->flags
  1689. & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))
  1690. (*encoded_name_size) =
  1691. (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
  1692. + encoded_name_no_prefix_size);
  1693. else
  1694. (*encoded_name_size) =
  1695. (ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE
  1696. + encoded_name_no_prefix_size);
  1697. (*encoded_name) = kmalloc((*encoded_name_size) + 1, GFP_KERNEL);
  1698. if (!(*encoded_name)) {
  1699. rc = -ENOMEM;
  1700. kfree(filename->encrypted_filename);
  1701. kfree(filename);
  1702. goto out;
  1703. }
  1704. if (mount_crypt_stat
  1705. && (mount_crypt_stat->flags
  1706. & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK)) {
  1707. memcpy((*encoded_name),
  1708. ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
  1709. ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE);
  1710. ecryptfs_encode_for_filename(
  1711. ((*encoded_name)
  1712. + ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE),
  1713. &encoded_name_no_prefix_size,
  1714. filename->encrypted_filename,
  1715. filename->encrypted_filename_size);
  1716. (*encoded_name_size) =
  1717. (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE
  1718. + encoded_name_no_prefix_size);
  1719. (*encoded_name)[(*encoded_name_size)] = '\0';
  1720. } else {
  1721. rc = -EOPNOTSUPP;
  1722. }
  1723. if (rc) {
  1724. printk(KERN_ERR "%s: Error attempting to encode "
  1725. "encrypted filename; rc = [%d]\n", __func__,
  1726. rc);
  1727. kfree((*encoded_name));
  1728. (*encoded_name) = NULL;
  1729. (*encoded_name_size) = 0;
  1730. }
  1731. kfree(filename->encrypted_filename);
  1732. kfree(filename);
  1733. } else {
  1734. rc = ecryptfs_copy_filename(encoded_name,
  1735. encoded_name_size,
  1736. name, name_size);
  1737. }
  1738. out:
  1739. return rc;
  1740. }
  1741. /**
  1742. * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher text name to decoded plaintext
  1743. * @plaintext_name: The plaintext name
  1744. * @plaintext_name_size: The plaintext name size
  1745. * @sb: Ecryptfs's super_block
  1746. * @name: The filename in cipher text
  1747. * @name_size: The cipher text name size
  1748. *
  1749. * Decrypts and decodes the filename.
  1750. *
  1751. * Returns zero on error; non-zero otherwise
  1752. */
  1753. int ecryptfs_decode_and_decrypt_filename(char **plaintext_name,
  1754. size_t *plaintext_name_size,
  1755. struct super_block *sb,
  1756. const char *name, size_t name_size)
  1757. {
  1758. struct ecryptfs_mount_crypt_stat *mount_crypt_stat =
  1759. &ecryptfs_superblock_to_private(sb)->mount_crypt_stat;
  1760. char *decoded_name;
  1761. size_t decoded_name_size;
  1762. size_t packet_size;
  1763. int rc = 0;
  1764. if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) &&
  1765. !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED)) {
  1766. if (name_is_dot_dotdot(name, name_size)) {
  1767. rc = ecryptfs_copy_filename(plaintext_name,
  1768. plaintext_name_size,
  1769. name, name_size);
  1770. goto out;
  1771. }
  1772. if (name_size <= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE ||
  1773. strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
  1774. ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE)) {
  1775. rc = -EINVAL;
  1776. goto out;
  1777. }
  1778. name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
  1779. name_size -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
  1780. ecryptfs_decode_from_filename(NULL, &decoded_name_size,
  1781. name, name_size);
  1782. decoded_name = kmalloc(decoded_name_size, GFP_KERNEL);
  1783. if (!decoded_name) {
  1784. rc = -ENOMEM;
  1785. goto out;
  1786. }
  1787. ecryptfs_decode_from_filename(decoded_name, &decoded_name_size,
  1788. name, name_size);
  1789. rc = ecryptfs_parse_tag_70_packet(plaintext_name,
  1790. plaintext_name_size,
  1791. &packet_size,
  1792. mount_crypt_stat,
  1793. decoded_name,
  1794. decoded_name_size);
  1795. if (rc) {
  1796. ecryptfs_printk(KERN_DEBUG,
  1797. "%s: Could not parse tag 70 packet from filename\n",
  1798. __func__);
  1799. goto out_free;
  1800. }
  1801. } else {
  1802. rc = ecryptfs_copy_filename(plaintext_name,
  1803. plaintext_name_size,
  1804. name, name_size);
  1805. goto out;
  1806. }
  1807. out_free:
  1808. kfree(decoded_name);
  1809. out:
  1810. return rc;
  1811. }
  1812. #define ENC_NAME_MAX_BLOCKLEN_8_OR_16 143
  1813. int ecryptfs_set_f_namelen(long *namelen, long lower_namelen,
  1814. struct ecryptfs_mount_crypt_stat *mount_crypt_stat)
  1815. {
  1816. struct crypto_skcipher *tfm;
  1817. struct mutex *tfm_mutex;
  1818. size_t cipher_blocksize;
  1819. int rc;
  1820. if (!(mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) {
  1821. (*namelen) = lower_namelen;
  1822. return 0;
  1823. }
  1824. rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&tfm, &tfm_mutex,
  1825. mount_crypt_stat->global_default_fn_cipher_name);
  1826. if (unlikely(rc)) {
  1827. (*namelen) = 0;
  1828. return rc;
  1829. }
  1830. mutex_lock(tfm_mutex);
  1831. cipher_blocksize = crypto_skcipher_blocksize(tfm);
  1832. mutex_unlock(tfm_mutex);
  1833. /* Return an exact amount for the common cases */
  1834. if (lower_namelen == NAME_MAX
  1835. && (cipher_blocksize == 8 || cipher_blocksize == 16)) {
  1836. (*namelen) = ENC_NAME_MAX_BLOCKLEN_8_OR_16;
  1837. return 0;
  1838. }
  1839. /* Return a safe estimate for the uncommon cases */
  1840. (*namelen) = lower_namelen;
  1841. (*namelen) -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
  1842. /* Since this is the max decoded size, subtract 1 "decoded block" len */
  1843. (*namelen) = ecryptfs_max_decoded_size(*namelen) - 3;
  1844. (*namelen) -= ECRYPTFS_TAG_70_MAX_METADATA_SIZE;
  1845. (*namelen) -= ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES;
  1846. /* Worst case is that the filename is padded nearly a full block size */
  1847. (*namelen) -= cipher_blocksize - 1;
  1848. if ((*namelen) < 0)
  1849. (*namelen) = 0;
  1850. return 0;
  1851. }