mmap.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /*
  3. * eCryptfs: Linux filesystem encryption layer
  4. * This is where eCryptfs coordinates the symmetric encryption and
  5. * decryption of the file data as it passes between the lower
  6. * encrypted file and the upper decrypted file.
  7. *
  8. * Copyright (C) 1997-2003 Erez Zadok
  9. * Copyright (C) 2001-2003 Stony Brook University
  10. * Copyright (C) 2004-2007 International Business Machines Corp.
  11. * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
  12. */
  13. #include <linux/pagemap.h>
  14. #include <linux/writeback.h>
  15. #include <linux/page-flags.h>
  16. #include <linux/mount.h>
  17. #include <linux/file.h>
  18. #include <linux/scatterlist.h>
  19. #include <linux/slab.h>
  20. #include <linux/xattr.h>
  21. #include <linux/unaligned.h>
  22. #include "ecryptfs_kernel.h"
  23. /*
  24. * This is where we encrypt the data and pass the encrypted data to
  25. * the lower filesystem. In OpenPGP-compatible mode, we operate on
  26. * entire underlying packets.
  27. */
  28. static int ecryptfs_writepages(struct address_space *mapping,
  29. struct writeback_control *wbc)
  30. {
  31. struct folio *folio = NULL;
  32. int error;
  33. while ((folio = writeback_iter(mapping, wbc, folio, &error))) {
  34. error = ecryptfs_encrypt_page(folio);
  35. if (error) {
  36. ecryptfs_printk(KERN_WARNING,
  37. "Error encrypting folio (index [0x%.16lx])\n",
  38. folio->index);
  39. folio_clear_uptodate(folio);
  40. mapping_set_error(mapping, error);
  41. }
  42. folio_unlock(folio);
  43. }
  44. return error;
  45. }
  46. static void strip_xattr_flag(char *page_virt,
  47. struct ecryptfs_crypt_stat *crypt_stat)
  48. {
  49. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
  50. size_t written;
  51. crypt_stat->flags &= ~ECRYPTFS_METADATA_IN_XATTR;
  52. ecryptfs_write_crypt_stat_flags(page_virt, crypt_stat,
  53. &written);
  54. crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
  55. }
  56. }
  57. /*
  58. * Header Extent:
  59. * Octets 0-7: Unencrypted file size (big-endian)
  60. * Octets 8-15: eCryptfs special marker
  61. * Octets 16-19: Flags
  62. * Octet 16: File format version number (between 0 and 255)
  63. * Octets 17-18: Reserved
  64. * Octet 19: Bit 1 (lsb): Reserved
  65. * Bit 2: Encrypted?
  66. * Bits 3-8: Reserved
  67. * Octets 20-23: Header extent size (big-endian)
  68. * Octets 24-25: Number of header extents at front of file
  69. * (big-endian)
  70. * Octet 26: Begin RFC 2440 authentication token packet set
  71. */
  72. /**
  73. * ecryptfs_copy_up_encrypted_with_header
  74. * @folio: Sort of a ``virtual'' representation of the encrypted lower
  75. * file. The actual lower file does not have the metadata in
  76. * the header. This is locked.
  77. * @crypt_stat: The eCryptfs inode's cryptographic context
  78. *
  79. * The ``view'' is the version of the file that userspace winds up
  80. * seeing, with the header information inserted.
  81. */
  82. static int
  83. ecryptfs_copy_up_encrypted_with_header(struct folio *folio,
  84. struct ecryptfs_crypt_stat *crypt_stat)
  85. {
  86. loff_t extent_num_in_page = 0;
  87. loff_t num_extents_per_page = (PAGE_SIZE
  88. / crypt_stat->extent_size);
  89. int rc = 0;
  90. while (extent_num_in_page < num_extents_per_page) {
  91. loff_t view_extent_num = ((loff_t)folio->index
  92. * num_extents_per_page)
  93. + extent_num_in_page;
  94. size_t num_header_extents_at_front =
  95. (crypt_stat->metadata_size / crypt_stat->extent_size);
  96. if (view_extent_num < num_header_extents_at_front) {
  97. /* This is a header extent */
  98. char *page_virt;
  99. page_virt = kmap_local_folio(folio, 0);
  100. memset(page_virt, 0, PAGE_SIZE);
  101. /* TODO: Support more than one header extent */
  102. if (view_extent_num == 0) {
  103. size_t written;
  104. rc = ecryptfs_read_xattr_region(
  105. page_virt, folio->mapping->host);
  106. strip_xattr_flag(page_virt + 16, crypt_stat);
  107. ecryptfs_write_header_metadata(page_virt + 20,
  108. crypt_stat,
  109. &written);
  110. }
  111. kunmap_local(page_virt);
  112. flush_dcache_folio(folio);
  113. if (rc) {
  114. printk(KERN_ERR "%s: Error reading xattr "
  115. "region; rc = [%d]\n", __func__, rc);
  116. goto out;
  117. }
  118. } else {
  119. /* This is an encrypted data extent */
  120. loff_t lower_offset =
  121. ((view_extent_num * crypt_stat->extent_size)
  122. - crypt_stat->metadata_size);
  123. rc = ecryptfs_read_lower_page_segment(
  124. folio, (lower_offset >> PAGE_SHIFT),
  125. (lower_offset & ~PAGE_MASK),
  126. crypt_stat->extent_size, folio->mapping->host);
  127. if (rc) {
  128. printk(KERN_ERR "%s: Error attempting to read "
  129. "extent at offset [%lld] in the lower "
  130. "file; rc = [%d]\n", __func__,
  131. lower_offset, rc);
  132. goto out;
  133. }
  134. }
  135. extent_num_in_page++;
  136. }
  137. out:
  138. return rc;
  139. }
  140. /**
  141. * ecryptfs_read_folio
  142. * @file: An eCryptfs file
  143. * @folio: Folio from eCryptfs inode mapping into which to stick the read data
  144. *
  145. * Read in a folio, decrypting if necessary.
  146. *
  147. * Returns zero on success; non-zero on error.
  148. */
  149. static int ecryptfs_read_folio(struct file *file, struct folio *folio)
  150. {
  151. struct inode *inode = folio->mapping->host;
  152. struct ecryptfs_crypt_stat *crypt_stat =
  153. &ecryptfs_inode_to_private(inode)->crypt_stat;
  154. int err = 0;
  155. if (!crypt_stat || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
  156. err = ecryptfs_read_lower_page_segment(folio, folio->index, 0,
  157. folio_size(folio), inode);
  158. } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
  159. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
  160. err = ecryptfs_copy_up_encrypted_with_header(folio,
  161. crypt_stat);
  162. if (err) {
  163. printk(KERN_ERR "%s: Error attempting to copy "
  164. "the encrypted content from the lower "
  165. "file whilst inserting the metadata "
  166. "from the xattr into the header; err = "
  167. "[%d]\n", __func__, err);
  168. goto out;
  169. }
  170. } else {
  171. err = ecryptfs_read_lower_page_segment(folio,
  172. folio->index, 0, folio_size(folio),
  173. inode);
  174. if (err) {
  175. printk(KERN_ERR "Error reading page; err = "
  176. "[%d]\n", err);
  177. goto out;
  178. }
  179. }
  180. } else {
  181. err = ecryptfs_decrypt_page(folio);
  182. if (err) {
  183. ecryptfs_printk(KERN_ERR, "Error decrypting page; "
  184. "err = [%d]\n", err);
  185. goto out;
  186. }
  187. }
  188. out:
  189. ecryptfs_printk(KERN_DEBUG, "Unlocking folio with index = [0x%.16lx]\n",
  190. folio->index);
  191. folio_end_read(folio, err == 0);
  192. return err;
  193. }
  194. /*
  195. * Called with lower inode mutex held.
  196. */
  197. static int fill_zeros_to_end_of_page(struct folio *folio, unsigned int to)
  198. {
  199. struct inode *inode = folio->mapping->host;
  200. int end_byte_in_page;
  201. if ((i_size_read(inode) / PAGE_SIZE) != folio->index)
  202. goto out;
  203. end_byte_in_page = i_size_read(inode) % PAGE_SIZE;
  204. if (to > end_byte_in_page)
  205. end_byte_in_page = to;
  206. folio_zero_segment(folio, end_byte_in_page, PAGE_SIZE);
  207. out:
  208. return 0;
  209. }
  210. /**
  211. * ecryptfs_write_begin
  212. * @iocb: I/O control block for the eCryptfs file
  213. * @mapping: The eCryptfs object
  214. * @pos: The file offset at which to start writing
  215. * @len: Length of the write
  216. * @foliop: Pointer to return the folio
  217. * @fsdata: Pointer to return fs data (unused)
  218. *
  219. * This function must zero any hole we create
  220. *
  221. * Returns zero on success; non-zero otherwise
  222. */
  223. static int ecryptfs_write_begin(const struct kiocb *iocb,
  224. struct address_space *mapping,
  225. loff_t pos, unsigned len,
  226. struct folio **foliop, void **fsdata)
  227. {
  228. pgoff_t index = pos >> PAGE_SHIFT;
  229. struct folio *folio;
  230. loff_t prev_page_end_size;
  231. int rc = 0;
  232. folio = __filemap_get_folio(mapping, index, FGP_WRITEBEGIN,
  233. mapping_gfp_mask(mapping));
  234. if (IS_ERR(folio))
  235. return PTR_ERR(folio);
  236. *foliop = folio;
  237. prev_page_end_size = ((loff_t)index << PAGE_SHIFT);
  238. if (!folio_test_uptodate(folio)) {
  239. struct ecryptfs_crypt_stat *crypt_stat =
  240. &ecryptfs_inode_to_private(mapping->host)->crypt_stat;
  241. if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
  242. rc = ecryptfs_read_lower_page_segment(
  243. folio, index, 0, PAGE_SIZE, mapping->host);
  244. if (rc) {
  245. printk(KERN_ERR "%s: Error attempting to read "
  246. "lower page segment; rc = [%d]\n",
  247. __func__, rc);
  248. folio_clear_uptodate(folio);
  249. goto out;
  250. } else
  251. folio_mark_uptodate(folio);
  252. } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
  253. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
  254. rc = ecryptfs_copy_up_encrypted_with_header(
  255. folio, crypt_stat);
  256. if (rc) {
  257. printk(KERN_ERR "%s: Error attempting "
  258. "to copy the encrypted content "
  259. "from the lower file whilst "
  260. "inserting the metadata from "
  261. "the xattr into the header; rc "
  262. "= [%d]\n", __func__, rc);
  263. folio_clear_uptodate(folio);
  264. goto out;
  265. }
  266. folio_mark_uptodate(folio);
  267. } else {
  268. rc = ecryptfs_read_lower_page_segment(
  269. folio, index, 0, PAGE_SIZE,
  270. mapping->host);
  271. if (rc) {
  272. printk(KERN_ERR "%s: Error reading "
  273. "page; rc = [%d]\n",
  274. __func__, rc);
  275. folio_clear_uptodate(folio);
  276. goto out;
  277. }
  278. folio_mark_uptodate(folio);
  279. }
  280. } else {
  281. if (prev_page_end_size
  282. >= i_size_read(mapping->host)) {
  283. folio_zero_range(folio, 0, PAGE_SIZE);
  284. folio_mark_uptodate(folio);
  285. } else if (len < PAGE_SIZE) {
  286. rc = ecryptfs_decrypt_page(folio);
  287. if (rc) {
  288. printk(KERN_ERR "%s: Error decrypting "
  289. "page at index [%ld]; "
  290. "rc = [%d]\n",
  291. __func__, folio->index, rc);
  292. folio_clear_uptodate(folio);
  293. goto out;
  294. }
  295. folio_mark_uptodate(folio);
  296. }
  297. }
  298. }
  299. /* If creating a page or more of holes, zero them out via truncate.
  300. * Note, this will increase i_size. */
  301. if (index != 0) {
  302. if (prev_page_end_size > i_size_read(mapping->host)) {
  303. rc = ecryptfs_truncate(iocb->ki_filp->f_path.dentry,
  304. prev_page_end_size);
  305. if (rc) {
  306. printk(KERN_ERR "%s: Error on attempt to "
  307. "truncate to (higher) offset [%lld];"
  308. " rc = [%d]\n", __func__,
  309. prev_page_end_size, rc);
  310. goto out;
  311. }
  312. }
  313. }
  314. /* Writing to a new page, and creating a small hole from start
  315. * of page? Zero it out. */
  316. if ((i_size_read(mapping->host) == prev_page_end_size)
  317. && (pos != 0))
  318. folio_zero_range(folio, 0, PAGE_SIZE);
  319. out:
  320. if (unlikely(rc)) {
  321. folio_unlock(folio);
  322. folio_put(folio);
  323. }
  324. return rc;
  325. }
  326. /*
  327. * ecryptfs_write_inode_size_to_header
  328. *
  329. * Writes the lower file size to the first 8 bytes of the header.
  330. *
  331. * Returns zero on success; non-zero on error.
  332. */
  333. static int ecryptfs_write_inode_size_to_header(struct inode *ecryptfs_inode)
  334. {
  335. char *file_size_virt;
  336. int rc;
  337. file_size_virt = kmalloc(sizeof(u64), GFP_KERNEL);
  338. if (!file_size_virt) {
  339. rc = -ENOMEM;
  340. goto out;
  341. }
  342. put_unaligned_be64(i_size_read(ecryptfs_inode), file_size_virt);
  343. rc = ecryptfs_write_lower(ecryptfs_inode, file_size_virt, 0,
  344. sizeof(u64));
  345. kfree(file_size_virt);
  346. if (rc < 0)
  347. printk(KERN_ERR "%s: Error writing file size to header; "
  348. "rc = [%d]\n", __func__, rc);
  349. else
  350. rc = 0;
  351. out:
  352. return rc;
  353. }
  354. struct kmem_cache *ecryptfs_xattr_cache;
  355. static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode)
  356. {
  357. ssize_t size;
  358. void *xattr_virt;
  359. struct dentry *lower_dentry =
  360. ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_path.dentry;
  361. struct inode *lower_inode = d_inode(lower_dentry);
  362. int rc;
  363. if (!(lower_inode->i_opflags & IOP_XATTR)) {
  364. printk(KERN_WARNING
  365. "No support for setting xattr in lower filesystem\n");
  366. rc = -ENOSYS;
  367. goto out;
  368. }
  369. xattr_virt = kmem_cache_alloc(ecryptfs_xattr_cache, GFP_KERNEL);
  370. if (!xattr_virt) {
  371. rc = -ENOMEM;
  372. goto out;
  373. }
  374. inode_lock(lower_inode);
  375. size = __vfs_getxattr(lower_dentry, lower_inode, ECRYPTFS_XATTR_NAME,
  376. xattr_virt, PAGE_SIZE);
  377. if (size < 0)
  378. size = 8;
  379. put_unaligned_be64(i_size_read(ecryptfs_inode), xattr_virt);
  380. rc = __vfs_setxattr(&nop_mnt_idmap, lower_dentry, lower_inode,
  381. ECRYPTFS_XATTR_NAME, xattr_virt, size, 0);
  382. inode_unlock(lower_inode);
  383. if (rc)
  384. printk(KERN_ERR "Error whilst attempting to write inode size "
  385. "to lower file xattr; rc = [%d]\n", rc);
  386. kmem_cache_free(ecryptfs_xattr_cache, xattr_virt);
  387. out:
  388. return rc;
  389. }
  390. int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode)
  391. {
  392. struct ecryptfs_crypt_stat *crypt_stat;
  393. crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
  394. BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
  395. if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
  396. return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode);
  397. else
  398. return ecryptfs_write_inode_size_to_header(ecryptfs_inode);
  399. }
  400. /**
  401. * ecryptfs_write_end
  402. * @iocb: I/O control block for the eCryptfs file
  403. * @mapping: The eCryptfs object
  404. * @pos: The file position
  405. * @len: The length of the data (unused)
  406. * @copied: The amount of data copied
  407. * @folio: The eCryptfs folio
  408. * @fsdata: The fsdata (unused)
  409. */
  410. static int ecryptfs_write_end(const struct kiocb *iocb,
  411. struct address_space *mapping,
  412. loff_t pos, unsigned len, unsigned copied,
  413. struct folio *folio, void *fsdata)
  414. {
  415. pgoff_t index = pos >> PAGE_SHIFT;
  416. unsigned from = pos & (PAGE_SIZE - 1);
  417. unsigned to = from + copied;
  418. struct inode *ecryptfs_inode = mapping->host;
  419. struct ecryptfs_crypt_stat *crypt_stat =
  420. &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
  421. int rc;
  422. ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page"
  423. "(page w/ index = [0x%.16lx], to = [%d])\n", index, to);
  424. if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
  425. rc = ecryptfs_write_lower_page_segment(ecryptfs_inode,
  426. folio, 0, to);
  427. if (!rc) {
  428. rc = copied;
  429. fsstack_copy_inode_size(ecryptfs_inode,
  430. ecryptfs_inode_to_lower(ecryptfs_inode));
  431. }
  432. goto out;
  433. }
  434. if (!folio_test_uptodate(folio)) {
  435. if (copied < PAGE_SIZE) {
  436. rc = 0;
  437. goto out;
  438. }
  439. folio_mark_uptodate(folio);
  440. }
  441. /* Fills in zeros if 'to' goes beyond inode size */
  442. rc = fill_zeros_to_end_of_page(folio, to);
  443. if (rc) {
  444. ecryptfs_printk(KERN_WARNING, "Error attempting to fill "
  445. "zeros in page with index = [0x%.16lx]\n", index);
  446. goto out;
  447. }
  448. rc = ecryptfs_encrypt_page(folio);
  449. if (rc) {
  450. ecryptfs_printk(KERN_WARNING, "Error encrypting page (upper "
  451. "index [0x%.16lx])\n", index);
  452. goto out;
  453. }
  454. if (pos + copied > i_size_read(ecryptfs_inode)) {
  455. i_size_write(ecryptfs_inode, pos + copied);
  456. ecryptfs_printk(KERN_DEBUG, "Expanded file size to "
  457. "[0x%.16llx]\n",
  458. (unsigned long long)i_size_read(ecryptfs_inode));
  459. }
  460. rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode);
  461. if (rc)
  462. printk(KERN_ERR "Error writing inode size to metadata; "
  463. "rc = [%d]\n", rc);
  464. else
  465. rc = copied;
  466. out:
  467. folio_unlock(folio);
  468. folio_put(folio);
  469. return rc;
  470. }
  471. static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block)
  472. {
  473. struct inode *lower_inode = ecryptfs_inode_to_lower(mapping->host);
  474. int ret = bmap(lower_inode, &block);
  475. if (ret)
  476. return 0;
  477. return block;
  478. }
  479. #include <linux/buffer_head.h>
  480. const struct address_space_operations ecryptfs_aops = {
  481. /*
  482. * XXX: This is pretty broken for multiple reasons: ecryptfs does not
  483. * actually use buffer_heads, and ecryptfs will crash without
  484. * CONFIG_BLOCK. But it matches the behavior before the default for
  485. * address_space_operations without the ->dirty_folio method was
  486. * cleaned up, so this is the best we can do without maintainer
  487. * feedback.
  488. */
  489. #ifdef CONFIG_BLOCK
  490. .dirty_folio = block_dirty_folio,
  491. .invalidate_folio = block_invalidate_folio,
  492. #endif
  493. .writepages = ecryptfs_writepages,
  494. .read_folio = ecryptfs_read_folio,
  495. .write_begin = ecryptfs_write_begin,
  496. .write_end = ecryptfs_write_end,
  497. .migrate_folio = filemap_migrate_folio,
  498. .bmap = ecryptfs_bmap,
  499. };