crypto.c 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. // SPDX-License-Identifier: GPL-2.0
  2. #include <linux/quotaops.h>
  3. #include <linux/uuid.h>
  4. #include "ext4.h"
  5. #include "xattr.h"
  6. #include "ext4_jbd2.h"
  7. static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
  8. const struct fscrypt_name *src)
  9. {
  10. memset(dst, 0, sizeof(*dst));
  11. dst->usr_fname = src->usr_fname;
  12. dst->disk_name = src->disk_name;
  13. dst->hinfo.hash = src->hash;
  14. dst->hinfo.minor_hash = src->minor_hash;
  15. dst->crypto_buf = src->crypto_buf;
  16. }
  17. int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
  18. int lookup, struct ext4_filename *fname)
  19. {
  20. struct fscrypt_name name;
  21. int err;
  22. err = fscrypt_setup_filename(dir, iname, lookup, &name);
  23. if (err)
  24. return err;
  25. ext4_fname_from_fscrypt_name(fname, &name);
  26. err = ext4_fname_setup_ci_filename(dir, iname, fname);
  27. if (err)
  28. ext4_fname_free_filename(fname);
  29. return err;
  30. }
  31. int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
  32. struct ext4_filename *fname)
  33. {
  34. struct fscrypt_name name;
  35. int err;
  36. err = fscrypt_prepare_lookup(dir, dentry, &name);
  37. if (err)
  38. return err;
  39. ext4_fname_from_fscrypt_name(fname, &name);
  40. err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
  41. if (err)
  42. ext4_fname_free_filename(fname);
  43. return err;
  44. }
  45. void ext4_fname_free_filename(struct ext4_filename *fname)
  46. {
  47. struct fscrypt_name name;
  48. name.crypto_buf = fname->crypto_buf;
  49. fscrypt_free_filename(&name);
  50. fname->crypto_buf.name = NULL;
  51. fname->usr_fname = NULL;
  52. fname->disk_name.name = NULL;
  53. ext4_fname_free_ci_filename(fname);
  54. }
  55. static bool uuid_is_zero(__u8 u[16])
  56. {
  57. int i;
  58. for (i = 0; i < 16; i++)
  59. if (u[i])
  60. return false;
  61. return true;
  62. }
  63. int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
  64. {
  65. struct super_block *sb = file_inode(filp)->i_sb;
  66. struct ext4_sb_info *sbi = EXT4_SB(sb);
  67. int err, err2;
  68. handle_t *handle;
  69. if (!ext4_has_feature_encrypt(sb))
  70. return -EOPNOTSUPP;
  71. if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
  72. err = mnt_want_write_file(filp);
  73. if (err)
  74. return err;
  75. handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
  76. if (IS_ERR(handle)) {
  77. err = PTR_ERR(handle);
  78. goto pwsalt_err_exit;
  79. }
  80. err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
  81. EXT4_JTR_NONE);
  82. if (err)
  83. goto pwsalt_err_journal;
  84. lock_buffer(sbi->s_sbh);
  85. generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
  86. ext4_superblock_csum_set(sb);
  87. unlock_buffer(sbi->s_sbh);
  88. err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
  89. pwsalt_err_journal:
  90. err2 = ext4_journal_stop(handle);
  91. if (err2 && !err)
  92. err = err2;
  93. pwsalt_err_exit:
  94. mnt_drop_write_file(filp);
  95. if (err)
  96. return err;
  97. }
  98. if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
  99. return -EFAULT;
  100. return 0;
  101. }
  102. static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
  103. {
  104. return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
  105. EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
  106. }
  107. static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
  108. void *fs_data)
  109. {
  110. handle_t *handle = fs_data;
  111. int res, res2, credits, retries = 0;
  112. /*
  113. * Encrypting the root directory is not allowed because e2fsck expects
  114. * lost+found to exist and be unencrypted, and encrypting the root
  115. * directory would imply encrypting the lost+found directory as well as
  116. * the filename "lost+found" itself.
  117. */
  118. if (inode->i_ino == EXT4_ROOT_INO)
  119. return -EPERM;
  120. if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
  121. return -EINVAL;
  122. if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
  123. return -EOPNOTSUPP;
  124. res = ext4_convert_inline_data(inode);
  125. if (res)
  126. return res;
  127. /*
  128. * If a journal handle was specified, then the encryption context is
  129. * being set on a new inode via inheritance and is part of a larger
  130. * transaction to create the inode. Otherwise the encryption context is
  131. * being set on an existing inode in its own transaction. Only in the
  132. * latter case should the "retry on ENOSPC" logic be used.
  133. */
  134. if (handle) {
  135. /*
  136. * Since the inode is new it is ok to pass the
  137. * XATTR_CREATE flag. This is necessary to match the
  138. * remaining journal credits check in the set_handle
  139. * function with the credits allocated for the new
  140. * inode.
  141. */
  142. res = ext4_xattr_set_handle(handle, inode,
  143. EXT4_XATTR_INDEX_ENCRYPTION,
  144. EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
  145. ctx, len, XATTR_CREATE);
  146. if (!res) {
  147. ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
  148. ext4_clear_inode_state(inode,
  149. EXT4_STATE_MAY_INLINE_DATA);
  150. /*
  151. * Update inode->i_flags - S_ENCRYPTED will be enabled,
  152. * S_DAX may be disabled
  153. */
  154. ext4_set_inode_flags(inode, false);
  155. }
  156. return res;
  157. }
  158. res = dquot_initialize(inode);
  159. if (res)
  160. return res;
  161. retry:
  162. res = ext4_xattr_set_credits(inode, len, false /* is_create */,
  163. &credits);
  164. if (res)
  165. return res;
  166. handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
  167. if (IS_ERR(handle))
  168. return PTR_ERR(handle);
  169. res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
  170. EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
  171. ctx, len, 0);
  172. if (!res) {
  173. ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
  174. /*
  175. * Update inode->i_flags - S_ENCRYPTED will be enabled,
  176. * S_DAX may be disabled
  177. */
  178. ext4_set_inode_flags(inode, false);
  179. res = ext4_mark_inode_dirty(handle, inode);
  180. if (res)
  181. EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
  182. }
  183. res2 = ext4_journal_stop(handle);
  184. if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
  185. goto retry;
  186. if (!res)
  187. res = res2;
  188. return res;
  189. }
  190. static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
  191. {
  192. return EXT4_SB(sb)->s_dummy_enc_policy.policy;
  193. }
  194. static bool ext4_has_stable_inodes(struct super_block *sb)
  195. {
  196. return ext4_has_feature_stable_inodes(sb);
  197. }
  198. const struct fscrypt_operations ext4_cryptops = {
  199. .inode_info_offs = (int)offsetof(struct ext4_inode_info, i_crypt_info) -
  200. (int)offsetof(struct ext4_inode_info, vfs_inode),
  201. .needs_bounce_pages = 1,
  202. .has_32bit_inodes = 1,
  203. .supports_subblock_data_units = 1,
  204. .legacy_key_prefix = "ext4:",
  205. .get_context = ext4_get_context,
  206. .set_context = ext4_set_context,
  207. .get_dummy_policy = ext4_get_dummy_policy,
  208. .empty_dir = ext4_empty_dir,
  209. .has_stable_inodes = ext4_has_stable_inodes,
  210. };