Commit | Line | Data |
---|---|---|
22d94f49 EB |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* | |
3 | * Filesystem-level keyring for fscrypt | |
4 | * | |
5 | * Copyright 2019 Google LLC | |
6 | */ | |
7 | ||
8 | /* | |
9 | * This file implements management of fscrypt master keys in the | |
10 | * filesystem-level keyring, including the ioctls: | |
11 | * | |
12 | * - FS_IOC_ADD_ENCRYPTION_KEY | |
b1c0ec35 | 13 | * - FS_IOC_REMOVE_ENCRYPTION_KEY |
78a1b96b | 14 | * - FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS |
5a7e2992 | 15 | * - FS_IOC_GET_ENCRYPTION_KEY_STATUS |
22d94f49 EB |
16 | * |
17 | * See the "User API" section of Documentation/filesystems/fscrypt.rst for more | |
18 | * information about these ioctls. | |
19 | */ | |
20 | ||
5dae460c | 21 | #include <crypto/skcipher.h> |
22d94f49 | 22 | #include <linux/key-type.h> |
cdeb21da | 23 | #include <linux/random.h> |
22d94f49 EB |
24 | #include <linux/seq_file.h> |
25 | ||
26 | #include "fscrypt_private.h" | |
27 | ||
28 | static void wipe_master_key_secret(struct fscrypt_master_key_secret *secret) | |
29 | { | |
5dae460c | 30 | fscrypt_destroy_hkdf(&secret->hkdf); |
22d94f49 EB |
31 | memzero_explicit(secret, sizeof(*secret)); |
32 | } | |
33 | ||
34 | static void move_master_key_secret(struct fscrypt_master_key_secret *dst, | |
35 | struct fscrypt_master_key_secret *src) | |
36 | { | |
37 | memcpy(dst, src, sizeof(*dst)); | |
38 | memzero_explicit(src, sizeof(*src)); | |
39 | } | |
40 | ||
41 | static void free_master_key(struct fscrypt_master_key *mk) | |
42 | { | |
5dae460c EB |
43 | size_t i; |
44 | ||
22d94f49 | 45 | wipe_master_key_secret(&mk->mk_secret); |
5dae460c | 46 | |
3ceb6543 | 47 | for (i = 0; i <= FSCRYPT_MODE_MAX; i++) { |
5fee3609 ST |
48 | fscrypt_destroy_prepared_key(&mk->mk_direct_keys[i]); |
49 | fscrypt_destroy_prepared_key(&mk->mk_iv_ino_lblk_64_keys[i]); | |
50 | fscrypt_destroy_prepared_key(&mk->mk_iv_ino_lblk_32_keys[i]); | |
b103fb76 | 51 | } |
5dae460c | 52 | |
23c688b5 | 53 | key_put(mk->mk_users); |
453431a5 | 54 | kfree_sensitive(mk); |
22d94f49 EB |
55 | } |
56 | ||
57 | static inline bool valid_key_spec(const struct fscrypt_key_specifier *spec) | |
58 | { | |
59 | if (spec->__reserved) | |
60 | return false; | |
61 | return master_key_spec_len(spec) != 0; | |
62 | } | |
63 | ||
64 | static int fscrypt_key_instantiate(struct key *key, | |
65 | struct key_preparsed_payload *prep) | |
66 | { | |
67 | key->payload.data[0] = (struct fscrypt_master_key *)prep->data; | |
68 | return 0; | |
69 | } | |
70 | ||
71 | static void fscrypt_key_destroy(struct key *key) | |
72 | { | |
73 | free_master_key(key->payload.data[0]); | |
74 | } | |
75 | ||
76 | static void fscrypt_key_describe(const struct key *key, struct seq_file *m) | |
77 | { | |
78 | seq_puts(m, key->description); | |
b1c0ec35 EB |
79 | |
80 | if (key_is_positive(key)) { | |
81 | const struct fscrypt_master_key *mk = key->payload.data[0]; | |
82 | ||
83 | if (!is_master_key_secret_present(&mk->mk_secret)) | |
84 | seq_puts(m, ": secret removed"); | |
85 | } | |
22d94f49 EB |
86 | } |
87 | ||
88 | /* | |
89 | * Type of key in ->s_master_keys. Each key of this type represents a master | |
90 | * key which has been added to the filesystem. Its payload is a | |
91 | * 'struct fscrypt_master_key'. The "." prefix in the key type name prevents | |
92 | * users from adding keys of this type via the keyrings syscalls rather than via | |
93 | * the intended method of FS_IOC_ADD_ENCRYPTION_KEY. | |
94 | */ | |
95 | static struct key_type key_type_fscrypt = { | |
96 | .name = "._fscrypt", | |
97 | .instantiate = fscrypt_key_instantiate, | |
98 | .destroy = fscrypt_key_destroy, | |
99 | .describe = fscrypt_key_describe, | |
100 | }; | |
101 | ||
23c688b5 EB |
102 | static int fscrypt_user_key_instantiate(struct key *key, |
103 | struct key_preparsed_payload *prep) | |
104 | { | |
105 | /* | |
106 | * We just charge FSCRYPT_MAX_KEY_SIZE bytes to the user's key quota for | |
107 | * each key, regardless of the exact key size. The amount of memory | |
108 | * actually used is greater than the size of the raw key anyway. | |
109 | */ | |
110 | return key_payload_reserve(key, FSCRYPT_MAX_KEY_SIZE); | |
111 | } | |
112 | ||
113 | static void fscrypt_user_key_describe(const struct key *key, struct seq_file *m) | |
114 | { | |
115 | seq_puts(m, key->description); | |
116 | } | |
117 | ||
118 | /* | |
119 | * Type of key in ->mk_users. Each key of this type represents a particular | |
120 | * user who has added a particular master key. | |
121 | * | |
122 | * Note that the name of this key type really should be something like | |
123 | * ".fscrypt-user" instead of simply ".fscrypt". But the shorter name is chosen | |
124 | * mainly for simplicity of presentation in /proc/keys when read by a non-root | |
125 | * user. And it is expected to be rare that a key is actually added by multiple | |
126 | * users, since users should keep their encryption keys confidential. | |
127 | */ | |
128 | static struct key_type key_type_fscrypt_user = { | |
129 | .name = ".fscrypt", | |
130 | .instantiate = fscrypt_user_key_instantiate, | |
131 | .describe = fscrypt_user_key_describe, | |
132 | }; | |
133 | ||
134 | /* Search ->s_master_keys or ->mk_users */ | |
22d94f49 EB |
135 | static struct key *search_fscrypt_keyring(struct key *keyring, |
136 | struct key_type *type, | |
137 | const char *description) | |
138 | { | |
139 | /* | |
140 | * We need to mark the keyring reference as "possessed" so that we | |
141 | * acquire permission to search it, via the KEY_POS_SEARCH permission. | |
142 | */ | |
143 | key_ref_t keyref = make_key_ref(keyring, true /* possessed */); | |
144 | ||
145 | keyref = keyring_search(keyref, type, description, false); | |
146 | if (IS_ERR(keyref)) { | |
147 | if (PTR_ERR(keyref) == -EAGAIN || /* not found */ | |
148 | PTR_ERR(keyref) == -EKEYREVOKED) /* recently invalidated */ | |
149 | keyref = ERR_PTR(-ENOKEY); | |
150 | return ERR_CAST(keyref); | |
151 | } | |
152 | return key_ref_to_ptr(keyref); | |
153 | } | |
154 | ||
155 | #define FSCRYPT_FS_KEYRING_DESCRIPTION_SIZE \ | |
c593642c | 156 | (CONST_STRLEN("fscrypt-") + sizeof_field(struct super_block, s_id)) |
22d94f49 | 157 | |
5dae460c | 158 | #define FSCRYPT_MK_DESCRIPTION_SIZE (2 * FSCRYPT_KEY_IDENTIFIER_SIZE + 1) |
22d94f49 | 159 | |
23c688b5 EB |
160 | #define FSCRYPT_MK_USERS_DESCRIPTION_SIZE \ |
161 | (CONST_STRLEN("fscrypt-") + 2 * FSCRYPT_KEY_IDENTIFIER_SIZE + \ | |
162 | CONST_STRLEN("-users") + 1) | |
163 | ||
164 | #define FSCRYPT_MK_USER_DESCRIPTION_SIZE \ | |
165 | (2 * FSCRYPT_KEY_IDENTIFIER_SIZE + CONST_STRLEN(".uid.") + 10 + 1) | |
166 | ||
22d94f49 EB |
167 | static void format_fs_keyring_description( |
168 | char description[FSCRYPT_FS_KEYRING_DESCRIPTION_SIZE], | |
169 | const struct super_block *sb) | |
170 | { | |
171 | sprintf(description, "fscrypt-%s", sb->s_id); | |
172 | } | |
173 | ||
174 | static void format_mk_description( | |
175 | char description[FSCRYPT_MK_DESCRIPTION_SIZE], | |
176 | const struct fscrypt_key_specifier *mk_spec) | |
177 | { | |
178 | sprintf(description, "%*phN", | |
179 | master_key_spec_len(mk_spec), (u8 *)&mk_spec->u); | |
180 | } | |
181 | ||
23c688b5 EB |
182 | static void format_mk_users_keyring_description( |
183 | char description[FSCRYPT_MK_USERS_DESCRIPTION_SIZE], | |
184 | const u8 mk_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]) | |
185 | { | |
186 | sprintf(description, "fscrypt-%*phN-users", | |
187 | FSCRYPT_KEY_IDENTIFIER_SIZE, mk_identifier); | |
188 | } | |
189 | ||
190 | static void format_mk_user_description( | |
191 | char description[FSCRYPT_MK_USER_DESCRIPTION_SIZE], | |
192 | const u8 mk_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]) | |
193 | { | |
194 | ||
195 | sprintf(description, "%*phN.uid.%u", FSCRYPT_KEY_IDENTIFIER_SIZE, | |
196 | mk_identifier, __kuid_val(current_fsuid())); | |
197 | } | |
198 | ||
22d94f49 EB |
199 | /* Create ->s_master_keys if needed. Synchronized by fscrypt_add_key_mutex. */ |
200 | static int allocate_filesystem_keyring(struct super_block *sb) | |
201 | { | |
202 | char description[FSCRYPT_FS_KEYRING_DESCRIPTION_SIZE]; | |
203 | struct key *keyring; | |
204 | ||
205 | if (sb->s_master_keys) | |
206 | return 0; | |
207 | ||
208 | format_fs_keyring_description(description, sb); | |
209 | keyring = keyring_alloc(description, GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, | |
210 | current_cred(), KEY_POS_SEARCH | | |
211 | KEY_USR_SEARCH | KEY_USR_READ | KEY_USR_VIEW, | |
212 | KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); | |
213 | if (IS_ERR(keyring)) | |
214 | return PTR_ERR(keyring); | |
215 | ||
777afe4e EB |
216 | /* |
217 | * Pairs with the smp_load_acquire() in fscrypt_find_master_key(). | |
218 | * I.e., here we publish ->s_master_keys with a RELEASE barrier so that | |
219 | * concurrent tasks can ACQUIRE it. | |
220 | */ | |
22d94f49 EB |
221 | smp_store_release(&sb->s_master_keys, keyring); |
222 | return 0; | |
223 | } | |
224 | ||
225 | void fscrypt_sb_free(struct super_block *sb) | |
226 | { | |
227 | key_put(sb->s_master_keys); | |
228 | sb->s_master_keys = NULL; | |
229 | } | |
230 | ||
231 | /* | |
232 | * Find the specified master key in ->s_master_keys. | |
233 | * Returns ERR_PTR(-ENOKEY) if not found. | |
234 | */ | |
235 | struct key *fscrypt_find_master_key(struct super_block *sb, | |
236 | const struct fscrypt_key_specifier *mk_spec) | |
237 | { | |
238 | struct key *keyring; | |
239 | char description[FSCRYPT_MK_DESCRIPTION_SIZE]; | |
240 | ||
777afe4e EB |
241 | /* |
242 | * Pairs with the smp_store_release() in allocate_filesystem_keyring(). | |
243 | * I.e., another task can publish ->s_master_keys concurrently, | |
244 | * executing a RELEASE barrier. We need to use smp_load_acquire() here | |
245 | * to safely ACQUIRE the memory the other task published. | |
246 | */ | |
247 | keyring = smp_load_acquire(&sb->s_master_keys); | |
22d94f49 EB |
248 | if (keyring == NULL) |
249 | return ERR_PTR(-ENOKEY); /* No keyring yet, so no keys yet. */ | |
250 | ||
251 | format_mk_description(description, mk_spec); | |
252 | return search_fscrypt_keyring(keyring, &key_type_fscrypt, description); | |
253 | } | |
254 | ||
23c688b5 EB |
255 | static int allocate_master_key_users_keyring(struct fscrypt_master_key *mk) |
256 | { | |
257 | char description[FSCRYPT_MK_USERS_DESCRIPTION_SIZE]; | |
258 | struct key *keyring; | |
259 | ||
260 | format_mk_users_keyring_description(description, | |
261 | mk->mk_spec.u.identifier); | |
262 | keyring = keyring_alloc(description, GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, | |
263 | current_cred(), KEY_POS_SEARCH | | |
264 | KEY_USR_SEARCH | KEY_USR_READ | KEY_USR_VIEW, | |
265 | KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); | |
266 | if (IS_ERR(keyring)) | |
267 | return PTR_ERR(keyring); | |
268 | ||
269 | mk->mk_users = keyring; | |
270 | return 0; | |
271 | } | |
272 | ||
273 | /* | |
274 | * Find the current user's "key" in the master key's ->mk_users. | |
275 | * Returns ERR_PTR(-ENOKEY) if not found. | |
276 | */ | |
277 | static struct key *find_master_key_user(struct fscrypt_master_key *mk) | |
278 | { | |
279 | char description[FSCRYPT_MK_USER_DESCRIPTION_SIZE]; | |
280 | ||
281 | format_mk_user_description(description, mk->mk_spec.u.identifier); | |
282 | return search_fscrypt_keyring(mk->mk_users, &key_type_fscrypt_user, | |
283 | description); | |
284 | } | |
285 | ||
286 | /* | |
287 | * Give the current user a "key" in ->mk_users. This charges the user's quota | |
288 | * and marks the master key as added by the current user, so that it cannot be | |
289 | * removed by another user with the key. Either the master key's key->sem must | |
290 | * be held for write, or the master key must be still undergoing initialization. | |
291 | */ | |
292 | static int add_master_key_user(struct fscrypt_master_key *mk) | |
293 | { | |
294 | char description[FSCRYPT_MK_USER_DESCRIPTION_SIZE]; | |
295 | struct key *mk_user; | |
296 | int err; | |
297 | ||
298 | format_mk_user_description(description, mk->mk_spec.u.identifier); | |
299 | mk_user = key_alloc(&key_type_fscrypt_user, description, | |
300 | current_fsuid(), current_gid(), current_cred(), | |
301 | KEY_POS_SEARCH | KEY_USR_VIEW, 0, NULL); | |
302 | if (IS_ERR(mk_user)) | |
303 | return PTR_ERR(mk_user); | |
304 | ||
305 | err = key_instantiate_and_link(mk_user, NULL, 0, mk->mk_users, NULL); | |
306 | key_put(mk_user); | |
307 | return err; | |
308 | } | |
309 | ||
310 | /* | |
311 | * Remove the current user's "key" from ->mk_users. | |
312 | * The master key's key->sem must be held for write. | |
313 | * | |
314 | * Returns 0 if removed, -ENOKEY if not found, or another -errno code. | |
315 | */ | |
316 | static int remove_master_key_user(struct fscrypt_master_key *mk) | |
317 | { | |
318 | struct key *mk_user; | |
319 | int err; | |
320 | ||
321 | mk_user = find_master_key_user(mk); | |
322 | if (IS_ERR(mk_user)) | |
323 | return PTR_ERR(mk_user); | |
324 | err = key_unlink(mk->mk_users, mk_user); | |
325 | key_put(mk_user); | |
326 | return err; | |
327 | } | |
328 | ||
22d94f49 EB |
329 | /* |
330 | * Allocate a new fscrypt_master_key which contains the given secret, set it as | |
331 | * the payload of a new 'struct key' of type fscrypt, and link the 'struct key' | |
332 | * into the given keyring. Synchronized by fscrypt_add_key_mutex. | |
333 | */ | |
334 | static int add_new_master_key(struct fscrypt_master_key_secret *secret, | |
335 | const struct fscrypt_key_specifier *mk_spec, | |
336 | struct key *keyring) | |
337 | { | |
338 | struct fscrypt_master_key *mk; | |
339 | char description[FSCRYPT_MK_DESCRIPTION_SIZE]; | |
340 | struct key *key; | |
341 | int err; | |
342 | ||
343 | mk = kzalloc(sizeof(*mk), GFP_KERNEL); | |
344 | if (!mk) | |
345 | return -ENOMEM; | |
346 | ||
347 | mk->mk_spec = *mk_spec; | |
348 | ||
349 | move_master_key_secret(&mk->mk_secret, secret); | |
350 | ||
b1c0ec35 EB |
351 | refcount_set(&mk->mk_refcount, 1); /* secret is present */ |
352 | INIT_LIST_HEAD(&mk->mk_decrypted_inodes); | |
353 | spin_lock_init(&mk->mk_decrypted_inodes_lock); | |
354 | ||
23c688b5 EB |
355 | if (mk_spec->type == FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER) { |
356 | err = allocate_master_key_users_keyring(mk); | |
357 | if (err) | |
358 | goto out_free_mk; | |
359 | err = add_master_key_user(mk); | |
360 | if (err) | |
361 | goto out_free_mk; | |
362 | } | |
363 | ||
364 | /* | |
365 | * Note that we don't charge this key to anyone's quota, since when | |
366 | * ->mk_users is in use those keys are charged instead, and otherwise | |
367 | * (when ->mk_users isn't in use) only root can add these keys. | |
368 | */ | |
22d94f49 EB |
369 | format_mk_description(description, mk_spec); |
370 | key = key_alloc(&key_type_fscrypt, description, | |
371 | GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, current_cred(), | |
372 | KEY_POS_SEARCH | KEY_USR_SEARCH | KEY_USR_VIEW, | |
373 | KEY_ALLOC_NOT_IN_QUOTA, NULL); | |
374 | if (IS_ERR(key)) { | |
375 | err = PTR_ERR(key); | |
376 | goto out_free_mk; | |
377 | } | |
378 | err = key_instantiate_and_link(key, mk, sizeof(*mk), keyring, NULL); | |
379 | key_put(key); | |
380 | if (err) | |
381 | goto out_free_mk; | |
382 | ||
383 | return 0; | |
384 | ||
385 | out_free_mk: | |
386 | free_master_key(mk); | |
387 | return err; | |
388 | } | |
389 | ||
b1c0ec35 EB |
390 | #define KEY_DEAD 1 |
391 | ||
392 | static int add_existing_master_key(struct fscrypt_master_key *mk, | |
393 | struct fscrypt_master_key_secret *secret) | |
394 | { | |
23c688b5 EB |
395 | struct key *mk_user; |
396 | bool rekey; | |
397 | int err; | |
b1c0ec35 | 398 | |
23c688b5 EB |
399 | /* |
400 | * If the current user is already in ->mk_users, then there's nothing to | |
401 | * do. (Not applicable for v1 policy keys, which have NULL ->mk_users.) | |
402 | */ | |
403 | if (mk->mk_users) { | |
404 | mk_user = find_master_key_user(mk); | |
405 | if (mk_user != ERR_PTR(-ENOKEY)) { | |
406 | if (IS_ERR(mk_user)) | |
407 | return PTR_ERR(mk_user); | |
408 | key_put(mk_user); | |
409 | return 0; | |
410 | } | |
411 | } | |
412 | ||
413 | /* If we'll be re-adding ->mk_secret, try to take the reference. */ | |
414 | rekey = !is_master_key_secret_present(&mk->mk_secret); | |
415 | if (rekey && !refcount_inc_not_zero(&mk->mk_refcount)) | |
b1c0ec35 EB |
416 | return KEY_DEAD; |
417 | ||
23c688b5 EB |
418 | /* Add the current user to ->mk_users, if applicable. */ |
419 | if (mk->mk_users) { | |
420 | err = add_master_key_user(mk); | |
421 | if (err) { | |
422 | if (rekey && refcount_dec_and_test(&mk->mk_refcount)) | |
423 | return KEY_DEAD; | |
424 | return err; | |
425 | } | |
426 | } | |
427 | ||
428 | /* Re-add the secret if needed. */ | |
4a4b8721 | 429 | if (rekey) |
23c688b5 | 430 | move_master_key_secret(&mk->mk_secret, secret); |
b1c0ec35 EB |
431 | return 0; |
432 | } | |
433 | ||
cdeb21da EB |
434 | static int do_add_master_key(struct super_block *sb, |
435 | struct fscrypt_master_key_secret *secret, | |
436 | const struct fscrypt_key_specifier *mk_spec) | |
22d94f49 EB |
437 | { |
438 | static DEFINE_MUTEX(fscrypt_add_key_mutex); | |
439 | struct key *key; | |
440 | int err; | |
441 | ||
442 | mutex_lock(&fscrypt_add_key_mutex); /* serialize find + link */ | |
b1c0ec35 | 443 | retry: |
22d94f49 EB |
444 | key = fscrypt_find_master_key(sb, mk_spec); |
445 | if (IS_ERR(key)) { | |
446 | err = PTR_ERR(key); | |
447 | if (err != -ENOKEY) | |
448 | goto out_unlock; | |
449 | /* Didn't find the key in ->s_master_keys. Add it. */ | |
450 | err = allocate_filesystem_keyring(sb); | |
451 | if (err) | |
452 | goto out_unlock; | |
453 | err = add_new_master_key(secret, mk_spec, sb->s_master_keys); | |
454 | } else { | |
b1c0ec35 EB |
455 | /* |
456 | * Found the key in ->s_master_keys. Re-add the secret if | |
23c688b5 | 457 | * needed, and add the user to ->mk_users if needed. |
b1c0ec35 EB |
458 | */ |
459 | down_write(&key->sem); | |
460 | err = add_existing_master_key(key->payload.data[0], secret); | |
461 | up_write(&key->sem); | |
462 | if (err == KEY_DEAD) { | |
463 | /* Key being removed or needs to be removed */ | |
464 | key_invalidate(key); | |
465 | key_put(key); | |
466 | goto retry; | |
467 | } | |
22d94f49 | 468 | key_put(key); |
22d94f49 EB |
469 | } |
470 | out_unlock: | |
471 | mutex_unlock(&fscrypt_add_key_mutex); | |
472 | return err; | |
473 | } | |
474 | ||
cdeb21da EB |
475 | static int add_master_key(struct super_block *sb, |
476 | struct fscrypt_master_key_secret *secret, | |
477 | struct fscrypt_key_specifier *key_spec) | |
478 | { | |
479 | int err; | |
480 | ||
481 | if (key_spec->type == FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER) { | |
482 | err = fscrypt_init_hkdf(&secret->hkdf, secret->raw, | |
483 | secret->size); | |
484 | if (err) | |
485 | return err; | |
486 | ||
487 | /* | |
488 | * Now that the HKDF context is initialized, the raw key is no | |
489 | * longer needed. | |
490 | */ | |
491 | memzero_explicit(secret->raw, secret->size); | |
492 | ||
493 | /* Calculate the key identifier */ | |
494 | err = fscrypt_hkdf_expand(&secret->hkdf, | |
495 | HKDF_CONTEXT_KEY_IDENTIFIER, NULL, 0, | |
496 | key_spec->u.identifier, | |
497 | FSCRYPT_KEY_IDENTIFIER_SIZE); | |
498 | if (err) | |
499 | return err; | |
500 | } | |
501 | return do_add_master_key(sb, secret, key_spec); | |
502 | } | |
503 | ||
93edd392 EB |
504 | static int fscrypt_provisioning_key_preparse(struct key_preparsed_payload *prep) |
505 | { | |
506 | const struct fscrypt_provisioning_key_payload *payload = prep->data; | |
507 | ||
508 | if (prep->datalen < sizeof(*payload) + FSCRYPT_MIN_KEY_SIZE || | |
509 | prep->datalen > sizeof(*payload) + FSCRYPT_MAX_KEY_SIZE) | |
510 | return -EINVAL; | |
511 | ||
512 | if (payload->type != FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR && | |
513 | payload->type != FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER) | |
514 | return -EINVAL; | |
515 | ||
516 | if (payload->__reserved) | |
517 | return -EINVAL; | |
518 | ||
519 | prep->payload.data[0] = kmemdup(payload, prep->datalen, GFP_KERNEL); | |
520 | if (!prep->payload.data[0]) | |
521 | return -ENOMEM; | |
522 | ||
523 | prep->quotalen = prep->datalen; | |
524 | return 0; | |
525 | } | |
526 | ||
527 | static void fscrypt_provisioning_key_free_preparse( | |
528 | struct key_preparsed_payload *prep) | |
529 | { | |
453431a5 | 530 | kfree_sensitive(prep->payload.data[0]); |
93edd392 EB |
531 | } |
532 | ||
533 | static void fscrypt_provisioning_key_describe(const struct key *key, | |
534 | struct seq_file *m) | |
535 | { | |
536 | seq_puts(m, key->description); | |
537 | if (key_is_positive(key)) { | |
538 | const struct fscrypt_provisioning_key_payload *payload = | |
539 | key->payload.data[0]; | |
540 | ||
541 | seq_printf(m, ": %u [%u]", key->datalen, payload->type); | |
542 | } | |
543 | } | |
544 | ||
545 | static void fscrypt_provisioning_key_destroy(struct key *key) | |
546 | { | |
453431a5 | 547 | kfree_sensitive(key->payload.data[0]); |
93edd392 EB |
548 | } |
549 | ||
550 | static struct key_type key_type_fscrypt_provisioning = { | |
551 | .name = "fscrypt-provisioning", | |
552 | .preparse = fscrypt_provisioning_key_preparse, | |
553 | .free_preparse = fscrypt_provisioning_key_free_preparse, | |
554 | .instantiate = generic_key_instantiate, | |
555 | .describe = fscrypt_provisioning_key_describe, | |
556 | .destroy = fscrypt_provisioning_key_destroy, | |
557 | }; | |
558 | ||
559 | /* | |
560 | * Retrieve the raw key from the Linux keyring key specified by 'key_id', and | |
561 | * store it into 'secret'. | |
562 | * | |
563 | * The key must be of type "fscrypt-provisioning" and must have the field | |
564 | * fscrypt_provisioning_key_payload::type set to 'type', indicating that it's | |
565 | * only usable with fscrypt with the particular KDF version identified by | |
566 | * 'type'. We don't use the "logon" key type because there's no way to | |
567 | * completely restrict the use of such keys; they can be used by any kernel API | |
568 | * that accepts "logon" keys and doesn't require a specific service prefix. | |
569 | * | |
570 | * The ability to specify the key via Linux keyring key is intended for cases | |
571 | * where userspace needs to re-add keys after the filesystem is unmounted and | |
572 | * re-mounted. Most users should just provide the raw key directly instead. | |
573 | */ | |
574 | static int get_keyring_key(u32 key_id, u32 type, | |
575 | struct fscrypt_master_key_secret *secret) | |
576 | { | |
577 | key_ref_t ref; | |
578 | struct key *key; | |
579 | const struct fscrypt_provisioning_key_payload *payload; | |
580 | int err; | |
581 | ||
582 | ref = lookup_user_key(key_id, 0, KEY_NEED_SEARCH); | |
583 | if (IS_ERR(ref)) | |
584 | return PTR_ERR(ref); | |
585 | key = key_ref_to_ptr(ref); | |
586 | ||
587 | if (key->type != &key_type_fscrypt_provisioning) | |
588 | goto bad_key; | |
589 | payload = key->payload.data[0]; | |
590 | ||
591 | /* Don't allow fscrypt v1 keys to be used as v2 keys and vice versa. */ | |
592 | if (payload->type != type) | |
593 | goto bad_key; | |
594 | ||
595 | secret->size = key->datalen - sizeof(*payload); | |
596 | memcpy(secret->raw, payload->raw, secret->size); | |
597 | err = 0; | |
598 | goto out_put; | |
599 | ||
600 | bad_key: | |
601 | err = -EKEYREJECTED; | |
602 | out_put: | |
603 | key_ref_put(ref); | |
604 | return err; | |
605 | } | |
606 | ||
22d94f49 EB |
607 | /* |
608 | * Add a master encryption key to the filesystem, causing all files which were | |
609 | * encrypted with it to appear "unlocked" (decrypted) when accessed. | |
610 | * | |
23c688b5 EB |
611 | * When adding a key for use by v1 encryption policies, this ioctl is |
612 | * privileged, and userspace must provide the 'key_descriptor'. | |
613 | * | |
614 | * When adding a key for use by v2+ encryption policies, this ioctl is | |
615 | * unprivileged. This is needed, in general, to allow non-root users to use | |
616 | * encryption without encountering the visibility problems of process-subscribed | |
617 | * keyrings and the inability to properly remove keys. This works by having | |
618 | * each key identified by its cryptographically secure hash --- the | |
619 | * 'key_identifier'. The cryptographic hash ensures that a malicious user | |
620 | * cannot add the wrong key for a given identifier. Furthermore, each added key | |
621 | * is charged to the appropriate user's quota for the keyrings service, which | |
622 | * prevents a malicious user from adding too many keys. Finally, we forbid a | |
623 | * user from removing a key while other users have added it too, which prevents | |
624 | * a user who knows another user's key from causing a denial-of-service by | |
625 | * removing it at an inopportune time. (We tolerate that a user who knows a key | |
626 | * can prevent other users from removing it.) | |
627 | * | |
22d94f49 EB |
628 | * For more details, see the "FS_IOC_ADD_ENCRYPTION_KEY" section of |
629 | * Documentation/filesystems/fscrypt.rst. | |
630 | */ | |
631 | int fscrypt_ioctl_add_key(struct file *filp, void __user *_uarg) | |
632 | { | |
633 | struct super_block *sb = file_inode(filp)->i_sb; | |
634 | struct fscrypt_add_key_arg __user *uarg = _uarg; | |
635 | struct fscrypt_add_key_arg arg; | |
636 | struct fscrypt_master_key_secret secret; | |
637 | int err; | |
638 | ||
639 | if (copy_from_user(&arg, uarg, sizeof(arg))) | |
640 | return -EFAULT; | |
641 | ||
642 | if (!valid_key_spec(&arg.key_spec)) | |
643 | return -EINVAL; | |
644 | ||
22d94f49 EB |
645 | if (memchr_inv(arg.__reserved, 0, sizeof(arg.__reserved))) |
646 | return -EINVAL; | |
647 | ||
cdeb21da EB |
648 | /* |
649 | * Only root can add keys that are identified by an arbitrary descriptor | |
650 | * rather than by a cryptographic hash --- since otherwise a malicious | |
651 | * user could add the wrong key. | |
652 | */ | |
653 | if (arg.key_spec.type == FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR && | |
654 | !capable(CAP_SYS_ADMIN)) | |
655 | return -EACCES; | |
656 | ||
22d94f49 | 657 | memset(&secret, 0, sizeof(secret)); |
93edd392 EB |
658 | if (arg.key_id) { |
659 | if (arg.raw_size != 0) | |
660 | return -EINVAL; | |
661 | err = get_keyring_key(arg.key_id, arg.key_spec.type, &secret); | |
662 | if (err) | |
663 | goto out_wipe_secret; | |
664 | } else { | |
665 | if (arg.raw_size < FSCRYPT_MIN_KEY_SIZE || | |
666 | arg.raw_size > FSCRYPT_MAX_KEY_SIZE) | |
667 | return -EINVAL; | |
668 | secret.size = arg.raw_size; | |
669 | err = -EFAULT; | |
670 | if (copy_from_user(secret.raw, uarg->raw, secret.size)) | |
671 | goto out_wipe_secret; | |
672 | } | |
22d94f49 | 673 | |
cdeb21da EB |
674 | err = add_master_key(sb, &secret, &arg.key_spec); |
675 | if (err) | |
23c688b5 | 676 | goto out_wipe_secret; |
5dae460c | 677 | |
cdeb21da EB |
678 | /* Return the key identifier to userspace, if applicable */ |
679 | err = -EFAULT; | |
680 | if (arg.key_spec.type == FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER && | |
681 | copy_to_user(uarg->key_spec.u.identifier, arg.key_spec.u.identifier, | |
682 | FSCRYPT_KEY_IDENTIFIER_SIZE)) | |
683 | goto out_wipe_secret; | |
684 | err = 0; | |
22d94f49 EB |
685 | out_wipe_secret: |
686 | wipe_master_key_secret(&secret); | |
687 | return err; | |
688 | } | |
689 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_add_key); | |
690 | ||
218d921b EB |
691 | static void |
692 | fscrypt_get_test_dummy_secret(struct fscrypt_master_key_secret *secret) | |
cdeb21da EB |
693 | { |
694 | static u8 test_key[FSCRYPT_MAX_KEY_SIZE]; | |
218d921b EB |
695 | |
696 | get_random_once(test_key, FSCRYPT_MAX_KEY_SIZE); | |
697 | ||
698 | memset(secret, 0, sizeof(*secret)); | |
699 | secret->size = FSCRYPT_MAX_KEY_SIZE; | |
700 | memcpy(secret->raw, test_key, FSCRYPT_MAX_KEY_SIZE); | |
701 | } | |
702 | ||
703 | int fscrypt_get_test_dummy_key_identifier( | |
704 | u8 key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]) | |
705 | { | |
cdeb21da EB |
706 | struct fscrypt_master_key_secret secret; |
707 | int err; | |
708 | ||
218d921b | 709 | fscrypt_get_test_dummy_secret(&secret); |
cdeb21da | 710 | |
218d921b EB |
711 | err = fscrypt_init_hkdf(&secret.hkdf, secret.raw, secret.size); |
712 | if (err) | |
713 | goto out; | |
714 | err = fscrypt_hkdf_expand(&secret.hkdf, HKDF_CONTEXT_KEY_IDENTIFIER, | |
715 | NULL, 0, key_identifier, | |
716 | FSCRYPT_KEY_IDENTIFIER_SIZE); | |
717 | out: | |
718 | wipe_master_key_secret(&secret); | |
719 | return err; | |
720 | } | |
cdeb21da | 721 | |
218d921b EB |
722 | /** |
723 | * fscrypt_add_test_dummy_key() - add the test dummy encryption key | |
724 | * @sb: the filesystem instance to add the key to | |
725 | * @dummy_policy: the encryption policy for test_dummy_encryption | |
726 | * | |
727 | * If needed, add the key for the test_dummy_encryption mount option to the | |
728 | * filesystem. To prevent misuse of this mount option, a per-boot random key is | |
729 | * used instead of a hardcoded one. This makes it so that any encrypted files | |
730 | * created using this option won't be accessible after a reboot. | |
731 | * | |
732 | * Return: 0 on success, -errno on failure | |
733 | */ | |
734 | int fscrypt_add_test_dummy_key(struct super_block *sb, | |
735 | const struct fscrypt_dummy_policy *dummy_policy) | |
736 | { | |
737 | const union fscrypt_policy *policy = dummy_policy->policy; | |
738 | struct fscrypt_key_specifier key_spec; | |
739 | struct fscrypt_master_key_secret secret; | |
740 | int err; | |
741 | ||
742 | if (!policy) | |
743 | return 0; | |
744 | err = fscrypt_policy_to_key_spec(policy, &key_spec); | |
745 | if (err) | |
746 | return err; | |
747 | fscrypt_get_test_dummy_secret(&secret); | |
748 | err = add_master_key(sb, &secret, &key_spec); | |
cdeb21da EB |
749 | wipe_master_key_secret(&secret); |
750 | return err; | |
751 | } | |
218d921b | 752 | EXPORT_SYMBOL_GPL(fscrypt_add_test_dummy_key); |
cdeb21da | 753 | |
5ab7189a EB |
754 | /* |
755 | * Verify that the current user has added a master key with the given identifier | |
756 | * (returns -ENOKEY if not). This is needed to prevent a user from encrypting | |
757 | * their files using some other user's key which they don't actually know. | |
758 | * Cryptographically this isn't much of a problem, but the semantics of this | |
759 | * would be a bit weird, so it's best to just forbid it. | |
760 | * | |
761 | * The system administrator (CAP_FOWNER) can override this, which should be | |
762 | * enough for any use cases where encryption policies are being set using keys | |
763 | * that were chosen ahead of time but aren't available at the moment. | |
764 | * | |
765 | * Note that the key may have already removed by the time this returns, but | |
766 | * that's okay; we just care whether the key was there at some point. | |
767 | * | |
768 | * Return: 0 if the key is added, -ENOKEY if it isn't, or another -errno code | |
769 | */ | |
770 | int fscrypt_verify_key_added(struct super_block *sb, | |
771 | const u8 identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]) | |
772 | { | |
773 | struct fscrypt_key_specifier mk_spec; | |
774 | struct key *key, *mk_user; | |
775 | struct fscrypt_master_key *mk; | |
776 | int err; | |
777 | ||
778 | mk_spec.type = FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER; | |
779 | memcpy(mk_spec.u.identifier, identifier, FSCRYPT_KEY_IDENTIFIER_SIZE); | |
780 | ||
781 | key = fscrypt_find_master_key(sb, &mk_spec); | |
782 | if (IS_ERR(key)) { | |
783 | err = PTR_ERR(key); | |
784 | goto out; | |
785 | } | |
786 | mk = key->payload.data[0]; | |
787 | mk_user = find_master_key_user(mk); | |
788 | if (IS_ERR(mk_user)) { | |
789 | err = PTR_ERR(mk_user); | |
790 | } else { | |
791 | key_put(mk_user); | |
792 | err = 0; | |
793 | } | |
794 | key_put(key); | |
795 | out: | |
796 | if (err == -ENOKEY && capable(CAP_FOWNER)) | |
797 | err = 0; | |
798 | return err; | |
799 | } | |
800 | ||
b1c0ec35 EB |
801 | /* |
802 | * Try to evict the inode's dentries from the dentry cache. If the inode is a | |
803 | * directory, then it can have at most one dentry; however, that dentry may be | |
804 | * pinned by child dentries, so first try to evict the children too. | |
805 | */ | |
806 | static void shrink_dcache_inode(struct inode *inode) | |
807 | { | |
808 | struct dentry *dentry; | |
809 | ||
810 | if (S_ISDIR(inode->i_mode)) { | |
811 | dentry = d_find_any_alias(inode); | |
812 | if (dentry) { | |
813 | shrink_dcache_parent(dentry); | |
814 | dput(dentry); | |
815 | } | |
816 | } | |
817 | d_prune_aliases(inode); | |
818 | } | |
819 | ||
820 | static void evict_dentries_for_decrypted_inodes(struct fscrypt_master_key *mk) | |
821 | { | |
822 | struct fscrypt_info *ci; | |
823 | struct inode *inode; | |
824 | struct inode *toput_inode = NULL; | |
825 | ||
826 | spin_lock(&mk->mk_decrypted_inodes_lock); | |
827 | ||
828 | list_for_each_entry(ci, &mk->mk_decrypted_inodes, ci_master_key_link) { | |
829 | inode = ci->ci_inode; | |
830 | spin_lock(&inode->i_lock); | |
831 | if (inode->i_state & (I_FREEING | I_WILL_FREE | I_NEW)) { | |
832 | spin_unlock(&inode->i_lock); | |
833 | continue; | |
834 | } | |
835 | __iget(inode); | |
836 | spin_unlock(&inode->i_lock); | |
837 | spin_unlock(&mk->mk_decrypted_inodes_lock); | |
838 | ||
839 | shrink_dcache_inode(inode); | |
840 | iput(toput_inode); | |
841 | toput_inode = inode; | |
842 | ||
843 | spin_lock(&mk->mk_decrypted_inodes_lock); | |
844 | } | |
845 | ||
846 | spin_unlock(&mk->mk_decrypted_inodes_lock); | |
847 | iput(toput_inode); | |
848 | } | |
849 | ||
850 | static int check_for_busy_inodes(struct super_block *sb, | |
851 | struct fscrypt_master_key *mk) | |
852 | { | |
853 | struct list_head *pos; | |
854 | size_t busy_count = 0; | |
855 | unsigned long ino; | |
ae9ff8ad | 856 | char ino_str[50] = ""; |
b1c0ec35 EB |
857 | |
858 | spin_lock(&mk->mk_decrypted_inodes_lock); | |
859 | ||
860 | list_for_each(pos, &mk->mk_decrypted_inodes) | |
861 | busy_count++; | |
862 | ||
863 | if (busy_count == 0) { | |
864 | spin_unlock(&mk->mk_decrypted_inodes_lock); | |
865 | return 0; | |
866 | } | |
867 | ||
868 | { | |
869 | /* select an example file to show for debugging purposes */ | |
870 | struct inode *inode = | |
871 | list_first_entry(&mk->mk_decrypted_inodes, | |
872 | struct fscrypt_info, | |
873 | ci_master_key_link)->ci_inode; | |
874 | ino = inode->i_ino; | |
b1c0ec35 EB |
875 | } |
876 | spin_unlock(&mk->mk_decrypted_inodes_lock); | |
877 | ||
ae9ff8ad EB |
878 | /* If the inode is currently being created, ino may still be 0. */ |
879 | if (ino) | |
880 | snprintf(ino_str, sizeof(ino_str), ", including ino %lu", ino); | |
881 | ||
b1c0ec35 | 882 | fscrypt_warn(NULL, |
ae9ff8ad | 883 | "%s: %zu inode(s) still busy after removing key with %s %*phN%s", |
b1c0ec35 EB |
884 | sb->s_id, busy_count, master_key_spec_type(&mk->mk_spec), |
885 | master_key_spec_len(&mk->mk_spec), (u8 *)&mk->mk_spec.u, | |
ae9ff8ad | 886 | ino_str); |
b1c0ec35 EB |
887 | return -EBUSY; |
888 | } | |
889 | ||
890 | static int try_to_lock_encrypted_files(struct super_block *sb, | |
891 | struct fscrypt_master_key *mk) | |
892 | { | |
893 | int err1; | |
894 | int err2; | |
895 | ||
896 | /* | |
897 | * An inode can't be evicted while it is dirty or has dirty pages. | |
898 | * Thus, we first have to clean the inodes in ->mk_decrypted_inodes. | |
899 | * | |
900 | * Just do it the easy way: call sync_filesystem(). It's overkill, but | |
901 | * it works, and it's more important to minimize the amount of caches we | |
902 | * drop than the amount of data we sync. Also, unprivileged users can | |
903 | * already call sync_filesystem() via sys_syncfs() or sys_sync(). | |
904 | */ | |
905 | down_read(&sb->s_umount); | |
906 | err1 = sync_filesystem(sb); | |
907 | up_read(&sb->s_umount); | |
908 | /* If a sync error occurs, still try to evict as much as possible. */ | |
909 | ||
910 | /* | |
911 | * Inodes are pinned by their dentries, so we have to evict their | |
912 | * dentries. shrink_dcache_sb() would suffice, but would be overkill | |
913 | * and inappropriate for use by unprivileged users. So instead go | |
914 | * through the inodes' alias lists and try to evict each dentry. | |
915 | */ | |
916 | evict_dentries_for_decrypted_inodes(mk); | |
917 | ||
918 | /* | |
919 | * evict_dentries_for_decrypted_inodes() already iput() each inode in | |
920 | * the list; any inodes for which that dropped the last reference will | |
921 | * have been evicted due to fscrypt_drop_inode() detecting the key | |
922 | * removal and telling the VFS to evict the inode. So to finish, we | |
923 | * just need to check whether any inodes couldn't be evicted. | |
924 | */ | |
925 | err2 = check_for_busy_inodes(sb, mk); | |
926 | ||
927 | return err1 ?: err2; | |
928 | } | |
929 | ||
930 | /* | |
931 | * Try to remove an fscrypt master encryption key. | |
932 | * | |
78a1b96b EB |
933 | * FS_IOC_REMOVE_ENCRYPTION_KEY (all_users=false) removes the current user's |
934 | * claim to the key, then removes the key itself if no other users have claims. | |
935 | * FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS (all_users=true) always removes the | |
936 | * key itself. | |
23c688b5 EB |
937 | * |
938 | * To "remove the key itself", first we wipe the actual master key secret, so | |
939 | * that no more inodes can be unlocked with it. Then we try to evict all cached | |
940 | * inodes that had been unlocked with the key. | |
b1c0ec35 EB |
941 | * |
942 | * If all inodes were evicted, then we unlink the fscrypt_master_key from the | |
943 | * keyring. Otherwise it remains in the keyring in the "incompletely removed" | |
944 | * state (without the actual secret key) where it tracks the list of remaining | |
945 | * inodes. Userspace can execute the ioctl again later to retry eviction, or | |
946 | * alternatively can re-add the secret key again. | |
947 | * | |
948 | * For more details, see the "Removing keys" section of | |
949 | * Documentation/filesystems/fscrypt.rst. | |
950 | */ | |
78a1b96b | 951 | static int do_remove_key(struct file *filp, void __user *_uarg, bool all_users) |
b1c0ec35 EB |
952 | { |
953 | struct super_block *sb = file_inode(filp)->i_sb; | |
954 | struct fscrypt_remove_key_arg __user *uarg = _uarg; | |
955 | struct fscrypt_remove_key_arg arg; | |
956 | struct key *key; | |
957 | struct fscrypt_master_key *mk; | |
958 | u32 status_flags = 0; | |
959 | int err; | |
960 | bool dead; | |
961 | ||
962 | if (copy_from_user(&arg, uarg, sizeof(arg))) | |
963 | return -EFAULT; | |
964 | ||
965 | if (!valid_key_spec(&arg.key_spec)) | |
966 | return -EINVAL; | |
967 | ||
968 | if (memchr_inv(arg.__reserved, 0, sizeof(arg.__reserved))) | |
969 | return -EINVAL; | |
970 | ||
23c688b5 EB |
971 | /* |
972 | * Only root can add and remove keys that are identified by an arbitrary | |
973 | * descriptor rather than by a cryptographic hash. | |
974 | */ | |
975 | if (arg.key_spec.type == FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR && | |
976 | !capable(CAP_SYS_ADMIN)) | |
b1c0ec35 EB |
977 | return -EACCES; |
978 | ||
979 | /* Find the key being removed. */ | |
980 | key = fscrypt_find_master_key(sb, &arg.key_spec); | |
981 | if (IS_ERR(key)) | |
982 | return PTR_ERR(key); | |
983 | mk = key->payload.data[0]; | |
984 | ||
985 | down_write(&key->sem); | |
986 | ||
78a1b96b | 987 | /* If relevant, remove current user's (or all users) claim to the key */ |
23c688b5 | 988 | if (mk->mk_users && mk->mk_users->keys.nr_leaves_on_tree != 0) { |
78a1b96b EB |
989 | if (all_users) |
990 | err = keyring_clear(mk->mk_users); | |
991 | else | |
992 | err = remove_master_key_user(mk); | |
23c688b5 EB |
993 | if (err) { |
994 | up_write(&key->sem); | |
995 | goto out_put_key; | |
996 | } | |
997 | if (mk->mk_users->keys.nr_leaves_on_tree != 0) { | |
998 | /* | |
999 | * Other users have still added the key too. We removed | |
1000 | * the current user's claim to the key, but we still | |
1001 | * can't remove the key itself. | |
1002 | */ | |
1003 | status_flags |= | |
1004 | FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS; | |
1005 | err = 0; | |
1006 | up_write(&key->sem); | |
1007 | goto out_put_key; | |
1008 | } | |
1009 | } | |
1010 | ||
1011 | /* No user claims remaining. Go ahead and wipe the secret. */ | |
b1c0ec35 EB |
1012 | dead = false; |
1013 | if (is_master_key_secret_present(&mk->mk_secret)) { | |
1014 | wipe_master_key_secret(&mk->mk_secret); | |
1015 | dead = refcount_dec_and_test(&mk->mk_refcount); | |
1016 | } | |
1017 | up_write(&key->sem); | |
1018 | if (dead) { | |
1019 | /* | |
1020 | * No inodes reference the key, and we wiped the secret, so the | |
1021 | * key object is free to be removed from the keyring. | |
1022 | */ | |
1023 | key_invalidate(key); | |
1024 | err = 0; | |
1025 | } else { | |
1026 | /* Some inodes still reference this key; try to evict them. */ | |
1027 | err = try_to_lock_encrypted_files(sb, mk); | |
1028 | if (err == -EBUSY) { | |
1029 | status_flags |= | |
1030 | FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY; | |
1031 | err = 0; | |
1032 | } | |
1033 | } | |
1034 | /* | |
23c688b5 EB |
1035 | * We return 0 if we successfully did something: removed a claim to the |
1036 | * key, wiped the secret, or tried locking the files again. Users need | |
1037 | * to check the informational status flags if they care whether the key | |
1038 | * has been fully removed including all files locked. | |
b1c0ec35 | 1039 | */ |
23c688b5 | 1040 | out_put_key: |
b1c0ec35 EB |
1041 | key_put(key); |
1042 | if (err == 0) | |
1043 | err = put_user(status_flags, &uarg->removal_status_flags); | |
1044 | return err; | |
1045 | } | |
78a1b96b EB |
1046 | |
1047 | int fscrypt_ioctl_remove_key(struct file *filp, void __user *uarg) | |
1048 | { | |
1049 | return do_remove_key(filp, uarg, false); | |
1050 | } | |
b1c0ec35 EB |
1051 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_remove_key); |
1052 | ||
78a1b96b EB |
1053 | int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *uarg) |
1054 | { | |
1055 | if (!capable(CAP_SYS_ADMIN)) | |
1056 | return -EACCES; | |
1057 | return do_remove_key(filp, uarg, true); | |
1058 | } | |
1059 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_remove_key_all_users); | |
1060 | ||
5a7e2992 EB |
1061 | /* |
1062 | * Retrieve the status of an fscrypt master encryption key. | |
1063 | * | |
1064 | * We set ->status to indicate whether the key is absent, present, or | |
1065 | * incompletely removed. "Incompletely removed" means that the master key | |
1066 | * secret has been removed, but some files which had been unlocked with it are | |
1067 | * still in use. This field allows applications to easily determine the state | |
1068 | * of an encrypted directory without using a hack such as trying to open a | |
1069 | * regular file in it (which can confuse the "incompletely removed" state with | |
1070 | * absent or present). | |
1071 | * | |
23c688b5 EB |
1072 | * In addition, for v2 policy keys we allow applications to determine, via |
1073 | * ->status_flags and ->user_count, whether the key has been added by the | |
1074 | * current user, by other users, or by both. Most applications should not need | |
1075 | * this, since ordinarily only one user should know a given key. However, if a | |
1076 | * secret key is shared by multiple users, applications may wish to add an | |
1077 | * already-present key to prevent other users from removing it. This ioctl can | |
1078 | * be used to check whether that really is the case before the work is done to | |
1079 | * add the key --- which might e.g. require prompting the user for a passphrase. | |
1080 | * | |
5a7e2992 EB |
1081 | * For more details, see the "FS_IOC_GET_ENCRYPTION_KEY_STATUS" section of |
1082 | * Documentation/filesystems/fscrypt.rst. | |
1083 | */ | |
1084 | int fscrypt_ioctl_get_key_status(struct file *filp, void __user *uarg) | |
1085 | { | |
1086 | struct super_block *sb = file_inode(filp)->i_sb; | |
1087 | struct fscrypt_get_key_status_arg arg; | |
1088 | struct key *key; | |
1089 | struct fscrypt_master_key *mk; | |
1090 | int err; | |
1091 | ||
1092 | if (copy_from_user(&arg, uarg, sizeof(arg))) | |
1093 | return -EFAULT; | |
1094 | ||
1095 | if (!valid_key_spec(&arg.key_spec)) | |
1096 | return -EINVAL; | |
1097 | ||
1098 | if (memchr_inv(arg.__reserved, 0, sizeof(arg.__reserved))) | |
1099 | return -EINVAL; | |
1100 | ||
23c688b5 EB |
1101 | arg.status_flags = 0; |
1102 | arg.user_count = 0; | |
5a7e2992 EB |
1103 | memset(arg.__out_reserved, 0, sizeof(arg.__out_reserved)); |
1104 | ||
1105 | key = fscrypt_find_master_key(sb, &arg.key_spec); | |
1106 | if (IS_ERR(key)) { | |
1107 | if (key != ERR_PTR(-ENOKEY)) | |
1108 | return PTR_ERR(key); | |
1109 | arg.status = FSCRYPT_KEY_STATUS_ABSENT; | |
1110 | err = 0; | |
1111 | goto out; | |
1112 | } | |
1113 | mk = key->payload.data[0]; | |
1114 | down_read(&key->sem); | |
1115 | ||
1116 | if (!is_master_key_secret_present(&mk->mk_secret)) { | |
1117 | arg.status = FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED; | |
1118 | err = 0; | |
1119 | goto out_release_key; | |
1120 | } | |
1121 | ||
1122 | arg.status = FSCRYPT_KEY_STATUS_PRESENT; | |
23c688b5 EB |
1123 | if (mk->mk_users) { |
1124 | struct key *mk_user; | |
1125 | ||
1126 | arg.user_count = mk->mk_users->keys.nr_leaves_on_tree; | |
1127 | mk_user = find_master_key_user(mk); | |
1128 | if (!IS_ERR(mk_user)) { | |
1129 | arg.status_flags |= | |
1130 | FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF; | |
1131 | key_put(mk_user); | |
1132 | } else if (mk_user != ERR_PTR(-ENOKEY)) { | |
1133 | err = PTR_ERR(mk_user); | |
1134 | goto out_release_key; | |
1135 | } | |
1136 | } | |
5a7e2992 EB |
1137 | err = 0; |
1138 | out_release_key: | |
1139 | up_read(&key->sem); | |
1140 | key_put(key); | |
1141 | out: | |
1142 | if (!err && copy_to_user(uarg, &arg, sizeof(arg))) | |
1143 | err = -EFAULT; | |
1144 | return err; | |
1145 | } | |
1146 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_key_status); | |
1147 | ||
22d94f49 EB |
1148 | int __init fscrypt_init_keyring(void) |
1149 | { | |
23c688b5 EB |
1150 | int err; |
1151 | ||
1152 | err = register_key_type(&key_type_fscrypt); | |
1153 | if (err) | |
1154 | return err; | |
1155 | ||
1156 | err = register_key_type(&key_type_fscrypt_user); | |
1157 | if (err) | |
1158 | goto err_unregister_fscrypt; | |
1159 | ||
93edd392 EB |
1160 | err = register_key_type(&key_type_fscrypt_provisioning); |
1161 | if (err) | |
1162 | goto err_unregister_fscrypt_user; | |
1163 | ||
23c688b5 EB |
1164 | return 0; |
1165 | ||
93edd392 EB |
1166 | err_unregister_fscrypt_user: |
1167 | unregister_key_type(&key_type_fscrypt_user); | |
23c688b5 EB |
1168 | err_unregister_fscrypt: |
1169 | unregister_key_type(&key_type_fscrypt); | |
1170 | return err; | |
22d94f49 | 1171 | } |