Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
0b81d077 JK |
2 | /* |
3 | * Encryption policy functions for per-file encryption support. | |
4 | * | |
5 | * Copyright (C) 2015, Google, Inc. | |
6 | * Copyright (C) 2015, Motorola Mobility. | |
7 | * | |
5dae460c | 8 | * Originally written by Michael Halcrow, 2015. |
0b81d077 | 9 | * Modified by Jaegeuk Kim, 2015. |
5dae460c | 10 | * Modified by Eric Biggers, 2019 for v2 policy support. |
0b81d077 JK |
11 | */ |
12 | ||
13 | #include <linux/random.h> | |
14 | #include <linux/string.h> | |
ba63f23d | 15 | #include <linux/mount.h> |
cc4e0df0 | 16 | #include "fscrypt_private.h" |
0b81d077 | 17 | |
5dae460c EB |
18 | /** |
19 | * fscrypt_policies_equal - check whether two encryption policies are the same | |
20 | * | |
21 | * Return: %true if equal, else %false | |
0b81d077 | 22 | */ |
5dae460c EB |
23 | bool fscrypt_policies_equal(const union fscrypt_policy *policy1, |
24 | const union fscrypt_policy *policy2) | |
0b81d077 | 25 | { |
5dae460c EB |
26 | if (policy1->version != policy2->version) |
27 | return false; | |
28 | ||
29 | return !memcmp(policy1, policy2, fscrypt_policy_size(policy1)); | |
0b81d077 JK |
30 | } |
31 | ||
ef5b18b0 EB |
32 | static bool fscrypt_valid_enc_modes(u32 contents_mode, u32 filenames_mode) |
33 | { | |
34 | if (contents_mode == FSCRYPT_MODE_AES_256_XTS && | |
35 | filenames_mode == FSCRYPT_MODE_AES_256_CTS) | |
36 | return true; | |
37 | ||
38 | if (contents_mode == FSCRYPT_MODE_AES_128_CBC && | |
39 | filenames_mode == FSCRYPT_MODE_AES_128_CTS) | |
40 | return true; | |
41 | ||
42 | if (contents_mode == FSCRYPT_MODE_ADIANTUM && | |
43 | filenames_mode == FSCRYPT_MODE_ADIANTUM) | |
44 | return true; | |
45 | ||
46 | return false; | |
47 | } | |
48 | ||
85af90e5 EB |
49 | static bool supported_direct_key_modes(const struct inode *inode, |
50 | u32 contents_mode, u32 filenames_mode) | |
51 | { | |
52 | const struct fscrypt_mode *mode; | |
53 | ||
54 | if (contents_mode != filenames_mode) { | |
55 | fscrypt_warn(inode, | |
56 | "Direct key flag not allowed with different contents and filenames modes"); | |
57 | return false; | |
58 | } | |
59 | mode = &fscrypt_modes[contents_mode]; | |
60 | ||
61 | if (mode->ivsize < offsetofend(union fscrypt_iv, nonce)) { | |
62 | fscrypt_warn(inode, "Direct key flag not allowed with %s", | |
63 | mode->friendly_name); | |
64 | return false; | |
65 | } | |
66 | return true; | |
67 | } | |
68 | ||
b103fb76 EB |
69 | static bool supported_iv_ino_lblk_64_policy( |
70 | const struct fscrypt_policy_v2 *policy, | |
71 | const struct inode *inode) | |
72 | { | |
73 | struct super_block *sb = inode->i_sb; | |
74 | int ino_bits = 64, lblk_bits = 64; | |
75 | ||
76 | if (policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) { | |
77 | fscrypt_warn(inode, | |
78 | "The DIRECT_KEY and IV_INO_LBLK_64 flags are mutually exclusive"); | |
79 | return false; | |
80 | } | |
81 | /* | |
82 | * It's unsafe to include inode numbers in the IVs if the filesystem can | |
83 | * potentially renumber inodes, e.g. via filesystem shrinking. | |
84 | */ | |
85 | if (!sb->s_cop->has_stable_inodes || | |
86 | !sb->s_cop->has_stable_inodes(sb)) { | |
87 | fscrypt_warn(inode, | |
88 | "Can't use IV_INO_LBLK_64 policy on filesystem '%s' because it doesn't have stable inode numbers", | |
89 | sb->s_id); | |
90 | return false; | |
91 | } | |
92 | if (sb->s_cop->get_ino_and_lblk_bits) | |
93 | sb->s_cop->get_ino_and_lblk_bits(sb, &ino_bits, &lblk_bits); | |
94 | if (ino_bits > 32 || lblk_bits > 32) { | |
95 | fscrypt_warn(inode, | |
96 | "Can't use IV_INO_LBLK_64 policy on filesystem '%s' because it doesn't use 32-bit inode and block numbers", | |
97 | sb->s_id); | |
98 | return false; | |
99 | } | |
100 | return true; | |
101 | } | |
102 | ||
393a24a7 EB |
103 | static bool fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 *policy, |
104 | const struct inode *inode) | |
105 | { | |
106 | if (!fscrypt_valid_enc_modes(policy->contents_encryption_mode, | |
107 | policy->filenames_encryption_mode)) { | |
108 | fscrypt_warn(inode, | |
109 | "Unsupported encryption modes (contents %d, filenames %d)", | |
110 | policy->contents_encryption_mode, | |
111 | policy->filenames_encryption_mode); | |
112 | return false; | |
113 | } | |
114 | ||
115 | if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK | | |
116 | FSCRYPT_POLICY_FLAG_DIRECT_KEY)) { | |
117 | fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)", | |
118 | policy->flags); | |
119 | return false; | |
120 | } | |
121 | ||
85af90e5 EB |
122 | if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) && |
123 | !supported_direct_key_modes(inode, policy->contents_encryption_mode, | |
124 | policy->filenames_encryption_mode)) | |
125 | return false; | |
126 | ||
6e1918cf DR |
127 | if (IS_CASEFOLDED(inode)) { |
128 | /* With v1, there's no way to derive dirhash keys. */ | |
129 | fscrypt_warn(inode, | |
130 | "v1 policies can't be used on casefolded directories"); | |
131 | return false; | |
132 | } | |
133 | ||
393a24a7 EB |
134 | return true; |
135 | } | |
136 | ||
137 | static bool fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 *policy, | |
138 | const struct inode *inode) | |
139 | { | |
140 | if (!fscrypt_valid_enc_modes(policy->contents_encryption_mode, | |
141 | policy->filenames_encryption_mode)) { | |
142 | fscrypt_warn(inode, | |
143 | "Unsupported encryption modes (contents %d, filenames %d)", | |
144 | policy->contents_encryption_mode, | |
145 | policy->filenames_encryption_mode); | |
146 | return false; | |
147 | } | |
148 | ||
149 | if (policy->flags & ~FSCRYPT_POLICY_FLAGS_VALID) { | |
150 | fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)", | |
151 | policy->flags); | |
152 | return false; | |
153 | } | |
154 | ||
85af90e5 EB |
155 | if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) && |
156 | !supported_direct_key_modes(inode, policy->contents_encryption_mode, | |
157 | policy->filenames_encryption_mode)) | |
158 | return false; | |
159 | ||
393a24a7 EB |
160 | if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) && |
161 | !supported_iv_ino_lblk_64_policy(policy, inode)) | |
162 | return false; | |
163 | ||
164 | if (memchr_inv(policy->__reserved, 0, sizeof(policy->__reserved))) { | |
165 | fscrypt_warn(inode, "Reserved bits set in encryption policy"); | |
166 | return false; | |
167 | } | |
168 | ||
169 | return true; | |
170 | } | |
171 | ||
5dae460c EB |
172 | /** |
173 | * fscrypt_supported_policy - check whether an encryption policy is supported | |
174 | * | |
175 | * Given an encryption policy, check whether all its encryption modes and other | |
393a24a7 EB |
176 | * settings are supported by this kernel on the given inode. (But we don't |
177 | * currently don't check for crypto API support here, so attempting to use an | |
178 | * algorithm not configured into the crypto API will still fail later.) | |
5dae460c EB |
179 | * |
180 | * Return: %true if supported, else %false | |
181 | */ | |
182 | bool fscrypt_supported_policy(const union fscrypt_policy *policy_u, | |
183 | const struct inode *inode) | |
0b81d077 | 184 | { |
5dae460c | 185 | switch (policy_u->version) { |
393a24a7 EB |
186 | case FSCRYPT_POLICY_V1: |
187 | return fscrypt_supported_v1_policy(&policy_u->v1, inode); | |
188 | case FSCRYPT_POLICY_V2: | |
189 | return fscrypt_supported_v2_policy(&policy_u->v2, inode); | |
5dae460c EB |
190 | } |
191 | return false; | |
192 | } | |
193 | ||
194 | /** | |
195 | * fscrypt_new_context_from_policy - create a new fscrypt_context from a policy | |
196 | * | |
197 | * Create an fscrypt_context for an inode that is being assigned the given | |
198 | * encryption policy. A new nonce is randomly generated. | |
199 | * | |
200 | * Return: the size of the new context in bytes. | |
201 | */ | |
202 | static int fscrypt_new_context_from_policy(union fscrypt_context *ctx_u, | |
203 | const union fscrypt_policy *policy_u) | |
204 | { | |
205 | memset(ctx_u, 0, sizeof(*ctx_u)); | |
206 | ||
207 | switch (policy_u->version) { | |
208 | case FSCRYPT_POLICY_V1: { | |
209 | const struct fscrypt_policy_v1 *policy = &policy_u->v1; | |
210 | struct fscrypt_context_v1 *ctx = &ctx_u->v1; | |
211 | ||
212 | ctx->version = FSCRYPT_CONTEXT_V1; | |
213 | ctx->contents_encryption_mode = | |
214 | policy->contents_encryption_mode; | |
215 | ctx->filenames_encryption_mode = | |
216 | policy->filenames_encryption_mode; | |
217 | ctx->flags = policy->flags; | |
218 | memcpy(ctx->master_key_descriptor, | |
219 | policy->master_key_descriptor, | |
220 | sizeof(ctx->master_key_descriptor)); | |
221 | get_random_bytes(ctx->nonce, sizeof(ctx->nonce)); | |
222 | return sizeof(*ctx); | |
223 | } | |
224 | case FSCRYPT_POLICY_V2: { | |
225 | const struct fscrypt_policy_v2 *policy = &policy_u->v2; | |
226 | struct fscrypt_context_v2 *ctx = &ctx_u->v2; | |
227 | ||
228 | ctx->version = FSCRYPT_CONTEXT_V2; | |
229 | ctx->contents_encryption_mode = | |
230 | policy->contents_encryption_mode; | |
231 | ctx->filenames_encryption_mode = | |
232 | policy->filenames_encryption_mode; | |
233 | ctx->flags = policy->flags; | |
234 | memcpy(ctx->master_key_identifier, | |
235 | policy->master_key_identifier, | |
236 | sizeof(ctx->master_key_identifier)); | |
237 | get_random_bytes(ctx->nonce, sizeof(ctx->nonce)); | |
238 | return sizeof(*ctx); | |
239 | } | |
240 | } | |
241 | BUG(); | |
242 | } | |
0b81d077 | 243 | |
5dae460c EB |
244 | /** |
245 | * fscrypt_policy_from_context - convert an fscrypt_context to an fscrypt_policy | |
246 | * | |
247 | * Given an fscrypt_context, build the corresponding fscrypt_policy. | |
248 | * | |
249 | * Return: 0 on success, or -EINVAL if the fscrypt_context has an unrecognized | |
250 | * version number or size. | |
251 | * | |
252 | * This does *not* validate the settings within the policy itself, e.g. the | |
253 | * modes, flags, and reserved bits. Use fscrypt_supported_policy() for that. | |
254 | */ | |
255 | int fscrypt_policy_from_context(union fscrypt_policy *policy_u, | |
256 | const union fscrypt_context *ctx_u, | |
257 | int ctx_size) | |
258 | { | |
259 | memset(policy_u, 0, sizeof(*policy_u)); | |
0b81d077 | 260 | |
e98ad464 | 261 | if (!fscrypt_context_is_valid(ctx_u, ctx_size)) |
0b81d077 | 262 | return -EINVAL; |
0b81d077 | 263 | |
5dae460c EB |
264 | switch (ctx_u->version) { |
265 | case FSCRYPT_CONTEXT_V1: { | |
266 | const struct fscrypt_context_v1 *ctx = &ctx_u->v1; | |
267 | struct fscrypt_policy_v1 *policy = &policy_u->v1; | |
268 | ||
269 | policy->version = FSCRYPT_POLICY_V1; | |
270 | policy->contents_encryption_mode = | |
271 | ctx->contents_encryption_mode; | |
272 | policy->filenames_encryption_mode = | |
273 | ctx->filenames_encryption_mode; | |
274 | policy->flags = ctx->flags; | |
275 | memcpy(policy->master_key_descriptor, | |
276 | ctx->master_key_descriptor, | |
277 | sizeof(policy->master_key_descriptor)); | |
278 | return 0; | |
279 | } | |
280 | case FSCRYPT_CONTEXT_V2: { | |
281 | const struct fscrypt_context_v2 *ctx = &ctx_u->v2; | |
282 | struct fscrypt_policy_v2 *policy = &policy_u->v2; | |
283 | ||
284 | policy->version = FSCRYPT_POLICY_V2; | |
285 | policy->contents_encryption_mode = | |
286 | ctx->contents_encryption_mode; | |
287 | policy->filenames_encryption_mode = | |
288 | ctx->filenames_encryption_mode; | |
289 | policy->flags = ctx->flags; | |
290 | memcpy(policy->__reserved, ctx->__reserved, | |
291 | sizeof(policy->__reserved)); | |
292 | memcpy(policy->master_key_identifier, | |
293 | ctx->master_key_identifier, | |
294 | sizeof(policy->master_key_identifier)); | |
295 | return 0; | |
296 | } | |
297 | } | |
298 | /* unreachable */ | |
299 | return -EINVAL; | |
300 | } | |
301 | ||
302 | /* Retrieve an inode's encryption policy */ | |
303 | static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy) | |
304 | { | |
305 | const struct fscrypt_info *ci; | |
306 | union fscrypt_context ctx; | |
307 | int ret; | |
308 | ||
309 | ci = READ_ONCE(inode->i_crypt_info); | |
310 | if (ci) { | |
311 | /* key available, use the cached policy */ | |
312 | *policy = ci->ci_policy; | |
313 | return 0; | |
314 | } | |
315 | ||
316 | if (!IS_ENCRYPTED(inode)) | |
317 | return -ENODATA; | |
318 | ||
319 | ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); | |
320 | if (ret < 0) | |
321 | return (ret == -ERANGE) ? -EINVAL : ret; | |
322 | ||
323 | return fscrypt_policy_from_context(policy, &ctx, ret); | |
324 | } | |
325 | ||
326 | static int set_encryption_policy(struct inode *inode, | |
327 | const union fscrypt_policy *policy) | |
328 | { | |
329 | union fscrypt_context ctx; | |
330 | int ctxsize; | |
5ab7189a | 331 | int err; |
5dae460c EB |
332 | |
333 | if (!fscrypt_supported_policy(policy, inode)) | |
0b81d077 JK |
334 | return -EINVAL; |
335 | ||
5ab7189a EB |
336 | switch (policy->version) { |
337 | case FSCRYPT_POLICY_V1: | |
5dae460c EB |
338 | /* |
339 | * The original encryption policy version provided no way of | |
340 | * verifying that the correct master key was supplied, which was | |
341 | * insecure in scenarios where multiple users have access to the | |
342 | * same encrypted files (even just read-only access). The new | |
343 | * encryption policy version fixes this and also implies use of | |
344 | * an improved key derivation function and allows non-root users | |
345 | * to securely remove keys. So as long as compatibility with | |
346 | * old kernels isn't required, it is recommended to use the new | |
347 | * policy version for all new encrypted directories. | |
348 | */ | |
349 | pr_warn_once("%s (pid %d) is setting deprecated v1 encryption policy; recommend upgrading to v2.\n", | |
350 | current->comm, current->pid); | |
5ab7189a EB |
351 | break; |
352 | case FSCRYPT_POLICY_V2: | |
353 | err = fscrypt_verify_key_added(inode->i_sb, | |
354 | policy->v2.master_key_identifier); | |
355 | if (err) | |
356 | return err; | |
357 | break; | |
358 | default: | |
359 | WARN_ON(1); | |
360 | return -EINVAL; | |
5dae460c | 361 | } |
0b81d077 | 362 | |
5dae460c EB |
363 | ctxsize = fscrypt_new_context_from_policy(&ctx, policy); |
364 | ||
365 | return inode->i_sb->s_cop->set_context(inode, &ctx, ctxsize, NULL); | |
0b81d077 JK |
366 | } |
367 | ||
db717d8e | 368 | int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) |
0b81d077 | 369 | { |
5dae460c EB |
370 | union fscrypt_policy policy; |
371 | union fscrypt_policy existing_policy; | |
ba63f23d | 372 | struct inode *inode = file_inode(filp); |
5dae460c EB |
373 | u8 version; |
374 | int size; | |
ba63f23d EB |
375 | int ret; |
376 | ||
5dae460c | 377 | if (get_user(policy.version, (const u8 __user *)arg)) |
db717d8e EB |
378 | return -EFAULT; |
379 | ||
5dae460c EB |
380 | size = fscrypt_policy_size(&policy); |
381 | if (size <= 0) | |
382 | return -EINVAL; | |
383 | ||
384 | /* | |
385 | * We should just copy the remaining 'size - 1' bytes here, but a | |
386 | * bizarre bug in gcc 7 and earlier (fixed by gcc r255731) causes gcc to | |
387 | * think that size can be 0 here (despite the check above!) *and* that | |
388 | * it's a compile-time constant. Thus it would think copy_from_user() | |
389 | * is passed compile-time constant ULONG_MAX, causing the compile-time | |
390 | * buffer overflow check to fail, breaking the build. This only occurred | |
391 | * when building an i386 kernel with -Os and branch profiling enabled. | |
392 | * | |
393 | * Work around it by just copying the first byte again... | |
394 | */ | |
395 | version = policy.version; | |
396 | if (copy_from_user(&policy, arg, size)) | |
397 | return -EFAULT; | |
398 | policy.version = version; | |
399 | ||
163ae1c6 EB |
400 | if (!inode_owner_or_capable(inode)) |
401 | return -EACCES; | |
402 | ||
ba63f23d EB |
403 | ret = mnt_want_write_file(filp); |
404 | if (ret) | |
405 | return ret; | |
406 | ||
8906a822 EB |
407 | inode_lock(inode); |
408 | ||
5dae460c | 409 | ret = fscrypt_get_policy(inode, &existing_policy); |
efee590e | 410 | if (ret == -ENODATA) { |
002ced4b | 411 | if (!S_ISDIR(inode->i_mode)) |
dffd0cfa | 412 | ret = -ENOTDIR; |
5858bdad HF |
413 | else if (IS_DEADDIR(inode)) |
414 | ret = -ENOENT; | |
ba63f23d EB |
415 | else if (!inode->i_sb->s_cop->empty_dir(inode)) |
416 | ret = -ENOTEMPTY; | |
417 | else | |
5dae460c EB |
418 | ret = set_encryption_policy(inode, &policy); |
419 | } else if (ret == -EINVAL || | |
420 | (ret == 0 && !fscrypt_policies_equal(&policy, | |
421 | &existing_policy))) { | |
efee590e | 422 | /* The file already uses a different encryption policy. */ |
8488cd96 | 423 | ret = -EEXIST; |
0b81d077 JK |
424 | } |
425 | ||
8906a822 EB |
426 | inode_unlock(inode); |
427 | ||
ba63f23d EB |
428 | mnt_drop_write_file(filp); |
429 | return ret; | |
0b81d077 | 430 | } |
db717d8e | 431 | EXPORT_SYMBOL(fscrypt_ioctl_set_policy); |
0b81d077 | 432 | |
5dae460c | 433 | /* Original ioctl version; can only get the original policy version */ |
db717d8e | 434 | int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg) |
0b81d077 | 435 | { |
5dae460c EB |
436 | union fscrypt_policy policy; |
437 | int err; | |
0b81d077 | 438 | |
5dae460c EB |
439 | err = fscrypt_get_policy(file_inode(filp), &policy); |
440 | if (err) | |
441 | return err; | |
0b81d077 | 442 | |
5dae460c | 443 | if (policy.version != FSCRYPT_POLICY_V1) |
0b81d077 JK |
444 | return -EINVAL; |
445 | ||
5dae460c | 446 | if (copy_to_user(arg, &policy, sizeof(policy.v1))) |
db717d8e | 447 | return -EFAULT; |
0b81d077 JK |
448 | return 0; |
449 | } | |
db717d8e | 450 | EXPORT_SYMBOL(fscrypt_ioctl_get_policy); |
0b81d077 | 451 | |
5dae460c EB |
452 | /* Extended ioctl version; can get policies of any version */ |
453 | int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *uarg) | |
454 | { | |
455 | struct fscrypt_get_policy_ex_arg arg; | |
456 | union fscrypt_policy *policy = (union fscrypt_policy *)&arg.policy; | |
457 | size_t policy_size; | |
458 | int err; | |
459 | ||
460 | /* arg is policy_size, then policy */ | |
461 | BUILD_BUG_ON(offsetof(typeof(arg), policy_size) != 0); | |
462 | BUILD_BUG_ON(offsetofend(typeof(arg), policy_size) != | |
463 | offsetof(typeof(arg), policy)); | |
464 | BUILD_BUG_ON(sizeof(arg.policy) != sizeof(*policy)); | |
465 | ||
466 | err = fscrypt_get_policy(file_inode(filp), policy); | |
467 | if (err) | |
468 | return err; | |
469 | policy_size = fscrypt_policy_size(policy); | |
470 | ||
471 | if (copy_from_user(&arg, uarg, sizeof(arg.policy_size))) | |
472 | return -EFAULT; | |
473 | ||
474 | if (policy_size > arg.policy_size) | |
475 | return -EOVERFLOW; | |
476 | arg.policy_size = policy_size; | |
477 | ||
478 | if (copy_to_user(uarg, &arg, sizeof(arg.policy_size) + policy_size)) | |
479 | return -EFAULT; | |
480 | return 0; | |
481 | } | |
482 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_policy_ex); | |
483 | ||
e98ad464 EB |
484 | /* FS_IOC_GET_ENCRYPTION_NONCE: retrieve file's encryption nonce for testing */ |
485 | int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg) | |
486 | { | |
487 | struct inode *inode = file_inode(filp); | |
488 | union fscrypt_context ctx; | |
489 | int ret; | |
490 | ||
491 | ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); | |
492 | if (ret < 0) | |
493 | return ret; | |
494 | if (!fscrypt_context_is_valid(&ctx, ret)) | |
495 | return -EINVAL; | |
496 | if (copy_to_user(arg, fscrypt_context_nonce(&ctx), | |
497 | FS_KEY_DERIVATION_NONCE_SIZE)) | |
498 | return -EFAULT; | |
499 | return 0; | |
500 | } | |
501 | EXPORT_SYMBOL_GPL(fscrypt_ioctl_get_nonce); | |
502 | ||
272f98f6 EB |
503 | /** |
504 | * fscrypt_has_permitted_context() - is a file's encryption policy permitted | |
505 | * within its directory? | |
506 | * | |
507 | * @parent: inode for parent directory | |
508 | * @child: inode for file being looked up, opened, or linked into @parent | |
509 | * | |
510 | * Filesystems must call this before permitting access to an inode in a | |
511 | * situation where the parent directory is encrypted (either before allowing | |
512 | * ->lookup() to succeed, or for a regular file before allowing it to be opened) | |
513 | * and before any operation that involves linking an inode into an encrypted | |
514 | * directory, including link, rename, and cross rename. It enforces the | |
515 | * constraint that within a given encrypted directory tree, all files use the | |
516 | * same encryption policy. The pre-access check is needed to detect potentially | |
517 | * malicious offline violations of this constraint, while the link and rename | |
518 | * checks are needed to prevent online violations of this constraint. | |
519 | * | |
f5e55e77 | 520 | * Return: 1 if permitted, 0 if forbidden. |
272f98f6 | 521 | */ |
0b81d077 JK |
522 | int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) |
523 | { | |
5dae460c EB |
524 | union fscrypt_policy parent_policy, child_policy; |
525 | int err; | |
0b81d077 | 526 | |
42d97eb0 EB |
527 | /* No restrictions on file types which are never encrypted */ |
528 | if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && | |
529 | !S_ISLNK(child->i_mode)) | |
530 | return 1; | |
531 | ||
272f98f6 | 532 | /* No restrictions if the parent directory is unencrypted */ |
e0428a26 | 533 | if (!IS_ENCRYPTED(parent)) |
0b81d077 | 534 | return 1; |
272f98f6 EB |
535 | |
536 | /* Encrypted directories must not contain unencrypted files */ | |
e0428a26 | 537 | if (!IS_ENCRYPTED(child)) |
0b81d077 | 538 | return 0; |
272f98f6 EB |
539 | |
540 | /* | |
541 | * Both parent and child are encrypted, so verify they use the same | |
542 | * encryption policy. Compare the fscrypt_info structs if the keys are | |
543 | * available, otherwise retrieve and compare the fscrypt_contexts. | |
544 | * | |
545 | * Note that the fscrypt_context retrieval will be required frequently | |
546 | * when accessing an encrypted directory tree without the key. | |
547 | * Performance-wise this is not a big deal because we already don't | |
548 | * really optimize for file access without the key (to the extent that | |
549 | * such access is even possible), given that any attempted access | |
550 | * already causes a fscrypt_context retrieval and keyring search. | |
551 | * | |
552 | * In any case, if an unexpected error occurs, fall back to "forbidden". | |
553 | */ | |
554 | ||
5dae460c EB |
555 | err = fscrypt_get_encryption_info(parent); |
556 | if (err) | |
0b81d077 | 557 | return 0; |
5dae460c EB |
558 | err = fscrypt_get_encryption_info(child); |
559 | if (err) | |
0b81d077 | 560 | return 0; |
272f98f6 | 561 | |
5dae460c EB |
562 | err = fscrypt_get_policy(parent, &parent_policy); |
563 | if (err) | |
272f98f6 EB |
564 | return 0; |
565 | ||
5dae460c EB |
566 | err = fscrypt_get_policy(child, &child_policy); |
567 | if (err) | |
0b81d077 JK |
568 | return 0; |
569 | ||
5dae460c | 570 | return fscrypt_policies_equal(&parent_policy, &child_policy); |
0b81d077 JK |
571 | } |
572 | EXPORT_SYMBOL(fscrypt_has_permitted_context); | |
573 | ||
574 | /** | |
575 | * fscrypt_inherit_context() - Sets a child context from its parent | |
576 | * @parent: Parent inode from which the context is inherited. | |
577 | * @child: Child inode that inherits the context from @parent. | |
578 | * @fs_data: private data given by FS. | |
5bbdcbbb | 579 | * @preload: preload child i_crypt_info if true |
0b81d077 | 580 | * |
5bbdcbbb | 581 | * Return: 0 on success, -errno on failure |
0b81d077 JK |
582 | */ |
583 | int fscrypt_inherit_context(struct inode *parent, struct inode *child, | |
584 | void *fs_data, bool preload) | |
585 | { | |
5dae460c EB |
586 | union fscrypt_context ctx; |
587 | int ctxsize; | |
0b81d077 JK |
588 | struct fscrypt_info *ci; |
589 | int res; | |
590 | ||
0b81d077 JK |
591 | res = fscrypt_get_encryption_info(parent); |
592 | if (res < 0) | |
593 | return res; | |
594 | ||
e37a784d | 595 | ci = READ_ONCE(parent->i_crypt_info); |
0b81d077 JK |
596 | if (ci == NULL) |
597 | return -ENOKEY; | |
598 | ||
5dae460c EB |
599 | ctxsize = fscrypt_new_context_from_policy(&ctx, &ci->ci_policy); |
600 | ||
af65207c | 601 | BUILD_BUG_ON(sizeof(ctx) != FSCRYPT_SET_CONTEXT_MAX_SIZE); |
5dae460c | 602 | res = parent->i_sb->s_cop->set_context(child, &ctx, ctxsize, fs_data); |
0b81d077 JK |
603 | if (res) |
604 | return res; | |
605 | return preload ? fscrypt_get_encryption_info(child): 0; | |
606 | } | |
607 | EXPORT_SYMBOL(fscrypt_inherit_context); |