[linux-2.6-block.git] / fs / ext4 / crypto.c

// SPDX-License-Identifier: GPL-2.0

#include <linux/quotaops.h>
#include <linux/uuid.h>

#include "ext4.h"
#include "xattr.h"
#include "ext4_jbd2.h"

static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
					 const struct fscrypt_name *src)
{
	memset(dst, 0, sizeof(*dst));

	dst->usr_fname = src->usr_fname;
	dst->disk_name = src->disk_name;
	dst->hinfo.hash = src->hash;
	dst->hinfo.minor_hash = src->minor_hash;
	dst->crypto_buf = src->crypto_buf;
}

int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
			      int lookup, struct ext4_filename *fname)
{
	struct fscrypt_name name;
	int err;

	err = fscrypt_setup_filename(dir, iname, lookup, &name);
	if (err)
		return err;

	ext4_fname_from_fscrypt_name(fname, &name);

#if IS_ENABLED(CONFIG_UNICODE)
	err = ext4_fname_setup_ci_filename(dir, iname, fname);
#endif
	return err;
}

int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
			      struct ext4_filename *fname)
{
	struct fscrypt_name name;
	int err;

	err = fscrypt_prepare_lookup(dir, dentry, &name);
	if (err)
		return err;

	ext4_fname_from_fscrypt_name(fname, &name);

#if IS_ENABLED(CONFIG_UNICODE)
	err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
#endif
	return err;
}

void ext4_fname_free_filename(struct ext4_filename *fname)
{
	struct fscrypt_name name;

	name.crypto_buf = fname->crypto_buf;
	fscrypt_free_filename(&name);

	fname->crypto_buf.name = NULL;
	fname->usr_fname = NULL;
	fname->disk_name.name = NULL;

#if IS_ENABLED(CONFIG_UNICODE)
	kfree(fname->cf_name.name);
	fname->cf_name.name = NULL;
#endif
}

static bool uuid_is_zero(__u8 u[16])
{
	int i;

	for (i = 0; i < 16; i++)
		if (u[i])
			return false;
	return true;
}

int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
{
	struct super_block *sb = file_inode(filp)->i_sb;
	struct ext4_sb_info *sbi = EXT4_SB(sb);
	int err, err2;
	handle_t *handle;

	if (!ext4_has_feature_encrypt(sb))
		return -EOPNOTSUPP;

	if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
		err = mnt_want_write_file(filp);
		if (err)
			return err;
		handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
		if (IS_ERR(handle)) {
			err = PTR_ERR(handle);
			goto pwsalt_err_exit;
		}
		err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
						    EXT4_JTR_NONE);
		if (err)
			goto pwsalt_err_journal;
		lock_buffer(sbi->s_sbh);
		generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
		ext4_superblock_csum_set(sb);
		unlock_buffer(sbi->s_sbh);
		err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
pwsalt_err_journal:
		err2 = ext4_journal_stop(handle);
		if (err2 && !err)
			err = err2;
pwsalt_err_exit:
		mnt_drop_write_file(filp);
		if (err)
			return err;
	}

	if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
		return -EFAULT;
	return 0;
}

static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
{
	return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
				 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
}

static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
							void *fs_data)
{
	handle_t *handle = fs_data;
	int res, res2, credits, retries = 0;

	/*
	 * Encrypting the root directory is not allowed because e2fsck expects
	 * lost+found to exist and be unencrypted, and encrypting the root
	 * directory would imply encrypting the lost+found directory as well as
	 * the filename "lost+found" itself.
	 */
	if (inode->i_ino == EXT4_ROOT_INO)
		return -EPERM;

	if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
		return -EINVAL;

	if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
		return -EOPNOTSUPP;

	res = ext4_convert_inline_data(inode);
	if (res)
		return res;

	/*
	 * If a journal handle was specified, then the encryption context is
	 * being set on a new inode via inheritance and is part of a larger
	 * transaction to create the inode.  Otherwise the encryption context is
	 * being set on an existing inode in its own transaction.  Only in the
	 * latter case should the "retry on ENOSPC" logic be used.
	 */

	if (handle) {
		res = ext4_xattr_set_handle(handle, inode,
					    EXT4_XATTR_INDEX_ENCRYPTION,
					    EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
					    ctx, len, 0);
		if (!res) {
			ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
			ext4_clear_inode_state(inode,
					EXT4_STATE_MAY_INLINE_DATA);
			/*
			 * Update inode->i_flags - S_ENCRYPTED will be enabled,
			 * S_DAX may be disabled
			 */
			ext4_set_inode_flags(inode, false);
		}
		return res;
	}

	res = dquot_initialize(inode);
	if (res)
		return res;
retry:
	res = ext4_xattr_set_credits(inode, len, false /* is_create */,
				     &credits);
	if (res)
		return res;

	handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
	if (IS_ERR(handle))
		return PTR_ERR(handle);

	res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
				    EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
				    ctx, len, 0);
	if (!res) {
		ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
		/*
		 * Update inode->i_flags - S_ENCRYPTED will be enabled,
		 * S_DAX may be disabled
		 */
		ext4_set_inode_flags(inode, false);
		res = ext4_mark_inode_dirty(handle, inode);
		if (res)
			EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
	}
	res2 = ext4_journal_stop(handle);

	if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
		goto retry;
	if (!res)
		res = res2;
	return res;
}

static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
{
	return EXT4_SB(sb)->s_dummy_enc_policy.policy;
}

static bool ext4_has_stable_inodes(struct super_block *sb)
{
	return ext4_has_feature_stable_inodes(sb);
}

static void ext4_get_ino_and_lblk_bits(struct super_block *sb,
				       int *ino_bits_ret, int *lblk_bits_ret)
{
	*ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count);
	*lblk_bits_ret = 8 * sizeof(ext4_lblk_t);
}

const struct fscrypt_operations ext4_cryptops = {
	.key_prefix		= "ext4:",
	.get_context		= ext4_get_context,
	.set_context		= ext4_set_context,
	.get_dummy_policy	= ext4_get_dummy_policy,
	.empty_dir		= ext4_empty_dir,
	.has_stable_inodes	= ext4_has_stable_inodes,
	.get_ino_and_lblk_bits	= ext4_get_ino_and_lblk_bits,
};
Commit	Line	Data
b1241c8e RH	1	// SPDX-License-Identifier: GPL-2.0
	2
	3	#include <linux/quotaops.h>
72f63f4a	4	#include <linux/uuid.h>
b1241c8e RH	5
	6	#include "ext4.h"
	7	#include "xattr.h"
	8	#include "ext4_jbd2.h"
	9
3030b59c RH	10	static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
	11	const struct fscrypt_name *src)
	12	{
	13	memset(dst, 0, sizeof(*dst));
	14
	15	dst->usr_fname = src->usr_fname;
	16	dst->disk_name = src->disk_name;
	17	dst->hinfo.hash = src->hash;
	18	dst->hinfo.minor_hash = src->minor_hash;
	19	dst->crypto_buf = src->crypto_buf;
	20	}
	21
	22	int ext4_fname_setup_filename(struct inode dir, const struct qstr iname,
	23	int lookup, struct ext4_filename *fname)
	24	{
	25	struct fscrypt_name name;
	26	int err;
	27
	28	err = fscrypt_setup_filename(dir, iname, lookup, &name);
	29	if (err)
	30	return err;
	31
	32	ext4_fname_from_fscrypt_name(fname, &name);
	33
	34	#if IS_ENABLED(CONFIG_UNICODE)
	35	err = ext4_fname_setup_ci_filename(dir, iname, fname);
	36	#endif
	37	return err;
	38	}
	39
	40	int ext4_fname_prepare_lookup(struct inode dir, struct dentry dentry,
	41	struct ext4_filename *fname)
	42	{
	43	struct fscrypt_name name;
	44	int err;
	45
	46	err = fscrypt_prepare_lookup(dir, dentry, &name);
	47	if (err)
	48	return err;
	49
	50	ext4_fname_from_fscrypt_name(fname, &name);
	51
	52	#if IS_ENABLED(CONFIG_UNICODE)
	53	err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
	54	#endif
	55	return err;
	56	}
	57
	58	void ext4_fname_free_filename(struct ext4_filename *fname)
	59	{
	60	struct fscrypt_name name;
	61
	62	name.crypto_buf = fname->crypto_buf;
	63	fscrypt_free_filename(&name);
	64
	65	fname->crypto_buf.name = NULL;
	66	fname->usr_fname = NULL;
	67	fname->disk_name.name = NULL;
	68
	69	#if IS_ENABLED(CONFIG_UNICODE)
	70	kfree(fname->cf_name.name);
	71	fname->cf_name.name = NULL;
	72	#endif
	73	}
74
72f63f4a RH	75	static bool uuid_is_zero(__u8 u[16])
	76	{
	77	int i;
	78
	79	for (i = 0; i < 16; i++)
	80	if (u[i])
	81	return false;
	82	return true;
	83	}
	84
	85	int ext4_ioctl_get_encryption_pwsalt(struct file filp, void __user arg)
	86	{
	87	struct super_block *sb = file_inode(filp)->i_sb;
	88	struct ext4_sb_info *sbi = EXT4_SB(sb);
	89	int err, err2;
	90	handle_t *handle;
	91
	92	if (!ext4_has_feature_encrypt(sb))
	93	return -EOPNOTSUPP;
	94
	95	if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
	96	err = mnt_want_write_file(filp);
	97	if (err)
	98	return err;
	99	handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
	100	if (IS_ERR(handle)) {
	101	err = PTR_ERR(handle);
	102	goto pwsalt_err_exit;
	103	}
	104	err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
	105	EXT4_JTR_NONE);
	106	if (err)
	107	goto pwsalt_err_journal;
	108	lock_buffer(sbi->s_sbh);
	109	generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
	110	ext4_superblock_csum_set(sb);
	111	unlock_buffer(sbi->s_sbh);
	112	err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
	113	pwsalt_err_journal:
	114	err2 = ext4_journal_stop(handle);
	115	if (err2 && !err)
	116	err = err2;
	117	pwsalt_err_exit:
	118	mnt_drop_write_file(filp);
	119	if (err)
	120	return err;
	121	}
	122
	123	if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
	124	return -EFAULT;
	125	return 0;
	126	}
	127
b1241c8e RH	128	static int ext4_get_context(struct inode inode, void ctx, size_t len)
	129	{
	130	return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
	131	EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
	132	}
	133
	134	static int ext4_set_context(struct inode inode, const void ctx, size_t len,
	135	void *fs_data)
	136	{
	137	handle_t *handle = fs_data;
	138	int res, res2, credits, retries = 0;
	139
	140	/*
	141	* Encrypting the root directory is not allowed because e2fsck expects
	142	* lost+found to exist and be unencrypted, and encrypting the root
	143	* directory would imply encrypting the lost+found directory as well as
	144	* the filename "lost+found" itself.
	145	*/
	146	if (inode->i_ino == EXT4_ROOT_INO)
	147	return -EPERM;
	148
	149	if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
	150	return -EINVAL;
	151
	152	if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
	153	return -EOPNOTSUPP;
	154
	155	res = ext4_convert_inline_data(inode);
	156	if (res)
	157	return res;
	158
	159	/*
	160	* If a journal handle was specified, then the encryption context is
	161	* being set on a new inode via inheritance and is part of a larger
	162	* transaction to create the inode. Otherwise the encryption context is
	163	* being set on an existing inode in its own transaction. Only in the
	164	* latter case should the "retry on ENOSPC" logic be used.
	165	*/
	166
	167	if (handle) {
	168	res = ext4_xattr_set_handle(handle, inode,
	169	EXT4_XATTR_INDEX_ENCRYPTION,
	170	EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
	171	ctx, len, 0);
	172	if (!res) {
	173	ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
	174	ext4_clear_inode_state(inode,
	175	EXT4_STATE_MAY_INLINE_DATA);
	176	/*
	177	* Update inode->i_flags - S_ENCRYPTED will be enabled,
	178	* S_DAX may be disabled
	179	*/
	180	ext4_set_inode_flags(inode, false);
	181	}
	182	return res;
	183	}
	184
	185	res = dquot_initialize(inode);
	186	if (res)
	187	return res;
	188	retry:
	189	res = ext4_xattr_set_credits(inode, len, false /* is_create */,
	190	&credits);
	191	if (res)
192	return res;
193
194	handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
195	if (IS_ERR(handle))
196	return PTR_ERR(handle);
197
198	res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
199	EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
200	ctx, len, 0);
201	if (!res) {
202	ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
203	/*
204	* Update inode->i_flags - S_ENCRYPTED will be enabled,
205	* S_DAX may be disabled
206	*/
207	ext4_set_inode_flags(inode, false);
208	res = ext4_mark_inode_dirty(handle, inode);
209	if (res)
210	EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
211	}
212	res2 = ext4_journal_stop(handle);
213
214	if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
215	goto retry;
216	if (!res)
217	res = res2;
218	return res;
219	}
220
221	static const union fscrypt_policy ext4_get_dummy_policy(struct super_block sb)
222	{
223	return EXT4_SB(sb)->s_dummy_enc_policy.policy;
224	}
225
226	static bool ext4_has_stable_inodes(struct super_block *sb)
227	{
228	return ext4_has_feature_stable_inodes(sb);
229	}
230
231	static void ext4_get_ino_and_lblk_bits(struct super_block *sb,
232	int ino_bits_ret, int lblk_bits_ret)
233	{
234	ino_bits_ret = 8 sizeof(EXT4_SB(sb)->s_es->s_inodes_count);
235	lblk_bits_ret = 8 sizeof(ext4_lblk_t);
236	}
237
238	const struct fscrypt_operations ext4_cryptops = {
239	.key_prefix = "ext4:",
240	.get_context = ext4_get_context,
241	.set_context = ext4_set_context,
242	.get_dummy_policy = ext4_get_dummy_policy,
243	.empty_dir = ext4_empty_dir,
244	.has_stable_inodes = ext4_has_stable_inodes,
245	.get_ino_and_lblk_bits = ext4_get_ino_and_lblk_bits,
246	};