Commit | Line | Data |
---|---|---|
b1241c8e RH |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | ||
3 | #include <linux/quotaops.h> | |
72f63f4a | 4 | #include <linux/uuid.h> |
b1241c8e RH |
5 | |
6 | #include "ext4.h" | |
7 | #include "xattr.h" | |
8 | #include "ext4_jbd2.h" | |
9 | ||
3030b59c RH |
10 | static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst, |
11 | const struct fscrypt_name *src) | |
12 | { | |
13 | memset(dst, 0, sizeof(*dst)); | |
14 | ||
15 | dst->usr_fname = src->usr_fname; | |
16 | dst->disk_name = src->disk_name; | |
17 | dst->hinfo.hash = src->hash; | |
18 | dst->hinfo.minor_hash = src->minor_hash; | |
19 | dst->crypto_buf = src->crypto_buf; | |
20 | } | |
21 | ||
22 | int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname, | |
23 | int lookup, struct ext4_filename *fname) | |
24 | { | |
25 | struct fscrypt_name name; | |
26 | int err; | |
27 | ||
28 | err = fscrypt_setup_filename(dir, iname, lookup, &name); | |
29 | if (err) | |
30 | return err; | |
31 | ||
32 | ext4_fname_from_fscrypt_name(fname, &name); | |
33 | ||
3030b59c | 34 | err = ext4_fname_setup_ci_filename(dir, iname, fname); |
7ca4b085 LH |
35 | if (err) |
36 | ext4_fname_free_filename(fname); | |
d98c8222 | 37 | |
3030b59c RH |
38 | return err; |
39 | } | |
40 | ||
41 | int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry, | |
42 | struct ext4_filename *fname) | |
43 | { | |
44 | struct fscrypt_name name; | |
45 | int err; | |
46 | ||
47 | err = fscrypt_prepare_lookup(dir, dentry, &name); | |
48 | if (err) | |
49 | return err; | |
50 | ||
51 | ext4_fname_from_fscrypt_name(fname, &name); | |
52 | ||
3030b59c | 53 | err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname); |
7ca4b085 LH |
54 | if (err) |
55 | ext4_fname_free_filename(fname); | |
3030b59c RH |
56 | return err; |
57 | } | |
58 | ||
59 | void ext4_fname_free_filename(struct ext4_filename *fname) | |
60 | { | |
61 | struct fscrypt_name name; | |
62 | ||
63 | name.crypto_buf = fname->crypto_buf; | |
64 | fscrypt_free_filename(&name); | |
65 | ||
66 | fname->crypto_buf.name = NULL; | |
67 | fname->usr_fname = NULL; | |
68 | fname->disk_name.name = NULL; | |
69 | ||
d98c8222 | 70 | ext4_fname_free_ci_filename(fname); |
3030b59c RH |
71 | } |
72 | ||
72f63f4a RH |
73 | static bool uuid_is_zero(__u8 u[16]) |
74 | { | |
75 | int i; | |
76 | ||
77 | for (i = 0; i < 16; i++) | |
78 | if (u[i]) | |
79 | return false; | |
80 | return true; | |
81 | } | |
82 | ||
83 | int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg) | |
84 | { | |
85 | struct super_block *sb = file_inode(filp)->i_sb; | |
86 | struct ext4_sb_info *sbi = EXT4_SB(sb); | |
87 | int err, err2; | |
88 | handle_t *handle; | |
89 | ||
90 | if (!ext4_has_feature_encrypt(sb)) | |
91 | return -EOPNOTSUPP; | |
92 | ||
93 | if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) { | |
94 | err = mnt_want_write_file(filp); | |
95 | if (err) | |
96 | return err; | |
97 | handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); | |
98 | if (IS_ERR(handle)) { | |
99 | err = PTR_ERR(handle); | |
100 | goto pwsalt_err_exit; | |
101 | } | |
102 | err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh, | |
103 | EXT4_JTR_NONE); | |
104 | if (err) | |
105 | goto pwsalt_err_journal; | |
106 | lock_buffer(sbi->s_sbh); | |
107 | generate_random_uuid(sbi->s_es->s_encrypt_pw_salt); | |
108 | ext4_superblock_csum_set(sb); | |
109 | unlock_buffer(sbi->s_sbh); | |
110 | err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh); | |
111 | pwsalt_err_journal: | |
112 | err2 = ext4_journal_stop(handle); | |
113 | if (err2 && !err) | |
114 | err = err2; | |
115 | pwsalt_err_exit: | |
116 | mnt_drop_write_file(filp); | |
117 | if (err) | |
118 | return err; | |
119 | } | |
120 | ||
121 | if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16)) | |
122 | return -EFAULT; | |
123 | return 0; | |
124 | } | |
125 | ||
b1241c8e RH |
126 | static int ext4_get_context(struct inode *inode, void *ctx, size_t len) |
127 | { | |
128 | return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION, | |
129 | EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len); | |
130 | } | |
131 | ||
132 | static int ext4_set_context(struct inode *inode, const void *ctx, size_t len, | |
133 | void *fs_data) | |
134 | { | |
135 | handle_t *handle = fs_data; | |
136 | int res, res2, credits, retries = 0; | |
137 | ||
138 | /* | |
139 | * Encrypting the root directory is not allowed because e2fsck expects | |
140 | * lost+found to exist and be unencrypted, and encrypting the root | |
141 | * directory would imply encrypting the lost+found directory as well as | |
142 | * the filename "lost+found" itself. | |
143 | */ | |
144 | if (inode->i_ino == EXT4_ROOT_INO) | |
145 | return -EPERM; | |
146 | ||
147 | if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode))) | |
148 | return -EINVAL; | |
149 | ||
150 | if (ext4_test_inode_flag(inode, EXT4_INODE_DAX)) | |
151 | return -EOPNOTSUPP; | |
152 | ||
153 | res = ext4_convert_inline_data(inode); | |
154 | if (res) | |
155 | return res; | |
156 | ||
157 | /* | |
158 | * If a journal handle was specified, then the encryption context is | |
159 | * being set on a new inode via inheritance and is part of a larger | |
160 | * transaction to create the inode. Otherwise the encryption context is | |
161 | * being set on an existing inode in its own transaction. Only in the | |
162 | * latter case should the "retry on ENOSPC" logic be used. | |
163 | */ | |
164 | ||
165 | if (handle) { | |
166 | res = ext4_xattr_set_handle(handle, inode, | |
167 | EXT4_XATTR_INDEX_ENCRYPTION, | |
168 | EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, | |
169 | ctx, len, 0); | |
170 | if (!res) { | |
171 | ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); | |
172 | ext4_clear_inode_state(inode, | |
173 | EXT4_STATE_MAY_INLINE_DATA); | |
174 | /* | |
175 | * Update inode->i_flags - S_ENCRYPTED will be enabled, | |
176 | * S_DAX may be disabled | |
177 | */ | |
178 | ext4_set_inode_flags(inode, false); | |
179 | } | |
180 | return res; | |
181 | } | |
182 | ||
183 | res = dquot_initialize(inode); | |
184 | if (res) | |
185 | return res; | |
186 | retry: | |
187 | res = ext4_xattr_set_credits(inode, len, false /* is_create */, | |
188 | &credits); | |
189 | if (res) | |
190 | return res; | |
191 | ||
192 | handle = ext4_journal_start(inode, EXT4_HT_MISC, credits); | |
193 | if (IS_ERR(handle)) | |
194 | return PTR_ERR(handle); | |
195 | ||
196 | res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION, | |
197 | EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, | |
198 | ctx, len, 0); | |
199 | if (!res) { | |
200 | ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT); | |
201 | /* | |
202 | * Update inode->i_flags - S_ENCRYPTED will be enabled, | |
203 | * S_DAX may be disabled | |
204 | */ | |
205 | ext4_set_inode_flags(inode, false); | |
206 | res = ext4_mark_inode_dirty(handle, inode); | |
207 | if (res) | |
208 | EXT4_ERROR_INODE(inode, "Failed to mark inode dirty"); | |
209 | } | |
210 | res2 = ext4_journal_stop(handle); | |
211 | ||
212 | if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) | |
213 | goto retry; | |
214 | if (!res) | |
215 | res = res2; | |
216 | return res; | |
217 | } | |
218 | ||
219 | static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb) | |
220 | { | |
221 | return EXT4_SB(sb)->s_dummy_enc_policy.policy; | |
222 | } | |
223 | ||
224 | static bool ext4_has_stable_inodes(struct super_block *sb) | |
225 | { | |
226 | return ext4_has_feature_stable_inodes(sb); | |
227 | } | |
228 | ||
b1241c8e | 229 | const struct fscrypt_operations ext4_cryptops = { |
40e13e18 | 230 | .needs_bounce_pages = 1, |
7a0263dc | 231 | .has_32bit_inodes = 1, |
5b118884 | 232 | .supports_subblock_data_units = 1, |
5970fbad | 233 | .legacy_key_prefix = "ext4:", |
b1241c8e RH |
234 | .get_context = ext4_get_context, |
235 | .set_context = ext4_set_context, | |
236 | .get_dummy_policy = ext4_get_dummy_policy, | |
237 | .empty_dir = ext4_empty_dir, | |
238 | .has_stable_inodes = ext4_has_stable_inodes, | |
b1241c8e | 239 | }; |