1 // SPDX-License-Identifier: GPL-2.0
4 static int ubifs_crypt_get_context(struct inode
*inode
, void *ctx
, size_t len
)
6 return ubifs_xattr_get(inode
, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT
,
10 static int ubifs_crypt_set_context(struct inode
*inode
, const void *ctx
,
11 size_t len
, void *fs_data
)
14 * Creating an encryption context is done unlocked since we
15 * operate on a new inode which is not visible to other users
16 * at this point. So, no need to check whether inode is locked.
18 return ubifs_xattr_set(inode
, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT
,
22 static bool ubifs_crypt_empty_dir(struct inode
*inode
)
24 return ubifs_check_dir_empty(inode
) == 0;
27 static unsigned int ubifs_crypt_max_namelen(struct inode
*inode
)
29 if (S_ISLNK(inode
->i_mode
))
30 return UBIFS_MAX_INO_DATA
;
32 return UBIFS_MAX_NLEN
;
35 int ubifs_encrypt(const struct inode
*inode
, struct ubifs_data_node
*dn
,
36 unsigned int in_len
, unsigned int *out_len
, int block
)
38 struct ubifs_info
*c
= inode
->i_sb
->s_fs_info
;
41 unsigned int pad_len
= round_up(in_len
, UBIFS_CIPHER_BLOCK_SIZE
);
43 ubifs_assert(pad_len
<= *out_len
);
44 dn
->compr_size
= cpu_to_le16(in_len
);
46 /* pad to full block cipher length */
47 if (pad_len
!= in_len
)
48 memset(p
+ in_len
, 0, pad_len
- in_len
);
50 ret
= fscrypt_encrypt_page(inode
, virt_to_page(&dn
->data
), pad_len
,
51 offset_in_page(&dn
->data
), block
, GFP_NOFS
);
53 ubifs_err(c
, "fscrypt_encrypt_page failed: %ld", PTR_ERR(ret
));
61 int ubifs_decrypt(const struct inode
*inode
, struct ubifs_data_node
*dn
,
62 unsigned int *out_len
, int block
)
64 struct ubifs_info
*c
= inode
->i_sb
->s_fs_info
;
66 unsigned int clen
= le16_to_cpu(dn
->compr_size
);
67 unsigned int dlen
= *out_len
;
69 if (clen
<= 0 || clen
> UBIFS_BLOCK_SIZE
|| clen
> dlen
) {
70 ubifs_err(c
, "bad compr_size: %i", clen
);
74 ubifs_assert(dlen
<= UBIFS_BLOCK_SIZE
);
75 err
= fscrypt_decrypt_page(inode
, virt_to_page(&dn
->data
), dlen
,
76 offset_in_page(&dn
->data
), block
);
78 ubifs_err(c
, "fscrypt_decrypt_page failed: %i", err
);
86 const struct fscrypt_operations ubifs_crypt_operations
= {
87 .flags
= FS_CFLG_OWN_PAGES
,
88 .key_prefix
= "ubifs:",
89 .get_context
= ubifs_crypt_get_context
,
90 .set_context
= ubifs_crypt_set_context
,
91 .is_encrypted
= __ubifs_crypt_is_encrypted
,
92 .empty_dir
= ubifs_crypt_empty_dir
,
93 .max_namelen
= ubifs_crypt_max_namelen
,