2 * linux/fs/ext4/crypto_policy.c
4 * Copyright (C) 2015, Google, Inc.
6 * This contains encryption policy functions for ext4
8 * Written by Michael Halcrow, 2015.
11 #include <linux/random.h>
12 #include <linux/string.h>
13 #include <linux/types.h>
18 static int ext4_inode_has_encryption_context(struct inode
*inode
)
20 int res
= ext4_xattr_get(inode
, EXT4_XATTR_INDEX_ENCRYPTION
,
21 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
, NULL
, 0);
26 * check whether the policy is consistent with the encryption context
29 static int ext4_is_encryption_context_consistent_with_policy(
30 struct inode
*inode
, const struct ext4_encryption_policy
*policy
)
32 struct ext4_encryption_context ctx
;
33 int res
= ext4_xattr_get(inode
, EXT4_XATTR_INDEX_ENCRYPTION
,
34 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
, &ctx
,
36 if (res
!= sizeof(ctx
))
38 return (memcmp(ctx
.master_key_descriptor
, policy
->master_key_descriptor
,
39 EXT4_KEY_DESCRIPTOR_SIZE
) == 0 &&
42 (ctx
.contents_encryption_mode
==
43 policy
->contents_encryption_mode
) &&
44 (ctx
.filenames_encryption_mode
==
45 policy
->filenames_encryption_mode
));
48 static int ext4_create_encryption_context_from_policy(
49 struct inode
*inode
, const struct ext4_encryption_policy
*policy
)
51 struct ext4_encryption_context ctx
;
54 ctx
.format
= EXT4_ENCRYPTION_CONTEXT_FORMAT_V1
;
55 memcpy(ctx
.master_key_descriptor
, policy
->master_key_descriptor
,
56 EXT4_KEY_DESCRIPTOR_SIZE
);
57 if (!ext4_valid_contents_enc_mode(policy
->contents_encryption_mode
)) {
59 "%s: Invalid contents encryption mode %d\n", __func__
,
60 policy
->contents_encryption_mode
);
63 if (!ext4_valid_filenames_enc_mode(policy
->filenames_encryption_mode
)) {
65 "%s: Invalid filenames encryption mode %d\n", __func__
,
66 policy
->filenames_encryption_mode
);
69 if (policy
->flags
& ~EXT4_POLICY_FLAGS_VALID
)
71 ctx
.contents_encryption_mode
= policy
->contents_encryption_mode
;
72 ctx
.filenames_encryption_mode
= policy
->filenames_encryption_mode
;
73 ctx
.flags
= policy
->flags
;
74 BUILD_BUG_ON(sizeof(ctx
.nonce
) != EXT4_KEY_DERIVATION_NONCE_SIZE
);
75 get_random_bytes(ctx
.nonce
, EXT4_KEY_DERIVATION_NONCE_SIZE
);
77 res
= ext4_xattr_set(inode
, EXT4_XATTR_INDEX_ENCRYPTION
,
78 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
, &ctx
,
81 ext4_set_inode_flag(inode
, EXT4_INODE_ENCRYPT
);
85 int ext4_process_policy(const struct ext4_encryption_policy
*policy
,
88 if (policy
->version
!= 0)
91 if (!ext4_inode_has_encryption_context(inode
)) {
92 if (!ext4_empty_dir(inode
))
94 return ext4_create_encryption_context_from_policy(inode
,
98 if (ext4_is_encryption_context_consistent_with_policy(inode
, policy
))
101 printk(KERN_WARNING
"%s: Policy inconsistent with encryption context\n",
106 int ext4_get_policy(struct inode
*inode
, struct ext4_encryption_policy
*policy
)
108 struct ext4_encryption_context ctx
;
110 int res
= ext4_xattr_get(inode
, EXT4_XATTR_INDEX_ENCRYPTION
,
111 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
,
113 if (res
!= sizeof(ctx
))
115 if (ctx
.format
!= EXT4_ENCRYPTION_CONTEXT_FORMAT_V1
)
118 policy
->contents_encryption_mode
= ctx
.contents_encryption_mode
;
119 policy
->filenames_encryption_mode
= ctx
.filenames_encryption_mode
;
120 policy
->flags
= ctx
.flags
;
121 memcpy(&policy
->master_key_descriptor
, ctx
.master_key_descriptor
,
122 EXT4_KEY_DESCRIPTOR_SIZE
);
126 int ext4_is_child_context_consistent_with_parent(struct inode
*parent
,
129 struct ext4_encryption_context parent_ctx
, child_ctx
;
132 if ((parent
== NULL
) || (child
== NULL
)) {
133 pr_err("parent %p child %p\n", parent
, child
);
136 /* no restrictions if the parent directory is not encrypted */
137 if (!ext4_encrypted_inode(parent
))
139 res
= ext4_xattr_get(parent
, EXT4_XATTR_INDEX_ENCRYPTION
,
140 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
,
141 &parent_ctx
, sizeof(parent_ctx
));
142 if (res
!= sizeof(parent_ctx
))
144 /* if the child directory is not encrypted, this is always a problem */
145 if (!ext4_encrypted_inode(child
))
147 res
= ext4_xattr_get(child
, EXT4_XATTR_INDEX_ENCRYPTION
,
148 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
,
149 &child_ctx
, sizeof(child_ctx
));
150 if (res
!= sizeof(child_ctx
))
152 return (memcmp(parent_ctx
.master_key_descriptor
,
153 child_ctx
.master_key_descriptor
,
154 EXT4_KEY_DESCRIPTOR_SIZE
) == 0 &&
155 (parent_ctx
.contents_encryption_mode
==
156 child_ctx
.contents_encryption_mode
) &&
157 (parent_ctx
.filenames_encryption_mode
==
158 child_ctx
.filenames_encryption_mode
));
162 * ext4_inherit_context() - Sets a child context from its parent
163 * @parent: Parent inode from which the context is inherited.
164 * @child: Child inode that inherits the context from @parent.
166 * Return: Zero on success, non-zero otherwise
168 int ext4_inherit_context(struct inode
*parent
, struct inode
*child
)
170 struct ext4_encryption_context ctx
;
171 int res
= ext4_xattr_get(parent
, EXT4_XATTR_INDEX_ENCRYPTION
,
172 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
,
175 if (res
!= sizeof(ctx
)) {
176 if (DUMMY_ENCRYPTION_ENABLED(EXT4_SB(parent
->i_sb
))) {
177 ctx
.format
= EXT4_ENCRYPTION_CONTEXT_FORMAT_V1
;
178 ctx
.contents_encryption_mode
=
179 EXT4_ENCRYPTION_MODE_AES_256_XTS
;
180 ctx
.filenames_encryption_mode
=
181 EXT4_ENCRYPTION_MODE_AES_256_CTS
;
183 memset(ctx
.master_key_descriptor
, 0x42,
184 EXT4_KEY_DESCRIPTOR_SIZE
);
190 get_random_bytes(ctx
.nonce
, EXT4_KEY_DERIVATION_NONCE_SIZE
);
191 res
= ext4_xattr_set(child
, EXT4_XATTR_INDEX_ENCRYPTION
,
192 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT
, &ctx
,
196 ext4_set_inode_flag(child
, EXT4_INODE_ENCRYPT
);
