fs/ext4/crypto.c

   1 // SPDX-License-Identifier: GPL-2.0
   2
   3 #include <linux/quotaops.h>
   4 #include <linux/uuid.h>
   5
   6 #include "ext4.h"
   7 #include "xattr.h"
   8 #include "ext4_jbd2.h"
   9
  10 static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
  11                                          const struct fscrypt_name *src)
  12 {
  13         memset(dst, 0, sizeof(*dst));
  14
  15         dst->usr_fname = src->usr_fname;
  16         dst->disk_name = src->disk_name;
  17         dst->hinfo.hash = src->hash;
  18         dst->hinfo.minor_hash = src->minor_hash;
  19         dst->crypto_buf = src->crypto_buf;
  20 }
  21
  22 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
  23                               int lookup, struct ext4_filename *fname)
  24 {
  25         struct fscrypt_name name;
  26         int err;
  27
  28         err = fscrypt_setup_filename(dir, iname, lookup, &name);
  29         if (err)
  30                 return err;
  31
  32         ext4_fname_from_fscrypt_name(fname, &name);
  33
  34 #if IS_ENABLED(CONFIG_UNICODE)
  35         err = ext4_fname_setup_ci_filename(dir, iname, fname);
  36         if (err)
  37                 ext4_fname_free_filename(fname);
  38 #endif
  39         return err;
  40 }
  41
  42 int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
  43                               struct ext4_filename *fname)
  44 {
  45         struct fscrypt_name name;
  46         int err;
  47
  48         err = fscrypt_prepare_lookup(dir, dentry, &name);
  49         if (err)
  50                 return err;
  51
  52         ext4_fname_from_fscrypt_name(fname, &name);
  53
  54 #if IS_ENABLED(CONFIG_UNICODE)
  55         err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
  56         if (err)
  57                 ext4_fname_free_filename(fname);
  58 #endif
  59         return err;
  60 }
  61
  62 void ext4_fname_free_filename(struct ext4_filename *fname)
  63 {
  64         struct fscrypt_name name;
  65
  66         name.crypto_buf = fname->crypto_buf;
  67         fscrypt_free_filename(&name);
  68
  69         fname->crypto_buf.name = NULL;
  70         fname->usr_fname = NULL;
  71         fname->disk_name.name = NULL;
  72
  73 #if IS_ENABLED(CONFIG_UNICODE)
  74         kfree(fname->cf_name.name);
  75         fname->cf_name.name = NULL;
  76 #endif
  77 }
  78
  79 static bool uuid_is_zero(__u8 u[16])
  80 {
  81         int i;
  82
  83         for (i = 0; i < 16; i++)
  84                 if (u[i])
  85                         return false;
  86         return true;
  87 }
  88
  89 int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
  90 {
  91         struct super_block *sb = file_inode(filp)->i_sb;
  92         struct ext4_sb_info *sbi = EXT4_SB(sb);
  93         int err, err2;
  94         handle_t *handle;
  95
  96         if (!ext4_has_feature_encrypt(sb))
  97                 return -EOPNOTSUPP;
  98
  99         if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
 100                 err = mnt_want_write_file(filp);
 101                 if (err)
 102                         return err;
 103                 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
 104                 if (IS_ERR(handle)) {
 105                         err = PTR_ERR(handle);
 106                         goto pwsalt_err_exit;
 107                 }
 108                 err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
 109                                                     EXT4_JTR_NONE);
 110                 if (err)
 111                         goto pwsalt_err_journal;
 112                 lock_buffer(sbi->s_sbh);
 113                 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
 114                 ext4_superblock_csum_set(sb);
 115                 unlock_buffer(sbi->s_sbh);
 116                 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
 117 pwsalt_err_journal:
 118                 err2 = ext4_journal_stop(handle);
 119                 if (err2 && !err)
 120                         err = err2;
 121 pwsalt_err_exit:
 122                 mnt_drop_write_file(filp);
 123                 if (err)
 124                         return err;
 125         }
 126
 127         if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
 128                 return -EFAULT;
 129         return 0;
 130 }
 131
 132 static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
 133 {
 134         return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
 135                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
 136 }
 137
 138 static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
 139                                                         void *fs_data)
 140 {
 141         handle_t *handle = fs_data;
 142         int res, res2, credits, retries = 0;
 143
 144         /*
 145          * Encrypting the root directory is not allowed because e2fsck expects
 146          * lost+found to exist and be unencrypted, and encrypting the root
 147          * directory would imply encrypting the lost+found directory as well as
 148          * the filename "lost+found" itself.
 149          */
 150         if (inode->i_ino == EXT4_ROOT_INO)
 151                 return -EPERM;
 152
 153         if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
 154                 return -EINVAL;
 155
 156         if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
 157                 return -EOPNOTSUPP;
 158
 159         res = ext4_convert_inline_data(inode);
 160         if (res)
 161                 return res;
 162
 163         /*
 164          * If a journal handle was specified, then the encryption context is
 165          * being set on a new inode via inheritance and is part of a larger
 166          * transaction to create the inode.  Otherwise the encryption context is
 167          * being set on an existing inode in its own transaction.  Only in the
 168          * latter case should the "retry on ENOSPC" logic be used.
 169          */
 170
 171         if (handle) {
 172                 res = ext4_xattr_set_handle(handle, inode,
 173                                             EXT4_XATTR_INDEX_ENCRYPTION,
 174                                             EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 175                                             ctx, len, 0);
 176                 if (!res) {
 177                         ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 178                         ext4_clear_inode_state(inode,
 179                                         EXT4_STATE_MAY_INLINE_DATA);
 180                         /*
 181                          * Update inode->i_flags - S_ENCRYPTED will be enabled,
 182                          * S_DAX may be disabled
 183                          */
 184                         ext4_set_inode_flags(inode, false);
 185                 }
 186                 return res;
 187         }
 188
 189         res = dquot_initialize(inode);
 190         if (res)
 191                 return res;
 192 retry:
 193         res = ext4_xattr_set_credits(inode, len, false /* is_create */,
 194                                      &credits);
 195         if (res)
 196                 return res;
 197
 198         handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
 199         if (IS_ERR(handle))
 200                 return PTR_ERR(handle);
 201
 202         res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
 203                                     EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 204                                     ctx, len, 0);
 205         if (!res) {
 206                 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 207                 /*
 208                  * Update inode->i_flags - S_ENCRYPTED will be enabled,
 209                  * S_DAX may be disabled
 210                  */
 211                 ext4_set_inode_flags(inode, false);
 212                 res = ext4_mark_inode_dirty(handle, inode);
 213                 if (res)
 214                         EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
 215         }
 216         res2 = ext4_journal_stop(handle);
 217
 218         if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
 219                 goto retry;
 220         if (!res)
 221                 res = res2;
 222         return res;
 223 }
 224
 225 static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
 226 {
 227         return EXT4_SB(sb)->s_dummy_enc_policy.policy;
 228 }
 229
 230 static bool ext4_has_stable_inodes(struct super_block *sb)
 231 {
 232         return ext4_has_feature_stable_inodes(sb);
 233 }
 234
 235 static void ext4_get_ino_and_lblk_bits(struct super_block *sb,
 236                                        int *ino_bits_ret, int *lblk_bits_ret)
 237 {
 238         *ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count);
 239         *lblk_bits_ret = 8 * sizeof(ext4_lblk_t);
 240 }
 241
 242 const struct fscrypt_operations ext4_cryptops = {
 243         .key_prefix             = "ext4:",
 244         .get_context            = ext4_get_context,
 245         .set_context            = ext4_set_context,
 246         .get_dummy_policy       = ext4_get_dummy_policy,
 247         .empty_dir              = ext4_empty_dir,
 248         .has_stable_inodes      = ext4_has_stable_inodes,
 249         .get_ino_and_lblk_bits  = ext4_get_ino_and_lblk_bits,
 250 };