fs/ext4/crypto.c

   1 // SPDX-License-Identifier: GPL-2.0
   2
   3 #include <linux/quotaops.h>
   4 #include <linux/uuid.h>
   5
   6 #include "ext4.h"
   7 #include "xattr.h"
   8 #include "ext4_jbd2.h"
   9
  10 static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
  11                                          const struct fscrypt_name *src)
  12 {
  13         memset(dst, 0, sizeof(*dst));
  14
  15         dst->usr_fname = src->usr_fname;
  16         dst->disk_name = src->disk_name;
  17         dst->hinfo.hash = src->hash;
  18         dst->hinfo.minor_hash = src->minor_hash;
  19         dst->crypto_buf = src->crypto_buf;
  20 }
  21
  22 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
  23                               int lookup, struct ext4_filename *fname)
  24 {
  25         struct fscrypt_name name;
  26         int err;
  27
  28         err = fscrypt_setup_filename(dir, iname, lookup, &name);
  29         if (err)
  30                 return err;
  31
  32         ext4_fname_from_fscrypt_name(fname, &name);
  33
  34 #if IS_ENABLED(CONFIG_UNICODE)
  35         err = ext4_fname_setup_ci_filename(dir, iname, fname);
  36 #endif
  37         return err;
  38 }
  39
  40 int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
  41                               struct ext4_filename *fname)
  42 {
  43         struct fscrypt_name name;
  44         int err;
  45
  46         err = fscrypt_prepare_lookup(dir, dentry, &name);
  47         if (err)
  48                 return err;
  49
  50         ext4_fname_from_fscrypt_name(fname, &name);
  51
  52 #if IS_ENABLED(CONFIG_UNICODE)
  53         err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
  54 #endif
  55         return err;
  56 }
  57
  58 void ext4_fname_free_filename(struct ext4_filename *fname)
  59 {
  60         struct fscrypt_name name;
  61
  62         name.crypto_buf = fname->crypto_buf;
  63         fscrypt_free_filename(&name);
  64
  65         fname->crypto_buf.name = NULL;
  66         fname->usr_fname = NULL;
  67         fname->disk_name.name = NULL;
  68
  69 #if IS_ENABLED(CONFIG_UNICODE)
  70         kfree(fname->cf_name.name);
  71         fname->cf_name.name = NULL;
  72 #endif
  73 }
  74
  75 static bool uuid_is_zero(__u8 u[16])
  76 {
  77         int i;
  78
  79         for (i = 0; i < 16; i++)
  80                 if (u[i])
  81                         return false;
  82         return true;
  83 }
  84
  85 int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
  86 {
  87         struct super_block *sb = file_inode(filp)->i_sb;
  88         struct ext4_sb_info *sbi = EXT4_SB(sb);
  89         int err, err2;
  90         handle_t *handle;
  91
  92         if (!ext4_has_feature_encrypt(sb))
  93                 return -EOPNOTSUPP;
  94
  95         if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
  96                 err = mnt_want_write_file(filp);
  97                 if (err)
  98                         return err;
  99                 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
 100                 if (IS_ERR(handle)) {
 101                         err = PTR_ERR(handle);
 102                         goto pwsalt_err_exit;
 103                 }
 104                 err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
 105                                                     EXT4_JTR_NONE);
 106                 if (err)
 107                         goto pwsalt_err_journal;
 108                 lock_buffer(sbi->s_sbh);
 109                 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
 110                 ext4_superblock_csum_set(sb);
 111                 unlock_buffer(sbi->s_sbh);
 112                 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
 113 pwsalt_err_journal:
 114                 err2 = ext4_journal_stop(handle);
 115                 if (err2 && !err)
 116                         err = err2;
 117 pwsalt_err_exit:
 118                 mnt_drop_write_file(filp);
 119                 if (err)
 120                         return err;
 121         }
 122
 123         if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
 124                 return -EFAULT;
 125         return 0;
 126 }
 127
 128 static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
 129 {
 130         return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
 131                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
 132 }
 133
 134 static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
 135                                                         void *fs_data)
 136 {
 137         handle_t *handle = fs_data;
 138         int res, res2, credits, retries = 0;
 139
 140         /*
 141          * Encrypting the root directory is not allowed because e2fsck expects
 142          * lost+found to exist and be unencrypted, and encrypting the root
 143          * directory would imply encrypting the lost+found directory as well as
 144          * the filename "lost+found" itself.
 145          */
 146         if (inode->i_ino == EXT4_ROOT_INO)
 147                 return -EPERM;
 148
 149         if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
 150                 return -EINVAL;
 151
 152         if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
 153                 return -EOPNOTSUPP;
 154
 155         res = ext4_convert_inline_data(inode);
 156         if (res)
 157                 return res;
 158
 159         /*
 160          * If a journal handle was specified, then the encryption context is
 161          * being set on a new inode via inheritance and is part of a larger
 162          * transaction to create the inode.  Otherwise the encryption context is
 163          * being set on an existing inode in its own transaction.  Only in the
 164          * latter case should the "retry on ENOSPC" logic be used.
 165          */
 166
 167         if (handle) {
 168                 res = ext4_xattr_set_handle(handle, inode,
 169                                             EXT4_XATTR_INDEX_ENCRYPTION,
 170                                             EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 171                                             ctx, len, 0);
 172                 if (!res) {
 173                         ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 174                         ext4_clear_inode_state(inode,
 175                                         EXT4_STATE_MAY_INLINE_DATA);
 176                         /*
 177                          * Update inode->i_flags - S_ENCRYPTED will be enabled,
 178                          * S_DAX may be disabled
 179                          */
 180                         ext4_set_inode_flags(inode, false);
 181                 }
 182                 return res;
 183         }
 184
 185         res = dquot_initialize(inode);
 186         if (res)
 187                 return res;
 188 retry:
 189         res = ext4_xattr_set_credits(inode, len, false /* is_create */,
 190                                      &credits);
 191         if (res)
 192                 return res;
 193
 194         handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
 195         if (IS_ERR(handle))
 196                 return PTR_ERR(handle);
 197
 198         res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
 199                                     EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 200                                     ctx, len, 0);
 201         if (!res) {
 202                 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 203                 /*
 204                  * Update inode->i_flags - S_ENCRYPTED will be enabled,
 205                  * S_DAX may be disabled
 206                  */
 207                 ext4_set_inode_flags(inode, false);
 208                 res = ext4_mark_inode_dirty(handle, inode);
 209                 if (res)
 210                         EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
 211         }
 212         res2 = ext4_journal_stop(handle);
 213
 214         if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
 215                 goto retry;
 216         if (!res)
 217                 res = res2;
 218         return res;
 219 }
 220
 221 static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
 222 {
 223         return EXT4_SB(sb)->s_dummy_enc_policy.policy;
 224 }
 225
 226 static bool ext4_has_stable_inodes(struct super_block *sb)
 227 {
 228         return ext4_has_feature_stable_inodes(sb);
 229 }
 230
 231 static void ext4_get_ino_and_lblk_bits(struct super_block *sb,
 232                                        int *ino_bits_ret, int *lblk_bits_ret)
 233 {
 234         *ino_bits_ret = 8 * sizeof(EXT4_SB(sb)->s_es->s_inodes_count);
 235         *lblk_bits_ret = 8 * sizeof(ext4_lblk_t);
 236 }
 237
 238 const struct fscrypt_operations ext4_cryptops = {
 239         .key_prefix             = "ext4:",
 240         .get_context            = ext4_get_context,
 241         .set_context            = ext4_set_context,
 242         .get_dummy_policy       = ext4_get_dummy_policy,
 243         .empty_dir              = ext4_empty_dir,
 244         .has_stable_inodes      = ext4_has_stable_inodes,
 245         .get_ino_and_lblk_bits  = ext4_get_ino_and_lblk_bits,
 246 };