fscrypt: rename FS_KEY_DERIVATION_NONCE_SIZE

The name "FS_KEY_DERIVATION_NONCE_SIZE" is a bit outdated since due to
the addition of FSCRYPT_POLICY_FLAG_DIRECT_KEY, the file nonce may now
be used as a tweak instead of for key derivation.  Also, we're now
prefixing the fscrypt constants with "FSCRYPT_" instead of "FS_".

Therefore, rename this constant to FSCRYPT_FILE_NONCE_SIZE.

Link: https://lore.kernel.org/r/20200708215722.147154-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>

diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f5d8b0303ddfc45c9cd46a8dc832a9a5e1cc6fe0..1a6ad6f736b5d78333f1ba8b05c276a905b77c56 100644 (file)
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -1158,7 +1158,7 @@ setxattr() because of the special semantics of the encryption xattr.
 were to be added to or removed from anything other than an empty
 directory.)  These structs are defined as follows::
 
-    #define FS_KEY_DERIVATION_NONCE_SIZE 16
+    #define FSCRYPT_FILE_NONCE_SIZE 16
 
     #define FSCRYPT_KEY_DESCRIPTOR_SIZE  8
     struct fscrypt_context_v1 {
@@ -1167,7 +1167,7 @@ directory.)  These structs are defined as follows::
             u8 filenames_encryption_mode;
             u8 flags;
             u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE];
-            u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+            u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
     };
 
     #define FSCRYPT_KEY_IDENTIFIER_SIZE  16
@@ -1178,7 +1178,7 @@ directory.)  These structs are defined as follows::
             u8 flags;
             u8 __reserved[4];
             u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
-            u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+            u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
     };
 
 The context structs contain the same information as the corresponding

diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index a52cf32733abbf548a8bd55f8bca1bab3d1c53fa..9212325763b0f3ed9b41b0266f53b0205ef9ce9e 100644 (file)
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -84,7 +84,7 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num,
                WARN_ON_ONCE(lblk_num > U32_MAX);
                lblk_num = (u32)(ci->ci_hashed_ino + lblk_num);
        } else if (flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) {
-               memcpy(iv->nonce, ci->ci_nonce, FS_KEY_DERIVATION_NONCE_SIZE);
+               memcpy(iv->nonce, ci->ci_nonce, FSCRYPT_FILE_NONCE_SIZE);
        }
        iv->lblk_num = cpu_to_le64(lblk_num);
 }

diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index 0f154bdbc14b61e321e7414e51b2a74347d6efdb..bc1a3fcd45ed0a1739e76386d719988023c7c918 100644 (file)
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -18,9 +18,9 @@
 
 #define CONST_STRLEN(str)      (sizeof(str) - 1)
 
-#define FS_KEY_DERIVATION_NONCE_SIZE   16
+#define FSCRYPT_FILE_NONCE_SIZE        16
 
-#define FSCRYPT_MIN_KEY_SIZE           16
+#define FSCRYPT_MIN_KEY_SIZE   16
 
 #define FSCRYPT_CONTEXT_V1     1
 #define FSCRYPT_CONTEXT_V2     2
@@ -31,7 +31,7 @@ struct fscrypt_context_v1 {
        u8 filenames_encryption_mode;
        u8 flags;
        u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE];
-       u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+       u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
 };
 
 struct fscrypt_context_v2 {
@@ -41,7 +41,7 @@ struct fscrypt_context_v2 {
        u8 flags;
        u8 __reserved[4];
        u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
-       u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+       u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
 };
 
 /*
@@ -244,7 +244,7 @@ struct fscrypt_info {
        union fscrypt_policy ci_policy;
 
        /* This inode's nonce, copied from the fscrypt_context */
-       u8 ci_nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+       u8 ci_nonce[FSCRYPT_FILE_NONCE_SIZE];
 
        /* Hashed inode number.  Only set for IV_INO_LBLK_32 */
        u32 ci_hashed_ino;
@@ -280,7 +280,7 @@ union fscrypt_iv {
                __le64 lblk_num;
 
                /* per-file nonce; only set in DIRECT_KEY mode */
-               u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+               u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
        };
        u8 raw[FSCRYPT_MAX_IV_SIZE];
        __le64 dun[FSCRYPT_MAX_IV_SIZE / sizeof(__le64)];

diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index 99d3e0d07fc6717acacec277b38b5329820bf829..22a94b18fe70d1014ec188c9c000847a52dce9a1 100644 (file)
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -211,7 +211,7 @@ int fscrypt_derive_dirhash_key(struct fscrypt_info *ci,
        int err;
 
        err = fscrypt_hkdf_expand(&mk->mk_secret.hkdf, HKDF_CONTEXT_DIRHASH_KEY,
-                                 ci->ci_nonce, FS_KEY_DERIVATION_NONCE_SIZE,
+                                 ci->ci_nonce, FSCRYPT_FILE_NONCE_SIZE,
                                  (u8 *)&ci->ci_dirhash_key,
                                  sizeof(ci->ci_dirhash_key));
        if (err)
@@ -292,8 +292,7 @@ static int fscrypt_setup_v2_file_key(struct fscrypt_info *ci,
 
                err = fscrypt_hkdf_expand(&mk->mk_secret.hkdf,
                                          HKDF_CONTEXT_PER_FILE_ENC_KEY,
-                                         ci->ci_nonce,
-                                         FS_KEY_DERIVATION_NONCE_SIZE,
+                                         ci->ci_nonce, FSCRYPT_FILE_NONCE_SIZE,
                                          derived_key, ci->ci_mode->keysize);
                if (err)
                        return err;
@@ -498,7 +497,7 @@ int fscrypt_get_encryption_info(struct inode *inode)
        }
 
        memcpy(crypt_info->ci_nonce, fscrypt_context_nonce(&ctx),
-              FS_KEY_DERIVATION_NONCE_SIZE);
+              FSCRYPT_FILE_NONCE_SIZE);
 
        if (!fscrypt_supported_policy(&crypt_info->ci_policy, inode)) {
                res = -EINVAL;

diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index a52686729a675c6aae577290b2569326e51044fa..e4e707fb1100ecc21bf51890a4722146b861085f 100644 (file)
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -45,7 +45,7 @@ static DEFINE_SPINLOCK(fscrypt_direct_keys_lock);
  * key is longer, then only the first 'derived_keysize' bytes are used.
  */
 static int derive_key_aes(const u8 *master_key,
-                         const u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE],
+                         const u8 nonce[FSCRYPT_FILE_NONCE_SIZE],
                          u8 *derived_key, unsigned int derived_keysize)
 {
        int res = 0;
@@ -68,7 +68,7 @@ static int derive_key_aes(const u8 *master_key,
        skcipher_request_set_callback(req,
                        CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
                        crypto_req_done, &wait);
-       res = crypto_skcipher_setkey(tfm, nonce, FS_KEY_DERIVATION_NONCE_SIZE);
+       res = crypto_skcipher_setkey(tfm, nonce, FSCRYPT_FILE_NONCE_SIZE);
        if (res < 0)
                goto out;
 

diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index d23ff162c78bce9e72b165f86fe10e8bb652477a..8a8ad0e44bb87923b029cb229fb394859854f8db 100644 (file)
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -529,7 +529,7 @@ int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
        if (!fscrypt_context_is_valid(&ctx, ret))
                return -EINVAL;
        if (copy_to_user(arg, fscrypt_context_nonce(&ctx),
-                        FS_KEY_DERIVATION_NONCE_SIZE))
+                        FSCRYPT_FILE_NONCE_SIZE))
                return -EFAULT;
        return 0;
 }