1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#ifndef ECRYPTFS_KERNEL_H
29#define ECRYPTFS_KERNEL_H
30
31#include <keys/user-type.h>
32#include <linux/fs.h>
33#include <linux/fs_stack.h>
34#include <linux/namei.h>
35#include <linux/scatterlist.h>
36#include <linux/hash.h>
37#include <linux/nsproxy.h>
38
39
40#define ECRYPTFS_VERSION_MAJOR 0x00
41#define ECRYPTFS_VERSION_MINOR 0x04
42#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x03
43
44
45
46
47#define ECRYPTFS_VERSIONING_PASSPHRASE 0x00000001
48#define ECRYPTFS_VERSIONING_PUBKEY 0x00000002
49#define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004
50#define ECRYPTFS_VERSIONING_POLICY 0x00000008
51#define ECRYPTFS_VERSIONING_XATTR 0x00000010
52#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020
53#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040
54#define ECRYPTFS_VERSIONING_HMAC 0x00000080
55#define ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION 0x00000100
56#define ECRYPTFS_VERSIONING_GCM 0x00000200
57#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
58 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
59 | ECRYPTFS_VERSIONING_PUBKEY \
60 | ECRYPTFS_VERSIONING_XATTR \
61 | ECRYPTFS_VERSIONING_MULTKEY \
62 | ECRYPTFS_VERSIONING_DEVMISC \
63 | ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION)
64#define ECRYPTFS_MAX_PASSWORD_LENGTH 64
65#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH
66#define ECRYPTFS_SALT_SIZE 8
67#define ECRYPTFS_SALT_SIZE_HEX (ECRYPTFS_SALT_SIZE*2)
68
69
70
71#define ECRYPTFS_SIG_SIZE 8
72#define ECRYPTFS_SIG_SIZE_HEX (ECRYPTFS_SIG_SIZE*2)
73#define ECRYPTFS_PASSWORD_SIG_SIZE ECRYPTFS_SIG_SIZE_HEX
74#define ECRYPTFS_MAX_KEY_BYTES 64
75#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512
76#define ECRYPTFS_DEFAULT_IV_BYTES 16
77#define ECRYPTFS_FILE_VERSION 0x03
78#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
79#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
80#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
81#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
82#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
83#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
84#define ECRYPTFS_DEFAULT_NUM_USERS 4
85#define ECRYPTFS_MAX_NUM_USERS 32768
86#define ECRYPTFS_XATTR_NAME "user.ecryptfs"
87
88#define RFC2440_CIPHER_DES3_EDE 0x02
89#define RFC2440_CIPHER_CAST_5 0x03
90#define RFC2440_CIPHER_BLOWFISH 0x04
91#define RFC2440_CIPHER_AES_128 0x07
92#define RFC2440_CIPHER_AES_192 0x08
93#define RFC2440_CIPHER_AES_256 0x09
94#define RFC2440_CIPHER_TWOFISH 0x0a
95#define RFC2440_CIPHER_CAST_6 0x0b
96
97#define RFC2440_CIPHER_RSA 0x01
98
99
100
101
102
103
104
105
106struct ecryptfs_session_key {
107#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT 0x00000001
108#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT 0x00000002
109#define ECRYPTFS_CONTAINS_DECRYPTED_KEY 0x00000004
110#define ECRYPTFS_CONTAINS_ENCRYPTED_KEY 0x00000008
111 u32 flags;
112 u32 encrypted_key_size;
113 u32 decrypted_key_size;
114 u8 encrypted_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES];
115 u8 decrypted_key[ECRYPTFS_MAX_KEY_BYTES];
116};
117
118struct ecryptfs_password {
119 u32 password_bytes;
120 s32 hash_algo;
121 u32 hash_iterations;
122 u32 session_key_encryption_key_bytes;
123#define ECRYPTFS_PERSISTENT_PASSWORD 0x01
124#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02
125 u32 flags;
126
127 u8 session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES];
128 u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
129
130 u8 salt[ECRYPTFS_SALT_SIZE];
131};
132
133enum ecryptfs_token_types {ECRYPTFS_PASSWORD, ECRYPTFS_PRIVATE_KEY};
134
135struct ecryptfs_private_key {
136 u32 key_size;
137 u32 data_len;
138 u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
139 char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1];
140 u8 data[];
141};
142
143
144struct ecryptfs_auth_tok {
145 u16 version;
146 u16 token_type;
147#define ECRYPTFS_ENCRYPT_ONLY 0x00000001
148 u32 flags;
149 struct ecryptfs_session_key session_key;
150 u8 reserved[32];
151 union {
152 struct ecryptfs_password password;
153 struct ecryptfs_private_key private_key;
154 } token;
155} __attribute__ ((packed));
156
157void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok);
158extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size);
159extern void ecryptfs_from_hex(char *dst, char *src, int dst_size);
160
161struct ecryptfs_key_record {
162 unsigned char type;
163 size_t enc_key_size;
164 unsigned char sig[ECRYPTFS_SIG_SIZE];
165 unsigned char enc_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES];
166};
167
168struct ecryptfs_auth_tok_list {
169 struct ecryptfs_auth_tok *auth_tok;
170 struct list_head list;
171};
172
173struct ecryptfs_crypt_stat;
174struct ecryptfs_mount_crypt_stat;
175
176struct ecryptfs_page_crypt_context {
177 struct page *page;
178#define ECRYPTFS_PREPARE_COMMIT_MODE 0
179#define ECRYPTFS_WRITEPAGE_MODE 1
180 unsigned int mode;
181 union {
182 struct file *lower_file;
183 struct writeback_control *wbc;
184 } param;
185};
186
187static inline struct ecryptfs_auth_tok *
188ecryptfs_get_key_payload_data(struct key *key)
189{
190 return (struct ecryptfs_auth_tok *)
191 (((struct user_key_payload*)key->payload.data)->data);
192}
193
194#define ECRYPTFS_SUPER_MAGIC 0xf15f
195#define ECRYPTFS_MAX_KEYSET_SIZE 1024
196#define ECRYPTFS_MAX_CIPHER_NAME_SIZE 32
197#define ECRYPTFS_MAX_NUM_ENC_KEYS 64
198#define ECRYPTFS_MAX_IV_BYTES 16
199#define ECRYPTFS_SALT_BYTES 2
200#define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5
201#define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8
202#define ECRYPTFS_FILE_SIZE_BYTES (sizeof(u64))
203#define ECRYPTFS_DEFAULT_CIPHER "aes"
204#define ECRYPTFS_DEFAULT_KEY_BYTES 16
205#define ECRYPTFS_DEFAULT_HASH "md5"
206#define ECRYPTFS_TAG_70_DIGEST ECRYPTFS_DEFAULT_HASH
207#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
208#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C
209#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED
210#define ECRYPTFS_TAG_64_PACKET_TYPE 0x40
211#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
212#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
213#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
214#define ECRYPTFS_TAG_70_PACKET_TYPE 0x46
215
216#define ECRYPTFS_TAG_71_PACKET_TYPE 0x47
217
218#define ECRYPTFS_TAG_72_PACKET_TYPE 0x48
219
220#define ECRYPTFS_TAG_73_PACKET_TYPE 0x49
221
222
223
224#define ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 16
225#define ECRYPTFS_NON_NULL 0x42
226#define MD5_DIGEST_SIZE 16
227#define ECRYPTFS_TAG_70_DIGEST_SIZE MD5_DIGEST_SIZE
228#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FEK_ENCRYPTED."
229#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 23
230#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
231#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
232#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32)
233
234struct ecryptfs_key_sig {
235 struct list_head crypt_stat_list;
236 char keysig[ECRYPTFS_SIG_SIZE_HEX];
237};
238
239struct ecryptfs_filename {
240 struct list_head crypt_stat_list;
241#define ECRYPTFS_FILENAME_CONTAINS_DECRYPTED 0x00000001
242 u32 flags;
243 u32 seq_no;
244 char *filename;
245 char *encrypted_filename;
246 size_t filename_size;
247 size_t encrypted_filename_size;
248 char fnek_sig[ECRYPTFS_SIG_SIZE_HEX];
249 char dentry_name[ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN + 1];
250};
251
252
253
254
255
256
257struct ecryptfs_crypt_stat {
258#define ECRYPTFS_STRUCT_INITIALIZED 0x00000001
259#define ECRYPTFS_POLICY_APPLIED 0x00000002
260#define ECRYPTFS_NEW_FILE 0x00000004
261#define ECRYPTFS_ENCRYPTED 0x00000008
262#define ECRYPTFS_SECURITY_WARNING 0x00000010
263#define ECRYPTFS_ENABLE_HMAC 0x00000020
264#define ECRYPTFS_ENCRYPT_IV_PAGES 0x00000040
265#define ECRYPTFS_KEY_VALID 0x00000080
266#define ECRYPTFS_METADATA_IN_XATTR 0x00000100
267#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000200
268#define ECRYPTFS_KEY_SET 0x00000400
269#define ECRYPTFS_ENCRYPT_FILENAMES 0x00000800
270#define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00001000
271#define ECRYPTFS_ENCFN_USE_FEK 0x00002000
272#define ECRYPTFS_UNLINK_SIGS 0x00004000
273 u32 flags;
274 unsigned int file_version;
275 size_t iv_bytes;
276 size_t num_header_bytes_at_front;
277 size_t extent_size;
278 size_t key_size;
279 size_t extent_shift;
280 unsigned int extent_mask;
281 struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
282 struct crypto_blkcipher *tfm;
283 struct crypto_hash *hash_tfm;
284
285 unsigned char cipher[ECRYPTFS_MAX_CIPHER_NAME_SIZE];
286 unsigned char key[ECRYPTFS_MAX_KEY_BYTES];
287 unsigned char root_iv[ECRYPTFS_MAX_IV_BYTES];
288 struct list_head keysig_list;
289 struct mutex keysig_list_mutex;
290 struct mutex cs_tfm_mutex;
291 struct mutex cs_hash_tfm_mutex;
292 struct mutex cs_mutex;
293};
294
295
296struct ecryptfs_inode_info {
297 struct inode vfs_inode;
298 struct inode *wii_inode;
299 struct file *lower_file;
300 struct mutex lower_file_mutex;
301 struct ecryptfs_crypt_stat crypt_stat;
302};
303
304
305
306struct ecryptfs_dentry_info {
307 struct path lower_path;
308 struct ecryptfs_crypt_stat *crypt_stat;
309};
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330struct ecryptfs_global_auth_tok {
331#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001
332#define ECRYPTFS_AUTH_TOK_FNEK 0x00000002
333 u32 flags;
334 struct list_head mount_crypt_stat_list;
335 struct key *global_auth_tok_key;
336 struct ecryptfs_auth_tok *global_auth_tok;
337 unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1];
338};
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354struct ecryptfs_key_tfm {
355 struct crypto_blkcipher *key_tfm;
356 size_t key_size;
357 struct mutex key_tfm_mutex;
358 struct list_head key_tfm_list;
359 unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
360};
361
362extern struct mutex key_tfm_list_mutex;
363
364
365
366
367
368
369
370struct ecryptfs_mount_crypt_stat {
371
372#define ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED 0x00000001
373#define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002
374#define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004
375#define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008
376#define ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES 0x00000010
377#define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020
378#define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040
379 u32 flags;
380 struct list_head global_auth_tok_list;
381 struct mutex global_auth_tok_list_mutex;
382 size_t num_global_auth_toks;
383 size_t global_default_cipher_key_size;
384 size_t global_default_fn_cipher_key_bytes;
385 unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE
386 + 1];
387 unsigned char global_default_fn_cipher_name[
388 ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
389 char global_default_fnek_sig[ECRYPTFS_SIG_SIZE_HEX + 1];
390};
391
392
393struct ecryptfs_sb_info {
394 struct super_block *wsi_sb;
395 struct ecryptfs_mount_crypt_stat mount_crypt_stat;
396};
397
398
399struct ecryptfs_file_info {
400 struct file *wfi_file;
401 struct ecryptfs_crypt_stat *crypt_stat;
402};
403
404
405struct ecryptfs_auth_tok_list_item {
406 unsigned char encrypted_session_key[ECRYPTFS_MAX_KEY_BYTES];
407 struct list_head list;
408 struct ecryptfs_auth_tok auth_tok;
409};
410
411struct ecryptfs_message {
412
413
414
415 u32 index;
416 u32 data_len;
417 u8 data[];
418};
419
420struct ecryptfs_msg_ctx {
421#define ECRYPTFS_MSG_CTX_STATE_FREE 0x01
422#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x02
423#define ECRYPTFS_MSG_CTX_STATE_DONE 0x03
424#define ECRYPTFS_MSG_CTX_STATE_NO_REPLY 0x04
425 u8 state;
426#define ECRYPTFS_MSG_HELO 100
427#define ECRYPTFS_MSG_QUIT 101
428#define ECRYPTFS_MSG_REQUEST 102
429#define ECRYPTFS_MSG_RESPONSE 103
430 u8 type;
431 u32 index;
432
433
434
435
436
437 u32 counter;
438 size_t msg_size;
439 struct ecryptfs_message *msg;
440 struct task_struct *task;
441 struct list_head node;
442 struct list_head daemon_out_list;
443 struct mutex mux;
444};
445
446struct ecryptfs_daemon;
447
448struct ecryptfs_daemon {
449#define ECRYPTFS_DAEMON_IN_READ 0x00000001
450#define ECRYPTFS_DAEMON_IN_POLL 0x00000002
451#define ECRYPTFS_DAEMON_ZOMBIE 0x00000004
452#define ECRYPTFS_DAEMON_MISCDEV_OPEN 0x00000008
453 u32 flags;
454 u32 num_queued_msg_ctx;
455 struct pid *pid;
456 uid_t euid;
457 struct user_namespace *user_ns;
458 struct task_struct *task;
459 struct mutex mux;
460 struct list_head msg_ctx_out_queue;
461 wait_queue_head_t wait;
462 struct hlist_node euid_chain;
463};
464
465extern struct mutex ecryptfs_daemon_hash_mux;
466
467static inline struct ecryptfs_file_info *
468ecryptfs_file_to_private(struct file *file)
469{
470 return (struct ecryptfs_file_info *)file->private_data;
471}
472
473static inline void
474ecryptfs_set_file_private(struct file *file,
475 struct ecryptfs_file_info *file_info)
476{
477 file->private_data = file_info;
478}
479
480static inline struct file *ecryptfs_file_to_lower(struct file *file)
481{
482 return ((struct ecryptfs_file_info *)file->private_data)->wfi_file;
483}
484
485static inline void
486ecryptfs_set_file_lower(struct file *file, struct file *lower_file)
487{
488 ((struct ecryptfs_file_info *)file->private_data)->wfi_file =
489 lower_file;
490}
491
492static inline struct ecryptfs_inode_info *
493ecryptfs_inode_to_private(struct inode *inode)
494{
495 return container_of(inode, struct ecryptfs_inode_info, vfs_inode);
496}
497
498static inline struct inode *ecryptfs_inode_to_lower(struct inode *inode)
499{
500 return ecryptfs_inode_to_private(inode)->wii_inode;
501}
502
503static inline void
504ecryptfs_set_inode_lower(struct inode *inode, struct inode *lower_inode)
505{
506 ecryptfs_inode_to_private(inode)->wii_inode = lower_inode;
507}
508
509static inline struct ecryptfs_sb_info *
510ecryptfs_superblock_to_private(struct super_block *sb)
511{
512 return (struct ecryptfs_sb_info *)sb->s_fs_info;
513}
514
515static inline void
516ecryptfs_set_superblock_private(struct super_block *sb,
517 struct ecryptfs_sb_info *sb_info)
518{
519 sb->s_fs_info = sb_info;
520}
521
522static inline struct super_block *
523ecryptfs_superblock_to_lower(struct super_block *sb)
524{
525 return ((struct ecryptfs_sb_info *)sb->s_fs_info)->wsi_sb;
526}
527
528static inline void
529ecryptfs_set_superblock_lower(struct super_block *sb,
530 struct super_block *lower_sb)
531{
532 ((struct ecryptfs_sb_info *)sb->s_fs_info)->wsi_sb = lower_sb;
533}
534
535static inline struct ecryptfs_dentry_info *
536ecryptfs_dentry_to_private(struct dentry *dentry)
537{
538 return (struct ecryptfs_dentry_info *)dentry->d_fsdata;
539}
540
541static inline void
542ecryptfs_set_dentry_private(struct dentry *dentry,
543 struct ecryptfs_dentry_info *dentry_info)
544{
545 dentry->d_fsdata = dentry_info;
546}
547
548static inline struct dentry *
549ecryptfs_dentry_to_lower(struct dentry *dentry)
550{
551 return ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.dentry;
552}
553
554static inline void
555ecryptfs_set_dentry_lower(struct dentry *dentry, struct dentry *lower_dentry)
556{
557 ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.dentry =
558 lower_dentry;
559}
560
561static inline struct vfsmount *
562ecryptfs_dentry_to_lower_mnt(struct dentry *dentry)
563{
564 return ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.mnt;
565}
566
567static inline void
568ecryptfs_set_dentry_lower_mnt(struct dentry *dentry, struct vfsmount *lower_mnt)
569{
570 ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.mnt =
571 lower_mnt;
572}
573
574#define ecryptfs_printk(type, fmt, arg...) \
575 __ecryptfs_printk(type "%s: " fmt, __func__, ## arg);
576void __ecryptfs_printk(const char *fmt, ...);
577
578extern const struct file_operations ecryptfs_main_fops;
579extern const struct file_operations ecryptfs_dir_fops;
580extern const struct inode_operations ecryptfs_main_iops;
581extern const struct inode_operations ecryptfs_dir_iops;
582extern const struct inode_operations ecryptfs_symlink_iops;
583extern const struct super_operations ecryptfs_sops;
584extern const struct dentry_operations ecryptfs_dops;
585extern const struct address_space_operations ecryptfs_aops;
586extern int ecryptfs_verbosity;
587extern unsigned int ecryptfs_message_buf_len;
588extern signed long ecryptfs_message_wait_timeout;
589extern unsigned int ecryptfs_number_of_users;
590
591extern struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
592extern struct kmem_cache *ecryptfs_file_info_cache;
593extern struct kmem_cache *ecryptfs_dentry_info_cache;
594extern struct kmem_cache *ecryptfs_inode_info_cache;
595extern struct kmem_cache *ecryptfs_sb_info_cache;
596extern struct kmem_cache *ecryptfs_header_cache_1;
597extern struct kmem_cache *ecryptfs_header_cache_2;
598extern struct kmem_cache *ecryptfs_xattr_cache;
599extern struct kmem_cache *ecryptfs_key_record_cache;
600extern struct kmem_cache *ecryptfs_key_sig_cache;
601extern struct kmem_cache *ecryptfs_global_auth_tok_cache;
602extern struct kmem_cache *ecryptfs_key_tfm_cache;
603extern struct kmem_cache *ecryptfs_open_req_cache;
604
605struct ecryptfs_open_req {
606#define ECRYPTFS_REQ_PROCESSED 0x00000001
607#define ECRYPTFS_REQ_DROPPED 0x00000002
608#define ECRYPTFS_REQ_ZOMBIE 0x00000004
609 u32 flags;
610 struct file **lower_file;
611 struct dentry *lower_dentry;
612 struct vfsmount *lower_mnt;
613 wait_queue_head_t wait;
614 struct mutex mux;
615 struct list_head kthread_ctl_list;
616};
617
618#define ECRYPTFS_INTERPOSE_FLAG_D_ADD 0x00000001
619int ecryptfs_interpose(struct dentry *hidden_dentry,
620 struct dentry *this_dentry, struct super_block *sb,
621 u32 flags);
622int ecryptfs_lookup_and_interpose_lower(struct dentry *ecryptfs_dentry,
623 struct dentry *lower_dentry,
624 struct inode *ecryptfs_dir_inode,
625 struct nameidata *ecryptfs_nd);
626int ecryptfs_decode_and_decrypt_filename(char **decrypted_name,
627 size_t *decrypted_name_size,
628 struct dentry *ecryptfs_dentry,
629 const char *name, size_t name_size);
630int ecryptfs_fill_zeros(struct file *file, loff_t new_length);
631int ecryptfs_encrypt_and_encode_filename(
632 char **encoded_name,
633 size_t *encoded_name_size,
634 struct ecryptfs_crypt_stat *crypt_stat,
635 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
636 const char *name, size_t name_size);
637struct dentry *ecryptfs_lower_dentry(struct dentry *this_dentry);
638void ecryptfs_dump_hex(char *data, int bytes);
639int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg,
640 int sg_size);
641int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat);
642void ecryptfs_rotate_iv(unsigned char *iv);
643void ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat);
644void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat);
645void ecryptfs_destroy_mount_crypt_stat(
646 struct ecryptfs_mount_crypt_stat *mount_crypt_stat);
647int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat);
648int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode);
649int ecryptfs_encrypt_page(struct page *page);
650int ecryptfs_decrypt_page(struct page *page);
651int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry);
652int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry);
653int ecryptfs_new_file_context(struct dentry *ecryptfs_dentry);
654int ecryptfs_read_and_validate_header_region(char *data,
655 struct inode *ecryptfs_inode);
656int ecryptfs_read_and_validate_xattr_region(char *page_virt,
657 struct dentry *ecryptfs_dentry);
658u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes);
659int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code);
660void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat);
661int ecryptfs_generate_key_packet_set(char *dest_base,
662 struct ecryptfs_crypt_stat *crypt_stat,
663 struct dentry *ecryptfs_dentry,
664 size_t *len, size_t max);
665int
666ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
667 unsigned char *src, struct dentry *ecryptfs_dentry);
668int ecryptfs_truncate(struct dentry *dentry, loff_t new_length);
669int ecryptfs_inode_test(struct inode *inode, void *candidate_lower_inode);
670int ecryptfs_inode_set(struct inode *inode, void *lower_inode);
671void ecryptfs_init_inode(struct inode *inode, struct inode *lower_inode);
672ssize_t
673ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name,
674 void *value, size_t size);
675int
676ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value,
677 size_t size, int flags);
678int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode);
679int ecryptfs_process_helo(uid_t euid, struct user_namespace *user_ns,
680 struct pid *pid);
681int ecryptfs_process_quit(uid_t euid, struct user_namespace *user_ns,
682 struct pid *pid);
683int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid,
684 struct user_namespace *user_ns, struct pid *pid,
685 u32 seq);
686int ecryptfs_send_message(char *data, int data_len,
687 struct ecryptfs_msg_ctx **msg_ctx);
688int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
689 struct ecryptfs_message **emsg);
690int ecryptfs_init_messaging(void);
691void ecryptfs_release_messaging(void);
692
693void
694ecryptfs_write_header_metadata(char *virt,
695 struct ecryptfs_crypt_stat *crypt_stat,
696 size_t *written);
697int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig);
698int
699ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
700 char *sig, u32 global_auth_tok_flags);
701int ecryptfs_get_global_auth_tok_for_sig(
702 struct ecryptfs_global_auth_tok **global_auth_tok,
703 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig);
704int
705ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name,
706 size_t key_size);
707int ecryptfs_init_crypto(void);
708int ecryptfs_destroy_crypto(void);
709int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
710int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm,
711 struct mutex **tfm_mutex,
712 char *cipher_name);
713int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key,
714 struct ecryptfs_auth_tok **auth_tok,
715 char *sig);
716int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data,
717 loff_t offset, size_t size);
718int ecryptfs_write_lower_page_segment(struct inode *ecryptfs_inode,
719 struct page *page_for_lower,
720 size_t offset_in_page, size_t size);
721int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset,
722 size_t size);
723int ecryptfs_read_lower(char *data, loff_t offset, size_t size,
724 struct inode *ecryptfs_inode);
725int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs,
726 pgoff_t page_index,
727 size_t offset_in_page, size_t size,
728 struct inode *ecryptfs_inode);
729struct page *ecryptfs_get_locked_page(struct file *file, loff_t index);
730int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon);
731int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon, uid_t euid,
732 struct user_namespace *user_ns);
733int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
734 size_t *length_size);
735int ecryptfs_write_packet_length(char *dest, size_t size,
736 size_t *packet_size_length);
737int ecryptfs_init_ecryptfs_miscdev(void);
738void ecryptfs_destroy_ecryptfs_miscdev(void);
739int ecryptfs_send_miscdev(char *data, size_t data_size,
740 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
741 u16 msg_flags, struct ecryptfs_daemon *daemon);
742void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx);
743int
744ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, uid_t euid,
745 struct user_namespace *user_ns, struct pid *pid);
746int ecryptfs_init_kthread(void);
747void ecryptfs_destroy_kthread(void);
748int ecryptfs_privileged_open(struct file **lower_file,
749 struct dentry *lower_dentry,
750 struct vfsmount *lower_mnt,
751 const struct cred *cred);
752int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry);
753int
754ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,
755 size_t *packet_size,
756 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
757 char *filename, size_t filename_size);
758int
759ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size,
760 size_t *packet_size,
761 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
762 char *data, size_t max_packet_size);
763int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
764 loff_t offset);
765
766#endif
767