LXR linux/fs/crypto/fscrypt

   1/* SPDX-License-Identifier: GPL-2.0 */
   2/*
   3 * fscrypt_private.h
   4 *
   5 * Copyright (C) 2015, Google, Inc.
   6 *
   7 * This contains encryption key functions.
   8 *
   9 * Written by Michael Halcrow, Ildar Muslukhov, and Uday Savagaonkar, 2015.
  10 */
  11
  12#ifndef _FSCRYPT_PRIVATE_H
  13#define _FSCRYPT_PRIVATE_H
  14
  15#define __FS_HAS_ENCRYPTION 1
  16#include <linux/fscrypt.h>
  17#include <crypto/hash.h>
  18
  19/* Encryption parameters */
  20#define FS_IV_SIZE                      16
  21#define FS_AES_128_ECB_KEY_SIZE         16
  22#define FS_AES_128_CBC_KEY_SIZE         16
  23#define FS_AES_128_CTS_KEY_SIZE         16
  24#define FS_AES_256_GCM_KEY_SIZE         32
  25#define FS_AES_256_CBC_KEY_SIZE         32
  26#define FS_AES_256_CTS_KEY_SIZE         32
  27#define FS_AES_256_XTS_KEY_SIZE         64
  28
  29#define FS_KEY_DERIVATION_NONCE_SIZE            16
  30
  31/**
  32 * Encryption context for inode
  33 *
  34 * Protector format:
  35 *  1 byte: Protector format (1 = this version)
  36 *  1 byte: File contents encryption mode
  37 *  1 byte: File names encryption mode
  38 *  1 byte: Flags
  39 *  8 bytes: Master Key descriptor
  40 *  16 bytes: Encryption Key derivation nonce
  41 */
  42struct fscrypt_context {
  43        u8 format;
  44        u8 contents_encryption_mode;
  45        u8 filenames_encryption_mode;
  46        u8 flags;
  47        u8 master_key_descriptor[FS_KEY_DESCRIPTOR_SIZE];
  48        u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
  49} __packed;
  50
  51#define FS_ENCRYPTION_CONTEXT_FORMAT_V1         1
  52
  53/*
  54 * A pointer to this structure is stored in the file system's in-core
  55 * representation of an inode.
  56 */
  57struct fscrypt_info {
  58        u8 ci_data_mode;
  59        u8 ci_filename_mode;
  60        u8 ci_flags;
  61        struct crypto_skcipher *ci_ctfm;
  62        struct crypto_cipher *ci_essiv_tfm;
  63        u8 ci_master_key[FS_KEY_DESCRIPTOR_SIZE];
  64};
  65
  66typedef enum {
  67        FS_DECRYPT = 0,
  68        FS_ENCRYPT,
  69} fscrypt_direction_t;
  70
  71#define FS_CTX_REQUIRES_FREE_ENCRYPT_FL         0x00000001
  72#define FS_CTX_HAS_BOUNCE_BUFFER_FL             0x00000002
  73
  74/* crypto.c */
  75extern int fscrypt_initialize(unsigned int cop_flags);
  76extern struct workqueue_struct *fscrypt_read_workqueue;
  77extern int fscrypt_do_page_crypto(const struct inode *inode,
  78                                  fscrypt_direction_t rw, u64 lblk_num,
  79                                  struct page *src_page,
  80                                  struct page *dest_page,
  81                                  unsigned int len, unsigned int offs,
  82                                  gfp_t gfp_flags);
  83extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx,
  84                                              gfp_t gfp_flags);
  85
  86/* keyinfo.c */
  87extern void __exit fscrypt_essiv_cleanup(void);
  88
  89#endif /* _FSCRYPT_PRIVATE_H */
  90