1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#ifndef ECRYPTFS_KERNEL_H
29#define ECRYPTFS_KERNEL_H
30
31#include <crypto/skcipher.h>
32#include <keys/user-type.h>
33#include <keys/encrypted-type.h>
34#include <linux/kernel.h>
35#include <linux/fs.h>
36#include <linux/fs_stack.h>
37#include <linux/namei.h>
38#include <linux/scatterlist.h>
39#include <linux/hash.h>
40#include <linux/nsproxy.h>
41#include <linux/backing-dev.h>
42#include <linux/ecryptfs.h>
43
44#define ECRYPTFS_DEFAULT_IV_BYTES 16
45#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
46#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
47#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
48#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
49#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
50#define ECRYPTFS_DEFAULT_NUM_USERS 4
51#define ECRYPTFS_MAX_NUM_USERS 32768
52#define ECRYPTFS_XATTR_NAME "user.ecryptfs"
53
54void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok);
55static inline void
56ecryptfs_to_hex(char *dst, char *src, size_t src_size)
57{
58 char *end = bin2hex(dst, src, src_size);
59 *end = '\0';
60}
61
62extern void ecryptfs_from_hex(char *dst, char *src, int dst_size);
63
64struct ecryptfs_key_record {
65 unsigned char type;
66 size_t enc_key_size;
67 unsigned char sig[ECRYPTFS_SIG_SIZE];
68 unsigned char enc_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES];
69};
70
71struct ecryptfs_auth_tok_list {
72 struct ecryptfs_auth_tok *auth_tok;
73 struct list_head list;
74};
75
76struct ecryptfs_crypt_stat;
77struct ecryptfs_mount_crypt_stat;
78
79struct ecryptfs_page_crypt_context {
80 struct page *page;
81#define ECRYPTFS_PREPARE_COMMIT_MODE 0
82#define ECRYPTFS_WRITEPAGE_MODE 1
83 unsigned int mode;
84 union {
85 struct file *lower_file;
86 struct writeback_control *wbc;
87 } param;
88};
89
90#if defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)
91static inline struct ecryptfs_auth_tok *
92ecryptfs_get_encrypted_key_payload_data(struct key *key)
93{
94 struct encrypted_key_payload *payload;
95
96 if (key->type != &key_type_encrypted)
97 return NULL;
98
99 payload = key->payload.data[0];
100 if (!payload)
101 return ERR_PTR(-EKEYREVOKED);
102
103 return (struct ecryptfs_auth_tok *)payload->payload_data;
104}
105
106static inline struct key *ecryptfs_get_encrypted_key(char *sig)
107{
108 return request_key(&key_type_encrypted, sig, NULL);
109}
110
111#else
112static inline struct ecryptfs_auth_tok *
113ecryptfs_get_encrypted_key_payload_data(struct key *key)
114{
115 return NULL;
116}
117
118static inline struct key *ecryptfs_get_encrypted_key(char *sig)
119{
120 return ERR_PTR(-ENOKEY);
121}
122
123#endif
124
125static inline struct ecryptfs_auth_tok *
126ecryptfs_get_key_payload_data(struct key *key)
127{
128 struct ecryptfs_auth_tok *auth_tok;
129 struct user_key_payload *ukp;
130
131 auth_tok = ecryptfs_get_encrypted_key_payload_data(key);
132 if (auth_tok)
133 return auth_tok;
134
135 ukp = user_key_payload_locked(key);
136 if (!ukp)
137 return ERR_PTR(-EKEYREVOKED);
138
139 return (struct ecryptfs_auth_tok *)ukp->data;
140}
141
142#define ECRYPTFS_MAX_KEYSET_SIZE 1024
143#define ECRYPTFS_MAX_CIPHER_NAME_SIZE 31
144#define ECRYPTFS_MAX_NUM_ENC_KEYS 64
145#define ECRYPTFS_MAX_IV_BYTES 16
146#define ECRYPTFS_SALT_BYTES 2
147#define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5
148#define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8
149#define ECRYPTFS_FILE_SIZE_BYTES (sizeof(u64))
150#define ECRYPTFS_SIZE_AND_MARKER_BYTES (ECRYPTFS_FILE_SIZE_BYTES \
151 + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES)
152#define ECRYPTFS_DEFAULT_CIPHER "aes"
153#define ECRYPTFS_DEFAULT_KEY_BYTES 16
154#define ECRYPTFS_DEFAULT_HASH "md5"
155#define ECRYPTFS_TAG_70_DIGEST ECRYPTFS_DEFAULT_HASH
156#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
157#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C
158#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED
159#define ECRYPTFS_TAG_64_PACKET_TYPE 0x40
160#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
161#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
162#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
163#define ECRYPTFS_TAG_70_PACKET_TYPE 0x46
164
165#define ECRYPTFS_TAG_71_PACKET_TYPE 0x47
166
167#define ECRYPTFS_TAG_72_PACKET_TYPE 0x48
168
169#define ECRYPTFS_TAG_73_PACKET_TYPE 0x49
170
171#define ECRYPTFS_MIN_PKT_LEN_SIZE 1
172#define ECRYPTFS_MAX_PKT_LEN_SIZE 2
173
174
175
176
177
178#define ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 16
179#define ECRYPTFS_NON_NULL 0x42
180#define MD5_DIGEST_SIZE 16
181#define ECRYPTFS_TAG_70_DIGEST_SIZE MD5_DIGEST_SIZE
182#define ECRYPTFS_TAG_70_MIN_METADATA_SIZE (1 + ECRYPTFS_MIN_PKT_LEN_SIZE \
183 + ECRYPTFS_SIG_SIZE + 1 + 1)
184#define ECRYPTFS_TAG_70_MAX_METADATA_SIZE (1 + ECRYPTFS_MAX_PKT_LEN_SIZE \
185 + ECRYPTFS_SIG_SIZE + 1 + 1)
186#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FEK_ENCRYPTED."
187#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 23
188#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
189#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
190#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32)
191
192#ifdef CONFIG_ECRYPT_FS_MESSAGING
193# define ECRYPTFS_VERSIONING_MASK_MESSAGING (ECRYPTFS_VERSIONING_DEVMISC \
194 | ECRYPTFS_VERSIONING_PUBKEY)
195#else
196# define ECRYPTFS_VERSIONING_MASK_MESSAGING 0
197#endif
198
199#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
200 | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
201 | ECRYPTFS_VERSIONING_XATTR \
202 | ECRYPTFS_VERSIONING_MULTKEY \
203 | ECRYPTFS_VERSIONING_MASK_MESSAGING \
204 | ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION)
205struct ecryptfs_key_sig {
206 struct list_head crypt_stat_list;
207 char keysig[ECRYPTFS_SIG_SIZE_HEX + 1];
208};
209
210struct ecryptfs_filename {
211 struct list_head crypt_stat_list;
212#define ECRYPTFS_FILENAME_CONTAINS_DECRYPTED 0x00000001
213 u32 flags;
214 u32 seq_no;
215 char *filename;
216 char *encrypted_filename;
217 size_t filename_size;
218 size_t encrypted_filename_size;
219 char fnek_sig[ECRYPTFS_SIG_SIZE_HEX];
220 char dentry_name[ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN + 1];
221};
222
223
224
225
226
227
228struct ecryptfs_crypt_stat {
229#define ECRYPTFS_STRUCT_INITIALIZED 0x00000001
230#define ECRYPTFS_POLICY_APPLIED 0x00000002
231#define ECRYPTFS_ENCRYPTED 0x00000004
232#define ECRYPTFS_SECURITY_WARNING 0x00000008
233#define ECRYPTFS_ENABLE_HMAC 0x00000010
234#define ECRYPTFS_ENCRYPT_IV_PAGES 0x00000020
235#define ECRYPTFS_KEY_VALID 0x00000040
236#define ECRYPTFS_METADATA_IN_XATTR 0x00000080
237#define ECRYPTFS_VIEW_AS_ENCRYPTED 0x00000100
238#define ECRYPTFS_KEY_SET 0x00000200
239#define ECRYPTFS_ENCRYPT_FILENAMES 0x00000400
240#define ECRYPTFS_ENCFN_USE_MOUNT_FNEK 0x00000800
241#define ECRYPTFS_ENCFN_USE_FEK 0x00001000
242#define ECRYPTFS_UNLINK_SIGS 0x00002000
243#define ECRYPTFS_I_SIZE_INITIALIZED 0x00004000
244 u32 flags;
245 unsigned int file_version;
246 size_t iv_bytes;
247 size_t metadata_size;
248 size_t extent_size;
249 size_t key_size;
250 size_t extent_shift;
251 unsigned int extent_mask;
252 struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
253 struct crypto_skcipher *tfm;
254 struct crypto_shash *hash_tfm;
255
256 unsigned char cipher[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
257 unsigned char key[ECRYPTFS_MAX_KEY_BYTES];
258 unsigned char root_iv[ECRYPTFS_MAX_IV_BYTES];
259 struct list_head keysig_list;
260 struct mutex keysig_list_mutex;
261 struct mutex cs_tfm_mutex;
262 struct mutex cs_mutex;
263};
264
265
266struct ecryptfs_inode_info {
267 struct inode vfs_inode;
268 struct inode *wii_inode;
269 struct mutex lower_file_mutex;
270 atomic_t lower_file_count;
271 struct file *lower_file;
272 struct ecryptfs_crypt_stat crypt_stat;
273};
274
275
276
277struct ecryptfs_dentry_info {
278 struct path lower_path;
279 union {
280 struct ecryptfs_crypt_stat *crypt_stat;
281 struct rcu_head rcu;
282 };
283};
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304struct ecryptfs_global_auth_tok {
305#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001
306#define ECRYPTFS_AUTH_TOK_FNEK 0x00000002
307 u32 flags;
308 struct list_head mount_crypt_stat_list;
309 struct key *global_auth_tok_key;
310 unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1];
311};
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327struct ecryptfs_key_tfm {
328 struct crypto_skcipher *key_tfm;
329 size_t key_size;
330 struct mutex key_tfm_mutex;
331 struct list_head key_tfm_list;
332 unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
333};
334
335extern struct mutex key_tfm_list_mutex;
336
337
338
339
340
341
342
343struct ecryptfs_mount_crypt_stat {
344
345#define ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED 0x00000001
346#define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002
347#define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004
348#define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008
349#define ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES 0x00000010
350#define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020
351#define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040
352#define ECRYPTFS_GLOBAL_MOUNT_AUTH_TOK_ONLY 0x00000080
353 u32 flags;
354 struct list_head global_auth_tok_list;
355 struct mutex global_auth_tok_list_mutex;
356 size_t global_default_cipher_key_size;
357 size_t global_default_fn_cipher_key_bytes;
358 unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE
359 + 1];
360 unsigned char global_default_fn_cipher_name[
361 ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
362 char global_default_fnek_sig[ECRYPTFS_SIG_SIZE_HEX + 1];
363};
364
365
366struct ecryptfs_sb_info {
367 struct super_block *wsi_sb;
368 struct ecryptfs_mount_crypt_stat mount_crypt_stat;
369};
370
371
372struct ecryptfs_file_info {
373 struct file *wfi_file;
374 struct ecryptfs_crypt_stat *crypt_stat;
375};
376
377
378struct ecryptfs_auth_tok_list_item {
379 unsigned char encrypted_session_key[ECRYPTFS_MAX_KEY_BYTES];
380 struct list_head list;
381 struct ecryptfs_auth_tok auth_tok;
382};
383
384struct ecryptfs_message {
385
386
387
388 u32 index;
389 u32 data_len;
390 u8 data[];
391};
392
393struct ecryptfs_msg_ctx {
394#define ECRYPTFS_MSG_CTX_STATE_FREE 0x01
395#define ECRYPTFS_MSG_CTX_STATE_PENDING 0x02
396#define ECRYPTFS_MSG_CTX_STATE_DONE 0x03
397#define ECRYPTFS_MSG_CTX_STATE_NO_REPLY 0x04
398 u8 state;
399#define ECRYPTFS_MSG_HELO 100
400#define ECRYPTFS_MSG_QUIT 101
401#define ECRYPTFS_MSG_REQUEST 102
402#define ECRYPTFS_MSG_RESPONSE 103
403 u8 type;
404 u32 index;
405
406
407
408
409
410 u32 counter;
411 size_t msg_size;
412 struct ecryptfs_message *msg;
413 struct task_struct *task;
414 struct list_head node;
415 struct list_head daemon_out_list;
416 struct mutex mux;
417};
418
419struct ecryptfs_daemon {
420#define ECRYPTFS_DAEMON_IN_READ 0x00000001
421#define ECRYPTFS_DAEMON_IN_POLL 0x00000002
422#define ECRYPTFS_DAEMON_ZOMBIE 0x00000004
423#define ECRYPTFS_DAEMON_MISCDEV_OPEN 0x00000008
424 u32 flags;
425 u32 num_queued_msg_ctx;
426 struct file *file;
427 struct mutex mux;
428 struct list_head msg_ctx_out_queue;
429 wait_queue_head_t wait;
430 struct hlist_node euid_chain;
431};
432
433#ifdef CONFIG_ECRYPT_FS_MESSAGING
434extern struct mutex ecryptfs_daemon_hash_mux;
435#endif
436
437static inline size_t
438ecryptfs_lower_header_size(struct ecryptfs_crypt_stat *crypt_stat)
439{
440 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
441 return 0;
442 return crypt_stat->metadata_size;
443}
444
445static inline struct ecryptfs_file_info *
446ecryptfs_file_to_private(struct file *file)
447{
448 return file->private_data;
449}
450
451static inline void
452ecryptfs_set_file_private(struct file *file,
453 struct ecryptfs_file_info *file_info)
454{
455 file->private_data = file_info;
456}
457
458static inline struct file *ecryptfs_file_to_lower(struct file *file)
459{
460 return ((struct ecryptfs_file_info *)file->private_data)->wfi_file;
461}
462
463static inline void
464ecryptfs_set_file_lower(struct file *file, struct file *lower_file)
465{
466 ((struct ecryptfs_file_info *)file->private_data)->wfi_file =
467 lower_file;
468}
469
470static inline struct ecryptfs_inode_info *
471ecryptfs_inode_to_private(struct inode *inode)
472{
473 return container_of(inode, struct ecryptfs_inode_info, vfs_inode);
474}
475
476static inline struct inode *ecryptfs_inode_to_lower(struct inode *inode)
477{
478 return ecryptfs_inode_to_private(inode)->wii_inode;
479}
480
481static inline void
482ecryptfs_set_inode_lower(struct inode *inode, struct inode *lower_inode)
483{
484 ecryptfs_inode_to_private(inode)->wii_inode = lower_inode;
485}
486
487static inline struct ecryptfs_sb_info *
488ecryptfs_superblock_to_private(struct super_block *sb)
489{
490 return (struct ecryptfs_sb_info *)sb->s_fs_info;
491}
492
493static inline void
494ecryptfs_set_superblock_private(struct super_block *sb,
495 struct ecryptfs_sb_info *sb_info)
496{
497 sb->s_fs_info = sb_info;
498}
499
500static inline struct super_block *
501ecryptfs_superblock_to_lower(struct super_block *sb)
502{
503 return ((struct ecryptfs_sb_info *)sb->s_fs_info)->wsi_sb;
504}
505
506static inline void
507ecryptfs_set_superblock_lower(struct super_block *sb,
508 struct super_block *lower_sb)
509{
510 ((struct ecryptfs_sb_info *)sb->s_fs_info)->wsi_sb = lower_sb;
511}
512
513static inline struct ecryptfs_dentry_info *
514ecryptfs_dentry_to_private(struct dentry *dentry)
515{
516 return (struct ecryptfs_dentry_info *)dentry->d_fsdata;
517}
518
519static inline void
520ecryptfs_set_dentry_private(struct dentry *dentry,
521 struct ecryptfs_dentry_info *dentry_info)
522{
523 dentry->d_fsdata = dentry_info;
524}
525
526static inline struct dentry *
527ecryptfs_dentry_to_lower(struct dentry *dentry)
528{
529 return ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.dentry;
530}
531
532static inline struct vfsmount *
533ecryptfs_dentry_to_lower_mnt(struct dentry *dentry)
534{
535 return ((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path.mnt;
536}
537
538static inline struct path *
539ecryptfs_dentry_to_lower_path(struct dentry *dentry)
540{
541 return &((struct ecryptfs_dentry_info *)dentry->d_fsdata)->lower_path;
542}
543
544#define ecryptfs_printk(type, fmt, arg...) \
545 __ecryptfs_printk(type "%s: " fmt, __func__, ## arg);
546__printf(1, 2)
547void __ecryptfs_printk(const char *fmt, ...);
548
549extern const struct file_operations ecryptfs_main_fops;
550extern const struct file_operations ecryptfs_dir_fops;
551extern const struct inode_operations ecryptfs_main_iops;
552extern const struct inode_operations ecryptfs_dir_iops;
553extern const struct inode_operations ecryptfs_symlink_iops;
554extern const struct super_operations ecryptfs_sops;
555extern const struct dentry_operations ecryptfs_dops;
556extern const struct address_space_operations ecryptfs_aops;
557extern int ecryptfs_verbosity;
558extern unsigned int ecryptfs_message_buf_len;
559extern signed long ecryptfs_message_wait_timeout;
560extern unsigned int ecryptfs_number_of_users;
561
562extern struct kmem_cache *ecryptfs_auth_tok_list_item_cache;
563extern struct kmem_cache *ecryptfs_file_info_cache;
564extern struct kmem_cache *ecryptfs_dentry_info_cache;
565extern struct kmem_cache *ecryptfs_inode_info_cache;
566extern struct kmem_cache *ecryptfs_sb_info_cache;
567extern struct kmem_cache *ecryptfs_header_cache;
568extern struct kmem_cache *ecryptfs_xattr_cache;
569extern struct kmem_cache *ecryptfs_key_record_cache;
570extern struct kmem_cache *ecryptfs_key_sig_cache;
571extern struct kmem_cache *ecryptfs_global_auth_tok_cache;
572extern struct kmem_cache *ecryptfs_key_tfm_cache;
573
574struct inode *ecryptfs_get_inode(struct inode *lower_inode,
575 struct super_block *sb);
576void ecryptfs_i_size_init(const char *page_virt, struct inode *inode);
577int ecryptfs_initialize_file(struct dentry *ecryptfs_dentry,
578 struct inode *ecryptfs_inode);
579int ecryptfs_decode_and_decrypt_filename(char **decrypted_name,
580 size_t *decrypted_name_size,
581 struct super_block *sb,
582 const char *name, size_t name_size);
583int ecryptfs_fill_zeros(struct file *file, loff_t new_length);
584int ecryptfs_encrypt_and_encode_filename(
585 char **encoded_name,
586 size_t *encoded_name_size,
587 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
588 const char *name, size_t name_size);
589struct dentry *ecryptfs_lower_dentry(struct dentry *this_dentry);
590void ecryptfs_dump_hex(char *data, int bytes);
591int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg,
592 int sg_size);
593int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat);
594void ecryptfs_rotate_iv(unsigned char *iv);
595int ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat);
596void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat);
597void ecryptfs_destroy_mount_crypt_stat(
598 struct ecryptfs_mount_crypt_stat *mount_crypt_stat);
599int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat);
600int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode);
601int ecryptfs_encrypt_page(struct page *page);
602int ecryptfs_decrypt_page(struct page *page);
603int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry,
604 struct inode *ecryptfs_inode);
605int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry);
606int ecryptfs_new_file_context(struct inode *ecryptfs_inode);
607void ecryptfs_write_crypt_stat_flags(char *page_virt,
608 struct ecryptfs_crypt_stat *crypt_stat,
609 size_t *written);
610int ecryptfs_read_and_validate_header_region(struct inode *inode);
611int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry,
612 struct inode *inode);
613u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes);
614int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code);
615void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat);
616int ecryptfs_generate_key_packet_set(char *dest_base,
617 struct ecryptfs_crypt_stat *crypt_stat,
618 struct dentry *ecryptfs_dentry,
619 size_t *len, size_t max);
620int
621ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat,
622 unsigned char *src, struct dentry *ecryptfs_dentry);
623int ecryptfs_truncate(struct dentry *dentry, loff_t new_length);
624ssize_t
625ecryptfs_getxattr_lower(struct dentry *lower_dentry, struct inode *lower_inode,
626 const char *name, void *value, size_t size);
627int
628ecryptfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
629 const void *value, size_t size, int flags);
630int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode);
631#ifdef CONFIG_ECRYPT_FS_MESSAGING
632int ecryptfs_process_response(struct ecryptfs_daemon *daemon,
633 struct ecryptfs_message *msg, u32 seq);
634int ecryptfs_send_message(char *data, int data_len,
635 struct ecryptfs_msg_ctx **msg_ctx);
636int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
637 struct ecryptfs_message **emsg);
638int ecryptfs_init_messaging(void);
639void ecryptfs_release_messaging(void);
640#else
641static inline int ecryptfs_init_messaging(void)
642{
643 return 0;
644}
645static inline void ecryptfs_release_messaging(void)
646{ }
647static inline int ecryptfs_send_message(char *data, int data_len,
648 struct ecryptfs_msg_ctx **msg_ctx)
649{
650 return -ENOTCONN;
651}
652static inline int ecryptfs_wait_for_response(struct ecryptfs_msg_ctx *msg_ctx,
653 struct ecryptfs_message **emsg)
654{
655 return -ENOMSG;
656}
657#endif
658
659void
660ecryptfs_write_header_metadata(char *virt,
661 struct ecryptfs_crypt_stat *crypt_stat,
662 size_t *written);
663int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig);
664int
665ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
666 char *sig, u32 global_auth_tok_flags);
667int ecryptfs_get_global_auth_tok_for_sig(
668 struct ecryptfs_global_auth_tok **global_auth_tok,
669 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig);
670int
671ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name,
672 size_t key_size);
673int ecryptfs_init_crypto(void);
674int ecryptfs_destroy_crypto(void);
675int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm);
676int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_skcipher **tfm,
677 struct mutex **tfm_mutex,
678 char *cipher_name);
679int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key,
680 struct ecryptfs_auth_tok **auth_tok,
681 char *sig);
682int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data,
683 loff_t offset, size_t size);
684int ecryptfs_write_lower_page_segment(struct inode *ecryptfs_inode,
685 struct page *page_for_lower,
686 size_t offset_in_page, size_t size);
687int ecryptfs_write(struct inode *inode, char *data, loff_t offset, size_t size);
688int ecryptfs_read_lower(char *data, loff_t offset, size_t size,
689 struct inode *ecryptfs_inode);
690int ecryptfs_read_lower_page_segment(struct page *page_for_ecryptfs,
691 pgoff_t page_index,
692 size_t offset_in_page, size_t size,
693 struct inode *ecryptfs_inode);
694struct page *ecryptfs_get_locked_page(struct inode *inode, loff_t index);
695int ecryptfs_parse_packet_length(unsigned char *data, size_t *size,
696 size_t *length_size);
697int ecryptfs_write_packet_length(char *dest, size_t size,
698 size_t *packet_size_length);
699#ifdef CONFIG_ECRYPT_FS_MESSAGING
700int ecryptfs_init_ecryptfs_miscdev(void);
701void ecryptfs_destroy_ecryptfs_miscdev(void);
702int ecryptfs_send_miscdev(char *data, size_t data_size,
703 struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type,
704 u16 msg_flags, struct ecryptfs_daemon *daemon);
705void ecryptfs_msg_ctx_alloc_to_free(struct ecryptfs_msg_ctx *msg_ctx);
706int
707ecryptfs_spawn_daemon(struct ecryptfs_daemon **daemon, struct file *file);
708int ecryptfs_exorcise_daemon(struct ecryptfs_daemon *daemon);
709int ecryptfs_find_daemon_by_euid(struct ecryptfs_daemon **daemon);
710#endif
711int ecryptfs_init_kthread(void);
712void ecryptfs_destroy_kthread(void);
713int ecryptfs_privileged_open(struct file **lower_file,
714 struct dentry *lower_dentry,
715 struct vfsmount *lower_mnt,
716 const struct cred *cred);
717int ecryptfs_get_lower_file(struct dentry *dentry, struct inode *inode);
718void ecryptfs_put_lower_file(struct inode *inode);
719int
720ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,
721 size_t *packet_size,
722 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
723 char *filename, size_t filename_size);
724int
725ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size,
726 size_t *packet_size,
727 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
728 char *data, size_t max_packet_size);
729int ecryptfs_set_f_namelen(long *namelen, long lower_namelen,
730 struct ecryptfs_mount_crypt_stat *mount_crypt_stat);
731int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
732 loff_t offset);
733
734extern const struct xattr_handler *ecryptfs_xattr_handlers[];
735
736#endif
737