linux/include/linux/fscrypt.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0 */
   2/*
   3 * fscrypt.h: declarations for per-file encryption
   4 *
   5 * Filesystems that implement per-file encryption must include this header
   6 * file.
   7 *
   8 * Copyright (C) 2015, Google, Inc.
   9 *
  10 * Written by Michael Halcrow, 2015.
  11 * Modified by Jaegeuk Kim, 2015.
  12 */
  13#ifndef _LINUX_FSCRYPT_H
  14#define _LINUX_FSCRYPT_H
  15
  16#include <linux/fs.h>
  17#include <linux/mm.h>
  18#include <linux/parser.h>
  19#include <linux/slab.h>
  20#include <uapi/linux/fscrypt.h>
  21
  22#define FS_CRYPTO_BLOCK_SIZE            16
  23
  24union fscrypt_context;
  25struct fscrypt_info;
  26struct seq_file;
  27
  28struct fscrypt_str {
  29        unsigned char *name;
  30        u32 len;
  31};
  32
  33struct fscrypt_name {
  34        const struct qstr *usr_fname;
  35        struct fscrypt_str disk_name;
  36        u32 hash;
  37        u32 minor_hash;
  38        struct fscrypt_str crypto_buf;
  39        bool is_ciphertext_name;
  40};
  41
  42#define FSTR_INIT(n, l)         { .name = n, .len = l }
  43#define FSTR_TO_QSTR(f)         QSTR_INIT((f)->name, (f)->len)
  44#define fname_name(p)           ((p)->disk_name.name)
  45#define fname_len(p)            ((p)->disk_name.len)
  46
  47/* Maximum value for the third parameter of fscrypt_operations.set_context(). */
  48#define FSCRYPT_SET_CONTEXT_MAX_SIZE    40
  49
  50#ifdef CONFIG_FS_ENCRYPTION
  51/*
  52 * fscrypt superblock flags
  53 */
  54#define FS_CFLG_OWN_PAGES (1U << 1)
  55
  56/*
  57 * crypto operations for filesystems
  58 */
  59struct fscrypt_operations {
  60        unsigned int flags;
  61        const char *key_prefix;
  62        int (*get_context)(struct inode *inode, void *ctx, size_t len);
  63        int (*set_context)(struct inode *inode, const void *ctx, size_t len,
  64                           void *fs_data);
  65        const union fscrypt_context *(*get_dummy_context)(
  66                struct super_block *sb);
  67        bool (*empty_dir)(struct inode *inode);
  68        unsigned int max_namelen;
  69        bool (*has_stable_inodes)(struct super_block *sb);
  70        void (*get_ino_and_lblk_bits)(struct super_block *sb,
  71                                      int *ino_bits_ret, int *lblk_bits_ret);
  72};
  73
  74static inline bool fscrypt_has_encryption_key(const struct inode *inode)
  75{
  76        /* pairs with cmpxchg_release() in fscrypt_get_encryption_info() */
  77        return READ_ONCE(inode->i_crypt_info) != NULL;
  78}
  79
  80/**
  81 * fscrypt_needs_contents_encryption() - check whether an inode needs
  82 *                                       contents encryption
  83 * @inode: the inode to check
  84 *
  85 * Return: %true iff the inode is an encrypted regular file and the kernel was
  86 * built with fscrypt support.
  87 *
  88 * If you need to know whether the encrypt bit is set even when the kernel was
  89 * built without fscrypt support, you must use IS_ENCRYPTED() directly instead.
  90 */
  91static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
  92{
  93        return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode);
  94}
  95
  96static inline const union fscrypt_context *
  97fscrypt_get_dummy_context(struct super_block *sb)
  98{
  99        if (!sb->s_cop->get_dummy_context)
 100                return NULL;
 101        return sb->s_cop->get_dummy_context(sb);
 102}
 103
 104/*
 105 * When d_splice_alias() moves a directory's encrypted alias to its decrypted
 106 * alias as a result of the encryption key being added, DCACHE_ENCRYPTED_NAME
 107 * must be cleared.  Note that we don't have to support arbitrary moves of this
 108 * flag because fscrypt doesn't allow encrypted aliases to be the source or
 109 * target of a rename().
 110 */
 111static inline void fscrypt_handle_d_move(struct dentry *dentry)
 112{
 113        dentry->d_flags &= ~DCACHE_ENCRYPTED_NAME;
 114}
 115
 116/* crypto.c */
 117void fscrypt_enqueue_decrypt_work(struct work_struct *);
 118
 119struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
 120                                              unsigned int len,
 121                                              unsigned int offs,
 122                                              gfp_t gfp_flags);
 123int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page,
 124                                  unsigned int len, unsigned int offs,
 125                                  u64 lblk_num, gfp_t gfp_flags);
 126
 127int fscrypt_decrypt_pagecache_blocks(struct page *page, unsigned int len,
 128                                     unsigned int offs);
 129int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page,
 130                                  unsigned int len, unsigned int offs,
 131                                  u64 lblk_num);
 132
 133static inline bool fscrypt_is_bounce_page(struct page *page)
 134{
 135        return page->mapping == NULL;
 136}
 137
 138static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
 139{
 140        return (struct page *)page_private(bounce_page);
 141}
 142
 143void fscrypt_free_bounce_page(struct page *bounce_page);
 144
 145/* policy.c */
 146int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg);
 147int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg);
 148int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *arg);
 149int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg);
 150int fscrypt_has_permitted_context(struct inode *parent, struct inode *child);
 151int fscrypt_inherit_context(struct inode *parent, struct inode *child,
 152                            void *fs_data, bool preload);
 153
 154struct fscrypt_dummy_context {
 155        const union fscrypt_context *ctx;
 156};
 157
 158int fscrypt_set_test_dummy_encryption(struct super_block *sb,
 159                                      const substring_t *arg,
 160                                      struct fscrypt_dummy_context *dummy_ctx);
 161void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep,
 162                                        struct super_block *sb);
 163static inline void
 164fscrypt_free_dummy_context(struct fscrypt_dummy_context *dummy_ctx)
 165{
 166        kfree(dummy_ctx->ctx);
 167        dummy_ctx->ctx = NULL;
 168}
 169
 170/* keyring.c */
 171void fscrypt_sb_free(struct super_block *sb);
 172int fscrypt_ioctl_add_key(struct file *filp, void __user *arg);
 173int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg);
 174int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *arg);
 175int fscrypt_ioctl_get_key_status(struct file *filp, void __user *arg);
 176
 177/* keysetup.c */
 178int fscrypt_get_encryption_info(struct inode *inode);
 179void fscrypt_put_encryption_info(struct inode *inode);
 180void fscrypt_free_inode(struct inode *inode);
 181int fscrypt_drop_inode(struct inode *inode);
 182
 183/* fname.c */
 184int fscrypt_setup_filename(struct inode *inode, const struct qstr *iname,
 185                           int lookup, struct fscrypt_name *fname);
 186
 187static inline void fscrypt_free_filename(struct fscrypt_name *fname)
 188{
 189        kfree(fname->crypto_buf.name);
 190}
 191
 192int fscrypt_fname_alloc_buffer(const struct inode *inode, u32 max_encrypted_len,
 193                               struct fscrypt_str *crypto_str);
 194void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str);
 195int fscrypt_fname_disk_to_usr(const struct inode *inode,
 196                              u32 hash, u32 minor_hash,
 197                              const struct fscrypt_str *iname,
 198                              struct fscrypt_str *oname);
 199bool fscrypt_match_name(const struct fscrypt_name *fname,
 200                        const u8 *de_name, u32 de_name_len);
 201u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
 202
 203/* bio.c */
 204void fscrypt_decrypt_bio(struct bio *bio);
 205int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
 206                          sector_t pblk, unsigned int len);
 207
 208/* hooks.c */
 209int fscrypt_file_open(struct inode *inode, struct file *filp);
 210int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
 211                           struct dentry *dentry);
 212int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
 213                             struct inode *new_dir, struct dentry *new_dentry,
 214                             unsigned int flags);
 215int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
 216                             struct fscrypt_name *fname);
 217int fscrypt_prepare_setflags(struct inode *inode,
 218                             unsigned int oldflags, unsigned int flags);
 219int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len,
 220                              unsigned int max_len,
 221                              struct fscrypt_str *disk_link);
 222int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
 223                              unsigned int len, struct fscrypt_str *disk_link);
 224const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
 225                                unsigned int max_size,
 226                                struct delayed_call *done);
 227static inline void fscrypt_set_ops(struct super_block *sb,
 228                                   const struct fscrypt_operations *s_cop)
 229{
 230        sb->s_cop = s_cop;
 231}
 232#else  /* !CONFIG_FS_ENCRYPTION */
 233
 234static inline bool fscrypt_has_encryption_key(const struct inode *inode)
 235{
 236        return false;
 237}
 238
 239static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
 240{
 241        return false;
 242}
 243
 244static inline const union fscrypt_context *
 245fscrypt_get_dummy_context(struct super_block *sb)
 246{
 247        return NULL;
 248}
 249
 250static inline void fscrypt_handle_d_move(struct dentry *dentry)
 251{
 252}
 253
 254/* crypto.c */
 255static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work)
 256{
 257}
 258
 259static inline struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
 260                                                            unsigned int len,
 261                                                            unsigned int offs,
 262                                                            gfp_t gfp_flags)
 263{
 264        return ERR_PTR(-EOPNOTSUPP);
 265}
 266
 267static inline int fscrypt_encrypt_block_inplace(const struct inode *inode,
 268                                                struct page *page,
 269                                                unsigned int len,
 270                                                unsigned int offs, u64 lblk_num,
 271                                                gfp_t gfp_flags)
 272{
 273        return -EOPNOTSUPP;
 274}
 275
 276static inline int fscrypt_decrypt_pagecache_blocks(struct page *page,
 277                                                   unsigned int len,
 278                                                   unsigned int offs)
 279{
 280        return -EOPNOTSUPP;
 281}
 282
 283static inline int fscrypt_decrypt_block_inplace(const struct inode *inode,
 284                                                struct page *page,
 285                                                unsigned int len,
 286                                                unsigned int offs, u64 lblk_num)
 287{
 288        return -EOPNOTSUPP;
 289}
 290
 291static inline bool fscrypt_is_bounce_page(struct page *page)
 292{
 293        return false;
 294}
 295
 296static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
 297{
 298        WARN_ON_ONCE(1);
 299        return ERR_PTR(-EINVAL);
 300}
 301
 302static inline void fscrypt_free_bounce_page(struct page *bounce_page)
 303{
 304}
 305
 306/* policy.c */
 307static inline int fscrypt_ioctl_set_policy(struct file *filp,
 308                                           const void __user *arg)
 309{
 310        return -EOPNOTSUPP;
 311}
 312
 313static inline int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
 314{
 315        return -EOPNOTSUPP;
 316}
 317
 318static inline int fscrypt_ioctl_get_policy_ex(struct file *filp,
 319                                              void __user *arg)
 320{
 321        return -EOPNOTSUPP;
 322}
 323
 324static inline int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
 325{
 326        return -EOPNOTSUPP;
 327}
 328
 329static inline int fscrypt_has_permitted_context(struct inode *parent,
 330                                                struct inode *child)
 331{
 332        return 0;
 333}
 334
 335static inline int fscrypt_inherit_context(struct inode *parent,
 336                                          struct inode *child,
 337                                          void *fs_data, bool preload)
 338{
 339        return -EOPNOTSUPP;
 340}
 341
 342struct fscrypt_dummy_context {
 343};
 344
 345static inline void fscrypt_show_test_dummy_encryption(struct seq_file *seq,
 346                                                      char sep,
 347                                                      struct super_block *sb)
 348{
 349}
 350
 351static inline void
 352fscrypt_free_dummy_context(struct fscrypt_dummy_context *dummy_ctx)
 353{
 354}
 355
 356/* keyring.c */
 357static inline void fscrypt_sb_free(struct super_block *sb)
 358{
 359}
 360
 361static inline int fscrypt_ioctl_add_key(struct file *filp, void __user *arg)
 362{
 363        return -EOPNOTSUPP;
 364}
 365
 366static inline int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg)
 367{
 368        return -EOPNOTSUPP;
 369}
 370
 371static inline int fscrypt_ioctl_remove_key_all_users(struct file *filp,
 372                                                     void __user *arg)
 373{
 374        return -EOPNOTSUPP;
 375}
 376
 377static inline int fscrypt_ioctl_get_key_status(struct file *filp,
 378                                               void __user *arg)
 379{
 380        return -EOPNOTSUPP;
 381}
 382
 383/* keysetup.c */
 384static inline int fscrypt_get_encryption_info(struct inode *inode)
 385{
 386        return -EOPNOTSUPP;
 387}
 388
 389static inline void fscrypt_put_encryption_info(struct inode *inode)
 390{
 391        return;
 392}
 393
 394static inline void fscrypt_free_inode(struct inode *inode)
 395{
 396}
 397
 398static inline int fscrypt_drop_inode(struct inode *inode)
 399{
 400        return 0;
 401}
 402
 403 /* fname.c */
 404static inline int fscrypt_setup_filename(struct inode *dir,
 405                                         const struct qstr *iname,
 406                                         int lookup, struct fscrypt_name *fname)
 407{
 408        if (IS_ENCRYPTED(dir))
 409                return -EOPNOTSUPP;
 410
 411        memset(fname, 0, sizeof(*fname));
 412        fname->usr_fname = iname;
 413        fname->disk_name.name = (unsigned char *)iname->name;
 414        fname->disk_name.len = iname->len;
 415        return 0;
 416}
 417
 418static inline void fscrypt_free_filename(struct fscrypt_name *fname)
 419{
 420        return;
 421}
 422
 423static inline int fscrypt_fname_alloc_buffer(const struct inode *inode,
 424                                             u32 max_encrypted_len,
 425                                             struct fscrypt_str *crypto_str)
 426{
 427        return -EOPNOTSUPP;
 428}
 429
 430static inline void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
 431{
 432        return;
 433}
 434
 435static inline int fscrypt_fname_disk_to_usr(const struct inode *inode,
 436                                            u32 hash, u32 minor_hash,
 437                                            const struct fscrypt_str *iname,
 438                                            struct fscrypt_str *oname)
 439{
 440        return -EOPNOTSUPP;
 441}
 442
 443static inline bool fscrypt_match_name(const struct fscrypt_name *fname,
 444                                      const u8 *de_name, u32 de_name_len)
 445{
 446        /* Encryption support disabled; use standard comparison */
 447        if (de_name_len != fname->disk_name.len)
 448                return false;
 449        return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len);
 450}
 451
 452static inline u64 fscrypt_fname_siphash(const struct inode *dir,
 453                                        const struct qstr *name)
 454{
 455        WARN_ON_ONCE(1);
 456        return 0;
 457}
 458
 459/* bio.c */
 460static inline void fscrypt_decrypt_bio(struct bio *bio)
 461{
 462}
 463
 464static inline int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
 465                                        sector_t pblk, unsigned int len)
 466{
 467        return -EOPNOTSUPP;
 468}
 469
 470/* hooks.c */
 471
 472static inline int fscrypt_file_open(struct inode *inode, struct file *filp)
 473{
 474        if (IS_ENCRYPTED(inode))
 475                return -EOPNOTSUPP;
 476        return 0;
 477}
 478
 479static inline int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
 480                                         struct dentry *dentry)
 481{
 482        return -EOPNOTSUPP;
 483}
 484
 485static inline int __fscrypt_prepare_rename(struct inode *old_dir,
 486                                           struct dentry *old_dentry,
 487                                           struct inode *new_dir,
 488                                           struct dentry *new_dentry,
 489                                           unsigned int flags)
 490{
 491        return -EOPNOTSUPP;
 492}
 493
 494static inline int __fscrypt_prepare_lookup(struct inode *dir,
 495                                           struct dentry *dentry,
 496                                           struct fscrypt_name *fname)
 497{
 498        return -EOPNOTSUPP;
 499}
 500
 501static inline int fscrypt_prepare_setflags(struct inode *inode,
 502                                           unsigned int oldflags,
 503                                           unsigned int flags)
 504{
 505        return 0;
 506}
 507
 508static inline int __fscrypt_prepare_symlink(struct inode *dir,
 509                                            unsigned int len,
 510                                            unsigned int max_len,
 511                                            struct fscrypt_str *disk_link)
 512{
 513        return -EOPNOTSUPP;
 514}
 515
 516
 517static inline int __fscrypt_encrypt_symlink(struct inode *inode,
 518                                            const char *target,
 519                                            unsigned int len,
 520                                            struct fscrypt_str *disk_link)
 521{
 522        return -EOPNOTSUPP;
 523}
 524
 525static inline const char *fscrypt_get_symlink(struct inode *inode,
 526                                              const void *caddr,
 527                                              unsigned int max_size,
 528                                              struct delayed_call *done)
 529{
 530        return ERR_PTR(-EOPNOTSUPP);
 531}
 532
 533static inline void fscrypt_set_ops(struct super_block *sb,
 534                                   const struct fscrypt_operations *s_cop)
 535{
 536}
 537
 538#endif  /* !CONFIG_FS_ENCRYPTION */
 539
 540/**
 541 * fscrypt_require_key() - require an inode's encryption key
 542 * @inode: the inode we need the key for
 543 *
 544 * If the inode is encrypted, set up its encryption key if not already done.
 545 * Then require that the key be present and return -ENOKEY otherwise.
 546 *
 547 * No locks are needed, and the key will live as long as the struct inode --- so
 548 * it won't go away from under you.
 549 *
 550 * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
 551 * if a problem occurred while setting up the encryption key.
 552 */
 553static inline int fscrypt_require_key(struct inode *inode)
 554{
 555        if (IS_ENCRYPTED(inode)) {
 556                int err = fscrypt_get_encryption_info(inode);
 557
 558                if (err)
 559                        return err;
 560                if (!fscrypt_has_encryption_key(inode))
 561                        return -ENOKEY;
 562        }
 563        return 0;
 564}
 565
 566/**
 567 * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
 568 *                          directory
 569 * @old_dentry: an existing dentry for the inode being linked
 570 * @dir: the target directory
 571 * @dentry: negative dentry for the target filename
 572 *
 573 * A new link can only be added to an encrypted directory if the directory's
 574 * encryption key is available --- since otherwise we'd have no way to encrypt
 575 * the filename.  Therefore, we first set up the directory's encryption key (if
 576 * not already done) and return an error if it's unavailable.
 577 *
 578 * We also verify that the link will not violate the constraint that all files
 579 * in an encrypted directory tree use the same encryption policy.
 580 *
 581 * Return: 0 on success, -ENOKEY if the directory's encryption key is missing,
 582 * -EXDEV if the link would result in an inconsistent encryption policy, or
 583 * another -errno code.
 584 */
 585static inline int fscrypt_prepare_link(struct dentry *old_dentry,
 586                                       struct inode *dir,
 587                                       struct dentry *dentry)
 588{
 589        if (IS_ENCRYPTED(dir))
 590                return __fscrypt_prepare_link(d_inode(old_dentry), dir, dentry);
 591        return 0;
 592}
 593
 594/**
 595 * fscrypt_prepare_rename() - prepare for a rename between possibly-encrypted
 596 *                            directories
 597 * @old_dir: source directory
 598 * @old_dentry: dentry for source file
 599 * @new_dir: target directory
 600 * @new_dentry: dentry for target location (may be negative unless exchanging)
 601 * @flags: rename flags (we care at least about %RENAME_EXCHANGE)
 602 *
 603 * Prepare for ->rename() where the source and/or target directories may be
 604 * encrypted.  A new link can only be added to an encrypted directory if the
 605 * directory's encryption key is available --- since otherwise we'd have no way
 606 * to encrypt the filename.  A rename to an existing name, on the other hand,
 607 * *is* cryptographically possible without the key.  However, we take the more
 608 * conservative approach and just forbid all no-key renames.
 609 *
 610 * We also verify that the rename will not violate the constraint that all files
 611 * in an encrypted directory tree use the same encryption policy.
 612 *
 613 * Return: 0 on success, -ENOKEY if an encryption key is missing, -EXDEV if the
 614 * rename would cause inconsistent encryption policies, or another -errno code.
 615 */
 616static inline int fscrypt_prepare_rename(struct inode *old_dir,
 617                                         struct dentry *old_dentry,
 618                                         struct inode *new_dir,
 619                                         struct dentry *new_dentry,
 620                                         unsigned int flags)
 621{
 622        if (IS_ENCRYPTED(old_dir) || IS_ENCRYPTED(new_dir))
 623                return __fscrypt_prepare_rename(old_dir, old_dentry,
 624                                                new_dir, new_dentry, flags);
 625        return 0;
 626}
 627
 628/**
 629 * fscrypt_prepare_lookup() - prepare to lookup a name in a possibly-encrypted
 630 *                            directory
 631 * @dir: directory being searched
 632 * @dentry: filename being looked up
 633 * @fname: (output) the name to use to search the on-disk directory
 634 *
 635 * Prepare for ->lookup() in a directory which may be encrypted by determining
 636 * the name that will actually be used to search the directory on-disk.  Lookups
 637 * can be done with or without the directory's encryption key; without the key,
 638 * filenames are presented in encrypted form.  Therefore, we'll try to set up
 639 * the directory's encryption key, but even without it the lookup can continue.
 640 *
 641 * This also installs a custom ->d_revalidate() method which will invalidate the
 642 * dentry if it was created without the key and the key is later added.
 643 *
 644 * Return: 0 on success; -ENOENT if key is unavailable but the filename isn't a
 645 * correctly formed encoded ciphertext name, so a negative dentry should be
 646 * created; or another -errno code.
 647 */
 648static inline int fscrypt_prepare_lookup(struct inode *dir,
 649                                         struct dentry *dentry,
 650                                         struct fscrypt_name *fname)
 651{
 652        if (IS_ENCRYPTED(dir))
 653                return __fscrypt_prepare_lookup(dir, dentry, fname);
 654
 655        memset(fname, 0, sizeof(*fname));
 656        fname->usr_fname = &dentry->d_name;
 657        fname->disk_name.name = (unsigned char *)dentry->d_name.name;
 658        fname->disk_name.len = dentry->d_name.len;
 659        return 0;
 660}
 661
 662/**
 663 * fscrypt_prepare_setattr() - prepare to change a possibly-encrypted inode's
 664 *                             attributes
 665 * @dentry: dentry through which the inode is being changed
 666 * @attr: attributes to change
 667 *
 668 * Prepare for ->setattr() on a possibly-encrypted inode.  On an encrypted file,
 669 * most attribute changes are allowed even without the encryption key.  However,
 670 * without the encryption key we do have to forbid truncates.  This is needed
 671 * because the size being truncated to may not be a multiple of the filesystem
 672 * block size, and in that case we'd have to decrypt the final block, zero the
 673 * portion past i_size, and re-encrypt it.  (We *could* allow truncating to a
 674 * filesystem block boundary, but it's simpler to just forbid all truncates ---
 675 * and we already forbid all other contents modifications without the key.)
 676 *
 677 * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
 678 * if a problem occurred while setting up the encryption key.
 679 */
 680static inline int fscrypt_prepare_setattr(struct dentry *dentry,
 681                                          struct iattr *attr)
 682{
 683        if (attr->ia_valid & ATTR_SIZE)
 684                return fscrypt_require_key(d_inode(dentry));
 685        return 0;
 686}
 687
 688/**
 689 * fscrypt_prepare_symlink() - prepare to create a possibly-encrypted symlink
 690 * @dir: directory in which the symlink is being created
 691 * @target: plaintext symlink target
 692 * @len: length of @target excluding null terminator
 693 * @max_len: space the filesystem has available to store the symlink target
 694 * @disk_link: (out) the on-disk symlink target being prepared
 695 *
 696 * This function computes the size the symlink target will require on-disk,
 697 * stores it in @disk_link->len, and validates it against @max_len.  An
 698 * encrypted symlink may be longer than the original.
 699 *
 700 * Additionally, @disk_link->name is set to @target if the symlink will be
 701 * unencrypted, but left NULL if the symlink will be encrypted.  For encrypted
 702 * symlinks, the filesystem must call fscrypt_encrypt_symlink() to create the
 703 * on-disk target later.  (The reason for the two-step process is that some
 704 * filesystems need to know the size of the symlink target before creating the
 705 * inode, e.g. to determine whether it will be a "fast" or "slow" symlink.)
 706 *
 707 * Return: 0 on success, -ENAMETOOLONG if the symlink target is too long,
 708 * -ENOKEY if the encryption key is missing, or another -errno code if a problem
 709 * occurred while setting up the encryption key.
 710 */
 711static inline int fscrypt_prepare_symlink(struct inode *dir,
 712                                          const char *target,
 713                                          unsigned int len,
 714                                          unsigned int max_len,
 715                                          struct fscrypt_str *disk_link)
 716{
 717        if (IS_ENCRYPTED(dir) || fscrypt_get_dummy_context(dir->i_sb) != NULL)
 718                return __fscrypt_prepare_symlink(dir, len, max_len, disk_link);
 719
 720        disk_link->name = (unsigned char *)target;
 721        disk_link->len = len + 1;
 722        if (disk_link->len > max_len)
 723                return -ENAMETOOLONG;
 724        return 0;
 725}
 726
 727/**
 728 * fscrypt_encrypt_symlink() - encrypt the symlink target if needed
 729 * @inode: symlink inode
 730 * @target: plaintext symlink target
 731 * @len: length of @target excluding null terminator
 732 * @disk_link: (in/out) the on-disk symlink target being prepared
 733 *
 734 * If the symlink target needs to be encrypted, then this function encrypts it
 735 * into @disk_link->name.  fscrypt_prepare_symlink() must have been called
 736 * previously to compute @disk_link->len.  If the filesystem did not allocate a
 737 * buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
 738 * will be kmalloc()'ed and the filesystem will be responsible for freeing it.
 739 *
 740 * Return: 0 on success, -errno on failure
 741 */
 742static inline int fscrypt_encrypt_symlink(struct inode *inode,
 743                                          const char *target,
 744                                          unsigned int len,
 745                                          struct fscrypt_str *disk_link)
 746{
 747        if (IS_ENCRYPTED(inode))
 748                return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
 749        return 0;
 750}
 751
 752/* If *pagep is a bounce page, free it and set *pagep to the pagecache page */
 753static inline void fscrypt_finalize_bounce_page(struct page **pagep)
 754{
 755        struct page *page = *pagep;
 756
 757        if (fscrypt_is_bounce_page(page)) {
 758                *pagep = fscrypt_pagecache_page(page);
 759                fscrypt_free_bounce_page(page);
 760        }
 761}
 762
 763#endif  /* _LINUX_FSCRYPT_H */
 764
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.