fscrypt_private.h (f0904e8bc3c513e9fd50bdca5365f998578177a0) | fscrypt_private.h (5b11888471806edf699316d4dcb9b426caebbef2) |
---|---|
1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * fscrypt_private.h 4 * 5 * Copyright (C) 2015, Google, Inc. 6 * 7 * Originally written by Michael Halcrow, Ildar Muslukhov, and Uday Savagaonkar. 8 * Heavily modified since then. --- 33 unchanged lines hidden (view full) --- 42 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 43}; 44 45struct fscrypt_context_v2 { 46 u8 version; /* FSCRYPT_CONTEXT_V2 */ 47 u8 contents_encryption_mode; 48 u8 filenames_encryption_mode; 49 u8 flags; | 1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * fscrypt_private.h 4 * 5 * Copyright (C) 2015, Google, Inc. 6 * 7 * Originally written by Michael Halcrow, Ildar Muslukhov, and Uday Savagaonkar. 8 * Heavily modified since then. --- 33 unchanged lines hidden (view full) --- 42 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 43}; 44 45struct fscrypt_context_v2 { 46 u8 version; /* FSCRYPT_CONTEXT_V2 */ 47 u8 contents_encryption_mode; 48 u8 filenames_encryption_mode; 49 u8 flags; |
50 u8 __reserved[4]; | 50 u8 log2_data_unit_size; 51 u8 __reserved[3]; |
51 u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; 52 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 53}; 54 55/* 56 * fscrypt_context - the encryption context of an inode 57 * 58 * This is the on-disk equivalent of an fscrypt_policy, stored alongside each --- 101 unchanged lines hidden (view full) --- 160 case FSCRYPT_POLICY_V1: 161 return policy->v1.flags; 162 case FSCRYPT_POLICY_V2: 163 return policy->v2.flags; 164 } 165 BUG(); 166} 167 | 52 u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; 53 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 54}; 55 56/* 57 * fscrypt_context - the encryption context of an inode 58 * 59 * This is the on-disk equivalent of an fscrypt_policy, stored alongside each --- 101 unchanged lines hidden (view full) --- 161 case FSCRYPT_POLICY_V1: 162 return policy->v1.flags; 163 case FSCRYPT_POLICY_V2: 164 return policy->v2.flags; 165 } 166 BUG(); 167} 168 |
169static inline int 170fscrypt_policy_v2_du_bits(const struct fscrypt_policy_v2 *policy, 171 const struct inode *inode) 172{ 173 return policy->log2_data_unit_size ?: inode->i_blkbits; 174} 175 176static inline int 177fscrypt_policy_du_bits(const union fscrypt_policy *policy, 178 const struct inode *inode) 179{ 180 switch (policy->version) { 181 case FSCRYPT_POLICY_V1: 182 return inode->i_blkbits; 183 case FSCRYPT_POLICY_V2: 184 return fscrypt_policy_v2_du_bits(&policy->v2, inode); 185 } 186 BUG(); 187} 188 |
|
168/* 169 * For encrypted symlinks, the ciphertext length is stored at the beginning 170 * of the string in little-endian format. 171 */ 172struct fscrypt_symlink_data { 173 __le16 len; 174 char encrypted_path[]; 175} __packed; --- 31 unchanged lines hidden (view full) --- 207 /* 208 * True if this inode will use inline encryption (blk-crypto) instead of 209 * the traditional filesystem-layer encryption. 210 */ 211 bool ci_inlinecrypt; 212#endif 213 214 /* | 189/* 190 * For encrypted symlinks, the ciphertext length is stored at the beginning 191 * of the string in little-endian format. 192 */ 193struct fscrypt_symlink_data { 194 __le16 len; 195 char encrypted_path[]; 196} __packed; --- 31 unchanged lines hidden (view full) --- 228 /* 229 * True if this inode will use inline encryption (blk-crypto) instead of 230 * the traditional filesystem-layer encryption. 231 */ 232 bool ci_inlinecrypt; 233#endif 234 235 /* |
236 * log2 of the data unit size (granularity of contents encryption) of 237 * this file. This is computable from ci_policy and ci_inode but is 238 * cached here for efficiency. Only used for regular files. 239 */ 240 u8 ci_data_unit_bits; 241 242 /* Cached value: log2 of number of data units per FS block */ 243 u8 ci_data_units_per_block_bits; 244 245 /* |
|
215 * Encryption mode used for this inode. It corresponds to either the 216 * contents or filenames encryption mode, depending on the inode type. 217 */ 218 struct fscrypt_mode *ci_mode; 219 220 /* Back-pointer to the inode */ 221 struct inode *ci_inode; 222 --- 37 unchanged lines hidden (view full) --- 260typedef enum { 261 FS_DECRYPT = 0, 262 FS_ENCRYPT, 263} fscrypt_direction_t; 264 265/* crypto.c */ 266extern struct kmem_cache *fscrypt_info_cachep; 267int fscrypt_initialize(struct super_block *sb); | 246 * Encryption mode used for this inode. It corresponds to either the 247 * contents or filenames encryption mode, depending on the inode type. 248 */ 249 struct fscrypt_mode *ci_mode; 250 251 /* Back-pointer to the inode */ 252 struct inode *ci_inode; 253 --- 37 unchanged lines hidden (view full) --- 291typedef enum { 292 FS_DECRYPT = 0, 293 FS_ENCRYPT, 294} fscrypt_direction_t; 295 296/* crypto.c */ 297extern struct kmem_cache *fscrypt_info_cachep; 298int fscrypt_initialize(struct super_block *sb); |
268int fscrypt_crypt_block(const struct inode *inode, fscrypt_direction_t rw, 269 u64 lblk_num, struct page *src_page, 270 struct page *dest_page, unsigned int len, 271 unsigned int offs, gfp_t gfp_flags); | 299int fscrypt_crypt_data_unit(const struct fscrypt_info *ci, 300 fscrypt_direction_t rw, u64 index, 301 struct page *src_page, struct page *dest_page, 302 unsigned int len, unsigned int offs, 303 gfp_t gfp_flags); |
272struct page *fscrypt_alloc_bounce_page(gfp_t gfp_flags); 273 274void __printf(3, 4) __cold 275fscrypt_msg(const struct inode *inode, const char *level, const char *fmt, ...); 276 277#define fscrypt_warn(inode, fmt, ...) \ 278 fscrypt_msg((inode), KERN_WARNING, fmt, ##__VA_ARGS__) 279#define fscrypt_err(inode, fmt, ...) \ 280 fscrypt_msg((inode), KERN_ERR, fmt, ##__VA_ARGS__) 281 282#define FSCRYPT_MAX_IV_SIZE 32 283 284union fscrypt_iv { 285 struct { | 304struct page *fscrypt_alloc_bounce_page(gfp_t gfp_flags); 305 306void __printf(3, 4) __cold 307fscrypt_msg(const struct inode *inode, const char *level, const char *fmt, ...); 308 309#define fscrypt_warn(inode, fmt, ...) \ 310 fscrypt_msg((inode), KERN_WARNING, fmt, ##__VA_ARGS__) 311#define fscrypt_err(inode, fmt, ...) \ 312 fscrypt_msg((inode), KERN_ERR, fmt, ##__VA_ARGS__) 313 314#define FSCRYPT_MAX_IV_SIZE 32 315 316union fscrypt_iv { 317 struct { |
286 /* logical block number within the file */ 287 __le64 lblk_num; | 318 /* zero-based index of data unit within the file */ 319 __le64 index; |
288 289 /* per-file nonce; only set in DIRECT_KEY mode */ 290 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 291 }; 292 u8 raw[FSCRYPT_MAX_IV_SIZE]; 293 __le64 dun[FSCRYPT_MAX_IV_SIZE / sizeof(__le64)]; 294}; 295 | 320 321 /* per-file nonce; only set in DIRECT_KEY mode */ 322 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; 323 }; 324 u8 raw[FSCRYPT_MAX_IV_SIZE]; 325 __le64 dun[FSCRYPT_MAX_IV_SIZE / sizeof(__le64)]; 326}; 327 |
296void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num, | 328void fscrypt_generate_iv(union fscrypt_iv *iv, u64 index, |
297 const struct fscrypt_info *ci); 298 299/* | 329 const struct fscrypt_info *ci); 330 331/* |
300 * Return the number of bits used by the maximum file logical block number that 301 * is possible on the given filesystem. | 332 * Return the number of bits used by the maximum file data unit index that is 333 * possible on the given filesystem, using the given log2 data unit size. |
302 */ 303static inline int | 334 */ 335static inline int |
304fscrypt_max_file_lblk_bits(const struct super_block *sb) | 336fscrypt_max_file_dun_bits(const struct super_block *sb, int du_bits) |
305{ | 337{ |
306 return fls64(sb->s_maxbytes - 1) - sb->s_blocksize_bits; | 338 return fls64(sb->s_maxbytes - 1) - du_bits; |
307} 308 309/* fname.c */ 310bool __fscrypt_fname_encrypted_size(const union fscrypt_policy *policy, 311 u32 orig_len, u32 max_len, 312 u32 *encrypted_len_ret); 313 314/* hkdf.c */ --- 361 unchanged lines hidden --- | 339} 340 341/* fname.c */ 342bool __fscrypt_fname_encrypted_size(const union fscrypt_policy *policy, 343 u32 orig_len, u32 max_len, 344 u32 *encrypted_len_ret); 345 346/* hkdf.c */ --- 361 unchanged lines hidden --- |