fscrypt.h (607009020a5e7fd9353fb2dd4cdcc73e26f3350f) | fscrypt.h (ed318a6cc0b620440e65f48eb527dc3df7269ce4) |
---|---|
1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * fscrypt.h: declarations for per-file encryption 4 * 5 * Filesystems that implement per-file encryption must include this header 6 * file. 7 * 8 * Copyright (C) 2015, Google, Inc. 9 * 10 * Written by Michael Halcrow, 2015. 11 * Modified by Jaegeuk Kim, 2015. 12 */ 13#ifndef _LINUX_FSCRYPT_H 14#define _LINUX_FSCRYPT_H 15 16#include <linux/fs.h> 17#include <linux/mm.h> | 1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * fscrypt.h: declarations for per-file encryption 4 * 5 * Filesystems that implement per-file encryption must include this header 6 * file. 7 * 8 * Copyright (C) 2015, Google, Inc. 9 * 10 * Written by Michael Halcrow, 2015. 11 * Modified by Jaegeuk Kim, 2015. 12 */ 13#ifndef _LINUX_FSCRYPT_H 14#define _LINUX_FSCRYPT_H 15 16#include <linux/fs.h> 17#include <linux/mm.h> |
18#include <linux/parser.h> |
|
18#include <linux/slab.h> 19#include <uapi/linux/fscrypt.h> 20 21#define FS_CRYPTO_BLOCK_SIZE 16 22 | 19#include <linux/slab.h> 20#include <uapi/linux/fscrypt.h> 21 22#define FS_CRYPTO_BLOCK_SIZE 16 23 |
24union fscrypt_context; |
|
23struct fscrypt_info; | 25struct fscrypt_info; |
26struct seq_file; |
|
24 25struct fscrypt_str { 26 unsigned char *name; 27 u32 len; 28}; 29 30struct fscrypt_name { 31 const struct qstr *usr_fname; --- 22 unchanged lines hidden (view full) --- 54 * crypto operations for filesystems 55 */ 56struct fscrypt_operations { 57 unsigned int flags; 58 const char *key_prefix; 59 int (*get_context)(struct inode *inode, void *ctx, size_t len); 60 int (*set_context)(struct inode *inode, const void *ctx, size_t len, 61 void *fs_data); | 27 28struct fscrypt_str { 29 unsigned char *name; 30 u32 len; 31}; 32 33struct fscrypt_name { 34 const struct qstr *usr_fname; --- 22 unchanged lines hidden (view full) --- 57 * crypto operations for filesystems 58 */ 59struct fscrypt_operations { 60 unsigned int flags; 61 const char *key_prefix; 62 int (*get_context)(struct inode *inode, void *ctx, size_t len); 63 int (*set_context)(struct inode *inode, const void *ctx, size_t len, 64 void *fs_data); |
62 bool (*dummy_context)(struct inode *inode); | 65 const union fscrypt_context *(*get_dummy_context)( 66 struct super_block *sb); |
63 bool (*empty_dir)(struct inode *inode); 64 unsigned int max_namelen; 65 bool (*has_stable_inodes)(struct super_block *sb); 66 void (*get_ino_and_lblk_bits)(struct super_block *sb, 67 int *ino_bits_ret, int *lblk_bits_ret); 68}; 69 70static inline bool fscrypt_has_encryption_key(const struct inode *inode) --- 13 unchanged lines hidden (view full) --- 84 * If you need to know whether the encrypt bit is set even when the kernel was 85 * built without fscrypt support, you must use IS_ENCRYPTED() directly instead. 86 */ 87static inline bool fscrypt_needs_contents_encryption(const struct inode *inode) 88{ 89 return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode); 90} 91 | 67 bool (*empty_dir)(struct inode *inode); 68 unsigned int max_namelen; 69 bool (*has_stable_inodes)(struct super_block *sb); 70 void (*get_ino_and_lblk_bits)(struct super_block *sb, 71 int *ino_bits_ret, int *lblk_bits_ret); 72}; 73 74static inline bool fscrypt_has_encryption_key(const struct inode *inode) --- 13 unchanged lines hidden (view full) --- 88 * If you need to know whether the encrypt bit is set even when the kernel was 89 * built without fscrypt support, you must use IS_ENCRYPTED() directly instead. 90 */ 91static inline bool fscrypt_needs_contents_encryption(const struct inode *inode) 92{ 93 return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode); 94} 95 |
92static inline bool fscrypt_dummy_context_enabled(struct inode *inode) | 96static inline const union fscrypt_context * 97fscrypt_get_dummy_context(struct super_block *sb) |
93{ | 98{ |
94 return inode->i_sb->s_cop->dummy_context && 95 inode->i_sb->s_cop->dummy_context(inode); | 99 if (!sb->s_cop->get_dummy_context) 100 return NULL; 101 return sb->s_cop->get_dummy_context(sb); |
96} 97 98/* 99 * When d_splice_alias() moves a directory's encrypted alias to its decrypted 100 * alias as a result of the encryption key being added, DCACHE_ENCRYPTED_NAME 101 * must be cleared. Note that we don't have to support arbitrary moves of this 102 * flag because fscrypt doesn't allow encrypted aliases to be the source or 103 * target of a rename(). --- 36 unchanged lines hidden (view full) --- 140int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg); 141int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg); 142int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *arg); 143int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg); 144int fscrypt_has_permitted_context(struct inode *parent, struct inode *child); 145int fscrypt_inherit_context(struct inode *parent, struct inode *child, 146 void *fs_data, bool preload); 147 | 102} 103 104/* 105 * When d_splice_alias() moves a directory's encrypted alias to its decrypted 106 * alias as a result of the encryption key being added, DCACHE_ENCRYPTED_NAME 107 * must be cleared. Note that we don't have to support arbitrary moves of this 108 * flag because fscrypt doesn't allow encrypted aliases to be the source or 109 * target of a rename(). --- 36 unchanged lines hidden (view full) --- 146int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg); 147int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg); 148int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *arg); 149int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg); 150int fscrypt_has_permitted_context(struct inode *parent, struct inode *child); 151int fscrypt_inherit_context(struct inode *parent, struct inode *child, 152 void *fs_data, bool preload); 153 |
154struct fscrypt_dummy_context { 155 const union fscrypt_context *ctx; 156}; 157 158int fscrypt_set_test_dummy_encryption(struct super_block *sb, 159 const substring_t *arg, 160 struct fscrypt_dummy_context *dummy_ctx); 161void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep, 162 struct super_block *sb); 163static inline void 164fscrypt_free_dummy_context(struct fscrypt_dummy_context *dummy_ctx) 165{ 166 kfree(dummy_ctx->ctx); 167 dummy_ctx->ctx = NULL; 168} 169 |
|
148/* keyring.c */ 149void fscrypt_sb_free(struct super_block *sb); 150int fscrypt_ioctl_add_key(struct file *filp, void __user *arg); 151int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg); 152int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *arg); 153int fscrypt_ioctl_get_key_status(struct file *filp, void __user *arg); 154 155/* keysetup.c */ --- 58 unchanged lines hidden (view full) --- 214 return false; 215} 216 217static inline bool fscrypt_needs_contents_encryption(const struct inode *inode) 218{ 219 return false; 220} 221 | 170/* keyring.c */ 171void fscrypt_sb_free(struct super_block *sb); 172int fscrypt_ioctl_add_key(struct file *filp, void __user *arg); 173int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg); 174int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *arg); 175int fscrypt_ioctl_get_key_status(struct file *filp, void __user *arg); 176 177/* keysetup.c */ --- 58 unchanged lines hidden (view full) --- 236 return false; 237} 238 239static inline bool fscrypt_needs_contents_encryption(const struct inode *inode) 240{ 241 return false; 242} 243 |
222static inline bool fscrypt_dummy_context_enabled(struct inode *inode) | 244static inline const union fscrypt_context * 245fscrypt_get_dummy_context(struct super_block *sb) |
223{ | 246{ |
224 return false; | 247 return NULL; |
225} 226 227static inline void fscrypt_handle_d_move(struct dentry *dentry) 228{ 229} 230 231/* crypto.c */ 232static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work) --- 78 unchanged lines hidden (view full) --- 311 312static inline int fscrypt_inherit_context(struct inode *parent, 313 struct inode *child, 314 void *fs_data, bool preload) 315{ 316 return -EOPNOTSUPP; 317} 318 | 248} 249 250static inline void fscrypt_handle_d_move(struct dentry *dentry) 251{ 252} 253 254/* crypto.c */ 255static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work) --- 78 unchanged lines hidden (view full) --- 334 335static inline int fscrypt_inherit_context(struct inode *parent, 336 struct inode *child, 337 void *fs_data, bool preload) 338{ 339 return -EOPNOTSUPP; 340} 341 |
342struct fscrypt_dummy_context { 343}; 344 345static inline void fscrypt_show_test_dummy_encryption(struct seq_file *seq, 346 char sep, 347 struct super_block *sb) 348{ 349} 350 351static inline void 352fscrypt_free_dummy_context(struct fscrypt_dummy_context *dummy_ctx) 353{ 354} 355 |
|
319/* keyring.c */ 320static inline void fscrypt_sb_free(struct super_block *sb) 321{ 322} 323 324static inline int fscrypt_ioctl_add_key(struct file *filp, void __user *arg) 325{ 326 return -EOPNOTSUPP; --- 345 unchanged lines hidden (view full) --- 672 * occurred while setting up the encryption key. 673 */ 674static inline int fscrypt_prepare_symlink(struct inode *dir, 675 const char *target, 676 unsigned int len, 677 unsigned int max_len, 678 struct fscrypt_str *disk_link) 679{ | 356/* keyring.c */ 357static inline void fscrypt_sb_free(struct super_block *sb) 358{ 359} 360 361static inline int fscrypt_ioctl_add_key(struct file *filp, void __user *arg) 362{ 363 return -EOPNOTSUPP; --- 345 unchanged lines hidden (view full) --- 709 * occurred while setting up the encryption key. 710 */ 711static inline int fscrypt_prepare_symlink(struct inode *dir, 712 const char *target, 713 unsigned int len, 714 unsigned int max_len, 715 struct fscrypt_str *disk_link) 716{ |
680 if (IS_ENCRYPTED(dir) || fscrypt_dummy_context_enabled(dir)) | 717 if (IS_ENCRYPTED(dir) || fscrypt_get_dummy_context(dir->i_sb) != NULL) |
681 return __fscrypt_prepare_symlink(dir, len, max_len, disk_link); 682 683 disk_link->name = (unsigned char *)target; 684 disk_link->len = len + 1; 685 if (disk_link->len > max_len) 686 return -ENAMETOOLONG; 687 return 0; 688} --- 38 unchanged lines hidden --- | 718 return __fscrypt_prepare_symlink(dir, len, max_len, disk_link); 719 720 disk_link->name = (unsigned char *)target; 721 disk_link->len = len + 1; 722 if (disk_link->len > max_len) 723 return -ENAMETOOLONG; 724 return 0; 725} --- 38 unchanged lines hidden --- |