1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3 * Ceph fscrypt functionality
4 */
5
6 #ifndef _CEPH_CRYPTO_H
7 #define _CEPH_CRYPTO_H
8
9 #include <crypto/sha2.h>
10 #include <linux/fscrypt.h>
11 #include <linux/base64.h>
12
13 #define CEPH_FSCRYPT_BLOCK_SHIFT 12
14 #define CEPH_FSCRYPT_BLOCK_SIZE (_AC(1, UL) << CEPH_FSCRYPT_BLOCK_SHIFT)
15 #define CEPH_FSCRYPT_BLOCK_MASK (~(CEPH_FSCRYPT_BLOCK_SIZE-1))
16
17 struct ceph_fs_client;
18 struct ceph_acl_sec_ctx;
19 struct ceph_mds_request;
20
21 struct ceph_fname {
22 struct inode *dir;
23 char *name; // b64 encoded, possibly hashed
24 unsigned char *ctext; // binary crypttext (if any)
25 u32 name_len; // length of name buffer
26 u32 ctext_len; // length of crypttext
27 bool no_copy;
28 };
29
30 /*
31 * Header for the encrypted file when truncating the size, this
32 * will be sent to MDS, and the MDS will update the encrypted
33 * last block and then truncate the size.
34 */
35 struct ceph_fscrypt_truncate_size_header {
36 __u8 ver;
37 __u8 compat;
38
39 /*
40 * It will be sizeof(assert_ver + file_offset + block_size)
41 * if the last block is empty when it's located in a file
42 * hole. Or the data_len will plus CEPH_FSCRYPT_BLOCK_SIZE.
43 */
44 __le32 data_len;
45
46 __le64 change_attr;
47 __le64 file_offset;
48 __le32 block_size;
49 } __packed;
50
51 struct ceph_fscrypt_auth {
52 __le32 cfa_version;
53 __le32 cfa_blob_len;
54 u8 cfa_blob[FSCRYPT_SET_CONTEXT_MAX_SIZE];
55 } __packed;
56
57 #define CEPH_FSCRYPT_AUTH_VERSION 1
ceph_fscrypt_auth_len(struct ceph_fscrypt_auth * fa)58 static inline u32 ceph_fscrypt_auth_len(struct ceph_fscrypt_auth *fa)
59 {
60 u32 ctxsize = le32_to_cpu(fa->cfa_blob_len);
61
62 return offsetof(struct ceph_fscrypt_auth, cfa_blob) + ctxsize;
63 }
64
65 #ifdef CONFIG_FS_ENCRYPTION
66 /*
67 * We want to encrypt filenames when creating them, but the encrypted
68 * versions of those names may have illegal characters in them. To mitigate
69 * that, we base64 encode them, but that gives us a result that can exceed
70 * NAME_MAX.
71 *
72 * Follow a similar scheme to fscrypt itself, and cap the filename to a
73 * smaller size. If the ciphertext name is longer than the value below, then
74 * sha256 hash the remaining bytes.
75 *
76 * For the fscrypt_nokey_name struct the dirhash[2] member is useless in ceph
77 * so the corresponding struct will be:
78 *
79 * struct fscrypt_ceph_nokey_name {
80 * u8 bytes[157];
81 * u8 sha256[SHA256_DIGEST_SIZE];
82 * }; // 180 bytes => 240 bytes base64-encoded, which is <= NAME_MAX (255)
83 *
84 * (240 bytes is the maximum size allowed for snapshot names to take into
85 * account the format: '_<SNAPSHOT-NAME>_<INODE-NUMBER>'.)
86 *
87 * Note that for long names that end up having their tail portion hashed, we
88 * must also store the full encrypted name (in the dentry's alternate_name
89 * field).
90 */
91 #define CEPH_NOHASH_NAME_MAX (180 - SHA256_DIGEST_SIZE)
92
93 void ceph_fscrypt_set_ops(struct super_block *sb);
94
95 void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc);
96
97 int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
98 struct ceph_acl_sec_ctx *as);
99 void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
100 struct ceph_acl_sec_ctx *as);
101 int ceph_encode_encrypted_dname(struct inode *parent, char *buf, int len);
102
ceph_fname_alloc_buffer(struct inode * parent,struct fscrypt_str * fname)103 static inline int ceph_fname_alloc_buffer(struct inode *parent,
104 struct fscrypt_str *fname)
105 {
106 if (!IS_ENCRYPTED(parent))
107 return 0;
108 return fscrypt_fname_alloc_buffer(NAME_MAX, fname);
109 }
110
ceph_fname_free_buffer(struct inode * parent,struct fscrypt_str * fname)111 static inline void ceph_fname_free_buffer(struct inode *parent,
112 struct fscrypt_str *fname)
113 {
114 if (IS_ENCRYPTED(parent))
115 fscrypt_fname_free_buffer(fname);
116 }
117
118 int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
119 struct fscrypt_str *oname, bool *is_nokey);
120 int ceph_fscrypt_prepare_readdir(struct inode *dir);
121
ceph_fscrypt_blocks(u64 off,u64 len)122 static inline unsigned int ceph_fscrypt_blocks(u64 off, u64 len)
123 {
124 /* crypto blocks cannot span more than one page */
125 BUILD_BUG_ON(CEPH_FSCRYPT_BLOCK_SHIFT > PAGE_SHIFT);
126
127 return ((off+len+CEPH_FSCRYPT_BLOCK_SIZE-1) >> CEPH_FSCRYPT_BLOCK_SHIFT) -
128 (off >> CEPH_FSCRYPT_BLOCK_SHIFT);
129 }
130
131 /*
132 * If we have an encrypted inode then we must adjust the offset and
133 * range of the on-the-wire read to cover an entire encryption block.
134 * The copy will be done using the original offset and length, after
135 * we've decrypted the result.
136 */
ceph_fscrypt_adjust_off_and_len(struct inode * inode,u64 * off,u64 * len)137 static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
138 u64 *off, u64 *len)
139 {
140 if (IS_ENCRYPTED(inode)) {
141 *len = ceph_fscrypt_blocks(*off, *len) * CEPH_FSCRYPT_BLOCK_SIZE;
142 *off &= CEPH_FSCRYPT_BLOCK_MASK;
143 }
144 }
145
146 int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
147 struct page *page, unsigned int len,
148 unsigned int offs, u64 lblk_num);
149 int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
150 struct page *page, unsigned int len,
151 unsigned int offs, u64 lblk_num);
152 int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
153 u64 off, int len);
154 int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
155 u64 off, struct ceph_sparse_extent *map,
156 u32 ext_cnt);
157 int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
158 int len);
159
ceph_fscrypt_pagecache_page(struct page * page)160 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
161 {
162 return fscrypt_is_bounce_page(page) ? fscrypt_pagecache_page(page) : page;
163 }
164
165 #else /* CONFIG_FS_ENCRYPTION */
166
ceph_fscrypt_set_ops(struct super_block * sb)167 static inline void ceph_fscrypt_set_ops(struct super_block *sb)
168 {
169 }
170
ceph_fscrypt_free_dummy_policy(struct ceph_fs_client * fsc)171 static inline void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
172 {
173 }
174
ceph_fscrypt_prepare_context(struct inode * dir,struct inode * inode,struct ceph_acl_sec_ctx * as)175 static inline int ceph_fscrypt_prepare_context(struct inode *dir,
176 struct inode *inode,
177 struct ceph_acl_sec_ctx *as)
178 {
179 if (IS_ENCRYPTED(dir))
180 return -EOPNOTSUPP;
181 return 0;
182 }
183
ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request * req,struct ceph_acl_sec_ctx * as_ctx)184 static inline void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
185 struct ceph_acl_sec_ctx *as_ctx)
186 {
187 }
188
ceph_encode_encrypted_dname(struct inode * parent,char * buf,int len)189 static inline int ceph_encode_encrypted_dname(struct inode *parent, char *buf,
190 int len)
191 {
192 return len;
193 }
194
ceph_fname_alloc_buffer(struct inode * parent,struct fscrypt_str * fname)195 static inline int ceph_fname_alloc_buffer(struct inode *parent,
196 struct fscrypt_str *fname)
197 {
198 return 0;
199 }
200
ceph_fname_free_buffer(struct inode * parent,struct fscrypt_str * fname)201 static inline void ceph_fname_free_buffer(struct inode *parent,
202 struct fscrypt_str *fname)
203 {
204 }
205
ceph_fname_to_usr(const struct ceph_fname * fname,struct fscrypt_str * tname,struct fscrypt_str * oname,bool * is_nokey)206 static inline int ceph_fname_to_usr(const struct ceph_fname *fname,
207 struct fscrypt_str *tname,
208 struct fscrypt_str *oname, bool *is_nokey)
209 {
210 oname->name = fname->name;
211 oname->len = fname->name_len;
212 return 0;
213 }
214
ceph_fscrypt_prepare_readdir(struct inode * dir)215 static inline int ceph_fscrypt_prepare_readdir(struct inode *dir)
216 {
217 return 0;
218 }
219
ceph_fscrypt_adjust_off_and_len(struct inode * inode,u64 * off,u64 * len)220 static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
221 u64 *off, u64 *len)
222 {
223 }
224
ceph_fscrypt_decrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)225 static inline int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
226 struct page *page, unsigned int len,
227 unsigned int offs, u64 lblk_num)
228 {
229 return 0;
230 }
231
ceph_fscrypt_encrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)232 static inline int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
233 struct page *page, unsigned int len,
234 unsigned int offs, u64 lblk_num)
235 {
236 return 0;
237 }
238
ceph_fscrypt_decrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)239 static inline int ceph_fscrypt_decrypt_pages(struct inode *inode,
240 struct page **page, u64 off,
241 int len)
242 {
243 return 0;
244 }
245
ceph_fscrypt_decrypt_extents(struct inode * inode,struct page ** page,u64 off,struct ceph_sparse_extent * map,u32 ext_cnt)246 static inline int ceph_fscrypt_decrypt_extents(struct inode *inode,
247 struct page **page, u64 off,
248 struct ceph_sparse_extent *map,
249 u32 ext_cnt)
250 {
251 return 0;
252 }
253
ceph_fscrypt_encrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)254 static inline int ceph_fscrypt_encrypt_pages(struct inode *inode,
255 struct page **page, u64 off,
256 int len)
257 {
258 return 0;
259 }
260
ceph_fscrypt_pagecache_page(struct page * page)261 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
262 {
263 return page;
264 }
265 #endif /* CONFIG_FS_ENCRYPTION */
266
ceph_fscrypt_page_offset(struct page * page)267 static inline loff_t ceph_fscrypt_page_offset(struct page *page)
268 {
269 return page_offset(ceph_fscrypt_pagecache_page(page));
270 }
271
272 #endif /* _CEPH_CRYPTO_H */
273