1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * The base64 encode/decode code was copied from fscrypt:
4 * Copyright (C) 2015, Google, Inc.
5 * Copyright (C) 2015, Motorola Mobility
6 * Written by Uday Savagaonkar, 2014.
7 * Modified by Jaegeuk Kim, 2015.
8 */
9 #include <linux/ceph/ceph_debug.h>
10 #include <linux/xattr.h>
11 #include <linux/fscrypt.h>
12 #include <linux/ceph/striper.h>
13
14 #include "super.h"
15 #include "mds_client.h"
16 #include "crypto.h"
17
ceph_crypt_get_context(struct inode * inode,void * ctx,size_t len)18 static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len)
19 {
20 struct ceph_inode_info *ci = ceph_inode(inode);
21 struct ceph_fscrypt_auth *cfa = (struct ceph_fscrypt_auth *)ci->fscrypt_auth;
22 u32 ctxlen;
23
24 /* Non existent or too short? */
25 if (!cfa || (ci->fscrypt_auth_len < (offsetof(struct ceph_fscrypt_auth, cfa_blob) + 1)))
26 return -ENOBUFS;
27
28 /* Some format we don't recognize? */
29 if (le32_to_cpu(cfa->cfa_version) != CEPH_FSCRYPT_AUTH_VERSION)
30 return -ENOBUFS;
31
32 ctxlen = le32_to_cpu(cfa->cfa_blob_len);
33 if (len < ctxlen)
34 return -ERANGE;
35
36 memcpy(ctx, cfa->cfa_blob, ctxlen);
37 return ctxlen;
38 }
39
ceph_crypt_set_context(struct inode * inode,const void * ctx,size_t len,void * fs_data)40 static int ceph_crypt_set_context(struct inode *inode, const void *ctx,
41 size_t len, void *fs_data)
42 {
43 int ret;
44 struct iattr attr = { };
45 struct ceph_iattr cia = { };
46 struct ceph_fscrypt_auth *cfa;
47
48 WARN_ON_ONCE(fs_data);
49
50 if (len > FSCRYPT_SET_CONTEXT_MAX_SIZE)
51 return -EINVAL;
52
53 cfa = kzalloc(sizeof(*cfa), GFP_KERNEL);
54 if (!cfa)
55 return -ENOMEM;
56
57 cfa->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
58 cfa->cfa_blob_len = cpu_to_le32(len);
59 memcpy(cfa->cfa_blob, ctx, len);
60
61 cia.fscrypt_auth = cfa;
62
63 ret = __ceph_setattr(&nop_mnt_idmap, inode, &attr, &cia);
64 if (ret == 0)
65 inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
66 kfree(cia.fscrypt_auth);
67 return ret;
68 }
69
ceph_crypt_empty_dir(struct inode * inode)70 static bool ceph_crypt_empty_dir(struct inode *inode)
71 {
72 struct ceph_inode_info *ci = ceph_inode(inode);
73
74 return ci->i_rsubdirs + ci->i_rfiles == 1;
75 }
76
ceph_get_dummy_policy(struct super_block * sb)77 static const union fscrypt_policy *ceph_get_dummy_policy(struct super_block *sb)
78 {
79 return ceph_sb_to_fs_client(sb)->fsc_dummy_enc_policy.policy;
80 }
81
82 static struct fscrypt_operations ceph_fscrypt_ops = {
83 .inode_info_offs = (int)offsetof(struct ceph_inode_info, i_crypt_info) -
84 (int)offsetof(struct ceph_inode_info, netfs.inode),
85 .needs_bounce_pages = 1,
86 .get_context = ceph_crypt_get_context,
87 .set_context = ceph_crypt_set_context,
88 .get_dummy_policy = ceph_get_dummy_policy,
89 .empty_dir = ceph_crypt_empty_dir,
90 };
91
ceph_fscrypt_set_ops(struct super_block * sb)92 void ceph_fscrypt_set_ops(struct super_block *sb)
93 {
94 fscrypt_set_ops(sb, &ceph_fscrypt_ops);
95 }
96
ceph_fscrypt_free_dummy_policy(struct ceph_fs_client * fsc)97 void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
98 {
99 fscrypt_free_dummy_policy(&fsc->fsc_dummy_enc_policy);
100 }
101
ceph_fscrypt_prepare_context(struct inode * dir,struct inode * inode,struct ceph_acl_sec_ctx * as)102 int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
103 struct ceph_acl_sec_ctx *as)
104 {
105 int ret, ctxsize;
106 bool encrypted = false;
107 struct ceph_inode_info *ci = ceph_inode(inode);
108
109 ret = fscrypt_prepare_new_inode(dir, inode, &encrypted);
110 if (ret)
111 return ret;
112 if (!encrypted)
113 return 0;
114
115 as->fscrypt_auth = kzalloc(sizeof(*as->fscrypt_auth), GFP_KERNEL);
116 if (!as->fscrypt_auth)
117 return -ENOMEM;
118
119 ctxsize = fscrypt_context_for_new_inode(as->fscrypt_auth->cfa_blob,
120 inode);
121 if (ctxsize < 0)
122 return ctxsize;
123
124 as->fscrypt_auth->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
125 as->fscrypt_auth->cfa_blob_len = cpu_to_le32(ctxsize);
126
127 WARN_ON_ONCE(ci->fscrypt_auth);
128 kfree(ci->fscrypt_auth);
129 ci->fscrypt_auth_len = ceph_fscrypt_auth_len(as->fscrypt_auth);
130 ci->fscrypt_auth = kmemdup(as->fscrypt_auth, ci->fscrypt_auth_len,
131 GFP_KERNEL);
132 if (!ci->fscrypt_auth)
133 return -ENOMEM;
134
135 inode->i_flags |= S_ENCRYPTED;
136
137 return 0;
138 }
139
ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request * req,struct ceph_acl_sec_ctx * as)140 void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
141 struct ceph_acl_sec_ctx *as)
142 {
143 swap(req->r_fscrypt_auth, as->fscrypt_auth);
144 }
145
146 /*
147 * User-created snapshots can't start with '_'. Snapshots that start with this
148 * character are special (hint: there aren't real snapshots) and use the
149 * following format:
150 *
151 * _<SNAPSHOT-NAME>_<INODE-NUMBER>
152 *
153 * where:
154 * - <SNAPSHOT-NAME> - the real snapshot name that may need to be decrypted,
155 * - <INODE-NUMBER> - the inode number (in decimal) for the actual snapshot
156 *
157 * This function parses these snapshot names and returns the inode
158 * <INODE-NUMBER>. 'name_len' will also bet set with the <SNAPSHOT-NAME>
159 * length.
160 */
parse_longname(const struct inode * parent,const char * name,int * name_len)161 static struct inode *parse_longname(const struct inode *parent,
162 const char *name, int *name_len)
163 {
164 struct ceph_client *cl = ceph_inode_to_client(parent);
165 struct inode *dir = NULL;
166 struct ceph_vino vino = { .snap = CEPH_NOSNAP };
167 char *name_end, *inode_number;
168 int ret = -EIO;
169 /* Snapshot name must start with an underscore */
170 if (*name_len <= 0 || name[0] != '_')
171 return ERR_PTR(-EIO);
172 /* Skip initial '_' and NUL-terminate */
173 char *str __free(kfree) = kmemdup_nul(name + 1, *name_len - 1, GFP_KERNEL);
174 if (!str)
175 return ERR_PTR(-ENOMEM);
176 name_end = strrchr(str, '_');
177 if (!name_end) {
178 doutc(cl, "failed to parse long snapshot name: %s\n", str);
179 return ERR_PTR(-EIO);
180 }
181 *name_len = (name_end - str);
182 if (*name_len <= 0) {
183 pr_err_client(cl, "failed to parse long snapshot name\n");
184 return ERR_PTR(-EIO);
185 }
186
187 /* Get the inode number */
188 inode_number = name_end + 1;
189 ret = kstrtou64(inode_number, 10, &vino.ino);
190 if (ret) {
191 doutc(cl, "failed to parse inode number: %s\n", str);
192 return ERR_PTR(ret);
193 }
194
195 /* And finally the inode */
196 dir = ceph_find_inode(parent->i_sb, vino);
197 if (!dir) {
198 /* This can happen if we're not mounting cephfs on the root */
199 dir = ceph_get_inode(parent->i_sb, vino, NULL);
200 if (IS_ERR(dir))
201 doutc(cl, "can't find inode %s (%s)\n", inode_number, name);
202 }
203 return dir;
204 }
205
ceph_encode_encrypted_dname(struct inode * parent,char * buf,int elen)206 int ceph_encode_encrypted_dname(struct inode *parent, char *buf, int elen)
207 {
208 struct ceph_client *cl = ceph_inode_to_client(parent);
209 struct inode *dir = parent;
210 char *p = buf;
211 u32 len;
212 int name_len = elen;
213 int ret;
214 u8 *cryptbuf = NULL;
215
216 /* Handle the special case of snapshot names that start with '_' */
217 if (ceph_snap(dir) == CEPH_SNAPDIR && *p == '_') {
218 dir = parse_longname(parent, p, &name_len);
219 if (IS_ERR(dir))
220 return PTR_ERR(dir);
221 p++; /* skip initial '_' */
222 }
223
224 if (!fscrypt_has_encryption_key(dir))
225 goto out;
226
227 /*
228 * Convert cleartext d_name to ciphertext. If result is longer than
229 * CEPH_NOHASH_NAME_MAX, sha256 the remaining bytes
230 *
231 * See: fscrypt_setup_filename
232 */
233 if (!fscrypt_fname_encrypted_size(dir, name_len, NAME_MAX, &len)) {
234 elen = -ENAMETOOLONG;
235 goto out;
236 }
237
238 /* Allocate a buffer appropriate to hold the result */
239 cryptbuf = kmalloc(len > CEPH_NOHASH_NAME_MAX ? NAME_MAX : len,
240 GFP_KERNEL);
241 if (!cryptbuf) {
242 elen = -ENOMEM;
243 goto out;
244 }
245
246 ret = fscrypt_fname_encrypt(dir,
247 &(struct qstr)QSTR_INIT(p, name_len),
248 cryptbuf, len);
249 if (ret) {
250 elen = ret;
251 goto out;
252 }
253
254 /* hash the end if the name is long enough */
255 if (len > CEPH_NOHASH_NAME_MAX) {
256 u8 hash[SHA256_DIGEST_SIZE];
257 u8 *extra = cryptbuf + CEPH_NOHASH_NAME_MAX;
258
259 /*
260 * hash the extra bytes and overwrite crypttext beyond that
261 * point with it
262 */
263 sha256(extra, len - CEPH_NOHASH_NAME_MAX, hash);
264 memcpy(extra, hash, SHA256_DIGEST_SIZE);
265 len = CEPH_NOHASH_NAME_MAX + SHA256_DIGEST_SIZE;
266 }
267
268 /* base64 encode the encrypted name */
269 elen = base64_encode(cryptbuf, len, p, false, BASE64_IMAP);
270 doutc(cl, "base64-encoded ciphertext name = %.*s\n", elen, p);
271
272 /* To understand the 240 limit, see CEPH_NOHASH_NAME_MAX comments */
273 WARN_ON(elen > 240);
274 if (dir != parent) // leading _ is already there; append _<inum>
275 elen += 1 + sprintf(p + elen, "_%ld", dir->i_ino);
276
277 out:
278 kfree(cryptbuf);
279 if (dir != parent) {
280 if ((inode_state_read_once(dir) & I_NEW))
281 discard_new_inode(dir);
282 else
283 iput(dir);
284 }
285 return elen;
286 }
287
288 /**
289 * ceph_fname_to_usr - convert a filename for userland presentation
290 * @fname: ceph_fname to be converted
291 * @tname: temporary name buffer to use for conversion (may be NULL)
292 * @oname: where converted name should be placed
293 * @is_nokey: set to true if key wasn't available during conversion (may be NULL)
294 *
295 * Given a filename (usually from the MDS), format it for presentation to
296 * userland. If @parent is not encrypted, just pass it back as-is.
297 *
298 * Otherwise, base64 decode the string, and then ask fscrypt to format it
299 * for userland presentation.
300 *
301 * Returns 0 on success or negative error code on error.
302 */
ceph_fname_to_usr(const struct ceph_fname * fname,struct fscrypt_str * tname,struct fscrypt_str * oname,bool * is_nokey)303 int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
304 struct fscrypt_str *oname, bool *is_nokey)
305 {
306 struct inode *dir = fname->dir;
307 struct fscrypt_str _tname = FSTR_INIT(NULL, 0);
308 struct fscrypt_str iname;
309 char *name = fname->name;
310 int name_len = fname->name_len;
311 int ret;
312
313 /* Sanity check that the resulting name will fit in the buffer */
314 if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX)
315 return -EIO;
316
317 /* Handle the special case of snapshot names that start with '_' */
318 if ((ceph_snap(dir) == CEPH_SNAPDIR) && (name_len > 0) &&
319 (name[0] == '_')) {
320 dir = parse_longname(dir, name, &name_len);
321 if (IS_ERR(dir))
322 return PTR_ERR(dir);
323 name++; /* skip initial '_' */
324 }
325
326 if (!IS_ENCRYPTED(dir)) {
327 oname->name = fname->name;
328 oname->len = fname->name_len;
329 ret = 0;
330 goto out_inode;
331 }
332
333 ret = ceph_fscrypt_prepare_readdir(dir);
334 if (ret)
335 goto out_inode;
336
337 /*
338 * Use the raw dentry name as sent by the MDS instead of
339 * generating a nokey name via fscrypt.
340 */
341 if (!fscrypt_has_encryption_key(dir)) {
342 if (fname->no_copy)
343 oname->name = fname->name;
344 else
345 memcpy(oname->name, fname->name, fname->name_len);
346 oname->len = fname->name_len;
347 if (is_nokey)
348 *is_nokey = true;
349 ret = 0;
350 goto out_inode;
351 }
352
353 if (fname->ctext_len == 0) {
354 int declen;
355
356 if (!tname) {
357 ret = fscrypt_fname_alloc_buffer(NAME_MAX, &_tname);
358 if (ret)
359 goto out_inode;
360 tname = &_tname;
361 }
362
363 declen = base64_decode(name, name_len,
364 tname->name, false, BASE64_IMAP);
365 if (declen <= 0) {
366 ret = -EIO;
367 goto out;
368 }
369 iname.name = tname->name;
370 iname.len = declen;
371 } else {
372 iname.name = fname->ctext;
373 iname.len = fname->ctext_len;
374 }
375
376 ret = fscrypt_fname_disk_to_usr(dir, 0, 0, &iname, oname);
377 if (!ret && (dir != fname->dir)) {
378 char tmp_buf[BASE64_CHARS(NAME_MAX)];
379
380 name_len = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%ld",
381 oname->len, oname->name, dir->i_ino);
382 memcpy(oname->name, tmp_buf, name_len);
383 oname->len = name_len;
384 }
385
386 out:
387 fscrypt_fname_free_buffer(&_tname);
388 out_inode:
389 if (dir != fname->dir) {
390 if ((inode_state_read_once(dir) & I_NEW))
391 discard_new_inode(dir);
392 else
393 iput(dir);
394 }
395 return ret;
396 }
397
398 /**
399 * ceph_fscrypt_prepare_readdir - simple __fscrypt_prepare_readdir() wrapper
400 * @dir: directory inode for readdir prep
401 *
402 * Simple wrapper around __fscrypt_prepare_readdir() that will mark directory as
403 * non-complete if this call results in having the directory unlocked.
404 *
405 * Returns:
406 * 1 - if directory was locked and key is now loaded (i.e. dir is unlocked)
407 * 0 - if directory is still locked
408 * < 0 - if __fscrypt_prepare_readdir() fails
409 */
ceph_fscrypt_prepare_readdir(struct inode * dir)410 int ceph_fscrypt_prepare_readdir(struct inode *dir)
411 {
412 bool had_key = fscrypt_has_encryption_key(dir);
413 int err;
414
415 if (!IS_ENCRYPTED(dir))
416 return 0;
417
418 err = __fscrypt_prepare_readdir(dir);
419 if (err)
420 return err;
421 if (!had_key && fscrypt_has_encryption_key(dir)) {
422 /* directory just got unlocked, mark it as not complete */
423 ceph_dir_clear_complete(dir);
424 return 1;
425 }
426 return 0;
427 }
428
ceph_fscrypt_decrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)429 int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
430 struct page *page, unsigned int len,
431 unsigned int offs, u64 lblk_num)
432 {
433 struct ceph_client *cl = ceph_inode_to_client(inode);
434
435 doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode,
436 ceph_vinop(inode), len, offs, lblk_num);
437 return fscrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num);
438 }
439
ceph_fscrypt_encrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)440 int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
441 struct page *page, unsigned int len,
442 unsigned int offs, u64 lblk_num)
443 {
444 struct ceph_client *cl = ceph_inode_to_client(inode);
445
446 doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode,
447 ceph_vinop(inode), len, offs, lblk_num);
448 return fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk_num);
449 }
450
451 /**
452 * ceph_fscrypt_decrypt_pages - decrypt an array of pages
453 * @inode: pointer to inode associated with these pages
454 * @page: pointer to page array
455 * @off: offset into the file that the read data starts
456 * @len: max length to decrypt
457 *
458 * Decrypt an array of fscrypt'ed pages and return the amount of
459 * data decrypted. Any data in the page prior to the start of the
460 * first complete block in the read is ignored. Any incomplete
461 * crypto blocks at the end of the array are ignored (and should
462 * probably be zeroed by the caller).
463 *
464 * Returns the length of the decrypted data or a negative errno.
465 */
ceph_fscrypt_decrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)466 int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
467 u64 off, int len)
468 {
469 int i, num_blocks;
470 u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
471 int ret = 0;
472
473 /*
474 * We can't deal with partial blocks on an encrypted file, so mask off
475 * the last bit.
476 */
477 num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
478
479 /* Decrypt each block */
480 for (i = 0; i < num_blocks; ++i) {
481 int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
482 int pgidx = blkoff >> PAGE_SHIFT;
483 unsigned int pgoffs = offset_in_page(blkoff);
484 int fret;
485
486 fret = ceph_fscrypt_decrypt_block_inplace(inode, page[pgidx],
487 CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
488 baseblk + i);
489 if (fret < 0) {
490 if (ret == 0)
491 ret = fret;
492 break;
493 }
494 ret += CEPH_FSCRYPT_BLOCK_SIZE;
495 }
496 return ret;
497 }
498
499 /**
500 * ceph_fscrypt_decrypt_extents: decrypt received extents in given buffer
501 * @inode: inode associated with pages being decrypted
502 * @page: pointer to page array
503 * @off: offset into the file that the data in page[0] starts
504 * @map: pointer to extent array
505 * @ext_cnt: length of extent array
506 *
507 * Given an extent map and a page array, decrypt the received data in-place,
508 * skipping holes. Returns the offset into buffer of end of last decrypted
509 * block.
510 */
ceph_fscrypt_decrypt_extents(struct inode * inode,struct page ** page,u64 off,struct ceph_sparse_extent * map,u32 ext_cnt)511 int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
512 u64 off, struct ceph_sparse_extent *map,
513 u32 ext_cnt)
514 {
515 struct ceph_client *cl = ceph_inode_to_client(inode);
516 int i, ret = 0;
517 struct ceph_inode_info *ci = ceph_inode(inode);
518 u64 objno, objoff;
519 u32 xlen;
520
521 /* Nothing to do for empty array */
522 if (ext_cnt == 0) {
523 doutc(cl, "%p %llx.%llx empty array, ret 0\n", inode,
524 ceph_vinop(inode));
525 return 0;
526 }
527
528 ceph_calc_file_object_mapping(&ci->i_layout, off, map[0].len,
529 &objno, &objoff, &xlen);
530
531 for (i = 0; i < ext_cnt; ++i) {
532 struct ceph_sparse_extent *ext = &map[i];
533 int pgsoff = ext->off - objoff;
534 int pgidx = pgsoff >> PAGE_SHIFT;
535 int fret;
536
537 if ((ext->off | ext->len) & ~CEPH_FSCRYPT_BLOCK_MASK) {
538 pr_warn_client(cl,
539 "%p %llx.%llx bad encrypted sparse extent "
540 "idx %d off %llx len %llx\n",
541 inode, ceph_vinop(inode), i, ext->off,
542 ext->len);
543 return -EIO;
544 }
545 fret = ceph_fscrypt_decrypt_pages(inode, &page[pgidx],
546 off + pgsoff, ext->len);
547 doutc(cl, "%p %llx.%llx [%d] 0x%llx~0x%llx fret %d\n", inode,
548 ceph_vinop(inode), i, ext->off, ext->len, fret);
549 if (fret < 0) {
550 if (ret == 0)
551 ret = fret;
552 break;
553 }
554 ret = pgsoff + fret;
555 }
556 doutc(cl, "ret %d\n", ret);
557 return ret;
558 }
559
560 /**
561 * ceph_fscrypt_encrypt_pages - encrypt an array of pages
562 * @inode: pointer to inode associated with these pages
563 * @page: pointer to page array
564 * @off: offset into the file that the data starts
565 * @len: max length to encrypt
566 *
567 * Encrypt an array of cleartext pages and return the amount of
568 * data encrypted. Any data in the page prior to the start of the
569 * first complete block in the read is ignored. Any incomplete
570 * crypto blocks at the end of the array are ignored.
571 *
572 * Returns the length of the encrypted data or a negative errno.
573 */
ceph_fscrypt_encrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)574 int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
575 int len)
576 {
577 int i, num_blocks;
578 u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
579 int ret = 0;
580
581 /*
582 * We can't deal with partial blocks on an encrypted file, so mask off
583 * the last bit.
584 */
585 num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
586
587 /* Encrypt each block */
588 for (i = 0; i < num_blocks; ++i) {
589 int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
590 int pgidx = blkoff >> PAGE_SHIFT;
591 unsigned int pgoffs = offset_in_page(blkoff);
592 int fret;
593
594 fret = ceph_fscrypt_encrypt_block_inplace(inode, page[pgidx],
595 CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
596 baseblk + i);
597 if (fret < 0) {
598 if (ret == 0)
599 ret = fret;
600 break;
601 }
602 ret += CEPH_FSCRYPT_BLOCK_SIZE;
603 }
604 return ret;
605 }
606