1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3 * Ceph fscrypt functionality
4 */
5
6 #ifndef _CEPH_CRYPTO_H
7 #define _CEPH_CRYPTO_H
8
9 #include <crypto/sha2.h>
10 #include <linux/fscrypt.h>
11
12 #define CEPH_FSCRYPT_BLOCK_SHIFT 12
13 #define CEPH_FSCRYPT_BLOCK_SIZE (_AC(1, UL) << CEPH_FSCRYPT_BLOCK_SHIFT)
14 #define CEPH_FSCRYPT_BLOCK_MASK (~(CEPH_FSCRYPT_BLOCK_SIZE-1))
15
16 struct ceph_fs_client;
17 struct ceph_acl_sec_ctx;
18 struct ceph_mds_request;
19
20 struct ceph_fname {
21 struct inode *dir;
22 char *name; // b64 encoded, possibly hashed
23 unsigned char *ctext; // binary crypttext (if any)
24 u32 name_len; // length of name buffer
25 u32 ctext_len; // length of crypttext
26 bool no_copy;
27 };
28
29 /*
30 * Header for the encrypted file when truncating the size, this
31 * will be sent to MDS, and the MDS will update the encrypted
32 * last block and then truncate the size.
33 */
34 struct ceph_fscrypt_truncate_size_header {
35 __u8 ver;
36 __u8 compat;
37
38 /*
39 * It will be sizeof(assert_ver + file_offset + block_size)
40 * if the last block is empty when it's located in a file
41 * hole. Or the data_len will plus CEPH_FSCRYPT_BLOCK_SIZE.
42 */
43 __le32 data_len;
44
45 __le64 change_attr;
46 __le64 file_offset;
47 __le32 block_size;
48 } __packed;
49
50 struct ceph_fscrypt_auth {
51 __le32 cfa_version;
52 __le32 cfa_blob_len;
53 u8 cfa_blob[FSCRYPT_SET_CONTEXT_MAX_SIZE];
54 } __packed;
55
56 #define CEPH_FSCRYPT_AUTH_VERSION 1
ceph_fscrypt_auth_len(struct ceph_fscrypt_auth * fa)57 static inline u32 ceph_fscrypt_auth_len(struct ceph_fscrypt_auth *fa)
58 {
59 u32 ctxsize = le32_to_cpu(fa->cfa_blob_len);
60
61 return offsetof(struct ceph_fscrypt_auth, cfa_blob) + ctxsize;
62 }
63
64 #ifdef CONFIG_FS_ENCRYPTION
65 /*
66 * We want to encrypt filenames when creating them, but the encrypted
67 * versions of those names may have illegal characters in them. To mitigate
68 * that, we base64 encode them, but that gives us a result that can exceed
69 * NAME_MAX.
70 *
71 * Follow a similar scheme to fscrypt itself, and cap the filename to a
72 * smaller size. If the ciphertext name is longer than the value below, then
73 * sha256 hash the remaining bytes.
74 *
75 * For the fscrypt_nokey_name struct the dirhash[2] member is useless in ceph
76 * so the corresponding struct will be:
77 *
78 * struct fscrypt_ceph_nokey_name {
79 * u8 bytes[157];
80 * u8 sha256[SHA256_DIGEST_SIZE];
81 * }; // 180 bytes => 240 bytes base64-encoded, which is <= NAME_MAX (255)
82 *
83 * (240 bytes is the maximum size allowed for snapshot names to take into
84 * account the format: '_<SNAPSHOT-NAME>_<INODE-NUMBER>'.)
85 *
86 * Note that for long names that end up having their tail portion hashed, we
87 * must also store the full encrypted name (in the dentry's alternate_name
88 * field).
89 */
90 #define CEPH_NOHASH_NAME_MAX (180 - SHA256_DIGEST_SIZE)
91
92 #define CEPH_BASE64_CHARS(nbytes) DIV_ROUND_UP((nbytes) * 4, 3)
93
94 int ceph_base64_encode(const u8 *src, int srclen, char *dst);
95 int ceph_base64_decode(const char *src, int srclen, u8 *dst);
96
97 void ceph_fscrypt_set_ops(struct super_block *sb);
98
99 void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc);
100
101 int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
102 struct ceph_acl_sec_ctx *as);
103 void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
104 struct ceph_acl_sec_ctx *as);
105 int ceph_encode_encrypted_dname(struct inode *parent, char *buf, int len);
106
ceph_fname_alloc_buffer(struct inode * parent,struct fscrypt_str * fname)107 static inline int ceph_fname_alloc_buffer(struct inode *parent,
108 struct fscrypt_str *fname)
109 {
110 if (!IS_ENCRYPTED(parent))
111 return 0;
112 return fscrypt_fname_alloc_buffer(NAME_MAX, fname);
113 }
114
ceph_fname_free_buffer(struct inode * parent,struct fscrypt_str * fname)115 static inline void ceph_fname_free_buffer(struct inode *parent,
116 struct fscrypt_str *fname)
117 {
118 if (IS_ENCRYPTED(parent))
119 fscrypt_fname_free_buffer(fname);
120 }
121
122 int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
123 struct fscrypt_str *oname, bool *is_nokey);
124 int ceph_fscrypt_prepare_readdir(struct inode *dir);
125
ceph_fscrypt_blocks(u64 off,u64 len)126 static inline unsigned int ceph_fscrypt_blocks(u64 off, u64 len)
127 {
128 /* crypto blocks cannot span more than one page */
129 BUILD_BUG_ON(CEPH_FSCRYPT_BLOCK_SHIFT > PAGE_SHIFT);
130
131 return ((off+len+CEPH_FSCRYPT_BLOCK_SIZE-1) >> CEPH_FSCRYPT_BLOCK_SHIFT) -
132 (off >> CEPH_FSCRYPT_BLOCK_SHIFT);
133 }
134
135 /*
136 * If we have an encrypted inode then we must adjust the offset and
137 * range of the on-the-wire read to cover an entire encryption block.
138 * The copy will be done using the original offset and length, after
139 * we've decrypted the result.
140 */
ceph_fscrypt_adjust_off_and_len(struct inode * inode,u64 * off,u64 * len)141 static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
142 u64 *off, u64 *len)
143 {
144 if (IS_ENCRYPTED(inode)) {
145 *len = ceph_fscrypt_blocks(*off, *len) * CEPH_FSCRYPT_BLOCK_SIZE;
146 *off &= CEPH_FSCRYPT_BLOCK_MASK;
147 }
148 }
149
150 int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
151 struct page *page, unsigned int len,
152 unsigned int offs, u64 lblk_num);
153 int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
154 struct page *page, unsigned int len,
155 unsigned int offs, u64 lblk_num);
156 int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
157 u64 off, int len);
158 int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
159 u64 off, struct ceph_sparse_extent *map,
160 u32 ext_cnt);
161 int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
162 int len);
163
ceph_fscrypt_pagecache_page(struct page * page)164 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
165 {
166 return fscrypt_is_bounce_page(page) ? fscrypt_pagecache_page(page) : page;
167 }
168
169 #else /* CONFIG_FS_ENCRYPTION */
170
ceph_fscrypt_set_ops(struct super_block * sb)171 static inline void ceph_fscrypt_set_ops(struct super_block *sb)
172 {
173 }
174
ceph_fscrypt_free_dummy_policy(struct ceph_fs_client * fsc)175 static inline void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
176 {
177 }
178
ceph_fscrypt_prepare_context(struct inode * dir,struct inode * inode,struct ceph_acl_sec_ctx * as)179 static inline int ceph_fscrypt_prepare_context(struct inode *dir,
180 struct inode *inode,
181 struct ceph_acl_sec_ctx *as)
182 {
183 if (IS_ENCRYPTED(dir))
184 return -EOPNOTSUPP;
185 return 0;
186 }
187
ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request * req,struct ceph_acl_sec_ctx * as_ctx)188 static inline void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
189 struct ceph_acl_sec_ctx *as_ctx)
190 {
191 }
192
ceph_encode_encrypted_dname(struct inode * parent,char * buf,int len)193 static inline int ceph_encode_encrypted_dname(struct inode *parent, char *buf,
194 int len)
195 {
196 return len;
197 }
198
ceph_fname_alloc_buffer(struct inode * parent,struct fscrypt_str * fname)199 static inline int ceph_fname_alloc_buffer(struct inode *parent,
200 struct fscrypt_str *fname)
201 {
202 return 0;
203 }
204
ceph_fname_free_buffer(struct inode * parent,struct fscrypt_str * fname)205 static inline void ceph_fname_free_buffer(struct inode *parent,
206 struct fscrypt_str *fname)
207 {
208 }
209
ceph_fname_to_usr(const struct ceph_fname * fname,struct fscrypt_str * tname,struct fscrypt_str * oname,bool * is_nokey)210 static inline int ceph_fname_to_usr(const struct ceph_fname *fname,
211 struct fscrypt_str *tname,
212 struct fscrypt_str *oname, bool *is_nokey)
213 {
214 oname->name = fname->name;
215 oname->len = fname->name_len;
216 return 0;
217 }
218
ceph_fscrypt_prepare_readdir(struct inode * dir)219 static inline int ceph_fscrypt_prepare_readdir(struct inode *dir)
220 {
221 return 0;
222 }
223
ceph_fscrypt_adjust_off_and_len(struct inode * inode,u64 * off,u64 * len)224 static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
225 u64 *off, u64 *len)
226 {
227 }
228
ceph_fscrypt_decrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)229 static inline int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
230 struct page *page, unsigned int len,
231 unsigned int offs, u64 lblk_num)
232 {
233 return 0;
234 }
235
ceph_fscrypt_encrypt_block_inplace(const struct inode * inode,struct page * page,unsigned int len,unsigned int offs,u64 lblk_num)236 static inline int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
237 struct page *page, unsigned int len,
238 unsigned int offs, u64 lblk_num)
239 {
240 return 0;
241 }
242
ceph_fscrypt_decrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)243 static inline int ceph_fscrypt_decrypt_pages(struct inode *inode,
244 struct page **page, u64 off,
245 int len)
246 {
247 return 0;
248 }
249
ceph_fscrypt_decrypt_extents(struct inode * inode,struct page ** page,u64 off,struct ceph_sparse_extent * map,u32 ext_cnt)250 static inline int ceph_fscrypt_decrypt_extents(struct inode *inode,
251 struct page **page, u64 off,
252 struct ceph_sparse_extent *map,
253 u32 ext_cnt)
254 {
255 return 0;
256 }
257
ceph_fscrypt_encrypt_pages(struct inode * inode,struct page ** page,u64 off,int len)258 static inline int ceph_fscrypt_encrypt_pages(struct inode *inode,
259 struct page **page, u64 off,
260 int len)
261 {
262 return 0;
263 }
264
ceph_fscrypt_pagecache_page(struct page * page)265 static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
266 {
267 return page;
268 }
269 #endif /* CONFIG_FS_ENCRYPTION */
270
ceph_fscrypt_page_offset(struct page * page)271 static inline loff_t ceph_fscrypt_page_offset(struct page *page)
272 {
273 return page_offset(ceph_fscrypt_pagecache_page(page));
274 }
275
276 #endif /* _CEPH_CRYPTO_H */
277