1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Encryption policy functions for per-file encryption support. 4 * 5 * Copyright (C) 2015, Google, Inc. 6 * Copyright (C) 2015, Motorola Mobility. 7 * 8 * Written by Michael Halcrow, 2015. 9 * Modified by Jaegeuk Kim, 2015. 10 */ 11 12 #include <linux/random.h> 13 #include <linux/string.h> 14 #include <linux/mount.h> 15 #include "fscrypt_private.h" 16 17 /* 18 * check whether an encryption policy is consistent with an encryption context 19 */ 20 static bool is_encryption_context_consistent_with_policy( 21 const struct fscrypt_context *ctx, 22 const struct fscrypt_policy *policy) 23 { 24 return memcmp(ctx->master_key_descriptor, policy->master_key_descriptor, 25 FS_KEY_DESCRIPTOR_SIZE) == 0 && 26 (ctx->flags == policy->flags) && 27 (ctx->contents_encryption_mode == 28 policy->contents_encryption_mode) && 29 (ctx->filenames_encryption_mode == 30 policy->filenames_encryption_mode); 31 } 32 33 static int create_encryption_context_from_policy(struct inode *inode, 34 const struct fscrypt_policy *policy) 35 { 36 struct fscrypt_context ctx; 37 38 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 39 memcpy(ctx.master_key_descriptor, policy->master_key_descriptor, 40 FS_KEY_DESCRIPTOR_SIZE); 41 42 if (!fscrypt_valid_enc_modes(policy->contents_encryption_mode, 43 policy->filenames_encryption_mode)) 44 return -EINVAL; 45 46 if (policy->flags & ~FS_POLICY_FLAGS_VALID) 47 return -EINVAL; 48 49 ctx.contents_encryption_mode = policy->contents_encryption_mode; 50 ctx.filenames_encryption_mode = policy->filenames_encryption_mode; 51 ctx.flags = policy->flags; 52 BUILD_BUG_ON(sizeof(ctx.nonce) != FS_KEY_DERIVATION_NONCE_SIZE); 53 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 54 55 return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL); 56 } 57 58 int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg) 59 { 60 struct fscrypt_policy policy; 61 struct inode *inode = file_inode(filp); 62 int ret; 63 struct fscrypt_context ctx; 64 65 if (copy_from_user(&policy, arg, sizeof(policy))) 66 return -EFAULT; 67 68 if (!inode_owner_or_capable(inode)) 69 return -EACCES; 70 71 if (policy.version != 0) 72 return -EINVAL; 73 74 ret = mnt_want_write_file(filp); 75 if (ret) 76 return ret; 77 78 inode_lock(inode); 79 80 ret = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 81 if (ret == -ENODATA) { 82 if (!S_ISDIR(inode->i_mode)) 83 ret = -ENOTDIR; 84 else if (IS_DEADDIR(inode)) 85 ret = -ENOENT; 86 else if (!inode->i_sb->s_cop->empty_dir(inode)) 87 ret = -ENOTEMPTY; 88 else 89 ret = create_encryption_context_from_policy(inode, 90 &policy); 91 } else if (ret == sizeof(ctx) && 92 is_encryption_context_consistent_with_policy(&ctx, 93 &policy)) { 94 /* The file already uses the same encryption policy. */ 95 ret = 0; 96 } else if (ret >= 0 || ret == -ERANGE) { 97 /* The file already uses a different encryption policy. */ 98 ret = -EEXIST; 99 } 100 101 inode_unlock(inode); 102 103 mnt_drop_write_file(filp); 104 return ret; 105 } 106 EXPORT_SYMBOL(fscrypt_ioctl_set_policy); 107 108 int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg) 109 { 110 struct inode *inode = file_inode(filp); 111 struct fscrypt_context ctx; 112 struct fscrypt_policy policy; 113 int res; 114 115 if (!IS_ENCRYPTED(inode)) 116 return -ENODATA; 117 118 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx)); 119 if (res < 0 && res != -ERANGE) 120 return res; 121 if (res != sizeof(ctx)) 122 return -EINVAL; 123 if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1) 124 return -EINVAL; 125 126 policy.version = 0; 127 policy.contents_encryption_mode = ctx.contents_encryption_mode; 128 policy.filenames_encryption_mode = ctx.filenames_encryption_mode; 129 policy.flags = ctx.flags; 130 memcpy(policy.master_key_descriptor, ctx.master_key_descriptor, 131 FS_KEY_DESCRIPTOR_SIZE); 132 133 if (copy_to_user(arg, &policy, sizeof(policy))) 134 return -EFAULT; 135 return 0; 136 } 137 EXPORT_SYMBOL(fscrypt_ioctl_get_policy); 138 139 /** 140 * fscrypt_has_permitted_context() - is a file's encryption policy permitted 141 * within its directory? 142 * 143 * @parent: inode for parent directory 144 * @child: inode for file being looked up, opened, or linked into @parent 145 * 146 * Filesystems must call this before permitting access to an inode in a 147 * situation where the parent directory is encrypted (either before allowing 148 * ->lookup() to succeed, or for a regular file before allowing it to be opened) 149 * and before any operation that involves linking an inode into an encrypted 150 * directory, including link, rename, and cross rename. It enforces the 151 * constraint that within a given encrypted directory tree, all files use the 152 * same encryption policy. The pre-access check is needed to detect potentially 153 * malicious offline violations of this constraint, while the link and rename 154 * checks are needed to prevent online violations of this constraint. 155 * 156 * Return: 1 if permitted, 0 if forbidden. 157 */ 158 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child) 159 { 160 const struct fscrypt_operations *cops = parent->i_sb->s_cop; 161 const struct fscrypt_info *parent_ci, *child_ci; 162 struct fscrypt_context parent_ctx, child_ctx; 163 int res; 164 165 /* No restrictions on file types which are never encrypted */ 166 if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) && 167 !S_ISLNK(child->i_mode)) 168 return 1; 169 170 /* No restrictions if the parent directory is unencrypted */ 171 if (!IS_ENCRYPTED(parent)) 172 return 1; 173 174 /* Encrypted directories must not contain unencrypted files */ 175 if (!IS_ENCRYPTED(child)) 176 return 0; 177 178 /* 179 * Both parent and child are encrypted, so verify they use the same 180 * encryption policy. Compare the fscrypt_info structs if the keys are 181 * available, otherwise retrieve and compare the fscrypt_contexts. 182 * 183 * Note that the fscrypt_context retrieval will be required frequently 184 * when accessing an encrypted directory tree without the key. 185 * Performance-wise this is not a big deal because we already don't 186 * really optimize for file access without the key (to the extent that 187 * such access is even possible), given that any attempted access 188 * already causes a fscrypt_context retrieval and keyring search. 189 * 190 * In any case, if an unexpected error occurs, fall back to "forbidden". 191 */ 192 193 res = fscrypt_get_encryption_info(parent); 194 if (res) 195 return 0; 196 res = fscrypt_get_encryption_info(child); 197 if (res) 198 return 0; 199 parent_ci = READ_ONCE(parent->i_crypt_info); 200 child_ci = READ_ONCE(child->i_crypt_info); 201 202 if (parent_ci && child_ci) { 203 return memcmp(parent_ci->ci_master_key_descriptor, 204 child_ci->ci_master_key_descriptor, 205 FS_KEY_DESCRIPTOR_SIZE) == 0 && 206 (parent_ci->ci_data_mode == child_ci->ci_data_mode) && 207 (parent_ci->ci_filename_mode == 208 child_ci->ci_filename_mode) && 209 (parent_ci->ci_flags == child_ci->ci_flags); 210 } 211 212 res = cops->get_context(parent, &parent_ctx, sizeof(parent_ctx)); 213 if (res != sizeof(parent_ctx)) 214 return 0; 215 216 res = cops->get_context(child, &child_ctx, sizeof(child_ctx)); 217 if (res != sizeof(child_ctx)) 218 return 0; 219 220 return memcmp(parent_ctx.master_key_descriptor, 221 child_ctx.master_key_descriptor, 222 FS_KEY_DESCRIPTOR_SIZE) == 0 && 223 (parent_ctx.contents_encryption_mode == 224 child_ctx.contents_encryption_mode) && 225 (parent_ctx.filenames_encryption_mode == 226 child_ctx.filenames_encryption_mode) && 227 (parent_ctx.flags == child_ctx.flags); 228 } 229 EXPORT_SYMBOL(fscrypt_has_permitted_context); 230 231 /** 232 * fscrypt_inherit_context() - Sets a child context from its parent 233 * @parent: Parent inode from which the context is inherited. 234 * @child: Child inode that inherits the context from @parent. 235 * @fs_data: private data given by FS. 236 * @preload: preload child i_crypt_info if true 237 * 238 * Return: 0 on success, -errno on failure 239 */ 240 int fscrypt_inherit_context(struct inode *parent, struct inode *child, 241 void *fs_data, bool preload) 242 { 243 struct fscrypt_context ctx; 244 struct fscrypt_info *ci; 245 int res; 246 247 res = fscrypt_get_encryption_info(parent); 248 if (res < 0) 249 return res; 250 251 ci = READ_ONCE(parent->i_crypt_info); 252 if (ci == NULL) 253 return -ENOKEY; 254 255 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1; 256 ctx.contents_encryption_mode = ci->ci_data_mode; 257 ctx.filenames_encryption_mode = ci->ci_filename_mode; 258 ctx.flags = ci->ci_flags; 259 memcpy(ctx.master_key_descriptor, ci->ci_master_key_descriptor, 260 FS_KEY_DESCRIPTOR_SIZE); 261 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE); 262 BUILD_BUG_ON(sizeof(ctx) != FSCRYPT_SET_CONTEXT_MAX_SIZE); 263 res = parent->i_sb->s_cop->set_context(child, &ctx, 264 sizeof(ctx), fs_data); 265 if (res) 266 return res; 267 return preload ? fscrypt_get_encryption_info(child): 0; 268 } 269 EXPORT_SYMBOL(fscrypt_inherit_context); 270