1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * 4 * Copyright (C) 1997-2004 Erez Zadok 5 * Copyright (C) 2001-2004 Stony Brook University 6 * Copyright (C) 2004-2007 International Business Machines Corp. 7 * Author(s): Michael A. Halcrow <mahalcro@us.ibm.com> 8 * Michael C. Thompson <mcthomps@us.ibm.com> 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License as 12 * published by the Free Software Foundation; either version 2 of the 13 * License, or (at your option) any later version. 14 * 15 * This program is distributed in the hope that it will be useful, but 16 * WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 23 * 02111-1307, USA. 24 */ 25 26 #include <linux/fs.h> 27 #include <linux/mount.h> 28 #include <linux/pagemap.h> 29 #include <linux/random.h> 30 #include <linux/compiler.h> 31 #include <linux/key.h> 32 #include <linux/namei.h> 33 #include <linux/crypto.h> 34 #include <linux/file.h> 35 #include <linux/scatterlist.h> 36 #include <linux/slab.h> 37 #include <asm/unaligned.h> 38 #include "ecryptfs_kernel.h" 39 40 #define DECRYPT 0 41 #define ENCRYPT 1 42 43 /** 44 * ecryptfs_to_hex 45 * @dst: Buffer to take hex character representation of contents of 46 * src; must be at least of size (src_size * 2) 47 * @src: Buffer to be converted to a hex string respresentation 48 * @src_size: number of bytes to convert 49 */ 50 void ecryptfs_to_hex(char *dst, char *src, size_t src_size) 51 { 52 int x; 53 54 for (x = 0; x < src_size; x++) 55 sprintf(&dst[x * 2], "%.2x", (unsigned char)src[x]); 56 } 57 58 /** 59 * ecryptfs_from_hex 60 * @dst: Buffer to take the bytes from src hex; must be at least of 61 * size (src_size / 2) 62 * @src: Buffer to be converted from a hex string respresentation to raw value 63 * @dst_size: size of dst buffer, or number of hex characters pairs to convert 64 */ 65 void ecryptfs_from_hex(char *dst, char *src, int dst_size) 66 { 67 int x; 68 char tmp[3] = { 0, }; 69 70 for (x = 0; x < dst_size; x++) { 71 tmp[0] = src[x * 2]; 72 tmp[1] = src[x * 2 + 1]; 73 dst[x] = (unsigned char)simple_strtol(tmp, NULL, 16); 74 } 75 } 76 77 /** 78 * ecryptfs_calculate_md5 - calculates the md5 of @src 79 * @dst: Pointer to 16 bytes of allocated memory 80 * @crypt_stat: Pointer to crypt_stat struct for the current inode 81 * @src: Data to be md5'd 82 * @len: Length of @src 83 * 84 * Uses the allocated crypto context that crypt_stat references to 85 * generate the MD5 sum of the contents of src. 86 */ 87 static int ecryptfs_calculate_md5(char *dst, 88 struct ecryptfs_crypt_stat *crypt_stat, 89 char *src, int len) 90 { 91 struct scatterlist sg; 92 struct hash_desc desc = { 93 .tfm = crypt_stat->hash_tfm, 94 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 95 }; 96 int rc = 0; 97 98 mutex_lock(&crypt_stat->cs_hash_tfm_mutex); 99 sg_init_one(&sg, (u8 *)src, len); 100 if (!desc.tfm) { 101 desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0, 102 CRYPTO_ALG_ASYNC); 103 if (IS_ERR(desc.tfm)) { 104 rc = PTR_ERR(desc.tfm); 105 ecryptfs_printk(KERN_ERR, "Error attempting to " 106 "allocate crypto context; rc = [%d]\n", 107 rc); 108 goto out; 109 } 110 crypt_stat->hash_tfm = desc.tfm; 111 } 112 rc = crypto_hash_init(&desc); 113 if (rc) { 114 printk(KERN_ERR 115 "%s: Error initializing crypto hash; rc = [%d]\n", 116 __func__, rc); 117 goto out; 118 } 119 rc = crypto_hash_update(&desc, &sg, len); 120 if (rc) { 121 printk(KERN_ERR 122 "%s: Error updating crypto hash; rc = [%d]\n", 123 __func__, rc); 124 goto out; 125 } 126 rc = crypto_hash_final(&desc, dst); 127 if (rc) { 128 printk(KERN_ERR 129 "%s: Error finalizing crypto hash; rc = [%d]\n", 130 __func__, rc); 131 goto out; 132 } 133 out: 134 mutex_unlock(&crypt_stat->cs_hash_tfm_mutex); 135 return rc; 136 } 137 138 static int ecryptfs_crypto_api_algify_cipher_name(char **algified_name, 139 char *cipher_name, 140 char *chaining_modifier) 141 { 142 int cipher_name_len = strlen(cipher_name); 143 int chaining_modifier_len = strlen(chaining_modifier); 144 int algified_name_len; 145 int rc; 146 147 algified_name_len = (chaining_modifier_len + cipher_name_len + 3); 148 (*algified_name) = kmalloc(algified_name_len, GFP_KERNEL); 149 if (!(*algified_name)) { 150 rc = -ENOMEM; 151 goto out; 152 } 153 snprintf((*algified_name), algified_name_len, "%s(%s)", 154 chaining_modifier, cipher_name); 155 rc = 0; 156 out: 157 return rc; 158 } 159 160 /** 161 * ecryptfs_derive_iv 162 * @iv: destination for the derived iv vale 163 * @crypt_stat: Pointer to crypt_stat struct for the current inode 164 * @offset: Offset of the extent whose IV we are to derive 165 * 166 * Generate the initialization vector from the given root IV and page 167 * offset. 168 * 169 * Returns zero on success; non-zero on error. 170 */ 171 int ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, 172 loff_t offset) 173 { 174 int rc = 0; 175 char dst[MD5_DIGEST_SIZE]; 176 char src[ECRYPTFS_MAX_IV_BYTES + 16]; 177 178 if (unlikely(ecryptfs_verbosity > 0)) { 179 ecryptfs_printk(KERN_DEBUG, "root iv:\n"); 180 ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes); 181 } 182 /* TODO: It is probably secure to just cast the least 183 * significant bits of the root IV into an unsigned long and 184 * add the offset to that rather than go through all this 185 * hashing business. -Halcrow */ 186 memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes); 187 memset((src + crypt_stat->iv_bytes), 0, 16); 188 snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset); 189 if (unlikely(ecryptfs_verbosity > 0)) { 190 ecryptfs_printk(KERN_DEBUG, "source:\n"); 191 ecryptfs_dump_hex(src, (crypt_stat->iv_bytes + 16)); 192 } 193 rc = ecryptfs_calculate_md5(dst, crypt_stat, src, 194 (crypt_stat->iv_bytes + 16)); 195 if (rc) { 196 ecryptfs_printk(KERN_WARNING, "Error attempting to compute " 197 "MD5 while generating IV for a page\n"); 198 goto out; 199 } 200 memcpy(iv, dst, crypt_stat->iv_bytes); 201 if (unlikely(ecryptfs_verbosity > 0)) { 202 ecryptfs_printk(KERN_DEBUG, "derived iv:\n"); 203 ecryptfs_dump_hex(iv, crypt_stat->iv_bytes); 204 } 205 out: 206 return rc; 207 } 208 209 /** 210 * ecryptfs_init_crypt_stat 211 * @crypt_stat: Pointer to the crypt_stat struct to initialize. 212 * 213 * Initialize the crypt_stat structure. 214 */ 215 void 216 ecryptfs_init_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) 217 { 218 memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); 219 INIT_LIST_HEAD(&crypt_stat->keysig_list); 220 mutex_init(&crypt_stat->keysig_list_mutex); 221 mutex_init(&crypt_stat->cs_mutex); 222 mutex_init(&crypt_stat->cs_tfm_mutex); 223 mutex_init(&crypt_stat->cs_hash_tfm_mutex); 224 crypt_stat->flags |= ECRYPTFS_STRUCT_INITIALIZED; 225 } 226 227 /** 228 * ecryptfs_destroy_crypt_stat 229 * @crypt_stat: Pointer to the crypt_stat struct to initialize. 230 * 231 * Releases all memory associated with a crypt_stat struct. 232 */ 233 void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) 234 { 235 struct ecryptfs_key_sig *key_sig, *key_sig_tmp; 236 237 if (crypt_stat->tfm) 238 crypto_free_ablkcipher(crypt_stat->tfm); 239 if (crypt_stat->hash_tfm) 240 crypto_free_hash(crypt_stat->hash_tfm); 241 list_for_each_entry_safe(key_sig, key_sig_tmp, 242 &crypt_stat->keysig_list, crypt_stat_list) { 243 list_del(&key_sig->crypt_stat_list); 244 kmem_cache_free(ecryptfs_key_sig_cache, key_sig); 245 } 246 memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat)); 247 } 248 249 void ecryptfs_destroy_mount_crypt_stat( 250 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 251 { 252 struct ecryptfs_global_auth_tok *auth_tok, *auth_tok_tmp; 253 254 if (!(mount_crypt_stat->flags & ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED)) 255 return; 256 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 257 list_for_each_entry_safe(auth_tok, auth_tok_tmp, 258 &mount_crypt_stat->global_auth_tok_list, 259 mount_crypt_stat_list) { 260 list_del(&auth_tok->mount_crypt_stat_list); 261 if (!(auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID)) 262 key_put(auth_tok->global_auth_tok_key); 263 kmem_cache_free(ecryptfs_global_auth_tok_cache, auth_tok); 264 } 265 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 266 memset(mount_crypt_stat, 0, sizeof(struct ecryptfs_mount_crypt_stat)); 267 } 268 269 /** 270 * virt_to_scatterlist 271 * @addr: Virtual address 272 * @size: Size of data; should be an even multiple of the block size 273 * @sg: Pointer to scatterlist array; set to NULL to obtain only 274 * the number of scatterlist structs required in array 275 * @sg_size: Max array size 276 * 277 * Fills in a scatterlist array with page references for a passed 278 * virtual address. 279 * 280 * Returns the number of scatterlist structs in array used 281 */ 282 int virt_to_scatterlist(const void *addr, int size, struct scatterlist *sg, 283 int sg_size) 284 { 285 int i = 0; 286 struct page *pg; 287 int offset; 288 int remainder_of_page; 289 290 sg_init_table(sg, sg_size); 291 292 while (size > 0 && i < sg_size) { 293 pg = virt_to_page(addr); 294 offset = offset_in_page(addr); 295 sg_set_page(&sg[i], pg, 0, offset); 296 remainder_of_page = PAGE_CACHE_SIZE - offset; 297 if (size >= remainder_of_page) { 298 sg[i].length = remainder_of_page; 299 addr += remainder_of_page; 300 size -= remainder_of_page; 301 } else { 302 sg[i].length = size; 303 addr += size; 304 size = 0; 305 } 306 i++; 307 } 308 if (size > 0) 309 return -ENOMEM; 310 return i; 311 } 312 313 struct extent_crypt_result { 314 struct completion completion; 315 int rc; 316 }; 317 318 static void extent_crypt_complete(struct crypto_async_request *req, int rc) 319 { 320 struct extent_crypt_result *ecr = req->data; 321 322 if (rc == -EINPROGRESS) 323 return; 324 325 ecr->rc = rc; 326 complete(&ecr->completion); 327 } 328 329 /** 330 * crypt_scatterlist 331 * @crypt_stat: Pointer to the crypt_stat struct to initialize. 332 * @dst_sg: Destination of the data after performing the crypto operation 333 * @src_sg: Data to be encrypted or decrypted 334 * @size: Length of data 335 * @iv: IV to use 336 * @op: ENCRYPT or DECRYPT to indicate the desired operation 337 * 338 * Returns the number of bytes encrypted or decrypted; negative value on error 339 */ 340 static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat, 341 struct scatterlist *dst_sg, 342 struct scatterlist *src_sg, int size, 343 unsigned char *iv, int op) 344 { 345 struct ablkcipher_request *req = NULL; 346 struct extent_crypt_result ecr; 347 int rc = 0; 348 349 BUG_ON(!crypt_stat || !crypt_stat->tfm 350 || !(crypt_stat->flags & ECRYPTFS_STRUCT_INITIALIZED)); 351 if (unlikely(ecryptfs_verbosity > 0)) { 352 ecryptfs_printk(KERN_DEBUG, "Key size [%zd]; key:\n", 353 crypt_stat->key_size); 354 ecryptfs_dump_hex(crypt_stat->key, 355 crypt_stat->key_size); 356 } 357 358 init_completion(&ecr.completion); 359 360 mutex_lock(&crypt_stat->cs_tfm_mutex); 361 req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS); 362 if (!req) { 363 mutex_unlock(&crypt_stat->cs_tfm_mutex); 364 rc = -ENOMEM; 365 goto out; 366 } 367 368 ablkcipher_request_set_callback(req, 369 CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP, 370 extent_crypt_complete, &ecr); 371 /* Consider doing this once, when the file is opened */ 372 if (!(crypt_stat->flags & ECRYPTFS_KEY_SET)) { 373 rc = crypto_ablkcipher_setkey(crypt_stat->tfm, crypt_stat->key, 374 crypt_stat->key_size); 375 if (rc) { 376 ecryptfs_printk(KERN_ERR, 377 "Error setting key; rc = [%d]\n", 378 rc); 379 mutex_unlock(&crypt_stat->cs_tfm_mutex); 380 rc = -EINVAL; 381 goto out; 382 } 383 crypt_stat->flags |= ECRYPTFS_KEY_SET; 384 } 385 mutex_unlock(&crypt_stat->cs_tfm_mutex); 386 ablkcipher_request_set_crypt(req, src_sg, dst_sg, size, iv); 387 rc = op == ENCRYPT ? crypto_ablkcipher_encrypt(req) : 388 crypto_ablkcipher_decrypt(req); 389 if (rc == -EINPROGRESS || rc == -EBUSY) { 390 struct extent_crypt_result *ecr = req->base.data; 391 392 wait_for_completion(&ecr->completion); 393 rc = ecr->rc; 394 reinit_completion(&ecr->completion); 395 } 396 out: 397 ablkcipher_request_free(req); 398 return rc; 399 } 400 401 /** 402 * lower_offset_for_page 403 * 404 * Convert an eCryptfs page index into a lower byte offset 405 */ 406 static loff_t lower_offset_for_page(struct ecryptfs_crypt_stat *crypt_stat, 407 struct page *page) 408 { 409 return ecryptfs_lower_header_size(crypt_stat) + 410 ((loff_t)page->index << PAGE_CACHE_SHIFT); 411 } 412 413 /** 414 * crypt_extent 415 * @crypt_stat: crypt_stat containing cryptographic context for the 416 * encryption operation 417 * @dst_page: The page to write the result into 418 * @src_page: The page to read from 419 * @extent_offset: Page extent offset for use in generating IV 420 * @op: ENCRYPT or DECRYPT to indicate the desired operation 421 * 422 * Encrypts or decrypts one extent of data. 423 * 424 * Return zero on success; non-zero otherwise 425 */ 426 static int crypt_extent(struct ecryptfs_crypt_stat *crypt_stat, 427 struct page *dst_page, 428 struct page *src_page, 429 unsigned long extent_offset, int op) 430 { 431 pgoff_t page_index = op == ENCRYPT ? src_page->index : dst_page->index; 432 loff_t extent_base; 433 char extent_iv[ECRYPTFS_MAX_IV_BYTES]; 434 struct scatterlist src_sg, dst_sg; 435 size_t extent_size = crypt_stat->extent_size; 436 int rc; 437 438 extent_base = (((loff_t)page_index) * (PAGE_CACHE_SIZE / extent_size)); 439 rc = ecryptfs_derive_iv(extent_iv, crypt_stat, 440 (extent_base + extent_offset)); 441 if (rc) { 442 ecryptfs_printk(KERN_ERR, "Error attempting to derive IV for " 443 "extent [0x%.16llx]; rc = [%d]\n", 444 (unsigned long long)(extent_base + extent_offset), rc); 445 goto out; 446 } 447 448 sg_init_table(&src_sg, 1); 449 sg_init_table(&dst_sg, 1); 450 451 sg_set_page(&src_sg, src_page, extent_size, 452 extent_offset * extent_size); 453 sg_set_page(&dst_sg, dst_page, extent_size, 454 extent_offset * extent_size); 455 456 rc = crypt_scatterlist(crypt_stat, &dst_sg, &src_sg, extent_size, 457 extent_iv, op); 458 if (rc < 0) { 459 printk(KERN_ERR "%s: Error attempting to crypt page with " 460 "page_index = [%ld], extent_offset = [%ld]; " 461 "rc = [%d]\n", __func__, page_index, extent_offset, rc); 462 goto out; 463 } 464 rc = 0; 465 out: 466 return rc; 467 } 468 469 /** 470 * ecryptfs_encrypt_page 471 * @page: Page mapped from the eCryptfs inode for the file; contains 472 * decrypted content that needs to be encrypted (to a temporary 473 * page; not in place) and written out to the lower file 474 * 475 * Encrypt an eCryptfs page. This is done on a per-extent basis. Note 476 * that eCryptfs pages may straddle the lower pages -- for instance, 477 * if the file was created on a machine with an 8K page size 478 * (resulting in an 8K header), and then the file is copied onto a 479 * host with a 32K page size, then when reading page 0 of the eCryptfs 480 * file, 24K of page 0 of the lower file will be read and decrypted, 481 * and then 8K of page 1 of the lower file will be read and decrypted. 482 * 483 * Returns zero on success; negative on error 484 */ 485 int ecryptfs_encrypt_page(struct page *page) 486 { 487 struct inode *ecryptfs_inode; 488 struct ecryptfs_crypt_stat *crypt_stat; 489 char *enc_extent_virt; 490 struct page *enc_extent_page = NULL; 491 loff_t extent_offset; 492 loff_t lower_offset; 493 int rc = 0; 494 495 ecryptfs_inode = page->mapping->host; 496 crypt_stat = 497 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 498 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); 499 enc_extent_page = alloc_page(GFP_USER); 500 if (!enc_extent_page) { 501 rc = -ENOMEM; 502 ecryptfs_printk(KERN_ERR, "Error allocating memory for " 503 "encrypted extent\n"); 504 goto out; 505 } 506 507 for (extent_offset = 0; 508 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); 509 extent_offset++) { 510 rc = crypt_extent(crypt_stat, enc_extent_page, page, 511 extent_offset, ENCRYPT); 512 if (rc) { 513 printk(KERN_ERR "%s: Error encrypting extent; " 514 "rc = [%d]\n", __func__, rc); 515 goto out; 516 } 517 } 518 519 lower_offset = lower_offset_for_page(crypt_stat, page); 520 enc_extent_virt = kmap(enc_extent_page); 521 rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, lower_offset, 522 PAGE_CACHE_SIZE); 523 kunmap(enc_extent_page); 524 if (rc < 0) { 525 ecryptfs_printk(KERN_ERR, 526 "Error attempting to write lower page; rc = [%d]\n", 527 rc); 528 goto out; 529 } 530 rc = 0; 531 out: 532 if (enc_extent_page) { 533 __free_page(enc_extent_page); 534 } 535 return rc; 536 } 537 538 /** 539 * ecryptfs_decrypt_page 540 * @page: Page mapped from the eCryptfs inode for the file; data read 541 * and decrypted from the lower file will be written into this 542 * page 543 * 544 * Decrypt an eCryptfs page. This is done on a per-extent basis. Note 545 * that eCryptfs pages may straddle the lower pages -- for instance, 546 * if the file was created on a machine with an 8K page size 547 * (resulting in an 8K header), and then the file is copied onto a 548 * host with a 32K page size, then when reading page 0 of the eCryptfs 549 * file, 24K of page 0 of the lower file will be read and decrypted, 550 * and then 8K of page 1 of the lower file will be read and decrypted. 551 * 552 * Returns zero on success; negative on error 553 */ 554 int ecryptfs_decrypt_page(struct page *page) 555 { 556 struct inode *ecryptfs_inode; 557 struct ecryptfs_crypt_stat *crypt_stat; 558 char *page_virt; 559 unsigned long extent_offset; 560 loff_t lower_offset; 561 int rc = 0; 562 563 ecryptfs_inode = page->mapping->host; 564 crypt_stat = 565 &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); 566 BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)); 567 568 lower_offset = lower_offset_for_page(crypt_stat, page); 569 page_virt = kmap(page); 570 rc = ecryptfs_read_lower(page_virt, lower_offset, PAGE_CACHE_SIZE, 571 ecryptfs_inode); 572 kunmap(page); 573 if (rc < 0) { 574 ecryptfs_printk(KERN_ERR, 575 "Error attempting to read lower page; rc = [%d]\n", 576 rc); 577 goto out; 578 } 579 580 for (extent_offset = 0; 581 extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); 582 extent_offset++) { 583 rc = crypt_extent(crypt_stat, page, page, 584 extent_offset, DECRYPT); 585 if (rc) { 586 printk(KERN_ERR "%s: Error encrypting extent; " 587 "rc = [%d]\n", __func__, rc); 588 goto out; 589 } 590 } 591 out: 592 return rc; 593 } 594 595 #define ECRYPTFS_MAX_SCATTERLIST_LEN 4 596 597 /** 598 * ecryptfs_init_crypt_ctx 599 * @crypt_stat: Uninitialized crypt stats structure 600 * 601 * Initialize the crypto context. 602 * 603 * TODO: Performance: Keep a cache of initialized cipher contexts; 604 * only init if needed 605 */ 606 int ecryptfs_init_crypt_ctx(struct ecryptfs_crypt_stat *crypt_stat) 607 { 608 char *full_alg_name; 609 int rc = -EINVAL; 610 611 ecryptfs_printk(KERN_DEBUG, 612 "Initializing cipher [%s]; strlen = [%d]; " 613 "key_size_bits = [%zd]\n", 614 crypt_stat->cipher, (int)strlen(crypt_stat->cipher), 615 crypt_stat->key_size << 3); 616 mutex_lock(&crypt_stat->cs_tfm_mutex); 617 if (crypt_stat->tfm) { 618 rc = 0; 619 goto out_unlock; 620 } 621 rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, 622 crypt_stat->cipher, "cbc"); 623 if (rc) 624 goto out_unlock; 625 crypt_stat->tfm = crypto_alloc_ablkcipher(full_alg_name, 0, 0); 626 if (IS_ERR(crypt_stat->tfm)) { 627 rc = PTR_ERR(crypt_stat->tfm); 628 crypt_stat->tfm = NULL; 629 ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): " 630 "Error initializing cipher [%s]\n", 631 full_alg_name); 632 goto out_free; 633 } 634 crypto_ablkcipher_set_flags(crypt_stat->tfm, CRYPTO_TFM_REQ_WEAK_KEY); 635 rc = 0; 636 out_free: 637 kfree(full_alg_name); 638 out_unlock: 639 mutex_unlock(&crypt_stat->cs_tfm_mutex); 640 return rc; 641 } 642 643 static void set_extent_mask_and_shift(struct ecryptfs_crypt_stat *crypt_stat) 644 { 645 int extent_size_tmp; 646 647 crypt_stat->extent_mask = 0xFFFFFFFF; 648 crypt_stat->extent_shift = 0; 649 if (crypt_stat->extent_size == 0) 650 return; 651 extent_size_tmp = crypt_stat->extent_size; 652 while ((extent_size_tmp & 0x01) == 0) { 653 extent_size_tmp >>= 1; 654 crypt_stat->extent_mask <<= 1; 655 crypt_stat->extent_shift++; 656 } 657 } 658 659 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat) 660 { 661 /* Default values; may be overwritten as we are parsing the 662 * packets. */ 663 crypt_stat->extent_size = ECRYPTFS_DEFAULT_EXTENT_SIZE; 664 set_extent_mask_and_shift(crypt_stat); 665 crypt_stat->iv_bytes = ECRYPTFS_DEFAULT_IV_BYTES; 666 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 667 crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; 668 else { 669 if (PAGE_CACHE_SIZE <= ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) 670 crypt_stat->metadata_size = 671 ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; 672 else 673 crypt_stat->metadata_size = PAGE_CACHE_SIZE; 674 } 675 } 676 677 /** 678 * ecryptfs_compute_root_iv 679 * @crypt_stats 680 * 681 * On error, sets the root IV to all 0's. 682 */ 683 int ecryptfs_compute_root_iv(struct ecryptfs_crypt_stat *crypt_stat) 684 { 685 int rc = 0; 686 char dst[MD5_DIGEST_SIZE]; 687 688 BUG_ON(crypt_stat->iv_bytes > MD5_DIGEST_SIZE); 689 BUG_ON(crypt_stat->iv_bytes <= 0); 690 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { 691 rc = -EINVAL; 692 ecryptfs_printk(KERN_WARNING, "Session key not valid; " 693 "cannot generate root IV\n"); 694 goto out; 695 } 696 rc = ecryptfs_calculate_md5(dst, crypt_stat, crypt_stat->key, 697 crypt_stat->key_size); 698 if (rc) { 699 ecryptfs_printk(KERN_WARNING, "Error attempting to compute " 700 "MD5 while generating root IV\n"); 701 goto out; 702 } 703 memcpy(crypt_stat->root_iv, dst, crypt_stat->iv_bytes); 704 out: 705 if (rc) { 706 memset(crypt_stat->root_iv, 0, crypt_stat->iv_bytes); 707 crypt_stat->flags |= ECRYPTFS_SECURITY_WARNING; 708 } 709 return rc; 710 } 711 712 static void ecryptfs_generate_new_key(struct ecryptfs_crypt_stat *crypt_stat) 713 { 714 get_random_bytes(crypt_stat->key, crypt_stat->key_size); 715 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 716 ecryptfs_compute_root_iv(crypt_stat); 717 if (unlikely(ecryptfs_verbosity > 0)) { 718 ecryptfs_printk(KERN_DEBUG, "Generated new session key:\n"); 719 ecryptfs_dump_hex(crypt_stat->key, 720 crypt_stat->key_size); 721 } 722 } 723 724 /** 725 * ecryptfs_copy_mount_wide_flags_to_inode_flags 726 * @crypt_stat: The inode's cryptographic context 727 * @mount_crypt_stat: The mount point's cryptographic context 728 * 729 * This function propagates the mount-wide flags to individual inode 730 * flags. 731 */ 732 static void ecryptfs_copy_mount_wide_flags_to_inode_flags( 733 struct ecryptfs_crypt_stat *crypt_stat, 734 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 735 { 736 if (mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED) 737 crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; 738 if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) 739 crypt_stat->flags |= ECRYPTFS_VIEW_AS_ENCRYPTED; 740 if (mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) { 741 crypt_stat->flags |= ECRYPTFS_ENCRYPT_FILENAMES; 742 if (mount_crypt_stat->flags 743 & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK) 744 crypt_stat->flags |= ECRYPTFS_ENCFN_USE_MOUNT_FNEK; 745 else if (mount_crypt_stat->flags 746 & ECRYPTFS_GLOBAL_ENCFN_USE_FEK) 747 crypt_stat->flags |= ECRYPTFS_ENCFN_USE_FEK; 748 } 749 } 750 751 static int ecryptfs_copy_mount_wide_sigs_to_inode_sigs( 752 struct ecryptfs_crypt_stat *crypt_stat, 753 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 754 { 755 struct ecryptfs_global_auth_tok *global_auth_tok; 756 int rc = 0; 757 758 mutex_lock(&crypt_stat->keysig_list_mutex); 759 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 760 761 list_for_each_entry(global_auth_tok, 762 &mount_crypt_stat->global_auth_tok_list, 763 mount_crypt_stat_list) { 764 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_FNEK) 765 continue; 766 rc = ecryptfs_add_keysig(crypt_stat, global_auth_tok->sig); 767 if (rc) { 768 printk(KERN_ERR "Error adding keysig; rc = [%d]\n", rc); 769 goto out; 770 } 771 } 772 773 out: 774 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 775 mutex_unlock(&crypt_stat->keysig_list_mutex); 776 return rc; 777 } 778 779 /** 780 * ecryptfs_set_default_crypt_stat_vals 781 * @crypt_stat: The inode's cryptographic context 782 * @mount_crypt_stat: The mount point's cryptographic context 783 * 784 * Default values in the event that policy does not override them. 785 */ 786 static void ecryptfs_set_default_crypt_stat_vals( 787 struct ecryptfs_crypt_stat *crypt_stat, 788 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 789 { 790 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 791 mount_crypt_stat); 792 ecryptfs_set_default_sizes(crypt_stat); 793 strcpy(crypt_stat->cipher, ECRYPTFS_DEFAULT_CIPHER); 794 crypt_stat->key_size = ECRYPTFS_DEFAULT_KEY_BYTES; 795 crypt_stat->flags &= ~(ECRYPTFS_KEY_VALID); 796 crypt_stat->file_version = ECRYPTFS_FILE_VERSION; 797 crypt_stat->mount_crypt_stat = mount_crypt_stat; 798 } 799 800 /** 801 * ecryptfs_new_file_context 802 * @ecryptfs_inode: The eCryptfs inode 803 * 804 * If the crypto context for the file has not yet been established, 805 * this is where we do that. Establishing a new crypto context 806 * involves the following decisions: 807 * - What cipher to use? 808 * - What set of authentication tokens to use? 809 * Here we just worry about getting enough information into the 810 * authentication tokens so that we know that they are available. 811 * We associate the available authentication tokens with the new file 812 * via the set of signatures in the crypt_stat struct. Later, when 813 * the headers are actually written out, we may again defer to 814 * userspace to perform the encryption of the session key; for the 815 * foreseeable future, this will be the case with public key packets. 816 * 817 * Returns zero on success; non-zero otherwise 818 */ 819 int ecryptfs_new_file_context(struct inode *ecryptfs_inode) 820 { 821 struct ecryptfs_crypt_stat *crypt_stat = 822 &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; 823 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 824 &ecryptfs_superblock_to_private( 825 ecryptfs_inode->i_sb)->mount_crypt_stat; 826 int cipher_name_len; 827 int rc = 0; 828 829 ecryptfs_set_default_crypt_stat_vals(crypt_stat, mount_crypt_stat); 830 crypt_stat->flags |= (ECRYPTFS_ENCRYPTED | ECRYPTFS_KEY_VALID); 831 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 832 mount_crypt_stat); 833 rc = ecryptfs_copy_mount_wide_sigs_to_inode_sigs(crypt_stat, 834 mount_crypt_stat); 835 if (rc) { 836 printk(KERN_ERR "Error attempting to copy mount-wide key sigs " 837 "to the inode key sigs; rc = [%d]\n", rc); 838 goto out; 839 } 840 cipher_name_len = 841 strlen(mount_crypt_stat->global_default_cipher_name); 842 memcpy(crypt_stat->cipher, 843 mount_crypt_stat->global_default_cipher_name, 844 cipher_name_len); 845 crypt_stat->cipher[cipher_name_len] = '\0'; 846 crypt_stat->key_size = 847 mount_crypt_stat->global_default_cipher_key_size; 848 ecryptfs_generate_new_key(crypt_stat); 849 rc = ecryptfs_init_crypt_ctx(crypt_stat); 850 if (rc) 851 ecryptfs_printk(KERN_ERR, "Error initializing cryptographic " 852 "context for cipher [%s]: rc = [%d]\n", 853 crypt_stat->cipher, rc); 854 out: 855 return rc; 856 } 857 858 /** 859 * ecryptfs_validate_marker - check for the ecryptfs marker 860 * @data: The data block in which to check 861 * 862 * Returns zero if marker found; -EINVAL if not found 863 */ 864 static int ecryptfs_validate_marker(char *data) 865 { 866 u32 m_1, m_2; 867 868 m_1 = get_unaligned_be32(data); 869 m_2 = get_unaligned_be32(data + 4); 870 if ((m_1 ^ MAGIC_ECRYPTFS_MARKER) == m_2) 871 return 0; 872 ecryptfs_printk(KERN_DEBUG, "m_1 = [0x%.8x]; m_2 = [0x%.8x]; " 873 "MAGIC_ECRYPTFS_MARKER = [0x%.8x]\n", m_1, m_2, 874 MAGIC_ECRYPTFS_MARKER); 875 ecryptfs_printk(KERN_DEBUG, "(m_1 ^ MAGIC_ECRYPTFS_MARKER) = " 876 "[0x%.8x]\n", (m_1 ^ MAGIC_ECRYPTFS_MARKER)); 877 return -EINVAL; 878 } 879 880 struct ecryptfs_flag_map_elem { 881 u32 file_flag; 882 u32 local_flag; 883 }; 884 885 /* Add support for additional flags by adding elements here. */ 886 static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = { 887 {0x00000001, ECRYPTFS_ENABLE_HMAC}, 888 {0x00000002, ECRYPTFS_ENCRYPTED}, 889 {0x00000004, ECRYPTFS_METADATA_IN_XATTR}, 890 {0x00000008, ECRYPTFS_ENCRYPT_FILENAMES} 891 }; 892 893 /** 894 * ecryptfs_process_flags 895 * @crypt_stat: The cryptographic context 896 * @page_virt: Source data to be parsed 897 * @bytes_read: Updated with the number of bytes read 898 * 899 * Returns zero on success; non-zero if the flag set is invalid 900 */ 901 static int ecryptfs_process_flags(struct ecryptfs_crypt_stat *crypt_stat, 902 char *page_virt, int *bytes_read) 903 { 904 int rc = 0; 905 int i; 906 u32 flags; 907 908 flags = get_unaligned_be32(page_virt); 909 for (i = 0; i < ((sizeof(ecryptfs_flag_map) 910 / sizeof(struct ecryptfs_flag_map_elem))); i++) 911 if (flags & ecryptfs_flag_map[i].file_flag) { 912 crypt_stat->flags |= ecryptfs_flag_map[i].local_flag; 913 } else 914 crypt_stat->flags &= ~(ecryptfs_flag_map[i].local_flag); 915 /* Version is in top 8 bits of the 32-bit flag vector */ 916 crypt_stat->file_version = ((flags >> 24) & 0xFF); 917 (*bytes_read) = 4; 918 return rc; 919 } 920 921 /** 922 * write_ecryptfs_marker 923 * @page_virt: The pointer to in a page to begin writing the marker 924 * @written: Number of bytes written 925 * 926 * Marker = 0x3c81b7f5 927 */ 928 static void write_ecryptfs_marker(char *page_virt, size_t *written) 929 { 930 u32 m_1, m_2; 931 932 get_random_bytes(&m_1, (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2)); 933 m_2 = (m_1 ^ MAGIC_ECRYPTFS_MARKER); 934 put_unaligned_be32(m_1, page_virt); 935 page_virt += (MAGIC_ECRYPTFS_MARKER_SIZE_BYTES / 2); 936 put_unaligned_be32(m_2, page_virt); 937 (*written) = MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; 938 } 939 940 void ecryptfs_write_crypt_stat_flags(char *page_virt, 941 struct ecryptfs_crypt_stat *crypt_stat, 942 size_t *written) 943 { 944 u32 flags = 0; 945 int i; 946 947 for (i = 0; i < ((sizeof(ecryptfs_flag_map) 948 / sizeof(struct ecryptfs_flag_map_elem))); i++) 949 if (crypt_stat->flags & ecryptfs_flag_map[i].local_flag) 950 flags |= ecryptfs_flag_map[i].file_flag; 951 /* Version is in top 8 bits of the 32-bit flag vector */ 952 flags |= ((((u8)crypt_stat->file_version) << 24) & 0xFF000000); 953 put_unaligned_be32(flags, page_virt); 954 (*written) = 4; 955 } 956 957 struct ecryptfs_cipher_code_str_map_elem { 958 char cipher_str[16]; 959 u8 cipher_code; 960 }; 961 962 /* Add support for additional ciphers by adding elements here. The 963 * cipher_code is whatever OpenPGP applicatoins use to identify the 964 * ciphers. List in order of probability. */ 965 static struct ecryptfs_cipher_code_str_map_elem 966 ecryptfs_cipher_code_str_map[] = { 967 {"aes",RFC2440_CIPHER_AES_128 }, 968 {"blowfish", RFC2440_CIPHER_BLOWFISH}, 969 {"des3_ede", RFC2440_CIPHER_DES3_EDE}, 970 {"cast5", RFC2440_CIPHER_CAST_5}, 971 {"twofish", RFC2440_CIPHER_TWOFISH}, 972 {"cast6", RFC2440_CIPHER_CAST_6}, 973 {"aes", RFC2440_CIPHER_AES_192}, 974 {"aes", RFC2440_CIPHER_AES_256} 975 }; 976 977 /** 978 * ecryptfs_code_for_cipher_string 979 * @cipher_name: The string alias for the cipher 980 * @key_bytes: Length of key in bytes; used for AES code selection 981 * 982 * Returns zero on no match, or the cipher code on match 983 */ 984 u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes) 985 { 986 int i; 987 u8 code = 0; 988 struct ecryptfs_cipher_code_str_map_elem *map = 989 ecryptfs_cipher_code_str_map; 990 991 if (strcmp(cipher_name, "aes") == 0) { 992 switch (key_bytes) { 993 case 16: 994 code = RFC2440_CIPHER_AES_128; 995 break; 996 case 24: 997 code = RFC2440_CIPHER_AES_192; 998 break; 999 case 32: 1000 code = RFC2440_CIPHER_AES_256; 1001 } 1002 } else { 1003 for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) 1004 if (strcmp(cipher_name, map[i].cipher_str) == 0) { 1005 code = map[i].cipher_code; 1006 break; 1007 } 1008 } 1009 return code; 1010 } 1011 1012 /** 1013 * ecryptfs_cipher_code_to_string 1014 * @str: Destination to write out the cipher name 1015 * @cipher_code: The code to convert to cipher name string 1016 * 1017 * Returns zero on success 1018 */ 1019 int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) 1020 { 1021 int rc = 0; 1022 int i; 1023 1024 str[0] = '\0'; 1025 for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) 1026 if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code) 1027 strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str); 1028 if (str[0] == '\0') { 1029 ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: " 1030 "[%d]\n", cipher_code); 1031 rc = -EINVAL; 1032 } 1033 return rc; 1034 } 1035 1036 int ecryptfs_read_and_validate_header_region(struct inode *inode) 1037 { 1038 u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; 1039 u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; 1040 int rc; 1041 1042 rc = ecryptfs_read_lower(file_size, 0, ECRYPTFS_SIZE_AND_MARKER_BYTES, 1043 inode); 1044 if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) 1045 return rc >= 0 ? -EINVAL : rc; 1046 rc = ecryptfs_validate_marker(marker); 1047 if (!rc) 1048 ecryptfs_i_size_init(file_size, inode); 1049 return rc; 1050 } 1051 1052 void 1053 ecryptfs_write_header_metadata(char *virt, 1054 struct ecryptfs_crypt_stat *crypt_stat, 1055 size_t *written) 1056 { 1057 u32 header_extent_size; 1058 u16 num_header_extents_at_front; 1059 1060 header_extent_size = (u32)crypt_stat->extent_size; 1061 num_header_extents_at_front = 1062 (u16)(crypt_stat->metadata_size / crypt_stat->extent_size); 1063 put_unaligned_be32(header_extent_size, virt); 1064 virt += 4; 1065 put_unaligned_be16(num_header_extents_at_front, virt); 1066 (*written) = 6; 1067 } 1068 1069 struct kmem_cache *ecryptfs_header_cache; 1070 1071 /** 1072 * ecryptfs_write_headers_virt 1073 * @page_virt: The virtual address to write the headers to 1074 * @max: The size of memory allocated at page_virt 1075 * @size: Set to the number of bytes written by this function 1076 * @crypt_stat: The cryptographic context 1077 * @ecryptfs_dentry: The eCryptfs dentry 1078 * 1079 * Format version: 1 1080 * 1081 * Header Extent: 1082 * Octets 0-7: Unencrypted file size (big-endian) 1083 * Octets 8-15: eCryptfs special marker 1084 * Octets 16-19: Flags 1085 * Octet 16: File format version number (between 0 and 255) 1086 * Octets 17-18: Reserved 1087 * Octet 19: Bit 1 (lsb): Reserved 1088 * Bit 2: Encrypted? 1089 * Bits 3-8: Reserved 1090 * Octets 20-23: Header extent size (big-endian) 1091 * Octets 24-25: Number of header extents at front of file 1092 * (big-endian) 1093 * Octet 26: Begin RFC 2440 authentication token packet set 1094 * Data Extent 0: 1095 * Lower data (CBC encrypted) 1096 * Data Extent 1: 1097 * Lower data (CBC encrypted) 1098 * ... 1099 * 1100 * Returns zero on success 1101 */ 1102 static int ecryptfs_write_headers_virt(char *page_virt, size_t max, 1103 size_t *size, 1104 struct ecryptfs_crypt_stat *crypt_stat, 1105 struct dentry *ecryptfs_dentry) 1106 { 1107 int rc; 1108 size_t written; 1109 size_t offset; 1110 1111 offset = ECRYPTFS_FILE_SIZE_BYTES; 1112 write_ecryptfs_marker((page_virt + offset), &written); 1113 offset += written; 1114 ecryptfs_write_crypt_stat_flags((page_virt + offset), crypt_stat, 1115 &written); 1116 offset += written; 1117 ecryptfs_write_header_metadata((page_virt + offset), crypt_stat, 1118 &written); 1119 offset += written; 1120 rc = ecryptfs_generate_key_packet_set((page_virt + offset), crypt_stat, 1121 ecryptfs_dentry, &written, 1122 max - offset); 1123 if (rc) 1124 ecryptfs_printk(KERN_WARNING, "Error generating key packet " 1125 "set; rc = [%d]\n", rc); 1126 if (size) { 1127 offset += written; 1128 *size = offset; 1129 } 1130 return rc; 1131 } 1132 1133 static int 1134 ecryptfs_write_metadata_to_contents(struct inode *ecryptfs_inode, 1135 char *virt, size_t virt_len) 1136 { 1137 int rc; 1138 1139 rc = ecryptfs_write_lower(ecryptfs_inode, virt, 1140 0, virt_len); 1141 if (rc < 0) 1142 printk(KERN_ERR "%s: Error attempting to write header " 1143 "information to lower file; rc = [%d]\n", __func__, rc); 1144 else 1145 rc = 0; 1146 return rc; 1147 } 1148 1149 static int 1150 ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, 1151 char *page_virt, size_t size) 1152 { 1153 int rc; 1154 1155 rc = ecryptfs_setxattr(ecryptfs_dentry, ECRYPTFS_XATTR_NAME, page_virt, 1156 size, 0); 1157 return rc; 1158 } 1159 1160 static unsigned long ecryptfs_get_zeroed_pages(gfp_t gfp_mask, 1161 unsigned int order) 1162 { 1163 struct page *page; 1164 1165 page = alloc_pages(gfp_mask | __GFP_ZERO, order); 1166 if (page) 1167 return (unsigned long) page_address(page); 1168 return 0; 1169 } 1170 1171 /** 1172 * ecryptfs_write_metadata 1173 * @ecryptfs_dentry: The eCryptfs dentry, which should be negative 1174 * @ecryptfs_inode: The newly created eCryptfs inode 1175 * 1176 * Write the file headers out. This will likely involve a userspace 1177 * callout, in which the session key is encrypted with one or more 1178 * public keys and/or the passphrase necessary to do the encryption is 1179 * retrieved via a prompt. Exactly what happens at this point should 1180 * be policy-dependent. 1181 * 1182 * Returns zero on success; non-zero on error 1183 */ 1184 int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, 1185 struct inode *ecryptfs_inode) 1186 { 1187 struct ecryptfs_crypt_stat *crypt_stat = 1188 &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; 1189 unsigned int order; 1190 char *virt; 1191 size_t virt_len; 1192 size_t size = 0; 1193 int rc = 0; 1194 1195 if (likely(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { 1196 if (!(crypt_stat->flags & ECRYPTFS_KEY_VALID)) { 1197 printk(KERN_ERR "Key is invalid; bailing out\n"); 1198 rc = -EINVAL; 1199 goto out; 1200 } 1201 } else { 1202 printk(KERN_WARNING "%s: Encrypted flag not set\n", 1203 __func__); 1204 rc = -EINVAL; 1205 goto out; 1206 } 1207 virt_len = crypt_stat->metadata_size; 1208 order = get_order(virt_len); 1209 /* Released in this function */ 1210 virt = (char *)ecryptfs_get_zeroed_pages(GFP_KERNEL, order); 1211 if (!virt) { 1212 printk(KERN_ERR "%s: Out of memory\n", __func__); 1213 rc = -ENOMEM; 1214 goto out; 1215 } 1216 /* Zeroed page ensures the in-header unencrypted i_size is set to 0 */ 1217 rc = ecryptfs_write_headers_virt(virt, virt_len, &size, crypt_stat, 1218 ecryptfs_dentry); 1219 if (unlikely(rc)) { 1220 printk(KERN_ERR "%s: Error whilst writing headers; rc = [%d]\n", 1221 __func__, rc); 1222 goto out_free; 1223 } 1224 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 1225 rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt, 1226 size); 1227 else 1228 rc = ecryptfs_write_metadata_to_contents(ecryptfs_inode, virt, 1229 virt_len); 1230 if (rc) { 1231 printk(KERN_ERR "%s: Error writing metadata out to lower file; " 1232 "rc = [%d]\n", __func__, rc); 1233 goto out_free; 1234 } 1235 out_free: 1236 free_pages((unsigned long)virt, order); 1237 out: 1238 return rc; 1239 } 1240 1241 #define ECRYPTFS_DONT_VALIDATE_HEADER_SIZE 0 1242 #define ECRYPTFS_VALIDATE_HEADER_SIZE 1 1243 static int parse_header_metadata(struct ecryptfs_crypt_stat *crypt_stat, 1244 char *virt, int *bytes_read, 1245 int validate_header_size) 1246 { 1247 int rc = 0; 1248 u32 header_extent_size; 1249 u16 num_header_extents_at_front; 1250 1251 header_extent_size = get_unaligned_be32(virt); 1252 virt += sizeof(__be32); 1253 num_header_extents_at_front = get_unaligned_be16(virt); 1254 crypt_stat->metadata_size = (((size_t)num_header_extents_at_front 1255 * (size_t)header_extent_size)); 1256 (*bytes_read) = (sizeof(__be32) + sizeof(__be16)); 1257 if ((validate_header_size == ECRYPTFS_VALIDATE_HEADER_SIZE) 1258 && (crypt_stat->metadata_size 1259 < ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE)) { 1260 rc = -EINVAL; 1261 printk(KERN_WARNING "Invalid header size: [%zd]\n", 1262 crypt_stat->metadata_size); 1263 } 1264 return rc; 1265 } 1266 1267 /** 1268 * set_default_header_data 1269 * @crypt_stat: The cryptographic context 1270 * 1271 * For version 0 file format; this function is only for backwards 1272 * compatibility for files created with the prior versions of 1273 * eCryptfs. 1274 */ 1275 static void set_default_header_data(struct ecryptfs_crypt_stat *crypt_stat) 1276 { 1277 crypt_stat->metadata_size = ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE; 1278 } 1279 1280 void ecryptfs_i_size_init(const char *page_virt, struct inode *inode) 1281 { 1282 struct ecryptfs_mount_crypt_stat *mount_crypt_stat; 1283 struct ecryptfs_crypt_stat *crypt_stat; 1284 u64 file_size; 1285 1286 crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; 1287 mount_crypt_stat = 1288 &ecryptfs_superblock_to_private(inode->i_sb)->mount_crypt_stat; 1289 if (mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) { 1290 file_size = i_size_read(ecryptfs_inode_to_lower(inode)); 1291 if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) 1292 file_size += crypt_stat->metadata_size; 1293 } else 1294 file_size = get_unaligned_be64(page_virt); 1295 i_size_write(inode, (loff_t)file_size); 1296 crypt_stat->flags |= ECRYPTFS_I_SIZE_INITIALIZED; 1297 } 1298 1299 /** 1300 * ecryptfs_read_headers_virt 1301 * @page_virt: The virtual address into which to read the headers 1302 * @crypt_stat: The cryptographic context 1303 * @ecryptfs_dentry: The eCryptfs dentry 1304 * @validate_header_size: Whether to validate the header size while reading 1305 * 1306 * Read/parse the header data. The header format is detailed in the 1307 * comment block for the ecryptfs_write_headers_virt() function. 1308 * 1309 * Returns zero on success 1310 */ 1311 static int ecryptfs_read_headers_virt(char *page_virt, 1312 struct ecryptfs_crypt_stat *crypt_stat, 1313 struct dentry *ecryptfs_dentry, 1314 int validate_header_size) 1315 { 1316 int rc = 0; 1317 int offset; 1318 int bytes_read; 1319 1320 ecryptfs_set_default_sizes(crypt_stat); 1321 crypt_stat->mount_crypt_stat = &ecryptfs_superblock_to_private( 1322 ecryptfs_dentry->d_sb)->mount_crypt_stat; 1323 offset = ECRYPTFS_FILE_SIZE_BYTES; 1324 rc = ecryptfs_validate_marker(page_virt + offset); 1325 if (rc) 1326 goto out; 1327 if (!(crypt_stat->flags & ECRYPTFS_I_SIZE_INITIALIZED)) 1328 ecryptfs_i_size_init(page_virt, d_inode(ecryptfs_dentry)); 1329 offset += MAGIC_ECRYPTFS_MARKER_SIZE_BYTES; 1330 rc = ecryptfs_process_flags(crypt_stat, (page_virt + offset), 1331 &bytes_read); 1332 if (rc) { 1333 ecryptfs_printk(KERN_WARNING, "Error processing flags\n"); 1334 goto out; 1335 } 1336 if (crypt_stat->file_version > ECRYPTFS_SUPPORTED_FILE_VERSION) { 1337 ecryptfs_printk(KERN_WARNING, "File version is [%d]; only " 1338 "file version [%d] is supported by this " 1339 "version of eCryptfs\n", 1340 crypt_stat->file_version, 1341 ECRYPTFS_SUPPORTED_FILE_VERSION); 1342 rc = -EINVAL; 1343 goto out; 1344 } 1345 offset += bytes_read; 1346 if (crypt_stat->file_version >= 1) { 1347 rc = parse_header_metadata(crypt_stat, (page_virt + offset), 1348 &bytes_read, validate_header_size); 1349 if (rc) { 1350 ecryptfs_printk(KERN_WARNING, "Error reading header " 1351 "metadata; rc = [%d]\n", rc); 1352 } 1353 offset += bytes_read; 1354 } else 1355 set_default_header_data(crypt_stat); 1356 rc = ecryptfs_parse_packet_set(crypt_stat, (page_virt + offset), 1357 ecryptfs_dentry); 1358 out: 1359 return rc; 1360 } 1361 1362 /** 1363 * ecryptfs_read_xattr_region 1364 * @page_virt: The vitual address into which to read the xattr data 1365 * @ecryptfs_inode: The eCryptfs inode 1366 * 1367 * Attempts to read the crypto metadata from the extended attribute 1368 * region of the lower file. 1369 * 1370 * Returns zero on success; non-zero on error 1371 */ 1372 int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode) 1373 { 1374 struct dentry *lower_dentry = 1375 ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_path.dentry; 1376 ssize_t size; 1377 int rc = 0; 1378 1379 size = ecryptfs_getxattr_lower(lower_dentry, ECRYPTFS_XATTR_NAME, 1380 page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE); 1381 if (size < 0) { 1382 if (unlikely(ecryptfs_verbosity > 0)) 1383 printk(KERN_INFO "Error attempting to read the [%s] " 1384 "xattr from the lower file; return value = " 1385 "[%zd]\n", ECRYPTFS_XATTR_NAME, size); 1386 rc = -EINVAL; 1387 goto out; 1388 } 1389 out: 1390 return rc; 1391 } 1392 1393 int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, 1394 struct inode *inode) 1395 { 1396 u8 file_size[ECRYPTFS_SIZE_AND_MARKER_BYTES]; 1397 u8 *marker = file_size + ECRYPTFS_FILE_SIZE_BYTES; 1398 int rc; 1399 1400 rc = ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), 1401 ECRYPTFS_XATTR_NAME, file_size, 1402 ECRYPTFS_SIZE_AND_MARKER_BYTES); 1403 if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) 1404 return rc >= 0 ? -EINVAL : rc; 1405 rc = ecryptfs_validate_marker(marker); 1406 if (!rc) 1407 ecryptfs_i_size_init(file_size, inode); 1408 return rc; 1409 } 1410 1411 /** 1412 * ecryptfs_read_metadata 1413 * 1414 * Common entry point for reading file metadata. From here, we could 1415 * retrieve the header information from the header region of the file, 1416 * the xattr region of the file, or some other repostory that is 1417 * stored separately from the file itself. The current implementation 1418 * supports retrieving the metadata information from the file contents 1419 * and from the xattr region. 1420 * 1421 * Returns zero if valid headers found and parsed; non-zero otherwise 1422 */ 1423 int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) 1424 { 1425 int rc; 1426 char *page_virt; 1427 struct inode *ecryptfs_inode = d_inode(ecryptfs_dentry); 1428 struct ecryptfs_crypt_stat *crypt_stat = 1429 &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat; 1430 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 1431 &ecryptfs_superblock_to_private( 1432 ecryptfs_dentry->d_sb)->mount_crypt_stat; 1433 1434 ecryptfs_copy_mount_wide_flags_to_inode_flags(crypt_stat, 1435 mount_crypt_stat); 1436 /* Read the first page from the underlying file */ 1437 page_virt = kmem_cache_alloc(ecryptfs_header_cache, GFP_USER); 1438 if (!page_virt) { 1439 rc = -ENOMEM; 1440 printk(KERN_ERR "%s: Unable to allocate page_virt\n", 1441 __func__); 1442 goto out; 1443 } 1444 rc = ecryptfs_read_lower(page_virt, 0, crypt_stat->extent_size, 1445 ecryptfs_inode); 1446 if (rc >= 0) 1447 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, 1448 ecryptfs_dentry, 1449 ECRYPTFS_VALIDATE_HEADER_SIZE); 1450 if (rc) { 1451 /* metadata is not in the file header, so try xattrs */ 1452 memset(page_virt, 0, PAGE_CACHE_SIZE); 1453 rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode); 1454 if (rc) { 1455 printk(KERN_DEBUG "Valid eCryptfs headers not found in " 1456 "file header region or xattr region, inode %lu\n", 1457 ecryptfs_inode->i_ino); 1458 rc = -EINVAL; 1459 goto out; 1460 } 1461 rc = ecryptfs_read_headers_virt(page_virt, crypt_stat, 1462 ecryptfs_dentry, 1463 ECRYPTFS_DONT_VALIDATE_HEADER_SIZE); 1464 if (rc) { 1465 printk(KERN_DEBUG "Valid eCryptfs headers not found in " 1466 "file xattr region either, inode %lu\n", 1467 ecryptfs_inode->i_ino); 1468 rc = -EINVAL; 1469 } 1470 if (crypt_stat->mount_crypt_stat->flags 1471 & ECRYPTFS_XATTR_METADATA_ENABLED) { 1472 crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR; 1473 } else { 1474 printk(KERN_WARNING "Attempt to access file with " 1475 "crypto metadata only in the extended attribute " 1476 "region, but eCryptfs was mounted without " 1477 "xattr support enabled. eCryptfs will not treat " 1478 "this like an encrypted file, inode %lu\n", 1479 ecryptfs_inode->i_ino); 1480 rc = -EINVAL; 1481 } 1482 } 1483 out: 1484 if (page_virt) { 1485 memset(page_virt, 0, PAGE_CACHE_SIZE); 1486 kmem_cache_free(ecryptfs_header_cache, page_virt); 1487 } 1488 return rc; 1489 } 1490 1491 /** 1492 * ecryptfs_encrypt_filename - encrypt filename 1493 * 1494 * CBC-encrypts the filename. We do not want to encrypt the same 1495 * filename with the same key and IV, which may happen with hard 1496 * links, so we prepend random bits to each filename. 1497 * 1498 * Returns zero on success; non-zero otherwise 1499 */ 1500 static int 1501 ecryptfs_encrypt_filename(struct ecryptfs_filename *filename, 1502 struct ecryptfs_crypt_stat *crypt_stat, 1503 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 1504 { 1505 int rc = 0; 1506 1507 filename->encrypted_filename = NULL; 1508 filename->encrypted_filename_size = 0; 1509 if ((crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCFN_USE_MOUNT_FNEK)) 1510 || (mount_crypt_stat && (mount_crypt_stat->flags 1511 & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) { 1512 size_t packet_size; 1513 size_t remaining_bytes; 1514 1515 rc = ecryptfs_write_tag_70_packet( 1516 NULL, NULL, 1517 &filename->encrypted_filename_size, 1518 mount_crypt_stat, NULL, 1519 filename->filename_size); 1520 if (rc) { 1521 printk(KERN_ERR "%s: Error attempting to get packet " 1522 "size for tag 72; rc = [%d]\n", __func__, 1523 rc); 1524 filename->encrypted_filename_size = 0; 1525 goto out; 1526 } 1527 filename->encrypted_filename = 1528 kmalloc(filename->encrypted_filename_size, GFP_KERNEL); 1529 if (!filename->encrypted_filename) { 1530 printk(KERN_ERR "%s: Out of memory whilst attempting " 1531 "to kmalloc [%zd] bytes\n", __func__, 1532 filename->encrypted_filename_size); 1533 rc = -ENOMEM; 1534 goto out; 1535 } 1536 remaining_bytes = filename->encrypted_filename_size; 1537 rc = ecryptfs_write_tag_70_packet(filename->encrypted_filename, 1538 &remaining_bytes, 1539 &packet_size, 1540 mount_crypt_stat, 1541 filename->filename, 1542 filename->filename_size); 1543 if (rc) { 1544 printk(KERN_ERR "%s: Error attempting to generate " 1545 "tag 70 packet; rc = [%d]\n", __func__, 1546 rc); 1547 kfree(filename->encrypted_filename); 1548 filename->encrypted_filename = NULL; 1549 filename->encrypted_filename_size = 0; 1550 goto out; 1551 } 1552 filename->encrypted_filename_size = packet_size; 1553 } else { 1554 printk(KERN_ERR "%s: No support for requested filename " 1555 "encryption method in this release\n", __func__); 1556 rc = -EOPNOTSUPP; 1557 goto out; 1558 } 1559 out: 1560 return rc; 1561 } 1562 1563 static int ecryptfs_copy_filename(char **copied_name, size_t *copied_name_size, 1564 const char *name, size_t name_size) 1565 { 1566 int rc = 0; 1567 1568 (*copied_name) = kmalloc((name_size + 1), GFP_KERNEL); 1569 if (!(*copied_name)) { 1570 rc = -ENOMEM; 1571 goto out; 1572 } 1573 memcpy((void *)(*copied_name), (void *)name, name_size); 1574 (*copied_name)[(name_size)] = '\0'; /* Only for convenience 1575 * in printing out the 1576 * string in debug 1577 * messages */ 1578 (*copied_name_size) = name_size; 1579 out: 1580 return rc; 1581 } 1582 1583 /** 1584 * ecryptfs_process_key_cipher - Perform key cipher initialization. 1585 * @key_tfm: Crypto context for key material, set by this function 1586 * @cipher_name: Name of the cipher 1587 * @key_size: Size of the key in bytes 1588 * 1589 * Returns zero on success. Any crypto_tfm structs allocated here 1590 * should be released by other functions, such as on a superblock put 1591 * event, regardless of whether this function succeeds for fails. 1592 */ 1593 static int 1594 ecryptfs_process_key_cipher(struct crypto_blkcipher **key_tfm, 1595 char *cipher_name, size_t *key_size) 1596 { 1597 char dummy_key[ECRYPTFS_MAX_KEY_BYTES]; 1598 char *full_alg_name = NULL; 1599 int rc; 1600 1601 *key_tfm = NULL; 1602 if (*key_size > ECRYPTFS_MAX_KEY_BYTES) { 1603 rc = -EINVAL; 1604 printk(KERN_ERR "Requested key size is [%zd] bytes; maximum " 1605 "allowable is [%d]\n", *key_size, ECRYPTFS_MAX_KEY_BYTES); 1606 goto out; 1607 } 1608 rc = ecryptfs_crypto_api_algify_cipher_name(&full_alg_name, cipher_name, 1609 "ecb"); 1610 if (rc) 1611 goto out; 1612 *key_tfm = crypto_alloc_blkcipher(full_alg_name, 0, CRYPTO_ALG_ASYNC); 1613 if (IS_ERR(*key_tfm)) { 1614 rc = PTR_ERR(*key_tfm); 1615 printk(KERN_ERR "Unable to allocate crypto cipher with name " 1616 "[%s]; rc = [%d]\n", full_alg_name, rc); 1617 goto out; 1618 } 1619 crypto_blkcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_WEAK_KEY); 1620 if (*key_size == 0) { 1621 struct blkcipher_alg *alg = crypto_blkcipher_alg(*key_tfm); 1622 1623 *key_size = alg->max_keysize; 1624 } 1625 get_random_bytes(dummy_key, *key_size); 1626 rc = crypto_blkcipher_setkey(*key_tfm, dummy_key, *key_size); 1627 if (rc) { 1628 printk(KERN_ERR "Error attempting to set key of size [%zd] for " 1629 "cipher [%s]; rc = [%d]\n", *key_size, full_alg_name, 1630 rc); 1631 rc = -EINVAL; 1632 goto out; 1633 } 1634 out: 1635 kfree(full_alg_name); 1636 return rc; 1637 } 1638 1639 struct kmem_cache *ecryptfs_key_tfm_cache; 1640 static struct list_head key_tfm_list; 1641 struct mutex key_tfm_list_mutex; 1642 1643 int __init ecryptfs_init_crypto(void) 1644 { 1645 mutex_init(&key_tfm_list_mutex); 1646 INIT_LIST_HEAD(&key_tfm_list); 1647 return 0; 1648 } 1649 1650 /** 1651 * ecryptfs_destroy_crypto - free all cached key_tfms on key_tfm_list 1652 * 1653 * Called only at module unload time 1654 */ 1655 int ecryptfs_destroy_crypto(void) 1656 { 1657 struct ecryptfs_key_tfm *key_tfm, *key_tfm_tmp; 1658 1659 mutex_lock(&key_tfm_list_mutex); 1660 list_for_each_entry_safe(key_tfm, key_tfm_tmp, &key_tfm_list, 1661 key_tfm_list) { 1662 list_del(&key_tfm->key_tfm_list); 1663 if (key_tfm->key_tfm) 1664 crypto_free_blkcipher(key_tfm->key_tfm); 1665 kmem_cache_free(ecryptfs_key_tfm_cache, key_tfm); 1666 } 1667 mutex_unlock(&key_tfm_list_mutex); 1668 return 0; 1669 } 1670 1671 int 1672 ecryptfs_add_new_key_tfm(struct ecryptfs_key_tfm **key_tfm, char *cipher_name, 1673 size_t key_size) 1674 { 1675 struct ecryptfs_key_tfm *tmp_tfm; 1676 int rc = 0; 1677 1678 BUG_ON(!mutex_is_locked(&key_tfm_list_mutex)); 1679 1680 tmp_tfm = kmem_cache_alloc(ecryptfs_key_tfm_cache, GFP_KERNEL); 1681 if (key_tfm != NULL) 1682 (*key_tfm) = tmp_tfm; 1683 if (!tmp_tfm) { 1684 rc = -ENOMEM; 1685 printk(KERN_ERR "Error attempting to allocate from " 1686 "ecryptfs_key_tfm_cache\n"); 1687 goto out; 1688 } 1689 mutex_init(&tmp_tfm->key_tfm_mutex); 1690 strncpy(tmp_tfm->cipher_name, cipher_name, 1691 ECRYPTFS_MAX_CIPHER_NAME_SIZE); 1692 tmp_tfm->cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE] = '\0'; 1693 tmp_tfm->key_size = key_size; 1694 rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm, 1695 tmp_tfm->cipher_name, 1696 &tmp_tfm->key_size); 1697 if (rc) { 1698 printk(KERN_ERR "Error attempting to initialize key TFM " 1699 "cipher with name = [%s]; rc = [%d]\n", 1700 tmp_tfm->cipher_name, rc); 1701 kmem_cache_free(ecryptfs_key_tfm_cache, tmp_tfm); 1702 if (key_tfm != NULL) 1703 (*key_tfm) = NULL; 1704 goto out; 1705 } 1706 list_add(&tmp_tfm->key_tfm_list, &key_tfm_list); 1707 out: 1708 return rc; 1709 } 1710 1711 /** 1712 * ecryptfs_tfm_exists - Search for existing tfm for cipher_name. 1713 * @cipher_name: the name of the cipher to search for 1714 * @key_tfm: set to corresponding tfm if found 1715 * 1716 * Searches for cached key_tfm matching @cipher_name 1717 * Must be called with &key_tfm_list_mutex held 1718 * Returns 1 if found, with @key_tfm set 1719 * Returns 0 if not found, with @key_tfm set to NULL 1720 */ 1721 int ecryptfs_tfm_exists(char *cipher_name, struct ecryptfs_key_tfm **key_tfm) 1722 { 1723 struct ecryptfs_key_tfm *tmp_key_tfm; 1724 1725 BUG_ON(!mutex_is_locked(&key_tfm_list_mutex)); 1726 1727 list_for_each_entry(tmp_key_tfm, &key_tfm_list, key_tfm_list) { 1728 if (strcmp(tmp_key_tfm->cipher_name, cipher_name) == 0) { 1729 if (key_tfm) 1730 (*key_tfm) = tmp_key_tfm; 1731 return 1; 1732 } 1733 } 1734 if (key_tfm) 1735 (*key_tfm) = NULL; 1736 return 0; 1737 } 1738 1739 /** 1740 * ecryptfs_get_tfm_and_mutex_for_cipher_name 1741 * 1742 * @tfm: set to cached tfm found, or new tfm created 1743 * @tfm_mutex: set to mutex for cached tfm found, or new tfm created 1744 * @cipher_name: the name of the cipher to search for and/or add 1745 * 1746 * Sets pointers to @tfm & @tfm_mutex matching @cipher_name. 1747 * Searches for cached item first, and creates new if not found. 1748 * Returns 0 on success, non-zero if adding new cipher failed 1749 */ 1750 int ecryptfs_get_tfm_and_mutex_for_cipher_name(struct crypto_blkcipher **tfm, 1751 struct mutex **tfm_mutex, 1752 char *cipher_name) 1753 { 1754 struct ecryptfs_key_tfm *key_tfm; 1755 int rc = 0; 1756 1757 (*tfm) = NULL; 1758 (*tfm_mutex) = NULL; 1759 1760 mutex_lock(&key_tfm_list_mutex); 1761 if (!ecryptfs_tfm_exists(cipher_name, &key_tfm)) { 1762 rc = ecryptfs_add_new_key_tfm(&key_tfm, cipher_name, 0); 1763 if (rc) { 1764 printk(KERN_ERR "Error adding new key_tfm to list; " 1765 "rc = [%d]\n", rc); 1766 goto out; 1767 } 1768 } 1769 (*tfm) = key_tfm->key_tfm; 1770 (*tfm_mutex) = &key_tfm->key_tfm_mutex; 1771 out: 1772 mutex_unlock(&key_tfm_list_mutex); 1773 return rc; 1774 } 1775 1776 /* 64 characters forming a 6-bit target field */ 1777 static unsigned char *portable_filename_chars = ("-.0123456789ABCD" 1778 "EFGHIJKLMNOPQRST" 1779 "UVWXYZabcdefghij" 1780 "klmnopqrstuvwxyz"); 1781 1782 /* We could either offset on every reverse map or just pad some 0x00's 1783 * at the front here */ 1784 static const unsigned char filename_rev_map[256] = { 1785 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */ 1786 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */ 1787 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */ 1788 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */ 1789 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */ 1790 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */ 1791 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */ 1792 0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */ 1793 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */ 1794 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */ 1795 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */ 1796 0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */ 1797 0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */ 1798 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */ 1799 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */ 1800 0x3D, 0x3E, 0x3F /* 123 - 255 initialized to 0x00 */ 1801 }; 1802 1803 /** 1804 * ecryptfs_encode_for_filename 1805 * @dst: Destination location for encoded filename 1806 * @dst_size: Size of the encoded filename in bytes 1807 * @src: Source location for the filename to encode 1808 * @src_size: Size of the source in bytes 1809 */ 1810 static void ecryptfs_encode_for_filename(unsigned char *dst, size_t *dst_size, 1811 unsigned char *src, size_t src_size) 1812 { 1813 size_t num_blocks; 1814 size_t block_num = 0; 1815 size_t dst_offset = 0; 1816 unsigned char last_block[3]; 1817 1818 if (src_size == 0) { 1819 (*dst_size) = 0; 1820 goto out; 1821 } 1822 num_blocks = (src_size / 3); 1823 if ((src_size % 3) == 0) { 1824 memcpy(last_block, (&src[src_size - 3]), 3); 1825 } else { 1826 num_blocks++; 1827 last_block[2] = 0x00; 1828 switch (src_size % 3) { 1829 case 1: 1830 last_block[0] = src[src_size - 1]; 1831 last_block[1] = 0x00; 1832 break; 1833 case 2: 1834 last_block[0] = src[src_size - 2]; 1835 last_block[1] = src[src_size - 1]; 1836 } 1837 } 1838 (*dst_size) = (num_blocks * 4); 1839 if (!dst) 1840 goto out; 1841 while (block_num < num_blocks) { 1842 unsigned char *src_block; 1843 unsigned char dst_block[4]; 1844 1845 if (block_num == (num_blocks - 1)) 1846 src_block = last_block; 1847 else 1848 src_block = &src[block_num * 3]; 1849 dst_block[0] = ((src_block[0] >> 2) & 0x3F); 1850 dst_block[1] = (((src_block[0] << 4) & 0x30) 1851 | ((src_block[1] >> 4) & 0x0F)); 1852 dst_block[2] = (((src_block[1] << 2) & 0x3C) 1853 | ((src_block[2] >> 6) & 0x03)); 1854 dst_block[3] = (src_block[2] & 0x3F); 1855 dst[dst_offset++] = portable_filename_chars[dst_block[0]]; 1856 dst[dst_offset++] = portable_filename_chars[dst_block[1]]; 1857 dst[dst_offset++] = portable_filename_chars[dst_block[2]]; 1858 dst[dst_offset++] = portable_filename_chars[dst_block[3]]; 1859 block_num++; 1860 } 1861 out: 1862 return; 1863 } 1864 1865 static size_t ecryptfs_max_decoded_size(size_t encoded_size) 1866 { 1867 /* Not exact; conservatively long. Every block of 4 1868 * encoded characters decodes into a block of 3 1869 * decoded characters. This segment of code provides 1870 * the caller with the maximum amount of allocated 1871 * space that @dst will need to point to in a 1872 * subsequent call. */ 1873 return ((encoded_size + 1) * 3) / 4; 1874 } 1875 1876 /** 1877 * ecryptfs_decode_from_filename 1878 * @dst: If NULL, this function only sets @dst_size and returns. If 1879 * non-NULL, this function decodes the encoded octets in @src 1880 * into the memory that @dst points to. 1881 * @dst_size: Set to the size of the decoded string. 1882 * @src: The encoded set of octets to decode. 1883 * @src_size: The size of the encoded set of octets to decode. 1884 */ 1885 static void 1886 ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size, 1887 const unsigned char *src, size_t src_size) 1888 { 1889 u8 current_bit_offset = 0; 1890 size_t src_byte_offset = 0; 1891 size_t dst_byte_offset = 0; 1892 1893 if (dst == NULL) { 1894 (*dst_size) = ecryptfs_max_decoded_size(src_size); 1895 goto out; 1896 } 1897 while (src_byte_offset < src_size) { 1898 unsigned char src_byte = 1899 filename_rev_map[(int)src[src_byte_offset]]; 1900 1901 switch (current_bit_offset) { 1902 case 0: 1903 dst[dst_byte_offset] = (src_byte << 2); 1904 current_bit_offset = 6; 1905 break; 1906 case 6: 1907 dst[dst_byte_offset++] |= (src_byte >> 4); 1908 dst[dst_byte_offset] = ((src_byte & 0xF) 1909 << 4); 1910 current_bit_offset = 4; 1911 break; 1912 case 4: 1913 dst[dst_byte_offset++] |= (src_byte >> 2); 1914 dst[dst_byte_offset] = (src_byte << 6); 1915 current_bit_offset = 2; 1916 break; 1917 case 2: 1918 dst[dst_byte_offset++] |= (src_byte); 1919 current_bit_offset = 0; 1920 break; 1921 } 1922 src_byte_offset++; 1923 } 1924 (*dst_size) = dst_byte_offset; 1925 out: 1926 return; 1927 } 1928 1929 /** 1930 * ecryptfs_encrypt_and_encode_filename - converts a plaintext file name to cipher text 1931 * @crypt_stat: The crypt_stat struct associated with the file anem to encode 1932 * @name: The plaintext name 1933 * @length: The length of the plaintext 1934 * @encoded_name: The encypted name 1935 * 1936 * Encrypts and encodes a filename into something that constitutes a 1937 * valid filename for a filesystem, with printable characters. 1938 * 1939 * We assume that we have a properly initialized crypto context, 1940 * pointed to by crypt_stat->tfm. 1941 * 1942 * Returns zero on success; non-zero on otherwise 1943 */ 1944 int ecryptfs_encrypt_and_encode_filename( 1945 char **encoded_name, 1946 size_t *encoded_name_size, 1947 struct ecryptfs_crypt_stat *crypt_stat, 1948 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 1949 const char *name, size_t name_size) 1950 { 1951 size_t encoded_name_no_prefix_size; 1952 int rc = 0; 1953 1954 (*encoded_name) = NULL; 1955 (*encoded_name_size) = 0; 1956 if ((crypt_stat && (crypt_stat->flags & ECRYPTFS_ENCRYPT_FILENAMES)) 1957 || (mount_crypt_stat && (mount_crypt_stat->flags 1958 & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES))) { 1959 struct ecryptfs_filename *filename; 1960 1961 filename = kzalloc(sizeof(*filename), GFP_KERNEL); 1962 if (!filename) { 1963 printk(KERN_ERR "%s: Out of memory whilst attempting " 1964 "to kzalloc [%zd] bytes\n", __func__, 1965 sizeof(*filename)); 1966 rc = -ENOMEM; 1967 goto out; 1968 } 1969 filename->filename = (char *)name; 1970 filename->filename_size = name_size; 1971 rc = ecryptfs_encrypt_filename(filename, crypt_stat, 1972 mount_crypt_stat); 1973 if (rc) { 1974 printk(KERN_ERR "%s: Error attempting to encrypt " 1975 "filename; rc = [%d]\n", __func__, rc); 1976 kfree(filename); 1977 goto out; 1978 } 1979 ecryptfs_encode_for_filename( 1980 NULL, &encoded_name_no_prefix_size, 1981 filename->encrypted_filename, 1982 filename->encrypted_filename_size); 1983 if ((crypt_stat && (crypt_stat->flags 1984 & ECRYPTFS_ENCFN_USE_MOUNT_FNEK)) 1985 || (mount_crypt_stat 1986 && (mount_crypt_stat->flags 1987 & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) 1988 (*encoded_name_size) = 1989 (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 1990 + encoded_name_no_prefix_size); 1991 else 1992 (*encoded_name_size) = 1993 (ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 1994 + encoded_name_no_prefix_size); 1995 (*encoded_name) = kmalloc((*encoded_name_size) + 1, GFP_KERNEL); 1996 if (!(*encoded_name)) { 1997 printk(KERN_ERR "%s: Out of memory whilst attempting " 1998 "to kzalloc [%zd] bytes\n", __func__, 1999 (*encoded_name_size)); 2000 rc = -ENOMEM; 2001 kfree(filename->encrypted_filename); 2002 kfree(filename); 2003 goto out; 2004 } 2005 if ((crypt_stat && (crypt_stat->flags 2006 & ECRYPTFS_ENCFN_USE_MOUNT_FNEK)) 2007 || (mount_crypt_stat 2008 && (mount_crypt_stat->flags 2009 & ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK))) { 2010 memcpy((*encoded_name), 2011 ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, 2012 ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE); 2013 ecryptfs_encode_for_filename( 2014 ((*encoded_name) 2015 + ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE), 2016 &encoded_name_no_prefix_size, 2017 filename->encrypted_filename, 2018 filename->encrypted_filename_size); 2019 (*encoded_name_size) = 2020 (ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 2021 + encoded_name_no_prefix_size); 2022 (*encoded_name)[(*encoded_name_size)] = '\0'; 2023 } else { 2024 rc = -EOPNOTSUPP; 2025 } 2026 if (rc) { 2027 printk(KERN_ERR "%s: Error attempting to encode " 2028 "encrypted filename; rc = [%d]\n", __func__, 2029 rc); 2030 kfree((*encoded_name)); 2031 (*encoded_name) = NULL; 2032 (*encoded_name_size) = 0; 2033 } 2034 kfree(filename->encrypted_filename); 2035 kfree(filename); 2036 } else { 2037 rc = ecryptfs_copy_filename(encoded_name, 2038 encoded_name_size, 2039 name, name_size); 2040 } 2041 out: 2042 return rc; 2043 } 2044 2045 /** 2046 * ecryptfs_decode_and_decrypt_filename - converts the encoded cipher text name to decoded plaintext 2047 * @plaintext_name: The plaintext name 2048 * @plaintext_name_size: The plaintext name size 2049 * @ecryptfs_dir_dentry: eCryptfs directory dentry 2050 * @name: The filename in cipher text 2051 * @name_size: The cipher text name size 2052 * 2053 * Decrypts and decodes the filename. 2054 * 2055 * Returns zero on error; non-zero otherwise 2056 */ 2057 int ecryptfs_decode_and_decrypt_filename(char **plaintext_name, 2058 size_t *plaintext_name_size, 2059 struct super_block *sb, 2060 const char *name, size_t name_size) 2061 { 2062 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2063 &ecryptfs_superblock_to_private(sb)->mount_crypt_stat; 2064 char *decoded_name; 2065 size_t decoded_name_size; 2066 size_t packet_size; 2067 int rc = 0; 2068 2069 if ((mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES) 2070 && !(mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) 2071 && (name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) 2072 && (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX, 2073 ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) { 2074 const char *orig_name = name; 2075 size_t orig_name_size = name_size; 2076 2077 name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; 2078 name_size -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; 2079 ecryptfs_decode_from_filename(NULL, &decoded_name_size, 2080 name, name_size); 2081 decoded_name = kmalloc(decoded_name_size, GFP_KERNEL); 2082 if (!decoded_name) { 2083 printk(KERN_ERR "%s: Out of memory whilst attempting " 2084 "to kmalloc [%zd] bytes\n", __func__, 2085 decoded_name_size); 2086 rc = -ENOMEM; 2087 goto out; 2088 } 2089 ecryptfs_decode_from_filename(decoded_name, &decoded_name_size, 2090 name, name_size); 2091 rc = ecryptfs_parse_tag_70_packet(plaintext_name, 2092 plaintext_name_size, 2093 &packet_size, 2094 mount_crypt_stat, 2095 decoded_name, 2096 decoded_name_size); 2097 if (rc) { 2098 printk(KERN_INFO "%s: Could not parse tag 70 packet " 2099 "from filename; copying through filename " 2100 "as-is\n", __func__); 2101 rc = ecryptfs_copy_filename(plaintext_name, 2102 plaintext_name_size, 2103 orig_name, orig_name_size); 2104 goto out_free; 2105 } 2106 } else { 2107 rc = ecryptfs_copy_filename(plaintext_name, 2108 plaintext_name_size, 2109 name, name_size); 2110 goto out; 2111 } 2112 out_free: 2113 kfree(decoded_name); 2114 out: 2115 return rc; 2116 } 2117 2118 #define ENC_NAME_MAX_BLOCKLEN_8_OR_16 143 2119 2120 int ecryptfs_set_f_namelen(long *namelen, long lower_namelen, 2121 struct ecryptfs_mount_crypt_stat *mount_crypt_stat) 2122 { 2123 struct blkcipher_desc desc; 2124 struct mutex *tfm_mutex; 2125 size_t cipher_blocksize; 2126 int rc; 2127 2128 if (!(mount_crypt_stat->flags & ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES)) { 2129 (*namelen) = lower_namelen; 2130 return 0; 2131 } 2132 2133 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 2134 mount_crypt_stat->global_default_fn_cipher_name); 2135 if (unlikely(rc)) { 2136 (*namelen) = 0; 2137 return rc; 2138 } 2139 2140 mutex_lock(tfm_mutex); 2141 cipher_blocksize = crypto_blkcipher_blocksize(desc.tfm); 2142 mutex_unlock(tfm_mutex); 2143 2144 /* Return an exact amount for the common cases */ 2145 if (lower_namelen == NAME_MAX 2146 && (cipher_blocksize == 8 || cipher_blocksize == 16)) { 2147 (*namelen) = ENC_NAME_MAX_BLOCKLEN_8_OR_16; 2148 return 0; 2149 } 2150 2151 /* Return a safe estimate for the uncommon cases */ 2152 (*namelen) = lower_namelen; 2153 (*namelen) -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE; 2154 /* Since this is the max decoded size, subtract 1 "decoded block" len */ 2155 (*namelen) = ecryptfs_max_decoded_size(*namelen) - 3; 2156 (*namelen) -= ECRYPTFS_TAG_70_MAX_METADATA_SIZE; 2157 (*namelen) -= ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES; 2158 /* Worst case is that the filename is padded nearly a full block size */ 2159 (*namelen) -= cipher_blocksize - 1; 2160 2161 if ((*namelen) < 0) 2162 (*namelen) = 0; 2163 2164 return 0; 2165 } 2166