1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * In-kernel key management code. Includes functions to parse and 4 * write authentication token-related packets with the underlying 5 * file. 6 * 7 * Copyright (C) 2004-2006 International Business Machines Corp. 8 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 9 * Michael C. Thompson <mcthomps@us.ibm.com> 10 * Trevor S. Highland <trevor.highland@gmail.com> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License as 14 * published by the Free Software Foundation; either version 2 of the 15 * License, or (at your option) any later version. 16 * 17 * This program is distributed in the hope that it will be useful, but 18 * WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 20 * General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, write to the Free Software 24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 25 * 02111-1307, USA. 26 */ 27 28 #include <linux/string.h> 29 #include <linux/syscalls.h> 30 #include <linux/pagemap.h> 31 #include <linux/key.h> 32 #include <linux/random.h> 33 #include <linux/crypto.h> 34 #include <linux/scatterlist.h> 35 #include "ecryptfs_kernel.h" 36 37 /** 38 * request_key returned an error instead of a valid key address; 39 * determine the type of error, make appropriate log entries, and 40 * return an error code. 41 */ 42 static int process_request_key_err(long err_code) 43 { 44 int rc = 0; 45 46 switch (err_code) { 47 case -ENOKEY: 48 ecryptfs_printk(KERN_WARNING, "No key\n"); 49 rc = -ENOENT; 50 break; 51 case -EKEYEXPIRED: 52 ecryptfs_printk(KERN_WARNING, "Key expired\n"); 53 rc = -ETIME; 54 break; 55 case -EKEYREVOKED: 56 ecryptfs_printk(KERN_WARNING, "Key revoked\n"); 57 rc = -EINVAL; 58 break; 59 default: 60 ecryptfs_printk(KERN_WARNING, "Unknown error code: " 61 "[0x%.16x]\n", err_code); 62 rc = -EINVAL; 63 } 64 return rc; 65 } 66 67 /** 68 * ecryptfs_parse_packet_length 69 * @data: Pointer to memory containing length at offset 70 * @size: This function writes the decoded size to this memory 71 * address; zero on error 72 * @length_size: The number of bytes occupied by the encoded length 73 * 74 * Returns zero on success; non-zero on error 75 */ 76 int ecryptfs_parse_packet_length(unsigned char *data, size_t *size, 77 size_t *length_size) 78 { 79 int rc = 0; 80 81 (*length_size) = 0; 82 (*size) = 0; 83 if (data[0] < 192) { 84 /* One-byte length */ 85 (*size) = (unsigned char)data[0]; 86 (*length_size) = 1; 87 } else if (data[0] < 224) { 88 /* Two-byte length */ 89 (*size) = (((unsigned char)(data[0]) - 192) * 256); 90 (*size) += ((unsigned char)(data[1]) + 192); 91 (*length_size) = 2; 92 } else if (data[0] == 255) { 93 /* Five-byte length; we're not supposed to see this */ 94 ecryptfs_printk(KERN_ERR, "Five-byte packet length not " 95 "supported\n"); 96 rc = -EINVAL; 97 goto out; 98 } else { 99 ecryptfs_printk(KERN_ERR, "Error parsing packet length\n"); 100 rc = -EINVAL; 101 goto out; 102 } 103 out: 104 return rc; 105 } 106 107 /** 108 * ecryptfs_write_packet_length 109 * @dest: The byte array target into which to write the length. Must 110 * have at least 5 bytes allocated. 111 * @size: The length to write. 112 * @packet_size_length: The number of bytes used to encode the packet 113 * length is written to this address. 114 * 115 * Returns zero on success; non-zero on error. 116 */ 117 int ecryptfs_write_packet_length(char *dest, size_t size, 118 size_t *packet_size_length) 119 { 120 int rc = 0; 121 122 if (size < 192) { 123 dest[0] = size; 124 (*packet_size_length) = 1; 125 } else if (size < 65536) { 126 dest[0] = (((size - 192) / 256) + 192); 127 dest[1] = ((size - 192) % 256); 128 (*packet_size_length) = 2; 129 } else { 130 rc = -EINVAL; 131 ecryptfs_printk(KERN_WARNING, 132 "Unsupported packet size: [%d]\n", size); 133 } 134 return rc; 135 } 136 137 static int 138 write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key, 139 char **packet, size_t *packet_len) 140 { 141 size_t i = 0; 142 size_t data_len; 143 size_t packet_size_len; 144 char *message; 145 int rc; 146 147 /* 148 * ***** TAG 64 Packet Format ***** 149 * | Content Type | 1 byte | 150 * | Key Identifier Size | 1 or 2 bytes | 151 * | Key Identifier | arbitrary | 152 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 153 * | Encrypted File Encryption Key | arbitrary | 154 */ 155 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX 156 + session_key->encrypted_key_size); 157 *packet = kmalloc(data_len, GFP_KERNEL); 158 message = *packet; 159 if (!message) { 160 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 161 rc = -ENOMEM; 162 goto out; 163 } 164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE; 165 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 166 &packet_size_len); 167 if (rc) { 168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 169 "header; cannot generate packet length\n"); 170 goto out; 171 } 172 i += packet_size_len; 173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 174 i += ECRYPTFS_SIG_SIZE_HEX; 175 rc = ecryptfs_write_packet_length(&message[i], 176 session_key->encrypted_key_size, 177 &packet_size_len); 178 if (rc) { 179 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 180 "header; cannot generate packet length\n"); 181 goto out; 182 } 183 i += packet_size_len; 184 memcpy(&message[i], session_key->encrypted_key, 185 session_key->encrypted_key_size); 186 i += session_key->encrypted_key_size; 187 *packet_len = i; 188 out: 189 return rc; 190 } 191 192 static int 193 parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code, 194 struct ecryptfs_message *msg) 195 { 196 size_t i = 0; 197 char *data; 198 size_t data_len; 199 size_t m_size; 200 size_t message_len; 201 u16 checksum = 0; 202 u16 expected_checksum = 0; 203 int rc; 204 205 /* 206 * ***** TAG 65 Packet Format ***** 207 * | Content Type | 1 byte | 208 * | Status Indicator | 1 byte | 209 * | File Encryption Key Size | 1 or 2 bytes | 210 * | File Encryption Key | arbitrary | 211 */ 212 message_len = msg->data_len; 213 data = msg->data; 214 if (message_len < 4) { 215 rc = -EIO; 216 goto out; 217 } 218 if (data[i++] != ECRYPTFS_TAG_65_PACKET_TYPE) { 219 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_65\n"); 220 rc = -EIO; 221 goto out; 222 } 223 if (data[i++]) { 224 ecryptfs_printk(KERN_ERR, "Status indicator has non-zero value " 225 "[%d]\n", data[i-1]); 226 rc = -EIO; 227 goto out; 228 } 229 rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len); 230 if (rc) { 231 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 232 "rc = [%d]\n", rc); 233 goto out; 234 } 235 i += data_len; 236 if (message_len < (i + m_size)) { 237 ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd " 238 "is shorter than expected\n"); 239 rc = -EIO; 240 goto out; 241 } 242 if (m_size < 3) { 243 ecryptfs_printk(KERN_ERR, 244 "The decrypted key is not long enough to " 245 "include a cipher code and checksum\n"); 246 rc = -EIO; 247 goto out; 248 } 249 *cipher_code = data[i++]; 250 /* The decrypted key includes 1 byte cipher code and 2 byte checksum */ 251 session_key->decrypted_key_size = m_size - 3; 252 if (session_key->decrypted_key_size > ECRYPTFS_MAX_KEY_BYTES) { 253 ecryptfs_printk(KERN_ERR, "key_size [%d] larger than " 254 "the maximum key size [%d]\n", 255 session_key->decrypted_key_size, 256 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 257 rc = -EIO; 258 goto out; 259 } 260 memcpy(session_key->decrypted_key, &data[i], 261 session_key->decrypted_key_size); 262 i += session_key->decrypted_key_size; 263 expected_checksum += (unsigned char)(data[i++]) << 8; 264 expected_checksum += (unsigned char)(data[i++]); 265 for (i = 0; i < session_key->decrypted_key_size; i++) 266 checksum += session_key->decrypted_key[i]; 267 if (expected_checksum != checksum) { 268 ecryptfs_printk(KERN_ERR, "Invalid checksum for file " 269 "encryption key; expected [%x]; calculated " 270 "[%x]\n", expected_checksum, checksum); 271 rc = -EIO; 272 } 273 out: 274 return rc; 275 } 276 277 278 static int 279 write_tag_66_packet(char *signature, u8 cipher_code, 280 struct ecryptfs_crypt_stat *crypt_stat, char **packet, 281 size_t *packet_len) 282 { 283 size_t i = 0; 284 size_t j; 285 size_t data_len; 286 size_t checksum = 0; 287 size_t packet_size_len; 288 char *message; 289 int rc; 290 291 /* 292 * ***** TAG 66 Packet Format ***** 293 * | Content Type | 1 byte | 294 * | Key Identifier Size | 1 or 2 bytes | 295 * | Key Identifier | arbitrary | 296 * | File Encryption Key Size | 1 or 2 bytes | 297 * | File Encryption Key | arbitrary | 298 */ 299 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX + crypt_stat->key_size); 300 *packet = kmalloc(data_len, GFP_KERNEL); 301 message = *packet; 302 if (!message) { 303 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 304 rc = -ENOMEM; 305 goto out; 306 } 307 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE; 308 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 309 &packet_size_len); 310 if (rc) { 311 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 312 "header; cannot generate packet length\n"); 313 goto out; 314 } 315 i += packet_size_len; 316 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 317 i += ECRYPTFS_SIG_SIZE_HEX; 318 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */ 319 rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3, 320 &packet_size_len); 321 if (rc) { 322 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 323 "header; cannot generate packet length\n"); 324 goto out; 325 } 326 i += packet_size_len; 327 message[i++] = cipher_code; 328 memcpy(&message[i], crypt_stat->key, crypt_stat->key_size); 329 i += crypt_stat->key_size; 330 for (j = 0; j < crypt_stat->key_size; j++) 331 checksum += crypt_stat->key[j]; 332 message[i++] = (checksum / 256) % 256; 333 message[i++] = (checksum % 256); 334 *packet_len = i; 335 out: 336 return rc; 337 } 338 339 static int 340 parse_tag_67_packet(struct ecryptfs_key_record *key_rec, 341 struct ecryptfs_message *msg) 342 { 343 size_t i = 0; 344 char *data; 345 size_t data_len; 346 size_t message_len; 347 int rc; 348 349 /* 350 * ***** TAG 65 Packet Format ***** 351 * | Content Type | 1 byte | 352 * | Status Indicator | 1 byte | 353 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 354 * | Encrypted File Encryption Key | arbitrary | 355 */ 356 message_len = msg->data_len; 357 data = msg->data; 358 /* verify that everything through the encrypted FEK size is present */ 359 if (message_len < 4) { 360 rc = -EIO; 361 printk(KERN_ERR "%s: message_len is [%zd]; minimum acceptable " 362 "message length is [%d]\n", __func__, message_len, 4); 363 goto out; 364 } 365 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) { 366 rc = -EIO; 367 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n", 368 __func__); 369 goto out; 370 } 371 if (data[i++]) { 372 rc = -EIO; 373 printk(KERN_ERR "%s: Status indicator has non zero " 374 "value [%d]\n", __func__, data[i-1]); 375 376 goto out; 377 } 378 rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size, 379 &data_len); 380 if (rc) { 381 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 382 "rc = [%d]\n", rc); 383 goto out; 384 } 385 i += data_len; 386 if (message_len < (i + key_rec->enc_key_size)) { 387 rc = -EIO; 388 printk(KERN_ERR "%s: message_len [%zd]; max len is [%zd]\n", 389 __func__, message_len, (i + key_rec->enc_key_size)); 390 goto out; 391 } 392 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 393 rc = -EIO; 394 printk(KERN_ERR "%s: Encrypted key_size [%zd] larger than " 395 "the maximum key size [%d]\n", __func__, 396 key_rec->enc_key_size, 397 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 398 goto out; 399 } 400 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size); 401 out: 402 return rc; 403 } 404 405 static int 406 ecryptfs_find_global_auth_tok_for_sig( 407 struct ecryptfs_global_auth_tok **global_auth_tok, 408 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig) 409 { 410 struct ecryptfs_global_auth_tok *walker; 411 int rc = 0; 412 413 (*global_auth_tok) = NULL; 414 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 415 list_for_each_entry(walker, 416 &mount_crypt_stat->global_auth_tok_list, 417 mount_crypt_stat_list) { 418 if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX) == 0) { 419 (*global_auth_tok) = walker; 420 goto out; 421 } 422 } 423 rc = -EINVAL; 424 out: 425 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 426 return rc; 427 } 428 429 /** 430 * ecryptfs_find_auth_tok_for_sig 431 * @auth_tok: Set to the matching auth_tok; NULL if not found 432 * @crypt_stat: inode crypt_stat crypto context 433 * @sig: Sig of auth_tok to find 434 * 435 * For now, this function simply looks at the registered auth_tok's 436 * linked off the mount_crypt_stat, so all the auth_toks that can be 437 * used must be registered at mount time. This function could 438 * potentially try a lot harder to find auth_tok's (e.g., by calling 439 * out to ecryptfsd to dynamically retrieve an auth_tok object) so 440 * that static registration of auth_tok's will no longer be necessary. 441 * 442 * Returns zero on no error; non-zero on error 443 */ 444 static int 445 ecryptfs_find_auth_tok_for_sig( 446 struct ecryptfs_auth_tok **auth_tok, 447 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 448 char *sig) 449 { 450 struct ecryptfs_global_auth_tok *global_auth_tok; 451 int rc = 0; 452 453 (*auth_tok) = NULL; 454 if (ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 455 mount_crypt_stat, sig)) { 456 struct key *auth_tok_key; 457 458 rc = ecryptfs_keyring_auth_tok_for_sig(&auth_tok_key, auth_tok, 459 sig); 460 } else 461 (*auth_tok) = global_auth_tok->global_auth_tok; 462 return rc; 463 } 464 465 /** 466 * write_tag_70_packet can gobble a lot of stack space. We stuff most 467 * of the function's parameters in a kmalloc'd struct to help reduce 468 * eCryptfs' overall stack usage. 469 */ 470 struct ecryptfs_write_tag_70_packet_silly_stack { 471 u8 cipher_code; 472 size_t max_packet_size; 473 size_t packet_size_len; 474 size_t block_aligned_filename_size; 475 size_t block_size; 476 size_t i; 477 size_t j; 478 size_t num_rand_bytes; 479 struct mutex *tfm_mutex; 480 char *block_aligned_filename; 481 struct ecryptfs_auth_tok *auth_tok; 482 struct scatterlist src_sg; 483 struct scatterlist dst_sg; 484 struct blkcipher_desc desc; 485 char iv[ECRYPTFS_MAX_IV_BYTES]; 486 char hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 487 char tmp_hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 488 struct hash_desc hash_desc; 489 struct scatterlist hash_sg; 490 }; 491 492 /** 493 * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK 494 * @filename: NULL-terminated filename string 495 * 496 * This is the simplest mechanism for achieving filename encryption in 497 * eCryptfs. It encrypts the given filename with the mount-wide 498 * filename encryption key (FNEK) and stores it in a packet to @dest, 499 * which the callee will encode and write directly into the dentry 500 * name. 501 */ 502 int 503 ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes, 504 size_t *packet_size, 505 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 506 char *filename, size_t filename_size) 507 { 508 struct ecryptfs_write_tag_70_packet_silly_stack *s; 509 int rc = 0; 510 511 s = kmalloc(sizeof(*s), GFP_KERNEL); 512 if (!s) { 513 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 514 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 515 goto out; 516 } 517 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 518 (*packet_size) = 0; 519 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name( 520 &s->desc.tfm, 521 &s->tfm_mutex, mount_crypt_stat->global_default_fn_cipher_name); 522 if (unlikely(rc)) { 523 printk(KERN_ERR "Internal error whilst attempting to get " 524 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 525 mount_crypt_stat->global_default_fn_cipher_name, rc); 526 goto out; 527 } 528 mutex_lock(s->tfm_mutex); 529 s->block_size = crypto_blkcipher_blocksize(s->desc.tfm); 530 /* Plus one for the \0 separator between the random prefix 531 * and the plaintext filename */ 532 s->num_rand_bytes = (ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES + 1); 533 s->block_aligned_filename_size = (s->num_rand_bytes + filename_size); 534 if ((s->block_aligned_filename_size % s->block_size) != 0) { 535 s->num_rand_bytes += (s->block_size 536 - (s->block_aligned_filename_size 537 % s->block_size)); 538 s->block_aligned_filename_size = (s->num_rand_bytes 539 + filename_size); 540 } 541 /* Octet 0: Tag 70 identifier 542 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 543 * and block-aligned encrypted filename size) 544 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 545 * Octet N2-N3: Cipher identifier (1 octet) 546 * Octets N3-N4: Block-aligned encrypted filename 547 * - Consists of a minimum number of random characters, a \0 548 * separator, and then the filename */ 549 s->max_packet_size = (1 /* Tag 70 identifier */ 550 + 3 /* Max Tag 70 packet size */ 551 + ECRYPTFS_SIG_SIZE /* FNEK sig */ 552 + 1 /* Cipher identifier */ 553 + s->block_aligned_filename_size); 554 if (dest == NULL) { 555 (*packet_size) = s->max_packet_size; 556 goto out_unlock; 557 } 558 if (s->max_packet_size > (*remaining_bytes)) { 559 printk(KERN_WARNING "%s: Require [%zd] bytes to write; only " 560 "[%zd] available\n", __func__, s->max_packet_size, 561 (*remaining_bytes)); 562 rc = -EINVAL; 563 goto out_unlock; 564 } 565 s->block_aligned_filename = kzalloc(s->block_aligned_filename_size, 566 GFP_KERNEL); 567 if (!s->block_aligned_filename) { 568 printk(KERN_ERR "%s: Out of kernel memory whilst attempting to " 569 "kzalloc [%zd] bytes\n", __func__, 570 s->block_aligned_filename_size); 571 rc = -ENOMEM; 572 goto out_unlock; 573 } 574 s->i = 0; 575 dest[s->i++] = ECRYPTFS_TAG_70_PACKET_TYPE; 576 rc = ecryptfs_write_packet_length(&dest[s->i], 577 (ECRYPTFS_SIG_SIZE 578 + 1 /* Cipher code */ 579 + s->block_aligned_filename_size), 580 &s->packet_size_len); 581 if (rc) { 582 printk(KERN_ERR "%s: Error generating tag 70 packet " 583 "header; cannot generate packet length; rc = [%d]\n", 584 __func__, rc); 585 goto out_free_unlock; 586 } 587 s->i += s->packet_size_len; 588 ecryptfs_from_hex(&dest[s->i], 589 mount_crypt_stat->global_default_fnek_sig, 590 ECRYPTFS_SIG_SIZE); 591 s->i += ECRYPTFS_SIG_SIZE; 592 s->cipher_code = ecryptfs_code_for_cipher_string( 593 mount_crypt_stat->global_default_fn_cipher_name, 594 mount_crypt_stat->global_default_fn_cipher_key_bytes); 595 if (s->cipher_code == 0) { 596 printk(KERN_WARNING "%s: Unable to generate code for " 597 "cipher [%s] with key bytes [%zd]\n", __func__, 598 mount_crypt_stat->global_default_fn_cipher_name, 599 mount_crypt_stat->global_default_fn_cipher_key_bytes); 600 rc = -EINVAL; 601 goto out_free_unlock; 602 } 603 dest[s->i++] = s->cipher_code; 604 rc = ecryptfs_find_auth_tok_for_sig( 605 &s->auth_tok, mount_crypt_stat, 606 mount_crypt_stat->global_default_fnek_sig); 607 if (rc) { 608 printk(KERN_ERR "%s: Error attempting to find auth tok for " 609 "fnek sig [%s]; rc = [%d]\n", __func__, 610 mount_crypt_stat->global_default_fnek_sig, rc); 611 goto out_free_unlock; 612 } 613 /* TODO: Support other key modules than passphrase for 614 * filename encryption */ 615 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 616 sg_init_one( 617 &s->hash_sg, 618 (u8 *)s->auth_tok->token.password.session_key_encryption_key, 619 s->auth_tok->token.password.session_key_encryption_key_bytes); 620 s->hash_desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 621 s->hash_desc.tfm = crypto_alloc_hash(ECRYPTFS_TAG_70_DIGEST, 0, 622 CRYPTO_ALG_ASYNC); 623 if (IS_ERR(s->hash_desc.tfm)) { 624 rc = PTR_ERR(s->hash_desc.tfm); 625 printk(KERN_ERR "%s: Error attempting to " 626 "allocate hash crypto context; rc = [%d]\n", 627 __func__, rc); 628 goto out_free_unlock; 629 } 630 rc = crypto_hash_init(&s->hash_desc); 631 if (rc) { 632 printk(KERN_ERR 633 "%s: Error initializing crypto hash; rc = [%d]\n", 634 __func__, rc); 635 goto out_release_free_unlock; 636 } 637 rc = crypto_hash_update( 638 &s->hash_desc, &s->hash_sg, 639 s->auth_tok->token.password.session_key_encryption_key_bytes); 640 if (rc) { 641 printk(KERN_ERR 642 "%s: Error updating crypto hash; rc = [%d]\n", 643 __func__, rc); 644 goto out_release_free_unlock; 645 } 646 rc = crypto_hash_final(&s->hash_desc, s->hash); 647 if (rc) { 648 printk(KERN_ERR 649 "%s: Error finalizing crypto hash; rc = [%d]\n", 650 __func__, rc); 651 goto out_release_free_unlock; 652 } 653 for (s->j = 0; s->j < (s->num_rand_bytes - 1); s->j++) { 654 s->block_aligned_filename[s->j] = 655 s->hash[(s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)]; 656 if ((s->j % ECRYPTFS_TAG_70_DIGEST_SIZE) 657 == (ECRYPTFS_TAG_70_DIGEST_SIZE - 1)) { 658 sg_init_one(&s->hash_sg, (u8 *)s->hash, 659 ECRYPTFS_TAG_70_DIGEST_SIZE); 660 rc = crypto_hash_init(&s->hash_desc); 661 if (rc) { 662 printk(KERN_ERR 663 "%s: Error initializing crypto hash; " 664 "rc = [%d]\n", __func__, rc); 665 goto out_release_free_unlock; 666 } 667 rc = crypto_hash_update(&s->hash_desc, &s->hash_sg, 668 ECRYPTFS_TAG_70_DIGEST_SIZE); 669 if (rc) { 670 printk(KERN_ERR 671 "%s: Error updating crypto hash; " 672 "rc = [%d]\n", __func__, rc); 673 goto out_release_free_unlock; 674 } 675 rc = crypto_hash_final(&s->hash_desc, s->tmp_hash); 676 if (rc) { 677 printk(KERN_ERR 678 "%s: Error finalizing crypto hash; " 679 "rc = [%d]\n", __func__, rc); 680 goto out_release_free_unlock; 681 } 682 memcpy(s->hash, s->tmp_hash, 683 ECRYPTFS_TAG_70_DIGEST_SIZE); 684 } 685 if (s->block_aligned_filename[s->j] == '\0') 686 s->block_aligned_filename[s->j] = ECRYPTFS_NON_NULL; 687 } 688 memcpy(&s->block_aligned_filename[s->num_rand_bytes], filename, 689 filename_size); 690 rc = virt_to_scatterlist(s->block_aligned_filename, 691 s->block_aligned_filename_size, &s->src_sg, 1); 692 if (rc != 1) { 693 printk(KERN_ERR "%s: Internal error whilst attempting to " 694 "convert filename memory to scatterlist; " 695 "expected rc = 1; got rc = [%d]. " 696 "block_aligned_filename_size = [%zd]\n", __func__, rc, 697 s->block_aligned_filename_size); 698 goto out_release_free_unlock; 699 } 700 rc = virt_to_scatterlist(&dest[s->i], s->block_aligned_filename_size, 701 &s->dst_sg, 1); 702 if (rc != 1) { 703 printk(KERN_ERR "%s: Internal error whilst attempting to " 704 "convert encrypted filename memory to scatterlist; " 705 "expected rc = 1; got rc = [%d]. " 706 "block_aligned_filename_size = [%zd]\n", __func__, rc, 707 s->block_aligned_filename_size); 708 goto out_release_free_unlock; 709 } 710 /* The characters in the first block effectively do the job 711 * of the IV here, so we just use 0's for the IV. Note the 712 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 713 * >= ECRYPTFS_MAX_IV_BYTES. */ 714 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 715 s->desc.info = s->iv; 716 rc = crypto_blkcipher_setkey( 717 s->desc.tfm, 718 s->auth_tok->token.password.session_key_encryption_key, 719 mount_crypt_stat->global_default_fn_cipher_key_bytes); 720 if (rc < 0) { 721 printk(KERN_ERR "%s: Error setting key for crypto context; " 722 "rc = [%d]. s->auth_tok->token.password.session_key_" 723 "encryption_key = [0x%p]; mount_crypt_stat->" 724 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 725 rc, 726 s->auth_tok->token.password.session_key_encryption_key, 727 mount_crypt_stat->global_default_fn_cipher_key_bytes); 728 goto out_release_free_unlock; 729 } 730 rc = crypto_blkcipher_encrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 731 s->block_aligned_filename_size); 732 if (rc) { 733 printk(KERN_ERR "%s: Error attempting to encrypt filename; " 734 "rc = [%d]\n", __func__, rc); 735 goto out_release_free_unlock; 736 } 737 s->i += s->block_aligned_filename_size; 738 (*packet_size) = s->i; 739 (*remaining_bytes) -= (*packet_size); 740 out_release_free_unlock: 741 crypto_free_hash(s->hash_desc.tfm); 742 out_free_unlock: 743 memset(s->block_aligned_filename, 0, s->block_aligned_filename_size); 744 kfree(s->block_aligned_filename); 745 out_unlock: 746 mutex_unlock(s->tfm_mutex); 747 out: 748 kfree(s); 749 return rc; 750 } 751 752 struct ecryptfs_parse_tag_70_packet_silly_stack { 753 u8 cipher_code; 754 size_t max_packet_size; 755 size_t packet_size_len; 756 size_t parsed_tag_70_packet_size; 757 size_t block_aligned_filename_size; 758 size_t block_size; 759 size_t i; 760 struct mutex *tfm_mutex; 761 char *decrypted_filename; 762 struct ecryptfs_auth_tok *auth_tok; 763 struct scatterlist src_sg; 764 struct scatterlist dst_sg; 765 struct blkcipher_desc desc; 766 char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1]; 767 char iv[ECRYPTFS_MAX_IV_BYTES]; 768 char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE]; 769 }; 770 771 /** 772 * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet 773 * @filename: This function kmalloc's the memory for the filename 774 * @filename_size: This function sets this to the amount of memory 775 * kmalloc'd for the filename 776 * @packet_size: This function sets this to the the number of octets 777 * in the packet parsed 778 * @mount_crypt_stat: The mount-wide cryptographic context 779 * @data: The memory location containing the start of the tag 70 780 * packet 781 * @max_packet_size: The maximum legal size of the packet to be parsed 782 * from @data 783 * 784 * Returns zero on success; non-zero otherwise 785 */ 786 int 787 ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 788 size_t *packet_size, 789 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 790 char *data, size_t max_packet_size) 791 { 792 struct ecryptfs_parse_tag_70_packet_silly_stack *s; 793 int rc = 0; 794 795 (*packet_size) = 0; 796 (*filename_size) = 0; 797 (*filename) = NULL; 798 s = kmalloc(sizeof(*s), GFP_KERNEL); 799 if (!s) { 800 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 801 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 802 goto out; 803 } 804 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 805 if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) { 806 printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be " 807 "at least [%d]\n", __func__, max_packet_size, 808 (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)); 809 rc = -EINVAL; 810 goto out; 811 } 812 /* Octet 0: Tag 70 identifier 813 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 814 * and block-aligned encrypted filename size) 815 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 816 * Octet N2-N3: Cipher identifier (1 octet) 817 * Octets N3-N4: Block-aligned encrypted filename 818 * - Consists of a minimum number of random numbers, a \0 819 * separator, and then the filename */ 820 if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) { 821 printk(KERN_WARNING "%s: Invalid packet tag [0x%.2x]; must be " 822 "tag [0x%.2x]\n", __func__, 823 data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE); 824 rc = -EINVAL; 825 goto out; 826 } 827 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], 828 &s->parsed_tag_70_packet_size, 829 &s->packet_size_len); 830 if (rc) { 831 printk(KERN_WARNING "%s: Error parsing packet length; " 832 "rc = [%d]\n", __func__, rc); 833 goto out; 834 } 835 s->block_aligned_filename_size = (s->parsed_tag_70_packet_size 836 - ECRYPTFS_SIG_SIZE - 1); 837 if ((1 + s->packet_size_len + s->parsed_tag_70_packet_size) 838 > max_packet_size) { 839 printk(KERN_WARNING "%s: max_packet_size is [%zd]; real packet " 840 "size is [%zd]\n", __func__, max_packet_size, 841 (1 + s->packet_size_len + 1 842 + s->block_aligned_filename_size)); 843 rc = -EINVAL; 844 goto out; 845 } 846 (*packet_size) += s->packet_size_len; 847 ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)], 848 ECRYPTFS_SIG_SIZE); 849 s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 850 (*packet_size) += ECRYPTFS_SIG_SIZE; 851 s->cipher_code = data[(*packet_size)++]; 852 rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code); 853 if (rc) { 854 printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n", 855 __func__, s->cipher_code); 856 goto out; 857 } 858 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&s->desc.tfm, 859 &s->tfm_mutex, 860 s->cipher_string); 861 if (unlikely(rc)) { 862 printk(KERN_ERR "Internal error whilst attempting to get " 863 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 864 s->cipher_string, rc); 865 goto out; 866 } 867 mutex_lock(s->tfm_mutex); 868 rc = virt_to_scatterlist(&data[(*packet_size)], 869 s->block_aligned_filename_size, &s->src_sg, 1); 870 if (rc != 1) { 871 printk(KERN_ERR "%s: Internal error whilst attempting to " 872 "convert encrypted filename memory to scatterlist; " 873 "expected rc = 1; got rc = [%d]. " 874 "block_aligned_filename_size = [%zd]\n", __func__, rc, 875 s->block_aligned_filename_size); 876 goto out_unlock; 877 } 878 (*packet_size) += s->block_aligned_filename_size; 879 s->decrypted_filename = kmalloc(s->block_aligned_filename_size, 880 GFP_KERNEL); 881 if (!s->decrypted_filename) { 882 printk(KERN_ERR "%s: Out of memory whilst attempting to " 883 "kmalloc [%zd] bytes\n", __func__, 884 s->block_aligned_filename_size); 885 rc = -ENOMEM; 886 goto out_unlock; 887 } 888 rc = virt_to_scatterlist(s->decrypted_filename, 889 s->block_aligned_filename_size, &s->dst_sg, 1); 890 if (rc != 1) { 891 printk(KERN_ERR "%s: Internal error whilst attempting to " 892 "convert decrypted filename memory to scatterlist; " 893 "expected rc = 1; got rc = [%d]. " 894 "block_aligned_filename_size = [%zd]\n", __func__, rc, 895 s->block_aligned_filename_size); 896 goto out_free_unlock; 897 } 898 /* The characters in the first block effectively do the job of 899 * the IV here, so we just use 0's for the IV. Note the 900 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 901 * >= ECRYPTFS_MAX_IV_BYTES. */ 902 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 903 s->desc.info = s->iv; 904 rc = ecryptfs_find_auth_tok_for_sig(&s->auth_tok, mount_crypt_stat, 905 s->fnek_sig_hex); 906 if (rc) { 907 printk(KERN_ERR "%s: Error attempting to find auth tok for " 908 "fnek sig [%s]; rc = [%d]\n", __func__, s->fnek_sig_hex, 909 rc); 910 goto out_free_unlock; 911 } 912 /* TODO: Support other key modules than passphrase for 913 * filename encryption */ 914 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 915 rc = crypto_blkcipher_setkey( 916 s->desc.tfm, 917 s->auth_tok->token.password.session_key_encryption_key, 918 mount_crypt_stat->global_default_fn_cipher_key_bytes); 919 if (rc < 0) { 920 printk(KERN_ERR "%s: Error setting key for crypto context; " 921 "rc = [%d]. s->auth_tok->token.password.session_key_" 922 "encryption_key = [0x%p]; mount_crypt_stat->" 923 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 924 rc, 925 s->auth_tok->token.password.session_key_encryption_key, 926 mount_crypt_stat->global_default_fn_cipher_key_bytes); 927 goto out_free_unlock; 928 } 929 rc = crypto_blkcipher_decrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 930 s->block_aligned_filename_size); 931 if (rc) { 932 printk(KERN_ERR "%s: Error attempting to decrypt filename; " 933 "rc = [%d]\n", __func__, rc); 934 goto out_free_unlock; 935 } 936 s->i = 0; 937 while (s->decrypted_filename[s->i] != '\0' 938 && s->i < s->block_aligned_filename_size) 939 s->i++; 940 if (s->i == s->block_aligned_filename_size) { 941 printk(KERN_WARNING "%s: Invalid tag 70 packet; could not " 942 "find valid separator between random characters and " 943 "the filename\n", __func__); 944 rc = -EINVAL; 945 goto out_free_unlock; 946 } 947 s->i++; 948 (*filename_size) = (s->block_aligned_filename_size - s->i); 949 if (!((*filename_size) > 0 && (*filename_size < PATH_MAX))) { 950 printk(KERN_WARNING "%s: Filename size is [%zd], which is " 951 "invalid\n", __func__, (*filename_size)); 952 rc = -EINVAL; 953 goto out_free_unlock; 954 } 955 (*filename) = kmalloc(((*filename_size) + 1), GFP_KERNEL); 956 if (!(*filename)) { 957 printk(KERN_ERR "%s: Out of memory whilst attempting to " 958 "kmalloc [%zd] bytes\n", __func__, 959 ((*filename_size) + 1)); 960 rc = -ENOMEM; 961 goto out_free_unlock; 962 } 963 memcpy((*filename), &s->decrypted_filename[s->i], (*filename_size)); 964 (*filename)[(*filename_size)] = '\0'; 965 out_free_unlock: 966 kfree(s->decrypted_filename); 967 out_unlock: 968 mutex_unlock(s->tfm_mutex); 969 out: 970 if (rc) { 971 (*packet_size) = 0; 972 (*filename_size) = 0; 973 (*filename) = NULL; 974 } 975 kfree(s); 976 return rc; 977 } 978 979 static int 980 ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) 981 { 982 int rc = 0; 983 984 (*sig) = NULL; 985 switch (auth_tok->token_type) { 986 case ECRYPTFS_PASSWORD: 987 (*sig) = auth_tok->token.password.signature; 988 break; 989 case ECRYPTFS_PRIVATE_KEY: 990 (*sig) = auth_tok->token.private_key.signature; 991 break; 992 default: 993 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", 994 auth_tok->token_type); 995 rc = -EINVAL; 996 } 997 return rc; 998 } 999 1000 /** 1001 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. 1002 * @auth_tok: The key authentication token used to decrypt the session key 1003 * @crypt_stat: The cryptographic context 1004 * 1005 * Returns zero on success; non-zero error otherwise. 1006 */ 1007 static int 1008 decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1009 struct ecryptfs_crypt_stat *crypt_stat) 1010 { 1011 u8 cipher_code = 0; 1012 struct ecryptfs_msg_ctx *msg_ctx; 1013 struct ecryptfs_message *msg = NULL; 1014 char *auth_tok_sig; 1015 char *payload; 1016 size_t payload_len; 1017 int rc; 1018 1019 rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok); 1020 if (rc) { 1021 printk(KERN_ERR "Unrecognized auth tok type: [%d]\n", 1022 auth_tok->token_type); 1023 goto out; 1024 } 1025 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), 1026 &payload, &payload_len); 1027 if (rc) { 1028 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n"); 1029 goto out; 1030 } 1031 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1032 if (rc) { 1033 ecryptfs_printk(KERN_ERR, "Error sending message to " 1034 "ecryptfsd\n"); 1035 goto out; 1036 } 1037 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1038 if (rc) { 1039 ecryptfs_printk(KERN_ERR, "Failed to receive tag 65 packet " 1040 "from the user space daemon\n"); 1041 rc = -EIO; 1042 goto out; 1043 } 1044 rc = parse_tag_65_packet(&(auth_tok->session_key), 1045 &cipher_code, msg); 1046 if (rc) { 1047 printk(KERN_ERR "Failed to parse tag 65 packet; rc = [%d]\n", 1048 rc); 1049 goto out; 1050 } 1051 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1052 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1053 auth_tok->session_key.decrypted_key_size); 1054 crypt_stat->key_size = auth_tok->session_key.decrypted_key_size; 1055 rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); 1056 if (rc) { 1057 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", 1058 cipher_code) 1059 goto out; 1060 } 1061 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1062 if (ecryptfs_verbosity > 0) { 1063 ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n"); 1064 ecryptfs_dump_hex(crypt_stat->key, 1065 crypt_stat->key_size); 1066 } 1067 out: 1068 if (msg) 1069 kfree(msg); 1070 return rc; 1071 } 1072 1073 static void wipe_auth_tok_list(struct list_head *auth_tok_list_head) 1074 { 1075 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1076 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1077 1078 list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp, 1079 auth_tok_list_head, list) { 1080 list_del(&auth_tok_list_item->list); 1081 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1082 auth_tok_list_item); 1083 } 1084 } 1085 1086 struct kmem_cache *ecryptfs_auth_tok_list_item_cache; 1087 1088 /** 1089 * parse_tag_1_packet 1090 * @crypt_stat: The cryptographic context to modify based on packet contents 1091 * @data: The raw bytes of the packet. 1092 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1093 * a new authentication token will be placed at the 1094 * end of this list for this packet. 1095 * @new_auth_tok: Pointer to a pointer to memory that this function 1096 * allocates; sets the memory address of the pointer to 1097 * NULL on error. This object is added to the 1098 * auth_tok_list. 1099 * @packet_size: This function writes the size of the parsed packet 1100 * into this memory location; zero on error. 1101 * @max_packet_size: The maximum allowable packet size 1102 * 1103 * Returns zero on success; non-zero on error. 1104 */ 1105 static int 1106 parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat, 1107 unsigned char *data, struct list_head *auth_tok_list, 1108 struct ecryptfs_auth_tok **new_auth_tok, 1109 size_t *packet_size, size_t max_packet_size) 1110 { 1111 size_t body_size; 1112 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1113 size_t length_size; 1114 int rc = 0; 1115 1116 (*packet_size) = 0; 1117 (*new_auth_tok) = NULL; 1118 /** 1119 * This format is inspired by OpenPGP; see RFC 2440 1120 * packet tag 1 1121 * 1122 * Tag 1 identifier (1 byte) 1123 * Max Tag 1 packet size (max 3 bytes) 1124 * Version (1 byte) 1125 * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE) 1126 * Cipher identifier (1 byte) 1127 * Encrypted key size (arbitrary) 1128 * 1129 * 12 bytes minimum packet size 1130 */ 1131 if (unlikely(max_packet_size < 12)) { 1132 printk(KERN_ERR "Invalid max packet size; must be >=12\n"); 1133 rc = -EINVAL; 1134 goto out; 1135 } 1136 if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) { 1137 printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n", 1138 ECRYPTFS_TAG_1_PACKET_TYPE); 1139 rc = -EINVAL; 1140 goto out; 1141 } 1142 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1143 * at end of function upon failure */ 1144 auth_tok_list_item = 1145 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, 1146 GFP_KERNEL); 1147 if (!auth_tok_list_item) { 1148 printk(KERN_ERR "Unable to allocate memory\n"); 1149 rc = -ENOMEM; 1150 goto out; 1151 } 1152 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1153 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1154 &length_size); 1155 if (rc) { 1156 printk(KERN_WARNING "Error parsing packet length; " 1157 "rc = [%d]\n", rc); 1158 goto out_free; 1159 } 1160 if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) { 1161 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1162 rc = -EINVAL; 1163 goto out_free; 1164 } 1165 (*packet_size) += length_size; 1166 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1167 printk(KERN_WARNING "Packet size exceeds max\n"); 1168 rc = -EINVAL; 1169 goto out_free; 1170 } 1171 if (unlikely(data[(*packet_size)++] != 0x03)) { 1172 printk(KERN_WARNING "Unknown version number [%d]\n", 1173 data[(*packet_size) - 1]); 1174 rc = -EINVAL; 1175 goto out_free; 1176 } 1177 ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature, 1178 &data[(*packet_size)], ECRYPTFS_SIG_SIZE); 1179 *packet_size += ECRYPTFS_SIG_SIZE; 1180 /* This byte is skipped because the kernel does not need to 1181 * know which public key encryption algorithm was used */ 1182 (*packet_size)++; 1183 (*new_auth_tok)->session_key.encrypted_key_size = 1184 body_size - (ECRYPTFS_SIG_SIZE + 2); 1185 if ((*new_auth_tok)->session_key.encrypted_key_size 1186 > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 1187 printk(KERN_WARNING "Tag 1 packet contains key larger " 1188 "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES"); 1189 rc = -EINVAL; 1190 goto out; 1191 } 1192 memcpy((*new_auth_tok)->session_key.encrypted_key, 1193 &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2))); 1194 (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size; 1195 (*new_auth_tok)->session_key.flags &= 1196 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1197 (*new_auth_tok)->session_key.flags |= 1198 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1199 (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY; 1200 (*new_auth_tok)->flags = 0; 1201 (*new_auth_tok)->session_key.flags &= 1202 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1203 (*new_auth_tok)->session_key.flags &= 1204 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1205 list_add(&auth_tok_list_item->list, auth_tok_list); 1206 goto out; 1207 out_free: 1208 (*new_auth_tok) = NULL; 1209 memset(auth_tok_list_item, 0, 1210 sizeof(struct ecryptfs_auth_tok_list_item)); 1211 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1212 auth_tok_list_item); 1213 out: 1214 if (rc) 1215 (*packet_size) = 0; 1216 return rc; 1217 } 1218 1219 /** 1220 * parse_tag_3_packet 1221 * @crypt_stat: The cryptographic context to modify based on packet 1222 * contents. 1223 * @data: The raw bytes of the packet. 1224 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1225 * a new authentication token will be placed at the end 1226 * of this list for this packet. 1227 * @new_auth_tok: Pointer to a pointer to memory that this function 1228 * allocates; sets the memory address of the pointer to 1229 * NULL on error. This object is added to the 1230 * auth_tok_list. 1231 * @packet_size: This function writes the size of the parsed packet 1232 * into this memory location; zero on error. 1233 * @max_packet_size: maximum number of bytes to parse 1234 * 1235 * Returns zero on success; non-zero on error. 1236 */ 1237 static int 1238 parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, 1239 unsigned char *data, struct list_head *auth_tok_list, 1240 struct ecryptfs_auth_tok **new_auth_tok, 1241 size_t *packet_size, size_t max_packet_size) 1242 { 1243 size_t body_size; 1244 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1245 size_t length_size; 1246 int rc = 0; 1247 1248 (*packet_size) = 0; 1249 (*new_auth_tok) = NULL; 1250 /** 1251 *This format is inspired by OpenPGP; see RFC 2440 1252 * packet tag 3 1253 * 1254 * Tag 3 identifier (1 byte) 1255 * Max Tag 3 packet size (max 3 bytes) 1256 * Version (1 byte) 1257 * Cipher code (1 byte) 1258 * S2K specifier (1 byte) 1259 * Hash identifier (1 byte) 1260 * Salt (ECRYPTFS_SALT_SIZE) 1261 * Hash iterations (1 byte) 1262 * Encrypted key (arbitrary) 1263 * 1264 * (ECRYPTFS_SALT_SIZE + 7) minimum packet size 1265 */ 1266 if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) { 1267 printk(KERN_ERR "Max packet size too large\n"); 1268 rc = -EINVAL; 1269 goto out; 1270 } 1271 if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) { 1272 printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n", 1273 ECRYPTFS_TAG_3_PACKET_TYPE); 1274 rc = -EINVAL; 1275 goto out; 1276 } 1277 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1278 * at end of function upon failure */ 1279 auth_tok_list_item = 1280 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL); 1281 if (!auth_tok_list_item) { 1282 printk(KERN_ERR "Unable to allocate memory\n"); 1283 rc = -ENOMEM; 1284 goto out; 1285 } 1286 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1287 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1288 &length_size); 1289 if (rc) { 1290 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", 1291 rc); 1292 goto out_free; 1293 } 1294 if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) { 1295 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1296 rc = -EINVAL; 1297 goto out_free; 1298 } 1299 (*packet_size) += length_size; 1300 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1301 printk(KERN_ERR "Packet size exceeds max\n"); 1302 rc = -EINVAL; 1303 goto out_free; 1304 } 1305 (*new_auth_tok)->session_key.encrypted_key_size = 1306 (body_size - (ECRYPTFS_SALT_SIZE + 5)); 1307 if (unlikely(data[(*packet_size)++] != 0x04)) { 1308 printk(KERN_WARNING "Unknown version number [%d]\n", 1309 data[(*packet_size) - 1]); 1310 rc = -EINVAL; 1311 goto out_free; 1312 } 1313 ecryptfs_cipher_code_to_string(crypt_stat->cipher, 1314 (u16)data[(*packet_size)]); 1315 /* A little extra work to differentiate among the AES key 1316 * sizes; see RFC2440 */ 1317 switch(data[(*packet_size)++]) { 1318 case RFC2440_CIPHER_AES_192: 1319 crypt_stat->key_size = 24; 1320 break; 1321 default: 1322 crypt_stat->key_size = 1323 (*new_auth_tok)->session_key.encrypted_key_size; 1324 } 1325 ecryptfs_init_crypt_ctx(crypt_stat); 1326 if (unlikely(data[(*packet_size)++] != 0x03)) { 1327 printk(KERN_WARNING "Only S2K ID 3 is currently supported\n"); 1328 rc = -ENOSYS; 1329 goto out_free; 1330 } 1331 /* TODO: finish the hash mapping */ 1332 switch (data[(*packet_size)++]) { 1333 case 0x01: /* See RFC2440 for these numbers and their mappings */ 1334 /* Choose MD5 */ 1335 memcpy((*new_auth_tok)->token.password.salt, 1336 &data[(*packet_size)], ECRYPTFS_SALT_SIZE); 1337 (*packet_size) += ECRYPTFS_SALT_SIZE; 1338 /* This conversion was taken straight from RFC2440 */ 1339 (*new_auth_tok)->token.password.hash_iterations = 1340 ((u32) 16 + (data[(*packet_size)] & 15)) 1341 << ((data[(*packet_size)] >> 4) + 6); 1342 (*packet_size)++; 1343 /* Friendly reminder: 1344 * (*new_auth_tok)->session_key.encrypted_key_size = 1345 * (body_size - (ECRYPTFS_SALT_SIZE + 5)); */ 1346 memcpy((*new_auth_tok)->session_key.encrypted_key, 1347 &data[(*packet_size)], 1348 (*new_auth_tok)->session_key.encrypted_key_size); 1349 (*packet_size) += 1350 (*new_auth_tok)->session_key.encrypted_key_size; 1351 (*new_auth_tok)->session_key.flags &= 1352 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1353 (*new_auth_tok)->session_key.flags |= 1354 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1355 (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */ 1356 break; 1357 default: 1358 ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: " 1359 "[%d]\n", data[(*packet_size) - 1]); 1360 rc = -ENOSYS; 1361 goto out_free; 1362 } 1363 (*new_auth_tok)->token_type = ECRYPTFS_PASSWORD; 1364 /* TODO: Parametarize; we might actually want userspace to 1365 * decrypt the session key. */ 1366 (*new_auth_tok)->session_key.flags &= 1367 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1368 (*new_auth_tok)->session_key.flags &= 1369 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1370 list_add(&auth_tok_list_item->list, auth_tok_list); 1371 goto out; 1372 out_free: 1373 (*new_auth_tok) = NULL; 1374 memset(auth_tok_list_item, 0, 1375 sizeof(struct ecryptfs_auth_tok_list_item)); 1376 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1377 auth_tok_list_item); 1378 out: 1379 if (rc) 1380 (*packet_size) = 0; 1381 return rc; 1382 } 1383 1384 /** 1385 * parse_tag_11_packet 1386 * @data: The raw bytes of the packet 1387 * @contents: This function writes the data contents of the literal 1388 * packet into this memory location 1389 * @max_contents_bytes: The maximum number of bytes that this function 1390 * is allowed to write into contents 1391 * @tag_11_contents_size: This function writes the size of the parsed 1392 * contents into this memory location; zero on 1393 * error 1394 * @packet_size: This function writes the size of the parsed packet 1395 * into this memory location; zero on error 1396 * @max_packet_size: maximum number of bytes to parse 1397 * 1398 * Returns zero on success; non-zero on error. 1399 */ 1400 static int 1401 parse_tag_11_packet(unsigned char *data, unsigned char *contents, 1402 size_t max_contents_bytes, size_t *tag_11_contents_size, 1403 size_t *packet_size, size_t max_packet_size) 1404 { 1405 size_t body_size; 1406 size_t length_size; 1407 int rc = 0; 1408 1409 (*packet_size) = 0; 1410 (*tag_11_contents_size) = 0; 1411 /* This format is inspired by OpenPGP; see RFC 2440 1412 * packet tag 11 1413 * 1414 * Tag 11 identifier (1 byte) 1415 * Max Tag 11 packet size (max 3 bytes) 1416 * Binary format specifier (1 byte) 1417 * Filename length (1 byte) 1418 * Filename ("_CONSOLE") (8 bytes) 1419 * Modification date (4 bytes) 1420 * Literal data (arbitrary) 1421 * 1422 * We need at least 16 bytes of data for the packet to even be 1423 * valid. 1424 */ 1425 if (max_packet_size < 16) { 1426 printk(KERN_ERR "Maximum packet size too small\n"); 1427 rc = -EINVAL; 1428 goto out; 1429 } 1430 if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) { 1431 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1432 rc = -EINVAL; 1433 goto out; 1434 } 1435 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1436 &length_size); 1437 if (rc) { 1438 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1439 goto out; 1440 } 1441 if (body_size < 14) { 1442 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1443 rc = -EINVAL; 1444 goto out; 1445 } 1446 (*packet_size) += length_size; 1447 (*tag_11_contents_size) = (body_size - 14); 1448 if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) { 1449 printk(KERN_ERR "Packet size exceeds max\n"); 1450 rc = -EINVAL; 1451 goto out; 1452 } 1453 if (data[(*packet_size)++] != 0x62) { 1454 printk(KERN_WARNING "Unrecognizable packet\n"); 1455 rc = -EINVAL; 1456 goto out; 1457 } 1458 if (data[(*packet_size)++] != 0x08) { 1459 printk(KERN_WARNING "Unrecognizable packet\n"); 1460 rc = -EINVAL; 1461 goto out; 1462 } 1463 (*packet_size) += 12; /* Ignore filename and modification date */ 1464 memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size)); 1465 (*packet_size) += (*tag_11_contents_size); 1466 out: 1467 if (rc) { 1468 (*packet_size) = 0; 1469 (*tag_11_contents_size) = 0; 1470 } 1471 return rc; 1472 } 1473 1474 /** 1475 * ecryptfs_verify_version 1476 * @version: The version number to confirm 1477 * 1478 * Returns zero on good version; non-zero otherwise 1479 */ 1480 static int ecryptfs_verify_version(u16 version) 1481 { 1482 int rc = 0; 1483 unsigned char major; 1484 unsigned char minor; 1485 1486 major = ((version >> 8) & 0xFF); 1487 minor = (version & 0xFF); 1488 if (major != ECRYPTFS_VERSION_MAJOR) { 1489 ecryptfs_printk(KERN_ERR, "Major version number mismatch. " 1490 "Expected [%d]; got [%d]\n", 1491 ECRYPTFS_VERSION_MAJOR, major); 1492 rc = -EINVAL; 1493 goto out; 1494 } 1495 if (minor != ECRYPTFS_VERSION_MINOR) { 1496 ecryptfs_printk(KERN_ERR, "Minor version number mismatch. " 1497 "Expected [%d]; got [%d]\n", 1498 ECRYPTFS_VERSION_MINOR, minor); 1499 rc = -EINVAL; 1500 goto out; 1501 } 1502 out: 1503 return rc; 1504 } 1505 1506 int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key, 1507 struct ecryptfs_auth_tok **auth_tok, 1508 char *sig) 1509 { 1510 int rc = 0; 1511 1512 (*auth_tok_key) = request_key(&key_type_user, sig, NULL); 1513 if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) { 1514 printk(KERN_ERR "Could not find key with description: [%s]\n", 1515 sig); 1516 rc = process_request_key_err(PTR_ERR(*auth_tok_key)); 1517 goto out; 1518 } 1519 (*auth_tok) = ecryptfs_get_key_payload_data(*auth_tok_key); 1520 if (ecryptfs_verify_version((*auth_tok)->version)) { 1521 printk(KERN_ERR 1522 "Data structure version mismatch. " 1523 "Userspace tools must match eCryptfs " 1524 "kernel module with major version [%d] " 1525 "and minor version [%d]\n", 1526 ECRYPTFS_VERSION_MAJOR, 1527 ECRYPTFS_VERSION_MINOR); 1528 rc = -EINVAL; 1529 goto out; 1530 } 1531 if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD 1532 && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) { 1533 printk(KERN_ERR "Invalid auth_tok structure " 1534 "returned from key query\n"); 1535 rc = -EINVAL; 1536 goto out; 1537 } 1538 out: 1539 return rc; 1540 } 1541 1542 /** 1543 * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok. 1544 * @auth_tok: The passphrase authentication token to use to encrypt the FEK 1545 * @crypt_stat: The cryptographic context 1546 * 1547 * Returns zero on success; non-zero error otherwise 1548 */ 1549 static int 1550 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1551 struct ecryptfs_crypt_stat *crypt_stat) 1552 { 1553 struct scatterlist dst_sg[2]; 1554 struct scatterlist src_sg[2]; 1555 struct mutex *tfm_mutex; 1556 struct blkcipher_desc desc = { 1557 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 1558 }; 1559 int rc = 0; 1560 1561 if (unlikely(ecryptfs_verbosity > 0)) { 1562 ecryptfs_printk( 1563 KERN_DEBUG, "Session key encryption key (size [%d]):\n", 1564 auth_tok->token.password.session_key_encryption_key_bytes); 1565 ecryptfs_dump_hex( 1566 auth_tok->token.password.session_key_encryption_key, 1567 auth_tok->token.password.session_key_encryption_key_bytes); 1568 } 1569 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 1570 crypt_stat->cipher); 1571 if (unlikely(rc)) { 1572 printk(KERN_ERR "Internal error whilst attempting to get " 1573 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 1574 crypt_stat->cipher, rc); 1575 goto out; 1576 } 1577 rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key, 1578 auth_tok->session_key.encrypted_key_size, 1579 src_sg, 2); 1580 if (rc < 1 || rc > 2) { 1581 printk(KERN_ERR "Internal error whilst attempting to convert " 1582 "auth_tok->session_key.encrypted_key to scatterlist; " 1583 "expected rc = 1; got rc = [%d]. " 1584 "auth_tok->session_key.encrypted_key_size = [%d]\n", rc, 1585 auth_tok->session_key.encrypted_key_size); 1586 goto out; 1587 } 1588 auth_tok->session_key.decrypted_key_size = 1589 auth_tok->session_key.encrypted_key_size; 1590 rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key, 1591 auth_tok->session_key.decrypted_key_size, 1592 dst_sg, 2); 1593 if (rc < 1 || rc > 2) { 1594 printk(KERN_ERR "Internal error whilst attempting to convert " 1595 "auth_tok->session_key.decrypted_key to scatterlist; " 1596 "expected rc = 1; got rc = [%d]\n", rc); 1597 goto out; 1598 } 1599 mutex_lock(tfm_mutex); 1600 rc = crypto_blkcipher_setkey( 1601 desc.tfm, auth_tok->token.password.session_key_encryption_key, 1602 crypt_stat->key_size); 1603 if (unlikely(rc < 0)) { 1604 mutex_unlock(tfm_mutex); 1605 printk(KERN_ERR "Error setting key for crypto context\n"); 1606 rc = -EINVAL; 1607 goto out; 1608 } 1609 rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg, 1610 auth_tok->session_key.encrypted_key_size); 1611 mutex_unlock(tfm_mutex); 1612 if (unlikely(rc)) { 1613 printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc); 1614 goto out; 1615 } 1616 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1617 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1618 auth_tok->session_key.decrypted_key_size); 1619 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1620 if (unlikely(ecryptfs_verbosity > 0)) { 1621 ecryptfs_printk(KERN_DEBUG, "FEK of size [%d]:\n", 1622 crypt_stat->key_size); 1623 ecryptfs_dump_hex(crypt_stat->key, 1624 crypt_stat->key_size); 1625 } 1626 out: 1627 return rc; 1628 } 1629 1630 /** 1631 * ecryptfs_parse_packet_set 1632 * @crypt_stat: The cryptographic context 1633 * @src: Virtual address of region of memory containing the packets 1634 * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set 1635 * 1636 * Get crypt_stat to have the file's session key if the requisite key 1637 * is available to decrypt the session key. 1638 * 1639 * Returns Zero if a valid authentication token was retrieved and 1640 * processed; negative value for file not encrypted or for error 1641 * conditions. 1642 */ 1643 int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, 1644 unsigned char *src, 1645 struct dentry *ecryptfs_dentry) 1646 { 1647 size_t i = 0; 1648 size_t found_auth_tok; 1649 size_t next_packet_is_auth_tok_packet; 1650 struct list_head auth_tok_list; 1651 struct ecryptfs_auth_tok *matching_auth_tok; 1652 struct ecryptfs_auth_tok *candidate_auth_tok; 1653 char *candidate_auth_tok_sig; 1654 size_t packet_size; 1655 struct ecryptfs_auth_tok *new_auth_tok; 1656 unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE]; 1657 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1658 size_t tag_11_contents_size; 1659 size_t tag_11_packet_size; 1660 int rc = 0; 1661 1662 INIT_LIST_HEAD(&auth_tok_list); 1663 /* Parse the header to find as many packets as we can; these will be 1664 * added the our &auth_tok_list */ 1665 next_packet_is_auth_tok_packet = 1; 1666 while (next_packet_is_auth_tok_packet) { 1667 size_t max_packet_size = ((PAGE_CACHE_SIZE - 8) - i); 1668 1669 switch (src[i]) { 1670 case ECRYPTFS_TAG_3_PACKET_TYPE: 1671 rc = parse_tag_3_packet(crypt_stat, 1672 (unsigned char *)&src[i], 1673 &auth_tok_list, &new_auth_tok, 1674 &packet_size, max_packet_size); 1675 if (rc) { 1676 ecryptfs_printk(KERN_ERR, "Error parsing " 1677 "tag 3 packet\n"); 1678 rc = -EIO; 1679 goto out_wipe_list; 1680 } 1681 i += packet_size; 1682 rc = parse_tag_11_packet((unsigned char *)&src[i], 1683 sig_tmp_space, 1684 ECRYPTFS_SIG_SIZE, 1685 &tag_11_contents_size, 1686 &tag_11_packet_size, 1687 max_packet_size); 1688 if (rc) { 1689 ecryptfs_printk(KERN_ERR, "No valid " 1690 "(ecryptfs-specific) literal " 1691 "packet containing " 1692 "authentication token " 1693 "signature found after " 1694 "tag 3 packet\n"); 1695 rc = -EIO; 1696 goto out_wipe_list; 1697 } 1698 i += tag_11_packet_size; 1699 if (ECRYPTFS_SIG_SIZE != tag_11_contents_size) { 1700 ecryptfs_printk(KERN_ERR, "Expected " 1701 "signature of size [%d]; " 1702 "read size [%d]\n", 1703 ECRYPTFS_SIG_SIZE, 1704 tag_11_contents_size); 1705 rc = -EIO; 1706 goto out_wipe_list; 1707 } 1708 ecryptfs_to_hex(new_auth_tok->token.password.signature, 1709 sig_tmp_space, tag_11_contents_size); 1710 new_auth_tok->token.password.signature[ 1711 ECRYPTFS_PASSWORD_SIG_SIZE] = '\0'; 1712 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1713 break; 1714 case ECRYPTFS_TAG_1_PACKET_TYPE: 1715 rc = parse_tag_1_packet(crypt_stat, 1716 (unsigned char *)&src[i], 1717 &auth_tok_list, &new_auth_tok, 1718 &packet_size, max_packet_size); 1719 if (rc) { 1720 ecryptfs_printk(KERN_ERR, "Error parsing " 1721 "tag 1 packet\n"); 1722 rc = -EIO; 1723 goto out_wipe_list; 1724 } 1725 i += packet_size; 1726 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1727 break; 1728 case ECRYPTFS_TAG_11_PACKET_TYPE: 1729 ecryptfs_printk(KERN_WARNING, "Invalid packet set " 1730 "(Tag 11 not allowed by itself)\n"); 1731 rc = -EIO; 1732 goto out_wipe_list; 1733 break; 1734 default: 1735 ecryptfs_printk(KERN_DEBUG, "No packet at offset " 1736 "[%d] of the file header; hex value of " 1737 "character is [0x%.2x]\n", i, src[i]); 1738 next_packet_is_auth_tok_packet = 0; 1739 } 1740 } 1741 if (list_empty(&auth_tok_list)) { 1742 printk(KERN_ERR "The lower file appears to be a non-encrypted " 1743 "eCryptfs file; this is not supported in this version " 1744 "of the eCryptfs kernel module\n"); 1745 rc = -EINVAL; 1746 goto out; 1747 } 1748 /* auth_tok_list contains the set of authentication tokens 1749 * parsed from the metadata. We need to find a matching 1750 * authentication token that has the secret component(s) 1751 * necessary to decrypt the EFEK in the auth_tok parsed from 1752 * the metadata. There may be several potential matches, but 1753 * just one will be sufficient to decrypt to get the FEK. */ 1754 find_next_matching_auth_tok: 1755 found_auth_tok = 0; 1756 list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) { 1757 candidate_auth_tok = &auth_tok_list_item->auth_tok; 1758 if (unlikely(ecryptfs_verbosity > 0)) { 1759 ecryptfs_printk(KERN_DEBUG, 1760 "Considering cadidate auth tok:\n"); 1761 ecryptfs_dump_auth_tok(candidate_auth_tok); 1762 } 1763 rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig, 1764 candidate_auth_tok); 1765 if (rc) { 1766 printk(KERN_ERR 1767 "Unrecognized candidate auth tok type: [%d]\n", 1768 candidate_auth_tok->token_type); 1769 rc = -EINVAL; 1770 goto out_wipe_list; 1771 } 1772 ecryptfs_find_auth_tok_for_sig(&matching_auth_tok, 1773 crypt_stat->mount_crypt_stat, 1774 candidate_auth_tok_sig); 1775 if (matching_auth_tok) { 1776 found_auth_tok = 1; 1777 goto found_matching_auth_tok; 1778 } 1779 } 1780 if (!found_auth_tok) { 1781 ecryptfs_printk(KERN_ERR, "Could not find a usable " 1782 "authentication token\n"); 1783 rc = -EIO; 1784 goto out_wipe_list; 1785 } 1786 found_matching_auth_tok: 1787 if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 1788 memcpy(&(candidate_auth_tok->token.private_key), 1789 &(matching_auth_tok->token.private_key), 1790 sizeof(struct ecryptfs_private_key)); 1791 rc = decrypt_pki_encrypted_session_key(candidate_auth_tok, 1792 crypt_stat); 1793 } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) { 1794 memcpy(&(candidate_auth_tok->token.password), 1795 &(matching_auth_tok->token.password), 1796 sizeof(struct ecryptfs_password)); 1797 rc = decrypt_passphrase_encrypted_session_key( 1798 candidate_auth_tok, crypt_stat); 1799 } 1800 if (rc) { 1801 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1802 1803 ecryptfs_printk(KERN_WARNING, "Error decrypting the " 1804 "session key for authentication token with sig " 1805 "[%.*s]; rc = [%d]. Removing auth tok " 1806 "candidate from the list and searching for " 1807 "the next match.\n", candidate_auth_tok_sig, 1808 ECRYPTFS_SIG_SIZE_HEX, rc); 1809 list_for_each_entry_safe(auth_tok_list_item, 1810 auth_tok_list_item_tmp, 1811 &auth_tok_list, list) { 1812 if (candidate_auth_tok 1813 == &auth_tok_list_item->auth_tok) { 1814 list_del(&auth_tok_list_item->list); 1815 kmem_cache_free( 1816 ecryptfs_auth_tok_list_item_cache, 1817 auth_tok_list_item); 1818 goto find_next_matching_auth_tok; 1819 } 1820 } 1821 BUG(); 1822 } 1823 rc = ecryptfs_compute_root_iv(crypt_stat); 1824 if (rc) { 1825 ecryptfs_printk(KERN_ERR, "Error computing " 1826 "the root IV\n"); 1827 goto out_wipe_list; 1828 } 1829 rc = ecryptfs_init_crypt_ctx(crypt_stat); 1830 if (rc) { 1831 ecryptfs_printk(KERN_ERR, "Error initializing crypto " 1832 "context for cipher [%s]; rc = [%d]\n", 1833 crypt_stat->cipher, rc); 1834 } 1835 out_wipe_list: 1836 wipe_auth_tok_list(&auth_tok_list); 1837 out: 1838 return rc; 1839 } 1840 1841 static int 1842 pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok, 1843 struct ecryptfs_crypt_stat *crypt_stat, 1844 struct ecryptfs_key_record *key_rec) 1845 { 1846 struct ecryptfs_msg_ctx *msg_ctx = NULL; 1847 char *payload = NULL; 1848 size_t payload_len; 1849 struct ecryptfs_message *msg; 1850 int rc; 1851 1852 rc = write_tag_66_packet(auth_tok->token.private_key.signature, 1853 ecryptfs_code_for_cipher_string( 1854 crypt_stat->cipher, 1855 crypt_stat->key_size), 1856 crypt_stat, &payload, &payload_len); 1857 if (rc) { 1858 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n"); 1859 goto out; 1860 } 1861 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1862 if (rc) { 1863 ecryptfs_printk(KERN_ERR, "Error sending message to " 1864 "ecryptfsd\n"); 1865 goto out; 1866 } 1867 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1868 if (rc) { 1869 ecryptfs_printk(KERN_ERR, "Failed to receive tag 67 packet " 1870 "from the user space daemon\n"); 1871 rc = -EIO; 1872 goto out; 1873 } 1874 rc = parse_tag_67_packet(key_rec, msg); 1875 if (rc) 1876 ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n"); 1877 kfree(msg); 1878 out: 1879 kfree(payload); 1880 return rc; 1881 } 1882 /** 1883 * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet 1884 * @dest: Buffer into which to write the packet 1885 * @remaining_bytes: Maximum number of bytes that can be writtn 1886 * @auth_tok: The authentication token used for generating the tag 1 packet 1887 * @crypt_stat: The cryptographic context 1888 * @key_rec: The key record struct for the tag 1 packet 1889 * @packet_size: This function will write the number of bytes that end 1890 * up constituting the packet; set to zero on error 1891 * 1892 * Returns zero on success; non-zero on error. 1893 */ 1894 static int 1895 write_tag_1_packet(char *dest, size_t *remaining_bytes, 1896 struct ecryptfs_auth_tok *auth_tok, 1897 struct ecryptfs_crypt_stat *crypt_stat, 1898 struct ecryptfs_key_record *key_rec, size_t *packet_size) 1899 { 1900 size_t i; 1901 size_t encrypted_session_key_valid = 0; 1902 size_t packet_size_length; 1903 size_t max_packet_size; 1904 int rc = 0; 1905 1906 (*packet_size) = 0; 1907 ecryptfs_from_hex(key_rec->sig, auth_tok->token.private_key.signature, 1908 ECRYPTFS_SIG_SIZE); 1909 encrypted_session_key_valid = 0; 1910 for (i = 0; i < crypt_stat->key_size; i++) 1911 encrypted_session_key_valid |= 1912 auth_tok->session_key.encrypted_key[i]; 1913 if (encrypted_session_key_valid) { 1914 memcpy(key_rec->enc_key, 1915 auth_tok->session_key.encrypted_key, 1916 auth_tok->session_key.encrypted_key_size); 1917 goto encrypted_session_key_set; 1918 } 1919 if (auth_tok->session_key.encrypted_key_size == 0) 1920 auth_tok->session_key.encrypted_key_size = 1921 auth_tok->token.private_key.key_size; 1922 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec); 1923 if (rc) { 1924 printk(KERN_ERR "Failed to encrypt session key via a key " 1925 "module; rc = [%d]\n", rc); 1926 goto out; 1927 } 1928 if (ecryptfs_verbosity > 0) { 1929 ecryptfs_printk(KERN_DEBUG, "Encrypted key:\n"); 1930 ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size); 1931 } 1932 encrypted_session_key_set: 1933 /* This format is inspired by OpenPGP; see RFC 2440 1934 * packet tag 1 */ 1935 max_packet_size = (1 /* Tag 1 identifier */ 1936 + 3 /* Max Tag 1 packet size */ 1937 + 1 /* Version */ 1938 + ECRYPTFS_SIG_SIZE /* Key identifier */ 1939 + 1 /* Cipher identifier */ 1940 + key_rec->enc_key_size); /* Encrypted key size */ 1941 if (max_packet_size > (*remaining_bytes)) { 1942 printk(KERN_ERR "Packet length larger than maximum allowable; " 1943 "need up to [%td] bytes, but there are only [%td] " 1944 "available\n", max_packet_size, (*remaining_bytes)); 1945 rc = -EINVAL; 1946 goto out; 1947 } 1948 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; 1949 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 1950 (max_packet_size - 4), 1951 &packet_size_length); 1952 if (rc) { 1953 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " 1954 "header; cannot generate packet length\n"); 1955 goto out; 1956 } 1957 (*packet_size) += packet_size_length; 1958 dest[(*packet_size)++] = 0x03; /* version 3 */ 1959 memcpy(&dest[(*packet_size)], key_rec->sig, ECRYPTFS_SIG_SIZE); 1960 (*packet_size) += ECRYPTFS_SIG_SIZE; 1961 dest[(*packet_size)++] = RFC2440_CIPHER_RSA; 1962 memcpy(&dest[(*packet_size)], key_rec->enc_key, 1963 key_rec->enc_key_size); 1964 (*packet_size) += key_rec->enc_key_size; 1965 out: 1966 if (rc) 1967 (*packet_size) = 0; 1968 else 1969 (*remaining_bytes) -= (*packet_size); 1970 return rc; 1971 } 1972 1973 /** 1974 * write_tag_11_packet 1975 * @dest: Target into which Tag 11 packet is to be written 1976 * @remaining_bytes: Maximum packet length 1977 * @contents: Byte array of contents to copy in 1978 * @contents_length: Number of bytes in contents 1979 * @packet_length: Length of the Tag 11 packet written; zero on error 1980 * 1981 * Returns zero on success; non-zero on error. 1982 */ 1983 static int 1984 write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents, 1985 size_t contents_length, size_t *packet_length) 1986 { 1987 size_t packet_size_length; 1988 size_t max_packet_size; 1989 int rc = 0; 1990 1991 (*packet_length) = 0; 1992 /* This format is inspired by OpenPGP; see RFC 2440 1993 * packet tag 11 */ 1994 max_packet_size = (1 /* Tag 11 identifier */ 1995 + 3 /* Max Tag 11 packet size */ 1996 + 1 /* Binary format specifier */ 1997 + 1 /* Filename length */ 1998 + 8 /* Filename ("_CONSOLE") */ 1999 + 4 /* Modification date */ 2000 + contents_length); /* Literal data */ 2001 if (max_packet_size > (*remaining_bytes)) { 2002 printk(KERN_ERR "Packet length larger than maximum allowable; " 2003 "need up to [%td] bytes, but there are only [%td] " 2004 "available\n", max_packet_size, (*remaining_bytes)); 2005 rc = -EINVAL; 2006 goto out; 2007 } 2008 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 2009 rc = ecryptfs_write_packet_length(&dest[(*packet_length)], 2010 (max_packet_size - 4), 2011 &packet_size_length); 2012 if (rc) { 2013 printk(KERN_ERR "Error generating tag 11 packet header; cannot " 2014 "generate packet length. rc = [%d]\n", rc); 2015 goto out; 2016 } 2017 (*packet_length) += packet_size_length; 2018 dest[(*packet_length)++] = 0x62; /* binary data format specifier */ 2019 dest[(*packet_length)++] = 8; 2020 memcpy(&dest[(*packet_length)], "_CONSOLE", 8); 2021 (*packet_length) += 8; 2022 memset(&dest[(*packet_length)], 0x00, 4); 2023 (*packet_length) += 4; 2024 memcpy(&dest[(*packet_length)], contents, contents_length); 2025 (*packet_length) += contents_length; 2026 out: 2027 if (rc) 2028 (*packet_length) = 0; 2029 else 2030 (*remaining_bytes) -= (*packet_length); 2031 return rc; 2032 } 2033 2034 /** 2035 * write_tag_3_packet 2036 * @dest: Buffer into which to write the packet 2037 * @remaining_bytes: Maximum number of bytes that can be written 2038 * @auth_tok: Authentication token 2039 * @crypt_stat: The cryptographic context 2040 * @key_rec: encrypted key 2041 * @packet_size: This function will write the number of bytes that end 2042 * up constituting the packet; set to zero on error 2043 * 2044 * Returns zero on success; non-zero on error. 2045 */ 2046 static int 2047 write_tag_3_packet(char *dest, size_t *remaining_bytes, 2048 struct ecryptfs_auth_tok *auth_tok, 2049 struct ecryptfs_crypt_stat *crypt_stat, 2050 struct ecryptfs_key_record *key_rec, size_t *packet_size) 2051 { 2052 size_t i; 2053 size_t encrypted_session_key_valid = 0; 2054 char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES]; 2055 struct scatterlist dst_sg[2]; 2056 struct scatterlist src_sg[2]; 2057 struct mutex *tfm_mutex = NULL; 2058 u8 cipher_code; 2059 size_t packet_size_length; 2060 size_t max_packet_size; 2061 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2062 crypt_stat->mount_crypt_stat; 2063 struct blkcipher_desc desc = { 2064 .tfm = NULL, 2065 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 2066 }; 2067 int rc = 0; 2068 2069 (*packet_size) = 0; 2070 ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature, 2071 ECRYPTFS_SIG_SIZE); 2072 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 2073 crypt_stat->cipher); 2074 if (unlikely(rc)) { 2075 printk(KERN_ERR "Internal error whilst attempting to get " 2076 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 2077 crypt_stat->cipher, rc); 2078 goto out; 2079 } 2080 if (mount_crypt_stat->global_default_cipher_key_size == 0) { 2081 struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm); 2082 2083 printk(KERN_WARNING "No key size specified at mount; " 2084 "defaulting to [%d]\n", alg->max_keysize); 2085 mount_crypt_stat->global_default_cipher_key_size = 2086 alg->max_keysize; 2087 } 2088 if (crypt_stat->key_size == 0) 2089 crypt_stat->key_size = 2090 mount_crypt_stat->global_default_cipher_key_size; 2091 if (auth_tok->session_key.encrypted_key_size == 0) 2092 auth_tok->session_key.encrypted_key_size = 2093 crypt_stat->key_size; 2094 if (crypt_stat->key_size == 24 2095 && strcmp("aes", crypt_stat->cipher) == 0) { 2096 memset((crypt_stat->key + 24), 0, 8); 2097 auth_tok->session_key.encrypted_key_size = 32; 2098 } else 2099 auth_tok->session_key.encrypted_key_size = crypt_stat->key_size; 2100 key_rec->enc_key_size = 2101 auth_tok->session_key.encrypted_key_size; 2102 encrypted_session_key_valid = 0; 2103 for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++) 2104 encrypted_session_key_valid |= 2105 auth_tok->session_key.encrypted_key[i]; 2106 if (encrypted_session_key_valid) { 2107 ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; " 2108 "using auth_tok->session_key.encrypted_key, " 2109 "where key_rec->enc_key_size = [%d]\n", 2110 key_rec->enc_key_size); 2111 memcpy(key_rec->enc_key, 2112 auth_tok->session_key.encrypted_key, 2113 key_rec->enc_key_size); 2114 goto encrypted_session_key_set; 2115 } 2116 if (auth_tok->token.password.flags & 2117 ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) { 2118 ecryptfs_printk(KERN_DEBUG, "Using previously generated " 2119 "session key encryption key of size [%d]\n", 2120 auth_tok->token.password. 2121 session_key_encryption_key_bytes); 2122 memcpy(session_key_encryption_key, 2123 auth_tok->token.password.session_key_encryption_key, 2124 crypt_stat->key_size); 2125 ecryptfs_printk(KERN_DEBUG, 2126 "Cached session key " "encryption key: \n"); 2127 if (ecryptfs_verbosity > 0) 2128 ecryptfs_dump_hex(session_key_encryption_key, 16); 2129 } 2130 if (unlikely(ecryptfs_verbosity > 0)) { 2131 ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n"); 2132 ecryptfs_dump_hex(session_key_encryption_key, 16); 2133 } 2134 rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size, 2135 src_sg, 2); 2136 if (rc < 1 || rc > 2) { 2137 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2138 "for crypt_stat session key; expected rc = 1; " 2139 "got rc = [%d]. key_rec->enc_key_size = [%d]\n", 2140 rc, key_rec->enc_key_size); 2141 rc = -ENOMEM; 2142 goto out; 2143 } 2144 rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size, 2145 dst_sg, 2); 2146 if (rc < 1 || rc > 2) { 2147 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2148 "for crypt_stat encrypted session key; " 2149 "expected rc = 1; got rc = [%d]. " 2150 "key_rec->enc_key_size = [%d]\n", rc, 2151 key_rec->enc_key_size); 2152 rc = -ENOMEM; 2153 goto out; 2154 } 2155 mutex_lock(tfm_mutex); 2156 rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key, 2157 crypt_stat->key_size); 2158 if (rc < 0) { 2159 mutex_unlock(tfm_mutex); 2160 ecryptfs_printk(KERN_ERR, "Error setting key for crypto " 2161 "context; rc = [%d]\n", rc); 2162 goto out; 2163 } 2164 rc = 0; 2165 ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n", 2166 crypt_stat->key_size); 2167 rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg, 2168 (*key_rec).enc_key_size); 2169 mutex_unlock(tfm_mutex); 2170 if (rc) { 2171 printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc); 2172 goto out; 2173 } 2174 ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n"); 2175 if (ecryptfs_verbosity > 0) { 2176 ecryptfs_printk(KERN_DEBUG, "EFEK of size [%d]:\n", 2177 key_rec->enc_key_size); 2178 ecryptfs_dump_hex(key_rec->enc_key, 2179 key_rec->enc_key_size); 2180 } 2181 encrypted_session_key_set: 2182 /* This format is inspired by OpenPGP; see RFC 2440 2183 * packet tag 3 */ 2184 max_packet_size = (1 /* Tag 3 identifier */ 2185 + 3 /* Max Tag 3 packet size */ 2186 + 1 /* Version */ 2187 + 1 /* Cipher code */ 2188 + 1 /* S2K specifier */ 2189 + 1 /* Hash identifier */ 2190 + ECRYPTFS_SALT_SIZE /* Salt */ 2191 + 1 /* Hash iterations */ 2192 + key_rec->enc_key_size); /* Encrypted key size */ 2193 if (max_packet_size > (*remaining_bytes)) { 2194 printk(KERN_ERR "Packet too large; need up to [%td] bytes, but " 2195 "there are only [%td] available\n", max_packet_size, 2196 (*remaining_bytes)); 2197 rc = -EINVAL; 2198 goto out; 2199 } 2200 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; 2201 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) 2202 * to get the number of octets in the actual Tag 3 packet */ 2203 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 2204 (max_packet_size - 4), 2205 &packet_size_length); 2206 if (rc) { 2207 printk(KERN_ERR "Error generating tag 3 packet header; cannot " 2208 "generate packet length. rc = [%d]\n", rc); 2209 goto out; 2210 } 2211 (*packet_size) += packet_size_length; 2212 dest[(*packet_size)++] = 0x04; /* version 4 */ 2213 /* TODO: Break from RFC2440 so that arbitrary ciphers can be 2214 * specified with strings */ 2215 cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher, 2216 crypt_stat->key_size); 2217 if (cipher_code == 0) { 2218 ecryptfs_printk(KERN_WARNING, "Unable to generate code for " 2219 "cipher [%s]\n", crypt_stat->cipher); 2220 rc = -EINVAL; 2221 goto out; 2222 } 2223 dest[(*packet_size)++] = cipher_code; 2224 dest[(*packet_size)++] = 0x03; /* S2K */ 2225 dest[(*packet_size)++] = 0x01; /* MD5 (TODO: parameterize) */ 2226 memcpy(&dest[(*packet_size)], auth_tok->token.password.salt, 2227 ECRYPTFS_SALT_SIZE); 2228 (*packet_size) += ECRYPTFS_SALT_SIZE; /* salt */ 2229 dest[(*packet_size)++] = 0x60; /* hash iterations (65536) */ 2230 memcpy(&dest[(*packet_size)], key_rec->enc_key, 2231 key_rec->enc_key_size); 2232 (*packet_size) += key_rec->enc_key_size; 2233 out: 2234 if (rc) 2235 (*packet_size) = 0; 2236 else 2237 (*remaining_bytes) -= (*packet_size); 2238 return rc; 2239 } 2240 2241 struct kmem_cache *ecryptfs_key_record_cache; 2242 2243 /** 2244 * ecryptfs_generate_key_packet_set 2245 * @dest_base: Virtual address from which to write the key record set 2246 * @crypt_stat: The cryptographic context from which the 2247 * authentication tokens will be retrieved 2248 * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat 2249 * for the global parameters 2250 * @len: The amount written 2251 * @max: The maximum amount of data allowed to be written 2252 * 2253 * Generates a key packet set and writes it to the virtual address 2254 * passed in. 2255 * 2256 * Returns zero on success; non-zero on error. 2257 */ 2258 int 2259 ecryptfs_generate_key_packet_set(char *dest_base, 2260 struct ecryptfs_crypt_stat *crypt_stat, 2261 struct dentry *ecryptfs_dentry, size_t *len, 2262 size_t max) 2263 { 2264 struct ecryptfs_auth_tok *auth_tok; 2265 struct ecryptfs_global_auth_tok *global_auth_tok; 2266 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2267 &ecryptfs_superblock_to_private( 2268 ecryptfs_dentry->d_sb)->mount_crypt_stat; 2269 size_t written; 2270 struct ecryptfs_key_record *key_rec; 2271 struct ecryptfs_key_sig *key_sig; 2272 int rc = 0; 2273 2274 (*len) = 0; 2275 mutex_lock(&crypt_stat->keysig_list_mutex); 2276 key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL); 2277 if (!key_rec) { 2278 rc = -ENOMEM; 2279 goto out; 2280 } 2281 list_for_each_entry(key_sig, &crypt_stat->keysig_list, 2282 crypt_stat_list) { 2283 memset(key_rec, 0, sizeof(*key_rec)); 2284 rc = ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 2285 mount_crypt_stat, 2286 key_sig->keysig); 2287 if (rc) { 2288 printk(KERN_ERR "Error attempting to get the global " 2289 "auth_tok; rc = [%d]\n", rc); 2290 goto out_free; 2291 } 2292 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID) { 2293 printk(KERN_WARNING 2294 "Skipping invalid auth tok with sig = [%s]\n", 2295 global_auth_tok->sig); 2296 continue; 2297 } 2298 auth_tok = global_auth_tok->global_auth_tok; 2299 if (auth_tok->token_type == ECRYPTFS_PASSWORD) { 2300 rc = write_tag_3_packet((dest_base + (*len)), 2301 &max, auth_tok, 2302 crypt_stat, key_rec, 2303 &written); 2304 if (rc) { 2305 ecryptfs_printk(KERN_WARNING, "Error " 2306 "writing tag 3 packet\n"); 2307 goto out_free; 2308 } 2309 (*len) += written; 2310 /* Write auth tok signature packet */ 2311 rc = write_tag_11_packet((dest_base + (*len)), &max, 2312 key_rec->sig, 2313 ECRYPTFS_SIG_SIZE, &written); 2314 if (rc) { 2315 ecryptfs_printk(KERN_ERR, "Error writing " 2316 "auth tok signature packet\n"); 2317 goto out_free; 2318 } 2319 (*len) += written; 2320 } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 2321 rc = write_tag_1_packet(dest_base + (*len), 2322 &max, auth_tok, 2323 crypt_stat, key_rec, &written); 2324 if (rc) { 2325 ecryptfs_printk(KERN_WARNING, "Error " 2326 "writing tag 1 packet\n"); 2327 goto out_free; 2328 } 2329 (*len) += written; 2330 } else { 2331 ecryptfs_printk(KERN_WARNING, "Unsupported " 2332 "authentication token type\n"); 2333 rc = -EINVAL; 2334 goto out_free; 2335 } 2336 } 2337 if (likely(max > 0)) { 2338 dest_base[(*len)] = 0x00; 2339 } else { 2340 ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n"); 2341 rc = -EIO; 2342 } 2343 out_free: 2344 kmem_cache_free(ecryptfs_key_record_cache, key_rec); 2345 out: 2346 if (rc) 2347 (*len) = 0; 2348 mutex_unlock(&crypt_stat->keysig_list_mutex); 2349 return rc; 2350 } 2351 2352 struct kmem_cache *ecryptfs_key_sig_cache; 2353 2354 int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig) 2355 { 2356 struct ecryptfs_key_sig *new_key_sig; 2357 int rc = 0; 2358 2359 new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL); 2360 if (!new_key_sig) { 2361 rc = -ENOMEM; 2362 printk(KERN_ERR 2363 "Error allocating from ecryptfs_key_sig_cache\n"); 2364 goto out; 2365 } 2366 memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX); 2367 mutex_lock(&crypt_stat->keysig_list_mutex); 2368 list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list); 2369 mutex_unlock(&crypt_stat->keysig_list_mutex); 2370 out: 2371 return rc; 2372 } 2373 2374 struct kmem_cache *ecryptfs_global_auth_tok_cache; 2375 2376 int 2377 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 2378 char *sig, u32 global_auth_tok_flags) 2379 { 2380 struct ecryptfs_global_auth_tok *new_auth_tok; 2381 int rc = 0; 2382 2383 new_auth_tok = kmem_cache_zalloc(ecryptfs_global_auth_tok_cache, 2384 GFP_KERNEL); 2385 if (!new_auth_tok) { 2386 rc = -ENOMEM; 2387 printk(KERN_ERR "Error allocating from " 2388 "ecryptfs_global_auth_tok_cache\n"); 2389 goto out; 2390 } 2391 memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); 2392 new_auth_tok->flags = global_auth_tok_flags; 2393 new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 2394 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 2395 list_add(&new_auth_tok->mount_crypt_stat_list, 2396 &mount_crypt_stat->global_auth_tok_list); 2397 mount_crypt_stat->num_global_auth_toks++; 2398 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 2399 out: 2400 return rc; 2401 } 2402 2403