1 /** 2 * eCryptfs: Linux filesystem encryption layer 3 * In-kernel key management code. Includes functions to parse and 4 * write authentication token-related packets with the underlying 5 * file. 6 * 7 * Copyright (C) 2004-2006 International Business Machines Corp. 8 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com> 9 * Michael C. Thompson <mcthomps@us.ibm.com> 10 * Trevor S. Highland <trevor.highland@gmail.com> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License as 14 * published by the Free Software Foundation; either version 2 of the 15 * License, or (at your option) any later version. 16 * 17 * This program is distributed in the hope that it will be useful, but 18 * WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 20 * General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, write to the Free Software 24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 25 * 02111-1307, USA. 26 */ 27 28 #include <linux/string.h> 29 #include <linux/syscalls.h> 30 #include <linux/pagemap.h> 31 #include <linux/key.h> 32 #include <linux/random.h> 33 #include <linux/crypto.h> 34 #include <linux/scatterlist.h> 35 #include "ecryptfs_kernel.h" 36 37 /** 38 * request_key returned an error instead of a valid key address; 39 * determine the type of error, make appropriate log entries, and 40 * return an error code. 41 */ 42 static int process_request_key_err(long err_code) 43 { 44 int rc = 0; 45 46 switch (err_code) { 47 case -ENOKEY: 48 ecryptfs_printk(KERN_WARNING, "No key\n"); 49 rc = -ENOENT; 50 break; 51 case -EKEYEXPIRED: 52 ecryptfs_printk(KERN_WARNING, "Key expired\n"); 53 rc = -ETIME; 54 break; 55 case -EKEYREVOKED: 56 ecryptfs_printk(KERN_WARNING, "Key revoked\n"); 57 rc = -EINVAL; 58 break; 59 default: 60 ecryptfs_printk(KERN_WARNING, "Unknown error code: " 61 "[0x%.16x]\n", err_code); 62 rc = -EINVAL; 63 } 64 return rc; 65 } 66 67 /** 68 * ecryptfs_parse_packet_length 69 * @data: Pointer to memory containing length at offset 70 * @size: This function writes the decoded size to this memory 71 * address; zero on error 72 * @length_size: The number of bytes occupied by the encoded length 73 * 74 * Returns zero on success; non-zero on error 75 */ 76 int ecryptfs_parse_packet_length(unsigned char *data, size_t *size, 77 size_t *length_size) 78 { 79 int rc = 0; 80 81 (*length_size) = 0; 82 (*size) = 0; 83 if (data[0] < 192) { 84 /* One-byte length */ 85 (*size) = (unsigned char)data[0]; 86 (*length_size) = 1; 87 } else if (data[0] < 224) { 88 /* Two-byte length */ 89 (*size) = (((unsigned char)(data[0]) - 192) * 256); 90 (*size) += ((unsigned char)(data[1]) + 192); 91 (*length_size) = 2; 92 } else if (data[0] == 255) { 93 /* Five-byte length; we're not supposed to see this */ 94 ecryptfs_printk(KERN_ERR, "Five-byte packet length not " 95 "supported\n"); 96 rc = -EINVAL; 97 goto out; 98 } else { 99 ecryptfs_printk(KERN_ERR, "Error parsing packet length\n"); 100 rc = -EINVAL; 101 goto out; 102 } 103 out: 104 return rc; 105 } 106 107 /** 108 * ecryptfs_write_packet_length 109 * @dest: The byte array target into which to write the length. Must 110 * have at least 5 bytes allocated. 111 * @size: The length to write. 112 * @packet_size_length: The number of bytes used to encode the packet 113 * length is written to this address. 114 * 115 * Returns zero on success; non-zero on error. 116 */ 117 int ecryptfs_write_packet_length(char *dest, size_t size, 118 size_t *packet_size_length) 119 { 120 int rc = 0; 121 122 if (size < 192) { 123 dest[0] = size; 124 (*packet_size_length) = 1; 125 } else if (size < 65536) { 126 dest[0] = (((size - 192) / 256) + 192); 127 dest[1] = ((size - 192) % 256); 128 (*packet_size_length) = 2; 129 } else { 130 rc = -EINVAL; 131 ecryptfs_printk(KERN_WARNING, 132 "Unsupported packet size: [%d]\n", size); 133 } 134 return rc; 135 } 136 137 static int 138 write_tag_64_packet(char *signature, struct ecryptfs_session_key *session_key, 139 char **packet, size_t *packet_len) 140 { 141 size_t i = 0; 142 size_t data_len; 143 size_t packet_size_len; 144 char *message; 145 int rc; 146 147 /* 148 * ***** TAG 64 Packet Format ***** 149 * | Content Type | 1 byte | 150 * | Key Identifier Size | 1 or 2 bytes | 151 * | Key Identifier | arbitrary | 152 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 153 * | Encrypted File Encryption Key | arbitrary | 154 */ 155 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX 156 + session_key->encrypted_key_size); 157 *packet = kmalloc(data_len, GFP_KERNEL); 158 message = *packet; 159 if (!message) { 160 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 161 rc = -ENOMEM; 162 goto out; 163 } 164 message[i++] = ECRYPTFS_TAG_64_PACKET_TYPE; 165 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 166 &packet_size_len); 167 if (rc) { 168 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 169 "header; cannot generate packet length\n"); 170 goto out; 171 } 172 i += packet_size_len; 173 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 174 i += ECRYPTFS_SIG_SIZE_HEX; 175 rc = ecryptfs_write_packet_length(&message[i], 176 session_key->encrypted_key_size, 177 &packet_size_len); 178 if (rc) { 179 ecryptfs_printk(KERN_ERR, "Error generating tag 64 packet " 180 "header; cannot generate packet length\n"); 181 goto out; 182 } 183 i += packet_size_len; 184 memcpy(&message[i], session_key->encrypted_key, 185 session_key->encrypted_key_size); 186 i += session_key->encrypted_key_size; 187 *packet_len = i; 188 out: 189 return rc; 190 } 191 192 static int 193 parse_tag_65_packet(struct ecryptfs_session_key *session_key, u8 *cipher_code, 194 struct ecryptfs_message *msg) 195 { 196 size_t i = 0; 197 char *data; 198 size_t data_len; 199 size_t m_size; 200 size_t message_len; 201 u16 checksum = 0; 202 u16 expected_checksum = 0; 203 int rc; 204 205 /* 206 * ***** TAG 65 Packet Format ***** 207 * | Content Type | 1 byte | 208 * | Status Indicator | 1 byte | 209 * | File Encryption Key Size | 1 or 2 bytes | 210 * | File Encryption Key | arbitrary | 211 */ 212 message_len = msg->data_len; 213 data = msg->data; 214 if (message_len < 4) { 215 rc = -EIO; 216 goto out; 217 } 218 if (data[i++] != ECRYPTFS_TAG_65_PACKET_TYPE) { 219 ecryptfs_printk(KERN_ERR, "Type should be ECRYPTFS_TAG_65\n"); 220 rc = -EIO; 221 goto out; 222 } 223 if (data[i++]) { 224 ecryptfs_printk(KERN_ERR, "Status indicator has non-zero value " 225 "[%d]\n", data[i-1]); 226 rc = -EIO; 227 goto out; 228 } 229 rc = ecryptfs_parse_packet_length(&data[i], &m_size, &data_len); 230 if (rc) { 231 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 232 "rc = [%d]\n", rc); 233 goto out; 234 } 235 i += data_len; 236 if (message_len < (i + m_size)) { 237 ecryptfs_printk(KERN_ERR, "The message received from ecryptfsd " 238 "is shorter than expected\n"); 239 rc = -EIO; 240 goto out; 241 } 242 if (m_size < 3) { 243 ecryptfs_printk(KERN_ERR, 244 "The decrypted key is not long enough to " 245 "include a cipher code and checksum\n"); 246 rc = -EIO; 247 goto out; 248 } 249 *cipher_code = data[i++]; 250 /* The decrypted key includes 1 byte cipher code and 2 byte checksum */ 251 session_key->decrypted_key_size = m_size - 3; 252 if (session_key->decrypted_key_size > ECRYPTFS_MAX_KEY_BYTES) { 253 ecryptfs_printk(KERN_ERR, "key_size [%d] larger than " 254 "the maximum key size [%d]\n", 255 session_key->decrypted_key_size, 256 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 257 rc = -EIO; 258 goto out; 259 } 260 memcpy(session_key->decrypted_key, &data[i], 261 session_key->decrypted_key_size); 262 i += session_key->decrypted_key_size; 263 expected_checksum += (unsigned char)(data[i++]) << 8; 264 expected_checksum += (unsigned char)(data[i++]); 265 for (i = 0; i < session_key->decrypted_key_size; i++) 266 checksum += session_key->decrypted_key[i]; 267 if (expected_checksum != checksum) { 268 ecryptfs_printk(KERN_ERR, "Invalid checksum for file " 269 "encryption key; expected [%x]; calculated " 270 "[%x]\n", expected_checksum, checksum); 271 rc = -EIO; 272 } 273 out: 274 return rc; 275 } 276 277 278 static int 279 write_tag_66_packet(char *signature, u8 cipher_code, 280 struct ecryptfs_crypt_stat *crypt_stat, char **packet, 281 size_t *packet_len) 282 { 283 size_t i = 0; 284 size_t j; 285 size_t data_len; 286 size_t checksum = 0; 287 size_t packet_size_len; 288 char *message; 289 int rc; 290 291 /* 292 * ***** TAG 66 Packet Format ***** 293 * | Content Type | 1 byte | 294 * | Key Identifier Size | 1 or 2 bytes | 295 * | Key Identifier | arbitrary | 296 * | File Encryption Key Size | 1 or 2 bytes | 297 * | File Encryption Key | arbitrary | 298 */ 299 data_len = (5 + ECRYPTFS_SIG_SIZE_HEX + crypt_stat->key_size); 300 *packet = kmalloc(data_len, GFP_KERNEL); 301 message = *packet; 302 if (!message) { 303 ecryptfs_printk(KERN_ERR, "Unable to allocate memory\n"); 304 rc = -ENOMEM; 305 goto out; 306 } 307 message[i++] = ECRYPTFS_TAG_66_PACKET_TYPE; 308 rc = ecryptfs_write_packet_length(&message[i], ECRYPTFS_SIG_SIZE_HEX, 309 &packet_size_len); 310 if (rc) { 311 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 312 "header; cannot generate packet length\n"); 313 goto out; 314 } 315 i += packet_size_len; 316 memcpy(&message[i], signature, ECRYPTFS_SIG_SIZE_HEX); 317 i += ECRYPTFS_SIG_SIZE_HEX; 318 /* The encrypted key includes 1 byte cipher code and 2 byte checksum */ 319 rc = ecryptfs_write_packet_length(&message[i], crypt_stat->key_size + 3, 320 &packet_size_len); 321 if (rc) { 322 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet " 323 "header; cannot generate packet length\n"); 324 goto out; 325 } 326 i += packet_size_len; 327 message[i++] = cipher_code; 328 memcpy(&message[i], crypt_stat->key, crypt_stat->key_size); 329 i += crypt_stat->key_size; 330 for (j = 0; j < crypt_stat->key_size; j++) 331 checksum += crypt_stat->key[j]; 332 message[i++] = (checksum / 256) % 256; 333 message[i++] = (checksum % 256); 334 *packet_len = i; 335 out: 336 return rc; 337 } 338 339 static int 340 parse_tag_67_packet(struct ecryptfs_key_record *key_rec, 341 struct ecryptfs_message *msg) 342 { 343 size_t i = 0; 344 char *data; 345 size_t data_len; 346 size_t message_len; 347 int rc; 348 349 /* 350 * ***** TAG 65 Packet Format ***** 351 * | Content Type | 1 byte | 352 * | Status Indicator | 1 byte | 353 * | Encrypted File Encryption Key Size | 1 or 2 bytes | 354 * | Encrypted File Encryption Key | arbitrary | 355 */ 356 message_len = msg->data_len; 357 data = msg->data; 358 /* verify that everything through the encrypted FEK size is present */ 359 if (message_len < 4) { 360 rc = -EIO; 361 printk(KERN_ERR "%s: message_len is [%zd]; minimum acceptable " 362 "message length is [%d]\n", __func__, message_len, 4); 363 goto out; 364 } 365 if (data[i++] != ECRYPTFS_TAG_67_PACKET_TYPE) { 366 rc = -EIO; 367 printk(KERN_ERR "%s: Type should be ECRYPTFS_TAG_67\n", 368 __func__); 369 goto out; 370 } 371 if (data[i++]) { 372 rc = -EIO; 373 printk(KERN_ERR "%s: Status indicator has non zero " 374 "value [%d]\n", __func__, data[i-1]); 375 376 goto out; 377 } 378 rc = ecryptfs_parse_packet_length(&data[i], &key_rec->enc_key_size, 379 &data_len); 380 if (rc) { 381 ecryptfs_printk(KERN_WARNING, "Error parsing packet length; " 382 "rc = [%d]\n", rc); 383 goto out; 384 } 385 i += data_len; 386 if (message_len < (i + key_rec->enc_key_size)) { 387 rc = -EIO; 388 printk(KERN_ERR "%s: message_len [%zd]; max len is [%zd]\n", 389 __func__, message_len, (i + key_rec->enc_key_size)); 390 goto out; 391 } 392 if (key_rec->enc_key_size > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 393 rc = -EIO; 394 printk(KERN_ERR "%s: Encrypted key_size [%zd] larger than " 395 "the maximum key size [%d]\n", __func__, 396 key_rec->enc_key_size, 397 ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES); 398 goto out; 399 } 400 memcpy(key_rec->enc_key, &data[i], key_rec->enc_key_size); 401 out: 402 return rc; 403 } 404 405 static int 406 ecryptfs_find_global_auth_tok_for_sig( 407 struct ecryptfs_global_auth_tok **global_auth_tok, 408 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, char *sig) 409 { 410 struct ecryptfs_global_auth_tok *walker; 411 int rc = 0; 412 413 (*global_auth_tok) = NULL; 414 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 415 list_for_each_entry(walker, 416 &mount_crypt_stat->global_auth_tok_list, 417 mount_crypt_stat_list) { 418 if (memcmp(walker->sig, sig, ECRYPTFS_SIG_SIZE_HEX) == 0) { 419 (*global_auth_tok) = walker; 420 goto out; 421 } 422 } 423 rc = -EINVAL; 424 out: 425 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 426 return rc; 427 } 428 429 /** 430 * ecryptfs_find_auth_tok_for_sig 431 * @auth_tok: Set to the matching auth_tok; NULL if not found 432 * @crypt_stat: inode crypt_stat crypto context 433 * @sig: Sig of auth_tok to find 434 * 435 * For now, this function simply looks at the registered auth_tok's 436 * linked off the mount_crypt_stat, so all the auth_toks that can be 437 * used must be registered at mount time. This function could 438 * potentially try a lot harder to find auth_tok's (e.g., by calling 439 * out to ecryptfsd to dynamically retrieve an auth_tok object) so 440 * that static registration of auth_tok's will no longer be necessary. 441 * 442 * Returns zero on no error; non-zero on error 443 */ 444 static int 445 ecryptfs_find_auth_tok_for_sig( 446 struct ecryptfs_auth_tok **auth_tok, 447 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 448 char *sig) 449 { 450 struct ecryptfs_global_auth_tok *global_auth_tok; 451 int rc = 0; 452 453 (*auth_tok) = NULL; 454 if (ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 455 mount_crypt_stat, sig)) { 456 struct key *auth_tok_key; 457 458 rc = ecryptfs_keyring_auth_tok_for_sig(&auth_tok_key, auth_tok, 459 sig); 460 } else 461 (*auth_tok) = global_auth_tok->global_auth_tok; 462 return rc; 463 } 464 465 /** 466 * write_tag_70_packet can gobble a lot of stack space. We stuff most 467 * of the function's parameters in a kmalloc'd struct to help reduce 468 * eCryptfs' overall stack usage. 469 */ 470 struct ecryptfs_write_tag_70_packet_silly_stack { 471 u8 cipher_code; 472 size_t max_packet_size; 473 size_t packet_size_len; 474 size_t block_aligned_filename_size; 475 size_t block_size; 476 size_t i; 477 size_t j; 478 size_t num_rand_bytes; 479 struct mutex *tfm_mutex; 480 char *block_aligned_filename; 481 struct ecryptfs_auth_tok *auth_tok; 482 struct scatterlist src_sg; 483 struct scatterlist dst_sg; 484 struct blkcipher_desc desc; 485 char iv[ECRYPTFS_MAX_IV_BYTES]; 486 char hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 487 char tmp_hash[ECRYPTFS_TAG_70_DIGEST_SIZE]; 488 struct hash_desc hash_desc; 489 struct scatterlist hash_sg; 490 }; 491 492 /** 493 * write_tag_70_packet - Write encrypted filename (EFN) packet against FNEK 494 * @filename: NULL-terminated filename string 495 * 496 * This is the simplest mechanism for achieving filename encryption in 497 * eCryptfs. It encrypts the given filename with the mount-wide 498 * filename encryption key (FNEK) and stores it in a packet to @dest, 499 * which the callee will encode and write directly into the dentry 500 * name. 501 */ 502 int 503 ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes, 504 size_t *packet_size, 505 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 506 char *filename, size_t filename_size) 507 { 508 struct ecryptfs_write_tag_70_packet_silly_stack *s; 509 int rc = 0; 510 511 s = kmalloc(sizeof(*s), GFP_KERNEL); 512 if (!s) { 513 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 514 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 515 goto out; 516 } 517 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 518 (*packet_size) = 0; 519 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name( 520 &s->desc.tfm, 521 &s->tfm_mutex, mount_crypt_stat->global_default_fn_cipher_name); 522 if (unlikely(rc)) { 523 printk(KERN_ERR "Internal error whilst attempting to get " 524 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 525 mount_crypt_stat->global_default_fn_cipher_name, rc); 526 goto out; 527 } 528 mutex_lock(s->tfm_mutex); 529 s->block_size = crypto_blkcipher_blocksize(s->desc.tfm); 530 /* Plus one for the \0 separator between the random prefix 531 * and the plaintext filename */ 532 s->num_rand_bytes = (ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES + 1); 533 s->block_aligned_filename_size = (s->num_rand_bytes + filename_size); 534 if ((s->block_aligned_filename_size % s->block_size) != 0) { 535 s->num_rand_bytes += (s->block_size 536 - (s->block_aligned_filename_size 537 % s->block_size)); 538 s->block_aligned_filename_size = (s->num_rand_bytes 539 + filename_size); 540 } 541 /* Octet 0: Tag 70 identifier 542 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 543 * and block-aligned encrypted filename size) 544 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 545 * Octet N2-N3: Cipher identifier (1 octet) 546 * Octets N3-N4: Block-aligned encrypted filename 547 * - Consists of a minimum number of random characters, a \0 548 * separator, and then the filename */ 549 s->max_packet_size = (1 /* Tag 70 identifier */ 550 + 3 /* Max Tag 70 packet size */ 551 + ECRYPTFS_SIG_SIZE /* FNEK sig */ 552 + 1 /* Cipher identifier */ 553 + s->block_aligned_filename_size); 554 if (dest == NULL) { 555 (*packet_size) = s->max_packet_size; 556 goto out_unlock; 557 } 558 if (s->max_packet_size > (*remaining_bytes)) { 559 printk(KERN_WARNING "%s: Require [%zd] bytes to write; only " 560 "[%zd] available\n", __func__, s->max_packet_size, 561 (*remaining_bytes)); 562 rc = -EINVAL; 563 goto out_unlock; 564 } 565 s->block_aligned_filename = kzalloc(s->block_aligned_filename_size, 566 GFP_KERNEL); 567 if (!s->block_aligned_filename) { 568 printk(KERN_ERR "%s: Out of kernel memory whilst attempting to " 569 "kzalloc [%zd] bytes\n", __func__, 570 s->block_aligned_filename_size); 571 rc = -ENOMEM; 572 goto out_unlock; 573 } 574 s->i = 0; 575 dest[s->i++] = ECRYPTFS_TAG_70_PACKET_TYPE; 576 rc = ecryptfs_write_packet_length(&dest[s->i], 577 (ECRYPTFS_SIG_SIZE 578 + 1 /* Cipher code */ 579 + s->block_aligned_filename_size), 580 &s->packet_size_len); 581 if (rc) { 582 printk(KERN_ERR "%s: Error generating tag 70 packet " 583 "header; cannot generate packet length; rc = [%d]\n", 584 __func__, rc); 585 goto out_free_unlock; 586 } 587 s->i += s->packet_size_len; 588 ecryptfs_from_hex(&dest[s->i], 589 mount_crypt_stat->global_default_fnek_sig, 590 ECRYPTFS_SIG_SIZE); 591 s->i += ECRYPTFS_SIG_SIZE; 592 s->cipher_code = ecryptfs_code_for_cipher_string( 593 mount_crypt_stat->global_default_fn_cipher_name, 594 mount_crypt_stat->global_default_fn_cipher_key_bytes); 595 if (s->cipher_code == 0) { 596 printk(KERN_WARNING "%s: Unable to generate code for " 597 "cipher [%s] with key bytes [%zd]\n", __func__, 598 mount_crypt_stat->global_default_fn_cipher_name, 599 mount_crypt_stat->global_default_fn_cipher_key_bytes); 600 rc = -EINVAL; 601 goto out_free_unlock; 602 } 603 dest[s->i++] = s->cipher_code; 604 rc = ecryptfs_find_auth_tok_for_sig( 605 &s->auth_tok, mount_crypt_stat, 606 mount_crypt_stat->global_default_fnek_sig); 607 if (rc) { 608 printk(KERN_ERR "%s: Error attempting to find auth tok for " 609 "fnek sig [%s]; rc = [%d]\n", __func__, 610 mount_crypt_stat->global_default_fnek_sig, rc); 611 goto out_free_unlock; 612 } 613 /* TODO: Support other key modules than passphrase for 614 * filename encryption */ 615 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 616 sg_init_one( 617 &s->hash_sg, 618 (u8 *)s->auth_tok->token.password.session_key_encryption_key, 619 s->auth_tok->token.password.session_key_encryption_key_bytes); 620 s->hash_desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 621 s->hash_desc.tfm = crypto_alloc_hash(ECRYPTFS_TAG_70_DIGEST, 0, 622 CRYPTO_ALG_ASYNC); 623 if (IS_ERR(s->hash_desc.tfm)) { 624 rc = PTR_ERR(s->hash_desc.tfm); 625 printk(KERN_ERR "%s: Error attempting to " 626 "allocate hash crypto context; rc = [%d]\n", 627 __func__, rc); 628 goto out_free_unlock; 629 } 630 rc = crypto_hash_init(&s->hash_desc); 631 if (rc) { 632 printk(KERN_ERR 633 "%s: Error initializing crypto hash; rc = [%d]\n", 634 __func__, rc); 635 goto out_release_free_unlock; 636 } 637 rc = crypto_hash_update( 638 &s->hash_desc, &s->hash_sg, 639 s->auth_tok->token.password.session_key_encryption_key_bytes); 640 if (rc) { 641 printk(KERN_ERR 642 "%s: Error updating crypto hash; rc = [%d]\n", 643 __func__, rc); 644 goto out_release_free_unlock; 645 } 646 rc = crypto_hash_final(&s->hash_desc, s->hash); 647 if (rc) { 648 printk(KERN_ERR 649 "%s: Error finalizing crypto hash; rc = [%d]\n", 650 __func__, rc); 651 goto out_release_free_unlock; 652 } 653 for (s->j = 0; s->j < (s->num_rand_bytes - 1); s->j++) { 654 s->block_aligned_filename[s->j] = 655 s->hash[(s->j % ECRYPTFS_TAG_70_DIGEST_SIZE)]; 656 if ((s->j % ECRYPTFS_TAG_70_DIGEST_SIZE) 657 == (ECRYPTFS_TAG_70_DIGEST_SIZE - 1)) { 658 sg_init_one(&s->hash_sg, (u8 *)s->hash, 659 ECRYPTFS_TAG_70_DIGEST_SIZE); 660 rc = crypto_hash_init(&s->hash_desc); 661 if (rc) { 662 printk(KERN_ERR 663 "%s: Error initializing crypto hash; " 664 "rc = [%d]\n", __func__, rc); 665 goto out_release_free_unlock; 666 } 667 rc = crypto_hash_update(&s->hash_desc, &s->hash_sg, 668 ECRYPTFS_TAG_70_DIGEST_SIZE); 669 if (rc) { 670 printk(KERN_ERR 671 "%s: Error updating crypto hash; " 672 "rc = [%d]\n", __func__, rc); 673 goto out_release_free_unlock; 674 } 675 rc = crypto_hash_final(&s->hash_desc, s->tmp_hash); 676 if (rc) { 677 printk(KERN_ERR 678 "%s: Error finalizing crypto hash; " 679 "rc = [%d]\n", __func__, rc); 680 goto out_release_free_unlock; 681 } 682 memcpy(s->hash, s->tmp_hash, 683 ECRYPTFS_TAG_70_DIGEST_SIZE); 684 } 685 if (s->block_aligned_filename[s->j] == '\0') 686 s->block_aligned_filename[s->j] = ECRYPTFS_NON_NULL; 687 } 688 memcpy(&s->block_aligned_filename[s->num_rand_bytes], filename, 689 filename_size); 690 rc = virt_to_scatterlist(s->block_aligned_filename, 691 s->block_aligned_filename_size, &s->src_sg, 1); 692 if (rc != 1) { 693 printk(KERN_ERR "%s: Internal error whilst attempting to " 694 "convert filename memory to scatterlist; " 695 "expected rc = 1; got rc = [%d]. " 696 "block_aligned_filename_size = [%zd]\n", __func__, rc, 697 s->block_aligned_filename_size); 698 goto out_release_free_unlock; 699 } 700 rc = virt_to_scatterlist(&dest[s->i], s->block_aligned_filename_size, 701 &s->dst_sg, 1); 702 if (rc != 1) { 703 printk(KERN_ERR "%s: Internal error whilst attempting to " 704 "convert encrypted filename memory to scatterlist; " 705 "expected rc = 1; got rc = [%d]. " 706 "block_aligned_filename_size = [%zd]\n", __func__, rc, 707 s->block_aligned_filename_size); 708 goto out_release_free_unlock; 709 } 710 /* The characters in the first block effectively do the job 711 * of the IV here, so we just use 0's for the IV. Note the 712 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 713 * >= ECRYPTFS_MAX_IV_BYTES. */ 714 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 715 s->desc.info = s->iv; 716 rc = crypto_blkcipher_setkey( 717 s->desc.tfm, 718 s->auth_tok->token.password.session_key_encryption_key, 719 mount_crypt_stat->global_default_fn_cipher_key_bytes); 720 if (rc < 0) { 721 printk(KERN_ERR "%s: Error setting key for crypto context; " 722 "rc = [%d]. s->auth_tok->token.password.session_key_" 723 "encryption_key = [0x%p]; mount_crypt_stat->" 724 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 725 rc, 726 s->auth_tok->token.password.session_key_encryption_key, 727 mount_crypt_stat->global_default_fn_cipher_key_bytes); 728 goto out_release_free_unlock; 729 } 730 rc = crypto_blkcipher_encrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 731 s->block_aligned_filename_size); 732 if (rc) { 733 printk(KERN_ERR "%s: Error attempting to encrypt filename; " 734 "rc = [%d]\n", __func__, rc); 735 goto out_release_free_unlock; 736 } 737 s->i += s->block_aligned_filename_size; 738 (*packet_size) = s->i; 739 (*remaining_bytes) -= (*packet_size); 740 out_release_free_unlock: 741 crypto_free_hash(s->hash_desc.tfm); 742 out_free_unlock: 743 kzfree(s->block_aligned_filename); 744 out_unlock: 745 mutex_unlock(s->tfm_mutex); 746 out: 747 kfree(s); 748 return rc; 749 } 750 751 struct ecryptfs_parse_tag_70_packet_silly_stack { 752 u8 cipher_code; 753 size_t max_packet_size; 754 size_t packet_size_len; 755 size_t parsed_tag_70_packet_size; 756 size_t block_aligned_filename_size; 757 size_t block_size; 758 size_t i; 759 struct mutex *tfm_mutex; 760 char *decrypted_filename; 761 struct ecryptfs_auth_tok *auth_tok; 762 struct scatterlist src_sg; 763 struct scatterlist dst_sg; 764 struct blkcipher_desc desc; 765 char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1]; 766 char iv[ECRYPTFS_MAX_IV_BYTES]; 767 char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE]; 768 }; 769 770 /** 771 * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet 772 * @filename: This function kmalloc's the memory for the filename 773 * @filename_size: This function sets this to the amount of memory 774 * kmalloc'd for the filename 775 * @packet_size: This function sets this to the the number of octets 776 * in the packet parsed 777 * @mount_crypt_stat: The mount-wide cryptographic context 778 * @data: The memory location containing the start of the tag 70 779 * packet 780 * @max_packet_size: The maximum legal size of the packet to be parsed 781 * from @data 782 * 783 * Returns zero on success; non-zero otherwise 784 */ 785 int 786 ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, 787 size_t *packet_size, 788 struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 789 char *data, size_t max_packet_size) 790 { 791 struct ecryptfs_parse_tag_70_packet_silly_stack *s; 792 int rc = 0; 793 794 (*packet_size) = 0; 795 (*filename_size) = 0; 796 (*filename) = NULL; 797 s = kmalloc(sizeof(*s), GFP_KERNEL); 798 if (!s) { 799 printk(KERN_ERR "%s: Out of memory whilst trying to kmalloc " 800 "[%zd] bytes of kernel memory\n", __func__, sizeof(*s)); 801 goto out; 802 } 803 s->desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; 804 if (max_packet_size < (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)) { 805 printk(KERN_WARNING "%s: max_packet_size is [%zd]; it must be " 806 "at least [%d]\n", __func__, max_packet_size, 807 (1 + 1 + ECRYPTFS_SIG_SIZE + 1 + 1)); 808 rc = -EINVAL; 809 goto out; 810 } 811 /* Octet 0: Tag 70 identifier 812 * Octets 1-N1: Tag 70 packet size (includes cipher identifier 813 * and block-aligned encrypted filename size) 814 * Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE) 815 * Octet N2-N3: Cipher identifier (1 octet) 816 * Octets N3-N4: Block-aligned encrypted filename 817 * - Consists of a minimum number of random numbers, a \0 818 * separator, and then the filename */ 819 if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) { 820 printk(KERN_WARNING "%s: Invalid packet tag [0x%.2x]; must be " 821 "tag [0x%.2x]\n", __func__, 822 data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE); 823 rc = -EINVAL; 824 goto out; 825 } 826 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], 827 &s->parsed_tag_70_packet_size, 828 &s->packet_size_len); 829 if (rc) { 830 printk(KERN_WARNING "%s: Error parsing packet length; " 831 "rc = [%d]\n", __func__, rc); 832 goto out; 833 } 834 s->block_aligned_filename_size = (s->parsed_tag_70_packet_size 835 - ECRYPTFS_SIG_SIZE - 1); 836 if ((1 + s->packet_size_len + s->parsed_tag_70_packet_size) 837 > max_packet_size) { 838 printk(KERN_WARNING "%s: max_packet_size is [%zd]; real packet " 839 "size is [%zd]\n", __func__, max_packet_size, 840 (1 + s->packet_size_len + 1 841 + s->block_aligned_filename_size)); 842 rc = -EINVAL; 843 goto out; 844 } 845 (*packet_size) += s->packet_size_len; 846 ecryptfs_to_hex(s->fnek_sig_hex, &data[(*packet_size)], 847 ECRYPTFS_SIG_SIZE); 848 s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 849 (*packet_size) += ECRYPTFS_SIG_SIZE; 850 s->cipher_code = data[(*packet_size)++]; 851 rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code); 852 if (rc) { 853 printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n", 854 __func__, s->cipher_code); 855 goto out; 856 } 857 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&s->desc.tfm, 858 &s->tfm_mutex, 859 s->cipher_string); 860 if (unlikely(rc)) { 861 printk(KERN_ERR "Internal error whilst attempting to get " 862 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 863 s->cipher_string, rc); 864 goto out; 865 } 866 mutex_lock(s->tfm_mutex); 867 rc = virt_to_scatterlist(&data[(*packet_size)], 868 s->block_aligned_filename_size, &s->src_sg, 1); 869 if (rc != 1) { 870 printk(KERN_ERR "%s: Internal error whilst attempting to " 871 "convert encrypted filename memory to scatterlist; " 872 "expected rc = 1; got rc = [%d]. " 873 "block_aligned_filename_size = [%zd]\n", __func__, rc, 874 s->block_aligned_filename_size); 875 goto out_unlock; 876 } 877 (*packet_size) += s->block_aligned_filename_size; 878 s->decrypted_filename = kmalloc(s->block_aligned_filename_size, 879 GFP_KERNEL); 880 if (!s->decrypted_filename) { 881 printk(KERN_ERR "%s: Out of memory whilst attempting to " 882 "kmalloc [%zd] bytes\n", __func__, 883 s->block_aligned_filename_size); 884 rc = -ENOMEM; 885 goto out_unlock; 886 } 887 rc = virt_to_scatterlist(s->decrypted_filename, 888 s->block_aligned_filename_size, &s->dst_sg, 1); 889 if (rc != 1) { 890 printk(KERN_ERR "%s: Internal error whilst attempting to " 891 "convert decrypted filename memory to scatterlist; " 892 "expected rc = 1; got rc = [%d]. " 893 "block_aligned_filename_size = [%zd]\n", __func__, rc, 894 s->block_aligned_filename_size); 895 goto out_free_unlock; 896 } 897 /* The characters in the first block effectively do the job of 898 * the IV here, so we just use 0's for the IV. Note the 899 * constraint that ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 900 * >= ECRYPTFS_MAX_IV_BYTES. */ 901 memset(s->iv, 0, ECRYPTFS_MAX_IV_BYTES); 902 s->desc.info = s->iv; 903 rc = ecryptfs_find_auth_tok_for_sig(&s->auth_tok, mount_crypt_stat, 904 s->fnek_sig_hex); 905 if (rc) { 906 printk(KERN_ERR "%s: Error attempting to find auth tok for " 907 "fnek sig [%s]; rc = [%d]\n", __func__, s->fnek_sig_hex, 908 rc); 909 goto out_free_unlock; 910 } 911 /* TODO: Support other key modules than passphrase for 912 * filename encryption */ 913 BUG_ON(s->auth_tok->token_type != ECRYPTFS_PASSWORD); 914 rc = crypto_blkcipher_setkey( 915 s->desc.tfm, 916 s->auth_tok->token.password.session_key_encryption_key, 917 mount_crypt_stat->global_default_fn_cipher_key_bytes); 918 if (rc < 0) { 919 printk(KERN_ERR "%s: Error setting key for crypto context; " 920 "rc = [%d]. s->auth_tok->token.password.session_key_" 921 "encryption_key = [0x%p]; mount_crypt_stat->" 922 "global_default_fn_cipher_key_bytes = [%zd]\n", __func__, 923 rc, 924 s->auth_tok->token.password.session_key_encryption_key, 925 mount_crypt_stat->global_default_fn_cipher_key_bytes); 926 goto out_free_unlock; 927 } 928 rc = crypto_blkcipher_decrypt_iv(&s->desc, &s->dst_sg, &s->src_sg, 929 s->block_aligned_filename_size); 930 if (rc) { 931 printk(KERN_ERR "%s: Error attempting to decrypt filename; " 932 "rc = [%d]\n", __func__, rc); 933 goto out_free_unlock; 934 } 935 s->i = 0; 936 while (s->decrypted_filename[s->i] != '\0' 937 && s->i < s->block_aligned_filename_size) 938 s->i++; 939 if (s->i == s->block_aligned_filename_size) { 940 printk(KERN_WARNING "%s: Invalid tag 70 packet; could not " 941 "find valid separator between random characters and " 942 "the filename\n", __func__); 943 rc = -EINVAL; 944 goto out_free_unlock; 945 } 946 s->i++; 947 (*filename_size) = (s->block_aligned_filename_size - s->i); 948 if (!((*filename_size) > 0 && (*filename_size < PATH_MAX))) { 949 printk(KERN_WARNING "%s: Filename size is [%zd], which is " 950 "invalid\n", __func__, (*filename_size)); 951 rc = -EINVAL; 952 goto out_free_unlock; 953 } 954 (*filename) = kmalloc(((*filename_size) + 1), GFP_KERNEL); 955 if (!(*filename)) { 956 printk(KERN_ERR "%s: Out of memory whilst attempting to " 957 "kmalloc [%zd] bytes\n", __func__, 958 ((*filename_size) + 1)); 959 rc = -ENOMEM; 960 goto out_free_unlock; 961 } 962 memcpy((*filename), &s->decrypted_filename[s->i], (*filename_size)); 963 (*filename)[(*filename_size)] = '\0'; 964 out_free_unlock: 965 kfree(s->decrypted_filename); 966 out_unlock: 967 mutex_unlock(s->tfm_mutex); 968 out: 969 if (rc) { 970 (*packet_size) = 0; 971 (*filename_size) = 0; 972 (*filename) = NULL; 973 } 974 kfree(s); 975 return rc; 976 } 977 978 static int 979 ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok) 980 { 981 int rc = 0; 982 983 (*sig) = NULL; 984 switch (auth_tok->token_type) { 985 case ECRYPTFS_PASSWORD: 986 (*sig) = auth_tok->token.password.signature; 987 break; 988 case ECRYPTFS_PRIVATE_KEY: 989 (*sig) = auth_tok->token.private_key.signature; 990 break; 991 default: 992 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n", 993 auth_tok->token_type); 994 rc = -EINVAL; 995 } 996 return rc; 997 } 998 999 /** 1000 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok. 1001 * @auth_tok: The key authentication token used to decrypt the session key 1002 * @crypt_stat: The cryptographic context 1003 * 1004 * Returns zero on success; non-zero error otherwise. 1005 */ 1006 static int 1007 decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1008 struct ecryptfs_crypt_stat *crypt_stat) 1009 { 1010 u8 cipher_code = 0; 1011 struct ecryptfs_msg_ctx *msg_ctx; 1012 struct ecryptfs_message *msg = NULL; 1013 char *auth_tok_sig; 1014 char *payload; 1015 size_t payload_len; 1016 int rc; 1017 1018 rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok); 1019 if (rc) { 1020 printk(KERN_ERR "Unrecognized auth tok type: [%d]\n", 1021 auth_tok->token_type); 1022 goto out; 1023 } 1024 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key), 1025 &payload, &payload_len); 1026 if (rc) { 1027 ecryptfs_printk(KERN_ERR, "Failed to write tag 64 packet\n"); 1028 goto out; 1029 } 1030 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1031 if (rc) { 1032 ecryptfs_printk(KERN_ERR, "Error sending message to " 1033 "ecryptfsd\n"); 1034 goto out; 1035 } 1036 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1037 if (rc) { 1038 ecryptfs_printk(KERN_ERR, "Failed to receive tag 65 packet " 1039 "from the user space daemon\n"); 1040 rc = -EIO; 1041 goto out; 1042 } 1043 rc = parse_tag_65_packet(&(auth_tok->session_key), 1044 &cipher_code, msg); 1045 if (rc) { 1046 printk(KERN_ERR "Failed to parse tag 65 packet; rc = [%d]\n", 1047 rc); 1048 goto out; 1049 } 1050 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1051 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1052 auth_tok->session_key.decrypted_key_size); 1053 crypt_stat->key_size = auth_tok->session_key.decrypted_key_size; 1054 rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); 1055 if (rc) { 1056 ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", 1057 cipher_code) 1058 goto out; 1059 } 1060 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1061 if (ecryptfs_verbosity > 0) { 1062 ecryptfs_printk(KERN_DEBUG, "Decrypted session key:\n"); 1063 ecryptfs_dump_hex(crypt_stat->key, 1064 crypt_stat->key_size); 1065 } 1066 out: 1067 if (msg) 1068 kfree(msg); 1069 return rc; 1070 } 1071 1072 static void wipe_auth_tok_list(struct list_head *auth_tok_list_head) 1073 { 1074 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1075 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1076 1077 list_for_each_entry_safe(auth_tok_list_item, auth_tok_list_item_tmp, 1078 auth_tok_list_head, list) { 1079 list_del(&auth_tok_list_item->list); 1080 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1081 auth_tok_list_item); 1082 } 1083 } 1084 1085 struct kmem_cache *ecryptfs_auth_tok_list_item_cache; 1086 1087 /** 1088 * parse_tag_1_packet 1089 * @crypt_stat: The cryptographic context to modify based on packet contents 1090 * @data: The raw bytes of the packet. 1091 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1092 * a new authentication token will be placed at the 1093 * end of this list for this packet. 1094 * @new_auth_tok: Pointer to a pointer to memory that this function 1095 * allocates; sets the memory address of the pointer to 1096 * NULL on error. This object is added to the 1097 * auth_tok_list. 1098 * @packet_size: This function writes the size of the parsed packet 1099 * into this memory location; zero on error. 1100 * @max_packet_size: The maximum allowable packet size 1101 * 1102 * Returns zero on success; non-zero on error. 1103 */ 1104 static int 1105 parse_tag_1_packet(struct ecryptfs_crypt_stat *crypt_stat, 1106 unsigned char *data, struct list_head *auth_tok_list, 1107 struct ecryptfs_auth_tok **new_auth_tok, 1108 size_t *packet_size, size_t max_packet_size) 1109 { 1110 size_t body_size; 1111 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1112 size_t length_size; 1113 int rc = 0; 1114 1115 (*packet_size) = 0; 1116 (*new_auth_tok) = NULL; 1117 /** 1118 * This format is inspired by OpenPGP; see RFC 2440 1119 * packet tag 1 1120 * 1121 * Tag 1 identifier (1 byte) 1122 * Max Tag 1 packet size (max 3 bytes) 1123 * Version (1 byte) 1124 * Key identifier (8 bytes; ECRYPTFS_SIG_SIZE) 1125 * Cipher identifier (1 byte) 1126 * Encrypted key size (arbitrary) 1127 * 1128 * 12 bytes minimum packet size 1129 */ 1130 if (unlikely(max_packet_size < 12)) { 1131 printk(KERN_ERR "Invalid max packet size; must be >=12\n"); 1132 rc = -EINVAL; 1133 goto out; 1134 } 1135 if (data[(*packet_size)++] != ECRYPTFS_TAG_1_PACKET_TYPE) { 1136 printk(KERN_ERR "Enter w/ first byte != 0x%.2x\n", 1137 ECRYPTFS_TAG_1_PACKET_TYPE); 1138 rc = -EINVAL; 1139 goto out; 1140 } 1141 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1142 * at end of function upon failure */ 1143 auth_tok_list_item = 1144 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, 1145 GFP_KERNEL); 1146 if (!auth_tok_list_item) { 1147 printk(KERN_ERR "Unable to allocate memory\n"); 1148 rc = -ENOMEM; 1149 goto out; 1150 } 1151 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1152 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1153 &length_size); 1154 if (rc) { 1155 printk(KERN_WARNING "Error parsing packet length; " 1156 "rc = [%d]\n", rc); 1157 goto out_free; 1158 } 1159 if (unlikely(body_size < (ECRYPTFS_SIG_SIZE + 2))) { 1160 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1161 rc = -EINVAL; 1162 goto out_free; 1163 } 1164 (*packet_size) += length_size; 1165 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1166 printk(KERN_WARNING "Packet size exceeds max\n"); 1167 rc = -EINVAL; 1168 goto out_free; 1169 } 1170 if (unlikely(data[(*packet_size)++] != 0x03)) { 1171 printk(KERN_WARNING "Unknown version number [%d]\n", 1172 data[(*packet_size) - 1]); 1173 rc = -EINVAL; 1174 goto out_free; 1175 } 1176 ecryptfs_to_hex((*new_auth_tok)->token.private_key.signature, 1177 &data[(*packet_size)], ECRYPTFS_SIG_SIZE); 1178 *packet_size += ECRYPTFS_SIG_SIZE; 1179 /* This byte is skipped because the kernel does not need to 1180 * know which public key encryption algorithm was used */ 1181 (*packet_size)++; 1182 (*new_auth_tok)->session_key.encrypted_key_size = 1183 body_size - (ECRYPTFS_SIG_SIZE + 2); 1184 if ((*new_auth_tok)->session_key.encrypted_key_size 1185 > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 1186 printk(KERN_WARNING "Tag 1 packet contains key larger " 1187 "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES"); 1188 rc = -EINVAL; 1189 goto out; 1190 } 1191 memcpy((*new_auth_tok)->session_key.encrypted_key, 1192 &data[(*packet_size)], (body_size - (ECRYPTFS_SIG_SIZE + 2))); 1193 (*packet_size) += (*new_auth_tok)->session_key.encrypted_key_size; 1194 (*new_auth_tok)->session_key.flags &= 1195 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1196 (*new_auth_tok)->session_key.flags |= 1197 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1198 (*new_auth_tok)->token_type = ECRYPTFS_PRIVATE_KEY; 1199 (*new_auth_tok)->flags = 0; 1200 (*new_auth_tok)->session_key.flags &= 1201 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1202 (*new_auth_tok)->session_key.flags &= 1203 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1204 list_add(&auth_tok_list_item->list, auth_tok_list); 1205 goto out; 1206 out_free: 1207 (*new_auth_tok) = NULL; 1208 memset(auth_tok_list_item, 0, 1209 sizeof(struct ecryptfs_auth_tok_list_item)); 1210 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1211 auth_tok_list_item); 1212 out: 1213 if (rc) 1214 (*packet_size) = 0; 1215 return rc; 1216 } 1217 1218 /** 1219 * parse_tag_3_packet 1220 * @crypt_stat: The cryptographic context to modify based on packet 1221 * contents. 1222 * @data: The raw bytes of the packet. 1223 * @auth_tok_list: eCryptfs parses packets into authentication tokens; 1224 * a new authentication token will be placed at the end 1225 * of this list for this packet. 1226 * @new_auth_tok: Pointer to a pointer to memory that this function 1227 * allocates; sets the memory address of the pointer to 1228 * NULL on error. This object is added to the 1229 * auth_tok_list. 1230 * @packet_size: This function writes the size of the parsed packet 1231 * into this memory location; zero on error. 1232 * @max_packet_size: maximum number of bytes to parse 1233 * 1234 * Returns zero on success; non-zero on error. 1235 */ 1236 static int 1237 parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, 1238 unsigned char *data, struct list_head *auth_tok_list, 1239 struct ecryptfs_auth_tok **new_auth_tok, 1240 size_t *packet_size, size_t max_packet_size) 1241 { 1242 size_t body_size; 1243 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1244 size_t length_size; 1245 int rc = 0; 1246 1247 (*packet_size) = 0; 1248 (*new_auth_tok) = NULL; 1249 /** 1250 *This format is inspired by OpenPGP; see RFC 2440 1251 * packet tag 3 1252 * 1253 * Tag 3 identifier (1 byte) 1254 * Max Tag 3 packet size (max 3 bytes) 1255 * Version (1 byte) 1256 * Cipher code (1 byte) 1257 * S2K specifier (1 byte) 1258 * Hash identifier (1 byte) 1259 * Salt (ECRYPTFS_SALT_SIZE) 1260 * Hash iterations (1 byte) 1261 * Encrypted key (arbitrary) 1262 * 1263 * (ECRYPTFS_SALT_SIZE + 7) minimum packet size 1264 */ 1265 if (max_packet_size < (ECRYPTFS_SALT_SIZE + 7)) { 1266 printk(KERN_ERR "Max packet size too large\n"); 1267 rc = -EINVAL; 1268 goto out; 1269 } 1270 if (data[(*packet_size)++] != ECRYPTFS_TAG_3_PACKET_TYPE) { 1271 printk(KERN_ERR "First byte != 0x%.2x; invalid packet\n", 1272 ECRYPTFS_TAG_3_PACKET_TYPE); 1273 rc = -EINVAL; 1274 goto out; 1275 } 1276 /* Released: wipe_auth_tok_list called in ecryptfs_parse_packet_set or 1277 * at end of function upon failure */ 1278 auth_tok_list_item = 1279 kmem_cache_zalloc(ecryptfs_auth_tok_list_item_cache, GFP_KERNEL); 1280 if (!auth_tok_list_item) { 1281 printk(KERN_ERR "Unable to allocate memory\n"); 1282 rc = -ENOMEM; 1283 goto out; 1284 } 1285 (*new_auth_tok) = &auth_tok_list_item->auth_tok; 1286 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1287 &length_size); 1288 if (rc) { 1289 printk(KERN_WARNING "Error parsing packet length; rc = [%d]\n", 1290 rc); 1291 goto out_free; 1292 } 1293 if (unlikely(body_size < (ECRYPTFS_SALT_SIZE + 5))) { 1294 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1295 rc = -EINVAL; 1296 goto out_free; 1297 } 1298 (*packet_size) += length_size; 1299 if (unlikely((*packet_size) + body_size > max_packet_size)) { 1300 printk(KERN_ERR "Packet size exceeds max\n"); 1301 rc = -EINVAL; 1302 goto out_free; 1303 } 1304 (*new_auth_tok)->session_key.encrypted_key_size = 1305 (body_size - (ECRYPTFS_SALT_SIZE + 5)); 1306 if ((*new_auth_tok)->session_key.encrypted_key_size 1307 > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { 1308 printk(KERN_WARNING "Tag 3 packet contains key larger " 1309 "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES\n"); 1310 rc = -EINVAL; 1311 goto out_free; 1312 } 1313 if (unlikely(data[(*packet_size)++] != 0x04)) { 1314 printk(KERN_WARNING "Unknown version number [%d]\n", 1315 data[(*packet_size) - 1]); 1316 rc = -EINVAL; 1317 goto out_free; 1318 } 1319 ecryptfs_cipher_code_to_string(crypt_stat->cipher, 1320 (u16)data[(*packet_size)]); 1321 /* A little extra work to differentiate among the AES key 1322 * sizes; see RFC2440 */ 1323 switch(data[(*packet_size)++]) { 1324 case RFC2440_CIPHER_AES_192: 1325 crypt_stat->key_size = 24; 1326 break; 1327 default: 1328 crypt_stat->key_size = 1329 (*new_auth_tok)->session_key.encrypted_key_size; 1330 } 1331 ecryptfs_init_crypt_ctx(crypt_stat); 1332 if (unlikely(data[(*packet_size)++] != 0x03)) { 1333 printk(KERN_WARNING "Only S2K ID 3 is currently supported\n"); 1334 rc = -ENOSYS; 1335 goto out_free; 1336 } 1337 /* TODO: finish the hash mapping */ 1338 switch (data[(*packet_size)++]) { 1339 case 0x01: /* See RFC2440 for these numbers and their mappings */ 1340 /* Choose MD5 */ 1341 memcpy((*new_auth_tok)->token.password.salt, 1342 &data[(*packet_size)], ECRYPTFS_SALT_SIZE); 1343 (*packet_size) += ECRYPTFS_SALT_SIZE; 1344 /* This conversion was taken straight from RFC2440 */ 1345 (*new_auth_tok)->token.password.hash_iterations = 1346 ((u32) 16 + (data[(*packet_size)] & 15)) 1347 << ((data[(*packet_size)] >> 4) + 6); 1348 (*packet_size)++; 1349 /* Friendly reminder: 1350 * (*new_auth_tok)->session_key.encrypted_key_size = 1351 * (body_size - (ECRYPTFS_SALT_SIZE + 5)); */ 1352 memcpy((*new_auth_tok)->session_key.encrypted_key, 1353 &data[(*packet_size)], 1354 (*new_auth_tok)->session_key.encrypted_key_size); 1355 (*packet_size) += 1356 (*new_auth_tok)->session_key.encrypted_key_size; 1357 (*new_auth_tok)->session_key.flags &= 1358 ~ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1359 (*new_auth_tok)->session_key.flags |= 1360 ECRYPTFS_CONTAINS_ENCRYPTED_KEY; 1361 (*new_auth_tok)->token.password.hash_algo = 0x01; /* MD5 */ 1362 break; 1363 default: 1364 ecryptfs_printk(KERN_ERR, "Unsupported hash algorithm: " 1365 "[%d]\n", data[(*packet_size) - 1]); 1366 rc = -ENOSYS; 1367 goto out_free; 1368 } 1369 (*new_auth_tok)->token_type = ECRYPTFS_PASSWORD; 1370 /* TODO: Parametarize; we might actually want userspace to 1371 * decrypt the session key. */ 1372 (*new_auth_tok)->session_key.flags &= 1373 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT); 1374 (*new_auth_tok)->session_key.flags &= 1375 ~(ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT); 1376 list_add(&auth_tok_list_item->list, auth_tok_list); 1377 goto out; 1378 out_free: 1379 (*new_auth_tok) = NULL; 1380 memset(auth_tok_list_item, 0, 1381 sizeof(struct ecryptfs_auth_tok_list_item)); 1382 kmem_cache_free(ecryptfs_auth_tok_list_item_cache, 1383 auth_tok_list_item); 1384 out: 1385 if (rc) 1386 (*packet_size) = 0; 1387 return rc; 1388 } 1389 1390 /** 1391 * parse_tag_11_packet 1392 * @data: The raw bytes of the packet 1393 * @contents: This function writes the data contents of the literal 1394 * packet into this memory location 1395 * @max_contents_bytes: The maximum number of bytes that this function 1396 * is allowed to write into contents 1397 * @tag_11_contents_size: This function writes the size of the parsed 1398 * contents into this memory location; zero on 1399 * error 1400 * @packet_size: This function writes the size of the parsed packet 1401 * into this memory location; zero on error 1402 * @max_packet_size: maximum number of bytes to parse 1403 * 1404 * Returns zero on success; non-zero on error. 1405 */ 1406 static int 1407 parse_tag_11_packet(unsigned char *data, unsigned char *contents, 1408 size_t max_contents_bytes, size_t *tag_11_contents_size, 1409 size_t *packet_size, size_t max_packet_size) 1410 { 1411 size_t body_size; 1412 size_t length_size; 1413 int rc = 0; 1414 1415 (*packet_size) = 0; 1416 (*tag_11_contents_size) = 0; 1417 /* This format is inspired by OpenPGP; see RFC 2440 1418 * packet tag 11 1419 * 1420 * Tag 11 identifier (1 byte) 1421 * Max Tag 11 packet size (max 3 bytes) 1422 * Binary format specifier (1 byte) 1423 * Filename length (1 byte) 1424 * Filename ("_CONSOLE") (8 bytes) 1425 * Modification date (4 bytes) 1426 * Literal data (arbitrary) 1427 * 1428 * We need at least 16 bytes of data for the packet to even be 1429 * valid. 1430 */ 1431 if (max_packet_size < 16) { 1432 printk(KERN_ERR "Maximum packet size too small\n"); 1433 rc = -EINVAL; 1434 goto out; 1435 } 1436 if (data[(*packet_size)++] != ECRYPTFS_TAG_11_PACKET_TYPE) { 1437 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1438 rc = -EINVAL; 1439 goto out; 1440 } 1441 rc = ecryptfs_parse_packet_length(&data[(*packet_size)], &body_size, 1442 &length_size); 1443 if (rc) { 1444 printk(KERN_WARNING "Invalid tag 11 packet format\n"); 1445 goto out; 1446 } 1447 if (body_size < 14) { 1448 printk(KERN_WARNING "Invalid body size ([%td])\n", body_size); 1449 rc = -EINVAL; 1450 goto out; 1451 } 1452 (*packet_size) += length_size; 1453 (*tag_11_contents_size) = (body_size - 14); 1454 if (unlikely((*packet_size) + body_size + 1 > max_packet_size)) { 1455 printk(KERN_ERR "Packet size exceeds max\n"); 1456 rc = -EINVAL; 1457 goto out; 1458 } 1459 if (unlikely((*tag_11_contents_size) > max_contents_bytes)) { 1460 printk(KERN_ERR "Literal data section in tag 11 packet exceeds " 1461 "expected size\n"); 1462 rc = -EINVAL; 1463 goto out; 1464 } 1465 if (data[(*packet_size)++] != 0x62) { 1466 printk(KERN_WARNING "Unrecognizable packet\n"); 1467 rc = -EINVAL; 1468 goto out; 1469 } 1470 if (data[(*packet_size)++] != 0x08) { 1471 printk(KERN_WARNING "Unrecognizable packet\n"); 1472 rc = -EINVAL; 1473 goto out; 1474 } 1475 (*packet_size) += 12; /* Ignore filename and modification date */ 1476 memcpy(contents, &data[(*packet_size)], (*tag_11_contents_size)); 1477 (*packet_size) += (*tag_11_contents_size); 1478 out: 1479 if (rc) { 1480 (*packet_size) = 0; 1481 (*tag_11_contents_size) = 0; 1482 } 1483 return rc; 1484 } 1485 1486 /** 1487 * ecryptfs_verify_version 1488 * @version: The version number to confirm 1489 * 1490 * Returns zero on good version; non-zero otherwise 1491 */ 1492 static int ecryptfs_verify_version(u16 version) 1493 { 1494 int rc = 0; 1495 unsigned char major; 1496 unsigned char minor; 1497 1498 major = ((version >> 8) & 0xFF); 1499 minor = (version & 0xFF); 1500 if (major != ECRYPTFS_VERSION_MAJOR) { 1501 ecryptfs_printk(KERN_ERR, "Major version number mismatch. " 1502 "Expected [%d]; got [%d]\n", 1503 ECRYPTFS_VERSION_MAJOR, major); 1504 rc = -EINVAL; 1505 goto out; 1506 } 1507 if (minor != ECRYPTFS_VERSION_MINOR) { 1508 ecryptfs_printk(KERN_ERR, "Minor version number mismatch. " 1509 "Expected [%d]; got [%d]\n", 1510 ECRYPTFS_VERSION_MINOR, minor); 1511 rc = -EINVAL; 1512 goto out; 1513 } 1514 out: 1515 return rc; 1516 } 1517 1518 int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key, 1519 struct ecryptfs_auth_tok **auth_tok, 1520 char *sig) 1521 { 1522 int rc = 0; 1523 1524 (*auth_tok_key) = request_key(&key_type_user, sig, NULL); 1525 if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) { 1526 printk(KERN_ERR "Could not find key with description: [%s]\n", 1527 sig); 1528 rc = process_request_key_err(PTR_ERR(*auth_tok_key)); 1529 goto out; 1530 } 1531 (*auth_tok) = ecryptfs_get_key_payload_data(*auth_tok_key); 1532 if (ecryptfs_verify_version((*auth_tok)->version)) { 1533 printk(KERN_ERR 1534 "Data structure version mismatch. " 1535 "Userspace tools must match eCryptfs " 1536 "kernel module with major version [%d] " 1537 "and minor version [%d]\n", 1538 ECRYPTFS_VERSION_MAJOR, 1539 ECRYPTFS_VERSION_MINOR); 1540 rc = -EINVAL; 1541 goto out; 1542 } 1543 if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD 1544 && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) { 1545 printk(KERN_ERR "Invalid auth_tok structure " 1546 "returned from key query\n"); 1547 rc = -EINVAL; 1548 goto out; 1549 } 1550 out: 1551 return rc; 1552 } 1553 1554 /** 1555 * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok. 1556 * @auth_tok: The passphrase authentication token to use to encrypt the FEK 1557 * @crypt_stat: The cryptographic context 1558 * 1559 * Returns zero on success; non-zero error otherwise 1560 */ 1561 static int 1562 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, 1563 struct ecryptfs_crypt_stat *crypt_stat) 1564 { 1565 struct scatterlist dst_sg[2]; 1566 struct scatterlist src_sg[2]; 1567 struct mutex *tfm_mutex; 1568 struct blkcipher_desc desc = { 1569 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 1570 }; 1571 int rc = 0; 1572 1573 if (unlikely(ecryptfs_verbosity > 0)) { 1574 ecryptfs_printk( 1575 KERN_DEBUG, "Session key encryption key (size [%d]):\n", 1576 auth_tok->token.password.session_key_encryption_key_bytes); 1577 ecryptfs_dump_hex( 1578 auth_tok->token.password.session_key_encryption_key, 1579 auth_tok->token.password.session_key_encryption_key_bytes); 1580 } 1581 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 1582 crypt_stat->cipher); 1583 if (unlikely(rc)) { 1584 printk(KERN_ERR "Internal error whilst attempting to get " 1585 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 1586 crypt_stat->cipher, rc); 1587 goto out; 1588 } 1589 rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key, 1590 auth_tok->session_key.encrypted_key_size, 1591 src_sg, 2); 1592 if (rc < 1 || rc > 2) { 1593 printk(KERN_ERR "Internal error whilst attempting to convert " 1594 "auth_tok->session_key.encrypted_key to scatterlist; " 1595 "expected rc = 1; got rc = [%d]. " 1596 "auth_tok->session_key.encrypted_key_size = [%d]\n", rc, 1597 auth_tok->session_key.encrypted_key_size); 1598 goto out; 1599 } 1600 auth_tok->session_key.decrypted_key_size = 1601 auth_tok->session_key.encrypted_key_size; 1602 rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key, 1603 auth_tok->session_key.decrypted_key_size, 1604 dst_sg, 2); 1605 if (rc < 1 || rc > 2) { 1606 printk(KERN_ERR "Internal error whilst attempting to convert " 1607 "auth_tok->session_key.decrypted_key to scatterlist; " 1608 "expected rc = 1; got rc = [%d]\n", rc); 1609 goto out; 1610 } 1611 mutex_lock(tfm_mutex); 1612 rc = crypto_blkcipher_setkey( 1613 desc.tfm, auth_tok->token.password.session_key_encryption_key, 1614 crypt_stat->key_size); 1615 if (unlikely(rc < 0)) { 1616 mutex_unlock(tfm_mutex); 1617 printk(KERN_ERR "Error setting key for crypto context\n"); 1618 rc = -EINVAL; 1619 goto out; 1620 } 1621 rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg, 1622 auth_tok->session_key.encrypted_key_size); 1623 mutex_unlock(tfm_mutex); 1624 if (unlikely(rc)) { 1625 printk(KERN_ERR "Error decrypting; rc = [%d]\n", rc); 1626 goto out; 1627 } 1628 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY; 1629 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, 1630 auth_tok->session_key.decrypted_key_size); 1631 crypt_stat->flags |= ECRYPTFS_KEY_VALID; 1632 if (unlikely(ecryptfs_verbosity > 0)) { 1633 ecryptfs_printk(KERN_DEBUG, "FEK of size [%d]:\n", 1634 crypt_stat->key_size); 1635 ecryptfs_dump_hex(crypt_stat->key, 1636 crypt_stat->key_size); 1637 } 1638 out: 1639 return rc; 1640 } 1641 1642 /** 1643 * ecryptfs_parse_packet_set 1644 * @crypt_stat: The cryptographic context 1645 * @src: Virtual address of region of memory containing the packets 1646 * @ecryptfs_dentry: The eCryptfs dentry associated with the packet set 1647 * 1648 * Get crypt_stat to have the file's session key if the requisite key 1649 * is available to decrypt the session key. 1650 * 1651 * Returns Zero if a valid authentication token was retrieved and 1652 * processed; negative value for file not encrypted or for error 1653 * conditions. 1654 */ 1655 int ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, 1656 unsigned char *src, 1657 struct dentry *ecryptfs_dentry) 1658 { 1659 size_t i = 0; 1660 size_t found_auth_tok; 1661 size_t next_packet_is_auth_tok_packet; 1662 struct list_head auth_tok_list; 1663 struct ecryptfs_auth_tok *matching_auth_tok; 1664 struct ecryptfs_auth_tok *candidate_auth_tok; 1665 char *candidate_auth_tok_sig; 1666 size_t packet_size; 1667 struct ecryptfs_auth_tok *new_auth_tok; 1668 unsigned char sig_tmp_space[ECRYPTFS_SIG_SIZE]; 1669 struct ecryptfs_auth_tok_list_item *auth_tok_list_item; 1670 size_t tag_11_contents_size; 1671 size_t tag_11_packet_size; 1672 int rc = 0; 1673 1674 INIT_LIST_HEAD(&auth_tok_list); 1675 /* Parse the header to find as many packets as we can; these will be 1676 * added the our &auth_tok_list */ 1677 next_packet_is_auth_tok_packet = 1; 1678 while (next_packet_is_auth_tok_packet) { 1679 size_t max_packet_size = ((PAGE_CACHE_SIZE - 8) - i); 1680 1681 switch (src[i]) { 1682 case ECRYPTFS_TAG_3_PACKET_TYPE: 1683 rc = parse_tag_3_packet(crypt_stat, 1684 (unsigned char *)&src[i], 1685 &auth_tok_list, &new_auth_tok, 1686 &packet_size, max_packet_size); 1687 if (rc) { 1688 ecryptfs_printk(KERN_ERR, "Error parsing " 1689 "tag 3 packet\n"); 1690 rc = -EIO; 1691 goto out_wipe_list; 1692 } 1693 i += packet_size; 1694 rc = parse_tag_11_packet((unsigned char *)&src[i], 1695 sig_tmp_space, 1696 ECRYPTFS_SIG_SIZE, 1697 &tag_11_contents_size, 1698 &tag_11_packet_size, 1699 max_packet_size); 1700 if (rc) { 1701 ecryptfs_printk(KERN_ERR, "No valid " 1702 "(ecryptfs-specific) literal " 1703 "packet containing " 1704 "authentication token " 1705 "signature found after " 1706 "tag 3 packet\n"); 1707 rc = -EIO; 1708 goto out_wipe_list; 1709 } 1710 i += tag_11_packet_size; 1711 if (ECRYPTFS_SIG_SIZE != tag_11_contents_size) { 1712 ecryptfs_printk(KERN_ERR, "Expected " 1713 "signature of size [%d]; " 1714 "read size [%d]\n", 1715 ECRYPTFS_SIG_SIZE, 1716 tag_11_contents_size); 1717 rc = -EIO; 1718 goto out_wipe_list; 1719 } 1720 ecryptfs_to_hex(new_auth_tok->token.password.signature, 1721 sig_tmp_space, tag_11_contents_size); 1722 new_auth_tok->token.password.signature[ 1723 ECRYPTFS_PASSWORD_SIG_SIZE] = '\0'; 1724 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1725 break; 1726 case ECRYPTFS_TAG_1_PACKET_TYPE: 1727 rc = parse_tag_1_packet(crypt_stat, 1728 (unsigned char *)&src[i], 1729 &auth_tok_list, &new_auth_tok, 1730 &packet_size, max_packet_size); 1731 if (rc) { 1732 ecryptfs_printk(KERN_ERR, "Error parsing " 1733 "tag 1 packet\n"); 1734 rc = -EIO; 1735 goto out_wipe_list; 1736 } 1737 i += packet_size; 1738 crypt_stat->flags |= ECRYPTFS_ENCRYPTED; 1739 break; 1740 case ECRYPTFS_TAG_11_PACKET_TYPE: 1741 ecryptfs_printk(KERN_WARNING, "Invalid packet set " 1742 "(Tag 11 not allowed by itself)\n"); 1743 rc = -EIO; 1744 goto out_wipe_list; 1745 break; 1746 default: 1747 ecryptfs_printk(KERN_DEBUG, "No packet at offset " 1748 "[%d] of the file header; hex value of " 1749 "character is [0x%.2x]\n", i, src[i]); 1750 next_packet_is_auth_tok_packet = 0; 1751 } 1752 } 1753 if (list_empty(&auth_tok_list)) { 1754 printk(KERN_ERR "The lower file appears to be a non-encrypted " 1755 "eCryptfs file; this is not supported in this version " 1756 "of the eCryptfs kernel module\n"); 1757 rc = -EINVAL; 1758 goto out; 1759 } 1760 /* auth_tok_list contains the set of authentication tokens 1761 * parsed from the metadata. We need to find a matching 1762 * authentication token that has the secret component(s) 1763 * necessary to decrypt the EFEK in the auth_tok parsed from 1764 * the metadata. There may be several potential matches, but 1765 * just one will be sufficient to decrypt to get the FEK. */ 1766 find_next_matching_auth_tok: 1767 found_auth_tok = 0; 1768 list_for_each_entry(auth_tok_list_item, &auth_tok_list, list) { 1769 candidate_auth_tok = &auth_tok_list_item->auth_tok; 1770 if (unlikely(ecryptfs_verbosity > 0)) { 1771 ecryptfs_printk(KERN_DEBUG, 1772 "Considering cadidate auth tok:\n"); 1773 ecryptfs_dump_auth_tok(candidate_auth_tok); 1774 } 1775 rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig, 1776 candidate_auth_tok); 1777 if (rc) { 1778 printk(KERN_ERR 1779 "Unrecognized candidate auth tok type: [%d]\n", 1780 candidate_auth_tok->token_type); 1781 rc = -EINVAL; 1782 goto out_wipe_list; 1783 } 1784 ecryptfs_find_auth_tok_for_sig(&matching_auth_tok, 1785 crypt_stat->mount_crypt_stat, 1786 candidate_auth_tok_sig); 1787 if (matching_auth_tok) { 1788 found_auth_tok = 1; 1789 goto found_matching_auth_tok; 1790 } 1791 } 1792 if (!found_auth_tok) { 1793 ecryptfs_printk(KERN_ERR, "Could not find a usable " 1794 "authentication token\n"); 1795 rc = -EIO; 1796 goto out_wipe_list; 1797 } 1798 found_matching_auth_tok: 1799 if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 1800 memcpy(&(candidate_auth_tok->token.private_key), 1801 &(matching_auth_tok->token.private_key), 1802 sizeof(struct ecryptfs_private_key)); 1803 rc = decrypt_pki_encrypted_session_key(candidate_auth_tok, 1804 crypt_stat); 1805 } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) { 1806 memcpy(&(candidate_auth_tok->token.password), 1807 &(matching_auth_tok->token.password), 1808 sizeof(struct ecryptfs_password)); 1809 rc = decrypt_passphrase_encrypted_session_key( 1810 candidate_auth_tok, crypt_stat); 1811 } 1812 if (rc) { 1813 struct ecryptfs_auth_tok_list_item *auth_tok_list_item_tmp; 1814 1815 ecryptfs_printk(KERN_WARNING, "Error decrypting the " 1816 "session key for authentication token with sig " 1817 "[%.*s]; rc = [%d]. Removing auth tok " 1818 "candidate from the list and searching for " 1819 "the next match.\n", candidate_auth_tok_sig, 1820 ECRYPTFS_SIG_SIZE_HEX, rc); 1821 list_for_each_entry_safe(auth_tok_list_item, 1822 auth_tok_list_item_tmp, 1823 &auth_tok_list, list) { 1824 if (candidate_auth_tok 1825 == &auth_tok_list_item->auth_tok) { 1826 list_del(&auth_tok_list_item->list); 1827 kmem_cache_free( 1828 ecryptfs_auth_tok_list_item_cache, 1829 auth_tok_list_item); 1830 goto find_next_matching_auth_tok; 1831 } 1832 } 1833 BUG(); 1834 } 1835 rc = ecryptfs_compute_root_iv(crypt_stat); 1836 if (rc) { 1837 ecryptfs_printk(KERN_ERR, "Error computing " 1838 "the root IV\n"); 1839 goto out_wipe_list; 1840 } 1841 rc = ecryptfs_init_crypt_ctx(crypt_stat); 1842 if (rc) { 1843 ecryptfs_printk(KERN_ERR, "Error initializing crypto " 1844 "context for cipher [%s]; rc = [%d]\n", 1845 crypt_stat->cipher, rc); 1846 } 1847 out_wipe_list: 1848 wipe_auth_tok_list(&auth_tok_list); 1849 out: 1850 return rc; 1851 } 1852 1853 static int 1854 pki_encrypt_session_key(struct ecryptfs_auth_tok *auth_tok, 1855 struct ecryptfs_crypt_stat *crypt_stat, 1856 struct ecryptfs_key_record *key_rec) 1857 { 1858 struct ecryptfs_msg_ctx *msg_ctx = NULL; 1859 char *payload = NULL; 1860 size_t payload_len; 1861 struct ecryptfs_message *msg; 1862 int rc; 1863 1864 rc = write_tag_66_packet(auth_tok->token.private_key.signature, 1865 ecryptfs_code_for_cipher_string( 1866 crypt_stat->cipher, 1867 crypt_stat->key_size), 1868 crypt_stat, &payload, &payload_len); 1869 if (rc) { 1870 ecryptfs_printk(KERN_ERR, "Error generating tag 66 packet\n"); 1871 goto out; 1872 } 1873 rc = ecryptfs_send_message(payload, payload_len, &msg_ctx); 1874 if (rc) { 1875 ecryptfs_printk(KERN_ERR, "Error sending message to " 1876 "ecryptfsd\n"); 1877 goto out; 1878 } 1879 rc = ecryptfs_wait_for_response(msg_ctx, &msg); 1880 if (rc) { 1881 ecryptfs_printk(KERN_ERR, "Failed to receive tag 67 packet " 1882 "from the user space daemon\n"); 1883 rc = -EIO; 1884 goto out; 1885 } 1886 rc = parse_tag_67_packet(key_rec, msg); 1887 if (rc) 1888 ecryptfs_printk(KERN_ERR, "Error parsing tag 67 packet\n"); 1889 kfree(msg); 1890 out: 1891 kfree(payload); 1892 return rc; 1893 } 1894 /** 1895 * write_tag_1_packet - Write an RFC2440-compatible tag 1 (public key) packet 1896 * @dest: Buffer into which to write the packet 1897 * @remaining_bytes: Maximum number of bytes that can be writtn 1898 * @auth_tok: The authentication token used for generating the tag 1 packet 1899 * @crypt_stat: The cryptographic context 1900 * @key_rec: The key record struct for the tag 1 packet 1901 * @packet_size: This function will write the number of bytes that end 1902 * up constituting the packet; set to zero on error 1903 * 1904 * Returns zero on success; non-zero on error. 1905 */ 1906 static int 1907 write_tag_1_packet(char *dest, size_t *remaining_bytes, 1908 struct ecryptfs_auth_tok *auth_tok, 1909 struct ecryptfs_crypt_stat *crypt_stat, 1910 struct ecryptfs_key_record *key_rec, size_t *packet_size) 1911 { 1912 size_t i; 1913 size_t encrypted_session_key_valid = 0; 1914 size_t packet_size_length; 1915 size_t max_packet_size; 1916 int rc = 0; 1917 1918 (*packet_size) = 0; 1919 ecryptfs_from_hex(key_rec->sig, auth_tok->token.private_key.signature, 1920 ECRYPTFS_SIG_SIZE); 1921 encrypted_session_key_valid = 0; 1922 for (i = 0; i < crypt_stat->key_size; i++) 1923 encrypted_session_key_valid |= 1924 auth_tok->session_key.encrypted_key[i]; 1925 if (encrypted_session_key_valid) { 1926 memcpy(key_rec->enc_key, 1927 auth_tok->session_key.encrypted_key, 1928 auth_tok->session_key.encrypted_key_size); 1929 goto encrypted_session_key_set; 1930 } 1931 if (auth_tok->session_key.encrypted_key_size == 0) 1932 auth_tok->session_key.encrypted_key_size = 1933 auth_tok->token.private_key.key_size; 1934 rc = pki_encrypt_session_key(auth_tok, crypt_stat, key_rec); 1935 if (rc) { 1936 printk(KERN_ERR "Failed to encrypt session key via a key " 1937 "module; rc = [%d]\n", rc); 1938 goto out; 1939 } 1940 if (ecryptfs_verbosity > 0) { 1941 ecryptfs_printk(KERN_DEBUG, "Encrypted key:\n"); 1942 ecryptfs_dump_hex(key_rec->enc_key, key_rec->enc_key_size); 1943 } 1944 encrypted_session_key_set: 1945 /* This format is inspired by OpenPGP; see RFC 2440 1946 * packet tag 1 */ 1947 max_packet_size = (1 /* Tag 1 identifier */ 1948 + 3 /* Max Tag 1 packet size */ 1949 + 1 /* Version */ 1950 + ECRYPTFS_SIG_SIZE /* Key identifier */ 1951 + 1 /* Cipher identifier */ 1952 + key_rec->enc_key_size); /* Encrypted key size */ 1953 if (max_packet_size > (*remaining_bytes)) { 1954 printk(KERN_ERR "Packet length larger than maximum allowable; " 1955 "need up to [%td] bytes, but there are only [%td] " 1956 "available\n", max_packet_size, (*remaining_bytes)); 1957 rc = -EINVAL; 1958 goto out; 1959 } 1960 dest[(*packet_size)++] = ECRYPTFS_TAG_1_PACKET_TYPE; 1961 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 1962 (max_packet_size - 4), 1963 &packet_size_length); 1964 if (rc) { 1965 ecryptfs_printk(KERN_ERR, "Error generating tag 1 packet " 1966 "header; cannot generate packet length\n"); 1967 goto out; 1968 } 1969 (*packet_size) += packet_size_length; 1970 dest[(*packet_size)++] = 0x03; /* version 3 */ 1971 memcpy(&dest[(*packet_size)], key_rec->sig, ECRYPTFS_SIG_SIZE); 1972 (*packet_size) += ECRYPTFS_SIG_SIZE; 1973 dest[(*packet_size)++] = RFC2440_CIPHER_RSA; 1974 memcpy(&dest[(*packet_size)], key_rec->enc_key, 1975 key_rec->enc_key_size); 1976 (*packet_size) += key_rec->enc_key_size; 1977 out: 1978 if (rc) 1979 (*packet_size) = 0; 1980 else 1981 (*remaining_bytes) -= (*packet_size); 1982 return rc; 1983 } 1984 1985 /** 1986 * write_tag_11_packet 1987 * @dest: Target into which Tag 11 packet is to be written 1988 * @remaining_bytes: Maximum packet length 1989 * @contents: Byte array of contents to copy in 1990 * @contents_length: Number of bytes in contents 1991 * @packet_length: Length of the Tag 11 packet written; zero on error 1992 * 1993 * Returns zero on success; non-zero on error. 1994 */ 1995 static int 1996 write_tag_11_packet(char *dest, size_t *remaining_bytes, char *contents, 1997 size_t contents_length, size_t *packet_length) 1998 { 1999 size_t packet_size_length; 2000 size_t max_packet_size; 2001 int rc = 0; 2002 2003 (*packet_length) = 0; 2004 /* This format is inspired by OpenPGP; see RFC 2440 2005 * packet tag 11 */ 2006 max_packet_size = (1 /* Tag 11 identifier */ 2007 + 3 /* Max Tag 11 packet size */ 2008 + 1 /* Binary format specifier */ 2009 + 1 /* Filename length */ 2010 + 8 /* Filename ("_CONSOLE") */ 2011 + 4 /* Modification date */ 2012 + contents_length); /* Literal data */ 2013 if (max_packet_size > (*remaining_bytes)) { 2014 printk(KERN_ERR "Packet length larger than maximum allowable; " 2015 "need up to [%td] bytes, but there are only [%td] " 2016 "available\n", max_packet_size, (*remaining_bytes)); 2017 rc = -EINVAL; 2018 goto out; 2019 } 2020 dest[(*packet_length)++] = ECRYPTFS_TAG_11_PACKET_TYPE; 2021 rc = ecryptfs_write_packet_length(&dest[(*packet_length)], 2022 (max_packet_size - 4), 2023 &packet_size_length); 2024 if (rc) { 2025 printk(KERN_ERR "Error generating tag 11 packet header; cannot " 2026 "generate packet length. rc = [%d]\n", rc); 2027 goto out; 2028 } 2029 (*packet_length) += packet_size_length; 2030 dest[(*packet_length)++] = 0x62; /* binary data format specifier */ 2031 dest[(*packet_length)++] = 8; 2032 memcpy(&dest[(*packet_length)], "_CONSOLE", 8); 2033 (*packet_length) += 8; 2034 memset(&dest[(*packet_length)], 0x00, 4); 2035 (*packet_length) += 4; 2036 memcpy(&dest[(*packet_length)], contents, contents_length); 2037 (*packet_length) += contents_length; 2038 out: 2039 if (rc) 2040 (*packet_length) = 0; 2041 else 2042 (*remaining_bytes) -= (*packet_length); 2043 return rc; 2044 } 2045 2046 /** 2047 * write_tag_3_packet 2048 * @dest: Buffer into which to write the packet 2049 * @remaining_bytes: Maximum number of bytes that can be written 2050 * @auth_tok: Authentication token 2051 * @crypt_stat: The cryptographic context 2052 * @key_rec: encrypted key 2053 * @packet_size: This function will write the number of bytes that end 2054 * up constituting the packet; set to zero on error 2055 * 2056 * Returns zero on success; non-zero on error. 2057 */ 2058 static int 2059 write_tag_3_packet(char *dest, size_t *remaining_bytes, 2060 struct ecryptfs_auth_tok *auth_tok, 2061 struct ecryptfs_crypt_stat *crypt_stat, 2062 struct ecryptfs_key_record *key_rec, size_t *packet_size) 2063 { 2064 size_t i; 2065 size_t encrypted_session_key_valid = 0; 2066 char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES]; 2067 struct scatterlist dst_sg[2]; 2068 struct scatterlist src_sg[2]; 2069 struct mutex *tfm_mutex = NULL; 2070 u8 cipher_code; 2071 size_t packet_size_length; 2072 size_t max_packet_size; 2073 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2074 crypt_stat->mount_crypt_stat; 2075 struct blkcipher_desc desc = { 2076 .tfm = NULL, 2077 .flags = CRYPTO_TFM_REQ_MAY_SLEEP 2078 }; 2079 int rc = 0; 2080 2081 (*packet_size) = 0; 2082 ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature, 2083 ECRYPTFS_SIG_SIZE); 2084 rc = ecryptfs_get_tfm_and_mutex_for_cipher_name(&desc.tfm, &tfm_mutex, 2085 crypt_stat->cipher); 2086 if (unlikely(rc)) { 2087 printk(KERN_ERR "Internal error whilst attempting to get " 2088 "tfm and mutex for cipher name [%s]; rc = [%d]\n", 2089 crypt_stat->cipher, rc); 2090 goto out; 2091 } 2092 if (mount_crypt_stat->global_default_cipher_key_size == 0) { 2093 struct blkcipher_alg *alg = crypto_blkcipher_alg(desc.tfm); 2094 2095 printk(KERN_WARNING "No key size specified at mount; " 2096 "defaulting to [%d]\n", alg->max_keysize); 2097 mount_crypt_stat->global_default_cipher_key_size = 2098 alg->max_keysize; 2099 } 2100 if (crypt_stat->key_size == 0) 2101 crypt_stat->key_size = 2102 mount_crypt_stat->global_default_cipher_key_size; 2103 if (auth_tok->session_key.encrypted_key_size == 0) 2104 auth_tok->session_key.encrypted_key_size = 2105 crypt_stat->key_size; 2106 if (crypt_stat->key_size == 24 2107 && strcmp("aes", crypt_stat->cipher) == 0) { 2108 memset((crypt_stat->key + 24), 0, 8); 2109 auth_tok->session_key.encrypted_key_size = 32; 2110 } else 2111 auth_tok->session_key.encrypted_key_size = crypt_stat->key_size; 2112 key_rec->enc_key_size = 2113 auth_tok->session_key.encrypted_key_size; 2114 encrypted_session_key_valid = 0; 2115 for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++) 2116 encrypted_session_key_valid |= 2117 auth_tok->session_key.encrypted_key[i]; 2118 if (encrypted_session_key_valid) { 2119 ecryptfs_printk(KERN_DEBUG, "encrypted_session_key_valid != 0; " 2120 "using auth_tok->session_key.encrypted_key, " 2121 "where key_rec->enc_key_size = [%d]\n", 2122 key_rec->enc_key_size); 2123 memcpy(key_rec->enc_key, 2124 auth_tok->session_key.encrypted_key, 2125 key_rec->enc_key_size); 2126 goto encrypted_session_key_set; 2127 } 2128 if (auth_tok->token.password.flags & 2129 ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET) { 2130 ecryptfs_printk(KERN_DEBUG, "Using previously generated " 2131 "session key encryption key of size [%d]\n", 2132 auth_tok->token.password. 2133 session_key_encryption_key_bytes); 2134 memcpy(session_key_encryption_key, 2135 auth_tok->token.password.session_key_encryption_key, 2136 crypt_stat->key_size); 2137 ecryptfs_printk(KERN_DEBUG, 2138 "Cached session key " "encryption key: \n"); 2139 if (ecryptfs_verbosity > 0) 2140 ecryptfs_dump_hex(session_key_encryption_key, 16); 2141 } 2142 if (unlikely(ecryptfs_verbosity > 0)) { 2143 ecryptfs_printk(KERN_DEBUG, "Session key encryption key:\n"); 2144 ecryptfs_dump_hex(session_key_encryption_key, 16); 2145 } 2146 rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size, 2147 src_sg, 2); 2148 if (rc < 1 || rc > 2) { 2149 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2150 "for crypt_stat session key; expected rc = 1; " 2151 "got rc = [%d]. key_rec->enc_key_size = [%d]\n", 2152 rc, key_rec->enc_key_size); 2153 rc = -ENOMEM; 2154 goto out; 2155 } 2156 rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size, 2157 dst_sg, 2); 2158 if (rc < 1 || rc > 2) { 2159 ecryptfs_printk(KERN_ERR, "Error generating scatterlist " 2160 "for crypt_stat encrypted session key; " 2161 "expected rc = 1; got rc = [%d]. " 2162 "key_rec->enc_key_size = [%d]\n", rc, 2163 key_rec->enc_key_size); 2164 rc = -ENOMEM; 2165 goto out; 2166 } 2167 mutex_lock(tfm_mutex); 2168 rc = crypto_blkcipher_setkey(desc.tfm, session_key_encryption_key, 2169 crypt_stat->key_size); 2170 if (rc < 0) { 2171 mutex_unlock(tfm_mutex); 2172 ecryptfs_printk(KERN_ERR, "Error setting key for crypto " 2173 "context; rc = [%d]\n", rc); 2174 goto out; 2175 } 2176 rc = 0; 2177 ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n", 2178 crypt_stat->key_size); 2179 rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg, 2180 (*key_rec).enc_key_size); 2181 mutex_unlock(tfm_mutex); 2182 if (rc) { 2183 printk(KERN_ERR "Error encrypting; rc = [%d]\n", rc); 2184 goto out; 2185 } 2186 ecryptfs_printk(KERN_DEBUG, "This should be the encrypted key:\n"); 2187 if (ecryptfs_verbosity > 0) { 2188 ecryptfs_printk(KERN_DEBUG, "EFEK of size [%d]:\n", 2189 key_rec->enc_key_size); 2190 ecryptfs_dump_hex(key_rec->enc_key, 2191 key_rec->enc_key_size); 2192 } 2193 encrypted_session_key_set: 2194 /* This format is inspired by OpenPGP; see RFC 2440 2195 * packet tag 3 */ 2196 max_packet_size = (1 /* Tag 3 identifier */ 2197 + 3 /* Max Tag 3 packet size */ 2198 + 1 /* Version */ 2199 + 1 /* Cipher code */ 2200 + 1 /* S2K specifier */ 2201 + 1 /* Hash identifier */ 2202 + ECRYPTFS_SALT_SIZE /* Salt */ 2203 + 1 /* Hash iterations */ 2204 + key_rec->enc_key_size); /* Encrypted key size */ 2205 if (max_packet_size > (*remaining_bytes)) { 2206 printk(KERN_ERR "Packet too large; need up to [%td] bytes, but " 2207 "there are only [%td] available\n", max_packet_size, 2208 (*remaining_bytes)); 2209 rc = -EINVAL; 2210 goto out; 2211 } 2212 dest[(*packet_size)++] = ECRYPTFS_TAG_3_PACKET_TYPE; 2213 /* Chop off the Tag 3 identifier(1) and Tag 3 packet size(3) 2214 * to get the number of octets in the actual Tag 3 packet */ 2215 rc = ecryptfs_write_packet_length(&dest[(*packet_size)], 2216 (max_packet_size - 4), 2217 &packet_size_length); 2218 if (rc) { 2219 printk(KERN_ERR "Error generating tag 3 packet header; cannot " 2220 "generate packet length. rc = [%d]\n", rc); 2221 goto out; 2222 } 2223 (*packet_size) += packet_size_length; 2224 dest[(*packet_size)++] = 0x04; /* version 4 */ 2225 /* TODO: Break from RFC2440 so that arbitrary ciphers can be 2226 * specified with strings */ 2227 cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher, 2228 crypt_stat->key_size); 2229 if (cipher_code == 0) { 2230 ecryptfs_printk(KERN_WARNING, "Unable to generate code for " 2231 "cipher [%s]\n", crypt_stat->cipher); 2232 rc = -EINVAL; 2233 goto out; 2234 } 2235 dest[(*packet_size)++] = cipher_code; 2236 dest[(*packet_size)++] = 0x03; /* S2K */ 2237 dest[(*packet_size)++] = 0x01; /* MD5 (TODO: parameterize) */ 2238 memcpy(&dest[(*packet_size)], auth_tok->token.password.salt, 2239 ECRYPTFS_SALT_SIZE); 2240 (*packet_size) += ECRYPTFS_SALT_SIZE; /* salt */ 2241 dest[(*packet_size)++] = 0x60; /* hash iterations (65536) */ 2242 memcpy(&dest[(*packet_size)], key_rec->enc_key, 2243 key_rec->enc_key_size); 2244 (*packet_size) += key_rec->enc_key_size; 2245 out: 2246 if (rc) 2247 (*packet_size) = 0; 2248 else 2249 (*remaining_bytes) -= (*packet_size); 2250 return rc; 2251 } 2252 2253 struct kmem_cache *ecryptfs_key_record_cache; 2254 2255 /** 2256 * ecryptfs_generate_key_packet_set 2257 * @dest_base: Virtual address from which to write the key record set 2258 * @crypt_stat: The cryptographic context from which the 2259 * authentication tokens will be retrieved 2260 * @ecryptfs_dentry: The dentry, used to retrieve the mount crypt stat 2261 * for the global parameters 2262 * @len: The amount written 2263 * @max: The maximum amount of data allowed to be written 2264 * 2265 * Generates a key packet set and writes it to the virtual address 2266 * passed in. 2267 * 2268 * Returns zero on success; non-zero on error. 2269 */ 2270 int 2271 ecryptfs_generate_key_packet_set(char *dest_base, 2272 struct ecryptfs_crypt_stat *crypt_stat, 2273 struct dentry *ecryptfs_dentry, size_t *len, 2274 size_t max) 2275 { 2276 struct ecryptfs_auth_tok *auth_tok; 2277 struct ecryptfs_global_auth_tok *global_auth_tok; 2278 struct ecryptfs_mount_crypt_stat *mount_crypt_stat = 2279 &ecryptfs_superblock_to_private( 2280 ecryptfs_dentry->d_sb)->mount_crypt_stat; 2281 size_t written; 2282 struct ecryptfs_key_record *key_rec; 2283 struct ecryptfs_key_sig *key_sig; 2284 int rc = 0; 2285 2286 (*len) = 0; 2287 mutex_lock(&crypt_stat->keysig_list_mutex); 2288 key_rec = kmem_cache_alloc(ecryptfs_key_record_cache, GFP_KERNEL); 2289 if (!key_rec) { 2290 rc = -ENOMEM; 2291 goto out; 2292 } 2293 list_for_each_entry(key_sig, &crypt_stat->keysig_list, 2294 crypt_stat_list) { 2295 memset(key_rec, 0, sizeof(*key_rec)); 2296 rc = ecryptfs_find_global_auth_tok_for_sig(&global_auth_tok, 2297 mount_crypt_stat, 2298 key_sig->keysig); 2299 if (rc) { 2300 printk(KERN_ERR "Error attempting to get the global " 2301 "auth_tok; rc = [%d]\n", rc); 2302 goto out_free; 2303 } 2304 if (global_auth_tok->flags & ECRYPTFS_AUTH_TOK_INVALID) { 2305 printk(KERN_WARNING 2306 "Skipping invalid auth tok with sig = [%s]\n", 2307 global_auth_tok->sig); 2308 continue; 2309 } 2310 auth_tok = global_auth_tok->global_auth_tok; 2311 if (auth_tok->token_type == ECRYPTFS_PASSWORD) { 2312 rc = write_tag_3_packet((dest_base + (*len)), 2313 &max, auth_tok, 2314 crypt_stat, key_rec, 2315 &written); 2316 if (rc) { 2317 ecryptfs_printk(KERN_WARNING, "Error " 2318 "writing tag 3 packet\n"); 2319 goto out_free; 2320 } 2321 (*len) += written; 2322 /* Write auth tok signature packet */ 2323 rc = write_tag_11_packet((dest_base + (*len)), &max, 2324 key_rec->sig, 2325 ECRYPTFS_SIG_SIZE, &written); 2326 if (rc) { 2327 ecryptfs_printk(KERN_ERR, "Error writing " 2328 "auth tok signature packet\n"); 2329 goto out_free; 2330 } 2331 (*len) += written; 2332 } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) { 2333 rc = write_tag_1_packet(dest_base + (*len), 2334 &max, auth_tok, 2335 crypt_stat, key_rec, &written); 2336 if (rc) { 2337 ecryptfs_printk(KERN_WARNING, "Error " 2338 "writing tag 1 packet\n"); 2339 goto out_free; 2340 } 2341 (*len) += written; 2342 } else { 2343 ecryptfs_printk(KERN_WARNING, "Unsupported " 2344 "authentication token type\n"); 2345 rc = -EINVAL; 2346 goto out_free; 2347 } 2348 } 2349 if (likely(max > 0)) { 2350 dest_base[(*len)] = 0x00; 2351 } else { 2352 ecryptfs_printk(KERN_ERR, "Error writing boundary byte\n"); 2353 rc = -EIO; 2354 } 2355 out_free: 2356 kmem_cache_free(ecryptfs_key_record_cache, key_rec); 2357 out: 2358 if (rc) 2359 (*len) = 0; 2360 mutex_unlock(&crypt_stat->keysig_list_mutex); 2361 return rc; 2362 } 2363 2364 struct kmem_cache *ecryptfs_key_sig_cache; 2365 2366 int ecryptfs_add_keysig(struct ecryptfs_crypt_stat *crypt_stat, char *sig) 2367 { 2368 struct ecryptfs_key_sig *new_key_sig; 2369 int rc = 0; 2370 2371 new_key_sig = kmem_cache_alloc(ecryptfs_key_sig_cache, GFP_KERNEL); 2372 if (!new_key_sig) { 2373 rc = -ENOMEM; 2374 printk(KERN_ERR 2375 "Error allocating from ecryptfs_key_sig_cache\n"); 2376 goto out; 2377 } 2378 memcpy(new_key_sig->keysig, sig, ECRYPTFS_SIG_SIZE_HEX); 2379 mutex_lock(&crypt_stat->keysig_list_mutex); 2380 list_add(&new_key_sig->crypt_stat_list, &crypt_stat->keysig_list); 2381 mutex_unlock(&crypt_stat->keysig_list_mutex); 2382 out: 2383 return rc; 2384 } 2385 2386 struct kmem_cache *ecryptfs_global_auth_tok_cache; 2387 2388 int 2389 ecryptfs_add_global_auth_tok(struct ecryptfs_mount_crypt_stat *mount_crypt_stat, 2390 char *sig, u32 global_auth_tok_flags) 2391 { 2392 struct ecryptfs_global_auth_tok *new_auth_tok; 2393 int rc = 0; 2394 2395 new_auth_tok = kmem_cache_zalloc(ecryptfs_global_auth_tok_cache, 2396 GFP_KERNEL); 2397 if (!new_auth_tok) { 2398 rc = -ENOMEM; 2399 printk(KERN_ERR "Error allocating from " 2400 "ecryptfs_global_auth_tok_cache\n"); 2401 goto out; 2402 } 2403 memcpy(new_auth_tok->sig, sig, ECRYPTFS_SIG_SIZE_HEX); 2404 new_auth_tok->flags = global_auth_tok_flags; 2405 new_auth_tok->sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; 2406 mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex); 2407 list_add(&new_auth_tok->mount_crypt_stat_list, 2408 &mount_crypt_stat->global_auth_tok_list); 2409 mount_crypt_stat->num_global_auth_toks++; 2410 mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex); 2411 out: 2412 return rc; 2413 } 2414 2415