xref: /linux/include/linux/fscrypt.h (revision ec8a42e7343234802b9054874fe01810880289ce)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  * fscrypt.h: declarations for per-file encryption
4  *
5  * Filesystems that implement per-file encryption must include this header
6  * file.
7  *
8  * Copyright (C) 2015, Google, Inc.
9  *
10  * Written by Michael Halcrow, 2015.
11  * Modified by Jaegeuk Kim, 2015.
12  */
13 #ifndef _LINUX_FSCRYPT_H
14 #define _LINUX_FSCRYPT_H
15 
16 #include <linux/fs.h>
17 #include <linux/mm.h>
18 #include <linux/slab.h>
19 #include <uapi/linux/fscrypt.h>
20 
21 #define FS_CRYPTO_BLOCK_SIZE		16
22 
23 union fscrypt_policy;
24 struct fscrypt_info;
25 struct seq_file;
26 
27 struct fscrypt_str {
28 	unsigned char *name;
29 	u32 len;
30 };
31 
32 struct fscrypt_name {
33 	const struct qstr *usr_fname;
34 	struct fscrypt_str disk_name;
35 	u32 hash;
36 	u32 minor_hash;
37 	struct fscrypt_str crypto_buf;
38 	bool is_nokey_name;
39 };
40 
41 #define FSTR_INIT(n, l)		{ .name = n, .len = l }
42 #define FSTR_TO_QSTR(f)		QSTR_INIT((f)->name, (f)->len)
43 #define fname_name(p)		((p)->disk_name.name)
44 #define fname_len(p)		((p)->disk_name.len)
45 
46 /* Maximum value for the third parameter of fscrypt_operations.set_context(). */
47 #define FSCRYPT_SET_CONTEXT_MAX_SIZE	40
48 
49 #ifdef CONFIG_FS_ENCRYPTION
50 /*
51  * fscrypt superblock flags
52  */
53 #define FS_CFLG_OWN_PAGES (1U << 1)
54 
55 /*
56  * crypto operations for filesystems
57  */
58 struct fscrypt_operations {
59 	unsigned int flags;
60 	const char *key_prefix;
61 	int (*get_context)(struct inode *inode, void *ctx, size_t len);
62 	int (*set_context)(struct inode *inode, const void *ctx, size_t len,
63 			   void *fs_data);
64 	const union fscrypt_policy *(*get_dummy_policy)(struct super_block *sb);
65 	bool (*empty_dir)(struct inode *inode);
66 	unsigned int max_namelen;
67 	bool (*has_stable_inodes)(struct super_block *sb);
68 	void (*get_ino_and_lblk_bits)(struct super_block *sb,
69 				      int *ino_bits_ret, int *lblk_bits_ret);
70 	int (*get_num_devices)(struct super_block *sb);
71 	void (*get_devices)(struct super_block *sb,
72 			    struct request_queue **devs);
73 };
74 
75 static inline struct fscrypt_info *fscrypt_get_info(const struct inode *inode)
76 {
77 	/*
78 	 * Pairs with the cmpxchg_release() in fscrypt_setup_encryption_info().
79 	 * I.e., another task may publish ->i_crypt_info concurrently, executing
80 	 * a RELEASE barrier.  We need to use smp_load_acquire() here to safely
81 	 * ACQUIRE the memory the other task published.
82 	 */
83 	return smp_load_acquire(&inode->i_crypt_info);
84 }
85 
86 /**
87  * fscrypt_needs_contents_encryption() - check whether an inode needs
88  *					 contents encryption
89  * @inode: the inode to check
90  *
91  * Return: %true iff the inode is an encrypted regular file and the kernel was
92  * built with fscrypt support.
93  *
94  * If you need to know whether the encrypt bit is set even when the kernel was
95  * built without fscrypt support, you must use IS_ENCRYPTED() directly instead.
96  */
97 static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
98 {
99 	return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode);
100 }
101 
102 /*
103  * When d_splice_alias() moves a directory's no-key alias to its plaintext alias
104  * as a result of the encryption key being added, DCACHE_NOKEY_NAME must be
105  * cleared.  Note that we don't have to support arbitrary moves of this flag
106  * because fscrypt doesn't allow no-key names to be the source or target of a
107  * rename().
108  */
109 static inline void fscrypt_handle_d_move(struct dentry *dentry)
110 {
111 	dentry->d_flags &= ~DCACHE_NOKEY_NAME;
112 }
113 
114 /**
115  * fscrypt_is_nokey_name() - test whether a dentry is a no-key name
116  * @dentry: the dentry to check
117  *
118  * This returns true if the dentry is a no-key dentry.  A no-key dentry is a
119  * dentry that was created in an encrypted directory that hasn't had its
120  * encryption key added yet.  Such dentries may be either positive or negative.
121  *
122  * When a filesystem is asked to create a new filename in an encrypted directory
123  * and the new filename's dentry is a no-key dentry, it must fail the operation
124  * with ENOKEY.  This includes ->create(), ->mkdir(), ->mknod(), ->symlink(),
125  * ->rename(), and ->link().  (However, ->rename() and ->link() are already
126  * handled by fscrypt_prepare_rename() and fscrypt_prepare_link().)
127  *
128  * This is necessary because creating a filename requires the directory's
129  * encryption key, but just checking for the key on the directory inode during
130  * the final filesystem operation doesn't guarantee that the key was available
131  * during the preceding dentry lookup.  And the key must have already been
132  * available during the dentry lookup in order for it to have been checked
133  * whether the filename already exists in the directory and for the new file's
134  * dentry not to be invalidated due to it incorrectly having the no-key flag.
135  *
136  * Return: %true if the dentry is a no-key name
137  */
138 static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
139 {
140 	return dentry->d_flags & DCACHE_NOKEY_NAME;
141 }
142 
143 /* crypto.c */
144 void fscrypt_enqueue_decrypt_work(struct work_struct *);
145 
146 struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
147 					      unsigned int len,
148 					      unsigned int offs,
149 					      gfp_t gfp_flags);
150 int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page,
151 				  unsigned int len, unsigned int offs,
152 				  u64 lblk_num, gfp_t gfp_flags);
153 
154 int fscrypt_decrypt_pagecache_blocks(struct page *page, unsigned int len,
155 				     unsigned int offs);
156 int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page,
157 				  unsigned int len, unsigned int offs,
158 				  u64 lblk_num);
159 
160 static inline bool fscrypt_is_bounce_page(struct page *page)
161 {
162 	return page->mapping == NULL;
163 }
164 
165 static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
166 {
167 	return (struct page *)page_private(bounce_page);
168 }
169 
170 void fscrypt_free_bounce_page(struct page *bounce_page);
171 
172 /* policy.c */
173 int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg);
174 int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg);
175 int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *arg);
176 int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg);
177 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child);
178 int fscrypt_set_context(struct inode *inode, void *fs_data);
179 
180 struct fscrypt_dummy_policy {
181 	const union fscrypt_policy *policy;
182 };
183 
184 int fscrypt_set_test_dummy_encryption(struct super_block *sb, const char *arg,
185 				struct fscrypt_dummy_policy *dummy_policy);
186 void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep,
187 					struct super_block *sb);
188 static inline void
189 fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
190 {
191 	kfree(dummy_policy->policy);
192 	dummy_policy->policy = NULL;
193 }
194 
195 /* keyring.c */
196 void fscrypt_sb_free(struct super_block *sb);
197 int fscrypt_ioctl_add_key(struct file *filp, void __user *arg);
198 int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg);
199 int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *arg);
200 int fscrypt_ioctl_get_key_status(struct file *filp, void __user *arg);
201 
202 /* keysetup.c */
203 int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode,
204 			      bool *encrypt_ret);
205 void fscrypt_put_encryption_info(struct inode *inode);
206 void fscrypt_free_inode(struct inode *inode);
207 int fscrypt_drop_inode(struct inode *inode);
208 
209 /* fname.c */
210 int fscrypt_setup_filename(struct inode *inode, const struct qstr *iname,
211 			   int lookup, struct fscrypt_name *fname);
212 
213 static inline void fscrypt_free_filename(struct fscrypt_name *fname)
214 {
215 	kfree(fname->crypto_buf.name);
216 }
217 
218 int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
219 			       struct fscrypt_str *crypto_str);
220 void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str);
221 int fscrypt_fname_disk_to_usr(const struct inode *inode,
222 			      u32 hash, u32 minor_hash,
223 			      const struct fscrypt_str *iname,
224 			      struct fscrypt_str *oname);
225 bool fscrypt_match_name(const struct fscrypt_name *fname,
226 			const u8 *de_name, u32 de_name_len);
227 u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
228 int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags);
229 
230 /* bio.c */
231 void fscrypt_decrypt_bio(struct bio *bio);
232 int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
233 			  sector_t pblk, unsigned int len);
234 
235 /* hooks.c */
236 int fscrypt_file_open(struct inode *inode, struct file *filp);
237 int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
238 			   struct dentry *dentry);
239 int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
240 			     struct inode *new_dir, struct dentry *new_dentry,
241 			     unsigned int flags);
242 int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
243 			     struct fscrypt_name *fname);
244 int __fscrypt_prepare_readdir(struct inode *dir);
245 int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr);
246 int fscrypt_prepare_setflags(struct inode *inode,
247 			     unsigned int oldflags, unsigned int flags);
248 int fscrypt_prepare_symlink(struct inode *dir, const char *target,
249 			    unsigned int len, unsigned int max_len,
250 			    struct fscrypt_str *disk_link);
251 int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
252 			      unsigned int len, struct fscrypt_str *disk_link);
253 const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
254 				unsigned int max_size,
255 				struct delayed_call *done);
256 static inline void fscrypt_set_ops(struct super_block *sb,
257 				   const struct fscrypt_operations *s_cop)
258 {
259 	sb->s_cop = s_cop;
260 }
261 #else  /* !CONFIG_FS_ENCRYPTION */
262 
263 static inline struct fscrypt_info *fscrypt_get_info(const struct inode *inode)
264 {
265 	return NULL;
266 }
267 
268 static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
269 {
270 	return false;
271 }
272 
273 static inline void fscrypt_handle_d_move(struct dentry *dentry)
274 {
275 }
276 
277 static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
278 {
279 	return false;
280 }
281 
282 /* crypto.c */
283 static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work)
284 {
285 }
286 
287 static inline struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
288 							    unsigned int len,
289 							    unsigned int offs,
290 							    gfp_t gfp_flags)
291 {
292 	return ERR_PTR(-EOPNOTSUPP);
293 }
294 
295 static inline int fscrypt_encrypt_block_inplace(const struct inode *inode,
296 						struct page *page,
297 						unsigned int len,
298 						unsigned int offs, u64 lblk_num,
299 						gfp_t gfp_flags)
300 {
301 	return -EOPNOTSUPP;
302 }
303 
304 static inline int fscrypt_decrypt_pagecache_blocks(struct page *page,
305 						   unsigned int len,
306 						   unsigned int offs)
307 {
308 	return -EOPNOTSUPP;
309 }
310 
311 static inline int fscrypt_decrypt_block_inplace(const struct inode *inode,
312 						struct page *page,
313 						unsigned int len,
314 						unsigned int offs, u64 lblk_num)
315 {
316 	return -EOPNOTSUPP;
317 }
318 
319 static inline bool fscrypt_is_bounce_page(struct page *page)
320 {
321 	return false;
322 }
323 
324 static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
325 {
326 	WARN_ON_ONCE(1);
327 	return ERR_PTR(-EINVAL);
328 }
329 
330 static inline void fscrypt_free_bounce_page(struct page *bounce_page)
331 {
332 }
333 
334 /* policy.c */
335 static inline int fscrypt_ioctl_set_policy(struct file *filp,
336 					   const void __user *arg)
337 {
338 	return -EOPNOTSUPP;
339 }
340 
341 static inline int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
342 {
343 	return -EOPNOTSUPP;
344 }
345 
346 static inline int fscrypt_ioctl_get_policy_ex(struct file *filp,
347 					      void __user *arg)
348 {
349 	return -EOPNOTSUPP;
350 }
351 
352 static inline int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
353 {
354 	return -EOPNOTSUPP;
355 }
356 
357 static inline int fscrypt_has_permitted_context(struct inode *parent,
358 						struct inode *child)
359 {
360 	return 0;
361 }
362 
363 static inline int fscrypt_set_context(struct inode *inode, void *fs_data)
364 {
365 	return -EOPNOTSUPP;
366 }
367 
368 struct fscrypt_dummy_policy {
369 };
370 
371 static inline void fscrypt_show_test_dummy_encryption(struct seq_file *seq,
372 						      char sep,
373 						      struct super_block *sb)
374 {
375 }
376 
377 static inline void
378 fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
379 {
380 }
381 
382 /* keyring.c */
383 static inline void fscrypt_sb_free(struct super_block *sb)
384 {
385 }
386 
387 static inline int fscrypt_ioctl_add_key(struct file *filp, void __user *arg)
388 {
389 	return -EOPNOTSUPP;
390 }
391 
392 static inline int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg)
393 {
394 	return -EOPNOTSUPP;
395 }
396 
397 static inline int fscrypt_ioctl_remove_key_all_users(struct file *filp,
398 						     void __user *arg)
399 {
400 	return -EOPNOTSUPP;
401 }
402 
403 static inline int fscrypt_ioctl_get_key_status(struct file *filp,
404 					       void __user *arg)
405 {
406 	return -EOPNOTSUPP;
407 }
408 
409 /* keysetup.c */
410 
411 static inline int fscrypt_prepare_new_inode(struct inode *dir,
412 					    struct inode *inode,
413 					    bool *encrypt_ret)
414 {
415 	if (IS_ENCRYPTED(dir))
416 		return -EOPNOTSUPP;
417 	return 0;
418 }
419 
420 static inline void fscrypt_put_encryption_info(struct inode *inode)
421 {
422 	return;
423 }
424 
425 static inline void fscrypt_free_inode(struct inode *inode)
426 {
427 }
428 
429 static inline int fscrypt_drop_inode(struct inode *inode)
430 {
431 	return 0;
432 }
433 
434  /* fname.c */
435 static inline int fscrypt_setup_filename(struct inode *dir,
436 					 const struct qstr *iname,
437 					 int lookup, struct fscrypt_name *fname)
438 {
439 	if (IS_ENCRYPTED(dir))
440 		return -EOPNOTSUPP;
441 
442 	memset(fname, 0, sizeof(*fname));
443 	fname->usr_fname = iname;
444 	fname->disk_name.name = (unsigned char *)iname->name;
445 	fname->disk_name.len = iname->len;
446 	return 0;
447 }
448 
449 static inline void fscrypt_free_filename(struct fscrypt_name *fname)
450 {
451 	return;
452 }
453 
454 static inline int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
455 					     struct fscrypt_str *crypto_str)
456 {
457 	return -EOPNOTSUPP;
458 }
459 
460 static inline void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
461 {
462 	return;
463 }
464 
465 static inline int fscrypt_fname_disk_to_usr(const struct inode *inode,
466 					    u32 hash, u32 minor_hash,
467 					    const struct fscrypt_str *iname,
468 					    struct fscrypt_str *oname)
469 {
470 	return -EOPNOTSUPP;
471 }
472 
473 static inline bool fscrypt_match_name(const struct fscrypt_name *fname,
474 				      const u8 *de_name, u32 de_name_len)
475 {
476 	/* Encryption support disabled; use standard comparison */
477 	if (de_name_len != fname->disk_name.len)
478 		return false;
479 	return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len);
480 }
481 
482 static inline u64 fscrypt_fname_siphash(const struct inode *dir,
483 					const struct qstr *name)
484 {
485 	WARN_ON_ONCE(1);
486 	return 0;
487 }
488 
489 static inline int fscrypt_d_revalidate(struct dentry *dentry,
490 				       unsigned int flags)
491 {
492 	return 1;
493 }
494 
495 /* bio.c */
496 static inline void fscrypt_decrypt_bio(struct bio *bio)
497 {
498 }
499 
500 static inline int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
501 					sector_t pblk, unsigned int len)
502 {
503 	return -EOPNOTSUPP;
504 }
505 
506 /* hooks.c */
507 
508 static inline int fscrypt_file_open(struct inode *inode, struct file *filp)
509 {
510 	if (IS_ENCRYPTED(inode))
511 		return -EOPNOTSUPP;
512 	return 0;
513 }
514 
515 static inline int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
516 					 struct dentry *dentry)
517 {
518 	return -EOPNOTSUPP;
519 }
520 
521 static inline int __fscrypt_prepare_rename(struct inode *old_dir,
522 					   struct dentry *old_dentry,
523 					   struct inode *new_dir,
524 					   struct dentry *new_dentry,
525 					   unsigned int flags)
526 {
527 	return -EOPNOTSUPP;
528 }
529 
530 static inline int __fscrypt_prepare_lookup(struct inode *dir,
531 					   struct dentry *dentry,
532 					   struct fscrypt_name *fname)
533 {
534 	return -EOPNOTSUPP;
535 }
536 
537 static inline int __fscrypt_prepare_readdir(struct inode *dir)
538 {
539 	return -EOPNOTSUPP;
540 }
541 
542 static inline int __fscrypt_prepare_setattr(struct dentry *dentry,
543 					    struct iattr *attr)
544 {
545 	return -EOPNOTSUPP;
546 }
547 
548 static inline int fscrypt_prepare_setflags(struct inode *inode,
549 					   unsigned int oldflags,
550 					   unsigned int flags)
551 {
552 	return 0;
553 }
554 
555 static inline int fscrypt_prepare_symlink(struct inode *dir,
556 					  const char *target,
557 					  unsigned int len,
558 					  unsigned int max_len,
559 					  struct fscrypt_str *disk_link)
560 {
561 	if (IS_ENCRYPTED(dir))
562 		return -EOPNOTSUPP;
563 	disk_link->name = (unsigned char *)target;
564 	disk_link->len = len + 1;
565 	if (disk_link->len > max_len)
566 		return -ENAMETOOLONG;
567 	return 0;
568 }
569 
570 static inline int __fscrypt_encrypt_symlink(struct inode *inode,
571 					    const char *target,
572 					    unsigned int len,
573 					    struct fscrypt_str *disk_link)
574 {
575 	return -EOPNOTSUPP;
576 }
577 
578 static inline const char *fscrypt_get_symlink(struct inode *inode,
579 					      const void *caddr,
580 					      unsigned int max_size,
581 					      struct delayed_call *done)
582 {
583 	return ERR_PTR(-EOPNOTSUPP);
584 }
585 
586 static inline void fscrypt_set_ops(struct super_block *sb,
587 				   const struct fscrypt_operations *s_cop)
588 {
589 }
590 
591 #endif	/* !CONFIG_FS_ENCRYPTION */
592 
593 /* inline_crypt.c */
594 #ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
595 
596 bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode);
597 
598 void fscrypt_set_bio_crypt_ctx(struct bio *bio,
599 			       const struct inode *inode, u64 first_lblk,
600 			       gfp_t gfp_mask);
601 
602 void fscrypt_set_bio_crypt_ctx_bh(struct bio *bio,
603 				  const struct buffer_head *first_bh,
604 				  gfp_t gfp_mask);
605 
606 bool fscrypt_mergeable_bio(struct bio *bio, const struct inode *inode,
607 			   u64 next_lblk);
608 
609 bool fscrypt_mergeable_bio_bh(struct bio *bio,
610 			      const struct buffer_head *next_bh);
611 
612 #else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
613 
614 static inline bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode)
615 {
616 	return false;
617 }
618 
619 static inline void fscrypt_set_bio_crypt_ctx(struct bio *bio,
620 					     const struct inode *inode,
621 					     u64 first_lblk, gfp_t gfp_mask) { }
622 
623 static inline void fscrypt_set_bio_crypt_ctx_bh(
624 					 struct bio *bio,
625 					 const struct buffer_head *first_bh,
626 					 gfp_t gfp_mask) { }
627 
628 static inline bool fscrypt_mergeable_bio(struct bio *bio,
629 					 const struct inode *inode,
630 					 u64 next_lblk)
631 {
632 	return true;
633 }
634 
635 static inline bool fscrypt_mergeable_bio_bh(struct bio *bio,
636 					    const struct buffer_head *next_bh)
637 {
638 	return true;
639 }
640 #endif /* !CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
641 
642 /**
643  * fscrypt_inode_uses_inline_crypto() - test whether an inode uses inline
644  *					encryption
645  * @inode: an inode. If encrypted, its key must be set up.
646  *
647  * Return: true if the inode requires file contents encryption and if the
648  *	   encryption should be done in the block layer via blk-crypto rather
649  *	   than in the filesystem layer.
650  */
651 static inline bool fscrypt_inode_uses_inline_crypto(const struct inode *inode)
652 {
653 	return fscrypt_needs_contents_encryption(inode) &&
654 	       __fscrypt_inode_uses_inline_crypto(inode);
655 }
656 
657 /**
658  * fscrypt_inode_uses_fs_layer_crypto() - test whether an inode uses fs-layer
659  *					  encryption
660  * @inode: an inode. If encrypted, its key must be set up.
661  *
662  * Return: true if the inode requires file contents encryption and if the
663  *	   encryption should be done in the filesystem layer rather than in the
664  *	   block layer via blk-crypto.
665  */
666 static inline bool fscrypt_inode_uses_fs_layer_crypto(const struct inode *inode)
667 {
668 	return fscrypt_needs_contents_encryption(inode) &&
669 	       !__fscrypt_inode_uses_inline_crypto(inode);
670 }
671 
672 /**
673  * fscrypt_has_encryption_key() - check whether an inode has had its key set up
674  * @inode: the inode to check
675  *
676  * Return: %true if the inode has had its encryption key set up, else %false.
677  *
678  * Usually this should be preceded by fscrypt_get_encryption_info() to try to
679  * set up the key first.
680  */
681 static inline bool fscrypt_has_encryption_key(const struct inode *inode)
682 {
683 	return fscrypt_get_info(inode) != NULL;
684 }
685 
686 /**
687  * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
688  *			    directory
689  * @old_dentry: an existing dentry for the inode being linked
690  * @dir: the target directory
691  * @dentry: negative dentry for the target filename
692  *
693  * A new link can only be added to an encrypted directory if the directory's
694  * encryption key is available --- since otherwise we'd have no way to encrypt
695  * the filename.
696  *
697  * We also verify that the link will not violate the constraint that all files
698  * in an encrypted directory tree use the same encryption policy.
699  *
700  * Return: 0 on success, -ENOKEY if the directory's encryption key is missing,
701  * -EXDEV if the link would result in an inconsistent encryption policy, or
702  * another -errno code.
703  */
704 static inline int fscrypt_prepare_link(struct dentry *old_dentry,
705 				       struct inode *dir,
706 				       struct dentry *dentry)
707 {
708 	if (IS_ENCRYPTED(dir))
709 		return __fscrypt_prepare_link(d_inode(old_dentry), dir, dentry);
710 	return 0;
711 }
712 
713 /**
714  * fscrypt_prepare_rename() - prepare for a rename between possibly-encrypted
715  *			      directories
716  * @old_dir: source directory
717  * @old_dentry: dentry for source file
718  * @new_dir: target directory
719  * @new_dentry: dentry for target location (may be negative unless exchanging)
720  * @flags: rename flags (we care at least about %RENAME_EXCHANGE)
721  *
722  * Prepare for ->rename() where the source and/or target directories may be
723  * encrypted.  A new link can only be added to an encrypted directory if the
724  * directory's encryption key is available --- since otherwise we'd have no way
725  * to encrypt the filename.  A rename to an existing name, on the other hand,
726  * *is* cryptographically possible without the key.  However, we take the more
727  * conservative approach and just forbid all no-key renames.
728  *
729  * We also verify that the rename will not violate the constraint that all files
730  * in an encrypted directory tree use the same encryption policy.
731  *
732  * Return: 0 on success, -ENOKEY if an encryption key is missing, -EXDEV if the
733  * rename would cause inconsistent encryption policies, or another -errno code.
734  */
735 static inline int fscrypt_prepare_rename(struct inode *old_dir,
736 					 struct dentry *old_dentry,
737 					 struct inode *new_dir,
738 					 struct dentry *new_dentry,
739 					 unsigned int flags)
740 {
741 	if (IS_ENCRYPTED(old_dir) || IS_ENCRYPTED(new_dir))
742 		return __fscrypt_prepare_rename(old_dir, old_dentry,
743 						new_dir, new_dentry, flags);
744 	return 0;
745 }
746 
747 /**
748  * fscrypt_prepare_lookup() - prepare to lookup a name in a possibly-encrypted
749  *			      directory
750  * @dir: directory being searched
751  * @dentry: filename being looked up
752  * @fname: (output) the name to use to search the on-disk directory
753  *
754  * Prepare for ->lookup() in a directory which may be encrypted by determining
755  * the name that will actually be used to search the directory on-disk.  If the
756  * directory's encryption policy is supported by this kernel and its encryption
757  * key is available, then the lookup is assumed to be by plaintext name;
758  * otherwise, it is assumed to be by no-key name.
759  *
760  * This will set DCACHE_NOKEY_NAME on the dentry if the lookup is by no-key
761  * name.  In this case the filesystem must assign the dentry a dentry_operations
762  * which contains fscrypt_d_revalidate (or contains a d_revalidate method that
763  * calls fscrypt_d_revalidate), so that the dentry will be invalidated if the
764  * directory's encryption key is later added.
765  *
766  * Return: 0 on success; -ENOENT if the directory's key is unavailable but the
767  * filename isn't a valid no-key name, so a negative dentry should be created;
768  * or another -errno code.
769  */
770 static inline int fscrypt_prepare_lookup(struct inode *dir,
771 					 struct dentry *dentry,
772 					 struct fscrypt_name *fname)
773 {
774 	if (IS_ENCRYPTED(dir))
775 		return __fscrypt_prepare_lookup(dir, dentry, fname);
776 
777 	memset(fname, 0, sizeof(*fname));
778 	fname->usr_fname = &dentry->d_name;
779 	fname->disk_name.name = (unsigned char *)dentry->d_name.name;
780 	fname->disk_name.len = dentry->d_name.len;
781 	return 0;
782 }
783 
784 /**
785  * fscrypt_prepare_readdir() - prepare to read a possibly-encrypted directory
786  * @dir: the directory inode
787  *
788  * If the directory is encrypted and it doesn't already have its encryption key
789  * set up, try to set it up so that the filenames will be listed in plaintext
790  * form rather than in no-key form.
791  *
792  * Return: 0 on success; -errno on error.  Note that the encryption key being
793  *	   unavailable is not considered an error.  It is also not an error if
794  *	   the encryption policy is unsupported by this kernel; that is treated
795  *	   like the key being unavailable, so that files can still be deleted.
796  */
797 static inline int fscrypt_prepare_readdir(struct inode *dir)
798 {
799 	if (IS_ENCRYPTED(dir))
800 		return __fscrypt_prepare_readdir(dir);
801 	return 0;
802 }
803 
804 /**
805  * fscrypt_prepare_setattr() - prepare to change a possibly-encrypted inode's
806  *			       attributes
807  * @dentry: dentry through which the inode is being changed
808  * @attr: attributes to change
809  *
810  * Prepare for ->setattr() on a possibly-encrypted inode.  On an encrypted file,
811  * most attribute changes are allowed even without the encryption key.  However,
812  * without the encryption key we do have to forbid truncates.  This is needed
813  * because the size being truncated to may not be a multiple of the filesystem
814  * block size, and in that case we'd have to decrypt the final block, zero the
815  * portion past i_size, and re-encrypt it.  (We *could* allow truncating to a
816  * filesystem block boundary, but it's simpler to just forbid all truncates ---
817  * and we already forbid all other contents modifications without the key.)
818  *
819  * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
820  * if a problem occurred while setting up the encryption key.
821  */
822 static inline int fscrypt_prepare_setattr(struct dentry *dentry,
823 					  struct iattr *attr)
824 {
825 	if (IS_ENCRYPTED(d_inode(dentry)))
826 		return __fscrypt_prepare_setattr(dentry, attr);
827 	return 0;
828 }
829 
830 /**
831  * fscrypt_encrypt_symlink() - encrypt the symlink target if needed
832  * @inode: symlink inode
833  * @target: plaintext symlink target
834  * @len: length of @target excluding null terminator
835  * @disk_link: (in/out) the on-disk symlink target being prepared
836  *
837  * If the symlink target needs to be encrypted, then this function encrypts it
838  * into @disk_link->name.  fscrypt_prepare_symlink() must have been called
839  * previously to compute @disk_link->len.  If the filesystem did not allocate a
840  * buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
841  * will be kmalloc()'ed and the filesystem will be responsible for freeing it.
842  *
843  * Return: 0 on success, -errno on failure
844  */
845 static inline int fscrypt_encrypt_symlink(struct inode *inode,
846 					  const char *target,
847 					  unsigned int len,
848 					  struct fscrypt_str *disk_link)
849 {
850 	if (IS_ENCRYPTED(inode))
851 		return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
852 	return 0;
853 }
854 
855 /* If *pagep is a bounce page, free it and set *pagep to the pagecache page */
856 static inline void fscrypt_finalize_bounce_page(struct page **pagep)
857 {
858 	struct page *page = *pagep;
859 
860 	if (fscrypt_is_bounce_page(page)) {
861 		*pagep = fscrypt_pagecache_page(page);
862 		fscrypt_free_bounce_page(page);
863 	}
864 }
865 
866 #endif	/* _LINUX_FSCRYPT_H */
867