fs/ext4/crypto.c

   1 // SPDX-License-Identifier: GPL-2.0
   2
   3 #include <linux/quotaops.h>
   4 #include <linux/uuid.h>
   5
   6 #include "ext4.h"
   7 #include "xattr.h"
   8 #include "ext4_jbd2.h"
   9
  10 static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
  11                                          const struct fscrypt_name *src)
  12 {
  13         memset(dst, 0, sizeof(*dst));
  14
  15         dst->usr_fname = src->usr_fname;
  16         dst->disk_name = src->disk_name;
  17         dst->hinfo.hash = src->hash;
  18         dst->hinfo.minor_hash = src->minor_hash;
  19         dst->crypto_buf = src->crypto_buf;
  20 }
  21
  22 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
  23                               int lookup, struct ext4_filename *fname)
  24 {
  25         struct fscrypt_name name;
  26         int err;
  27
  28         err = fscrypt_setup_filename(dir, iname, lookup, &name);
  29         if (err)
  30                 return err;
  31
  32         ext4_fname_from_fscrypt_name(fname, &name);
  33
  34         err = ext4_fname_setup_ci_filename(dir, iname, fname);
  35         if (err)
  36                 ext4_fname_free_filename(fname);
  37
  38         return err;
  39 }
  40
  41 int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
  42                               struct ext4_filename *fname)
  43 {
  44         struct fscrypt_name name;
  45         int err;
  46
  47         err = fscrypt_prepare_lookup(dir, dentry, &name);
  48         if (err)
  49                 return err;
  50
  51         ext4_fname_from_fscrypt_name(fname, &name);
  52
  53         err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
  54         if (err)
  55                 ext4_fname_free_filename(fname);
  56         return err;
  57 }
  58
  59 void ext4_fname_free_filename(struct ext4_filename *fname)
  60 {
  61         struct fscrypt_name name;
  62
  63         name.crypto_buf = fname->crypto_buf;
  64         fscrypt_free_filename(&name);
  65
  66         fname->crypto_buf.name = NULL;
  67         fname->usr_fname = NULL;
  68         fname->disk_name.name = NULL;
  69
  70         ext4_fname_free_ci_filename(fname);
  71 }
  72
  73 static bool uuid_is_zero(__u8 u[16])
  74 {
  75         int i;
  76
  77         for (i = 0; i < 16; i++)
  78                 if (u[i])
  79                         return false;
  80         return true;
  81 }
  82
  83 int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
  84 {
  85         struct super_block *sb = file_inode(filp)->i_sb;
  86         struct ext4_sb_info *sbi = EXT4_SB(sb);
  87         int err, err2;
  88         handle_t *handle;
  89
  90         if (!ext4_has_feature_encrypt(sb))
  91                 return -EOPNOTSUPP;
  92
  93         if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
  94                 err = mnt_want_write_file(filp);
  95                 if (err)
  96                         return err;
  97                 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
  98                 if (IS_ERR(handle)) {
  99                         err = PTR_ERR(handle);
 100                         goto pwsalt_err_exit;
 101                 }
 102                 err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
 103                                                     EXT4_JTR_NONE);
 104                 if (err)
 105                         goto pwsalt_err_journal;
 106                 lock_buffer(sbi->s_sbh);
 107                 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
 108                 ext4_superblock_csum_set(sb);
 109                 unlock_buffer(sbi->s_sbh);
 110                 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
 111 pwsalt_err_journal:
 112                 err2 = ext4_journal_stop(handle);
 113                 if (err2 && !err)
 114                         err = err2;
 115 pwsalt_err_exit:
 116                 mnt_drop_write_file(filp);
 117                 if (err)
 118                         return err;
 119         }
 120
 121         if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
 122                 return -EFAULT;
 123         return 0;
 124 }
 125
 126 static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
 127 {
 128         return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
 129                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
 130 }
 131
 132 static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
 133                                                         void *fs_data)
 134 {
 135         handle_t *handle = fs_data;
 136         int res, res2, credits, retries = 0;
 137
 138         /*
 139          * Encrypting the root directory is not allowed because e2fsck expects
 140          * lost+found to exist and be unencrypted, and encrypting the root
 141          * directory would imply encrypting the lost+found directory as well as
 142          * the filename "lost+found" itself.
 143          */
 144         if (inode->i_ino == EXT4_ROOT_INO)
 145                 return -EPERM;
 146
 147         if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
 148                 return -EINVAL;
 149
 150         if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
 151                 return -EOPNOTSUPP;
 152
 153         res = ext4_convert_inline_data(inode);
 154         if (res)
 155                 return res;
 156
 157         /*
 158          * If a journal handle was specified, then the encryption context is
 159          * being set on a new inode via inheritance and is part of a larger
 160          * transaction to create the inode.  Otherwise the encryption context is
 161          * being set on an existing inode in its own transaction.  Only in the
 162          * latter case should the "retry on ENOSPC" logic be used.
 163          */
 164
 165         if (handle) {
 166                 res = ext4_xattr_set_handle(handle, inode,
 167                                             EXT4_XATTR_INDEX_ENCRYPTION,
 168                                             EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 169                                             ctx, len, 0);
 170                 if (!res) {
 171                         ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 172                         ext4_clear_inode_state(inode,
 173                                         EXT4_STATE_MAY_INLINE_DATA);
 174                         /*
 175                          * Update inode->i_flags - S_ENCRYPTED will be enabled,
 176                          * S_DAX may be disabled
 177                          */
 178                         ext4_set_inode_flags(inode, false);
 179                 }
 180                 return res;
 181         }
 182
 183         res = dquot_initialize(inode);
 184         if (res)
 185                 return res;
 186 retry:
 187         res = ext4_xattr_set_credits(inode, len, false /* is_create */,
 188                                      &credits);
 189         if (res)
 190                 return res;
 191
 192         handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
 193         if (IS_ERR(handle))
 194                 return PTR_ERR(handle);
 195
 196         res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
 197                                     EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 198                                     ctx, len, 0);
 199         if (!res) {
 200                 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
 201                 /*
 202                  * Update inode->i_flags - S_ENCRYPTED will be enabled,
 203                  * S_DAX may be disabled
 204                  */
 205                 ext4_set_inode_flags(inode, false);
 206                 res = ext4_mark_inode_dirty(handle, inode);
 207                 if (res)
 208                         EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
 209         }
 210         res2 = ext4_journal_stop(handle);
 211
 212         if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
 213                 goto retry;
 214         if (!res)
 215                 res = res2;
 216         return res;
 217 }
 218
 219 static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
 220 {
 221         return EXT4_SB(sb)->s_dummy_enc_policy.policy;
 222 }
 223
 224 static bool ext4_has_stable_inodes(struct super_block *sb)
 225 {
 226         return ext4_has_feature_stable_inodes(sb);
 227 }
 228
 229 const struct fscrypt_operations ext4_cryptops = {
 230         .needs_bounce_pages     = 1,
 231         .has_32bit_inodes       = 1,
 232         .supports_subblock_data_units = 1,
 233         .legacy_key_prefix      = "ext4:",
 234         .get_context            = ext4_get_context,
 235         .set_context            = ext4_set_context,
 236         .get_dummy_policy       = ext4_get_dummy_policy,
 237         .empty_dir              = ext4_empty_dir,
 238         .has_stable_inodes      = ext4_has_stable_inodes,
 239 };