Merge tag 'libnvdimm-for-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdim...

[linux-2.6-microblaze.git] / fs / crypto / policy.c

diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index 6865663..6ed7c2e 100644 (file)
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -10,8 +10,8 @@
 
 #include <linux/random.h>
 #include <linux/string.h>
-#include <linux/fscrypto.h>
 #include <linux/mount.h>
+#include "fscrypt_private.h"
 
 static int inode_has_encryption_context(struct inode *inode)
 {
@@ -93,16 +93,19 @@ static int create_encryption_context_from_policy(struct inode *inode,
        return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL);
 }
 
-int fscrypt_process_policy(struct file *filp,
-                               const struct fscrypt_policy *policy)
+int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg)
 {
+       struct fscrypt_policy policy;
        struct inode *inode = file_inode(filp);
        int ret;
 
+       if (copy_from_user(&policy, arg, sizeof(policy)))
+               return -EFAULT;
+
        if (!inode_owner_or_capable(inode))
                return -EACCES;
 
-       if (policy->version != 0)
+       if (policy.version != 0)
                return -EINVAL;
 
        ret = mnt_want_write_file(filp);
@@ -120,9 +123,9 @@ int fscrypt_process_policy(struct file *filp,
                        ret = -ENOTEMPTY;
                else
                        ret = create_encryption_context_from_policy(inode,
-                                                                   policy);
+                                                                   &policy);
        } else if (!is_encryption_context_consistent_with_policy(inode,
-                                                                policy)) {
+                                                                &policy)) {
                printk(KERN_WARNING
                       "%s: Policy inconsistent with encryption context\n",
                       __func__);
@@ -134,11 +137,13 @@ int fscrypt_process_policy(struct file *filp,
        mnt_drop_write_file(filp);
        return ret;
 }
-EXPORT_SYMBOL(fscrypt_process_policy);
+EXPORT_SYMBOL(fscrypt_ioctl_set_policy);
 
-int fscrypt_get_policy(struct inode *inode, struct fscrypt_policy *policy)
+int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
 {
+       struct inode *inode = file_inode(filp);
        struct fscrypt_context ctx;
+       struct fscrypt_policy policy;
        int res;
 
        if (!inode->i_sb->s_cop->get_context ||
@@ -151,15 +156,18 @@ int fscrypt_get_policy(struct inode *inode, struct fscrypt_policy *policy)
        if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1)
                return -EINVAL;
 
-       policy->version = 0;
-       policy->contents_encryption_mode = ctx.contents_encryption_mode;
-       policy->filenames_encryption_mode = ctx.filenames_encryption_mode;
-       policy->flags = ctx.flags;
-       memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor,
+       policy.version = 0;
+       policy.contents_encryption_mode = ctx.contents_encryption_mode;
+       policy.filenames_encryption_mode = ctx.filenames_encryption_mode;
+       policy.flags = ctx.flags;
+       memcpy(policy.master_key_descriptor, ctx.master_key_descriptor,
                                FS_KEY_DESCRIPTOR_SIZE);
+
+       if (copy_to_user(arg, &policy, sizeof(policy)))
+               return -EFAULT;
        return 0;
 }
-EXPORT_SYMBOL(fscrypt_get_policy);
+EXPORT_SYMBOL(fscrypt_ioctl_get_policy);
 
 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
 {