fs/f2fs/f2fs_crypto.h at v4.4-rc6

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / fs / f2fs / f2fs_crypto.h
at v4.4-rc6 151 lines 3.9 kB view raw
wrap content
  1/*
  2 * linux/fs/f2fs/f2fs_crypto.h
  3 *
  4 * Copied from linux/fs/ext4/ext4_crypto.h
  5 *
  6 * Copyright (C) 2015, Google, Inc.
  7 *
  8 * This contains encryption header content for f2fs
  9 *
 10 * Written by Michael Halcrow, 2015.
 11 * Modified by Jaegeuk Kim, 2015.
 12 */
 13#ifndef _F2FS_CRYPTO_H
 14#define _F2FS_CRYPTO_H
 15
 16#include <linux/fs.h>
 17
 18#define F2FS_KEY_DESCRIPTOR_SIZE	8
 19
 20/* Policy provided via an ioctl on the topmost directory */
 21struct f2fs_encryption_policy {
 22	char version;
 23	char contents_encryption_mode;
 24	char filenames_encryption_mode;
 25	char flags;
 26	char master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE];
 27} __attribute__((__packed__));
 28
 29#define F2FS_ENCRYPTION_CONTEXT_FORMAT_V1	1
 30#define F2FS_KEY_DERIVATION_NONCE_SIZE		16
 31
 32#define F2FS_POLICY_FLAGS_PAD_4		0x00
 33#define F2FS_POLICY_FLAGS_PAD_8		0x01
 34#define F2FS_POLICY_FLAGS_PAD_16	0x02
 35#define F2FS_POLICY_FLAGS_PAD_32	0x03
 36#define F2FS_POLICY_FLAGS_PAD_MASK	0x03
 37#define F2FS_POLICY_FLAGS_VALID		0x03
 38
 39/**
 40 * Encryption context for inode
 41 *
 42 * Protector format:
 43 *  1 byte: Protector format (1 = this version)
 44 *  1 byte: File contents encryption mode
 45 *  1 byte: File names encryption mode
 46 *  1 byte: Flags
 47 *  8 bytes: Master Key descriptor
 48 *  16 bytes: Encryption Key derivation nonce
 49 */
 50struct f2fs_encryption_context {
 51	char format;
 52	char contents_encryption_mode;
 53	char filenames_encryption_mode;
 54	char flags;
 55	char master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE];
 56	char nonce[F2FS_KEY_DERIVATION_NONCE_SIZE];
 57} __attribute__((__packed__));
 58
 59/* Encryption parameters */
 60#define F2FS_XTS_TWEAK_SIZE 16
 61#define F2FS_AES_128_ECB_KEY_SIZE 16
 62#define F2FS_AES_256_GCM_KEY_SIZE 32
 63#define F2FS_AES_256_CBC_KEY_SIZE 32
 64#define F2FS_AES_256_CTS_KEY_SIZE 32
 65#define F2FS_AES_256_XTS_KEY_SIZE 64
 66#define F2FS_MAX_KEY_SIZE 64
 67
 68#define F2FS_KEY_DESC_PREFIX "f2fs:"
 69#define F2FS_KEY_DESC_PREFIX_SIZE 5
 70
 71struct f2fs_encryption_key {
 72	__u32 mode;
 73	char raw[F2FS_MAX_KEY_SIZE];
 74	__u32 size;
 75} __attribute__((__packed__));
 76
 77struct f2fs_crypt_info {
 78	char		ci_data_mode;
 79	char		ci_filename_mode;
 80	char		ci_flags;
 81	struct crypto_ablkcipher *ci_ctfm;
 82	struct key	*ci_keyring_key;
 83	char		ci_master_key[F2FS_KEY_DESCRIPTOR_SIZE];
 84};
 85
 86#define F2FS_CTX_REQUIRES_FREE_ENCRYPT_FL             0x00000001
 87#define F2FS_WRITE_PATH_FL			      0x00000002
 88
 89struct f2fs_crypto_ctx {
 90	union {
 91		struct {
 92			struct page *bounce_page;       /* Ciphertext page */
 93			struct page *control_page;      /* Original page  */
 94		} w;
 95		struct {
 96			struct bio *bio;
 97			struct work_struct work;
 98		} r;
 99		struct list_head free_list;     /* Free list */
100	};
101	char flags;                      /* Flags */
102};
103
104struct f2fs_completion_result {
105	struct completion completion;
106	int res;
107};
108
109#define DECLARE_F2FS_COMPLETION_RESULT(ecr) \
110	struct f2fs_completion_result ecr = { \
111		COMPLETION_INITIALIZER((ecr).completion), 0 }
112
113static inline int f2fs_encryption_key_size(int mode)
114{
115	switch (mode) {
116	case F2FS_ENCRYPTION_MODE_AES_256_XTS:
117		return F2FS_AES_256_XTS_KEY_SIZE;
118	case F2FS_ENCRYPTION_MODE_AES_256_GCM:
119		return F2FS_AES_256_GCM_KEY_SIZE;
120	case F2FS_ENCRYPTION_MODE_AES_256_CBC:
121		return F2FS_AES_256_CBC_KEY_SIZE;
122	case F2FS_ENCRYPTION_MODE_AES_256_CTS:
123		return F2FS_AES_256_CTS_KEY_SIZE;
124	default:
125		BUG();
126	}
127	return 0;
128}
129
130#define F2FS_FNAME_NUM_SCATTER_ENTRIES	4
131#define F2FS_CRYPTO_BLOCK_SIZE		16
132#define F2FS_FNAME_CRYPTO_DIGEST_SIZE	32
133
134/**
135 * For encrypted symlinks, the ciphertext length is stored at the beginning
136 * of the string in little-endian format.
137 */
138struct f2fs_encrypted_symlink_data {
139	__le16 len;
140	char encrypted_path[1];
141} __attribute__((__packed__));
142
143/**
144 * This function is used to calculate the disk space required to
145 * store a filename of length l in encrypted symlink format.
146 */
147static inline u32 encrypted_symlink_data_len(u32 l)
148{
149	return (l + sizeof(struct f2fs_encrypted_symlink_data) - 1);
150}
151#endif	/* _F2FS_CRYPTO_H */
Configure Feed

Configure Feed
