tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / include / linux / fscrypt.h
at v5.3-rc2 23 kB view raw
1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * fscrypt.h: declarations for per-file encryption 4 * 5 * Filesystems that implement per-file encryption must include this header 6 * file. 7 * 8 * Copyright (C) 2015, Google, Inc. 9 * 10 * Written by Michael Halcrow, 2015. 11 * Modified by Jaegeuk Kim, 2015. 12 */ 13#ifndef _LINUX_FSCRYPT_H 14#define _LINUX_FSCRYPT_H 15 16#include <linux/fs.h> 17#include <linux/mm.h> 18#include <linux/slab.h> 19 20#define FS_CRYPTO_BLOCK_SIZE 16 21 22struct fscrypt_ctx; 23struct fscrypt_info; 24 25struct fscrypt_str { 26 unsigned char *name; 27 u32 len; 28}; 29 30struct fscrypt_name { 31 const struct qstr *usr_fname; 32 struct fscrypt_str disk_name; 33 u32 hash; 34 u32 minor_hash; 35 struct fscrypt_str crypto_buf; 36 bool is_ciphertext_name; 37}; 38 39#define FSTR_INIT(n, l) { .name = n, .len = l } 40#define FSTR_TO_QSTR(f) QSTR_INIT((f)->name, (f)->len) 41#define fname_name(p) ((p)->disk_name.name) 42#define fname_len(p) ((p)->disk_name.len) 43 44/* Maximum value for the third parameter of fscrypt_operations.set_context(). */ 45#define FSCRYPT_SET_CONTEXT_MAX_SIZE 28 46 47#ifdef CONFIG_FS_ENCRYPTION 48/* 49 * fscrypt superblock flags 50 */ 51#define FS_CFLG_OWN_PAGES (1U << 1) 52 53/* 54 * crypto operations for filesystems 55 */ 56struct fscrypt_operations { 57 unsigned int flags; 58 const char *key_prefix; 59 int (*get_context)(struct inode *, void *, size_t); 60 int (*set_context)(struct inode *, const void *, size_t, void *); 61 bool (*dummy_context)(struct inode *); 62 bool (*empty_dir)(struct inode *); 63 unsigned int max_namelen; 64}; 65 66/* Decryption work */ 67struct fscrypt_ctx { 68 union { 69 struct { 70 struct bio *bio; 71 struct work_struct work; 72 }; 73 struct list_head free_list; /* Free list */ 74 }; 75 u8 flags; /* Flags */ 76}; 77 78static inline bool fscrypt_has_encryption_key(const struct inode *inode) 79{ 80 /* pairs with cmpxchg_release() in fscrypt_get_encryption_info() */ 81 return READ_ONCE(inode->i_crypt_info) != NULL; 82} 83 84static inline bool fscrypt_dummy_context_enabled(struct inode *inode) 85{ 86 return inode->i_sb->s_cop->dummy_context && 87 inode->i_sb->s_cop->dummy_context(inode); 88} 89 90/* 91 * When d_splice_alias() moves a directory's encrypted alias to its decrypted 92 * alias as a result of the encryption key being added, DCACHE_ENCRYPTED_NAME 93 * must be cleared. Note that we don't have to support arbitrary moves of this 94 * flag because fscrypt doesn't allow encrypted aliases to be the source or 95 * target of a rename(). 96 */ 97static inline void fscrypt_handle_d_move(struct dentry *dentry) 98{ 99 dentry->d_flags &= ~DCACHE_ENCRYPTED_NAME; 100} 101 102/* crypto.c */ 103extern void fscrypt_enqueue_decrypt_work(struct work_struct *); 104extern struct fscrypt_ctx *fscrypt_get_ctx(gfp_t); 105extern void fscrypt_release_ctx(struct fscrypt_ctx *); 106 107extern struct page *fscrypt_encrypt_pagecache_blocks(struct page *page, 108 unsigned int len, 109 unsigned int offs, 110 gfp_t gfp_flags); 111extern int fscrypt_encrypt_block_inplace(const struct inode *inode, 112 struct page *page, unsigned int len, 113 unsigned int offs, u64 lblk_num, 114 gfp_t gfp_flags); 115 116extern int fscrypt_decrypt_pagecache_blocks(struct page *page, unsigned int len, 117 unsigned int offs); 118extern int fscrypt_decrypt_block_inplace(const struct inode *inode, 119 struct page *page, unsigned int len, 120 unsigned int offs, u64 lblk_num); 121 122static inline bool fscrypt_is_bounce_page(struct page *page) 123{ 124 return page->mapping == NULL; 125} 126 127static inline struct page *fscrypt_pagecache_page(struct page *bounce_page) 128{ 129 return (struct page *)page_private(bounce_page); 130} 131 132extern void fscrypt_free_bounce_page(struct page *bounce_page); 133 134/* policy.c */ 135extern int fscrypt_ioctl_set_policy(struct file *, const void __user *); 136extern int fscrypt_ioctl_get_policy(struct file *, void __user *); 137extern int fscrypt_has_permitted_context(struct inode *, struct inode *); 138extern int fscrypt_inherit_context(struct inode *, struct inode *, 139 void *, bool); 140/* keyinfo.c */ 141extern int fscrypt_get_encryption_info(struct inode *); 142extern void fscrypt_put_encryption_info(struct inode *); 143extern void fscrypt_free_inode(struct inode *); 144 145/* fname.c */ 146extern int fscrypt_setup_filename(struct inode *, const struct qstr *, 147 int lookup, struct fscrypt_name *); 148 149static inline void fscrypt_free_filename(struct fscrypt_name *fname) 150{ 151 kfree(fname->crypto_buf.name); 152} 153 154extern int fscrypt_fname_alloc_buffer(const struct inode *, u32, 155 struct fscrypt_str *); 156extern void fscrypt_fname_free_buffer(struct fscrypt_str *); 157extern int fscrypt_fname_disk_to_usr(struct inode *, u32, u32, 158 const struct fscrypt_str *, struct fscrypt_str *); 159 160#define FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE 32 161 162/* Extracts the second-to-last ciphertext block; see explanation below */ 163#define FSCRYPT_FNAME_DIGEST(name, len) \ 164 ((name) + round_down((len) - FS_CRYPTO_BLOCK_SIZE - 1, \ 165 FS_CRYPTO_BLOCK_SIZE)) 166 167#define FSCRYPT_FNAME_DIGEST_SIZE FS_CRYPTO_BLOCK_SIZE 168 169/** 170 * fscrypt_digested_name - alternate identifier for an on-disk filename 171 * 172 * When userspace lists an encrypted directory without access to the key, 173 * filenames whose ciphertext is longer than FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE 174 * bytes are shown in this abbreviated form (base64-encoded) rather than as the 175 * full ciphertext (base64-encoded). This is necessary to allow supporting 176 * filenames up to NAME_MAX bytes, since base64 encoding expands the length. 177 * 178 * To make it possible for filesystems to still find the correct directory entry 179 * despite not knowing the full on-disk name, we encode any filesystem-specific 180 * 'hash' and/or 'minor_hash' which the filesystem may need for its lookups, 181 * followed by the second-to-last ciphertext block of the filename. Due to the 182 * use of the CBC-CTS encryption mode, the second-to-last ciphertext block 183 * depends on the full plaintext. (Note that ciphertext stealing causes the 184 * last two blocks to appear "flipped".) This makes accidental collisions very 185 * unlikely: just a 1 in 2^128 chance for two filenames to collide even if they 186 * share the same filesystem-specific hashes. 187 * 188 * However, this scheme isn't immune to intentional collisions, which can be 189 * created by anyone able to create arbitrary plaintext filenames and view them 190 * without the key. Making the "digest" be a real cryptographic hash like 191 * SHA-256 over the full ciphertext would prevent this, although it would be 192 * less efficient and harder to implement, especially since the filesystem would 193 * need to calculate it for each directory entry examined during a search. 194 */ 195struct fscrypt_digested_name { 196 u32 hash; 197 u32 minor_hash; 198 u8 digest[FSCRYPT_FNAME_DIGEST_SIZE]; 199}; 200 201/** 202 * fscrypt_match_name() - test whether the given name matches a directory entry 203 * @fname: the name being searched for 204 * @de_name: the name from the directory entry 205 * @de_name_len: the length of @de_name in bytes 206 * 207 * Normally @fname->disk_name will be set, and in that case we simply compare 208 * that to the name stored in the directory entry. The only exception is that 209 * if we don't have the key for an encrypted directory and a filename in it is 210 * very long, then we won't have the full disk_name and we'll instead need to 211 * match against the fscrypt_digested_name. 212 * 213 * Return: %true if the name matches, otherwise %false. 214 */ 215static inline bool fscrypt_match_name(const struct fscrypt_name *fname, 216 const u8 *de_name, u32 de_name_len) 217{ 218 if (unlikely(!fname->disk_name.name)) { 219 const struct fscrypt_digested_name *n = 220 (const void *)fname->crypto_buf.name; 221 if (WARN_ON_ONCE(fname->usr_fname->name[0] != '_')) 222 return false; 223 if (de_name_len <= FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE) 224 return false; 225 return !memcmp(FSCRYPT_FNAME_DIGEST(de_name, de_name_len), 226 n->digest, FSCRYPT_FNAME_DIGEST_SIZE); 227 } 228 229 if (de_name_len != fname->disk_name.len) 230 return false; 231 return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len); 232} 233 234/* bio.c */ 235extern void fscrypt_decrypt_bio(struct bio *); 236extern void fscrypt_enqueue_decrypt_bio(struct fscrypt_ctx *ctx, 237 struct bio *bio); 238extern int fscrypt_zeroout_range(const struct inode *, pgoff_t, sector_t, 239 unsigned int); 240 241/* hooks.c */ 242extern int fscrypt_file_open(struct inode *inode, struct file *filp); 243extern int __fscrypt_prepare_link(struct inode *inode, struct inode *dir, 244 struct dentry *dentry); 245extern int __fscrypt_prepare_rename(struct inode *old_dir, 246 struct dentry *old_dentry, 247 struct inode *new_dir, 248 struct dentry *new_dentry, 249 unsigned int flags); 250extern int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry, 251 struct fscrypt_name *fname); 252extern int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len, 253 unsigned int max_len, 254 struct fscrypt_str *disk_link); 255extern int __fscrypt_encrypt_symlink(struct inode *inode, const char *target, 256 unsigned int len, 257 struct fscrypt_str *disk_link); 258extern const char *fscrypt_get_symlink(struct inode *inode, const void *caddr, 259 unsigned int max_size, 260 struct delayed_call *done); 261static inline void fscrypt_set_ops(struct super_block *sb, 262 const struct fscrypt_operations *s_cop) 263{ 264 sb->s_cop = s_cop; 265} 266#else /* !CONFIG_FS_ENCRYPTION */ 267 268static inline bool fscrypt_has_encryption_key(const struct inode *inode) 269{ 270 return false; 271} 272 273static inline bool fscrypt_dummy_context_enabled(struct inode *inode) 274{ 275 return false; 276} 277 278static inline void fscrypt_handle_d_move(struct dentry *dentry) 279{ 280} 281 282/* crypto.c */ 283static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work) 284{ 285} 286 287static inline struct fscrypt_ctx *fscrypt_get_ctx(gfp_t gfp_flags) 288{ 289 return ERR_PTR(-EOPNOTSUPP); 290} 291 292static inline void fscrypt_release_ctx(struct fscrypt_ctx *ctx) 293{ 294 return; 295} 296 297static inline struct page *fscrypt_encrypt_pagecache_blocks(struct page *page, 298 unsigned int len, 299 unsigned int offs, 300 gfp_t gfp_flags) 301{ 302 return ERR_PTR(-EOPNOTSUPP); 303} 304 305static inline int fscrypt_encrypt_block_inplace(const struct inode *inode, 306 struct page *page, 307 unsigned int len, 308 unsigned int offs, u64 lblk_num, 309 gfp_t gfp_flags) 310{ 311 return -EOPNOTSUPP; 312} 313 314static inline int fscrypt_decrypt_pagecache_blocks(struct page *page, 315 unsigned int len, 316 unsigned int offs) 317{ 318 return -EOPNOTSUPP; 319} 320 321static inline int fscrypt_decrypt_block_inplace(const struct inode *inode, 322 struct page *page, 323 unsigned int len, 324 unsigned int offs, u64 lblk_num) 325{ 326 return -EOPNOTSUPP; 327} 328 329static inline bool fscrypt_is_bounce_page(struct page *page) 330{ 331 return false; 332} 333 334static inline struct page *fscrypt_pagecache_page(struct page *bounce_page) 335{ 336 WARN_ON_ONCE(1); 337 return ERR_PTR(-EINVAL); 338} 339 340static inline void fscrypt_free_bounce_page(struct page *bounce_page) 341{ 342} 343 344/* policy.c */ 345static inline int fscrypt_ioctl_set_policy(struct file *filp, 346 const void __user *arg) 347{ 348 return -EOPNOTSUPP; 349} 350 351static inline int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg) 352{ 353 return -EOPNOTSUPP; 354} 355 356static inline int fscrypt_has_permitted_context(struct inode *parent, 357 struct inode *child) 358{ 359 return 0; 360} 361 362static inline int fscrypt_inherit_context(struct inode *parent, 363 struct inode *child, 364 void *fs_data, bool preload) 365{ 366 return -EOPNOTSUPP; 367} 368 369/* keyinfo.c */ 370static inline int fscrypt_get_encryption_info(struct inode *inode) 371{ 372 return -EOPNOTSUPP; 373} 374 375static inline void fscrypt_put_encryption_info(struct inode *inode) 376{ 377 return; 378} 379 380static inline void fscrypt_free_inode(struct inode *inode) 381{ 382} 383 384 /* fname.c */ 385static inline int fscrypt_setup_filename(struct inode *dir, 386 const struct qstr *iname, 387 int lookup, struct fscrypt_name *fname) 388{ 389 if (IS_ENCRYPTED(dir)) 390 return -EOPNOTSUPP; 391 392 memset(fname, 0, sizeof(*fname)); 393 fname->usr_fname = iname; 394 fname->disk_name.name = (unsigned char *)iname->name; 395 fname->disk_name.len = iname->len; 396 return 0; 397} 398 399static inline void fscrypt_free_filename(struct fscrypt_name *fname) 400{ 401 return; 402} 403 404static inline int fscrypt_fname_alloc_buffer(const struct inode *inode, 405 u32 max_encrypted_len, 406 struct fscrypt_str *crypto_str) 407{ 408 return -EOPNOTSUPP; 409} 410 411static inline void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str) 412{ 413 return; 414} 415 416static inline int fscrypt_fname_disk_to_usr(struct inode *inode, 417 u32 hash, u32 minor_hash, 418 const struct fscrypt_str *iname, 419 struct fscrypt_str *oname) 420{ 421 return -EOPNOTSUPP; 422} 423 424static inline bool fscrypt_match_name(const struct fscrypt_name *fname, 425 const u8 *de_name, u32 de_name_len) 426{ 427 /* Encryption support disabled; use standard comparison */ 428 if (de_name_len != fname->disk_name.len) 429 return false; 430 return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len); 431} 432 433/* bio.c */ 434static inline void fscrypt_decrypt_bio(struct bio *bio) 435{ 436} 437 438static inline void fscrypt_enqueue_decrypt_bio(struct fscrypt_ctx *ctx, 439 struct bio *bio) 440{ 441} 442 443static inline int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk, 444 sector_t pblk, unsigned int len) 445{ 446 return -EOPNOTSUPP; 447} 448 449/* hooks.c */ 450 451static inline int fscrypt_file_open(struct inode *inode, struct file *filp) 452{ 453 if (IS_ENCRYPTED(inode)) 454 return -EOPNOTSUPP; 455 return 0; 456} 457 458static inline int __fscrypt_prepare_link(struct inode *inode, struct inode *dir, 459 struct dentry *dentry) 460{ 461 return -EOPNOTSUPP; 462} 463 464static inline int __fscrypt_prepare_rename(struct inode *old_dir, 465 struct dentry *old_dentry, 466 struct inode *new_dir, 467 struct dentry *new_dentry, 468 unsigned int flags) 469{ 470 return -EOPNOTSUPP; 471} 472 473static inline int __fscrypt_prepare_lookup(struct inode *dir, 474 struct dentry *dentry, 475 struct fscrypt_name *fname) 476{ 477 return -EOPNOTSUPP; 478} 479 480static inline int __fscrypt_prepare_symlink(struct inode *dir, 481 unsigned int len, 482 unsigned int max_len, 483 struct fscrypt_str *disk_link) 484{ 485 return -EOPNOTSUPP; 486} 487 488 489static inline int __fscrypt_encrypt_symlink(struct inode *inode, 490 const char *target, 491 unsigned int len, 492 struct fscrypt_str *disk_link) 493{ 494 return -EOPNOTSUPP; 495} 496 497static inline const char *fscrypt_get_symlink(struct inode *inode, 498 const void *caddr, 499 unsigned int max_size, 500 struct delayed_call *done) 501{ 502 return ERR_PTR(-EOPNOTSUPP); 503} 504 505static inline void fscrypt_set_ops(struct super_block *sb, 506 const struct fscrypt_operations *s_cop) 507{ 508} 509 510#endif /* !CONFIG_FS_ENCRYPTION */ 511 512/** 513 * fscrypt_require_key - require an inode's encryption key 514 * @inode: the inode we need the key for 515 * 516 * If the inode is encrypted, set up its encryption key if not already done. 517 * Then require that the key be present and return -ENOKEY otherwise. 518 * 519 * No locks are needed, and the key will live as long as the struct inode --- so 520 * it won't go away from under you. 521 * 522 * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code 523 * if a problem occurred while setting up the encryption key. 524 */ 525static inline int fscrypt_require_key(struct inode *inode) 526{ 527 if (IS_ENCRYPTED(inode)) { 528 int err = fscrypt_get_encryption_info(inode); 529 530 if (err) 531 return err; 532 if (!fscrypt_has_encryption_key(inode)) 533 return -ENOKEY; 534 } 535 return 0; 536} 537 538/** 539 * fscrypt_prepare_link - prepare to link an inode into a possibly-encrypted directory 540 * @old_dentry: an existing dentry for the inode being linked 541 * @dir: the target directory 542 * @dentry: negative dentry for the target filename 543 * 544 * A new link can only be added to an encrypted directory if the directory's 545 * encryption key is available --- since otherwise we'd have no way to encrypt 546 * the filename. Therefore, we first set up the directory's encryption key (if 547 * not already done) and return an error if it's unavailable. 548 * 549 * We also verify that the link will not violate the constraint that all files 550 * in an encrypted directory tree use the same encryption policy. 551 * 552 * Return: 0 on success, -ENOKEY if the directory's encryption key is missing, 553 * -EXDEV if the link would result in an inconsistent encryption policy, or 554 * another -errno code. 555 */ 556static inline int fscrypt_prepare_link(struct dentry *old_dentry, 557 struct inode *dir, 558 struct dentry *dentry) 559{ 560 if (IS_ENCRYPTED(dir)) 561 return __fscrypt_prepare_link(d_inode(old_dentry), dir, dentry); 562 return 0; 563} 564 565/** 566 * fscrypt_prepare_rename - prepare for a rename between possibly-encrypted directories 567 * @old_dir: source directory 568 * @old_dentry: dentry for source file 569 * @new_dir: target directory 570 * @new_dentry: dentry for target location (may be negative unless exchanging) 571 * @flags: rename flags (we care at least about %RENAME_EXCHANGE) 572 * 573 * Prepare for ->rename() where the source and/or target directories may be 574 * encrypted. A new link can only be added to an encrypted directory if the 575 * directory's encryption key is available --- since otherwise we'd have no way 576 * to encrypt the filename. A rename to an existing name, on the other hand, 577 * *is* cryptographically possible without the key. However, we take the more 578 * conservative approach and just forbid all no-key renames. 579 * 580 * We also verify that the rename will not violate the constraint that all files 581 * in an encrypted directory tree use the same encryption policy. 582 * 583 * Return: 0 on success, -ENOKEY if an encryption key is missing, -EXDEV if the 584 * rename would cause inconsistent encryption policies, or another -errno code. 585 */ 586static inline int fscrypt_prepare_rename(struct inode *old_dir, 587 struct dentry *old_dentry, 588 struct inode *new_dir, 589 struct dentry *new_dentry, 590 unsigned int flags) 591{ 592 if (IS_ENCRYPTED(old_dir) || IS_ENCRYPTED(new_dir)) 593 return __fscrypt_prepare_rename(old_dir, old_dentry, 594 new_dir, new_dentry, flags); 595 return 0; 596} 597 598/** 599 * fscrypt_prepare_lookup - prepare to lookup a name in a possibly-encrypted directory 600 * @dir: directory being searched 601 * @dentry: filename being looked up 602 * @fname: (output) the name to use to search the on-disk directory 603 * 604 * Prepare for ->lookup() in a directory which may be encrypted by determining 605 * the name that will actually be used to search the directory on-disk. Lookups 606 * can be done with or without the directory's encryption key; without the key, 607 * filenames are presented in encrypted form. Therefore, we'll try to set up 608 * the directory's encryption key, but even without it the lookup can continue. 609 * 610 * This also installs a custom ->d_revalidate() method which will invalidate the 611 * dentry if it was created without the key and the key is later added. 612 * 613 * Return: 0 on success; -ENOENT if key is unavailable but the filename isn't a 614 * correctly formed encoded ciphertext name, so a negative dentry should be 615 * created; or another -errno code. 616 */ 617static inline int fscrypt_prepare_lookup(struct inode *dir, 618 struct dentry *dentry, 619 struct fscrypt_name *fname) 620{ 621 if (IS_ENCRYPTED(dir)) 622 return __fscrypt_prepare_lookup(dir, dentry, fname); 623 624 memset(fname, 0, sizeof(*fname)); 625 fname->usr_fname = &dentry->d_name; 626 fname->disk_name.name = (unsigned char *)dentry->d_name.name; 627 fname->disk_name.len = dentry->d_name.len; 628 return 0; 629} 630 631/** 632 * fscrypt_prepare_setattr - prepare to change a possibly-encrypted inode's attributes 633 * @dentry: dentry through which the inode is being changed 634 * @attr: attributes to change 635 * 636 * Prepare for ->setattr() on a possibly-encrypted inode. On an encrypted file, 637 * most attribute changes are allowed even without the encryption key. However, 638 * without the encryption key we do have to forbid truncates. This is needed 639 * because the size being truncated to may not be a multiple of the filesystem 640 * block size, and in that case we'd have to decrypt the final block, zero the 641 * portion past i_size, and re-encrypt it. (We *could* allow truncating to a 642 * filesystem block boundary, but it's simpler to just forbid all truncates --- 643 * and we already forbid all other contents modifications without the key.) 644 * 645 * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code 646 * if a problem occurred while setting up the encryption key. 647 */ 648static inline int fscrypt_prepare_setattr(struct dentry *dentry, 649 struct iattr *attr) 650{ 651 if (attr->ia_valid & ATTR_SIZE) 652 return fscrypt_require_key(d_inode(dentry)); 653 return 0; 654} 655 656/** 657 * fscrypt_prepare_symlink - prepare to create a possibly-encrypted symlink 658 * @dir: directory in which the symlink is being created 659 * @target: plaintext symlink target 660 * @len: length of @target excluding null terminator 661 * @max_len: space the filesystem has available to store the symlink target 662 * @disk_link: (out) the on-disk symlink target being prepared 663 * 664 * This function computes the size the symlink target will require on-disk, 665 * stores it in @disk_link->len, and validates it against @max_len. An 666 * encrypted symlink may be longer than the original. 667 * 668 * Additionally, @disk_link->name is set to @target if the symlink will be 669 * unencrypted, but left NULL if the symlink will be encrypted. For encrypted 670 * symlinks, the filesystem must call fscrypt_encrypt_symlink() to create the 671 * on-disk target later. (The reason for the two-step process is that some 672 * filesystems need to know the size of the symlink target before creating the 673 * inode, e.g. to determine whether it will be a "fast" or "slow" symlink.) 674 * 675 * Return: 0 on success, -ENAMETOOLONG if the symlink target is too long, 676 * -ENOKEY if the encryption key is missing, or another -errno code if a problem 677 * occurred while setting up the encryption key. 678 */ 679static inline int fscrypt_prepare_symlink(struct inode *dir, 680 const char *target, 681 unsigned int len, 682 unsigned int max_len, 683 struct fscrypt_str *disk_link) 684{ 685 if (IS_ENCRYPTED(dir) || fscrypt_dummy_context_enabled(dir)) 686 return __fscrypt_prepare_symlink(dir, len, max_len, disk_link); 687 688 disk_link->name = (unsigned char *)target; 689 disk_link->len = len + 1; 690 if (disk_link->len > max_len) 691 return -ENAMETOOLONG; 692 return 0; 693} 694 695/** 696 * fscrypt_encrypt_symlink - encrypt the symlink target if needed 697 * @inode: symlink inode 698 * @target: plaintext symlink target 699 * @len: length of @target excluding null terminator 700 * @disk_link: (in/out) the on-disk symlink target being prepared 701 * 702 * If the symlink target needs to be encrypted, then this function encrypts it 703 * into @disk_link->name. fscrypt_prepare_symlink() must have been called 704 * previously to compute @disk_link->len. If the filesystem did not allocate a 705 * buffer for @disk_link->name after calling fscrypt_prepare_link(), then one 706 * will be kmalloc()'ed and the filesystem will be responsible for freeing it. 707 * 708 * Return: 0 on success, -errno on failure 709 */ 710static inline int fscrypt_encrypt_symlink(struct inode *inode, 711 const char *target, 712 unsigned int len, 713 struct fscrypt_str *disk_link) 714{ 715 if (IS_ENCRYPTED(inode)) 716 return __fscrypt_encrypt_symlink(inode, target, len, disk_link); 717 return 0; 718} 719 720/* If *pagep is a bounce page, free it and set *pagep to the pagecache page */ 721static inline void fscrypt_finalize_bounce_page(struct page **pagep) 722{ 723 struct page *page = *pagep; 724 725 if (fscrypt_is_bounce_page(page)) { 726 *pagep = fscrypt_pagecache_page(page); 727 fscrypt_free_bounce_page(page); 728 } 729} 730 731#endif /* _LINUX_FSCRYPT_H */