include/linux/fscrypt.h at v6.14 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / include / linux / fscrypt.h
at v6.14 35 kB view raw
   1/* SPDX-License-Identifier: GPL-2.0 */
   2/*
   3 * fscrypt.h: declarations for per-file encryption
   4 *
   5 * Filesystems that implement per-file encryption must include this header
   6 * file.
   7 *
   8 * Copyright (C) 2015, Google, Inc.
   9 *
  10 * Written by Michael Halcrow, 2015.
  11 * Modified by Jaegeuk Kim, 2015.
  12 */
  13#ifndef _LINUX_FSCRYPT_H
  14#define _LINUX_FSCRYPT_H
  15
  16#include <linux/fs.h>
  17#include <linux/mm.h>
  18#include <linux/slab.h>
  19#include <uapi/linux/fscrypt.h>
  20
  21/*
  22 * The lengths of all file contents blocks must be divisible by this value.
  23 * This is needed to ensure that all contents encryption modes will work, as
  24 * some of the supported modes don't support arbitrarily byte-aligned messages.
  25 *
  26 * Since the needed alignment is 16 bytes, most filesystems will meet this
  27 * requirement naturally, as typical block sizes are powers of 2.  However, if a
  28 * filesystem can generate arbitrarily byte-aligned block lengths (e.g., via
  29 * compression), then it will need to pad to this alignment before encryption.
  30 */
  31#define FSCRYPT_CONTENTS_ALIGNMENT 16
  32
  33union fscrypt_policy;
  34struct fscrypt_inode_info;
  35struct fs_parameter;
  36struct seq_file;
  37
  38struct fscrypt_str {
  39	unsigned char *name;
  40	u32 len;
  41};
  42
  43struct fscrypt_name {
  44	const struct qstr *usr_fname;
  45	struct fscrypt_str disk_name;
  46	u32 hash;
  47	u32 minor_hash;
  48	struct fscrypt_str crypto_buf;
  49	bool is_nokey_name;
  50};
  51
  52#define FSTR_INIT(n, l)		{ .name = n, .len = l }
  53#define FSTR_TO_QSTR(f)		QSTR_INIT((f)->name, (f)->len)
  54#define fname_name(p)		((p)->disk_name.name)
  55#define fname_len(p)		((p)->disk_name.len)
  56
  57/* Maximum value for the third parameter of fscrypt_operations.set_context(). */
  58#define FSCRYPT_SET_CONTEXT_MAX_SIZE	40
  59
  60#ifdef CONFIG_FS_ENCRYPTION
  61
  62/* Crypto operations for filesystems */
  63struct fscrypt_operations {
  64
  65	/*
  66	 * If set, then fs/crypto/ will allocate a global bounce page pool the
  67	 * first time an encryption key is set up for a file.  The bounce page
  68	 * pool is required by the following functions:
  69	 *
  70	 * - fscrypt_encrypt_pagecache_blocks()
  71	 * - fscrypt_zeroout_range() for files not using inline crypto
  72	 *
  73	 * If the filesystem doesn't use those, it doesn't need to set this.
  74	 */
  75	unsigned int needs_bounce_pages : 1;
  76
  77	/*
  78	 * If set, then fs/crypto/ will allow the use of encryption settings
  79	 * that assume inode numbers fit in 32 bits (i.e.
  80	 * FSCRYPT_POLICY_FLAG_IV_INO_LBLK_{32,64}), provided that the other
  81	 * prerequisites for these settings are also met.  This is only useful
  82	 * if the filesystem wants to support inline encryption hardware that is
  83	 * limited to 32-bit or 64-bit data unit numbers and where programming
  84	 * keyslots is very slow.
  85	 */
  86	unsigned int has_32bit_inodes : 1;
  87
  88	/*
  89	 * If set, then fs/crypto/ will allow users to select a crypto data unit
  90	 * size that is less than the filesystem block size.  This is done via
  91	 * the log2_data_unit_size field of the fscrypt policy.  This flag is
  92	 * not compatible with filesystems that encrypt variable-length blocks
  93	 * (i.e. blocks that aren't all equal to filesystem's block size), for
  94	 * example as a result of compression.  It's also not compatible with
  95	 * the fscrypt_encrypt_block_inplace() and
  96	 * fscrypt_decrypt_block_inplace() functions.
  97	 */
  98	unsigned int supports_subblock_data_units : 1;
  99
 100	/*
 101	 * This field exists only for backwards compatibility reasons and should
 102	 * only be set by the filesystems that are setting it already.  It
 103	 * contains the filesystem-specific key description prefix that is
 104	 * accepted for "logon" keys for v1 fscrypt policies.  This
 105	 * functionality is deprecated in favor of the generic prefix
 106	 * "fscrypt:", which itself is deprecated in favor of the filesystem
 107	 * keyring ioctls such as FS_IOC_ADD_ENCRYPTION_KEY.  Filesystems that
 108	 * are newly adding fscrypt support should not set this field.
 109	 */
 110	const char *legacy_key_prefix;
 111
 112	/*
 113	 * Get the fscrypt context of the given inode.
 114	 *
 115	 * @inode: the inode whose context to get
 116	 * @ctx: the buffer into which to get the context
 117	 * @len: length of the @ctx buffer in bytes
 118	 *
 119	 * Return: On success, returns the length of the context in bytes; this
 120	 *	   may be less than @len.  On failure, returns -ENODATA if the
 121	 *	   inode doesn't have a context, -ERANGE if the context is
 122	 *	   longer than @len, or another -errno code.
 123	 */
 124	int (*get_context)(struct inode *inode, void *ctx, size_t len);
 125
 126	/*
 127	 * Set an fscrypt context on the given inode.
 128	 *
 129	 * @inode: the inode whose context to set.  The inode won't already have
 130	 *	   an fscrypt context.
 131	 * @ctx: the context to set
 132	 * @len: length of @ctx in bytes (at most FSCRYPT_SET_CONTEXT_MAX_SIZE)
 133	 * @fs_data: If called from fscrypt_set_context(), this will be the
 134	 *	     value the filesystem passed to fscrypt_set_context().
 135	 *	     Otherwise (i.e. when called from
 136	 *	     FS_IOC_SET_ENCRYPTION_POLICY) this will be NULL.
 137	 *
 138	 * i_rwsem will be held for write.
 139	 *
 140	 * Return: 0 on success, -errno on failure.
 141	 */
 142	int (*set_context)(struct inode *inode, const void *ctx, size_t len,
 143			   void *fs_data);
 144
 145	/*
 146	 * Get the dummy fscrypt policy in use on the filesystem (if any).
 147	 *
 148	 * Filesystems only need to implement this function if they support the
 149	 * test_dummy_encryption mount option.
 150	 *
 151	 * Return: A pointer to the dummy fscrypt policy, if the filesystem is
 152	 *	   mounted with test_dummy_encryption; otherwise NULL.
 153	 */
 154	const union fscrypt_policy *(*get_dummy_policy)(struct super_block *sb);
 155
 156	/*
 157	 * Check whether a directory is empty.  i_rwsem will be held for write.
 158	 */
 159	bool (*empty_dir)(struct inode *inode);
 160
 161	/*
 162	 * Check whether the filesystem's inode numbers and UUID are stable,
 163	 * meaning that they will never be changed even by offline operations
 164	 * such as filesystem shrinking and therefore can be used in the
 165	 * encryption without the possibility of files becoming unreadable.
 166	 *
 167	 * Filesystems only need to implement this function if they want to
 168	 * support the FSCRYPT_POLICY_FLAG_IV_INO_LBLK_{32,64} flags.  These
 169	 * flags are designed to work around the limitations of UFS and eMMC
 170	 * inline crypto hardware, and they shouldn't be used in scenarios where
 171	 * such hardware isn't being used.
 172	 *
 173	 * Leaving this NULL is equivalent to always returning false.
 174	 */
 175	bool (*has_stable_inodes)(struct super_block *sb);
 176
 177	/*
 178	 * Return an array of pointers to the block devices to which the
 179	 * filesystem may write encrypted file contents, NULL if the filesystem
 180	 * only has a single such block device, or an ERR_PTR() on error.
 181	 *
 182	 * On successful non-NULL return, *num_devs is set to the number of
 183	 * devices in the returned array.  The caller must free the returned
 184	 * array using kfree().
 185	 *
 186	 * If the filesystem can use multiple block devices (other than block
 187	 * devices that aren't used for encrypted file contents, such as
 188	 * external journal devices), and wants to support inline encryption,
 189	 * then it must implement this function.  Otherwise it's not needed.
 190	 */
 191	struct block_device **(*get_devices)(struct super_block *sb,
 192					     unsigned int *num_devs);
 193};
 194
 195int fscrypt_d_revalidate(struct inode *dir, const struct qstr *name,
 196			 struct dentry *dentry, unsigned int flags);
 197
 198static inline struct fscrypt_inode_info *
 199fscrypt_get_inode_info(const struct inode *inode)
 200{
 201	/*
 202	 * Pairs with the cmpxchg_release() in fscrypt_setup_encryption_info().
 203	 * I.e., another task may publish ->i_crypt_info concurrently, executing
 204	 * a RELEASE barrier.  We need to use smp_load_acquire() here to safely
 205	 * ACQUIRE the memory the other task published.
 206	 */
 207	return smp_load_acquire(&inode->i_crypt_info);
 208}
 209
 210/**
 211 * fscrypt_needs_contents_encryption() - check whether an inode needs
 212 *					 contents encryption
 213 * @inode: the inode to check
 214 *
 215 * Return: %true iff the inode is an encrypted regular file and the kernel was
 216 * built with fscrypt support.
 217 *
 218 * If you need to know whether the encrypt bit is set even when the kernel was
 219 * built without fscrypt support, you must use IS_ENCRYPTED() directly instead.
 220 */
 221static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
 222{
 223	return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode);
 224}
 225
 226/*
 227 * When d_splice_alias() moves a directory's no-key alias to its
 228 * plaintext alias as a result of the encryption key being added,
 229 * DCACHE_NOKEY_NAME must be cleared and there might be an opportunity
 230 * to disable d_revalidate.  Note that we don't have to support the
 231 * inverse operation because fscrypt doesn't allow no-key names to be
 232 * the source or target of a rename().
 233 */
 234static inline void fscrypt_handle_d_move(struct dentry *dentry)
 235{
 236	/*
 237	 * VFS calls fscrypt_handle_d_move even for non-fscrypt
 238	 * filesystems.
 239	 */
 240	if (dentry->d_flags & DCACHE_NOKEY_NAME) {
 241		dentry->d_flags &= ~DCACHE_NOKEY_NAME;
 242
 243		/*
 244		 * Other filesystem features might be handling dentry
 245		 * revalidation, in which case it cannot be disabled.
 246		 */
 247		if (dentry->d_op->d_revalidate == fscrypt_d_revalidate)
 248			dentry->d_flags &= ~DCACHE_OP_REVALIDATE;
 249	}
 250}
 251
 252/**
 253 * fscrypt_is_nokey_name() - test whether a dentry is a no-key name
 254 * @dentry: the dentry to check
 255 *
 256 * This returns true if the dentry is a no-key dentry.  A no-key dentry is a
 257 * dentry that was created in an encrypted directory that hasn't had its
 258 * encryption key added yet.  Such dentries may be either positive or negative.
 259 *
 260 * When a filesystem is asked to create a new filename in an encrypted directory
 261 * and the new filename's dentry is a no-key dentry, it must fail the operation
 262 * with ENOKEY.  This includes ->create(), ->mkdir(), ->mknod(), ->symlink(),
 263 * ->rename(), and ->link().  (However, ->rename() and ->link() are already
 264 * handled by fscrypt_prepare_rename() and fscrypt_prepare_link().)
 265 *
 266 * This is necessary because creating a filename requires the directory's
 267 * encryption key, but just checking for the key on the directory inode during
 268 * the final filesystem operation doesn't guarantee that the key was available
 269 * during the preceding dentry lookup.  And the key must have already been
 270 * available during the dentry lookup in order for it to have been checked
 271 * whether the filename already exists in the directory and for the new file's
 272 * dentry not to be invalidated due to it incorrectly having the no-key flag.
 273 *
 274 * Return: %true if the dentry is a no-key name
 275 */
 276static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
 277{
 278	return dentry->d_flags & DCACHE_NOKEY_NAME;
 279}
 280
 281static inline void fscrypt_prepare_dentry(struct dentry *dentry,
 282					  bool is_nokey_name)
 283{
 284	/*
 285	 * This code tries to only take ->d_lock when necessary to write
 286	 * to ->d_flags.  We shouldn't be peeking on d_flags for
 287	 * DCACHE_OP_REVALIDATE unlocked, but in the unlikely case
 288	 * there is a race, the worst it can happen is that we fail to
 289	 * unset DCACHE_OP_REVALIDATE and pay the cost of an extra
 290	 * d_revalidate.
 291	 */
 292	if (is_nokey_name) {
 293		spin_lock(&dentry->d_lock);
 294		dentry->d_flags |= DCACHE_NOKEY_NAME;
 295		spin_unlock(&dentry->d_lock);
 296	} else if (dentry->d_flags & DCACHE_OP_REVALIDATE &&
 297		   dentry->d_op->d_revalidate == fscrypt_d_revalidate) {
 298		/*
 299		 * Unencrypted dentries and encrypted dentries where the
 300		 * key is available are always valid from fscrypt
 301		 * perspective. Avoid the cost of calling
 302		 * fscrypt_d_revalidate unnecessarily.
 303		 */
 304		spin_lock(&dentry->d_lock);
 305		dentry->d_flags &= ~DCACHE_OP_REVALIDATE;
 306		spin_unlock(&dentry->d_lock);
 307	}
 308}
 309
 310/* crypto.c */
 311void fscrypt_enqueue_decrypt_work(struct work_struct *);
 312
 313struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
 314					      unsigned int len,
 315					      unsigned int offs,
 316					      gfp_t gfp_flags);
 317int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page,
 318				  unsigned int len, unsigned int offs,
 319				  u64 lblk_num, gfp_t gfp_flags);
 320
 321int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len,
 322				     size_t offs);
 323int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page,
 324				  unsigned int len, unsigned int offs,
 325				  u64 lblk_num);
 326
 327static inline bool fscrypt_is_bounce_page(struct page *page)
 328{
 329	return page->mapping == NULL;
 330}
 331
 332static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
 333{
 334	return (struct page *)page_private(bounce_page);
 335}
 336
 337static inline bool fscrypt_is_bounce_folio(struct folio *folio)
 338{
 339	return folio->mapping == NULL;
 340}
 341
 342static inline struct folio *fscrypt_pagecache_folio(struct folio *bounce_folio)
 343{
 344	return bounce_folio->private;
 345}
 346
 347void fscrypt_free_bounce_page(struct page *bounce_page);
 348
 349/* policy.c */
 350int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg);
 351int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg);
 352int fscrypt_ioctl_get_policy_ex(struct file *filp, void __user *arg);
 353int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg);
 354int fscrypt_has_permitted_context(struct inode *parent, struct inode *child);
 355int fscrypt_context_for_new_inode(void *ctx, struct inode *inode);
 356int fscrypt_set_context(struct inode *inode, void *fs_data);
 357
 358struct fscrypt_dummy_policy {
 359	const union fscrypt_policy *policy;
 360};
 361
 362int fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
 363				    struct fscrypt_dummy_policy *dummy_policy);
 364bool fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
 365				  const struct fscrypt_dummy_policy *p2);
 366void fscrypt_show_test_dummy_encryption(struct seq_file *seq, char sep,
 367					struct super_block *sb);
 368static inline bool
 369fscrypt_is_dummy_policy_set(const struct fscrypt_dummy_policy *dummy_policy)
 370{
 371	return dummy_policy->policy != NULL;
 372}
 373static inline void
 374fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
 375{
 376	kfree(dummy_policy->policy);
 377	dummy_policy->policy = NULL;
 378}
 379
 380/* keyring.c */
 381void fscrypt_destroy_keyring(struct super_block *sb);
 382int fscrypt_ioctl_add_key(struct file *filp, void __user *arg);
 383int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg);
 384int fscrypt_ioctl_remove_key_all_users(struct file *filp, void __user *arg);
 385int fscrypt_ioctl_get_key_status(struct file *filp, void __user *arg);
 386
 387/* keysetup.c */
 388int fscrypt_prepare_new_inode(struct inode *dir, struct inode *inode,
 389			      bool *encrypt_ret);
 390void fscrypt_put_encryption_info(struct inode *inode);
 391void fscrypt_free_inode(struct inode *inode);
 392int fscrypt_drop_inode(struct inode *inode);
 393
 394/* fname.c */
 395int fscrypt_fname_encrypt(const struct inode *inode, const struct qstr *iname,
 396			  u8 *out, unsigned int olen);
 397bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
 398				  u32 max_len, u32 *encrypted_len_ret);
 399int fscrypt_setup_filename(struct inode *inode, const struct qstr *iname,
 400			   int lookup, struct fscrypt_name *fname);
 401
 402static inline void fscrypt_free_filename(struct fscrypt_name *fname)
 403{
 404	kfree(fname->crypto_buf.name);
 405}
 406
 407int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
 408			       struct fscrypt_str *crypto_str);
 409void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str);
 410int fscrypt_fname_disk_to_usr(const struct inode *inode,
 411			      u32 hash, u32 minor_hash,
 412			      const struct fscrypt_str *iname,
 413			      struct fscrypt_str *oname);
 414bool fscrypt_match_name(const struct fscrypt_name *fname,
 415			const u8 *de_name, u32 de_name_len);
 416u64 fscrypt_fname_siphash(const struct inode *dir, const struct qstr *name);
 417
 418/* bio.c */
 419bool fscrypt_decrypt_bio(struct bio *bio);
 420int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
 421			  sector_t pblk, unsigned int len);
 422
 423/* hooks.c */
 424int fscrypt_file_open(struct inode *inode, struct file *filp);
 425int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
 426			   struct dentry *dentry);
 427int __fscrypt_prepare_rename(struct inode *old_dir, struct dentry *old_dentry,
 428			     struct inode *new_dir, struct dentry *new_dentry,
 429			     unsigned int flags);
 430int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry,
 431			     struct fscrypt_name *fname);
 432int fscrypt_prepare_lookup_partial(struct inode *dir, struct dentry *dentry);
 433int __fscrypt_prepare_readdir(struct inode *dir);
 434int __fscrypt_prepare_setattr(struct dentry *dentry, struct iattr *attr);
 435int fscrypt_prepare_setflags(struct inode *inode,
 436			     unsigned int oldflags, unsigned int flags);
 437int fscrypt_prepare_symlink(struct inode *dir, const char *target,
 438			    unsigned int len, unsigned int max_len,
 439			    struct fscrypt_str *disk_link);
 440int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
 441			      unsigned int len, struct fscrypt_str *disk_link);
 442const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
 443				unsigned int max_size,
 444				struct delayed_call *done);
 445int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat);
 446static inline void fscrypt_set_ops(struct super_block *sb,
 447				   const struct fscrypt_operations *s_cop)
 448{
 449	sb->s_cop = s_cop;
 450}
 451#else  /* !CONFIG_FS_ENCRYPTION */
 452
 453static inline struct fscrypt_inode_info *
 454fscrypt_get_inode_info(const struct inode *inode)
 455{
 456	return NULL;
 457}
 458
 459static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
 460{
 461	return false;
 462}
 463
 464static inline void fscrypt_handle_d_move(struct dentry *dentry)
 465{
 466}
 467
 468static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
 469{
 470	return false;
 471}
 472
 473static inline void fscrypt_prepare_dentry(struct dentry *dentry,
 474					  bool is_nokey_name)
 475{
 476}
 477
 478/* crypto.c */
 479static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work)
 480{
 481}
 482
 483static inline struct page *fscrypt_encrypt_pagecache_blocks(struct page *page,
 484							    unsigned int len,
 485							    unsigned int offs,
 486							    gfp_t gfp_flags)
 487{
 488	return ERR_PTR(-EOPNOTSUPP);
 489}
 490
 491static inline int fscrypt_encrypt_block_inplace(const struct inode *inode,
 492						struct page *page,
 493						unsigned int len,
 494						unsigned int offs, u64 lblk_num,
 495						gfp_t gfp_flags)
 496{
 497	return -EOPNOTSUPP;
 498}
 499
 500static inline int fscrypt_decrypt_pagecache_blocks(struct folio *folio,
 501						   size_t len, size_t offs)
 502{
 503	return -EOPNOTSUPP;
 504}
 505
 506static inline int fscrypt_decrypt_block_inplace(const struct inode *inode,
 507						struct page *page,
 508						unsigned int len,
 509						unsigned int offs, u64 lblk_num)
 510{
 511	return -EOPNOTSUPP;
 512}
 513
 514static inline bool fscrypt_is_bounce_page(struct page *page)
 515{
 516	return false;
 517}
 518
 519static inline struct page *fscrypt_pagecache_page(struct page *bounce_page)
 520{
 521	WARN_ON_ONCE(1);
 522	return ERR_PTR(-EINVAL);
 523}
 524
 525static inline bool fscrypt_is_bounce_folio(struct folio *folio)
 526{
 527	return false;
 528}
 529
 530static inline struct folio *fscrypt_pagecache_folio(struct folio *bounce_folio)
 531{
 532	WARN_ON_ONCE(1);
 533	return ERR_PTR(-EINVAL);
 534}
 535
 536static inline void fscrypt_free_bounce_page(struct page *bounce_page)
 537{
 538}
 539
 540/* policy.c */
 541static inline int fscrypt_ioctl_set_policy(struct file *filp,
 542					   const void __user *arg)
 543{
 544	return -EOPNOTSUPP;
 545}
 546
 547static inline int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
 548{
 549	return -EOPNOTSUPP;
 550}
 551
 552static inline int fscrypt_ioctl_get_policy_ex(struct file *filp,
 553					      void __user *arg)
 554{
 555	return -EOPNOTSUPP;
 556}
 557
 558static inline int fscrypt_ioctl_get_nonce(struct file *filp, void __user *arg)
 559{
 560	return -EOPNOTSUPP;
 561}
 562
 563static inline int fscrypt_has_permitted_context(struct inode *parent,
 564						struct inode *child)
 565{
 566	return 0;
 567}
 568
 569static inline int fscrypt_set_context(struct inode *inode, void *fs_data)
 570{
 571	return -EOPNOTSUPP;
 572}
 573
 574struct fscrypt_dummy_policy {
 575};
 576
 577static inline int
 578fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
 579				    struct fscrypt_dummy_policy *dummy_policy)
 580{
 581	return -EINVAL;
 582}
 583
 584static inline bool
 585fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
 586			     const struct fscrypt_dummy_policy *p2)
 587{
 588	return true;
 589}
 590
 591static inline void fscrypt_show_test_dummy_encryption(struct seq_file *seq,
 592						      char sep,
 593						      struct super_block *sb)
 594{
 595}
 596
 597static inline bool
 598fscrypt_is_dummy_policy_set(const struct fscrypt_dummy_policy *dummy_policy)
 599{
 600	return false;
 601}
 602
 603static inline void
 604fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
 605{
 606}
 607
 608/* keyring.c */
 609static inline void fscrypt_destroy_keyring(struct super_block *sb)
 610{
 611}
 612
 613static inline int fscrypt_ioctl_add_key(struct file *filp, void __user *arg)
 614{
 615	return -EOPNOTSUPP;
 616}
 617
 618static inline int fscrypt_ioctl_remove_key(struct file *filp, void __user *arg)
 619{
 620	return -EOPNOTSUPP;
 621}
 622
 623static inline int fscrypt_ioctl_remove_key_all_users(struct file *filp,
 624						     void __user *arg)
 625{
 626	return -EOPNOTSUPP;
 627}
 628
 629static inline int fscrypt_ioctl_get_key_status(struct file *filp,
 630					       void __user *arg)
 631{
 632	return -EOPNOTSUPP;
 633}
 634
 635/* keysetup.c */
 636
 637static inline int fscrypt_prepare_new_inode(struct inode *dir,
 638					    struct inode *inode,
 639					    bool *encrypt_ret)
 640{
 641	if (IS_ENCRYPTED(dir))
 642		return -EOPNOTSUPP;
 643	return 0;
 644}
 645
 646static inline void fscrypt_put_encryption_info(struct inode *inode)
 647{
 648	return;
 649}
 650
 651static inline void fscrypt_free_inode(struct inode *inode)
 652{
 653}
 654
 655static inline int fscrypt_drop_inode(struct inode *inode)
 656{
 657	return 0;
 658}
 659
 660 /* fname.c */
 661static inline int fscrypt_setup_filename(struct inode *dir,
 662					 const struct qstr *iname,
 663					 int lookup, struct fscrypt_name *fname)
 664{
 665	if (IS_ENCRYPTED(dir))
 666		return -EOPNOTSUPP;
 667
 668	memset(fname, 0, sizeof(*fname));
 669	fname->usr_fname = iname;
 670	fname->disk_name.name = (unsigned char *)iname->name;
 671	fname->disk_name.len = iname->len;
 672	return 0;
 673}
 674
 675static inline void fscrypt_free_filename(struct fscrypt_name *fname)
 676{
 677	return;
 678}
 679
 680static inline int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
 681					     struct fscrypt_str *crypto_str)
 682{
 683	return -EOPNOTSUPP;
 684}
 685
 686static inline void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
 687{
 688	return;
 689}
 690
 691static inline int fscrypt_fname_disk_to_usr(const struct inode *inode,
 692					    u32 hash, u32 minor_hash,
 693					    const struct fscrypt_str *iname,
 694					    struct fscrypt_str *oname)
 695{
 696	return -EOPNOTSUPP;
 697}
 698
 699static inline bool fscrypt_match_name(const struct fscrypt_name *fname,
 700				      const u8 *de_name, u32 de_name_len)
 701{
 702	/* Encryption support disabled; use standard comparison */
 703	if (de_name_len != fname->disk_name.len)
 704		return false;
 705	return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len);
 706}
 707
 708static inline u64 fscrypt_fname_siphash(const struct inode *dir,
 709					const struct qstr *name)
 710{
 711	WARN_ON_ONCE(1);
 712	return 0;
 713}
 714
 715static inline int fscrypt_d_revalidate(struct inode *dir, const struct qstr *name,
 716				       struct dentry *dentry, unsigned int flags)
 717{
 718	return 1;
 719}
 720
 721/* bio.c */
 722static inline bool fscrypt_decrypt_bio(struct bio *bio)
 723{
 724	return true;
 725}
 726
 727static inline int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
 728					sector_t pblk, unsigned int len)
 729{
 730	return -EOPNOTSUPP;
 731}
 732
 733/* hooks.c */
 734
 735static inline int fscrypt_file_open(struct inode *inode, struct file *filp)
 736{
 737	if (IS_ENCRYPTED(inode))
 738		return -EOPNOTSUPP;
 739	return 0;
 740}
 741
 742static inline int __fscrypt_prepare_link(struct inode *inode, struct inode *dir,
 743					 struct dentry *dentry)
 744{
 745	return -EOPNOTSUPP;
 746}
 747
 748static inline int __fscrypt_prepare_rename(struct inode *old_dir,
 749					   struct dentry *old_dentry,
 750					   struct inode *new_dir,
 751					   struct dentry *new_dentry,
 752					   unsigned int flags)
 753{
 754	return -EOPNOTSUPP;
 755}
 756
 757static inline int __fscrypt_prepare_lookup(struct inode *dir,
 758					   struct dentry *dentry,
 759					   struct fscrypt_name *fname)
 760{
 761	return -EOPNOTSUPP;
 762}
 763
 764static inline int fscrypt_prepare_lookup_partial(struct inode *dir,
 765						 struct dentry *dentry)
 766{
 767	return -EOPNOTSUPP;
 768}
 769
 770static inline int __fscrypt_prepare_readdir(struct inode *dir)
 771{
 772	return -EOPNOTSUPP;
 773}
 774
 775static inline int __fscrypt_prepare_setattr(struct dentry *dentry,
 776					    struct iattr *attr)
 777{
 778	return -EOPNOTSUPP;
 779}
 780
 781static inline int fscrypt_prepare_setflags(struct inode *inode,
 782					   unsigned int oldflags,
 783					   unsigned int flags)
 784{
 785	return 0;
 786}
 787
 788static inline int fscrypt_prepare_symlink(struct inode *dir,
 789					  const char *target,
 790					  unsigned int len,
 791					  unsigned int max_len,
 792					  struct fscrypt_str *disk_link)
 793{
 794	if (IS_ENCRYPTED(dir))
 795		return -EOPNOTSUPP;
 796	disk_link->name = (unsigned char *)target;
 797	disk_link->len = len + 1;
 798	if (disk_link->len > max_len)
 799		return -ENAMETOOLONG;
 800	return 0;
 801}
 802
 803static inline int __fscrypt_encrypt_symlink(struct inode *inode,
 804					    const char *target,
 805					    unsigned int len,
 806					    struct fscrypt_str *disk_link)
 807{
 808	return -EOPNOTSUPP;
 809}
 810
 811static inline const char *fscrypt_get_symlink(struct inode *inode,
 812					      const void *caddr,
 813					      unsigned int max_size,
 814					      struct delayed_call *done)
 815{
 816	return ERR_PTR(-EOPNOTSUPP);
 817}
 818
 819static inline int fscrypt_symlink_getattr(const struct path *path,
 820					  struct kstat *stat)
 821{
 822	return -EOPNOTSUPP;
 823}
 824
 825static inline void fscrypt_set_ops(struct super_block *sb,
 826				   const struct fscrypt_operations *s_cop)
 827{
 828}
 829
 830#endif	/* !CONFIG_FS_ENCRYPTION */
 831
 832/* inline_crypt.c */
 833#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
 834
 835bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode);
 836
 837void fscrypt_set_bio_crypt_ctx(struct bio *bio,
 838			       const struct inode *inode, u64 first_lblk,
 839			       gfp_t gfp_mask);
 840
 841void fscrypt_set_bio_crypt_ctx_bh(struct bio *bio,
 842				  const struct buffer_head *first_bh,
 843				  gfp_t gfp_mask);
 844
 845bool fscrypt_mergeable_bio(struct bio *bio, const struct inode *inode,
 846			   u64 next_lblk);
 847
 848bool fscrypt_mergeable_bio_bh(struct bio *bio,
 849			      const struct buffer_head *next_bh);
 850
 851bool fscrypt_dio_supported(struct inode *inode);
 852
 853u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk, u64 nr_blocks);
 854
 855#else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
 856
 857static inline bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode)
 858{
 859	return false;
 860}
 861
 862static inline void fscrypt_set_bio_crypt_ctx(struct bio *bio,
 863					     const struct inode *inode,
 864					     u64 first_lblk, gfp_t gfp_mask) { }
 865
 866static inline void fscrypt_set_bio_crypt_ctx_bh(
 867					 struct bio *bio,
 868					 const struct buffer_head *first_bh,
 869					 gfp_t gfp_mask) { }
 870
 871static inline bool fscrypt_mergeable_bio(struct bio *bio,
 872					 const struct inode *inode,
 873					 u64 next_lblk)
 874{
 875	return true;
 876}
 877
 878static inline bool fscrypt_mergeable_bio_bh(struct bio *bio,
 879					    const struct buffer_head *next_bh)
 880{
 881	return true;
 882}
 883
 884static inline bool fscrypt_dio_supported(struct inode *inode)
 885{
 886	return !fscrypt_needs_contents_encryption(inode);
 887}
 888
 889static inline u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk,
 890					  u64 nr_blocks)
 891{
 892	return nr_blocks;
 893}
 894#endif /* !CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
 895
 896/**
 897 * fscrypt_inode_uses_inline_crypto() - test whether an inode uses inline
 898 *					encryption
 899 * @inode: an inode. If encrypted, its key must be set up.
 900 *
 901 * Return: true if the inode requires file contents encryption and if the
 902 *	   encryption should be done in the block layer via blk-crypto rather
 903 *	   than in the filesystem layer.
 904 */
 905static inline bool fscrypt_inode_uses_inline_crypto(const struct inode *inode)
 906{
 907	return fscrypt_needs_contents_encryption(inode) &&
 908	       __fscrypt_inode_uses_inline_crypto(inode);
 909}
 910
 911/**
 912 * fscrypt_inode_uses_fs_layer_crypto() - test whether an inode uses fs-layer
 913 *					  encryption
 914 * @inode: an inode. If encrypted, its key must be set up.
 915 *
 916 * Return: true if the inode requires file contents encryption and if the
 917 *	   encryption should be done in the filesystem layer rather than in the
 918 *	   block layer via blk-crypto.
 919 */
 920static inline bool fscrypt_inode_uses_fs_layer_crypto(const struct inode *inode)
 921{
 922	return fscrypt_needs_contents_encryption(inode) &&
 923	       !__fscrypt_inode_uses_inline_crypto(inode);
 924}
 925
 926/**
 927 * fscrypt_has_encryption_key() - check whether an inode has had its key set up
 928 * @inode: the inode to check
 929 *
 930 * Return: %true if the inode has had its encryption key set up, else %false.
 931 *
 932 * Usually this should be preceded by fscrypt_get_encryption_info() to try to
 933 * set up the key first.
 934 */
 935static inline bool fscrypt_has_encryption_key(const struct inode *inode)
 936{
 937	return fscrypt_get_inode_info(inode) != NULL;
 938}
 939
 940/**
 941 * fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
 942 *			    directory
 943 * @old_dentry: an existing dentry for the inode being linked
 944 * @dir: the target directory
 945 * @dentry: negative dentry for the target filename
 946 *
 947 * A new link can only be added to an encrypted directory if the directory's
 948 * encryption key is available --- since otherwise we'd have no way to encrypt
 949 * the filename.
 950 *
 951 * We also verify that the link will not violate the constraint that all files
 952 * in an encrypted directory tree use the same encryption policy.
 953 *
 954 * Return: 0 on success, -ENOKEY if the directory's encryption key is missing,
 955 * -EXDEV if the link would result in an inconsistent encryption policy, or
 956 * another -errno code.
 957 */
 958static inline int fscrypt_prepare_link(struct dentry *old_dentry,
 959				       struct inode *dir,
 960				       struct dentry *dentry)
 961{
 962	if (IS_ENCRYPTED(dir))
 963		return __fscrypt_prepare_link(d_inode(old_dentry), dir, dentry);
 964	return 0;
 965}
 966
 967/**
 968 * fscrypt_prepare_rename() - prepare for a rename between possibly-encrypted
 969 *			      directories
 970 * @old_dir: source directory
 971 * @old_dentry: dentry for source file
 972 * @new_dir: target directory
 973 * @new_dentry: dentry for target location (may be negative unless exchanging)
 974 * @flags: rename flags (we care at least about %RENAME_EXCHANGE)
 975 *
 976 * Prepare for ->rename() where the source and/or target directories may be
 977 * encrypted.  A new link can only be added to an encrypted directory if the
 978 * directory's encryption key is available --- since otherwise we'd have no way
 979 * to encrypt the filename.  A rename to an existing name, on the other hand,
 980 * *is* cryptographically possible without the key.  However, we take the more
 981 * conservative approach and just forbid all no-key renames.
 982 *
 983 * We also verify that the rename will not violate the constraint that all files
 984 * in an encrypted directory tree use the same encryption policy.
 985 *
 986 * Return: 0 on success, -ENOKEY if an encryption key is missing, -EXDEV if the
 987 * rename would cause inconsistent encryption policies, or another -errno code.
 988 */
 989static inline int fscrypt_prepare_rename(struct inode *old_dir,
 990					 struct dentry *old_dentry,
 991					 struct inode *new_dir,
 992					 struct dentry *new_dentry,
 993					 unsigned int flags)
 994{
 995	if (IS_ENCRYPTED(old_dir) || IS_ENCRYPTED(new_dir))
 996		return __fscrypt_prepare_rename(old_dir, old_dentry,
 997						new_dir, new_dentry, flags);
 998	return 0;
 999}
1000
1001/**
1002 * fscrypt_prepare_lookup() - prepare to lookup a name in a possibly-encrypted
1003 *			      directory
1004 * @dir: directory being searched
1005 * @dentry: filename being looked up
1006 * @fname: (output) the name to use to search the on-disk directory
1007 *
1008 * Prepare for ->lookup() in a directory which may be encrypted by determining
1009 * the name that will actually be used to search the directory on-disk.  If the
1010 * directory's encryption policy is supported by this kernel and its encryption
1011 * key is available, then the lookup is assumed to be by plaintext name;
1012 * otherwise, it is assumed to be by no-key name.
1013 *
1014 * This will set DCACHE_NOKEY_NAME on the dentry if the lookup is by no-key
1015 * name.  In this case the filesystem must assign the dentry a dentry_operations
1016 * which contains fscrypt_d_revalidate (or contains a d_revalidate method that
1017 * calls fscrypt_d_revalidate), so that the dentry will be invalidated if the
1018 * directory's encryption key is later added.
1019 *
1020 * Return: 0 on success; -ENOENT if the directory's key is unavailable but the
1021 * filename isn't a valid no-key name, so a negative dentry should be created;
1022 * or another -errno code.
1023 */
1024static inline int fscrypt_prepare_lookup(struct inode *dir,
1025					 struct dentry *dentry,
1026					 struct fscrypt_name *fname)
1027{
1028	if (IS_ENCRYPTED(dir))
1029		return __fscrypt_prepare_lookup(dir, dentry, fname);
1030
1031	memset(fname, 0, sizeof(*fname));
1032	fname->usr_fname = &dentry->d_name;
1033	fname->disk_name.name = (unsigned char *)dentry->d_name.name;
1034	fname->disk_name.len = dentry->d_name.len;
1035
1036	fscrypt_prepare_dentry(dentry, false);
1037
1038	return 0;
1039}
1040
1041/**
1042 * fscrypt_prepare_readdir() - prepare to read a possibly-encrypted directory
1043 * @dir: the directory inode
1044 *
1045 * If the directory is encrypted and it doesn't already have its encryption key
1046 * set up, try to set it up so that the filenames will be listed in plaintext
1047 * form rather than in no-key form.
1048 *
1049 * Return: 0 on success; -errno on error.  Note that the encryption key being
1050 *	   unavailable is not considered an error.  It is also not an error if
1051 *	   the encryption policy is unsupported by this kernel; that is treated
1052 *	   like the key being unavailable, so that files can still be deleted.
1053 */
1054static inline int fscrypt_prepare_readdir(struct inode *dir)
1055{
1056	if (IS_ENCRYPTED(dir))
1057		return __fscrypt_prepare_readdir(dir);
1058	return 0;
1059}
1060
1061/**
1062 * fscrypt_prepare_setattr() - prepare to change a possibly-encrypted inode's
1063 *			       attributes
1064 * @dentry: dentry through which the inode is being changed
1065 * @attr: attributes to change
1066 *
1067 * Prepare for ->setattr() on a possibly-encrypted inode.  On an encrypted file,
1068 * most attribute changes are allowed even without the encryption key.  However,
1069 * without the encryption key we do have to forbid truncates.  This is needed
1070 * because the size being truncated to may not be a multiple of the filesystem
1071 * block size, and in that case we'd have to decrypt the final block, zero the
1072 * portion past i_size, and re-encrypt it.  (We *could* allow truncating to a
1073 * filesystem block boundary, but it's simpler to just forbid all truncates ---
1074 * and we already forbid all other contents modifications without the key.)
1075 *
1076 * Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
1077 * if a problem occurred while setting up the encryption key.
1078 */
1079static inline int fscrypt_prepare_setattr(struct dentry *dentry,
1080					  struct iattr *attr)
1081{
1082	if (IS_ENCRYPTED(d_inode(dentry)))
1083		return __fscrypt_prepare_setattr(dentry, attr);
1084	return 0;
1085}
1086
1087/**
1088 * fscrypt_encrypt_symlink() - encrypt the symlink target if needed
1089 * @inode: symlink inode
1090 * @target: plaintext symlink target
1091 * @len: length of @target excluding null terminator
1092 * @disk_link: (in/out) the on-disk symlink target being prepared
1093 *
1094 * If the symlink target needs to be encrypted, then this function encrypts it
1095 * into @disk_link->name.  fscrypt_prepare_symlink() must have been called
1096 * previously to compute @disk_link->len.  If the filesystem did not allocate a
1097 * buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
1098 * will be kmalloc()'ed and the filesystem will be responsible for freeing it.
1099 *
1100 * Return: 0 on success, -errno on failure
1101 */
1102static inline int fscrypt_encrypt_symlink(struct inode *inode,
1103					  const char *target,
1104					  unsigned int len,
1105					  struct fscrypt_str *disk_link)
1106{
1107	if (IS_ENCRYPTED(inode))
1108		return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
1109	return 0;
1110}
1111
1112/* If *pagep is a bounce page, free it and set *pagep to the pagecache page */
1113static inline void fscrypt_finalize_bounce_page(struct page **pagep)
1114{
1115	struct page *page = *pagep;
1116
1117	if (fscrypt_is_bounce_page(page)) {
1118		*pagep = fscrypt_pagecache_page(page);
1119		fscrypt_free_bounce_page(page);
1120	}
1121}
1122
1123#endif	/* _LINUX_FSCRYPT_H */