Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
Merge tag 'for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 fixes from Ted Ts'o:
"Some miscellaneous bug fixes and some final on-disk and ABI changes
for ext4 encryption which provide better security and performance"
* tag 'for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
ext4: fix growing of tiny filesystems
ext4: move check under lock scope to close a race.
ext4: fix data corruption caused by unwritten and delayed extents
ext4 crypto: remove duplicated encryption mode definitions
ext4 crypto: do not select from EXT4_FS_ENCRYPTION
ext4 crypto: add padding to filenames before encrypting
ext4 crypto: simplify and speed up filename encryption
+7
-2
fs/ext4/Kconfig
+7
-2
fs/ext4/Kconfig
···
64
If you are not using a security module that requires using
65
extended attributes for file security labels, say N.
66
67
-
config EXT4_FS_ENCRYPTION
68
-
bool "Ext4 Encryption"
69
depends on EXT4_FS
70
select CRYPTO_AES
71
select CRYPTO_CBC
···
80
feature is similar to ecryptfs, but it is more memory
81
efficient since it avoids caching the encrypted and
82
decrypted pages in the page cache.
83
84
config EXT4_DEBUG
85
bool "EXT4 debugging support"
···
64
If you are not using a security module that requires using
65
extended attributes for file security labels, say N.
66
67
+
config EXT4_ENCRYPTION
68
+
tristate "Ext4 Encryption"
69
depends on EXT4_FS
70
select CRYPTO_AES
71
select CRYPTO_CBC
···
80
feature is similar to ecryptfs, but it is more memory
81
efficient since it avoids caching the encrypted and
82
decrypted pages in the page cache.
83
+
84
+
config EXT4_FS_ENCRYPTION
85
+
bool
86
+
default y
87
+
depends on EXT4_ENCRYPTION
88
89
config EXT4_DEBUG
90
bool "EXT4 debugging support"
+143
-133
fs/ext4/crypto_fname.c
+143
-133
fs/ext4/crypto_fname.c
···
66
int res = 0;
67
char iv[EXT4_CRYPTO_BLOCK_SIZE];
68
struct scatterlist sg[1];
69
char *workbuf;
70
71
if (iname->len <= 0 || iname->len > ctx->lim)
···
74
75
ciphertext_len = (iname->len < EXT4_CRYPTO_BLOCK_SIZE) ?
76
EXT4_CRYPTO_BLOCK_SIZE : iname->len;
77
ciphertext_len = (ciphertext_len > ctx->lim)
78
? ctx->lim : ciphertext_len;
79
···
103
/* Create encryption request */
104
sg_init_table(sg, 1);
105
sg_set_page(sg, ctx->workpage, PAGE_SIZE, 0);
106
-
ablkcipher_request_set_crypt(req, sg, sg, iname->len, iv);
107
res = crypto_ablkcipher_encrypt(req);
108
if (res == -EINPROGRESS || res == -EBUSY) {
109
BUG_ON(req->base.data != &ecr);
···
200
return oname->len;
201
}
202
203
/**
204
* ext4_fname_encode_digest() -
205
*
206
* Encodes the input digest using characters from the set [a-zA-Z0-9_+].
207
* The encoded string is roughly 4/3 times the size of the input string.
208
*/
209
-
int ext4_fname_encode_digest(char *dst, char *src, u32 len)
210
{
211
-
static const char *lookup_table =
212
-
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_+";
213
-
u32 current_chunk, num_chunks, i;
214
-
char tmp_buf[3];
215
-
u32 c0, c1, c2, c3;
216
217
-
current_chunk = 0;
218
-
num_chunks = len/3;
219
-
for (i = 0; i < num_chunks; i++) {
220
-
c0 = src[3*i] & 0x3f;
221
-
c1 = (((src[3*i]>>6)&0x3) | ((src[3*i+1] & 0xf)<<2)) & 0x3f;
222
-
c2 = (((src[3*i+1]>>4)&0xf) | ((src[3*i+2] & 0x3)<<4)) & 0x3f;
223
-
c3 = (src[3*i+2]>>2) & 0x3f;
224
-
dst[4*i] = lookup_table[c0];
225
-
dst[4*i+1] = lookup_table[c1];
226
-
dst[4*i+2] = lookup_table[c2];
227
-
dst[4*i+3] = lookup_table[c3];
228
-
}
229
-
if (i*3 < len) {
230
-
memset(tmp_buf, 0, 3);
231
-
memcpy(tmp_buf, &src[3*i], len-3*i);
232
-
c0 = tmp_buf[0] & 0x3f;
233
-
c1 = (((tmp_buf[0]>>6)&0x3) | ((tmp_buf[1] & 0xf)<<2)) & 0x3f;
234
-
c2 = (((tmp_buf[1]>>4)&0xf) | ((tmp_buf[2] & 0x3)<<4)) & 0x3f;
235
-
c3 = (tmp_buf[2]>>2) & 0x3f;
236
-
dst[4*i] = lookup_table[c0];
237
-
dst[4*i+1] = lookup_table[c1];
238
-
dst[4*i+2] = lookup_table[c2];
239
-
dst[4*i+3] = lookup_table[c3];
240
i++;
241
}
242
-
return (i * 4);
243
}
244
245
-
/**
246
-
* ext4_fname_hash() -
247
-
*
248
-
* This function computes the hash of the input filename, and sets the output
249
-
* buffer to the *encoded* digest. It returns the length of the digest as its
250
-
* return value. Errors are returned as negative numbers. We trust the caller
251
-
* to allocate sufficient memory to oname string.
252
-
*/
253
-
static int ext4_fname_hash(struct ext4_fname_crypto_ctx *ctx,
254
-
const struct ext4_str *iname,
255
-
struct ext4_str *oname)
256
{
257
-
struct scatterlist sg;
258
-
struct hash_desc desc = {
259
-
.tfm = (struct crypto_hash *)ctx->htfm,
260
-
.flags = CRYPTO_TFM_REQ_MAY_SLEEP
261
-
};
262
-
int res = 0;
263
264
-
if (iname->len <= EXT4_FNAME_CRYPTO_DIGEST_SIZE) {
265
-
res = ext4_fname_encode_digest(oname->name, iname->name,
266
-
iname->len);
267
-
oname->len = res;
268
-
return res;
269
}
270
-
271
-
sg_init_one(&sg, iname->name, iname->len);
272
-
res = crypto_hash_init(&desc);
273
-
if (res) {
274
-
printk(KERN_ERR
275
-
"%s: Error initializing crypto hash; res = [%d]\n",
276
-
__func__, res);
277
-
goto out;
278
-
}
279
-
res = crypto_hash_update(&desc, &sg, iname->len);
280
-
if (res) {
281
-
printk(KERN_ERR
282
-
"%s: Error updating crypto hash; res = [%d]\n",
283
-
__func__, res);
284
-
goto out;
285
-
}
286
-
res = crypto_hash_final(&desc,
287
-
&oname->name[EXT4_FNAME_CRYPTO_DIGEST_SIZE]);
288
-
if (res) {
289
-
printk(KERN_ERR
290
-
"%s: Error finalizing crypto hash; res = [%d]\n",
291
-
__func__, res);
292
-
goto out;
293
-
}
294
-
/* Encode the digest as a printable string--this will increase the
295
-
* size of the digest */
296
-
oname->name[0] = 'I';
297
-
res = ext4_fname_encode_digest(oname->name+1,
298
-
&oname->name[EXT4_FNAME_CRYPTO_DIGEST_SIZE],
299
-
EXT4_FNAME_CRYPTO_DIGEST_SIZE) + 1;
300
-
oname->len = res;
301
-
out:
302
-
return res;
303
}
304
305
/**
···
358
if (IS_ERR(ctx))
359
return ctx;
360
361
if (ctx->has_valid_key) {
362
if (ctx->key.mode != EXT4_ENCRYPTION_MODE_AES_256_CTS) {
363
printk_once(KERN_WARNING
···
471
u32 namelen)
472
{
473
u32 ciphertext_len;
474
475
if (ctx == NULL)
476
return -EIO;
···
479
return -EACCES;
480
ciphertext_len = (namelen < EXT4_CRYPTO_BLOCK_SIZE) ?
481
EXT4_CRYPTO_BLOCK_SIZE : namelen;
482
ciphertext_len = (ciphertext_len > ctx->lim)
483
? ctx->lim : ciphertext_len;
484
return (int) ciphertext_len;
···
495
u32 ilen, struct ext4_str *crypto_str)
496
{
497
unsigned int olen;
498
499
if (!ctx)
500
return -EIO;
501
-
olen = ext4_fname_crypto_round_up(ilen, EXT4_CRYPTO_BLOCK_SIZE);
502
crypto_str->len = olen;
503
if (olen < EXT4_FNAME_CRYPTO_DIGEST_SIZE*2)
504
olen = EXT4_FNAME_CRYPTO_DIGEST_SIZE*2;
···
530
* ext4_fname_disk_to_usr() - converts a filename from disk space to user space
531
*/
532
int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
533
-
const struct ext4_str *iname,
534
-
struct ext4_str *oname)
535
{
536
if (ctx == NULL)
537
return -EIO;
538
if (iname->len < 3) {
···
550
}
551
if (ctx->has_valid_key)
552
return ext4_fname_decrypt(ctx, iname, oname);
553
-
else
554
-
return ext4_fname_hash(ctx, iname, oname);
555
}
556
557
int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
558
const struct ext4_dir_entry_2 *de,
559
struct ext4_str *oname)
560
{
561
struct ext4_str iname = {.name = (unsigned char *) de->name,
562
.len = de->name_len };
563
564
-
return _ext4_fname_disk_to_usr(ctx, &iname, oname);
565
}
566
567
···
618
const struct qstr *iname,
619
struct dx_hash_info *hinfo)
620
{
621
-
struct ext4_str tmp, tmp2;
622
int ret = 0;
623
624
-
if (!ctx || !ctx->has_valid_key ||
625
((iname->name[0] == '.') &&
626
((iname->len == 1) ||
627
((iname->name[1] == '.') && (iname->len == 2))))) {
628
ext4fs_dirhash(iname->name, iname->len, hinfo);
629
return 0;
630
}
631
···
655
return ret;
656
657
ret = ext4_fname_encrypt(ctx, iname, &tmp);
658
-
if (ret < 0)
659
-
goto out;
660
-
661
-
tmp2.len = (4 * ((EXT4_FNAME_CRYPTO_DIGEST_SIZE + 2) / 3)) + 1;
662
-
tmp2.name = kmalloc(tmp2.len + 1, GFP_KERNEL);
663
-
if (tmp2.name == NULL) {
664
-
ret = -ENOMEM;
665
-
goto out;
666
}
667
668
-
ret = ext4_fname_hash(ctx, &tmp, &tmp2);
669
-
if (ret > 0)
670
-
ext4fs_dirhash(tmp2.name, tmp2.len, hinfo);
671
-
ext4_fname_crypto_free_buffer(&tmp2);
672
-
out:
673
ext4_fname_crypto_free_buffer(&tmp);
674
return ret;
675
}
676
677
-
/**
678
-
* ext4_fname_disk_to_htree() - converts a filename from disk space to htree-access string
679
-
*/
680
-
int ext4_fname_disk_to_hash(struct ext4_fname_crypto_ctx *ctx,
681
-
const struct ext4_dir_entry_2 *de,
682
-
struct dx_hash_info *hinfo)
683
{
684
-
struct ext4_str iname = {.name = (unsigned char *) de->name,
685
-
.len = de->name_len};
686
-
struct ext4_str tmp;
687
-
int ret;
688
689
-
if (!ctx ||
690
-
((iname.name[0] == '.') &&
691
-
((iname.len == 1) ||
692
-
((iname.name[1] == '.') && (iname.len == 2))))) {
693
-
ext4fs_dirhash(iname.name, iname.len, hinfo);
694
-
return 0;
695
}
696
-
697
-
tmp.len = (4 * ((EXT4_FNAME_CRYPTO_DIGEST_SIZE + 2) / 3)) + 1;
698
-
tmp.name = kmalloc(tmp.len + 1, GFP_KERNEL);
699
-
if (tmp.name == NULL)
700
-
return -ENOMEM;
701
-
702
-
ret = ext4_fname_hash(ctx, &iname, &tmp);
703
-
if (ret > 0)
704
-
ext4fs_dirhash(tmp.name, tmp.len, hinfo);
705
-
ext4_fname_crypto_free_buffer(&tmp);
706
return ret;
707
}
···
66
int res = 0;
67
char iv[EXT4_CRYPTO_BLOCK_SIZE];
68
struct scatterlist sg[1];
69
+
int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
70
char *workbuf;
71
72
if (iname->len <= 0 || iname->len > ctx->lim)
···
73
74
ciphertext_len = (iname->len < EXT4_CRYPTO_BLOCK_SIZE) ?
75
EXT4_CRYPTO_BLOCK_SIZE : iname->len;
76
+
ciphertext_len = ext4_fname_crypto_round_up(ciphertext_len, padding);
77
ciphertext_len = (ciphertext_len > ctx->lim)
78
? ctx->lim : ciphertext_len;
79
···
101
/* Create encryption request */
102
sg_init_table(sg, 1);
103
sg_set_page(sg, ctx->workpage, PAGE_SIZE, 0);
104
+
ablkcipher_request_set_crypt(req, sg, sg, ciphertext_len, iv);
105
res = crypto_ablkcipher_encrypt(req);
106
if (res == -EINPROGRESS || res == -EBUSY) {
107
BUG_ON(req->base.data != &ecr);
···
198
return oname->len;
199
}
200
201
+
static const char *lookup_table =
202
+
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+,";
203
+
204
/**
205
* ext4_fname_encode_digest() -
206
*
207
* Encodes the input digest using characters from the set [a-zA-Z0-9_+].
208
* The encoded string is roughly 4/3 times the size of the input string.
209
*/
210
+
static int digest_encode(const char *src, int len, char *dst)
211
{
212
+
int i = 0, bits = 0, ac = 0;
213
+
char *cp = dst;
214
215
+
while (i < len) {
216
+
ac += (((unsigned char) src[i]) << bits);
217
+
bits += 8;
218
+
do {
219
+
*cp++ = lookup_table[ac & 0x3f];
220
+
ac >>= 6;
221
+
bits -= 6;
222
+
} while (bits >= 6);
223
i++;
224
}
225
+
if (bits)
226
+
*cp++ = lookup_table[ac & 0x3f];
227
+
return cp - dst;
228
}
229
230
+
static int digest_decode(const char *src, int len, char *dst)
231
{
232
+
int i = 0, bits = 0, ac = 0;
233
+
const char *p;
234
+
char *cp = dst;
235
236
+
while (i < len) {
237
+
p = strchr(lookup_table, src[i]);
238
+
if (p == NULL || src[i] == 0)
239
+
return -2;
240
+
ac += (p - lookup_table) << bits;
241
+
bits += 6;
242
+
if (bits >= 8) {
243
+
*cp++ = ac & 0xff;
244
+
ac >>= 8;
245
+
bits -= 8;
246
+
}
247
+
i++;
248
}
249
+
if (ac)
250
+
return -1;
251
+
return cp - dst;
252
}
253
254
/**
···
405
if (IS_ERR(ctx))
406
return ctx;
407
408
+
ctx->flags = ei->i_crypt_policy_flags;
409
if (ctx->has_valid_key) {
410
if (ctx->key.mode != EXT4_ENCRYPTION_MODE_AES_256_CTS) {
411
printk_once(KERN_WARNING
···
517
u32 namelen)
518
{
519
u32 ciphertext_len;
520
+
int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
521
522
if (ctx == NULL)
523
return -EIO;
···
524
return -EACCES;
525
ciphertext_len = (namelen < EXT4_CRYPTO_BLOCK_SIZE) ?
526
EXT4_CRYPTO_BLOCK_SIZE : namelen;
527
+
ciphertext_len = ext4_fname_crypto_round_up(ciphertext_len, padding);
528
ciphertext_len = (ciphertext_len > ctx->lim)
529
? ctx->lim : ciphertext_len;
530
return (int) ciphertext_len;
···
539
u32 ilen, struct ext4_str *crypto_str)
540
{
541
unsigned int olen;
542
+
int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
543
544
if (!ctx)
545
return -EIO;
546
+
if (padding < EXT4_CRYPTO_BLOCK_SIZE)
547
+
padding = EXT4_CRYPTO_BLOCK_SIZE;
548
+
olen = ext4_fname_crypto_round_up(ilen, padding);
549
crypto_str->len = olen;
550
if (olen < EXT4_FNAME_CRYPTO_DIGEST_SIZE*2)
551
olen = EXT4_FNAME_CRYPTO_DIGEST_SIZE*2;
···
571
* ext4_fname_disk_to_usr() - converts a filename from disk space to user space
572
*/
573
int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
574
+
struct dx_hash_info *hinfo,
575
+
const struct ext4_str *iname,
576
+
struct ext4_str *oname)
577
{
578
+
char buf[24];
579
+
int ret;
580
+
581
if (ctx == NULL)
582
return -EIO;
583
if (iname->len < 3) {
···
587
}
588
if (ctx->has_valid_key)
589
return ext4_fname_decrypt(ctx, iname, oname);
590
+
591
+
if (iname->len <= EXT4_FNAME_CRYPTO_DIGEST_SIZE) {
592
+
ret = digest_encode(iname->name, iname->len, oname->name);
593
+
oname->len = ret;
594
+
return ret;
595
+
}
596
+
if (hinfo) {
597
+
memcpy(buf, &hinfo->hash, 4);
598
+
memcpy(buf+4, &hinfo->minor_hash, 4);
599
+
} else
600
+
memset(buf, 0, 8);
601
+
memcpy(buf + 8, iname->name + iname->len - 16, 16);
602
+
oname->name[0] = '_';
603
+
ret = digest_encode(buf, 24, oname->name+1);
604
+
oname->len = ret + 1;
605
+
return ret + 1;
606
}
607
608
int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
609
+
struct dx_hash_info *hinfo,
610
const struct ext4_dir_entry_2 *de,
611
struct ext4_str *oname)
612
{
613
struct ext4_str iname = {.name = (unsigned char *) de->name,
614
.len = de->name_len };
615
616
+
return _ext4_fname_disk_to_usr(ctx, hinfo, &iname, oname);
617
}
618
619
···
640
const struct qstr *iname,
641
struct dx_hash_info *hinfo)
642
{
643
+
struct ext4_str tmp;
644
int ret = 0;
645
+
char buf[EXT4_FNAME_CRYPTO_DIGEST_SIZE+1];
646
647
+
if (!ctx ||
648
((iname->name[0] == '.') &&
649
((iname->len == 1) ||
650
((iname->name[1] == '.') && (iname->len == 2))))) {
651
ext4fs_dirhash(iname->name, iname->len, hinfo);
652
+
return 0;
653
+
}
654
+
655
+
if (!ctx->has_valid_key && iname->name[0] == '_') {
656
+
if (iname->len != 33)
657
+
return -ENOENT;
658
+
ret = digest_decode(iname->name+1, iname->len, buf);
659
+
if (ret != 24)
660
+
return -ENOENT;
661
+
memcpy(&hinfo->hash, buf, 4);
662
+
memcpy(&hinfo->minor_hash, buf + 4, 4);
663
+
return 0;
664
+
}
665
+
666
+
if (!ctx->has_valid_key && iname->name[0] != '_') {
667
+
if (iname->len > 43)
668
+
return -ENOENT;
669
+
ret = digest_decode(iname->name, iname->len, buf);
670
+
ext4fs_dirhash(buf, ret, hinfo);
671
return 0;
672
}
673
···
657
return ret;
658
659
ret = ext4_fname_encrypt(ctx, iname, &tmp);
660
+
if (ret >= 0) {
661
+
ext4fs_dirhash(tmp.name, tmp.len, hinfo);
662
+
ret = 0;
663
}
664
665
ext4_fname_crypto_free_buffer(&tmp);
666
return ret;
667
}
668
669
+
int ext4_fname_match(struct ext4_fname_crypto_ctx *ctx, struct ext4_str *cstr,
670
+
int len, const char * const name,
671
+
struct ext4_dir_entry_2 *de)
672
{
673
+
int ret = -ENOENT;
674
+
int bigname = (*name == '_');
675
676
+
if (ctx->has_valid_key) {
677
+
if (cstr->name == NULL) {
678
+
struct qstr istr;
679
+
680
+
ret = ext4_fname_crypto_alloc_buffer(ctx, len, cstr);
681
+
if (ret < 0)
682
+
goto errout;
683
+
istr.name = name;
684
+
istr.len = len;
685
+
ret = ext4_fname_encrypt(ctx, &istr, cstr);
686
+
if (ret < 0)
687
+
goto errout;
688
+
}
689
+
} else {
690
+
if (cstr->name == NULL) {
691
+
cstr->name = kmalloc(32, GFP_KERNEL);
692
+
if (cstr->name == NULL)
693
+
return -ENOMEM;
694
+
if ((bigname && (len != 33)) ||
695
+
(!bigname && (len > 43)))
696
+
goto errout;
697
+
ret = digest_decode(name+bigname, len-bigname,
698
+
cstr->name);
699
+
if (ret < 0) {
700
+
ret = -ENOENT;
701
+
goto errout;
702
+
}
703
+
cstr->len = ret;
704
+
}
705
+
if (bigname) {
706
+
if (de->name_len < 16)
707
+
return 0;
708
+
ret = memcmp(de->name + de->name_len - 16,
709
+
cstr->name + 8, 16);
710
+
return (ret == 0) ? 1 : 0;
711
+
}
712
}
713
+
if (de->name_len != cstr->len)
714
+
return 0;
715
+
ret = memcmp(de->name, cstr->name, cstr->len);
716
+
return (ret == 0) ? 1 : 0;
717
+
errout:
718
+
kfree(cstr->name);
719
+
cstr->name = NULL;
720
return ret;
721
}
+1
fs/ext4/crypto_key.c
+1
fs/ext4/crypto_key.c
+9
-5
fs/ext4/crypto_policy.c
+9
-5
fs/ext4/crypto_policy.c
···
37
return 0;
38
return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor,
39
EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
40
(ctx.contents_encryption_mode ==
41
policy->contents_encryption_mode) &&
42
(ctx.filenames_encryption_mode ==
···
58
printk(KERN_WARNING
59
"%s: Invalid contents encryption mode %d\n", __func__,
60
policy->contents_encryption_mode);
61
-
res = -EINVAL;
62
-
goto out;
63
}
64
if (!ext4_valid_filenames_enc_mode(policy->filenames_encryption_mode)) {
65
printk(KERN_WARNING
66
"%s: Invalid filenames encryption mode %d\n", __func__,
67
policy->filenames_encryption_mode);
68
-
res = -EINVAL;
69
-
goto out;
70
}
71
ctx.contents_encryption_mode = policy->contents_encryption_mode;
72
ctx.filenames_encryption_mode = policy->filenames_encryption_mode;
73
BUILD_BUG_ON(sizeof(ctx.nonce) != EXT4_KEY_DERIVATION_NONCE_SIZE);
74
get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
75
76
res = ext4_xattr_set(inode, EXT4_XATTR_INDEX_ENCRYPTION,
77
EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
78
sizeof(ctx), 0);
79
-
out:
80
if (!res)
81
ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
82
return res;
···
117
policy->version = 0;
118
policy->contents_encryption_mode = ctx.contents_encryption_mode;
119
policy->filenames_encryption_mode = ctx.filenames_encryption_mode;
120
memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor,
121
EXT4_KEY_DESCRIPTOR_SIZE);
122
return 0;
···
179
EXT4_ENCRYPTION_MODE_AES_256_XTS;
180
ctx.filenames_encryption_mode =
181
EXT4_ENCRYPTION_MODE_AES_256_CTS;
182
memset(ctx.master_key_descriptor, 0x42,
183
EXT4_KEY_DESCRIPTOR_SIZE);
184
res = 0;
···
37
return 0;
38
return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor,
39
EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
40
+
(ctx.flags ==
41
+
policy->flags) &&
42
(ctx.contents_encryption_mode ==
43
policy->contents_encryption_mode) &&
44
(ctx.filenames_encryption_mode ==
···
56
printk(KERN_WARNING
57
"%s: Invalid contents encryption mode %d\n", __func__,
58
policy->contents_encryption_mode);
59
+
return -EINVAL;
60
}
61
if (!ext4_valid_filenames_enc_mode(policy->filenames_encryption_mode)) {
62
printk(KERN_WARNING
63
"%s: Invalid filenames encryption mode %d\n", __func__,
64
policy->filenames_encryption_mode);
65
+
return -EINVAL;
66
}
67
+
if (policy->flags & ~EXT4_POLICY_FLAGS_VALID)
68
+
return -EINVAL;
69
ctx.contents_encryption_mode = policy->contents_encryption_mode;
70
ctx.filenames_encryption_mode = policy->filenames_encryption_mode;
71
+
ctx.flags = policy->flags;
72
BUILD_BUG_ON(sizeof(ctx.nonce) != EXT4_KEY_DERIVATION_NONCE_SIZE);
73
get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
74
75
res = ext4_xattr_set(inode, EXT4_XATTR_INDEX_ENCRYPTION,
76
EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
77
sizeof(ctx), 0);
78
if (!res)
79
ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
80
return res;
···
115
policy->version = 0;
116
policy->contents_encryption_mode = ctx.contents_encryption_mode;
117
policy->filenames_encryption_mode = ctx.filenames_encryption_mode;
118
+
policy->flags = ctx.flags;
119
memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor,
120
EXT4_KEY_DESCRIPTOR_SIZE);
121
return 0;
···
176
EXT4_ENCRYPTION_MODE_AES_256_XTS;
177
ctx.filenames_encryption_mode =
178
EXT4_ENCRYPTION_MODE_AES_256_CTS;
179
+
ctx.flags = 0;
180
memset(ctx.master_key_descriptor, 0x42,
181
EXT4_KEY_DESCRIPTOR_SIZE);
182
res = 0;
+1
-1
fs/ext4/dir.c
+1
-1
fs/ext4/dir.c
+7
-9
fs/ext4/ext4.h
+7
-9
fs/ext4/ext4.h
···
911
912
/* on-disk additional length */
913
__u16 i_extra_isize;
914
915
/* Indicate the inline data space. */
916
u16 i_inline_off;
···
1066
1067
/* Metadata checksum algorithm codes */
1068
#define EXT4_CRC32C_CHKSUM 1
1069
-
1070
-
/* Encryption algorithms */
1071
-
#define EXT4_ENCRYPTION_MODE_INVALID 0
1072
-
#define EXT4_ENCRYPTION_MODE_AES_256_XTS 1
1073
-
#define EXT4_ENCRYPTION_MODE_AES_256_GCM 2
1074
-
#define EXT4_ENCRYPTION_MODE_AES_256_CBC 3
1075
1076
/*
1077
* Structure of the super block
···
2088
int ext4_fname_crypto_alloc_buffer(struct ext4_fname_crypto_ctx *ctx,
2089
u32 ilen, struct ext4_str *crypto_str);
2090
int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
2091
const struct ext4_str *iname,
2092
struct ext4_str *oname);
2093
int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
2094
const struct ext4_dir_entry_2 *de,
2095
struct ext4_str *oname);
2096
int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
···
2101
int ext4_fname_usr_to_hash(struct ext4_fname_crypto_ctx *ctx,
2102
const struct qstr *iname,
2103
struct dx_hash_info *hinfo);
2104
-
int ext4_fname_disk_to_hash(struct ext4_fname_crypto_ctx *ctx,
2105
-
const struct ext4_dir_entry_2 *de,
2106
-
struct dx_hash_info *hinfo);
2107
int ext4_fname_crypto_namelen_on_disk(struct ext4_fname_crypto_ctx *ctx,
2108
u32 namelen);
2109
2110
#ifdef CONFIG_EXT4_FS_ENCRYPTION
2111
void ext4_put_fname_crypto_ctx(struct ext4_fname_crypto_ctx **ctx);
···
911
912
/* on-disk additional length */
913
__u16 i_extra_isize;
914
+
char i_crypt_policy_flags;
915
916
/* Indicate the inline data space. */
917
u16 i_inline_off;
···
1065
1066
/* Metadata checksum algorithm codes */
1067
#define EXT4_CRC32C_CHKSUM 1
1068
1069
/*
1070
* Structure of the super block
···
2093
int ext4_fname_crypto_alloc_buffer(struct ext4_fname_crypto_ctx *ctx,
2094
u32 ilen, struct ext4_str *crypto_str);
2095
int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
2096
+
struct dx_hash_info *hinfo,
2097
const struct ext4_str *iname,
2098
struct ext4_str *oname);
2099
int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
2100
+
struct dx_hash_info *hinfo,
2101
const struct ext4_dir_entry_2 *de,
2102
struct ext4_str *oname);
2103
int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
···
2104
int ext4_fname_usr_to_hash(struct ext4_fname_crypto_ctx *ctx,
2105
const struct qstr *iname,
2106
struct dx_hash_info *hinfo);
2107
int ext4_fname_crypto_namelen_on_disk(struct ext4_fname_crypto_ctx *ctx,
2108
u32 namelen);
2109
+
int ext4_fname_match(struct ext4_fname_crypto_ctx *ctx, struct ext4_str *cstr,
2110
+
int len, const char * const name,
2111
+
struct ext4_dir_entry_2 *de);
2112
+
2113
2114
#ifdef CONFIG_EXT4_FS_ENCRYPTION
2115
void ext4_put_fname_crypto_ctx(struct ext4_fname_crypto_ctx **ctx);
+10
-1
fs/ext4/ext4_crypto.h
+10
-1
fs/ext4/ext4_crypto.h
···
20
char version;
21
char contents_encryption_mode;
22
char filenames_encryption_mode;
23
char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
24
} __attribute__((__packed__));
25
26
#define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1
27
#define EXT4_KEY_DERIVATION_NONCE_SIZE 16
28
29
/**
30
* Encryption context for inode
···
49
char format;
50
char contents_encryption_mode;
51
char filenames_encryption_mode;
52
-
char reserved;
53
char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
54
char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE];
55
} __attribute__((__packed__));
···
128
struct crypto_hash *htfm;
129
struct page *workpage;
130
struct ext4_encryption_key key;
131
unsigned has_valid_key : 1;
132
unsigned ctfm_key_is_ready : 1;
133
};
···
20
char version;
21
char contents_encryption_mode;
22
char filenames_encryption_mode;
23
+
char flags;
24
char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
25
} __attribute__((__packed__));
26
27
#define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1
28
#define EXT4_KEY_DERIVATION_NONCE_SIZE 16
29
+
30
+
#define EXT4_POLICY_FLAGS_PAD_4 0x00
31
+
#define EXT4_POLICY_FLAGS_PAD_8 0x01
32
+
#define EXT4_POLICY_FLAGS_PAD_16 0x02
33
+
#define EXT4_POLICY_FLAGS_PAD_32 0x03
34
+
#define EXT4_POLICY_FLAGS_PAD_MASK 0x03
35
+
#define EXT4_POLICY_FLAGS_VALID 0x03
36
37
/**
38
* Encryption context for inode
···
41
char format;
42
char contents_encryption_mode;
43
char filenames_encryption_mode;
44
+
char flags;
45
char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
46
char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE];
47
} __attribute__((__packed__));
···
120
struct crypto_hash *htfm;
121
struct page *workpage;
122
struct ext4_encryption_key key;
123
+
unsigned flags : 8;
124
unsigned has_valid_key : 1;
125
unsigned ctfm_key_is_ready : 1;
126
};
+8
-7
fs/ext4/extents.c
+8
-7
fs/ext4/extents.c
···
4927
if (ret)
4928
return ret;
4929
4930
-
/*
4931
-
* currently supporting (pre)allocate mode for extent-based
4932
-
* files _only_
4933
-
*/
4934
-
if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS)))
4935
-
return -EOPNOTSUPP;
4936
-
4937
if (mode & FALLOC_FL_COLLAPSE_RANGE)
4938
return ext4_collapse_range(inode, offset, len);
4939
···
4947
flags |= EXT4_GET_BLOCKS_KEEP_SIZE;
4948
4949
mutex_lock(&inode->i_mutex);
4950
4951
if (!(mode & FALLOC_FL_KEEP_SIZE) &&
4952
offset + len > i_size_read(inode)) {
···
4927
if (ret)
4928
return ret;
4929
4930
if (mode & FALLOC_FL_COLLAPSE_RANGE)
4931
return ext4_collapse_range(inode, offset, len);
4932
···
4954
flags |= EXT4_GET_BLOCKS_KEEP_SIZE;
4955
4956
mutex_lock(&inode->i_mutex);
4957
+
4958
+
/*
4959
+
* We only support preallocation for extent-based files only
4960
+
*/
4961
+
if (!(ext4_test_inode_flag(inode, EXT4_INODE_EXTENTS))) {
4962
+
ret = -EOPNOTSUPP;
4963
+
goto out;
4964
+
}
4965
4966
if (!(mode & FALLOC_FL_KEEP_SIZE) &&
4967
offset + len > i_size_read(inode)) {
+8
fs/ext4/extents_status.c
+8
fs/ext4/extents_status.c
···
703
704
BUG_ON(end < lblk);
705
706
+
if ((status & EXTENT_STATUS_DELAYED) &&
707
+
(status & EXTENT_STATUS_WRITTEN)) {
708
+
ext4_warning(inode->i_sb, "Inserting extent [%u/%u] as "
709
+
" delayed and written which can potentially "
710
+
" cause data loss.\n", lblk, len);
711
+
WARN_ON(1);
712
+
}
713
+
714
newes.es_lblk = lblk;
715
newes.es_len = len;
716
ext4_es_store_pblock_status(&newes, pblk, status);
+2
fs/ext4/inode.c
+2
fs/ext4/inode.c
···
531
status = map->m_flags & EXT4_MAP_UNWRITTEN ?
532
EXTENT_STATUS_UNWRITTEN : EXTENT_STATUS_WRITTEN;
533
if (!(flags & EXT4_GET_BLOCKS_DELALLOC_RESERVE) &&
534
ext4_find_delalloc_range(inode, map->m_lblk,
535
map->m_lblk + map->m_len - 1))
536
status |= EXTENT_STATUS_DELAYED;
···
636
status = map->m_flags & EXT4_MAP_UNWRITTEN ?
637
EXTENT_STATUS_UNWRITTEN : EXTENT_STATUS_WRITTEN;
638
if (!(flags & EXT4_GET_BLOCKS_DELALLOC_RESERVE) &&
639
ext4_find_delalloc_range(inode, map->m_lblk,
640
map->m_lblk + map->m_len - 1))
641
status |= EXTENT_STATUS_DELAYED;
···
531
status = map->m_flags & EXT4_MAP_UNWRITTEN ?
532
EXTENT_STATUS_UNWRITTEN : EXTENT_STATUS_WRITTEN;
533
if (!(flags & EXT4_GET_BLOCKS_DELALLOC_RESERVE) &&
534
+
!(status & EXTENT_STATUS_WRITTEN) &&
535
ext4_find_delalloc_range(inode, map->m_lblk,
536
map->m_lblk + map->m_len - 1))
537
status |= EXTENT_STATUS_DELAYED;
···
635
status = map->m_flags & EXT4_MAP_UNWRITTEN ?
636
EXTENT_STATUS_UNWRITTEN : EXTENT_STATUS_WRITTEN;
637
if (!(flags & EXT4_GET_BLOCKS_DELALLOC_RESERVE) &&
638
+
!(status & EXTENT_STATUS_WRITTEN) &&
639
ext4_find_delalloc_range(inode, map->m_lblk,
640
map->m_lblk + map->m_len - 1))
641
status |= EXTENT_STATUS_DELAYED;
+6
-66
fs/ext4/namei.c
+6
-66
fs/ext4/namei.c
···
640
ext4_put_fname_crypto_ctx(&ctx);
641
ctx = NULL;
642
}
643
-
res = ext4_fname_disk_to_usr(ctx, de,
644
&fname_crypto_str);
645
if (res < 0) {
646
printk(KERN_WARNING "Error "
···
653
name = fname_crypto_str.name;
654
len = fname_crypto_str.len;
655
}
656
-
res = ext4_fname_disk_to_hash(ctx, de,
657
-
&h);
658
-
if (res < 0) {
659
-
printk(KERN_WARNING "Error "
660
-
"converting filename "
661
-
"from disk to htree"
662
-
"\n");
663
-
h.hash = 0xDEADBEEF;
664
-
}
665
printk("%*.s:(E)%x.%u ", len, name,
666
h.hash, (unsigned) ((char *) de
667
- base));
···
1001
/* silently ignore the rest of the block */
1002
break;
1003
}
1004
-
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1005
-
err = ext4_fname_disk_to_hash(ctx, de, hinfo);
1006
-
if (err < 0) {
1007
-
count = err;
1008
-
goto errout;
1009
-
}
1010
-
#else
1011
ext4fs_dirhash(de->name, de->name_len, hinfo);
1012
-
#endif
1013
if ((hinfo->hash < start_hash) ||
1014
((hinfo->hash == start_hash) &&
1015
(hinfo->minor_hash < start_minor_hash)))
···
1017
&tmp_str);
1018
} else {
1019
/* Directory is encrypted */
1020
-
err = ext4_fname_disk_to_usr(ctx, de,
1021
&fname_crypto_str);
1022
if (err < 0) {
1023
count = err;
···
1178
int count = 0;
1179
char *base = (char *) de;
1180
struct dx_hash_info h = *hinfo;
1181
-
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1182
-
struct ext4_fname_crypto_ctx *ctx = NULL;
1183
-
int err;
1184
-
1185
-
ctx = ext4_get_fname_crypto_ctx(dir, EXT4_NAME_LEN);
1186
-
if (IS_ERR(ctx))
1187
-
return PTR_ERR(ctx);
1188
-
#endif
1189
1190
while ((char *) de < base + blocksize) {
1191
if (de->name_len && de->inode) {
1192
-
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1193
-
err = ext4_fname_disk_to_hash(ctx, de, &h);
1194
-
if (err < 0) {
1195
-
ext4_put_fname_crypto_ctx(&ctx);
1196
-
return err;
1197
-
}
1198
-
#else
1199
ext4fs_dirhash(de->name, de->name_len, &h);
1200
-
#endif
1201
map_tail--;
1202
map_tail->hash = h.hash;
1203
map_tail->offs = ((char *) de - base)>>2;
···
1192
/* XXX: do we need to check rec_len == 0 case? -Chris */
1193
de = ext4_next_entry(de, blocksize);
1194
}
1195
-
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1196
-
ext4_put_fname_crypto_ctx(&ctx);
1197
-
#endif
1198
return count;
1199
}
1200
···
1253
return 0;
1254
1255
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1256
-
if (ctx) {
1257
-
/* Directory is encrypted */
1258
-
res = ext4_fname_disk_to_usr(ctx, de, fname_crypto_str);
1259
-
if (res < 0)
1260
-
return res;
1261
-
if (len != res)
1262
-
return 0;
1263
-
res = memcmp(name, fname_crypto_str->name, len);
1264
-
return (res == 0) ? 1 : 0;
1265
-
}
1266
#endif
1267
if (len != de->name_len)
1268
return 0;
···
1281
ctx = ext4_get_fname_crypto_ctx(dir, EXT4_NAME_LEN);
1282
if (IS_ERR(ctx))
1283
return -1;
1284
-
1285
-
if (ctx != NULL) {
1286
-
/* Allocate buffer to hold maximum name length */
1287
-
res = ext4_fname_crypto_alloc_buffer(ctx, EXT4_NAME_LEN,
1288
-
&fname_crypto_str);
1289
-
if (res < 0) {
1290
-
ext4_put_fname_crypto_ctx(&ctx);
1291
-
return -1;
1292
-
}
1293
-
}
1294
1295
de = (struct ext4_dir_entry_2 *)search_buf;
1296
dlimit = search_buf + buf_size;
···
1820
return res;
1821
}
1822
reclen = EXT4_DIR_REC_LEN(res);
1823
-
1824
-
/* Allocate buffer to hold maximum name length */
1825
-
res = ext4_fname_crypto_alloc_buffer(ctx, EXT4_NAME_LEN,
1826
-
&fname_crypto_str);
1827
-
if (res < 0) {
1828
-
ext4_put_fname_crypto_ctx(&ctx);
1829
-
return -1;
1830
-
}
1831
}
1832
1833
de = (struct ext4_dir_entry_2 *)buf;
···
640
ext4_put_fname_crypto_ctx(&ctx);
641
ctx = NULL;
642
}
643
+
res = ext4_fname_disk_to_usr(ctx, NULL, de,
644
&fname_crypto_str);
645
if (res < 0) {
646
printk(KERN_WARNING "Error "
···
653
name = fname_crypto_str.name;
654
len = fname_crypto_str.len;
655
}
656
+
ext4fs_dirhash(de->name, de->name_len,
657
+
&h);
658
printk("%*.s:(E)%x.%u ", len, name,
659
h.hash, (unsigned) ((char *) de
660
- base));
···
1008
/* silently ignore the rest of the block */
1009
break;
1010
}
1011
ext4fs_dirhash(de->name, de->name_len, hinfo);
1012
if ((hinfo->hash < start_hash) ||
1013
((hinfo->hash == start_hash) &&
1014
(hinfo->minor_hash < start_minor_hash)))
···
1032
&tmp_str);
1033
} else {
1034
/* Directory is encrypted */
1035
+
err = ext4_fname_disk_to_usr(ctx, hinfo, de,
1036
&fname_crypto_str);
1037
if (err < 0) {
1038
count = err;
···
1193
int count = 0;
1194
char *base = (char *) de;
1195
struct dx_hash_info h = *hinfo;
1196
1197
while ((char *) de < base + blocksize) {
1198
if (de->name_len && de->inode) {
1199
ext4fs_dirhash(de->name, de->name_len, &h);
1200
map_tail--;
1201
map_tail->hash = h.hash;
1202
map_tail->offs = ((char *) de - base)>>2;
···
1223
/* XXX: do we need to check rec_len == 0 case? -Chris */
1224
de = ext4_next_entry(de, blocksize);
1225
}
1226
return count;
1227
}
1228
···
1287
return 0;
1288
1289
#ifdef CONFIG_EXT4_FS_ENCRYPTION
1290
+
if (ctx)
1291
+
return ext4_fname_match(ctx, fname_crypto_str, len, name, de);
1292
#endif
1293
if (len != de->name_len)
1294
return 0;
···
1323
ctx = ext4_get_fname_crypto_ctx(dir, EXT4_NAME_LEN);
1324
if (IS_ERR(ctx))
1325
return -1;
1326
1327
de = (struct ext4_dir_entry_2 *)search_buf;
1328
dlimit = search_buf + buf_size;
···
1872
return res;
1873
}
1874
reclen = EXT4_DIR_REC_LEN(res);
1875
}
1876
1877
de = (struct ext4_dir_entry_2 *)buf;
+5
-2
fs/ext4/resize.c
+5
-2
fs/ext4/resize.c
···
1432
goto exit;
1433
/*
1434
* We will always be modifying at least the superblock and GDT
1435
-
* block. If we are adding a group past the last current GDT block,
1436
* we will also modify the inode and the dindirect block. If we
1437
* are adding a group with superblock/GDT backups we will also
1438
* modify each of the reserved GDT dindirect blocks.
1439
*/
1440
-
credit = flex_gd->count * 4 + reserved_gdb;
1441
handle = ext4_journal_start_sb(sb, EXT4_HT_RESIZE, credit);
1442
if (IS_ERR(handle)) {
1443
err = PTR_ERR(handle);
···
1432
goto exit;
1433
/*
1434
* We will always be modifying at least the superblock and GDT
1435
+
* blocks. If we are adding a group past the last current GDT block,
1436
* we will also modify the inode and the dindirect block. If we
1437
* are adding a group with superblock/GDT backups we will also
1438
* modify each of the reserved GDT dindirect blocks.
1439
*/
1440
+
credit = 3; /* sb, resize inode, resize inode dindirect */
1441
+
/* GDT blocks */
1442
+
credit += 1 + DIV_ROUND_UP(flex_gd->count, EXT4_DESC_PER_BLOCK(sb));
1443
+
credit += reserved_gdb; /* Reserved GDT dindirect blocks */
1444
handle = ext4_journal_start_sb(sb, EXT4_HT_RESIZE, credit);
1445
if (IS_ERR(handle)) {
1446
err = PTR_ERR(handle);
+1
-1
fs/ext4/symlink.c
+1
-1
fs/ext4/symlink.c