fscrypt: Move key structure and constants to uapi

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This commit exposes the necessary constants and structures for a
userspace program to pass filesystem encryption keys into the keyring.
The fscrypt_key structure was already part of the kernel ABI, this
change just makes it so programs no longer have to redeclare these
structures (like e4crypt in e2fsprogs currently does).

Note that we do not expose the other FS_*_KEY_SIZE constants as they are
not necessary. Only XTS is supported for contents_encryption_mode, so
currently FS_MAX_KEY_SIZE bytes of key material must always be passed to
the kernel.

This commit also removes __packed from fscrypt_key as it does not
contain any implicit padding and does not refer to an on-disk structure.

Signed-off-by: Joe Richey <joerichey@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

authored by

Joe Richey and committed by

Theodore Ts'o 9 years ago 9c8268de 4bfd0362

+13 -11

2 changed files

expand all

crypto

fscrypt_private.h

include

uapi

linux

fs.h

-11

fs/crypto/fscrypt_private.h

··· 22 22 #define FS_AES_256_CBC_KEY_SIZE 32 23 23 #define FS_AES_256_CTS_KEY_SIZE 32 24 24 #define FS_AES_256_XTS_KEY_SIZE 64 25 - #define FS_MAX_KEY_SIZE 64 26 - 27 - #define FS_KEY_DESC_PREFIX "fscrypt:" 28 - #define FS_KEY_DESC_PREFIX_SIZE 8 29 25 30 26 #define FS_KEY_DERIVATION_NONCE_SIZE 16 31 27 ··· 46 50 } __packed; 47 51 48 52 #define FS_ENCRYPTION_CONTEXT_FORMAT_V1 1 49 - 50 - /* This is passed in from userspace into the kernel keyring */ 51 - struct fscrypt_key { 52 - u32 mode; 53 - u8 raw[FS_MAX_KEY_SIZE]; 54 - u32 size; 55 - } __packed; 56 53 57 54 /* 58 55 * A pointer to this structure is stored in the file system's in-core

+13

include/uapi/linux/fs.h

··· 285 285 #define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16]) 286 286 #define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy) 287 287 288 + /* Parameters for passing an encryption key into the kernel keyring */ 289 + #define FS_KEY_DESC_PREFIX "fscrypt:" 290 + #define FS_KEY_DESC_PREFIX_SIZE 8 291 + 292 + /* Structure that userspace passes to the kernel keyring */ 293 + #define FS_MAX_KEY_SIZE 64 294 + 295 + struct fscrypt_key { 296 + __u32 mode; 297 + __u8 raw[FS_MAX_KEY_SIZE]; 298 + __u32 size; 299 + }; 300 + 288 301 /* 289 302 * Inode flags (FS_IOC_GETFLAGS / FS_IOC_SETFLAGS) 290 303 *