Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / e2881b1b51d871a72911faf2fc7e090655940506^! / . / fs / ext4 / crypto_key.c
commite2881b1b51d871a72911faf2fc7e090655940506[log] [tgz]
authorTheodore Ts'o <tytso@mit.edu>Mon May 18 13:16:47 2015 -0400
committerTheodore Ts'o <tytso@mit.edu>Mon May 18 13:16:47 2015 -0400
tree07bc66d72cc03479c98b7b63edb53f1fa4069383
parentd229959072eba40e1c2a4f53f8af17f1e770eb66 [diff] [blame]
ext4 crypto: separate kernel and userspace structure for the key

Use struct ext4_encryption_key only for the master key passed via the
kernel keyring.

For internal kernel space users, we now use struct ext4_crypt_info.
This will allow us to put information from the policy structure so we
can cache it and avoid needing to constantly looking up the extended
attribute.  We will do this in a spearate patch.  This patch is mostly
mechnical to make it easier for patch review.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
index 52170d0..ec6635d 100644
--- a/fs/ext4/crypto_key.c
+++ b/fs/ext4/crypto_key.c

@@ -91,7 +91,7 @@
 int ext4_generate_encryption_key(struct inode *inode)
 {
 	struct ext4_inode_info *ei = EXT4_I(inode);
-	struct ext4_encryption_key *crypt_key = &ei->i_encryption_key;
+	struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
 	char full_key_descriptor[EXT4_KEY_DESC_PREFIX_SIZE +
 				 (EXT4_KEY_DESCRIPTOR_SIZE * 2) + 1];
 	struct key *keyring_key = NULL;
@@ -112,17 +112,17 @@
 
 	ei->i_crypt_policy_flags = ctx.flags;
 	if (S_ISREG(inode->i_mode))
-		crypt_key->mode = ctx.contents_encryption_mode;
+		crypt_info->ci_mode = ctx.contents_encryption_mode;
 	else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode))
-		crypt_key->mode = ctx.filenames_encryption_mode;
+		crypt_info->ci_mode = ctx.filenames_encryption_mode;
 	else {
 		printk(KERN_ERR "ext4 crypto: Unsupported inode type.\n");
 		BUG();
 	}
-	crypt_key->size = ext4_encryption_key_size(crypt_key->mode);
-	BUG_ON(!crypt_key->size);
+	crypt_info->ci_size = ext4_encryption_key_size(crypt_info->ci_mode);
+	BUG_ON(!crypt_info->ci_size);
 	if (DUMMY_ENCRYPTION_ENABLED(sbi)) {
-		memset(crypt_key->raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE);
+		memset(crypt_info->ci_raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE);
 		goto out;
 	}
 	memcpy(full_key_descriptor, EXT4_KEY_DESC_PREFIX,
@@ -148,19 +148,20 @@
 	BUILD_BUG_ON(EXT4_AES_128_ECB_KEY_SIZE !=
 		     EXT4_KEY_DERIVATION_NONCE_SIZE);
 	BUG_ON(master_key->size != EXT4_AES_256_XTS_KEY_SIZE);
-	res = ext4_derive_key_aes(ctx.nonce, master_key->raw, crypt_key->raw);
+	res = ext4_derive_key_aes(ctx.nonce, master_key->raw,
+				  crypt_info->ci_raw);
 out:
 	if (keyring_key)
 		key_put(keyring_key);
 	if (res < 0)
-		crypt_key->mode = EXT4_ENCRYPTION_MODE_INVALID;
+		crypt_info->ci_mode = EXT4_ENCRYPTION_MODE_INVALID;
 	return res;
 }
 
 int ext4_has_encryption_key(struct inode *inode)
 {
 	struct ext4_inode_info *ei = EXT4_I(inode);
-	struct ext4_encryption_key *crypt_key = &ei->i_encryption_key;
+	struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
 
-	return (crypt_key->mode != EXT4_ENCRYPTION_MODE_INVALID);
+	return (crypt_info->ci_mode != EXT4_ENCRYPTION_MODE_INVALID);
 }