Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 9bd8212f981ea6375911fe055382ad7529be5b28 / . / fs / ext4 / crypto_policy.c
blob: 532b69c0afab51e435d1ac38b3b48a9691e37a1a [file] [log] [blame]
Michael Halcrow9bd82122015-04-11 07:48:01 -0400[diff] [blame^]1/*
2 * linux/fs/ext4/crypto_policy.c
3 *
4 * Copyright (C) 2015, Google, Inc.
5 *
6 * This contains encryption policy functions for ext4
7 *
8 * Written by Michael Halcrow, 2015.
9 */
10
11#include <linux/random.h>
12#include <linux/string.h>
13#include <linux/types.h>
14
15#include "ext4.h"
16#include "xattr.h"
17
18static int ext4_inode_has_encryption_context(struct inode *inode)
19{
20 int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
21 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, NULL, 0);
22 return (res > 0);
23}
24
25/*
26 * check whether the policy is consistent with the encryption context
27 * for the inode
28 */
29static int ext4_is_encryption_context_consistent_with_policy(
30 struct inode *inode, const struct ext4_encryption_policy *policy)
31{
32 struct ext4_encryption_context ctx;
33 int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
34 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
35 sizeof(ctx));
36 if (res != sizeof(ctx))
37 return 0;
38 return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor,
39 EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
40 (ctx.contents_encryption_mode ==
41 policy->contents_encryption_mode) &&
42 (ctx.filenames_encryption_mode ==
43 policy->filenames_encryption_mode));
44}
45
46static int ext4_create_encryption_context_from_policy(
47 struct inode *inode, const struct ext4_encryption_policy *policy)
48{
49 struct ext4_encryption_context ctx;
50 int res = 0;
51
52 ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
53 memcpy(ctx.master_key_descriptor, policy->master_key_descriptor,
54 EXT4_KEY_DESCRIPTOR_SIZE);
55 ctx.contents_encryption_mode = policy->contents_encryption_mode;
56 ctx.filenames_encryption_mode = policy->filenames_encryption_mode;
57 BUILD_BUG_ON(sizeof(ctx.nonce) != EXT4_KEY_DERIVATION_NONCE_SIZE);
58 get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
59
60 res = ext4_xattr_set(inode, EXT4_XATTR_INDEX_ENCRYPTION,
61 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
62 sizeof(ctx), 0);
63 if (!res)
64 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
65 return res;
66}
67
68int ext4_process_policy(const struct ext4_encryption_policy *policy,
69 struct inode *inode)
70{
71 if (policy->version != 0)
72 return -EINVAL;
73
74 if (!ext4_inode_has_encryption_context(inode)) {
75 if (!ext4_empty_dir(inode))
76 return -ENOTEMPTY;
77 return ext4_create_encryption_context_from_policy(inode,
78 policy);
79 }
80
81 if (ext4_is_encryption_context_consistent_with_policy(inode, policy))
82 return 0;
83
84 printk(KERN_WARNING "%s: Policy inconsistent with encryption context\n",
85 __func__);
86 return -EINVAL;
87}
88
89int ext4_get_policy(struct inode *inode, struct ext4_encryption_policy *policy)
90{
91 struct ext4_encryption_context ctx;
92
93 int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
94 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
95 &ctx, sizeof(ctx));
96 if (res != sizeof(ctx))
97 return -ENOENT;
98 if (ctx.format != EXT4_ENCRYPTION_CONTEXT_FORMAT_V1)
99 return -EINVAL;
100 policy->version = 0;
101 policy->contents_encryption_mode = ctx.contents_encryption_mode;
102 policy->filenames_encryption_mode = ctx.filenames_encryption_mode;
103 memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor,
104 EXT4_KEY_DESCRIPTOR_SIZE);
105 return 0;
106}
107
108int ext4_is_child_context_consistent_with_parent(struct inode *parent,
109 struct inode *child)
110{
111 struct ext4_encryption_context parent_ctx, child_ctx;
112 int res;
113
114 if ((parent == NULL) || (child == NULL)) {
115 pr_err("parent %p child %p\n", parent, child);
116 BUG_ON(1);
117 }
118 /* no restrictions if the parent directory is not encrypted */
119 if (!ext4_encrypted_inode(parent))
120 return 1;
121 res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
122 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
123 &parent_ctx, sizeof(parent_ctx));
124 if (res != sizeof(parent_ctx))
125 return 0;
126 /* if the child directory is not encrypted, this is always a problem */
127 if (!ext4_encrypted_inode(child))
128 return 0;
129 res = ext4_xattr_get(child, EXT4_XATTR_INDEX_ENCRYPTION,
130 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
131 &child_ctx, sizeof(child_ctx));
132 if (res != sizeof(child_ctx))
133 return 0;
134 return (memcmp(parent_ctx.master_key_descriptor,
135 child_ctx.master_key_descriptor,
136 EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
137 (parent_ctx.contents_encryption_mode ==
138 child_ctx.contents_encryption_mode) &&
139 (parent_ctx.filenames_encryption_mode ==
140 child_ctx.filenames_encryption_mode));
141}
142
143/**
144 * ext4_inherit_context() - Sets a child context from its parent
145 * @parent: Parent inode from which the context is inherited.
146 * @child: Child inode that inherits the context from @parent.
147 *
148 * Return: Zero on success, non-zero otherwise
149 */
150int ext4_inherit_context(struct inode *parent, struct inode *child)
151{
152 struct ext4_encryption_context ctx;
153 int res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
154 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
155 &ctx, sizeof(ctx));
156
157 if (res != sizeof(ctx))
158 return -ENOENT;
159
160 get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
161 res = ext4_xattr_set(child, EXT4_XATTR_INDEX_ENCRYPTION,
162 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
163 sizeof(ctx), 0);
164 if (!res)
165 ext4_set_inode_flag(child, EXT4_INODE_ENCRYPT);
166 return res;
167}