]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - fs/crypto/policy.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fscrypt: fix renaming and linking special files
[mirror_ubuntu-artful-kernel.git] / fs / crypto / policy.c
1 /*
2 * Encryption policy functions for per-file encryption support.
3 *
4 * Copyright (C) 2015, Google, Inc.
5 * Copyright (C) 2015, Motorola Mobility.
6 *
7 * Written by Michael Halcrow, 2015.
8 * Modified by Jaegeuk Kim, 2015.
9 */
10
11 #include <linux/random.h>
12 #include <linux/string.h>
13 #include <linux/mount.h>
14 #include "fscrypt_private.h"
15
16 static int inode_has_encryption_context(struct inode *inode)
17 {
18 if (!inode->i_sb->s_cop->get_context)
19 return 0;
20 return (inode->i_sb->s_cop->get_context(inode, NULL, 0L) > 0);
21 }
22
23 /*
24 * check whether the policy is consistent with the encryption context
25 * for the inode
26 */
27 static int is_encryption_context_consistent_with_policy(struct inode *inode,
28 const struct fscrypt_policy *policy)
29 {
30 struct fscrypt_context ctx;
31 int res;
32
33 if (!inode->i_sb->s_cop->get_context)
34 return 0;
35
36 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
37 if (res != sizeof(ctx))
38 return 0;
39
40 return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor,
41 FS_KEY_DESCRIPTOR_SIZE) == 0 &&
42 (ctx.flags == policy->flags) &&
43 (ctx.contents_encryption_mode ==
44 policy->contents_encryption_mode) &&
45 (ctx.filenames_encryption_mode ==
46 policy->filenames_encryption_mode));
47 }
48
49 static int create_encryption_context_from_policy(struct inode *inode,
50 const struct fscrypt_policy *policy)
51 {
52 struct fscrypt_context ctx;
53 int res;
54
55 if (!inode->i_sb->s_cop->set_context)
56 return -EOPNOTSUPP;
57
58 if (inode->i_sb->s_cop->prepare_context) {
59 res = inode->i_sb->s_cop->prepare_context(inode);
60 if (res)
61 return res;
62 }
63
64 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1;
65 memcpy(ctx.master_key_descriptor, policy->master_key_descriptor,
66 FS_KEY_DESCRIPTOR_SIZE);
67
68 if (!fscrypt_valid_contents_enc_mode(
69 policy->contents_encryption_mode)) {
70 printk(KERN_WARNING
71 "%s: Invalid contents encryption mode %d\n", __func__,
72 policy->contents_encryption_mode);
73 return -EINVAL;
74 }
75
76 if (!fscrypt_valid_filenames_enc_mode(
77 policy->filenames_encryption_mode)) {
78 printk(KERN_WARNING
79 "%s: Invalid filenames encryption mode %d\n", __func__,
80 policy->filenames_encryption_mode);
81 return -EINVAL;
82 }
83
84 if (policy->flags & ~FS_POLICY_FLAGS_VALID)
85 return -EINVAL;
86
87 ctx.contents_encryption_mode = policy->contents_encryption_mode;
88 ctx.filenames_encryption_mode = policy->filenames_encryption_mode;
89 ctx.flags = policy->flags;
90 BUILD_BUG_ON(sizeof(ctx.nonce) != FS_KEY_DERIVATION_NONCE_SIZE);
91 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE);
92
93 return inode->i_sb->s_cop->set_context(inode, &ctx, sizeof(ctx), NULL);
94 }
95
96 int fscrypt_ioctl_set_policy(struct file *filp, const void __user *arg)
97 {
98 struct fscrypt_policy policy;
99 struct inode *inode = file_inode(filp);
100 int ret;
101
102 if (copy_from_user(&policy, arg, sizeof(policy)))
103 return -EFAULT;
104
105 if (!inode_owner_or_capable(inode))
106 return -EACCES;
107
108 if (policy.version != 0)
109 return -EINVAL;
110
111 ret = mnt_want_write_file(filp);
112 if (ret)
113 return ret;
114
115 inode_lock(inode);
116
117 if (!inode_has_encryption_context(inode)) {
118 if (!S_ISDIR(inode->i_mode))
119 ret = -EINVAL;
120 else if (!inode->i_sb->s_cop->empty_dir)
121 ret = -EOPNOTSUPP;
122 else if (!inode->i_sb->s_cop->empty_dir(inode))
123 ret = -ENOTEMPTY;
124 else
125 ret = create_encryption_context_from_policy(inode,
126 &policy);
127 } else if (!is_encryption_context_consistent_with_policy(inode,
128 &policy)) {
129 printk(KERN_WARNING
130 "%s: Policy inconsistent with encryption context\n",
131 __func__);
132 ret = -EINVAL;
133 }
134
135 inode_unlock(inode);
136
137 mnt_drop_write_file(filp);
138 return ret;
139 }
140 EXPORT_SYMBOL(fscrypt_ioctl_set_policy);
141
142 int fscrypt_ioctl_get_policy(struct file *filp, void __user *arg)
143 {
144 struct inode *inode = file_inode(filp);
145 struct fscrypt_context ctx;
146 struct fscrypt_policy policy;
147 int res;
148
149 if (!inode->i_sb->s_cop->get_context ||
150 !inode->i_sb->s_cop->is_encrypted(inode))
151 return -ENODATA;
152
153 res = inode->i_sb->s_cop->get_context(inode, &ctx, sizeof(ctx));
154 if (res != sizeof(ctx))
155 return -ENODATA;
156 if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1)
157 return -EINVAL;
158
159 policy.version = 0;
160 policy.contents_encryption_mode = ctx.contents_encryption_mode;
161 policy.filenames_encryption_mode = ctx.filenames_encryption_mode;
162 policy.flags = ctx.flags;
163 memcpy(policy.master_key_descriptor, ctx.master_key_descriptor,
164 FS_KEY_DESCRIPTOR_SIZE);
165
166 if (copy_to_user(arg, &policy, sizeof(policy)))
167 return -EFAULT;
168 return 0;
169 }
170 EXPORT_SYMBOL(fscrypt_ioctl_get_policy);
171
172 int fscrypt_has_permitted_context(struct inode *parent, struct inode *child)
173 {
174 struct fscrypt_info *parent_ci, *child_ci;
175 int res;
176
177 if ((parent == NULL) || (child == NULL)) {
178 printk(KERN_ERR "parent %p child %p\n", parent, child);
179 BUG_ON(1);
180 }
181
182 /* No restrictions on file types which are never encrypted */
183 if (!S_ISREG(child->i_mode) && !S_ISDIR(child->i_mode) &&
184 !S_ISLNK(child->i_mode))
185 return 1;
186
187 /* no restrictions if the parent directory is not encrypted */
188 if (!parent->i_sb->s_cop->is_encrypted(parent))
189 return 1;
190 /* if the child directory is not encrypted, this is always a problem */
191 if (!parent->i_sb->s_cop->is_encrypted(child))
192 return 0;
193 res = fscrypt_get_encryption_info(parent);
194 if (res)
195 return 0;
196 res = fscrypt_get_encryption_info(child);
197 if (res)
198 return 0;
199 parent_ci = parent->i_crypt_info;
200 child_ci = child->i_crypt_info;
201 if (!parent_ci && !child_ci)
202 return 1;
203 if (!parent_ci || !child_ci)
204 return 0;
205
206 return (memcmp(parent_ci->ci_master_key,
207 child_ci->ci_master_key,
208 FS_KEY_DESCRIPTOR_SIZE) == 0 &&
209 (parent_ci->ci_data_mode == child_ci->ci_data_mode) &&
210 (parent_ci->ci_filename_mode == child_ci->ci_filename_mode) &&
211 (parent_ci->ci_flags == child_ci->ci_flags));
212 }
213 EXPORT_SYMBOL(fscrypt_has_permitted_context);
214
215 /**
216 * fscrypt_inherit_context() - Sets a child context from its parent
217 * @parent: Parent inode from which the context is inherited.
218 * @child: Child inode that inherits the context from @parent.
219 * @fs_data: private data given by FS.
220 * @preload: preload child i_crypt_info
221 *
222 * Return: Zero on success, non-zero otherwise
223 */
224 int fscrypt_inherit_context(struct inode *parent, struct inode *child,
225 void *fs_data, bool preload)
226 {
227 struct fscrypt_context ctx;
228 struct fscrypt_info *ci;
229 int res;
230
231 if (!parent->i_sb->s_cop->set_context)
232 return -EOPNOTSUPP;
233
234 res = fscrypt_get_encryption_info(parent);
235 if (res < 0)
236 return res;
237
238 ci = parent->i_crypt_info;
239 if (ci == NULL)
240 return -ENOKEY;
241
242 ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1;
243 if (fscrypt_dummy_context_enabled(parent)) {
244 ctx.contents_encryption_mode = FS_ENCRYPTION_MODE_AES_256_XTS;
245 ctx.filenames_encryption_mode = FS_ENCRYPTION_MODE_AES_256_CTS;
246 ctx.flags = 0;
247 memset(ctx.master_key_descriptor, 0x42, FS_KEY_DESCRIPTOR_SIZE);
248 res = 0;
249 } else {
250 ctx.contents_encryption_mode = ci->ci_data_mode;
251 ctx.filenames_encryption_mode = ci->ci_filename_mode;
252 ctx.flags = ci->ci_flags;
253 memcpy(ctx.master_key_descriptor, ci->ci_master_key,
254 FS_KEY_DESCRIPTOR_SIZE);
255 }
256 get_random_bytes(ctx.nonce, FS_KEY_DERIVATION_NONCE_SIZE);
257 res = parent->i_sb->s_cop->set_context(child, &ctx,
258 sizeof(ctx), fs_data);
259 if (res)
260 return res;
261 return preload ? fscrypt_get_encryption_info(child): 0;
262 }
263 EXPORT_SYMBOL(fscrypt_inherit_context);
Ubuntu Artful kernel mirror