// SPDX-License-Identifier: GPL-2.0-only /* * This contains encryption functions for per-file encryption. * * Copyright (C) 2015, Google, Inc. * Copyright (C) 2015, Motorola Mobility * * Written by Michael Halcrow, 2014. * * Filename encryption additions * Uday Savagaonkar, 2014 * Encryption policy handling additions * Ildar Muslukhov, 2014 * Add fscrypt_pullback_bio_page() * Jaegeuk Kim, 2015. * * This has not yet undergone a rigorous security audit. * * The usage of AES-XTS should conform to recommendations in NIST * Special Publication 800-38E and IEEE P1619/D16. */ #include <linux/pagemap.h> #include <linux/mempool.h> #include <linux/module.h> #include <linux/scatterlist.h> #include <linux/ratelimit.h> #include <crypto/skcipher.h> #include "fscrypt_private.h" static unsigned int num_prealloc_crypto_pages = …; module_param(num_prealloc_crypto_pages, uint, 0444); MODULE_PARM_DESC(…) …; static mempool_t *fscrypt_bounce_page_pool = …; static struct workqueue_struct *fscrypt_read_workqueue; static DEFINE_MUTEX(fscrypt_init_mutex); struct kmem_cache *fscrypt_inode_info_cachep; void fscrypt_enqueue_decrypt_work(struct work_struct *work) { … } EXPORT_SYMBOL(…); struct page *fscrypt_alloc_bounce_page(gfp_t gfp_flags) { … } /** * fscrypt_free_bounce_page() - free a ciphertext bounce page * @bounce_page: the bounce page to free, or NULL * * Free a bounce page that was allocated by fscrypt_encrypt_pagecache_blocks(), * or by fscrypt_alloc_bounce_page() directly. */ void fscrypt_free_bounce_page(struct page *bounce_page) { … } EXPORT_SYMBOL(…); /* * Generate the IV for the given data unit index within the given file. * For filenames encryption, index == 0. * * Keep this in sync with fscrypt_limit_io_blocks(). fscrypt_limit_io_blocks() * needs to know about any IV generation methods where the low bits of IV don't * simply contain the data unit index (e.g., IV_INO_LBLK_32). */ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 index, const struct fscrypt_inode_info *ci) { … } /* Encrypt or decrypt a single "data unit" of file contents. */ int fscrypt_crypt_data_unit(const struct fscrypt_inode_info *ci, fscrypt_direction_t rw, u64 index, struct page *src_page, struct page *dest_page, unsigned int len, unsigned int offs, gfp_t gfp_flags) { … } /** * fscrypt_encrypt_pagecache_blocks() - Encrypt data from a pagecache page * @page: the locked pagecache page containing the data to encrypt * @len: size of the data to encrypt, in bytes * @offs: offset within @page of the data to encrypt, in bytes * @gfp_flags: memory allocation flags; see details below * * This allocates a new bounce page and encrypts the given data into it. The * length and offset of the data must be aligned to the file's crypto data unit * size. Alignment to the filesystem block size fulfills this requirement, as * the filesystem block size is always a multiple of the data unit size. * * In the bounce page, the ciphertext data will be located at the same offset at * which the plaintext data was located in the source page. Any other parts of * the bounce page will be left uninitialized. * * This is for use by the filesystem's ->writepages() method. * * The bounce page allocation is mempool-backed, so it will always succeed when * @gfp_flags includes __GFP_DIRECT_RECLAIM, e.g. when it's GFP_NOFS. However, * only the first page of each bio can be allocated this way. To prevent * deadlocks, for any additional pages a mask like GFP_NOWAIT must be used. * * Return: the new encrypted bounce page on success; an ERR_PTR() on failure */ struct page *fscrypt_encrypt_pagecache_blocks(struct page *page, unsigned int len, unsigned int offs, gfp_t gfp_flags) { … } EXPORT_SYMBOL(…); /** * fscrypt_encrypt_block_inplace() - Encrypt a filesystem block in-place * @inode: The inode to which this block belongs * @page: The page containing the block to encrypt * @len: Size of block to encrypt. This must be a multiple of * FSCRYPT_CONTENTS_ALIGNMENT. * @offs: Byte offset within @page at which the block to encrypt begins * @lblk_num: Filesystem logical block number of the block, i.e. the 0-based * number of the block within the file * @gfp_flags: Memory allocation flags * * Encrypt a possibly-compressed filesystem block that is located in an * arbitrary page, not necessarily in the original pagecache page. The @inode * and @lblk_num must be specified, as they can't be determined from @page. * * This is not compatible with fscrypt_operations::supports_subblock_data_units. * * Return: 0 on success; -errno on failure */ int fscrypt_encrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, unsigned int offs, u64 lblk_num, gfp_t gfp_flags) { … } EXPORT_SYMBOL(…); /** * fscrypt_decrypt_pagecache_blocks() - Decrypt data from a pagecache folio * @folio: the pagecache folio containing the data to decrypt * @len: size of the data to decrypt, in bytes * @offs: offset within @folio of the data to decrypt, in bytes * * Decrypt data that has just been read from an encrypted file. The data must * be located in a pagecache folio that is still locked and not yet uptodate. * The length and offset of the data must be aligned to the file's crypto data * unit size. Alignment to the filesystem block size fulfills this requirement, * as the filesystem block size is always a multiple of the data unit size. * * Return: 0 on success; -errno on failure */ int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len, size_t offs) { … } EXPORT_SYMBOL(…); /** * fscrypt_decrypt_block_inplace() - Decrypt a filesystem block in-place * @inode: The inode to which this block belongs * @page: The page containing the block to decrypt * @len: Size of block to decrypt. This must be a multiple of * FSCRYPT_CONTENTS_ALIGNMENT. * @offs: Byte offset within @page at which the block to decrypt begins * @lblk_num: Filesystem logical block number of the block, i.e. the 0-based * number of the block within the file * * Decrypt a possibly-compressed filesystem block that is located in an * arbitrary page, not necessarily in the original pagecache page. The @inode * and @lblk_num must be specified, as they can't be determined from @page. * * This is not compatible with fscrypt_operations::supports_subblock_data_units. * * Return: 0 on success; -errno on failure */ int fscrypt_decrypt_block_inplace(const struct inode *inode, struct page *page, unsigned int len, unsigned int offs, u64 lblk_num) { … } EXPORT_SYMBOL(…); /** * fscrypt_initialize() - allocate major buffers for fs encryption. * @sb: the filesystem superblock * * We only call this when we start accessing encrypted files, since it * results in memory getting allocated that wouldn't otherwise be used. * * Return: 0 on success; -errno on failure */ int fscrypt_initialize(struct super_block *sb) { … } void fscrypt_msg(const struct inode *inode, const char *level, const char *fmt, ...) { … } /** * fscrypt_init() - Set up for fs encryption. * * Return: 0 on success; -errno on failure */ static int __init fscrypt_init(void) { … } late_initcall(…) …
Codebase Browser
linux