// SPDX-License-Identifier: GPL-2.0-or-later /* * eCryptfs: Linux filesystem encryption layer * This is where eCryptfs coordinates the symmetric encryption and * decryption of the file data as it passes between the lower * encrypted file and the upper decrypted file. * * Copyright (C) 1997-2003 Erez Zadok * Copyright (C) 2001-2003 Stony Brook University * Copyright (C) 2004-2007 International Business Machines Corp. * Author(s): Michael A. Halcrow <[email protected]> */ #include <linux/pagemap.h> #include <linux/writeback.h> #include <linux/page-flags.h> #include <linux/mount.h> #include <linux/file.h> #include <linux/scatterlist.h> #include <linux/slab.h> #include <linux/xattr.h> #include <asm/unaligned.h> #include "ecryptfs_kernel.h" /* * ecryptfs_get_locked_page * * Get one page from cache or lower f/s, return error otherwise. * * Returns locked and up-to-date page (if ok), with increased * refcnt. */ struct page *ecryptfs_get_locked_page(struct inode *inode, loff_t index) { … } /** * ecryptfs_writepage * @page: Page that is locked before this call is made * @wbc: Write-back control structure * * Returns zero on success; non-zero otherwise * * This is where we encrypt the data and pass the encrypted data to * the lower filesystem. In OpenPGP-compatible mode, we operate on * entire underlying packets. */ static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc) { … } static void strip_xattr_flag(char *page_virt, struct ecryptfs_crypt_stat *crypt_stat) { … } /* * Header Extent: * Octets 0-7: Unencrypted file size (big-endian) * Octets 8-15: eCryptfs special marker * Octets 16-19: Flags * Octet 16: File format version number (between 0 and 255) * Octets 17-18: Reserved * Octet 19: Bit 1 (lsb): Reserved * Bit 2: Encrypted? * Bits 3-8: Reserved * Octets 20-23: Header extent size (big-endian) * Octets 24-25: Number of header extents at front of file * (big-endian) * Octet 26: Begin RFC 2440 authentication token packet set */ /** * ecryptfs_copy_up_encrypted_with_header * @page: Sort of a ``virtual'' representation of the encrypted lower * file. The actual lower file does not have the metadata in * the header. This is locked. * @crypt_stat: The eCryptfs inode's cryptographic context * * The ``view'' is the version of the file that userspace winds up * seeing, with the header information inserted. */ static int ecryptfs_copy_up_encrypted_with_header(struct page *page, struct ecryptfs_crypt_stat *crypt_stat) { … } /** * ecryptfs_read_folio * @file: An eCryptfs file * @folio: Folio from eCryptfs inode mapping into which to stick the read data * * Read in a folio, decrypting if necessary. * * Returns zero on success; non-zero on error. */ static int ecryptfs_read_folio(struct file *file, struct folio *folio) { … } /* * Called with lower inode mutex held. */ static int fill_zeros_to_end_of_page(struct page *page, unsigned int to) { … } /** * ecryptfs_write_begin * @file: The eCryptfs file * @mapping: The eCryptfs object * @pos: The file offset at which to start writing * @len: Length of the write * @pagep: Pointer to return the page * @fsdata: Pointer to return fs data (unused) * * This function must zero any hole we create * * Returns zero on success; non-zero otherwise */ static int ecryptfs_write_begin(struct file *file, struct address_space *mapping, loff_t pos, unsigned len, struct page **pagep, void **fsdata) { … } /* * ecryptfs_write_inode_size_to_header * * Writes the lower file size to the first 8 bytes of the header. * * Returns zero on success; non-zero on error. */ static int ecryptfs_write_inode_size_to_header(struct inode *ecryptfs_inode) { … } struct kmem_cache *ecryptfs_xattr_cache; static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode) { … } int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode) { … } /** * ecryptfs_write_end * @file: The eCryptfs file object * @mapping: The eCryptfs object * @pos: The file position * @len: The length of the data (unused) * @copied: The amount of data copied * @page: The eCryptfs page * @fsdata: The fsdata (unused) */ static int ecryptfs_write_end(struct file *file, struct address_space *mapping, loff_t pos, unsigned len, unsigned copied, struct page *page, void *fsdata) { … } static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block) { … } #include <linux/buffer_head.h> const struct address_space_operations ecryptfs_aops = …;
Codebase Browser
linux