1 // SPDX-License-Identifier: GPL-2.0
2
3 #include <linux/quotaops.h>
4 #include <linux/uuid.h>
5
6 #include "ext4.h"
7 #include "xattr.h"
8 #include "ext4_jbd2.h"
9
ext4_fname_from_fscrypt_name(struct ext4_filename * dst,const struct fscrypt_name * src)10 static void ext4_fname_from_fscrypt_name(struct ext4_filename *dst,
11 const struct fscrypt_name *src)
12 {
13 memset(dst, 0, sizeof(*dst));
14
15 dst->usr_fname = src->usr_fname;
16 dst->disk_name = src->disk_name;
17 dst->hinfo.hash = src->hash;
18 dst->hinfo.minor_hash = src->minor_hash;
19 dst->crypto_buf = src->crypto_buf;
20 }
21
ext4_fname_setup_filename(struct inode * dir,const struct qstr * iname,int lookup,struct ext4_filename * fname)22 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
23 int lookup, struct ext4_filename *fname)
24 {
25 struct fscrypt_name name;
26 int err;
27
28 err = fscrypt_setup_filename(dir, iname, lookup, &name);
29 if (err)
30 return err;
31
32 ext4_fname_from_fscrypt_name(fname, &name);
33
34 err = ext4_fname_setup_ci_filename(dir, iname, fname);
35 if (err)
36 ext4_fname_free_filename(fname);
37
38 return err;
39 }
40
ext4_fname_prepare_lookup(struct inode * dir,struct dentry * dentry,struct ext4_filename * fname)41 int ext4_fname_prepare_lookup(struct inode *dir, struct dentry *dentry,
42 struct ext4_filename *fname)
43 {
44 struct fscrypt_name name;
45 int err;
46
47 err = fscrypt_prepare_lookup(dir, dentry, &name);
48 if (err)
49 return err;
50
51 ext4_fname_from_fscrypt_name(fname, &name);
52
53 err = ext4_fname_setup_ci_filename(dir, &dentry->d_name, fname);
54 if (err)
55 ext4_fname_free_filename(fname);
56 return err;
57 }
58
ext4_fname_free_filename(struct ext4_filename * fname)59 void ext4_fname_free_filename(struct ext4_filename *fname)
60 {
61 struct fscrypt_name name;
62
63 name.crypto_buf = fname->crypto_buf;
64 fscrypt_free_filename(&name);
65
66 fname->crypto_buf.name = NULL;
67 fname->usr_fname = NULL;
68 fname->disk_name.name = NULL;
69
70 ext4_fname_free_ci_filename(fname);
71 }
72
uuid_is_zero(__u8 u[16])73 static bool uuid_is_zero(__u8 u[16])
74 {
75 int i;
76
77 for (i = 0; i < 16; i++)
78 if (u[i])
79 return false;
80 return true;
81 }
82
ext4_ioctl_get_encryption_pwsalt(struct file * filp,void __user * arg)83 int ext4_ioctl_get_encryption_pwsalt(struct file *filp, void __user *arg)
84 {
85 struct super_block *sb = file_inode(filp)->i_sb;
86 struct ext4_sb_info *sbi = EXT4_SB(sb);
87 int err, err2;
88 handle_t *handle;
89
90 if (!ext4_has_feature_encrypt(sb))
91 return -EOPNOTSUPP;
92
93 if (uuid_is_zero(sbi->s_es->s_encrypt_pw_salt)) {
94 err = mnt_want_write_file(filp);
95 if (err)
96 return err;
97 handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1);
98 if (IS_ERR(handle)) {
99 err = PTR_ERR(handle);
100 goto pwsalt_err_exit;
101 }
102 err = ext4_journal_get_write_access(handle, sb, sbi->s_sbh,
103 EXT4_JTR_NONE);
104 if (err)
105 goto pwsalt_err_journal;
106 lock_buffer(sbi->s_sbh);
107 generate_random_uuid(sbi->s_es->s_encrypt_pw_salt);
108 ext4_superblock_csum_set(sb);
109 unlock_buffer(sbi->s_sbh);
110 err = ext4_handle_dirty_metadata(handle, NULL, sbi->s_sbh);
111 pwsalt_err_journal:
112 err2 = ext4_journal_stop(handle);
113 if (err2 && !err)
114 err = err2;
115 pwsalt_err_exit:
116 mnt_drop_write_file(filp);
117 if (err)
118 return err;
119 }
120
121 if (copy_to_user(arg, sbi->s_es->s_encrypt_pw_salt, 16))
122 return -EFAULT;
123 return 0;
124 }
125
ext4_get_context(struct inode * inode,void * ctx,size_t len)126 static int ext4_get_context(struct inode *inode, void *ctx, size_t len)
127 {
128 return ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
129 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, ctx, len);
130 }
131
ext4_set_context(struct inode * inode,const void * ctx,size_t len,void * fs_data)132 static int ext4_set_context(struct inode *inode, const void *ctx, size_t len,
133 void *fs_data)
134 {
135 handle_t *handle = fs_data;
136 int res, res2, credits, retries = 0;
137
138 /*
139 * Encrypting the root directory is not allowed because e2fsck expects
140 * lost+found to exist and be unencrypted, and encrypting the root
141 * directory would imply encrypting the lost+found directory as well as
142 * the filename "lost+found" itself.
143 */
144 if (inode->i_ino == EXT4_ROOT_INO)
145 return -EPERM;
146
147 if (WARN_ON_ONCE(IS_DAX(inode) && i_size_read(inode)))
148 return -EINVAL;
149
150 if (ext4_test_inode_flag(inode, EXT4_INODE_DAX))
151 return -EOPNOTSUPP;
152
153 res = ext4_convert_inline_data(inode);
154 if (res)
155 return res;
156
157 /*
158 * If a journal handle was specified, then the encryption context is
159 * being set on a new inode via inheritance and is part of a larger
160 * transaction to create the inode. Otherwise the encryption context is
161 * being set on an existing inode in its own transaction. Only in the
162 * latter case should the "retry on ENOSPC" logic be used.
163 */
164
165 if (handle) {
166 /*
167 * Since the inode is new it is ok to pass the
168 * XATTR_CREATE flag. This is necessary to match the
169 * remaining journal credits check in the set_handle
170 * function with the credits allocated for the new
171 * inode.
172 */
173 res = ext4_xattr_set_handle(handle, inode,
174 EXT4_XATTR_INDEX_ENCRYPTION,
175 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
176 ctx, len, XATTR_CREATE);
177 if (!res) {
178 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
179 ext4_clear_inode_state(inode,
180 EXT4_STATE_MAY_INLINE_DATA);
181 /*
182 * Update inode->i_flags - S_ENCRYPTED will be enabled,
183 * S_DAX may be disabled
184 */
185 ext4_set_inode_flags(inode, false);
186 }
187 return res;
188 }
189
190 res = dquot_initialize(inode);
191 if (res)
192 return res;
193 retry:
194 res = ext4_xattr_set_credits(inode, len, false /* is_create */,
195 &credits);
196 if (res)
197 return res;
198
199 handle = ext4_journal_start(inode, EXT4_HT_MISC, credits);
200 if (IS_ERR(handle))
201 return PTR_ERR(handle);
202
203 res = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_ENCRYPTION,
204 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
205 ctx, len, 0);
206 if (!res) {
207 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
208 /*
209 * Update inode->i_flags - S_ENCRYPTED will be enabled,
210 * S_DAX may be disabled
211 */
212 ext4_set_inode_flags(inode, false);
213 res = ext4_mark_inode_dirty(handle, inode);
214 if (res)
215 EXT4_ERROR_INODE(inode, "Failed to mark inode dirty");
216 }
217 res2 = ext4_journal_stop(handle);
218
219 if (res == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries))
220 goto retry;
221 if (!res)
222 res = res2;
223 return res;
224 }
225
ext4_get_dummy_policy(struct super_block * sb)226 static const union fscrypt_policy *ext4_get_dummy_policy(struct super_block *sb)
227 {
228 return EXT4_SB(sb)->s_dummy_enc_policy.policy;
229 }
230
ext4_has_stable_inodes(struct super_block * sb)231 static bool ext4_has_stable_inodes(struct super_block *sb)
232 {
233 return ext4_has_feature_stable_inodes(sb);
234 }
235
236 const struct fscrypt_operations ext4_cryptops = {
237 .inode_info_offs = (int)offsetof(struct ext4_inode_info, i_crypt_info) -
238 (int)offsetof(struct ext4_inode_info, vfs_inode),
239 .needs_bounce_pages = 1,
240 .has_32bit_inodes = 1,
241 .supports_subblock_data_units = 1,
242 .legacy_key_prefix = "ext4:",
243 .get_context = ext4_get_context,
244 .set_context = ext4_set_context,
245 .get_dummy_policy = ext4_get_dummy_policy,
246 .empty_dir = ext4_empty_dir,
247 .has_stable_inodes = ext4_has_stable_inodes,
248 };
249