Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4

#include <linux/dcache.h>

#include <linux/namei.h>

#include <linux/fscrypto.h>

#include <linux/ecryptfs.h>

static unsigned int num_prealloc_crypto_pages = 32;

static unsigned int num_prealloc_crypto_ctxs = 128;

EXPORT_SYMBOL(fscrypt_get_ctx);

/**

 * fscrypt_complete() - The completion callback for page encryption

 * @req: The asynchronous encryption request context

 * @res: The result of the encryption operation

 * page_crypt_complete() - completion callback for page crypto

 * @req: The asynchronous cipher request context

 * @res: The result of the cipher operation

 */

static void fscrypt_complete(struct crypto_async_request *req, int res)

static void page_crypt_complete(struct crypto_async_request *req, int res)

{

	struct fscrypt_completion_result *ecr = req->data;

	skcipher_request_set_callback(

		req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,

		fscrypt_complete, &ecr);

		page_crypt_complete, &ecr);

	BUILD_BUG_ON(FS_XTS_TWEAK_SIZE < sizeof(index));

	memcpy(xts_tweak, &index, sizeof(index));

 * This has not yet undergone a rigorous security audit.

 */

#include <keys/encrypted-type.h>

#include <keys/user-type.h>

#include <linux/scatterlist.h>

#include <linux/ratelimit.h>

#include <linux/fscrypto.h>

static u32 size_round_up(size_t size, size_t blksize)

{

	return ((size + blksize - 1) / blksize) * blksize;

}

/**

 * dir_crypt_complete() -

 * fname_crypt_complete() - completion callback for filename crypto

 * @req: The asynchronous cipher request context

 * @res: The result of the cipher operation

 */

static void dir_crypt_complete(struct crypto_async_request *req, int res)

static void fname_crypt_complete(struct crypto_async_request *req, int res)

{

	struct fscrypt_completion_result *ecr = req->data;

}

/**

 * fname_encrypt() -

 * fname_encrypt() - encrypt a filename

 *

 * This function encrypts the input filename, and returns the length of the

 * ciphertext. Errors are returned as negative numbers.  We trust the caller to

 * allocate sufficient memory to oname string.

 * The caller must have allocated sufficient memory for the @oname string.

 *

 * Return: 0 on success, -errno on failure

 */

static int fname_encrypt(struct inode *inode,

			const struct qstr *iname, struct fscrypt_str *oname)

	if (iname->len <= 0 || iname->len > lim)

		return -EIO;

	ciphertext_len = (iname->len < FS_CRYPTO_BLOCK_SIZE) ?

					FS_CRYPTO_BLOCK_SIZE : iname->len;

	ciphertext_len = size_round_up(ciphertext_len, padding);

	ciphertext_len = (ciphertext_len > lim) ? lim : ciphertext_len;

	ciphertext_len = max(iname->len, (u32)FS_CRYPTO_BLOCK_SIZE);

	ciphertext_len = round_up(ciphertext_len, padding);

	ciphertext_len = min(ciphertext_len, lim);

	if (ciphertext_len <= sizeof(buf)) {

		workbuf = buf;

	}

	skcipher_request_set_callback(req,

			CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,

			dir_crypt_complete, &ecr);

			fname_crypt_complete, &ecr);

	/* Copy the input */

	memcpy(workbuf, iname->name, iname->len);

	}

	kfree(alloc_buf);

	skcipher_request_free(req);

	if (res < 0)

	if (res < 0) {

		printk_ratelimited(KERN_ERR

				"%s: Error (error code %d)\n", __func__, res);

		return res;

	}

	oname->len = ciphertext_len;

	return res;

	return 0;

}

/*

 * fname_decrypt()

 *	This function decrypts the input filename, and returns

 *	the length of the plaintext.

 *	Errors are returned as negative numbers.

 *	We trust the caller to allocate sufficient memory to oname string.

/**

 * fname_decrypt() - decrypt a filename

 *

 * The caller must have allocated sufficient memory for the @oname string.

 *

 * Return: 0 on success, -errno on failure

 */

static int fname_decrypt(struct inode *inode,

				const struct fscrypt_str *iname,

	}

	skcipher_request_set_callback(req,

		CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,

		dir_crypt_complete, &ecr);

		fname_crypt_complete, &ecr);

	/* Initialize IV */

	memset(iv, 0, FS_CRYPTO_BLOCK_SIZE);

	}

	oname->len = strnlen(oname->name, iname->len);

	return oname->len;

	return 0;

}

static const char *lookup_table =

	if (ci)

		padding = 4 << (ci->ci_flags & FS_POLICY_FLAGS_PAD_MASK);

	if (ilen < FS_CRYPTO_BLOCK_SIZE)

		ilen = FS_CRYPTO_BLOCK_SIZE;

	return size_round_up(ilen, padding);

	ilen = max(ilen, (u32)FS_CRYPTO_BLOCK_SIZE);

	return round_up(ilen, padding);

}

EXPORT_SYMBOL(fscrypt_fname_encrypted_size);

/**

 * fscrypt_fname_disk_to_usr() - converts a filename from disk space to user

 * space

 *

 * The caller must have allocated sufficient memory for the @oname string.

 *

 * Return: 0 on success, -errno on failure

 */

int fscrypt_fname_disk_to_usr(struct inode *inode,

			u32 hash, u32 minor_hash,

{

	const struct qstr qname = FSTR_TO_QSTR(iname);

	char buf[24];

	int ret;

	if (fscrypt_is_dot_dotdot(&qname)) {

		oname->name[0] = '.';

		oname->name[iname->len - 1] = '.';

		oname->len = iname->len;

		return oname->len;

		return 0;

	}

	if (iname->len < FS_CRYPTO_BLOCK_SIZE)

		return fname_decrypt(inode, iname, oname);

	if (iname->len <= FS_FNAME_CRYPTO_DIGEST_SIZE) {

		ret = digest_encode(iname->name, iname->len, oname->name);

		oname->len = ret;

		return ret;

		oname->len = digest_encode(iname->name, iname->len,

					   oname->name);

		return 0;

	}

	if (hash) {

		memcpy(buf, &hash, 4);

	}

	memcpy(buf + 8, iname->name + iname->len - 16, 16);

	oname->name[0] = '_';

	ret = digest_encode(buf, 24, oname->name + 1);

	oname->len = ret + 1;

	return ret + 1;

	oname->len = 1 + digest_encode(buf, 24, oname->name + 1);

	return 0;

}

EXPORT_SYMBOL(fscrypt_fname_disk_to_usr);

/**

 * fscrypt_fname_usr_to_disk() - converts a filename from user space to disk

 * space

 *

 * The caller must have allocated sufficient memory for the @oname string.

 *

 * Return: 0 on success, -errno on failure

 */

int fscrypt_fname_usr_to_disk(struct inode *inode,

			const struct qstr *iname,

		oname->name[0] = '.';

		oname->name[iname->len - 1] = '.';

		oname->len = iname->len;

		return oname->len;

		return 0;

	}

	if (inode->i_crypt_info)

		return fname_encrypt(inode, iname, oname);

	if (dir->i_crypt_info) {

		ret = fscrypt_fname_alloc_buffer(dir, iname->len,

							&fname->crypto_buf);

		if (ret < 0)

		if (ret)

			return ret;

		ret = fname_encrypt(dir, iname, &fname->crypto_buf);

		if (ret < 0)

		if (ret)

			goto errout;

		fname->disk_name.name = fname->crypto_buf.name;

		fname->disk_name.len = fname->crypto_buf.len;

 * Written by Michael Halcrow, Ildar Muslukhov, and Uday Savagaonkar, 2015.

 */

#include <keys/encrypted-type.h>

#include <keys/user-type.h>

#include <linux/random.h>

#include <linux/scatterlist.h>

#include <uapi/linux/keyctl.h>

#include <linux/fscrypto.h>

static void derive_crypt_complete(struct crypto_async_request *req, int rc)

	return res;

}

static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode,

				 const char **cipher_str_ret, int *keysize_ret)

{

	if (S_ISREG(inode->i_mode)) {

		if (ci->ci_data_mode == FS_ENCRYPTION_MODE_AES_256_XTS) {

			*cipher_str_ret = "xts(aes)";

			*keysize_ret = FS_AES_256_XTS_KEY_SIZE;

			return 0;

		}

		pr_warn_once("fscrypto: unsupported contents encryption mode "

			     "%d for inode %lu\n",

			     ci->ci_data_mode, inode->i_ino);

		return -ENOKEY;

	}

	if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) {

		if (ci->ci_filename_mode == FS_ENCRYPTION_MODE_AES_256_CTS) {

			*cipher_str_ret = "cts(cbc(aes))";

			*keysize_ret = FS_AES_256_CTS_KEY_SIZE;

			return 0;

		}

		pr_warn_once("fscrypto: unsupported filenames encryption mode "

			     "%d for inode %lu\n",

			     ci->ci_filename_mode, inode->i_ino);

		return -ENOKEY;

	}

	pr_warn_once("fscrypto: unsupported file type %d for inode %lu\n",

		     (inode->i_mode & S_IFMT), inode->i_ino);

	return -ENOKEY;

}

static void put_crypt_info(struct fscrypt_info *ci)

{

	if (!ci)

	struct fscrypt_context ctx;

	struct crypto_skcipher *ctfm;

	const char *cipher_str;

	int keysize;

	u8 raw_key[FS_MAX_KEY_SIZE];

	u8 mode;

	int res;

	res = fscrypt_initialize();

	if (res < 0) {

		if (!fscrypt_dummy_context_enabled(inode))

			return res;

		ctx.format = FS_ENCRYPTION_CONTEXT_FORMAT_V1;

		ctx.contents_encryption_mode = FS_ENCRYPTION_MODE_AES_256_XTS;

		ctx.filenames_encryption_mode = FS_ENCRYPTION_MODE_AES_256_CTS;

		ctx.flags = 0;

	} else if (res != sizeof(ctx)) {

		return -EINVAL;

	}

	res = 0;

	if (ctx.format != FS_ENCRYPTION_CONTEXT_FORMAT_V1)

		return -EINVAL;

	if (ctx.flags & ~FS_POLICY_FLAGS_VALID)

		return -EINVAL;

	crypt_info = kmem_cache_alloc(fscrypt_info_cachep, GFP_NOFS);

	if (!crypt_info)

	crypt_info->ci_keyring_key = NULL;

	memcpy(crypt_info->ci_master_key, ctx.master_key_descriptor,

				sizeof(crypt_info->ci_master_key));

	if (S_ISREG(inode->i_mode))

		mode = crypt_info->ci_data_mode;

	else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode))

		mode = crypt_info->ci_filename_mode;

	else

		BUG();

	switch (mode) {

	case FS_ENCRYPTION_MODE_AES_256_XTS:

		cipher_str = "xts(aes)";

		break;

	case FS_ENCRYPTION_MODE_AES_256_CTS:

		cipher_str = "cts(cbc(aes))";

		break;

	default:

		printk_once(KERN_WARNING

			    "%s: unsupported key mode %d (ino %u)\n",

			    __func__, mode, (unsigned) inode->i_ino);

		res = -ENOKEY;

	res = determine_cipher_type(crypt_info, inode, &cipher_str, &keysize);

	if (res)

		goto out;

	}

	if (fscrypt_dummy_context_enabled(inode)) {

		memset(raw_key, 0x42, FS_AES_256_XTS_KEY_SIZE);

		goto got_key;

	crypt_info->ci_ctfm = ctfm;

	crypto_skcipher_clear_flags(ctfm, ~0);

	crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_REQ_WEAK_KEY);

	res = crypto_skcipher_setkey(ctfm, raw_key, fscrypt_key_size(mode));

	res = crypto_skcipher_setkey(ctfm, raw_key, keysize);

	if (res)

		goto out;

					/* Directory is encrypted */

					err = fscrypt_fname_disk_to_usr(inode,

						0, 0, &de_name, &fstr);

					de_name = fstr;

					fstr.len = save_len;

					if (err < 0)

					if (err)

						goto errout;

					if (!dir_emit(ctx,

					    fstr.name, err,

					    de_name.name, de_name.len,

					    le32_to_cpu(de->inode),

					    get_dtype(sb, de->file_type)))

						goto done;

		      int buf_size)

{

	struct ext4_dir_entry_2 *de;

	int nlen, rlen;

	int rlen;

	unsigned int offset = 0;

	char *top;

		if (ext4_check_dir_entry(dir, NULL, de, bh,

					 buf, buf_size, offset))

			return -EFSCORRUPTED;

		nlen = EXT4_DIR_REC_LEN(de->name_len);

		rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);

		de = (struct ext4_dir_entry_2 *)((char *)de + rlen);

		offset += rlen;

				 (s)->s_first_ino)

#endif

#define EXT4_BLOCK_ALIGN(size, blkbits)		ALIGN((size), (1 << (blkbits)))

#define EXT4_MAX_BLOCKS(size, offset, blkbits) \

	((EXT4_BLOCK_ALIGN(size + offset, blkbits) >> blkbits) - (offset >> \

								  blkbits))

/* Translate a block number to a cluster number */

#define EXT4_B2C(sbi, blk)	((blk) >> (sbi)->s_cluster_bits)

#define EXT4_MOUNT_POSIX_ACL		0x08000	/* POSIX Access Control Lists */

#define EXT4_MOUNT_NO_AUTO_DA_ALLOC	0x10000	/* No auto delalloc mapping */

#define EXT4_MOUNT_BARRIER		0x20000 /* Use block barriers */

#define EXT4_MOUNT_QUOTA		0x80000 /* Some quota option set */

#define EXT4_MOUNT_USRQUOTA		0x100000 /* "old" user quota */

#define EXT4_MOUNT_GRPQUOTA		0x200000 /* "old" group quota */

#define EXT4_MOUNT_QUOTA		0x40000 /* Some quota option set */

#define EXT4_MOUNT_USRQUOTA		0x80000 /* "old" user quota,

						 * enable enforcement for hidden

						 * quota files */

#define EXT4_MOUNT_GRPQUOTA		0x100000 /* "old" group quota, enable

						  * enforcement for hidden quota

						  * files */

#define EXT4_MOUNT_PRJQUOTA		0x200000 /* Enable project quota

						  * enforcement */

#define EXT4_MOUNT_DIOREAD_NOLOCK	0x400000 /* Enable support for dio read nolocking */

#define EXT4_MOUNT_JOURNAL_CHECKSUM	0x800000 /* Journal checksums */

#define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT	0x1000000 /* Journal Async Commit */

 * Feature set definitions

 */

/* Use the ext4_{has,set,clear}_feature_* helpers; these will be removed */

#define EXT4_HAS_COMPAT_FEATURE(sb,mask)			\

	((EXT4_SB(sb)->s_es->s_feature_compat & cpu_to_le32(mask)) != 0)

#define EXT4_HAS_RO_COMPAT_FEATURE(sb,mask)			\

	((EXT4_SB(sb)->s_es->s_feature_ro_compat & cpu_to_le32(mask)) != 0)

#define EXT4_HAS_INCOMPAT_FEATURE(sb,mask)			\

	((EXT4_SB(sb)->s_es->s_feature_incompat & cpu_to_le32(mask)) != 0)

#define EXT4_SET_COMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_compat |= cpu_to_le32(mask)

#define EXT4_SET_RO_COMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_ro_compat |= cpu_to_le32(mask)

#define EXT4_SET_INCOMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_incompat |= cpu_to_le32(mask)

#define EXT4_CLEAR_COMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_compat &= ~cpu_to_le32(mask)

#define EXT4_CLEAR_RO_COMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_ro_compat &= ~cpu_to_le32(mask)

#define EXT4_CLEAR_INCOMPAT_FEATURE(sb,mask)			\

	EXT4_SB(sb)->s_es->s_feature_incompat &= ~cpu_to_le32(mask)

#define EXT4_FEATURE_COMPAT_DIR_PREALLOC	0x0001

#define EXT4_FEATURE_COMPAT_IMAGIC_INODES	0x0002

#define EXT4_FEATURE_COMPAT_HAS_JOURNAL		0x0004