fs/ext4/crypto_policy.c

   1 /*
   2  * linux/fs/ext4/crypto_policy.c
   3  *
   4  * Copyright (C) 2015, Google, Inc.
   5  *
   6  * This contains encryption policy functions for ext4
   7  *
   8  * Written by Michael Halcrow, 2015.
   9  */
  10
  11 #include <linux/random.h>
  12 #include <linux/string.h>
  13 #include <linux/types.h>
  14
  15 #include "ext4.h"
  16 #include "xattr.h"
  17
  18 static int ext4_inode_has_encryption_context(struct inode *inode)
  19 {
  20         int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
  21                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, NULL, 0);
  22         return (res > 0);
  23 }
  24
  25 /*
  26  * check whether the policy is consistent with the encryption context
  27  * for the inode
  28  */
  29 static int ext4_is_encryption_context_consistent_with_policy(
  30         struct inode *inode, const struct ext4_encryption_policy *policy)
  31 {
  32         struct ext4_encryption_context ctx;
  33         int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
  34                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
  35                                  sizeof(ctx));
  36         if (res != sizeof(ctx))
  37                 return 0;
  38         return (memcmp(ctx.master_key_descriptor, policy->master_key_descriptor,
  39                         EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
  40                 (ctx.contents_encryption_mode ==
  41                  policy->contents_encryption_mode) &&
  42                 (ctx.filenames_encryption_mode ==
  43                  policy->filenames_encryption_mode));
  44 }
  45
  46 static int ext4_create_encryption_context_from_policy(
  47         struct inode *inode, const struct ext4_encryption_policy *policy)
  48 {
  49         struct ext4_encryption_context ctx;
  50         int res = 0;
  51
  52         ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
  53         memcpy(ctx.master_key_descriptor, policy->master_key_descriptor,
  54                EXT4_KEY_DESCRIPTOR_SIZE);
  55         ctx.contents_encryption_mode = policy->contents_encryption_mode;
  56         ctx.filenames_encryption_mode = policy->filenames_encryption_mode;
  57         BUILD_BUG_ON(sizeof(ctx.nonce) != EXT4_KEY_DERIVATION_NONCE_SIZE);
  58         get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
  59
  60         res = ext4_xattr_set(inode, EXT4_XATTR_INDEX_ENCRYPTION,
  61                              EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
  62                              sizeof(ctx), 0);
  63         if (!res)
  64                 ext4_set_inode_flag(inode, EXT4_INODE_ENCRYPT);
  65         return res;
  66 }
  67
  68 int ext4_process_policy(const struct ext4_encryption_policy *policy,
  69                         struct inode *inode)
  70 {
  71         if (policy->version != 0)
  72                 return -EINVAL;
  73
  74         if (!ext4_inode_has_encryption_context(inode)) {
  75                 if (!ext4_empty_dir(inode))
  76                         return -ENOTEMPTY;
  77                 return ext4_create_encryption_context_from_policy(inode,
  78                                                                   policy);
  79         }
  80
  81         if (ext4_is_encryption_context_consistent_with_policy(inode, policy))
  82                 return 0;
  83
  84         printk(KERN_WARNING "%s: Policy inconsistent with encryption context\n",
  85                __func__);
  86         return -EINVAL;
  87 }
  88
  89 int ext4_get_policy(struct inode *inode, struct ext4_encryption_policy *policy)
  90 {
  91         struct ext4_encryption_context ctx;
  92
  93         int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
  94                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
  95                                  &ctx, sizeof(ctx));
  96         if (res != sizeof(ctx))
  97                 return -ENOENT;
  98         if (ctx.format != EXT4_ENCRYPTION_CONTEXT_FORMAT_V1)
  99                 return -EINVAL;
 100         policy->version = 0;
 101         policy->contents_encryption_mode = ctx.contents_encryption_mode;
 102         policy->filenames_encryption_mode = ctx.filenames_encryption_mode;
 103         memcpy(&policy->master_key_descriptor, ctx.master_key_descriptor,
 104                EXT4_KEY_DESCRIPTOR_SIZE);
 105         return 0;
 106 }
 107
 108 int ext4_is_child_context_consistent_with_parent(struct inode *parent,
 109                                                  struct inode *child)
 110 {
 111         struct ext4_encryption_context parent_ctx, child_ctx;
 112         int res;
 113
 114         if ((parent == NULL) || (child == NULL)) {
 115                 pr_err("parent %p child %p\n", parent, child);
 116                 BUG_ON(1);
 117         }
 118         /* no restrictions if the parent directory is not encrypted */
 119         if (!ext4_encrypted_inode(parent))
 120                 return 1;
 121         res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
 122                              EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 123                              &parent_ctx, sizeof(parent_ctx));
 124         if (res != sizeof(parent_ctx))
 125                 return 0;
 126         /* if the child directory is not encrypted, this is always a problem */
 127         if (!ext4_encrypted_inode(child))
 128                 return 0;
 129         res = ext4_xattr_get(child, EXT4_XATTR_INDEX_ENCRYPTION,
 130                              EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 131                              &child_ctx, sizeof(child_ctx));
 132         if (res != sizeof(child_ctx))
 133                 return 0;
 134         return (memcmp(parent_ctx.master_key_descriptor,
 135                        child_ctx.master_key_descriptor,
 136                        EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
 137                 (parent_ctx.contents_encryption_mode ==
 138                  child_ctx.contents_encryption_mode) &&
 139                 (parent_ctx.filenames_encryption_mode ==
 140                  child_ctx.filenames_encryption_mode));
 141 }
 142
 143 /**
 144  * ext4_inherit_context() - Sets a child context from its parent
 145  * @parent: Parent inode from which the context is inherited.
 146  * @child:  Child inode that inherits the context from @parent.
 147  *
 148  * Return: Zero on success, non-zero otherwise
 149  */
 150 int ext4_inherit_context(struct inode *parent, struct inode *child)
 151 {
 152         struct ext4_encryption_context ctx;
 153         int res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
 154                                  EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
 155                                  &ctx, sizeof(ctx));
 156
 157         if (res != sizeof(ctx))
 158                 return -ENOENT;
 159
 160         get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
 161         res = ext4_xattr_set(child, EXT4_XATTR_INDEX_ENCRYPTION,
 162                              EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
 163                              sizeof(ctx), 0);
 164         if (!res)
 165                 ext4_set_inode_flag(child, EXT4_INODE_ENCRYPT);
 166         return res;
 167 }