~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/fs/ext4/ext4_crypto.h

Version: ~ [ linux-5.5-rc7 ] ~ [ linux-5.4.13 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.97 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.166 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.210 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.210 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.81 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * linux/fs/ext4/ext4_crypto.h
  3  *
  4  * Copyright (C) 2015, Google, Inc.
  5  *
  6  * This contains encryption header content for ext4
  7  *
  8  * Written by Michael Halcrow, 2015.
  9  */
 10 
 11 #ifndef _EXT4_CRYPTO_H
 12 #define _EXT4_CRYPTO_H
 13 
 14 #include <linux/fs.h>
 15 
 16 #define EXT4_KEY_DESCRIPTOR_SIZE 8
 17 
 18 /* Policy provided via an ioctl on the topmost directory */
 19 struct ext4_encryption_policy {
 20         char version;
 21         char contents_encryption_mode;
 22         char filenames_encryption_mode;
 23         char flags;
 24         char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
 25 } __attribute__((__packed__));
 26 
 27 #define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1
 28 #define EXT4_KEY_DERIVATION_NONCE_SIZE 16
 29 
 30 #define EXT4_POLICY_FLAGS_PAD_4         0x00
 31 #define EXT4_POLICY_FLAGS_PAD_8         0x01
 32 #define EXT4_POLICY_FLAGS_PAD_16        0x02
 33 #define EXT4_POLICY_FLAGS_PAD_32        0x03
 34 #define EXT4_POLICY_FLAGS_PAD_MASK      0x03
 35 #define EXT4_POLICY_FLAGS_VALID         0x03
 36 
 37 /**
 38  * Encryption context for inode
 39  *
 40  * Protector format:
 41  *  1 byte: Protector format (1 = this version)
 42  *  1 byte: File contents encryption mode
 43  *  1 byte: File names encryption mode
 44  *  1 byte: Reserved
 45  *  8 bytes: Master Key descriptor
 46  *  16 bytes: Encryption Key derivation nonce
 47  */
 48 struct ext4_encryption_context {
 49         char format;
 50         char contents_encryption_mode;
 51         char filenames_encryption_mode;
 52         char flags;
 53         char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
 54         char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE];
 55 } __attribute__((__packed__));
 56 
 57 /* Encryption parameters */
 58 #define EXT4_XTS_TWEAK_SIZE 16
 59 #define EXT4_AES_128_ECB_KEY_SIZE 16
 60 #define EXT4_AES_256_GCM_KEY_SIZE 32
 61 #define EXT4_AES_256_CBC_KEY_SIZE 32
 62 #define EXT4_AES_256_CTS_KEY_SIZE 32
 63 #define EXT4_AES_256_XTS_KEY_SIZE 64
 64 #define EXT4_MAX_KEY_SIZE 64
 65 
 66 #define EXT4_KEY_DESC_PREFIX "ext4:"
 67 #define EXT4_KEY_DESC_PREFIX_SIZE 5
 68 
 69 /* This is passed in from userspace into the kernel keyring */
 70 struct ext4_encryption_key {
 71         __u32 mode;
 72         char raw[EXT4_MAX_KEY_SIZE];
 73         __u32 size;
 74 } __attribute__((__packed__));
 75 
 76 struct ext4_crypt_info {
 77         char            ci_data_mode;
 78         char            ci_filename_mode;
 79         char            ci_flags;
 80         struct crypto_skcipher *ci_ctfm;
 81         struct key      *ci_keyring_key;
 82         char            ci_master_key[EXT4_KEY_DESCRIPTOR_SIZE];
 83 };
 84 
 85 #define EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL             0x00000001
 86 #define EXT4_WRITE_PATH_FL                            0x00000002
 87 
 88 struct ext4_crypto_ctx {
 89         union {
 90                 struct {
 91                         struct page *bounce_page;       /* Ciphertext page */
 92                         struct page *control_page;      /* Original page  */
 93                 } w;
 94                 struct {
 95                         struct bio *bio;
 96                         struct work_struct work;
 97                 } r;
 98                 struct list_head free_list;     /* Free list */
 99         };
100         char flags;                      /* Flags */
101         char mode;                       /* Encryption mode for tfm */
102 };
103 
104 struct ext4_completion_result {
105         struct completion completion;
106         int res;
107 };
108 
109 #define DECLARE_EXT4_COMPLETION_RESULT(ecr) \
110         struct ext4_completion_result ecr = { \
111                 COMPLETION_INITIALIZER((ecr).completion), 0 }
112 
113 static inline int ext4_encryption_key_size(int mode)
114 {
115         switch (mode) {
116         case EXT4_ENCRYPTION_MODE_AES_256_XTS:
117                 return EXT4_AES_256_XTS_KEY_SIZE;
118         case EXT4_ENCRYPTION_MODE_AES_256_GCM:
119                 return EXT4_AES_256_GCM_KEY_SIZE;
120         case EXT4_ENCRYPTION_MODE_AES_256_CBC:
121                 return EXT4_AES_256_CBC_KEY_SIZE;
122         case EXT4_ENCRYPTION_MODE_AES_256_CTS:
123                 return EXT4_AES_256_CTS_KEY_SIZE;
124         default:
125                 BUG();
126         }
127         return 0;
128 }
129 
130 #define EXT4_FNAME_NUM_SCATTER_ENTRIES  4
131 #define EXT4_CRYPTO_BLOCK_SIZE          16
132 #define EXT4_FNAME_CRYPTO_DIGEST_SIZE   32
133 
134 struct ext4_str {
135         unsigned char *name;
136         u32 len;
137 };
138 
139 /**
140  * For encrypted symlinks, the ciphertext length is stored at the beginning
141  * of the string in little-endian format.
142  */
143 struct ext4_encrypted_symlink_data {
144         __le16 len;
145         char encrypted_path[1];
146 } __attribute__((__packed__));
147 
148 /**
149  * This function is used to calculate the disk space required to
150  * store a filename of length l in encrypted symlink format.
151  */
152 static inline u32 encrypted_symlink_data_len(u32 l)
153 {
154         if (l < EXT4_CRYPTO_BLOCK_SIZE)
155                 l = EXT4_CRYPTO_BLOCK_SIZE;
156         return (l + sizeof(struct ext4_encrypted_symlink_data) - 1);
157 }
158 
159 #endif  /* _EXT4_CRYPTO_H */
160 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp