1 files changed, 0 insertions, 536 deletions
diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
deleted file mode 100644
index 6a6c27373b54..000000000000
--- a/fs/ext4/crypto.c
+++ /dev/null
@@ -1,536 +0,0 @@
-/*
- * linux/fs/ext4/crypto.c
- *
- * Copyright (C) 2015, Google, Inc.
- *
- * This contains encryption functions for ext4
- *
- * Written by Michael Halcrow, 2014.
- *
- * Filename encryption additions
- *      Uday Savagaonkar, 2014
- * Encryption policy handling additions
- *      Ildar Muslukhov, 2014
- *
- * This has not yet undergone a rigorous security audit.
- *
- * The usage of AES-XTS should conform to recommendations in NIST
- * Special Publication 800-38E and IEEE P1619/D16.
- */
-#include <crypto/skcipher.h>
-#include <keys/user-type.h>
-#include <keys/encrypted-type.h>
-#include <linux/ecryptfs.h>
-#include <linux/gfp.h>
-#include <linux/kernel.h>
-#include <linux/key.h>
-#include <linux/list.h>
-#include <linux/mempool.h>
-#include <linux/module.h>
-#include <linux/mutex.h>
-#include <linux/random.h>
-#include <linux/scatterlist.h>
-#include <linux/spinlock_types.h>
-#include <linux/namei.h>
-#include "ext4_extents.h"
-#include "xattr.h"
-/* Encryption added and removed here! (L: */
-static unsigned int num_prealloc_crypto_pages = 32;
-static unsigned int num_prealloc_crypto_ctxs = 128;
-module_param(num_prealloc_crypto_pages, uint, 0444);
-MODULE_PARM_DESC(num_prealloc_crypto_pages,
-                 "Number of crypto pages to preallocate");
-module_param(num_prealloc_crypto_ctxs, uint, 0444);
-MODULE_PARM_DESC(num_prealloc_crypto_ctxs,
-                 "Number of crypto contexts to preallocate");
-static mempool_t *ext4_bounce_page_pool;
-static LIST_HEAD(ext4_free_crypto_ctxs);
-static DEFINE_SPINLOCK(ext4_crypto_ctx_lock);
-static struct kmem_cache *ext4_crypto_ctx_cachep;
-struct kmem_cache *ext4_crypt_info_cachep;
-/**
- * ext4_release_crypto_ctx() - Releases an encryption context
- * @ctx: The encryption context to release.
- *
- * If the encryption context was allocated from the pre-allocated pool, returns
- * it to that pool. Else, frees it.
- *
- * If there's a bounce page in the context, this frees that.
- */
-void ext4_release_crypto_ctx(struct ext4_crypto_ctx *ctx)
-{
-        unsigned long flags;
-        if (ctx->flags & EXT4_WRITE_PATH_FL && ctx->w.bounce_page)
-                mempool_free(ctx->w.bounce_page, ext4_bounce_page_pool);
-        ctx->w.bounce_page = NULL;
-        ctx->w.control_page = NULL;
-        if (ctx->flags & EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL) {
-                kmem_cache_free(ext4_crypto_ctx_cachep, ctx);
-        } else {
-                spin_lock_irqsave(&ext4_crypto_ctx_lock, flags);
-                list_add(&ctx->free_list, &ext4_free_crypto_ctxs);
-                spin_unlock_irqrestore(&ext4_crypto_ctx_lock, flags);
-        }
-}
-/**
- * ext4_get_crypto_ctx() - Gets an encryption context
- * @inode:       The inode for which we are doing the crypto
- *
- * Allocates and initializes an encryption context.
- *
- * Return: An allocated and initialized encryption context on success; error
- * value or NULL otherwise.
- */
-struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode,
-                                            gfp_t gfp_flags)
-{
-        struct ext4_crypto_ctx *ctx = NULL;
-        int res = 0;
-        unsigned long flags;
-        struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
-        if (ci == NULL)
-                return ERR_PTR(-ENOKEY);
-        /*
-         * We first try getting the ctx from a free list because in
-         * the common case the ctx will have an allocated and
-         * initialized crypto tfm, so it's probably a worthwhile
-         * optimization. For the bounce page, we first try getting it
-         * from the kernel allocator because that's just about as fast
-         * as getting it from a list and because a cache of free pages
-         * should generally be a "last resort" option for a filesystem
-         * to be able to do its job.
-         */
-        spin_lock_irqsave(&ext4_crypto_ctx_lock, flags);
-        ctx = list_first_entry_or_null(&ext4_free_crypto_ctxs,
-                                       struct ext4_crypto_ctx, free_list);
-        if (ctx)
-                list_del(&ctx->free_list);
-        spin_unlock_irqrestore(&ext4_crypto_ctx_lock, flags);
-        if (!ctx) {
-                ctx = kmem_cache_zalloc(ext4_crypto_ctx_cachep, gfp_flags);
-                if (!ctx) {
-                        res = -ENOMEM;
-                        goto out;
-                }
-                ctx->flags |= EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL;
-        } else {
-                ctx->flags &= ~EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL;
-        }
-        ctx->flags &= ~EXT4_WRITE_PATH_FL;
-out:
-        if (res) {
-                if (!IS_ERR_OR_NULL(ctx))
-                        ext4_release_crypto_ctx(ctx);
-                ctx = ERR_PTR(res);
-        }
-        return ctx;
-}
-struct workqueue_struct *ext4_read_workqueue;
-static DEFINE_MUTEX(crypto_init);
-/**
- * ext4_exit_crypto() - Shutdown the ext4 encryption system
- */
-void ext4_exit_crypto(void)
-{
-        struct ext4_crypto_ctx *pos, *n;
-        list_for_each_entry_safe(pos, n, &ext4_free_crypto_ctxs, free_list)
-                kmem_cache_free(ext4_crypto_ctx_cachep, pos);
-        INIT_LIST_HEAD(&ext4_free_crypto_ctxs);
-        if (ext4_bounce_page_pool)
-                mempool_destroy(ext4_bounce_page_pool);
-        ext4_bounce_page_pool = NULL;
-        if (ext4_read_workqueue)
-                destroy_workqueue(ext4_read_workqueue);
-        ext4_read_workqueue = NULL;
-        if (ext4_crypto_ctx_cachep)
-                kmem_cache_destroy(ext4_crypto_ctx_cachep);
-        ext4_crypto_ctx_cachep = NULL;
-        if (ext4_crypt_info_cachep)
-                kmem_cache_destroy(ext4_crypt_info_cachep);
-        ext4_crypt_info_cachep = NULL;
-}
-/**
- * ext4_init_crypto() - Set up for ext4 encryption.
- *
- * We only call this when we start accessing encrypted files, since it
- * results in memory getting allocated that wouldn't otherwise be used.
- *
- * Return: Zero on success, non-zero otherwise.
- */
-int ext4_init_crypto(void)
-{
-        int i, res = -ENOMEM;
-        mutex_lock(&crypto_init);
-        if (ext4_read_workqueue)
-                goto already_initialized;
-        ext4_read_workqueue = alloc_workqueue("ext4_crypto", WQ_HIGHPRI, 0);
-        if (!ext4_read_workqueue)
-                goto fail;
-        ext4_crypto_ctx_cachep = KMEM_CACHE(ext4_crypto_ctx,
-                                            SLAB_RECLAIM_ACCOUNT);
-        if (!ext4_crypto_ctx_cachep)
-                goto fail;
-        ext4_crypt_info_cachep = KMEM_CACHE(ext4_crypt_info,
-                                            SLAB_RECLAIM_ACCOUNT);
-        if (!ext4_crypt_info_cachep)
-                goto fail;
-        for (i = 0; i < num_prealloc_crypto_ctxs; i++) {
-                struct ext4_crypto_ctx *ctx;
-                ctx = kmem_cache_zalloc(ext4_crypto_ctx_cachep, GFP_NOFS);
-                if (!ctx) {
-                        res = -ENOMEM;
-                        goto fail;
-                }
-                list_add(&ctx->free_list, &ext4_free_crypto_ctxs);
-        }
-        ext4_bounce_page_pool =
-                mempool_create_page_pool(num_prealloc_crypto_pages, 0);
-        if (!ext4_bounce_page_pool) {
-                res = -ENOMEM;
-                goto fail;
-        }
-already_initialized:
-        mutex_unlock(&crypto_init);
-        return 0;
-fail:
-        ext4_exit_crypto();
-        mutex_unlock(&crypto_init);
-        return res;
-}
-void ext4_restore_control_page(struct page *data_page)
-{
-        struct ext4_crypto_ctx *ctx =
-                (struct ext4_crypto_ctx *)page_private(data_page);
-        set_page_private(data_page, (unsigned long)NULL);
-        ClearPagePrivate(data_page);
-        unlock_page(data_page);
-        ext4_release_crypto_ctx(ctx);
-}
-/**
- * ext4_crypt_complete() - The completion callback for page encryption
- * @req: The asynchronous encryption request context
- * @res: The result of the encryption operation
- */
-static void ext4_crypt_complete(struct crypto_async_request *req, int res)
-{
-        struct ext4_completion_result *ecr = req->data;
-        if (res == -EINPROGRESS)
-                return;
-        ecr->res = res;
-        complete(&ecr->completion);
-}
-typedef enum {
-        EXT4_DECRYPT = 0,
-        EXT4_ENCRYPT,
-} ext4_direction_t;
-static int ext4_page_crypto(struct inode *inode,
-                            ext4_direction_t rw,
-                            pgoff_t index,
-                            struct page *src_page,
-                            struct page *dest_page,
-                            gfp_t gfp_flags)
-{
-        u8 xts_tweak[EXT4_XTS_TWEAK_SIZE];
-        struct skcipher_request *req = NULL;
-        DECLARE_EXT4_COMPLETION_RESULT(ecr);
-        struct scatterlist dst, src;
-        struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
-        struct crypto_skcipher *tfm = ci->ci_ctfm;
-        int res = 0;
-        req = skcipher_request_alloc(tfm, gfp_flags);
-        if (!req) {
-                printk_ratelimited(KERN_ERR
-                                   "%s: crypto_request_alloc() failed\n",
-                                   __func__);
-                return -ENOMEM;
-        }
-        skcipher_request_set_callback(
-                req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
-                ext4_crypt_complete, &ecr);
-        BUILD_BUG_ON(EXT4_XTS_TWEAK_SIZE < sizeof(index));
-        memcpy(xts_tweak, &index, sizeof(index));
-        memset(&xts_tweak[sizeof(index)], 0,
-               EXT4_XTS_TWEAK_SIZE - sizeof(index));
-        sg_init_table(&dst, 1);
-        sg_set_page(&dst, dest_page, PAGE_SIZE, 0);
-        sg_init_table(&src, 1);
-        sg_set_page(&src, src_page, PAGE_SIZE, 0);
-        skcipher_request_set_crypt(req, &src, &dst, PAGE_SIZE,
-                                   xts_tweak);
-        if (rw == EXT4_DECRYPT)
-                res = crypto_skcipher_decrypt(req);
-        else
-                res = crypto_skcipher_encrypt(req);
-        if (res == -EINPROGRESS || res == -EBUSY) {
-                wait_for_completion(&ecr.completion);
-                res = ecr.res;
-        }
-        skcipher_request_free(req);
-        if (res) {
-                printk_ratelimited(
-                        KERN_ERR
-                        "%s: crypto_skcipher_encrypt() returned %d\n",
-                        __func__, res);
-                return res;
-        }
-        return 0;
-}
-static struct page *alloc_bounce_page(struct ext4_crypto_ctx *ctx,
-                                      gfp_t gfp_flags)
-{
-        ctx->w.bounce_page = mempool_alloc(ext4_bounce_page_pool, gfp_flags);
-        if (ctx->w.bounce_page == NULL)
-                return ERR_PTR(-ENOMEM);
-        ctx->flags |= EXT4_WRITE_PATH_FL;
-        return ctx->w.bounce_page;
-}
-/**
- * ext4_encrypt() - Encrypts a page
- * @inode:          The inode for which the encryption should take place
- * @plaintext_page: The page to encrypt. Must be locked.
- *
- * Allocates a ciphertext page and encrypts plaintext_page into it using the ctx
- * encryption context.
- *
- * Called on the page write path.  The caller must call
- * ext4_restore_control_page() on the returned ciphertext page to
- * release the bounce buffer and the encryption context.
- *
- * Return: An allocated page with the encrypted content on success. Else, an
- * error value or NULL.
- */
-struct page *ext4_encrypt(struct inode *inode,
-                          struct page *plaintext_page,
-                          gfp_t gfp_flags)
-{
-        struct ext4_crypto_ctx *ctx;
-        struct page *ciphertext_page = NULL;
-        int err;
-        BUG_ON(!PageLocked(plaintext_page));
-        ctx = ext4_get_crypto_ctx(inode, gfp_flags);
-        if (IS_ERR(ctx))
-                return (struct page *) ctx;
-        /* The encryption operation will require a bounce page. */
-        ciphertext_page = alloc_bounce_page(ctx, gfp_flags);
-        if (IS_ERR(ciphertext_page))
-                goto errout;
-        ctx->w.control_page = plaintext_page;
-        err = ext4_page_crypto(inode, EXT4_ENCRYPT, plaintext_page->index,
-                               plaintext_page, ciphertext_page, gfp_flags);
-        if (err) {
-                ciphertext_page = ERR_PTR(err);
-        errout:
-                ext4_release_crypto_ctx(ctx);
-                return ciphertext_page;
-        }
-        SetPagePrivate(ciphertext_page);
-        set_page_private(ciphertext_page, (unsigned long)ctx);
-        lock_page(ciphertext_page);
-        return ciphertext_page;
-}
-/**
- * ext4_decrypt() - Decrypts a page in-place
- * @ctx:  The encryption context.
- * @page: The page to decrypt. Must be locked.
- *
- * Decrypts page in-place using the ctx encryption context.
- *
- * Called from the read completion callback.
- *
- * Return: Zero on success, non-zero otherwise.
- */
-int ext4_decrypt(struct page *page)
-{
-        BUG_ON(!PageLocked(page));
-        return ext4_page_crypto(page->mapping->host, EXT4_DECRYPT,
-                                page->index, page, page, GFP_NOFS);
-}
-int ext4_encrypted_zeroout(struct inode *inode, ext4_lblk_t lblk,
-                           ext4_fsblk_t pblk, ext4_lblk_t len)
-{
-        struct ext4_crypto_ctx  *ctx;
-        struct page             *ciphertext_page = NULL;
-        struct bio              *bio;
-        int                     ret, err = 0;
-#if 0
-        ext4_msg(inode->i_sb, KERN_CRIT,
-                 "ext4_encrypted_zeroout ino %lu lblk %u len %u",
-                 (unsigned long) inode->i_ino, lblk, len);
-#endif
-        BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE);
-        ctx = ext4_get_crypto_ctx(inode, GFP_NOFS);
-        if (IS_ERR(ctx))
-                return PTR_ERR(ctx);
-        ciphertext_page = alloc_bounce_page(ctx, GFP_NOWAIT);
-        if (IS_ERR(ciphertext_page)) {
-                err = PTR_ERR(ciphertext_page);
-                goto errout;
-        }
-        while (len--) {
-                err = ext4_page_crypto(inode, EXT4_ENCRYPT, lblk,
-                                       ZERO_PAGE(0), ciphertext_page,
-                                       GFP_NOFS);
-                if (err)
-                        goto errout;
-                bio = bio_alloc(GFP_NOWAIT, 1);
-                if (!bio) {
-                        err = -ENOMEM;
-                        goto errout;
-                }
-                bio->bi_bdev = inode->i_sb->s_bdev;
-                bio->bi_iter.bi_sector =
-                        pblk << (inode->i_sb->s_blocksize_bits - 9);
-                ret = bio_add_page(bio, ciphertext_page,
-                                   inode->i_sb->s_blocksize, 0);
-                if (ret != inode->i_sb->s_blocksize) {
-                        /* should never happen! */
-                        ext4_msg(inode->i_sb, KERN_ERR,
-                                 "bio_add_page failed: %d", ret);
-                        WARN_ON(1);
-                        bio_put(bio);
-                        err = -EIO;
-                        goto errout;
-                }
-                err = submit_bio_wait(WRITE, bio);
-                if ((err == 0) && bio->bi_error)
-                        err = -EIO;
-                bio_put(bio);
-                if (err)
-                        goto errout;
-                lblk++; pblk++;
-        }
-        err = 0;
-errout:
-        ext4_release_crypto_ctx(ctx);
-        return err;
-}
-bool ext4_valid_contents_enc_mode(uint32_t mode)
-{
-        return (mode == EXT4_ENCRYPTION_MODE_AES_256_XTS);
-}
-/**
- * ext4_validate_encryption_key_size() - Validate the encryption key size
- * @mode: The key mode.
- * @size: The key size to validate.
- *
- * Return: The validated key size for @mode. Zero if invalid.
- */
-uint32_t ext4_validate_encryption_key_size(uint32_t mode, uint32_t size)
-{
-        if (size == ext4_encryption_key_size(mode))
-                return size;
-        return 0;
-}
-/*
- * Validate dentries for encrypted directories to make sure we aren't
- * potentially caching stale data after a key has been added or
- * removed.
- */
-static int ext4_d_revalidate(struct dentry *dentry, unsigned int flags)
-{
-        struct dentry *dir;
-        struct ext4_crypt_info *ci;
-        int dir_has_key, cached_with_key;
-        if (flags & LOOKUP_RCU)
-                return -ECHILD;
-        dir = dget_parent(dentry);
-        if (!ext4_encrypted_inode(d_inode(dir))) {
-                dput(dir);
-                return 0;
-        }
-        ci = EXT4_I(d_inode(dir))->i_crypt_info;
-        if (ci && ci->ci_keyring_key &&
-            (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) |
-                                          (1 << KEY_FLAG_REVOKED) |
-                                          (1 << KEY_FLAG_DEAD))))
-                ci = NULL;
-        /* this should eventually be an flag in d_flags */
-        cached_with_key = dentry->d_fsdata != NULL;
-        dir_has_key = (ci != NULL);
-        dput(dir);
-        /*
-         * If the dentry was cached without the key, and it is a
-         * negative dentry, it might be a valid name.  We can't check
-         * if the key has since been made available due to locking
-         * reasons, so we fail the validation so ext4_lookup() can do
-         * this check.
-         *
-         * We also fail the validation if the dentry was created with
-         * the key present, but we no longer have the key, or vice versa.
-         */
-        if ((!cached_with_key && d_is_negative(dentry)) ||
-            (!cached_with_key && dir_has_key) ||
-            (cached_with_key && !dir_has_key)) {
-#if 0                           /* Revalidation debug */
-                char buf[80];
-                char *cp = simple_dname(dentry, buf, sizeof(buf));
-                if (IS_ERR(cp))
-                        cp = (char *) "???";
-                pr_err("revalidate: %s %p %d %d %d\n", cp, dentry->d_fsdata,
-                       cached_with_key, d_is_negative(dentry),
-                       dir_has_key);
-#endif
-                return 0;
-        }
-        return 1;
-}
-const struct dentry_operations ext4_encrypted_d_ops = {
-        .d_revalidate = ext4_d_revalidate,
-};

diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c deleted file mode 100644 index 6a6c27373b54..000000000000 --- a/fs/ext4/crypto.c +++ /dev/null
@@ -1,536 +0,0 @@
1	/*
2	* linux/fs/ext4/crypto.c
3	*
4	* Copyright (C) 2015, Google, Inc.
5	*
6	* This contains encryption functions for ext4
7	*
8	* Written by Michael Halcrow, 2014.
9	*
10	* Filename encryption additions
11	* Uday Savagaonkar, 2014
12	* Encryption policy handling additions
13	* Ildar Muslukhov, 2014
14	*
15	* This has not yet undergone a rigorous security audit.
16	*
17	* The usage of AES-XTS should conform to recommendations in NIST
18	* Special Publication 800-38E and IEEE P1619/D16.
19	*/
20
21	#include <crypto/skcipher.h>
22	#include <keys/user-type.h>
23	#include <keys/encrypted-type.h>
24	#include <linux/ecryptfs.h>
25	#include <linux/gfp.h>
26	#include <linux/kernel.h>
27	#include <linux/key.h>
28	#include <linux/list.h>
29	#include <linux/mempool.h>
30	#include <linux/module.h>
31	#include <linux/mutex.h>
32	#include <linux/random.h>
33	#include <linux/scatterlist.h>
34	#include <linux/spinlock_types.h>
35	#include <linux/namei.h>
36
37	#include "ext4_extents.h"
38	#include "xattr.h"
39
40	/* Encryption added and removed here! (L: */
41
42	static unsigned int num_prealloc_crypto_pages = 32;
43	static unsigned int num_prealloc_crypto_ctxs = 128;
44
45	module_param(num_prealloc_crypto_pages, uint, 0444);
46	MODULE_PARM_DESC(num_prealloc_crypto_pages,
47	"Number of crypto pages to preallocate");
48	module_param(num_prealloc_crypto_ctxs, uint, 0444);
49	MODULE_PARM_DESC(num_prealloc_crypto_ctxs,
50	"Number of crypto contexts to preallocate");
51
52	static mempool_t *ext4_bounce_page_pool;
53
54	static LIST_HEAD(ext4_free_crypto_ctxs);
55	static DEFINE_SPINLOCK(ext4_crypto_ctx_lock);
56
57	static struct kmem_cache *ext4_crypto_ctx_cachep;
58	struct kmem_cache *ext4_crypt_info_cachep;
59
60	/**
61	* ext4_release_crypto_ctx() - Releases an encryption context
62	* @ctx: The encryption context to release.
63	*
64	* If the encryption context was allocated from the pre-allocated pool, returns
65	* it to that pool. Else, frees it.
66	*
67	* If there's a bounce page in the context, this frees that.
68	*/
69	void ext4_release_crypto_ctx(struct ext4_crypto_ctx *ctx)
70	{
71	unsigned long flags;
72
73	if (ctx->flags & EXT4_WRITE_PATH_FL && ctx->w.bounce_page)
74	mempool_free(ctx->w.bounce_page, ext4_bounce_page_pool);
75	ctx->w.bounce_page = NULL;
76	ctx->w.control_page = NULL;
77	if (ctx->flags & EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL) {
78	kmem_cache_free(ext4_crypto_ctx_cachep, ctx);
79	} else {
80	spin_lock_irqsave(&ext4_crypto_ctx_lock, flags);
81	list_add(&ctx->free_list, &ext4_free_crypto_ctxs);
82	spin_unlock_irqrestore(&ext4_crypto_ctx_lock, flags);
83	}
84	}
85
86	/**
87	* ext4_get_crypto_ctx() - Gets an encryption context
88	* @inode: The inode for which we are doing the crypto
89	*
90	* Allocates and initializes an encryption context.
91	*
92	* Return: An allocated and initialized encryption context on success; error
93	* value or NULL otherwise.
94	*/
95	struct ext4_crypto_ctx ext4_get_crypto_ctx(struct inode inode,
96	gfp_t gfp_flags)
97	{
98	struct ext4_crypto_ctx *ctx = NULL;
99	int res = 0;
100	unsigned long flags;
101	struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
102
103	if (ci == NULL)
104	return ERR_PTR(-ENOKEY);
105
106	/*
107	* We first try getting the ctx from a free list because in
108	* the common case the ctx will have an allocated and
109	* initialized crypto tfm, so it's probably a worthwhile
110	* optimization. For the bounce page, we first try getting it
111	* from the kernel allocator because that's just about as fast
112	* as getting it from a list and because a cache of free pages
113	* should generally be a "last resort" option for a filesystem
114	* to be able to do its job.
115	*/
116	spin_lock_irqsave(&ext4_crypto_ctx_lock, flags);
117	ctx = list_first_entry_or_null(&ext4_free_crypto_ctxs,
118	struct ext4_crypto_ctx, free_list);
119	if (ctx)
120	list_del(&ctx->free_list);
121	spin_unlock_irqrestore(&ext4_crypto_ctx_lock, flags);
122	if (!ctx) {
123	ctx = kmem_cache_zalloc(ext4_crypto_ctx_cachep, gfp_flags);
124	if (!ctx) {
125	res = -ENOMEM;
126	goto out;
127	}
128	ctx->flags \|= EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL;
129	} else {
130	ctx->flags &= ~EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL;
131	}
132	ctx->flags &= ~EXT4_WRITE_PATH_FL;
133
134	out:
135	if (res) {
136	if (!IS_ERR_OR_NULL(ctx))
137	ext4_release_crypto_ctx(ctx);
138	ctx = ERR_PTR(res);
139	}
140	return ctx;
141	}
142
143	struct workqueue_struct *ext4_read_workqueue;
144	static DEFINE_MUTEX(crypto_init);
145
146	/**
147	* ext4_exit_crypto() - Shutdown the ext4 encryption system
148	*/
149	void ext4_exit_crypto(void)
150	{
151	struct ext4_crypto_ctx pos, n;
152
153	list_for_each_entry_safe(pos, n, &ext4_free_crypto_ctxs, free_list)
154	kmem_cache_free(ext4_crypto_ctx_cachep, pos);
155	INIT_LIST_HEAD(&ext4_free_crypto_ctxs);
156	if (ext4_bounce_page_pool)
157	mempool_destroy(ext4_bounce_page_pool);
158	ext4_bounce_page_pool = NULL;
159	if (ext4_read_workqueue)
160	destroy_workqueue(ext4_read_workqueue);
161	ext4_read_workqueue = NULL;
162	if (ext4_crypto_ctx_cachep)
163	kmem_cache_destroy(ext4_crypto_ctx_cachep);
164	ext4_crypto_ctx_cachep = NULL;
165	if (ext4_crypt_info_cachep)
166	kmem_cache_destroy(ext4_crypt_info_cachep);
167	ext4_crypt_info_cachep = NULL;
168	}
169
170	/**
171	* ext4_init_crypto() - Set up for ext4 encryption.
172	*
173	* We only call this when we start accessing encrypted files, since it
174	* results in memory getting allocated that wouldn't otherwise be used.
175	*
176	* Return: Zero on success, non-zero otherwise.
177	*/
178	int ext4_init_crypto(void)
179	{
180	int i, res = -ENOMEM;
181
182	mutex_lock(&crypto_init);
183	if (ext4_read_workqueue)
184	goto already_initialized;
185	ext4_read_workqueue = alloc_workqueue("ext4_crypto", WQ_HIGHPRI, 0);
186	if (!ext4_read_workqueue)
187	goto fail;
188
189	ext4_crypto_ctx_cachep = KMEM_CACHE(ext4_crypto_ctx,
190	SLAB_RECLAIM_ACCOUNT);
191	if (!ext4_crypto_ctx_cachep)
192	goto fail;
193
194	ext4_crypt_info_cachep = KMEM_CACHE(ext4_crypt_info,
195	SLAB_RECLAIM_ACCOUNT);
196	if (!ext4_crypt_info_cachep)
197	goto fail;
198
199	for (i = 0; i < num_prealloc_crypto_ctxs; i++) {
200	struct ext4_crypto_ctx *ctx;
201
202	ctx = kmem_cache_zalloc(ext4_crypto_ctx_cachep, GFP_NOFS);
203	if (!ctx) {
204	res = -ENOMEM;
205	goto fail;
206	}
207	list_add(&ctx->free_list, &ext4_free_crypto_ctxs);
208	}
209
210	ext4_bounce_page_pool =
211	mempool_create_page_pool(num_prealloc_crypto_pages, 0);
212	if (!ext4_bounce_page_pool) {
213	res = -ENOMEM;
214	goto fail;
215	}
216	already_initialized:
217	mutex_unlock(&crypto_init);
218	return 0;
219	fail:
220	ext4_exit_crypto();
221	mutex_unlock(&crypto_init);
222	return res;
223	}
224
225	void ext4_restore_control_page(struct page *data_page)
226	{
227	struct ext4_crypto_ctx *ctx =
228	(struct ext4_crypto_ctx *)page_private(data_page);
229
230	set_page_private(data_page, (unsigned long)NULL);
231	ClearPagePrivate(data_page);
232	unlock_page(data_page);
233	ext4_release_crypto_ctx(ctx);
234	}
235
236	/**
237	* ext4_crypt_complete() - The completion callback for page encryption
238	* @req: The asynchronous encryption request context
239	* @res: The result of the encryption operation
240	*/
241	static void ext4_crypt_complete(struct crypto_async_request *req, int res)
242	{
243	struct ext4_completion_result *ecr = req->data;
244
245	if (res == -EINPROGRESS)
246	return;
247	ecr->res = res;
248	complete(&ecr->completion);
249	}
250
251	typedef enum {
252	EXT4_DECRYPT = 0,
253	EXT4_ENCRYPT,
254	} ext4_direction_t;
255
256	static int ext4_page_crypto(struct inode *inode,
257	ext4_direction_t rw,
258	pgoff_t index,
259	struct page *src_page,
260	struct page *dest_page,
261	gfp_t gfp_flags)
262
263	{
264	u8 xts_tweak[EXT4_XTS_TWEAK_SIZE];
265	struct skcipher_request *req = NULL;
266	DECLARE_EXT4_COMPLETION_RESULT(ecr);
267	struct scatterlist dst, src;
268	struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
269	struct crypto_skcipher *tfm = ci->ci_ctfm;
270	int res = 0;
271
272	req = skcipher_request_alloc(tfm, gfp_flags);
273	if (!req) {
274	printk_ratelimited(KERN_ERR
275	"%s: crypto_request_alloc() failed\n",
276	__func__);
277	return -ENOMEM;
278	}
279	skcipher_request_set_callback(
280	req, CRYPTO_TFM_REQ_MAY_BACKLOG \| CRYPTO_TFM_REQ_MAY_SLEEP,
281	ext4_crypt_complete, &ecr);
282
283	BUILD_BUG_ON(EXT4_XTS_TWEAK_SIZE < sizeof(index));
284	memcpy(xts_tweak, &index, sizeof(index));
285	memset(&xts_tweak[sizeof(index)], 0,
286	EXT4_XTS_TWEAK_SIZE - sizeof(index));
287
288	sg_init_table(&dst, 1);
289	sg_set_page(&dst, dest_page, PAGE_SIZE, 0);
290	sg_init_table(&src, 1);
291	sg_set_page(&src, src_page, PAGE_SIZE, 0);
292	skcipher_request_set_crypt(req, &src, &dst, PAGE_SIZE,
293	xts_tweak);
294	if (rw == EXT4_DECRYPT)
295	res = crypto_skcipher_decrypt(req);
296	else
297	res = crypto_skcipher_encrypt(req);
298	if (res == -EINPROGRESS \|\| res == -EBUSY) {
299	wait_for_completion(&ecr.completion);
300	res = ecr.res;
301	}
302	skcipher_request_free(req);
303	if (res) {
304	printk_ratelimited(
305	KERN_ERR
306	"%s: crypto_skcipher_encrypt() returned %d\n",
307	__func__, res);
308	return res;
309	}
310	return 0;
311	}
312
313	static struct page alloc_bounce_page(struct ext4_crypto_ctx ctx,
314	gfp_t gfp_flags)
315	{
316	ctx->w.bounce_page = mempool_alloc(ext4_bounce_page_pool, gfp_flags);
317	if (ctx->w.bounce_page == NULL)
318	return ERR_PTR(-ENOMEM);
319	ctx->flags \|= EXT4_WRITE_PATH_FL;
320	return ctx->w.bounce_page;
321	}
322
323	/**
324	* ext4_encrypt() - Encrypts a page
325	* @inode: The inode for which the encryption should take place
326	* @plaintext_page: The page to encrypt. Must be locked.
327	*
328	* Allocates a ciphertext page and encrypts plaintext_page into it using the ctx
329	* encryption context.
330	*
331	* Called on the page write path. The caller must call
332	* ext4_restore_control_page() on the returned ciphertext page to
333	* release the bounce buffer and the encryption context.
334	*
335	* Return: An allocated page with the encrypted content on success. Else, an
336	* error value or NULL.
337	*/
338	struct page ext4_encrypt(struct inode inode,
339	struct page *plaintext_page,
340	gfp_t gfp_flags)
341	{
342	struct ext4_crypto_ctx *ctx;
343	struct page *ciphertext_page = NULL;
344	int err;
345
346	BUG_ON(!PageLocked(plaintext_page));
347
348	ctx = ext4_get_crypto_ctx(inode, gfp_flags);
349	if (IS_ERR(ctx))
350	return (struct page *) ctx;
351
352	/* The encryption operation will require a bounce page. */
353	ciphertext_page = alloc_bounce_page(ctx, gfp_flags);
354	if (IS_ERR(ciphertext_page))
355	goto errout;
356	ctx->w.control_page = plaintext_page;
357	err = ext4_page_crypto(inode, EXT4_ENCRYPT, plaintext_page->index,
358	plaintext_page, ciphertext_page, gfp_flags);
359	if (err) {
360	ciphertext_page = ERR_PTR(err);
361	errout:
362	ext4_release_crypto_ctx(ctx);
363	return ciphertext_page;
364	}
365	SetPagePrivate(ciphertext_page);
366	set_page_private(ciphertext_page, (unsigned long)ctx);
367	lock_page(ciphertext_page);
368	return ciphertext_page;
369	}
370
371	/**
372	* ext4_decrypt() - Decrypts a page in-place
373	* @ctx: The encryption context.
374	* @page: The page to decrypt. Must be locked.
375	*
376	* Decrypts page in-place using the ctx encryption context.
377	*
378	* Called from the read completion callback.
379	*
380	* Return: Zero on success, non-zero otherwise.
381	*/
382	int ext4_decrypt(struct page *page)
383	{
384	BUG_ON(!PageLocked(page));
385
386	return ext4_page_crypto(page->mapping->host, EXT4_DECRYPT,
387	page->index, page, page, GFP_NOFS);
388	}
389
390	int ext4_encrypted_zeroout(struct inode *inode, ext4_lblk_t lblk,
391	ext4_fsblk_t pblk, ext4_lblk_t len)
392	{
393	struct ext4_crypto_ctx *ctx;
394	struct page *ciphertext_page = NULL;
395	struct bio *bio;
396	int ret, err = 0;
397
398	#if 0
399	ext4_msg(inode->i_sb, KERN_CRIT,
400	"ext4_encrypted_zeroout ino %lu lblk %u len %u",
401	(unsigned long) inode->i_ino, lblk, len);
402	#endif
403
404	BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE);
405
406	ctx = ext4_get_crypto_ctx(inode, GFP_NOFS);
407	if (IS_ERR(ctx))
408	return PTR_ERR(ctx);
409
410	ciphertext_page = alloc_bounce_page(ctx, GFP_NOWAIT);
411	if (IS_ERR(ciphertext_page)) {
412	err = PTR_ERR(ciphertext_page);
413	goto errout;
414	}
415
416	while (len--) {
417	err = ext4_page_crypto(inode, EXT4_ENCRYPT, lblk,
418	ZERO_PAGE(0), ciphertext_page,
419	GFP_NOFS);
420	if (err)
421	goto errout;
422
423	bio = bio_alloc(GFP_NOWAIT, 1);
424	if (!bio) {
425	err = -ENOMEM;
426	goto errout;
427	}
428	bio->bi_bdev = inode->i_sb->s_bdev;
429	bio->bi_iter.bi_sector =
430	pblk << (inode->i_sb->s_blocksize_bits - 9);
431	ret = bio_add_page(bio, ciphertext_page,
432	inode->i_sb->s_blocksize, 0);
433	if (ret != inode->i_sb->s_blocksize) {
434	/* should never happen! */
435	ext4_msg(inode->i_sb, KERN_ERR,
436	"bio_add_page failed: %d", ret);
437	WARN_ON(1);
438	bio_put(bio);
439	err = -EIO;
440	goto errout;
441	}
442	err = submit_bio_wait(WRITE, bio);
443	if ((err == 0) && bio->bi_error)
444	err = -EIO;
445	bio_put(bio);
446	if (err)
447	goto errout;
448	lblk++; pblk++;
449	}
450	err = 0;
451	errout:
452	ext4_release_crypto_ctx(ctx);
453	return err;
454	}
455
456	bool ext4_valid_contents_enc_mode(uint32_t mode)
457	{
458	return (mode == EXT4_ENCRYPTION_MODE_AES_256_XTS);
459	}
460
461	/**
462	* ext4_validate_encryption_key_size() - Validate the encryption key size
463	* @mode: The key mode.
464	* @size: The key size to validate.
465	*
466	* Return: The validated key size for @mode. Zero if invalid.
467	*/
468	uint32_t ext4_validate_encryption_key_size(uint32_t mode, uint32_t size)
469	{
470	if (size == ext4_encryption_key_size(mode))
471	return size;
472	return 0;
473	}
474
475	/*
476	* Validate dentries for encrypted directories to make sure we aren't
477	* potentially caching stale data after a key has been added or
478	* removed.
479	*/
480	static int ext4_d_revalidate(struct dentry *dentry, unsigned int flags)
481	{
482	struct dentry *dir;
483	struct ext4_crypt_info *ci;
484	int dir_has_key, cached_with_key;
485
486	if (flags & LOOKUP_RCU)
487	return -ECHILD;
488
489	dir = dget_parent(dentry);
490	if (!ext4_encrypted_inode(d_inode(dir))) {
491	dput(dir);
492	return 0;
493	}
494	ci = EXT4_I(d_inode(dir))->i_crypt_info;
495	if (ci && ci->ci_keyring_key &&
496	(ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) \|
497	(1 << KEY_FLAG_REVOKED) \|
498	(1 << KEY_FLAG_DEAD))))
499	ci = NULL;
500
501	/* this should eventually be an flag in d_flags */
502	cached_with_key = dentry->d_fsdata != NULL;
503	dir_has_key = (ci != NULL);
504	dput(dir);
505
506	/*
507	* If the dentry was cached without the key, and it is a
508	* negative dentry, it might be a valid name. We can't check
509	* if the key has since been made available due to locking
510	* reasons, so we fail the validation so ext4_lookup() can do
511	* this check.
512	*
513	* We also fail the validation if the dentry was created with
514	* the key present, but we no longer have the key, or vice versa.
515	*/
516	if ((!cached_with_key && d_is_negative(dentry)) \|\|
517	(!cached_with_key && dir_has_key) \|\|
518	(cached_with_key && !dir_has_key)) {
519	#if 0 /* Revalidation debug */
520	char buf[80];
521	char *cp = simple_dname(dentry, buf, sizeof(buf));
522
523	if (IS_ERR(cp))
524	cp = (char *) "???";
525	pr_err("revalidate: %s %p %d %d %d\n", cp, dentry->d_fsdata,
526	cached_with_key, d_is_negative(dentry),
527	dir_has_key);
528	#endif
529	return 0;
530	}
531	return 1;
532	}
533
534	const struct dentry_operations ext4_encrypted_d_ops = {
535	.d_revalidate = ext4_d_revalidate,
536	};