ext4 crypto: separate kernel and userspace structure for the key

Use struct ext4_encryption_key only for the master key passed via the kernel keyring. For internal kernel space users, we now use struct ext4_crypt_info. This will allow us to put information from the policy structure so we can cache it and avoid needing to constantly looking up the extended attribute. We will do this in a spearate patch. This patch is mostly mechnical to make it easier for patch review. Signed-off-by: Theodore Ts'o <tytso@mit.edu>
author: Theodore Ts'o <tytso@mit.edu> 2015-05-18 13:16:47 -0400
committer: Theodore Ts'o <tytso@mit.edu> 2015-05-18 13:16:47 -0400
commit: e2881b1b51d871a72911faf2fc7e090655940506 (patch)
tree: 07bc66d72cc03479c98b7b63edb53f1fa4069383 /fs/ext4/crypto_key.c
parent: d229959072eba40e1c2a4f53f8af17f1e770eb66 (diff)
1 files changed, 11 insertions, 10 deletions
diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
index 52170d0b7c40..ec6635dc50f9 100644
--- a/fs/ext4/crypto_key.c
+++ b/fs/ext4/crypto_key.c
@@ -91,7 +91,7 @@ out:
 int ext4_generate_encryption_key(struct inode *inode)
 {
        struct ext4_inode_info *ei = EXT4_I(inode);
-        struct ext4_encryption_key *crypt_key = &ei->i_encryption_key;
+        struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
        char full_key_descriptor[EXT4_KEY_DESC_PREFIX_SIZE +
                                 (EXT4_KEY_DESCRIPTOR_SIZE * 2) + 1];
        struct key *keyring_key = NULL;
@@ -112,17 +112,17 @@ int ext4_generate_encryption_key(struct inode *inode)
        ei->i_crypt_policy_flags = ctx.flags;
        if (S_ISREG(inode->i_mode))
-                crypt_key->mode = ctx.contents_encryption_mode;
+                crypt_info->ci_mode = ctx.contents_encryption_mode;
        else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode))
-                crypt_key->mode = ctx.filenames_encryption_mode;
+                crypt_info->ci_mode = ctx.filenames_encryption_mode;
        else {
                printk(KERN_ERR "ext4 crypto: Unsupported inode type.\n");
                BUG();
        }
-        crypt_key->size = ext4_encryption_key_size(crypt_key->mode);
+        crypt_info->ci_size = ext4_encryption_key_size(crypt_info->ci_mode);
-        BUG_ON(!crypt_key->size);
+        BUG_ON(!crypt_info->ci_size);
        if (DUMMY_ENCRYPTION_ENABLED(sbi)) {
-                memset(crypt_key->raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE);
+                memset(crypt_info->ci_raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE);
                goto out;
        }
        memcpy(full_key_descriptor, EXT4_KEY_DESC_PREFIX,
@@ -148,19 +148,20 @@ int ext4_generate_encryption_key(struct inode *inode)
        BUILD_BUG_ON(EXT4_AES_128_ECB_KEY_SIZE !=
                     EXT4_KEY_DERIVATION_NONCE_SIZE);
        BUG_ON(master_key->size != EXT4_AES_256_XTS_KEY_SIZE);
-        res = ext4_derive_key_aes(ctx.nonce, master_key->raw, crypt_key->raw);
+        res = ext4_derive_key_aes(ctx.nonce, master_key->raw,
+                                  crypt_info->ci_raw);
 out:
        if (keyring_key)
                key_put(keyring_key);
        if (res < 0)
-                crypt_key->mode = EXT4_ENCRYPTION_MODE_INVALID;
+                crypt_info->ci_mode = EXT4_ENCRYPTION_MODE_INVALID;
        return res;
 }
 int ext4_has_encryption_key(struct inode *inode)
 {
        struct ext4_inode_info *ei = EXT4_I(inode);
-        struct ext4_encryption_key *crypt_key = &ei->i_encryption_key;
+        struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
-        return (crypt_key->mode != EXT4_ENCRYPTION_MODE_INVALID);
+        return (crypt_info->ci_mode != EXT4_ENCRYPTION_MODE_INVALID);
 }
author	Theodore Ts'o <tytso@mit.edu>	2015-05-18 13:16:47 -0400
committer	Theodore Ts'o <tytso@mit.edu>	2015-05-18 13:16:47 -0400
commit	e2881b1b51d871a72911faf2fc7e090655940506 (patch)
tree	07bc66d72cc03479c98b7b63edb53f1fa4069383 /fs/ext4/crypto_key.c
parent	d229959072eba40e1c2a4f53f8af17f1e770eb66 (diff)