1 files changed, 67 insertions, 107 deletions
diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h
index 08b4b40c5aa8..952ab97af325 100644
--- a/include/linux/fscrypt.h
+++ b/include/linux/fscrypt.h
@@ -14,42 +14,13 @@
 #ifndef _LINUX_FSCRYPT_H
 #define _LINUX_FSCRYPT_H
-#include <linux/key.h>
 #include <linux/fs.h>
-#include <linux/mm.h>
-#include <linux/bio.h>
-#include <linux/dcache.h>
-#include <crypto/skcipher.h>
-#include <uapi/linux/fs.h>
 #define FS_CRYPTO_BLOCK_SIZE            16
+struct fscrypt_ctx;
 struct fscrypt_info;
-struct fscrypt_ctx {
-        union {
-                struct {
-                        struct page *bounce_page;       /* Ciphertext page */
-                        struct page *control_page;      /* Original page  */
-                } w;
-                struct {
-                        struct bio *bio;
-                        struct work_struct work;
-                } r;
-                struct list_head free_list;     /* Free list */
-        };
-        u8 flags;                               /* Flags */
-};
-/**
- * For encrypted symlinks, the ciphertext length is stored at the beginning
- * of the string in little-endian format.
- */
-struct fscrypt_symlink_data {
-        __le16 len;
-        char encrypted_path[1];
-} __packed;
 struct fscrypt_str {
        unsigned char *name;
        u32 len;
@@ -68,89 +39,14 @@ struct fscrypt_name {
 #define fname_name(p)           ((p)->disk_name.name)
 #define fname_len(p)            ((p)->disk_name.len)
-/*
- * fscrypt superblock flags
- */
-#define FS_CFLG_OWN_PAGES (1U << 1)
-/*
- * crypto opertions for filesystems
- */
-struct fscrypt_operations {
-        unsigned int flags;
-        const char *key_prefix;
-        int (*get_context)(struct inode *, void *, size_t);
-        int (*set_context)(struct inode *, const void *, size_t, void *);
-        bool (*dummy_context)(struct inode *);
-        bool (*empty_dir)(struct inode *);
-        unsigned (*max_namelen)(struct inode *);
-};
 /* Maximum value for the third parameter of fscrypt_operations.set_context(). */
 #define FSCRYPT_SET_CONTEXT_MAX_SIZE    28
-static inline bool fscrypt_dummy_context_enabled(struct inode *inode)
-{
-        if (inode->i_sb->s_cop->dummy_context &&
-                                inode->i_sb->s_cop->dummy_context(inode))
-                return true;
-        return false;
-}
-static inline bool fscrypt_valid_enc_modes(u32 contents_mode,
-                                        u32 filenames_mode)
-{
-        if (contents_mode == FS_ENCRYPTION_MODE_AES_128_CBC &&
-            filenames_mode == FS_ENCRYPTION_MODE_AES_128_CTS)
-                return true;
-        if (contents_mode == FS_ENCRYPTION_MODE_AES_256_XTS &&
-            filenames_mode == FS_ENCRYPTION_MODE_AES_256_CTS)
-                return true;
-        return false;
-}
-static inline bool fscrypt_is_dot_dotdot(const struct qstr *str)
-{
-        if (str->len == 1 && str->name[0] == '.')
-                return true;
-        if (str->len == 2 && str->name[0] == '.' && str->name[1] == '.')
-                return true;
-        return false;
-}
 #if __FS_HAS_ENCRYPTION
-static inline struct page *fscrypt_control_page(struct page *page)
-{
-        return ((struct fscrypt_ctx *)page_private(page))->w.control_page;
-}
-static inline bool fscrypt_has_encryption_key(const struct inode *inode)
-{
-        return (inode->i_crypt_info != NULL);
-}
 #include <linux/fscrypt_supp.h>
+#else
-#else /* !__FS_HAS_ENCRYPTION */
-static inline struct page *fscrypt_control_page(struct page *page)
-{
-        WARN_ON_ONCE(1);
-        return ERR_PTR(-EINVAL);
-}
-static inline bool fscrypt_has_encryption_key(const struct inode *inode)
-{
-        return 0;
-}
 #include <linux/fscrypt_notsupp.h>
-#endif /* __FS_HAS_ENCRYPTION */
+#endif
 /**
 * fscrypt_require_key - require an inode's encryption key
@@ -291,4 +187,68 @@ static inline int fscrypt_prepare_setattr(struct dentry *dentry,
        return 0;
 }
+/**
+ * fscrypt_prepare_symlink - prepare to create a possibly-encrypted symlink
+ * @dir: directory in which the symlink is being created
+ * @target: plaintext symlink target
+ * @len: length of @target excluding null terminator
+ * @max_len: space the filesystem has available to store the symlink target
+ * @disk_link: (out) the on-disk symlink target being prepared
+ *
+ * This function computes the size the symlink target will require on-disk,
+ * stores it in @disk_link->len, and validates it against @max_len.  An
+ * encrypted symlink may be longer than the original.
+ *
+ * Additionally, @disk_link->name is set to @target if the symlink will be
+ * unencrypted, but left NULL if the symlink will be encrypted.  For encrypted
+ * symlinks, the filesystem must call fscrypt_encrypt_symlink() to create the
+ * on-disk target later.  (The reason for the two-step process is that some
+ * filesystems need to know the size of the symlink target before creating the
+ * inode, e.g. to determine whether it will be a "fast" or "slow" symlink.)
+ *
+ * Return: 0 on success, -ENAMETOOLONG if the symlink target is too long,
+ * -ENOKEY if the encryption key is missing, or another -errno code if a problem
+ * occurred while setting up the encryption key.
+ */
+static inline int fscrypt_prepare_symlink(struct inode *dir,
+                                          const char *target,
+                                          unsigned int len,
+                                          unsigned int max_len,
+                                          struct fscrypt_str *disk_link)
+{
+        if (IS_ENCRYPTED(dir) || fscrypt_dummy_context_enabled(dir))
+                return __fscrypt_prepare_symlink(dir, len, max_len, disk_link);
+        disk_link->name = (unsigned char *)target;
+        disk_link->len = len + 1;
+        if (disk_link->len > max_len)
+                return -ENAMETOOLONG;
+        return 0;
+}
+/**
+ * fscrypt_encrypt_symlink - encrypt the symlink target if needed
+ * @inode: symlink inode
+ * @target: plaintext symlink target
+ * @len: length of @target excluding null terminator
+ * @disk_link: (in/out) the on-disk symlink target being prepared
+ *
+ * If the symlink target needs to be encrypted, then this function encrypts it
+ * into @disk_link->name.  fscrypt_prepare_symlink() must have been called
+ * previously to compute @disk_link->len.  If the filesystem did not allocate a
+ * buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
+ * will be kmalloc()'ed and the filesystem will be responsible for freeing it.
+ *
+ * Return: 0 on success, -errno on failure
+ */
+static inline int fscrypt_encrypt_symlink(struct inode *inode,
+                                          const char *target,
+                                          unsigned int len,
+                                          struct fscrypt_str *disk_link)
+{
+        if (IS_ENCRYPTED(inode))
+                return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
+        return 0;
+}
 #endif  /* _LINUX_FSCRYPT_H */

diff --git a/include/linux/fscrypt.h b/include/linux/fscrypt.h index 08b4b40c5aa8..952ab97af325 100644 --- a/include/linux/fscrypt.h +++ b/include/linux/fscrypt.h
@@ -14,42 +14,13 @@
14	#ifndef _LINUX_FSCRYPT_H	14	#ifndef _LINUX_FSCRYPT_H
15	#define _LINUX_FSCRYPT_H	15	#define _LINUX_FSCRYPT_H
16		16
17	#include <linux/key.h>
18	#include <linux/fs.h>	17	#include <linux/fs.h>
19	#include <linux/mm.h>
20	#include <linux/bio.h>
21	#include <linux/dcache.h>
22	#include <crypto/skcipher.h>
23	#include <uapi/linux/fs.h>
24		18
25	#define FS_CRYPTO_BLOCK_SIZE 16	19	#define FS_CRYPTO_BLOCK_SIZE 16
26		20
		21	struct fscrypt_ctx;
27	struct fscrypt_info;	22	struct fscrypt_info;
28		23
29	struct fscrypt_ctx {
30	union {
31	struct {
32	struct page bounce_page; / Ciphertext page */
33	struct page control_page; / Original page */
34	} w;
35	struct {
36	struct bio *bio;
37	struct work_struct work;
38	} r;
39	struct list_head free_list; /* Free list */
40	};
41	u8 flags; /* Flags */
42	};
43
44	/**
45	* For encrypted symlinks, the ciphertext length is stored at the beginning
46	* of the string in little-endian format.
47	*/
48	struct fscrypt_symlink_data {
49	__le16 len;
50	char encrypted_path[1];
51	} __packed;
52
53	struct fscrypt_str {	24	struct fscrypt_str {
54	unsigned char *name;	25	unsigned char *name;
55	u32 len;	26	u32 len;
@@ -68,89 +39,14 @@ struct fscrypt_name {
68	#define fname_name(p) ((p)->disk_name.name)	39	#define fname_name(p) ((p)->disk_name.name)
69	#define fname_len(p) ((p)->disk_name.len)	40	#define fname_len(p) ((p)->disk_name.len)
70		41
71	/*
72	* fscrypt superblock flags
73	*/
74	#define FS_CFLG_OWN_PAGES (1U << 1)
75
76	/*
77	* crypto opertions for filesystems
78	*/
79	struct fscrypt_operations {
80	unsigned int flags;
81	const char *key_prefix;
82	int (get_context)(struct inode , void *, size_t);
83	int (set_context)(struct inode , const void , size_t, void );
84	bool (dummy_context)(struct inode );
85	bool (empty_dir)(struct inode );
86	unsigned (max_namelen)(struct inode );
87	};
88
89	/* Maximum value for the third parameter of fscrypt_operations.set_context(). */	42	/* Maximum value for the third parameter of fscrypt_operations.set_context(). */
90	#define FSCRYPT_SET_CONTEXT_MAX_SIZE 28	43	#define FSCRYPT_SET_CONTEXT_MAX_SIZE 28
91		44
92	static inline bool fscrypt_dummy_context_enabled(struct inode *inode)
93	{
94	if (inode->i_sb->s_cop->dummy_context &&
95	inode->i_sb->s_cop->dummy_context(inode))
96	return true;
97	return false;
98	}
99
100	static inline bool fscrypt_valid_enc_modes(u32 contents_mode,
101	u32 filenames_mode)
102	{
103	if (contents_mode == FS_ENCRYPTION_MODE_AES_128_CBC &&
104	filenames_mode == FS_ENCRYPTION_MODE_AES_128_CTS)
105	return true;
106
107	if (contents_mode == FS_ENCRYPTION_MODE_AES_256_XTS &&
108	filenames_mode == FS_ENCRYPTION_MODE_AES_256_CTS)
109	return true;
110
111	return false;
112	}
113
114	static inline bool fscrypt_is_dot_dotdot(const struct qstr *str)
115	{
116	if (str->len == 1 && str->name[0] == '.')
117	return true;
118
119	if (str->len == 2 && str->name[0] == '.' && str->name[1] == '.')
120	return true;
121
122	return false;
123	}
124
125	#if __FS_HAS_ENCRYPTION	45	#if __FS_HAS_ENCRYPTION
126
127	static inline struct page fscrypt_control_page(struct page page)
128	{
129	return ((struct fscrypt_ctx *)page_private(page))->w.control_page;
130	}
131
132	static inline bool fscrypt_has_encryption_key(const struct inode *inode)
133	{
134	return (inode->i_crypt_info != NULL);
135	}
136
137	#include <linux/fscrypt_supp.h>	46	#include <linux/fscrypt_supp.h>
138		47	#else
139	#else /* !__FS_HAS_ENCRYPTION */
140
141	static inline struct page fscrypt_control_page(struct page page)
142	{
143	WARN_ON_ONCE(1);
144	return ERR_PTR(-EINVAL);
145	}
146
147	static inline bool fscrypt_has_encryption_key(const struct inode *inode)
148	{
149	return 0;
150	}
151
152	#include <linux/fscrypt_notsupp.h>	48	#include <linux/fscrypt_notsupp.h>
153	#endif /* __FS_HAS_ENCRYPTION */	49	#endif
154		50
155	/**	51	/**
156	* fscrypt_require_key - require an inode's encryption key	52	* fscrypt_require_key - require an inode's encryption key
@@ -291,4 +187,68 @@ static inline int fscrypt_prepare_setattr(struct dentry *dentry,
291	return 0;	187	return 0;
292	}	188	}
293		189
		190	/**
		191	* fscrypt_prepare_symlink - prepare to create a possibly-encrypted symlink
		192	* @dir: directory in which the symlink is being created
		193	* @target: plaintext symlink target
		194	* @len: length of @target excluding null terminator
		195	* @max_len: space the filesystem has available to store the symlink target
		196	* @disk_link: (out) the on-disk symlink target being prepared
		197	*
		198	* This function computes the size the symlink target will require on-disk,
		199	* stores it in @disk_link->len, and validates it against @max_len. An
		200	* encrypted symlink may be longer than the original.
		201	*
		202	* Additionally, @disk_link->name is set to @target if the symlink will be
		203	* unencrypted, but left NULL if the symlink will be encrypted. For encrypted
		204	* symlinks, the filesystem must call fscrypt_encrypt_symlink() to create the
		205	* on-disk target later. (The reason for the two-step process is that some
		206	* filesystems need to know the size of the symlink target before creating the
		207	* inode, e.g. to determine whether it will be a "fast" or "slow" symlink.)
		208	*
		209	* Return: 0 on success, -ENAMETOOLONG if the symlink target is too long,
		210	* -ENOKEY if the encryption key is missing, or another -errno code if a problem
		211	* occurred while setting up the encryption key.
		212	*/
		213	static inline int fscrypt_prepare_symlink(struct inode *dir,
		214	const char *target,
		215	unsigned int len,
		216	unsigned int max_len,
		217	struct fscrypt_str *disk_link)
		218	{
		219	if (IS_ENCRYPTED(dir) \|\| fscrypt_dummy_context_enabled(dir))
		220	return __fscrypt_prepare_symlink(dir, len, max_len, disk_link);
		221
		222	disk_link->name = (unsigned char *)target;
		223	disk_link->len = len + 1;
		224	if (disk_link->len > max_len)
		225	return -ENAMETOOLONG;
		226	return 0;
		227	}
		228
		229	/**
		230	* fscrypt_encrypt_symlink - encrypt the symlink target if needed
		231	* @inode: symlink inode
		232	* @target: plaintext symlink target
		233	* @len: length of @target excluding null terminator
		234	* @disk_link: (in/out) the on-disk symlink target being prepared
		235	*
		236	* If the symlink target needs to be encrypted, then this function encrypts it
		237	* into @disk_link->name. fscrypt_prepare_symlink() must have been called
		238	* previously to compute @disk_link->len. If the filesystem did not allocate a
		239	* buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
		240	* will be kmalloc()'ed and the filesystem will be responsible for freeing it.
		241	*
		242	* Return: 0 on success, -errno on failure
		243	*/
		244	static inline int fscrypt_encrypt_symlink(struct inode *inode,
		245	const char *target,
		246	unsigned int len,
		247	struct fscrypt_str *disk_link)
		248	{
		249	if (IS_ENCRYPTED(inode))
		250	return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
		251	return 0;
		252	}
		253
294	#endif /* _LINUX_FSCRYPT_H */	254	#endif /* _LINUX_FSCRYPT_H */