aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ecryptfs/ecryptfs_kernel.h
diff options
context:
space:
mode:
Diffstat (limited to 'fs/ecryptfs/ecryptfs_kernel.h')
-rw-r--r--fs/ecryptfs/ecryptfs_kernel.h38
1 files changed, 37 insertions, 1 deletions
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index a75026d35d16..76a95bd8819b 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -199,6 +199,7 @@ ecryptfs_get_key_payload_data(struct key *key)
199#define ECRYPTFS_DEFAULT_CIPHER "aes" 199#define ECRYPTFS_DEFAULT_CIPHER "aes"
200#define ECRYPTFS_DEFAULT_KEY_BYTES 16 200#define ECRYPTFS_DEFAULT_KEY_BYTES 16
201#define ECRYPTFS_DEFAULT_HASH "md5" 201#define ECRYPTFS_DEFAULT_HASH "md5"
202#define ECRYPTFS_TAG_70_DIGEST ECRYPTFS_DEFAULT_HASH
202#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01 203#define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
203#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C 204#define ECRYPTFS_TAG_3_PACKET_TYPE 0x8C
204#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED 205#define ECRYPTFS_TAG_11_PACKET_TYPE 0xED
@@ -206,7 +207,25 @@ ecryptfs_get_key_payload_data(struct key *key)
206#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41 207#define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
207#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42 208#define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
208#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43 209#define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
210#define ECRYPTFS_TAG_70_PACKET_TYPE 0x46 /* FNEK-encrypted filename
211 * as dentry name */
212#define ECRYPTFS_TAG_71_PACKET_TYPE 0x47 /* FNEK-encrypted filename in
213 * metadata */
214#define ECRYPTFS_TAG_72_PACKET_TYPE 0x48 /* FEK-encrypted filename as
215 * dentry name */
216#define ECRYPTFS_TAG_73_PACKET_TYPE 0x49 /* FEK-encrypted filename as
217 * metadata */
218/* Constraint: ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES >=
219 * ECRYPTFS_MAX_IV_BYTES */
220#define ECRYPTFS_FILENAME_MIN_RANDOM_PREPEND_BYTES 16
221#define ECRYPTFS_NON_NULL 0x42 /* A reasonable substitute for NULL */
209#define MD5_DIGEST_SIZE 16 222#define MD5_DIGEST_SIZE 16
223#define ECRYPTFS_TAG_70_DIGEST_SIZE MD5_DIGEST_SIZE
224#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FEK_ENCRYPTED."
225#define ECRYPTFS_FEK_ENCRYPTED_FILENAME_PREFIX_SIZE 23
226#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
227#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
228#define ECRYPTFS_ENCRYPTED_DENTRY_NAME_LEN (18 + 1 + 4 + 1 + 32)
210 229
211struct ecryptfs_key_sig { 230struct ecryptfs_key_sig {
212 struct list_head crypt_stat_list; 231 struct list_head crypt_stat_list;
@@ -332,13 +351,20 @@ struct ecryptfs_mount_crypt_stat {
332#define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002 351#define ECRYPTFS_XATTR_METADATA_ENABLED 0x00000002
333#define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004 352#define ECRYPTFS_ENCRYPTED_VIEW_ENABLED 0x00000004
334#define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008 353#define ECRYPTFS_MOUNT_CRYPT_STAT_INITIALIZED 0x00000008
354#define ECRYPTFS_GLOBAL_ENCRYPT_FILENAMES 0x00000010
355#define ECRYPTFS_GLOBAL_ENCFN_USE_MOUNT_FNEK 0x00000020
356#define ECRYPTFS_GLOBAL_ENCFN_USE_FEK 0x00000040
335 u32 flags; 357 u32 flags;
336 struct list_head global_auth_tok_list; 358 struct list_head global_auth_tok_list;
337 struct mutex global_auth_tok_list_mutex; 359 struct mutex global_auth_tok_list_mutex;
338 size_t num_global_auth_toks; 360 size_t num_global_auth_toks;
339 size_t global_default_cipher_key_size; 361 size_t global_default_cipher_key_size;
362 size_t global_default_fn_cipher_key_bytes;
340 unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE 363 unsigned char global_default_cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE
341 + 1]; 364 + 1];
365 unsigned char global_default_fn_cipher_name[
366 ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
367 char global_default_fnek_sig[ECRYPTFS_SIG_SIZE_HEX + 1];
342}; 368};
343 369
344/* superblock private data. */ 370/* superblock private data. */
@@ -599,7 +625,7 @@ int ecryptfs_read_and_validate_header_region(char *data,
599 struct inode *ecryptfs_inode); 625 struct inode *ecryptfs_inode);
600int ecryptfs_read_and_validate_xattr_region(char *page_virt, 626int ecryptfs_read_and_validate_xattr_region(char *page_virt,
601 struct dentry *ecryptfs_dentry); 627 struct dentry *ecryptfs_dentry);
602u8 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat); 628u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes);
603int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code); 629int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code);
604void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat); 630void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat);
605int ecryptfs_generate_key_packet_set(char *dest_base, 631int ecryptfs_generate_key_packet_set(char *dest_base,
@@ -694,5 +720,15 @@ int ecryptfs_privileged_open(struct file **lower_file,
694 struct vfsmount *lower_mnt, 720 struct vfsmount *lower_mnt,
695 const struct cred *cred); 721 const struct cred *cred);
696int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry); 722int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry);
723int
724ecryptfs_write_tag_70_packet(char *dest, size_t *remaining_bytes,
725 size_t *packet_size,
726 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
727 char *filename, size_t filename_size);
728int
729ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size,
730 size_t *packet_size,
731 struct ecryptfs_mount_crypt_stat *mount_crypt_stat,
732 char *data, size_t max_packet_size);
697 733
698#endif /* #ifndef ECRYPTFS_KERNEL_H */ 734#endif /* #ifndef ECRYPTFS_KERNEL_H */
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-01 09:53:47 -0500