1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * eCryptfs: Linux filesystem encryption layer
4 *
5 * Copyright (C) 1997-2004 Erez Zadok
6 * Copyright (C) 2001-2004 Stony Brook University
7 * Copyright (C) 2004-2007 International Business Machines Corp.
8 * Author(s): Michael A. Halcrow <mhalcrow@us.ibm.com>
9 * Michael C. Thompson <mcthomps@us.ibm.com>
10 */
11
12#include <linux/file.h>
13#include <linux/poll.h>
14#include <linux/slab.h>
15#include <linux/mount.h>
16#include <linux/pagemap.h>
17#include <linux/security.h>
18#include <linux/compat.h>
19#include <linux/fs_stack.h>
20#include "ecryptfs_kernel.h"
21
22/*
23 * ecryptfs_read_update_atime
24 *
25 * generic_file_read updates the atime of upper layer inode. But, it
26 * doesn't give us a chance to update the atime of the lower layer
27 * inode. This function is a wrapper to generic_file_read. It
28 * updates the atime of the lower level inode if generic_file_read
29 * returns without any errors. This is to be used only for file reads.
30 * The function to be used for directory reads is ecryptfs_read.
31 */
32static ssize_t ecryptfs_read_update_atime(struct kiocb *iocb,
33 struct iov_iter *to)
34{
35 ssize_t rc;
36 struct file *file = iocb->ki_filp;
37
38 rc = generic_file_read_iter(iocb, to);
39 if (rc >= 0) {
40 struct path path = ecryptfs_lower_path(dentry: file->f_path.dentry);
41 touch_atime(&path);
42 }
43 return rc;
44}
45
46/*
47 * ecryptfs_splice_read_update_atime
48 *
49 * filemap_splice_read updates the atime of upper layer inode. But, it
50 * doesn't give us a chance to update the atime of the lower layer inode. This
51 * function is a wrapper to generic_file_read. It updates the atime of the
52 * lower level inode if generic_file_read returns without any errors. This is
53 * to be used only for file reads. The function to be used for directory reads
54 * is ecryptfs_read.
55 */
56static ssize_t ecryptfs_splice_read_update_atime(struct file *in, loff_t *ppos,
57 struct pipe_inode_info *pipe,
58 size_t len, unsigned int flags)
59{
60 ssize_t rc;
61
62 rc = filemap_splice_read(in, ppos, pipe, len, flags);
63 if (rc >= 0) {
64 struct path path = ecryptfs_lower_path(dentry: in->f_path.dentry);
65 touch_atime(&path);
66 }
67 return rc;
68}
69
70struct ecryptfs_getdents_callback {
71 struct dir_context ctx;
72 struct dir_context *caller;
73 struct super_block *sb;
74 int filldir_called;
75 int entries_written;
76};
77
78/* Inspired by generic filldir in fs/readdir.c */
79static bool
80ecryptfs_filldir(struct dir_context *ctx, const char *lower_name,
81 int lower_namelen, loff_t offset, u64 ino, unsigned int d_type)
82{
83 struct ecryptfs_getdents_callback *buf =
84 container_of(ctx, struct ecryptfs_getdents_callback, ctx);
85 size_t name_size;
86 char *name;
87 int err;
88 bool res;
89
90 buf->filldir_called++;
91 err = ecryptfs_decode_and_decrypt_filename(decrypted_name: &name, decrypted_name_size: &name_size,
92 sb: buf->sb, name: lower_name,
93 name_size: lower_namelen);
94 if (err) {
95 if (err != -EINVAL) {
96 ecryptfs_printk(KERN_DEBUG,
97 "%s: Error attempting to decode and decrypt filename [%s]; rc = [%d]\n",
98 __func__, lower_name, err);
99 return false;
100 }
101
102 /* Mask -EINVAL errors as these are most likely due a plaintext
103 * filename present in the lower filesystem despite filename
104 * encryption being enabled. One unavoidable example would be
105 * the "lost+found" dentry in the root directory of an Ext4
106 * filesystem.
107 */
108 return true;
109 }
110
111 buf->caller->pos = buf->ctx.pos;
112 res = dir_emit(ctx: buf->caller, name, namelen: name_size, ino, type: d_type);
113 kfree(objp: name);
114 if (res)
115 buf->entries_written++;
116 return res;
117}
118
119/**
120 * ecryptfs_readdir
121 * @file: The eCryptfs directory file
122 * @ctx: The actor to feed the entries to
123 */
124static int ecryptfs_readdir(struct file *file, struct dir_context *ctx)
125{
126 int rc;
127 struct file *lower_file;
128 struct inode *inode = file_inode(f: file);
129 struct ecryptfs_getdents_callback buf = {
130 .ctx.actor = ecryptfs_filldir,
131 .caller = ctx,
132 .sb = inode->i_sb,
133 };
134 lower_file = ecryptfs_file_to_lower(file);
135 rc = iterate_dir(lower_file, &buf.ctx);
136 ctx->pos = buf.ctx.pos;
137 if (rc >= 0 && (buf.entries_written || !buf.filldir_called))
138 fsstack_copy_attr_atime(dest: inode, src: file_inode(f: lower_file));
139 return rc;
140}
141
142struct kmem_cache *ecryptfs_file_info_cache;
143
144static int read_or_initialize_metadata(struct dentry *dentry)
145{
146 struct inode *inode = d_inode(dentry);
147 struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
148 struct ecryptfs_crypt_stat *crypt_stat;
149 int rc;
150
151 crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
152 mount_crypt_stat = &ecryptfs_superblock_to_private(
153 sb: inode->i_sb)->mount_crypt_stat;
154 mutex_lock(&crypt_stat->cs_mutex);
155
156 if (crypt_stat->flags & ECRYPTFS_POLICY_APPLIED &&
157 crypt_stat->flags & ECRYPTFS_KEY_VALID) {
158 rc = 0;
159 goto out;
160 }
161
162 rc = ecryptfs_read_metadata(ecryptfs_dentry: dentry);
163 if (!rc)
164 goto out;
165
166 if (mount_crypt_stat->flags & ECRYPTFS_PLAINTEXT_PASSTHROUGH_ENABLED) {
167 crypt_stat->flags &= ~(ECRYPTFS_I_SIZE_INITIALIZED
168 | ECRYPTFS_ENCRYPTED);
169 rc = 0;
170 goto out;
171 }
172
173 if (!(mount_crypt_stat->flags & ECRYPTFS_XATTR_METADATA_ENABLED) &&
174 !i_size_read(inode: ecryptfs_inode_to_lower(inode))) {
175 rc = ecryptfs_initialize_file(ecryptfs_dentry: dentry, ecryptfs_inode: inode);
176 if (!rc)
177 goto out;
178 }
179
180 rc = -EIO;
181out:
182 mutex_unlock(lock: &crypt_stat->cs_mutex);
183 return rc;
184}
185
186static int ecryptfs_mmap(struct file *file, struct vm_area_struct *vma)
187{
188 struct file *lower_file = ecryptfs_file_to_lower(file);
189 /*
190 * Don't allow mmap on top of file systems that don't support it
191 * natively. If FILESYSTEM_MAX_STACK_DEPTH > 2 or ecryptfs
192 * allows recursive mounting, this will need to be extended.
193 */
194 if (!can_mmap_file(file: lower_file))
195 return -ENODEV;
196 return generic_file_mmap(file, vma);
197}
198
199/**
200 * ecryptfs_open
201 * @inode: inode specifying file to open
202 * @file: Structure to return filled in
203 *
204 * Opens the file specified by inode.
205 *
206 * Returns zero on success; non-zero otherwise
207 */
208static int ecryptfs_open(struct inode *inode, struct file *file)
209{
210 int rc = 0;
211 struct ecryptfs_crypt_stat *crypt_stat = NULL;
212 struct dentry *ecryptfs_dentry = file->f_path.dentry;
213 /* Private value of ecryptfs_dentry allocated in
214 * ecryptfs_lookup() */
215 struct ecryptfs_file_info *file_info;
216
217 /* Released in ecryptfs_release or end of function if failure */
218 file_info = kmem_cache_zalloc(ecryptfs_file_info_cache, GFP_KERNEL);
219 ecryptfs_set_file_private(file, file_info);
220 if (!file_info) {
221 ecryptfs_printk(KERN_ERR,
222 "Error attempting to allocate memory\n");
223 rc = -ENOMEM;
224 goto out;
225 }
226 crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat;
227 mutex_lock(&crypt_stat->cs_mutex);
228 if (!(crypt_stat->flags & ECRYPTFS_POLICY_APPLIED)) {
229 ecryptfs_printk(KERN_DEBUG, "Setting flags for stat...\n");
230 /* Policy code enabled in future release */
231 crypt_stat->flags |= (ECRYPTFS_POLICY_APPLIED
232 | ECRYPTFS_ENCRYPTED);
233 }
234 mutex_unlock(lock: &crypt_stat->cs_mutex);
235 rc = ecryptfs_get_lower_file(dentry: ecryptfs_dentry, inode);
236 if (rc) {
237 printk(KERN_ERR "%s: Error attempting to initialize "
238 "the lower file for the dentry with name "
239 "[%pd]; rc = [%d]\n", __func__,
240 ecryptfs_dentry, rc);
241 goto out_free;
242 }
243 if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_ACCMODE)
244 == O_RDONLY && (file->f_flags & O_ACCMODE) != O_RDONLY) {
245 rc = -EPERM;
246 printk(KERN_WARNING "%s: Lower file is RO; eCryptfs "
247 "file must hence be opened RO\n", __func__);
248 goto out_put;
249 }
250 ecryptfs_set_file_lower(
251 file, lower_file: ecryptfs_inode_to_private(inode)->lower_file);
252 rc = read_or_initialize_metadata(dentry: ecryptfs_dentry);
253 if (rc)
254 goto out_put;
255 ecryptfs_printk(KERN_DEBUG, "inode w/ addr = [0x%p], i_ino = "
256 "[0x%.16lx] size: [0x%.16llx]\n", inode, inode->i_ino,
257 (unsigned long long)i_size_read(inode));
258 goto out;
259out_put:
260 ecryptfs_put_lower_file(inode);
261out_free:
262 kmem_cache_free(s: ecryptfs_file_info_cache,
263 objp: ecryptfs_file_to_private(file));
264out:
265 return rc;
266}
267
268/**
269 * ecryptfs_dir_open
270 * @inode: inode specifying file to open
271 * @file: Structure to return filled in
272 *
273 * Opens the file specified by inode.
274 *
275 * Returns zero on success; non-zero otherwise
276 */
277static int ecryptfs_dir_open(struct inode *inode, struct file *file)
278{
279 struct dentry *ecryptfs_dentry = file->f_path.dentry;
280 /* Private value of ecryptfs_dentry allocated in
281 * ecryptfs_lookup() */
282 struct ecryptfs_file_info *file_info;
283 struct file *lower_file;
284 struct path path;
285
286 /* Released in ecryptfs_release or end of function if failure */
287 file_info = kmem_cache_zalloc(ecryptfs_file_info_cache, GFP_KERNEL);
288 ecryptfs_set_file_private(file, file_info);
289 if (unlikely(!file_info)) {
290 ecryptfs_printk(KERN_ERR,
291 "Error attempting to allocate memory\n");
292 return -ENOMEM;
293 }
294 path = ecryptfs_lower_path(dentry: ecryptfs_dentry);
295 lower_file = dentry_open(path: &path, flags: file->f_flags, current_cred());
296 if (IS_ERR(ptr: lower_file)) {
297 printk(KERN_ERR "%s: Error attempting to initialize "
298 "the lower file for the dentry with name "
299 "[%pd]; rc = [%ld]\n", __func__,
300 ecryptfs_dentry, PTR_ERR(lower_file));
301 kmem_cache_free(s: ecryptfs_file_info_cache, objp: file_info);
302 return PTR_ERR(ptr: lower_file);
303 }
304 ecryptfs_set_file_lower(file, lower_file);
305 return 0;
306}
307
308static int ecryptfs_flush(struct file *file, fl_owner_t td)
309{
310 struct file *lower_file = ecryptfs_file_to_lower(file);
311
312 if (lower_file->f_op->flush) {
313 filemap_write_and_wait(mapping: file->f_mapping);
314 return lower_file->f_op->flush(lower_file, td);
315 }
316
317 return 0;
318}
319
320static int ecryptfs_release(struct inode *inode, struct file *file)
321{
322 ecryptfs_put_lower_file(inode);
323 kmem_cache_free(s: ecryptfs_file_info_cache,
324 objp: ecryptfs_file_to_private(file));
325 return 0;
326}
327
328static int ecryptfs_dir_release(struct inode *inode, struct file *file)
329{
330 fput(ecryptfs_file_to_lower(file));
331 kmem_cache_free(s: ecryptfs_file_info_cache,
332 objp: ecryptfs_file_to_private(file));
333 return 0;
334}
335
336static loff_t ecryptfs_dir_llseek(struct file *file, loff_t offset, int whence)
337{
338 return vfs_llseek(file: ecryptfs_file_to_lower(file), offset, whence);
339}
340
341static int
342ecryptfs_fsync(struct file *file, loff_t start, loff_t end, int datasync)
343{
344 int rc;
345
346 rc = file_write_and_wait(file);
347 if (rc)
348 return rc;
349
350 return vfs_fsync(file: ecryptfs_file_to_lower(file), datasync);
351}
352
353static int ecryptfs_fasync(int fd, struct file *file, int flag)
354{
355 int rc = 0;
356 struct file *lower_file = NULL;
357
358 lower_file = ecryptfs_file_to_lower(file);
359 if (lower_file->f_op->fasync)
360 rc = lower_file->f_op->fasync(fd, lower_file, flag);
361 return rc;
362}
363
364static long
365ecryptfs_unlocked_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
366{
367 struct file *lower_file = ecryptfs_file_to_lower(file);
368 long rc = -ENOTTY;
369
370 if (!lower_file->f_op->unlocked_ioctl)
371 return rc;
372
373 switch (cmd) {
374 case FITRIM:
375 case FS_IOC_GETFLAGS:
376 case FS_IOC_SETFLAGS:
377 case FS_IOC_GETVERSION:
378 case FS_IOC_SETVERSION:
379 rc = lower_file->f_op->unlocked_ioctl(lower_file, cmd, arg);
380 fsstack_copy_attr_all(dest: file_inode(f: file), src: file_inode(f: lower_file));
381
382 return rc;
383 default:
384 return rc;
385 }
386}
387
388#ifdef CONFIG_COMPAT
389static long
390ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
391{
392 struct file *lower_file = ecryptfs_file_to_lower(file);
393 long rc = -ENOIOCTLCMD;
394
395 if (!lower_file->f_op->compat_ioctl)
396 return rc;
397
398 switch (cmd) {
399 case FITRIM:
400 case FS_IOC32_GETFLAGS:
401 case FS_IOC32_SETFLAGS:
402 case FS_IOC32_GETVERSION:
403 case FS_IOC32_SETVERSION:
404 rc = lower_file->f_op->compat_ioctl(lower_file, cmd, arg);
405 fsstack_copy_attr_all(dest: file_inode(f: file), src: file_inode(f: lower_file));
406
407 return rc;
408 default:
409 return rc;
410 }
411}
412#endif
413
414const struct file_operations ecryptfs_dir_fops = {
415 .iterate_shared = ecryptfs_readdir,
416 .read = generic_read_dir,
417 .unlocked_ioctl = ecryptfs_unlocked_ioctl,
418#ifdef CONFIG_COMPAT
419 .compat_ioctl = ecryptfs_compat_ioctl,
420#endif
421 .open = ecryptfs_dir_open,
422 .release = ecryptfs_dir_release,
423 .fsync = ecryptfs_fsync,
424 .llseek = ecryptfs_dir_llseek,
425};
426
427const struct file_operations ecryptfs_main_fops = {
428 .llseek = generic_file_llseek,
429 .read_iter = ecryptfs_read_update_atime,
430 .write_iter = generic_file_write_iter,
431 .unlocked_ioctl = ecryptfs_unlocked_ioctl,
432#ifdef CONFIG_COMPAT
433 .compat_ioctl = ecryptfs_compat_ioctl,
434#endif
435 .mmap = ecryptfs_mmap,
436 .open = ecryptfs_open,
437 .flush = ecryptfs_flush,
438 .release = ecryptfs_release,
439 .fsync = ecryptfs_fsync,
440 .fasync = ecryptfs_fasync,
441 .splice_read = ecryptfs_splice_read_update_atime,
442};
443

source code of linux/fs/ecryptfs/file.c