fscrypt.h source code [linux/include/linux/fscrypt.h]

1	/ SPDX-License-Identifier: GPL-2.0 /
2	/*
3	* fscrypt.h: declarations for per-file encryption
4	*
5	* Filesystems that implement per-file encryption must include this header
6	* file.
7	*
8	* Copyright (C) 2015, Google, Inc.
9	*
10	* Written by Michael Halcrow, 2015.
11	* Modified by Jaegeuk Kim, 2015.
12	*/
13	#ifndef _LINUX_FSCRYPT_H
14	#define _LINUX_FSCRYPT_H
15
16	#include <linux/fs.h>
17	#include <linux/mm.h>
18	#include <linux/slab.h>
19	#include <uapi/linux/fscrypt.h>
20
21	/*
22	* The lengths of all file contents blocks must be divisible by this value.
23	* This is needed to ensure that all contents encryption modes will work, as
24	* some of the supported modes don't support arbitrarily byte-aligned messages.
25	*
26	* Since the needed alignment is 16 bytes, most filesystems will meet this
27	* requirement naturally, as typical block sizes are powers of 2. However, if a
28	* filesystem can generate arbitrarily byte-aligned block lengths (e.g., via
29	* compression), then it will need to pad to this alignment before encryption.
30	*/
31	#define FSCRYPT_CONTENTS_ALIGNMENT 16
32
33	union fscrypt_policy;
34	struct fscrypt_inode_info;
35	struct fs_parameter;
36	struct seq_file;
37
38	struct fscrypt_str {
39	unsigned char *name;
40	u32 len;
41	};
42
43	struct fscrypt_name {
44	const struct qstr *usr_fname;
45	struct fscrypt_str disk_name;
46	u32 hash;
47	u32 minor_hash;
48	struct fscrypt_str crypto_buf;
49	bool is_nokey_name;
50	};
51
52	#define FSTR_INIT(n, l) { .name = n, .len = l }
53	#define FSTR_TO_QSTR(f) QSTR_INIT((f)->name, (f)->len)
54	#define fname_name(p) ((p)->disk_name.name)
55	#define fname_len(p) ((p)->disk_name.len)
56
57	/ Maximum value for the third parameter of fscrypt_operations.set_context(). /
58	#define FSCRYPT_SET_CONTEXT_MAX_SIZE 40
59
60	#ifdef CONFIG_FS_ENCRYPTION
61
62	/ Crypto operations for filesystems /
63	struct fscrypt_operations {
64	/*
65	* The offset of the pointer to struct fscrypt_inode_info in the
66	* filesystem-specific part of the inode, relative to the beginning of
67	* the common part of the inode (the 'struct inode').
68	*/
69	ptrdiff_t inode_info_offs;
70
71	/*
72	* If set, then fs/crypto/ will allocate a global bounce page pool the
73	* first time an encryption key is set up for a file. The bounce page
74	* pool is required by the following functions:
75	*
76	* - fscrypt_encrypt_pagecache_blocks()
77	* - fscrypt_zeroout_range() for files not using inline crypto
78	*
79	* If the filesystem doesn't use those, it doesn't need to set this.
80	*/
81	unsigned int needs_bounce_pages : `1`;
82
83	/*
84	* If set, then fs/crypto/ will allow the use of encryption settings
85	* that assume inode numbers fit in 32 bits (i.e.
86	* FSCRYPT_POLICY_FLAG_IV_INO_LBLK_{32,64}), provided that the other
87	* prerequisites for these settings are also met. This is only useful
88	* if the filesystem wants to support inline encryption hardware that is
89	* limited to 32-bit or 64-bit data unit numbers and where programming
90	* keyslots is very slow.
91	*/
92	unsigned int has_32bit_inodes : `1`;
93
94	/*
95	* If set, then fs/crypto/ will allow users to select a crypto data unit
96	* size that is less than the filesystem block size. This is done via
97	* the log2_data_unit_size field of the fscrypt policy. This flag is
98	* not compatible with filesystems that encrypt variable-length blocks
99	* (i.e. blocks that aren't all equal to filesystem's block size), for
100	* example as a result of compression. It's also not compatible with
101	* the fscrypt_encrypt_block_inplace() and
102	* fscrypt_decrypt_block_inplace() functions.
103	*/
104	unsigned int supports_subblock_data_units : `1`;
105
106	/*
107	* This field exists only for backwards compatibility reasons and should
108	* only be set by the filesystems that are setting it already. It
109	* contains the filesystem-specific key description prefix that is
110	* accepted for "logon" keys for v1 fscrypt policies. This
111	* functionality is deprecated in favor of the generic prefix
112	* "fscrypt:", which itself is deprecated in favor of the filesystem
113	* keyring ioctls such as FS_IOC_ADD_ENCRYPTION_KEY. Filesystems that
114	* are newly adding fscrypt support should not set this field.
115	*/
116	const char *legacy_key_prefix;
117
118	/*
119	* Get the fscrypt context of the given inode.
120	*
121	* @inode: the inode whose context to get
122	* @ctx: the buffer into which to get the context
123	* @len: length of the @ctx buffer in bytes
124	*
125	* Return: On success, returns the length of the context in bytes; this
126	* may be less than @len. On failure, returns -ENODATA if the
127	* inode doesn't have a context, -ERANGE if the context is
128	* longer than @len, or another -errno code.
129	*/
130	int (get_context)(struct* inode inode, void* *ctx, size_t len);
131
132	/*
133	* Set an fscrypt context on the given inode.
134	*
135	* @inode: the inode whose context to set. The inode won't already have
136	* an fscrypt context.
137	* @ctx: the context to set
138	* @len: length of @ctx in bytes (at most FSCRYPT_SET_CONTEXT_MAX_SIZE)
139	* @fs_data: If called from fscrypt_set_context(), this will be the
140	* value the filesystem passed to fscrypt_set_context().
141	* Otherwise (i.e. when called from
142	* FS_IOC_SET_ENCRYPTION_POLICY) this will be NULL.
143	*
144	* i_rwsem will be held for write.
145	*
146	* Return: 0 on success, -errno on failure.
147	*/
148	int (set_context)(struct* inode inode, const* void *ctx, size_t len,
149	void *fs_data);
150
151	/*
152	* Get the dummy fscrypt policy in use on the filesystem (if any).
153	*
154	* Filesystems only need to implement this function if they support the
155	* test_dummy_encryption mount option.
156	*
157	* Return: A pointer to the dummy fscrypt policy, if the filesystem is
158	* mounted with test_dummy_encryption; otherwise NULL.
159	*/
160	const union fscrypt_policy (get_dummy_policy)(struct super_block *sb);
161
162	/*
163	* Check whether a directory is empty. i_rwsem will be held for write.
164	*/
165	bool (empty_dir)(struct* inode *inode);
166
167	/*
168	* Check whether the filesystem's inode numbers and UUID are stable,
169	* meaning that they will never be changed even by offline operations
170	* such as filesystem shrinking and therefore can be used in the
171	* encryption without the possibility of files becoming unreadable.
172	*
173	* Filesystems only need to implement this function if they want to
174	* support the FSCRYPT_POLICY_FLAG_IV_INO_LBLK_{32,64} flags. These
175	* flags are designed to work around the limitations of UFS and eMMC
176	* inline crypto hardware, and they shouldn't be used in scenarios where
177	* such hardware isn't being used.
178	*
179	* Leaving this NULL is equivalent to always returning false.
180	*/
181	bool (has_stable_inodes)(struct* super_block *sb);
182
183	/*
184	* Return an array of pointers to the block devices to which the
185	* filesystem may write encrypted file contents, NULL if the filesystem
186	* only has a single such block device, or an ERR_PTR() on error.
187	*
188	* On successful non-NULL return, *num_devs is set to the number of
189	* devices in the returned array. The caller must free the returned
190	* array using kfree().
191	*
192	* If the filesystem can use multiple block devices (other than block
193	* devices that aren't used for encrypted file contents, such as
194	* external journal devices), and wants to support inline encryption,
195	* then it must implement this function. Otherwise it's not needed.
196	*/
197	struct block_device *(get_devices)(struct super_block *sb,
198	unsigned int *num_devs);
199	};
200
201	int fscrypt_d_revalidate(struct inode dir, const* struct qstr *name,
202	struct dentry dentry, unsigned* int flags);
203
204	/*
205	* Returns the address of the fscrypt info pointer within the
206	* filesystem-specific part of the inode. (To save memory on filesystems that
207	* don't support fscrypt, a field in 'struct inode' itself is no longer used.)
208	*/
209	static inline struct fscrypt_inode_info **
210	fscrypt_inode_info_addr(const struct inode *inode)
211	{
212	VFS_WARN_ON_ONCE(inode->i_sb->s_cop->inode_info_offs == `0`);
213	return (void *)inode + inode->i_sb->s_cop->inode_info_offs;
214	}
215
216	/*
217	* Load the inode's fscrypt info pointer, using a raw dereference. Since this
218	* uses a raw dereference with no memory barrier, it is appropriate to use only
219	* when the caller knows the inode's key setup already happened, resulting in
220	* non-NULL fscrypt info. E.g., the file contents en/decryption functions use
221	* this, since fscrypt_file_open() set up the key.
222	*/
223	static inline struct fscrypt_inode_info *
224	fscrypt_get_inode_info_raw(const struct inode *inode)
225	{
226	struct fscrypt_inode_info ci = fscrypt_inode_info_addr(inode);
227
228	VFS_WARN_ON_ONCE(ci == NULL);
229	return ci;
230	}
231
232	static inline struct fscrypt_inode_info *
233	fscrypt_get_inode_info(const struct inode *inode)
234	{
235	/*
236	* Pairs with the cmpxchg_release() in fscrypt_setup_encryption_info().
237	* I.e., another task may publish the fscrypt info concurrently,
238	* executing a RELEASE barrier. Use smp_load_acquire() here to safely
239	* ACQUIRE the memory the other task published.
240	*/
241	return smp_load_acquire(fscrypt_inode_info_addr(inode));
242	}
243
244	/**
245	* fscrypt_needs_contents_encryption() - check whether an inode needs
246	* contents encryption
247	* @inode: the inode to check
248	*
249	* Return: %true iff the inode is an encrypted regular file and the kernel was
250	* built with fscrypt support.
251	*
252	* If you need to know whether the encrypt bit is set even when the kernel was
253	* built without fscrypt support, you must use IS_ENCRYPTED() directly instead.
254	*/
255	static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
256	{
257	return IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode);
258	}
259
260	/*
261	* When d_splice_alias() moves a directory's no-key alias to its
262	* plaintext alias as a result of the encryption key being added,
263	* DCACHE_NOKEY_NAME must be cleared and there might be an opportunity
264	* to disable d_revalidate. Note that we don't have to support the
265	* inverse operation because fscrypt doesn't allow no-key names to be
266	* the source or target of a rename().
267	*/
268	static inline void fscrypt_handle_d_move(struct dentry *dentry)
269	{
270	/*
271	* VFS calls fscrypt_handle_d_move even for non-fscrypt
272	* filesystems.
273	*/
274	if (dentry->d_flags & DCACHE_NOKEY_NAME) {
275	dentry->d_flags &= ~DCACHE_NOKEY_NAME;
276
277	/*
278	* Other filesystem features might be handling dentry
279	* revalidation, in which case it cannot be disabled.
280	*/
281	if (dentry->d_op->d_revalidate == fscrypt_d_revalidate)
282	dentry->d_flags &= ~DCACHE_OP_REVALIDATE;
283	}
284	}
285
286	/**
287	* fscrypt_is_nokey_name() - test whether a dentry is a no-key name
288	* @dentry: the dentry to check
289	*
290	* This returns true if the dentry is a no-key dentry. A no-key dentry is a
291	* dentry that was created in an encrypted directory that hasn't had its
292	* encryption key added yet. Such dentries may be either positive or negative.
293	*
294	* When a filesystem is asked to create a new filename in an encrypted directory
295	* and the new filename's dentry is a no-key dentry, it must fail the operation
296	* with ENOKEY. This includes ->create(), ->mkdir(), ->mknod(), ->symlink(),
297	* ->rename(), and ->link(). (However, ->rename() and ->link() are already
298	* handled by fscrypt_prepare_rename() and fscrypt_prepare_link().)
299	*
300	* This is necessary because creating a filename requires the directory's
301	* encryption key, but just checking for the key on the directory inode during
302	* the final filesystem operation doesn't guarantee that the key was available
303	* during the preceding dentry lookup. And the key must have already been
304	* available during the dentry lookup in order for it to have been checked
305	* whether the filename already exists in the directory and for the new file's
306	* dentry not to be invalidated due to it incorrectly having the no-key flag.
307	*
308	* Return: %true if the dentry is a no-key name
309	*/
310	static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
311	{
312	return dentry->d_flags & DCACHE_NOKEY_NAME;
313	}
314
315	static inline void fscrypt_prepare_dentry(struct dentry *dentry,
316	bool is_nokey_name)
317	{
318	/*
319	* This code tries to only take ->d_lock when necessary to write
320	* to ->d_flags. We shouldn't be peeking on d_flags for
321	* DCACHE_OP_REVALIDATE unlocked, but in the unlikely case
322	* there is a race, the worst it can happen is that we fail to
323	* unset DCACHE_OP_REVALIDATE and pay the cost of an extra
324	* d_revalidate.
325	*/
326	if (is_nokey_name) {
327	spin_lock(lock: &dentry->d_lock);
328	dentry->d_flags \|= DCACHE_NOKEY_NAME;
329	spin_unlock(lock: &dentry->d_lock);
330	} else if (dentry->d_flags & DCACHE_OP_REVALIDATE &&
331	dentry->d_op->d_revalidate == fscrypt_d_revalidate) {
332	/*
333	* Unencrypted dentries and encrypted dentries where the
334	* key is available are always valid from fscrypt
335	* perspective. Avoid the cost of calling
336	* fscrypt_d_revalidate unnecessarily.
337	*/
338	spin_lock(lock: &dentry->d_lock);
339	dentry->d_flags &= ~DCACHE_OP_REVALIDATE;
340	spin_unlock(lock: &dentry->d_lock);
341	}
342	}
343
344	/ crypto.c /
345	void fscrypt_enqueue_decrypt_work(struct work_struct *);
346
347	struct page fscrypt_encrypt_pagecache_blocks(struct* folio *folio,
348	size_t len, size_t offs, gfp_t gfp_flags);
349	int fscrypt_encrypt_block_inplace(const struct inode inode, struct* page *page,
350	unsigned int len, unsigned int offs,
351	u64 lblk_num);
352
353	int fscrypt_decrypt_pagecache_blocks(struct folio *folio, size_t len,
354	size_t offs);
355	int fscrypt_decrypt_block_inplace(const struct inode inode, struct* page *page,
356	unsigned int len, unsigned int offs,
357	u64 lblk_num);
358
359	static inline bool fscrypt_is_bounce_page(struct page *page)
360	{
361	return page->mapping == NULL;
362	}
363
364	static inline struct page fscrypt_pagecache_page(struct* page *bounce_page)
365	{
366	return (struct page *)page_private(bounce_page);
367	}
368
369	static inline bool fscrypt_is_bounce_folio(const struct folio *folio)
370	{
371	return folio->mapping == NULL;
372	}
373
374	static inline
375	struct folio fscrypt_pagecache_folio(const* struct folio *bounce_folio)
376	{
377	return bounce_folio->private;
378	}
379
380	void fscrypt_free_bounce_page(struct page *bounce_page);
381
382	/ policy.c /
383	int fscrypt_ioctl_set_policy(struct file filp, const* void __user *arg);
384	int fscrypt_ioctl_get_policy(struct file filp, void* __user *arg);
385	int fscrypt_ioctl_get_policy_ex(struct file filp, void* __user *arg);
386	int fscrypt_ioctl_get_nonce(struct file filp, void* __user *arg);
387	int fscrypt_has_permitted_context(struct inode parent, struct* inode *child);
388	int fscrypt_context_for_new_inode(void ctx, struct* inode *inode);
389	int fscrypt_set_context(struct inode inode, void* *fs_data);
390
391	struct fscrypt_dummy_policy {
392	const union fscrypt_policy *policy;
393	};
394
395	int fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
396	struct fscrypt_dummy_policy *dummy_policy);
397	bool fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
398	const struct fscrypt_dummy_policy *p2);
399	void fscrypt_show_test_dummy_encryption(struct seq_file seq, char* sep,
400	struct super_block *sb);
401	static inline bool
402	fscrypt_is_dummy_policy_set(const struct fscrypt_dummy_policy *dummy_policy)
403	{
404	return dummy_policy->policy != NULL;
405	}
406	static inline void
407	fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
408	{
409	kfree(objp: dummy_policy->policy);
410	dummy_policy->policy = NULL;
411	}
412
413	/ keyring.c /
414	void fscrypt_destroy_keyring(struct super_block *sb);
415	int fscrypt_ioctl_add_key(struct file filp, void* __user *arg);
416	int fscrypt_ioctl_remove_key(struct file filp, void* __user *arg);
417	int fscrypt_ioctl_remove_key_all_users(struct file filp, void* __user *arg);
418	int fscrypt_ioctl_get_key_status(struct file filp, void* __user *arg);
419
420	/ keysetup.c /
421	int fscrypt_prepare_new_inode(struct inode dir, struct* inode *inode,
422	bool *encrypt_ret);
423	void fscrypt_put_encryption_info(struct inode *inode);
424	void fscrypt_free_inode(struct inode *inode);
425	int fscrypt_drop_inode(struct inode *inode);
426
427	/ fname.c /
428	int fscrypt_fname_encrypt(const struct inode inode, const* struct qstr *iname,
429	u8 out, unsigned* int olen);
430	bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
431	u32 max_len, u32 *encrypted_len_ret);
432	int fscrypt_setup_filename(struct inode inode, const* struct qstr *iname,
433	int lookup, struct fscrypt_name *fname);
434
435	static inline void fscrypt_free_filename(struct fscrypt_name *fname)
436	{
437	kfree(objp: fname->crypto_buf.name);
438	}
439
440	int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
441	struct fscrypt_str *crypto_str);
442	void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str);
443	int fscrypt_fname_disk_to_usr(const struct inode *inode,
444	u32 hash, u32 minor_hash,
445	const struct fscrypt_str *iname,
446	struct fscrypt_str *oname);
447	bool fscrypt_match_name(const struct fscrypt_name *fname,
448	const u8 *de_name, u32 de_name_len);
449	u64 fscrypt_fname_siphash(const struct inode dir, const* struct qstr *name);
450
451	/ bio.c /
452	bool fscrypt_decrypt_bio(struct bio *bio);
453	int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
454	sector_t pblk, unsigned int len);
455
456	/ hooks.c /
457	int fscrypt_file_open(struct inode inode, struct* file *filp);
458	int __fscrypt_prepare_link(struct inode inode, struct* inode *dir,
459	struct dentry *dentry);
460	int __fscrypt_prepare_rename(struct inode old_dir, struct* dentry *old_dentry,
461	struct inode new_dir, struct* dentry *new_dentry,
462	unsigned int flags);
463	int __fscrypt_prepare_lookup(struct inode dir, struct* dentry *dentry,
464	struct fscrypt_name *fname);
465	int fscrypt_prepare_lookup_partial(struct inode dir, struct* dentry *dentry);
466	int __fscrypt_prepare_readdir(struct inode *dir);
467	int __fscrypt_prepare_setattr(struct dentry dentry, struct* iattr *attr);
468	int fscrypt_prepare_setflags(struct inode *inode,
469	unsigned int oldflags, unsigned int flags);
470	int fscrypt_prepare_symlink(struct inode dir, const* char *target,
471	unsigned int len, unsigned int max_len,
472	struct fscrypt_str *disk_link);
473	int __fscrypt_encrypt_symlink(struct inode inode, const* char *target,
474	unsigned int len, struct fscrypt_str *disk_link);
475	const char fscrypt_get_symlink(struct* inode inode, const* void *caddr,
476	unsigned int max_size,
477	struct delayed_call *done);
478	int fscrypt_symlink_getattr(const struct path path, struct* kstat *stat);
479	static inline void fscrypt_set_ops(struct super_block *sb,
480	const struct fscrypt_operations *s_cop)
481	{
482	sb->s_cop = s_cop;
483	}
484	#else /* !CONFIG_FS_ENCRYPTION */
485
486	static inline struct fscrypt_inode_info *
487	fscrypt_get_inode_info(const struct inode *inode)
488	{
489	return NULL;
490	}
491
492	static inline bool fscrypt_needs_contents_encryption(const struct inode *inode)
493	{
494	return false;
495	}
496
497	static inline void fscrypt_handle_d_move(struct dentry *dentry)
498	{
499	}
500
501	static inline bool fscrypt_is_nokey_name(const struct dentry *dentry)
502	{
503	return false;
504	}
505
506	static inline void fscrypt_prepare_dentry(struct dentry *dentry,
507	bool is_nokey_name)
508	{
509	}
510
511	/ crypto.c /
512	static inline void fscrypt_enqueue_decrypt_work(struct work_struct *work)
513	{
514	}
515
516	static inline struct page fscrypt_encrypt_pagecache_blocks(struct* folio *folio,
517	size_t len, size_t offs, gfp_t gfp_flags)
518	{
519	return ERR_PTR(-EOPNOTSUPP);
520	}
521
522	static inline int fscrypt_encrypt_block_inplace(const struct inode *inode,
523	struct page *page,
524	unsigned int len,
525	unsigned int offs, u64 lblk_num)
526	{
527	return -EOPNOTSUPP;
528	}
529
530	static inline int fscrypt_decrypt_pagecache_blocks(struct folio *folio,
531	size_t len, size_t offs)
532	{
533	return -EOPNOTSUPP;
534	}
535
536	static inline int fscrypt_decrypt_block_inplace(const struct inode *inode,
537	struct page *page,
538	unsigned int len,
539	unsigned int offs, u64 lblk_num)
540	{
541	return -EOPNOTSUPP;
542	}
543
544	static inline bool fscrypt_is_bounce_page(struct page *page)
545	{
546	return false;
547	}
548
549	static inline struct page fscrypt_pagecache_page(struct* page *bounce_page)
550	{
551	WARN_ON_ONCE(`1`);
552	return ERR_PTR(-EINVAL);
553	}
554
555	static inline bool fscrypt_is_bounce_folio(const struct folio *folio)
556	{
557	return false;
558	}
559
560	static inline
561	struct folio fscrypt_pagecache_folio(const* struct folio *bounce_folio)
562	{
563	WARN_ON_ONCE(`1`);
564	return ERR_PTR(-EINVAL);
565	}
566
567	static inline void fscrypt_free_bounce_page(struct page *bounce_page)
568	{
569	}
570
571	/ policy.c /
572	static inline int fscrypt_ioctl_set_policy(struct file *filp,
573	const void __user *arg)
574	{
575	return -EOPNOTSUPP;
576	}
577
578	static inline int fscrypt_ioctl_get_policy(struct file filp, void* __user *arg)
579	{
580	return -EOPNOTSUPP;
581	}
582
583	static inline int fscrypt_ioctl_get_policy_ex(struct file *filp,
584	void __user *arg)
585	{
586	return -EOPNOTSUPP;
587	}
588
589	static inline int fscrypt_ioctl_get_nonce(struct file filp, void* __user *arg)
590	{
591	return -EOPNOTSUPP;
592	}
593
594	static inline int fscrypt_has_permitted_context(struct inode *parent,
595	struct inode *child)
596	{
597	return `0`;
598	}
599
600	static inline int fscrypt_set_context(struct inode inode, void* *fs_data)
601	{
602	return -EOPNOTSUPP;
603	}
604
605	struct fscrypt_dummy_policy {
606	};
607
608	static inline int
609	fscrypt_parse_test_dummy_encryption(const struct fs_parameter *param,
610	struct fscrypt_dummy_policy *dummy_policy)
611	{
612	return -EINVAL;
613	}
614
615	static inline bool
616	fscrypt_dummy_policies_equal(const struct fscrypt_dummy_policy *p1,
617	const struct fscrypt_dummy_policy *p2)
618	{
619	return true;
620	}
621
622	static inline void fscrypt_show_test_dummy_encryption(struct seq_file *seq,
623	char sep,
624	struct super_block *sb)
625	{
626	}
627
628	static inline bool
629	fscrypt_is_dummy_policy_set(const struct fscrypt_dummy_policy *dummy_policy)
630	{
631	return false;
632	}
633
634	static inline void
635	fscrypt_free_dummy_policy(struct fscrypt_dummy_policy *dummy_policy)
636	{
637	}
638
639	/ keyring.c /
640	static inline void fscrypt_destroy_keyring(struct super_block *sb)
641	{
642	}
643
644	static inline int fscrypt_ioctl_add_key(struct file filp, void* __user *arg)
645	{
646	return -EOPNOTSUPP;
647	}
648
649	static inline int fscrypt_ioctl_remove_key(struct file filp, void* __user *arg)
650	{
651	return -EOPNOTSUPP;
652	}
653
654	static inline int fscrypt_ioctl_remove_key_all_users(struct file *filp,
655	void __user *arg)
656	{
657	return -EOPNOTSUPP;
658	}
659
660	static inline int fscrypt_ioctl_get_key_status(struct file *filp,
661	void __user *arg)
662	{
663	return -EOPNOTSUPP;
664	}
665
666	/ keysetup.c /
667
668	static inline int fscrypt_prepare_new_inode(struct inode *dir,
669	struct inode *inode,
670	bool *encrypt_ret)
671	{
672	if (IS_ENCRYPTED(dir))
673	return -EOPNOTSUPP;
674	return `0`;
675	}
676
677	static inline void fscrypt_put_encryption_info(struct inode *inode)
678	{
679	return;
680	}
681
682	static inline void fscrypt_free_inode(struct inode *inode)
683	{
684	}
685
686	static inline int fscrypt_drop_inode(struct inode *inode)
687	{
688	return `0`;
689	}
690
691	/ fname.c /
692	static inline int fscrypt_setup_filename(struct inode *dir,
693	const struct qstr *iname,
694	int lookup, struct fscrypt_name *fname)
695	{
696	if (IS_ENCRYPTED(dir))
697	return -EOPNOTSUPP;
698
699	memset(fname, `0`, sizeof(*fname));
700	fname->usr_fname = iname;
701	fname->disk_name.name = (unsigned char *)iname->name;
702	fname->disk_name.len = iname->len;
703	return `0`;
704	}
705
706	static inline void fscrypt_free_filename(struct fscrypt_name *fname)
707	{
708	return;
709	}
710
711	static inline int fscrypt_fname_alloc_buffer(u32 max_encrypted_len,
712	struct fscrypt_str *crypto_str)
713	{
714	return -EOPNOTSUPP;
715	}
716
717	static inline void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
718	{
719	return;
720	}
721
722	static inline int fscrypt_fname_disk_to_usr(const struct inode *inode,
723	u32 hash, u32 minor_hash,
724	const struct fscrypt_str *iname,
725	struct fscrypt_str *oname)
726	{
727	return -EOPNOTSUPP;
728	}
729
730	static inline bool fscrypt_match_name(const struct fscrypt_name *fname,
731	const u8 *de_name, u32 de_name_len)
732	{
733	/ Encryption support disabled; use standard comparison /
734	if (de_name_len != fname->disk_name.len)
735	return false;
736	return !memcmp(de_name, fname->disk_name.name, fname->disk_name.len);
737	}
738
739	static inline u64 fscrypt_fname_siphash(const struct inode *dir,
740	const struct qstr *name)
741	{
742	WARN_ON_ONCE(`1`);
743	return `0`;
744	}
745
746	static inline int fscrypt_d_revalidate(struct inode dir, const* struct qstr *name,
747	struct dentry dentry, unsigned* int flags)
748	{
749	return `1`;
750	}
751
752	/ bio.c /
753	static inline bool fscrypt_decrypt_bio(struct bio *bio)
754	{
755	return true;
756	}
757
758	static inline int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
759	sector_t pblk, unsigned int len)
760	{
761	return -EOPNOTSUPP;
762	}
763
764	/ hooks.c /
765
766	static inline int fscrypt_file_open(struct inode inode, struct* file *filp)
767	{
768	if (IS_ENCRYPTED(inode))
769	return -EOPNOTSUPP;
770	return `0`;
771	}
772
773	static inline int __fscrypt_prepare_link(struct inode inode, struct* inode *dir,
774	struct dentry *dentry)
775	{
776	return -EOPNOTSUPP;
777	}
778
779	static inline int __fscrypt_prepare_rename(struct inode *old_dir,
780	struct dentry *old_dentry,
781	struct inode *new_dir,
782	struct dentry *new_dentry,
783	unsigned int flags)
784	{
785	return -EOPNOTSUPP;
786	}
787
788	static inline int __fscrypt_prepare_lookup(struct inode *dir,
789	struct dentry *dentry,
790	struct fscrypt_name *fname)
791	{
792	return -EOPNOTSUPP;
793	}
794
795	static inline int fscrypt_prepare_lookup_partial(struct inode *dir,
796	struct dentry *dentry)
797	{
798	return -EOPNOTSUPP;
799	}
800
801	static inline int __fscrypt_prepare_readdir(struct inode *dir)
802	{
803	return -EOPNOTSUPP;
804	}
805
806	static inline int __fscrypt_prepare_setattr(struct dentry *dentry,
807	struct iattr *attr)
808	{
809	return -EOPNOTSUPP;
810	}
811
812	static inline int fscrypt_prepare_setflags(struct inode *inode,
813	unsigned int oldflags,
814	unsigned int flags)
815	{
816	return `0`;
817	}
818
819	static inline int fscrypt_prepare_symlink(struct inode *dir,
820	const char *target,
821	unsigned int len,
822	unsigned int max_len,
823	struct fscrypt_str *disk_link)
824	{
825	if (IS_ENCRYPTED(dir))
826	return -EOPNOTSUPP;
827	disk_link->name = (unsigned char *)target;
828	disk_link->len = len + `1`;
829	if (disk_link->len > max_len)
830	return -ENAMETOOLONG;
831	return `0`;
832	}
833
834	static inline int __fscrypt_encrypt_symlink(struct inode *inode,
835	const char *target,
836	unsigned int len,
837	struct fscrypt_str *disk_link)
838	{
839	return -EOPNOTSUPP;
840	}
841
842	static inline const char fscrypt_get_symlink(struct* inode *inode,
843	const void *caddr,
844	unsigned int max_size,
845	struct delayed_call *done)
846	{
847	return ERR_PTR(-EOPNOTSUPP);
848	}
849
850	static inline int fscrypt_symlink_getattr(const struct path *path,
851	struct kstat *stat)
852	{
853	return -EOPNOTSUPP;
854	}
855
856	static inline void fscrypt_set_ops(struct super_block *sb,
857	const struct fscrypt_operations *s_cop)
858	{
859	}
860
861	#endif /* !CONFIG_FS_ENCRYPTION */
862
863	/ inline_crypt.c /
864	#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
865
866	bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode);
867
868	void fscrypt_set_bio_crypt_ctx(struct bio *bio,
869	const struct inode *inode, u64 first_lblk,
870	gfp_t gfp_mask);
871
872	void fscrypt_set_bio_crypt_ctx_bh(struct bio *bio,
873	const struct buffer_head *first_bh,
874	gfp_t gfp_mask);
875
876	bool fscrypt_mergeable_bio(struct bio bio, const* struct inode *inode,
877	u64 next_lblk);
878
879	bool fscrypt_mergeable_bio_bh(struct bio *bio,
880	const struct buffer_head *next_bh);
881
882	bool fscrypt_dio_supported(struct inode *inode);
883
884	u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk, u64 nr_blocks);
885
886	#else /* CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
887
888	static inline bool __fscrypt_inode_uses_inline_crypto(const struct inode *inode)
889	{
890	return false;
891	}
892
893	static inline void fscrypt_set_bio_crypt_ctx(struct bio *bio,
894	const struct inode *inode,
895	u64 first_lblk, gfp_t gfp_mask) { }
896
897	static inline void fscrypt_set_bio_crypt_ctx_bh(
898	struct bio *bio,
899	const struct buffer_head *first_bh,
900	gfp_t gfp_mask) { }
901
902	static inline bool fscrypt_mergeable_bio(struct bio *bio,
903	const struct inode *inode,
904	u64 next_lblk)
905	{
906	return true;
907	}
908
909	static inline bool fscrypt_mergeable_bio_bh(struct bio *bio,
910	const struct buffer_head *next_bh)
911	{
912	return true;
913	}
914
915	static inline bool fscrypt_dio_supported(struct inode *inode)
916	{
917	return !fscrypt_needs_contents_encryption(inode);
918	}
919
920	static inline u64 fscrypt_limit_io_blocks(const struct inode *inode, u64 lblk,
921	u64 nr_blocks)
922	{
923	return nr_blocks;
924	}
925	#endif /* !CONFIG_FS_ENCRYPTION_INLINE_CRYPT */
926
927	/**
928	* fscrypt_inode_uses_inline_crypto() - test whether an inode uses inline
929	* encryption
930	* @inode: an inode. If encrypted, its key must be set up.
931	*
932	* Return: true if the inode requires file contents encryption and if the
933	* encryption should be done in the block layer via blk-crypto rather
934	* than in the filesystem layer.
935	*/
936	static inline bool fscrypt_inode_uses_inline_crypto(const struct inode *inode)
937	{
938	return fscrypt_needs_contents_encryption(inode) &&
939	__fscrypt_inode_uses_inline_crypto(inode);
940	}
941
942	/**
943	* fscrypt_inode_uses_fs_layer_crypto() - test whether an inode uses fs-layer
944	* encryption
945	* @inode: an inode. If encrypted, its key must be set up.
946	*
947	* Return: true if the inode requires file contents encryption and if the
948	* encryption should be done in the filesystem layer rather than in the
949	* block layer via blk-crypto.
950	*/
951	static inline bool fscrypt_inode_uses_fs_layer_crypto(const struct inode *inode)
952	{
953	return fscrypt_needs_contents_encryption(inode) &&
954	!__fscrypt_inode_uses_inline_crypto(inode);
955	}
956
957	/**
958	* fscrypt_has_encryption_key() - check whether an inode has had its key set up
959	* @inode: the inode to check
960	*
961	* Return: %true if the inode has had its encryption key set up, else %false.
962	*
963	* Usually this should be preceded by fscrypt_get_encryption_info() to try to
964	* set up the key first.
965	*/
966	static inline bool fscrypt_has_encryption_key(const struct inode *inode)
967	{
968	return fscrypt_get_inode_info(inode) != NULL;
969	}
970
971	/**
972	* fscrypt_prepare_link() - prepare to link an inode into a possibly-encrypted
973	* directory
974	* @old_dentry: an existing dentry for the inode being linked
975	* @dir: the target directory
976	* @dentry: negative dentry for the target filename
977	*
978	* A new link can only be added to an encrypted directory if the directory's
979	* encryption key is available --- since otherwise we'd have no way to encrypt
980	* the filename.
981	*
982	* We also verify that the link will not violate the constraint that all files
983	* in an encrypted directory tree use the same encryption policy.
984	*
985	* Return: 0 on success, -ENOKEY if the directory's encryption key is missing,
986	* -EXDEV if the link would result in an inconsistent encryption policy, or
987	* another -errno code.
988	*/
989	static inline int fscrypt_prepare_link(struct dentry *old_dentry,
990	struct inode *dir,
991	struct dentry *dentry)
992	{
993	if (IS_ENCRYPTED(dir))
994	return __fscrypt_prepare_link(inode: d_inode(dentry: old_dentry), dir, dentry);
995	return `0`;
996	}
997
998	/**
999	* fscrypt_prepare_rename() - prepare for a rename between possibly-encrypted
1000	* directories
1001	* @old_dir: source directory
1002	* @old_dentry: dentry for source file
1003	* @new_dir: target directory
1004	* @new_dentry: dentry for target location (may be negative unless exchanging)
1005	* @flags: rename flags (we care at least about %RENAME_EXCHANGE)
1006	*
1007	* Prepare for ->rename() where the source and/or target directories may be
1008	* encrypted. A new link can only be added to an encrypted directory if the
1009	* directory's encryption key is available --- since otherwise we'd have no way
1010	* to encrypt the filename. A rename to an existing name, on the other hand,
1011	* is cryptographically possible without the key. However, we take the more
1012	* conservative approach and just forbid all no-key renames.
1013	*
1014	* We also verify that the rename will not violate the constraint that all files
1015	* in an encrypted directory tree use the same encryption policy.
1016	*
1017	* Return: 0 on success, -ENOKEY if an encryption key is missing, -EXDEV if the
1018	* rename would cause inconsistent encryption policies, or another -errno code.
1019	*/
1020	static inline int fscrypt_prepare_rename(struct inode *old_dir,
1021	struct dentry *old_dentry,
1022	struct inode *new_dir,
1023	struct dentry *new_dentry,
1024	unsigned int flags)
1025	{
1026	if (IS_ENCRYPTED(old_dir) \|\| IS_ENCRYPTED(new_dir))
1027	return __fscrypt_prepare_rename(old_dir, old_dentry,
1028	new_dir, new_dentry, flags);
1029	return `0`;
1030	}
1031
1032	/**
1033	* fscrypt_prepare_lookup() - prepare to lookup a name in a possibly-encrypted
1034	* directory
1035	* @dir: directory being searched
1036	* @dentry: filename being looked up
1037	* @fname: (output) the name to use to search the on-disk directory
1038	*
1039	* Prepare for ->lookup() in a directory which may be encrypted by determining
1040	* the name that will actually be used to search the directory on-disk. If the
1041	* directory's encryption policy is supported by this kernel and its encryption
1042	* key is available, then the lookup is assumed to be by plaintext name;
1043	* otherwise, it is assumed to be by no-key name.
1044	*
1045	* This will set DCACHE_NOKEY_NAME on the dentry if the lookup is by no-key
1046	* name. In this case the filesystem must assign the dentry a dentry_operations
1047	* which contains fscrypt_d_revalidate (or contains a d_revalidate method that
1048	* calls fscrypt_d_revalidate), so that the dentry will be invalidated if the
1049	* directory's encryption key is later added.
1050	*
1051	* Return: 0 on success; -ENOENT if the directory's key is unavailable but the
1052	* filename isn't a valid no-key name, so a negative dentry should be created;
1053	* or another -errno code.
1054	*/
1055	static inline int fscrypt_prepare_lookup(struct inode *dir,
1056	struct dentry *dentry,
1057	struct fscrypt_name *fname)
1058	{
1059	if (IS_ENCRYPTED(dir))
1060	return __fscrypt_prepare_lookup(dir, dentry, fname);
1061
1062	memset(fname, `0`, sizeof(*fname));
1063	fname->usr_fname = &dentry->d_name;
1064	fname->disk_name.name = (unsigned char *)dentry->d_name.name;
1065	fname->disk_name.len = dentry->d_name.len;
1066
1067	fscrypt_prepare_dentry(dentry, is_nokey_name: false);
1068
1069	return `0`;
1070	}
1071
1072	/**
1073	* fscrypt_prepare_readdir() - prepare to read a possibly-encrypted directory
1074	* @dir: the directory inode
1075	*
1076	* If the directory is encrypted and it doesn't already have its encryption key
1077	* set up, try to set it up so that the filenames will be listed in plaintext
1078	* form rather than in no-key form.
1079	*
1080	* Return: 0 on success; -errno on error. Note that the encryption key being
1081	* unavailable is not considered an error. It is also not an error if
1082	* the encryption policy is unsupported by this kernel; that is treated
1083	* like the key being unavailable, so that files can still be deleted.
1084	*/
1085	static inline int fscrypt_prepare_readdir(struct inode *dir)
1086	{
1087	if (IS_ENCRYPTED(dir))
1088	return __fscrypt_prepare_readdir(dir);
1089	return `0`;
1090	}
1091
1092	/**
1093	* fscrypt_prepare_setattr() - prepare to change a possibly-encrypted inode's
1094	* attributes
1095	* @dentry: dentry through which the inode is being changed
1096	* @attr: attributes to change
1097	*
1098	* Prepare for ->setattr() on a possibly-encrypted inode. On an encrypted file,
1099	* most attribute changes are allowed even without the encryption key. However,
1100	* without the encryption key we do have to forbid truncates. This is needed
1101	* because the size being truncated to may not be a multiple of the filesystem
1102	* block size, and in that case we'd have to decrypt the final block, zero the
1103	* portion past i_size, and re-encrypt it. (We could allow truncating to a
1104	* filesystem block boundary, but it's simpler to just forbid all truncates ---
1105	* and we already forbid all other contents modifications without the key.)
1106	*
1107	* Return: 0 on success, -ENOKEY if the key is missing, or another -errno code
1108	* if a problem occurred while setting up the encryption key.
1109	*/
1110	static inline int fscrypt_prepare_setattr(struct dentry *dentry,
1111	struct iattr *attr)
1112	{
1113	if (IS_ENCRYPTED(d_inode(dentry)))
1114	return __fscrypt_prepare_setattr(dentry, attr);
1115	return `0`;
1116	}
1117
1118	/**
1119	* fscrypt_encrypt_symlink() - encrypt the symlink target if needed
1120	* @inode: symlink inode
1121	* @target: plaintext symlink target
1122	* @len: length of @target excluding null terminator
1123	* @disk_link: (in/out) the on-disk symlink target being prepared
1124	*
1125	* If the symlink target needs to be encrypted, then this function encrypts it
1126	* into @disk_link->name. fscrypt_prepare_symlink() must have been called
1127	* previously to compute @disk_link->len. If the filesystem did not allocate a
1128	* buffer for @disk_link->name after calling fscrypt_prepare_link(), then one
1129	* will be kmalloc()'ed and the filesystem will be responsible for freeing it.
1130	*
1131	* Return: 0 on success, -errno on failure
1132	*/
1133	static inline int fscrypt_encrypt_symlink(struct inode *inode,
1134	const char *target,
1135	unsigned int len,
1136	struct fscrypt_str *disk_link)
1137	{
1138	if (IS_ENCRYPTED(inode))
1139	return __fscrypt_encrypt_symlink(inode, target, len, disk_link);
1140	return `0`;
1141	}
1142
1143	/ If pagep is a bounce page, free it and set pagep to the pagecache page /
1144	static inline void fscrypt_finalize_bounce_page(struct page **pagep)
1145	{
1146	struct page page = pagep;
1147
1148	if (fscrypt_is_bounce_page(page)) {
1149	*pagep = fscrypt_pagecache_page(bounce_page: page);
1150	fscrypt_free_bounce_page(bounce_page: page);
1151	}
1152	}
1153
1154	#endif /* _LINUX_FSCRYPT_H */
1155

source code of linux/include/linux/fscrypt.h