[RAMEN9610-14970] fs: support FS_ENCRYPTION_MODE_PRIVATE for fmp

author Boojin Kim <boojin.kim@samsung.com>

Wed, 8 May 2019 01:15:28 +0000 (10:15 +0900)

committer Kim Gunho <gunho.kim@samsung.com>

Fri, 28 Jun 2019 14:44:58 +0000 (23:44 +0900)
author Boojin Kim <boojin.kim@samsung.com>
Wed, 8 May 2019 01:15:28 +0000 (10:15 +0900)
committer Kim Gunho <gunho.kim@samsung.com>
Fri, 28 Jun 2019 14:44:58 +0000 (23:44 +0900)
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h

index 84b2e14243cc6c759711a3888e251610b5bb9119..103427bc9cf0d153345b19b6314f1f76863b3687 100644 (file)
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -98,6 +98,9 @@ static inline bool fscrypt_valid_enc_modes(u32 contents_mode,
             filenames_mode == FS_ENCRYPTION_MODE_SPECK128_256_CTS)
                 return true;
  
+       if (contents_mode == FS_ENCRYPTION_MODE_PRIVATE &&
+               filenames_mode == FS_ENCRYPTION_MODE_AES_256_CTS)
+               return true;
         return false;
  }
  
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c

index 0076c43a019aa59a26dd5cc9d447562f72ef2d2c..5ba631157b9653223044e84c4e58c3d914ce993a 100644 (file)
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -137,6 +137,7 @@ static const struct {
                                              FS_AES_128_CTS_KEY_SIZE },
         [FS_ENCRYPTION_MODE_SPECK128_256_XTS] = { "xts(speck128)",      64 },
         [FS_ENCRYPTION_MODE_SPECK128_256_CTS] = { "cts(cbc(speck128))", 32 },
+       [FS_ENCRYPTION_MODE_PRIVATE] = {"xts(aes)-disk", 64},
  };
  
  static int determine_cipher_type(struct fscrypt_info *ci, struct inode *inode,
@@ -340,6 +341,9 @@ int fscrypt_get_encryption_info(struct inode *inode)
  #if defined(CONFIG_CRYPTO_DISKCIPHER)
         if (S_ISREG(inode->i_mode)) {
                 /* try discipher first */
+               bool force = /* force can use skcipher */
+                   (crypt_info->ci_data_mode == FS_ENCRYPTION_MODE_PRIVATE) ? 0 : 1;
+
                 crypt_info->ci_dtfm = crypto_alloc_diskcipher(cipher_str, 0, 0, 1);
                 if (crypt_info->ci_dtfm && !IS_ERR(crypt_info->ci_dtfm)) {
                         res = crypto_diskcipher_setkey(crypt_info->ci_dtfm,
@@ -360,6 +364,12 @@ int fscrypt_get_encryption_info(struct inode *inode)
                 pr_debug("%s: (inode %lu) fails to get diskcipher (%s, %d)\n",
                          __func__, inode->i_ino, cipher_str, res);
                 crypt_info->ci_dtfm = NULL;
+               if (!force) {
+                       pr_debug("error to use diskciher '%s' transform for inode %lu: %d, force:%d",
+                           cipher_str, inode->i_ino, res, force);
+                       res = -EINVAL;
+                       goto out;
+               }
         }
  #endif
         ctfm = crypto_alloc_skcipher(cipher_str, 0, 0);
diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h

index 971e82aec6d0af27ad9ae54a9a099b566730a9d6..78a80dc7608e7d25ddfb36cafeb9cfab659e6781 100644 (file)
--- a/include/uapi/linux/fs.h
+++ b/include/uapi/linux/fs.h
@@ -277,6 +277,7 @@ struct fsxattr {
  #define FS_ENCRYPTION_MODE_AES_128_CTS         6
  #define FS_ENCRYPTION_MODE_SPECK128_256_XTS    7
  #define FS_ENCRYPTION_MODE_SPECK128_256_CTS    8
+#define FS_ENCRYPTION_MODE_PRIVATE              127
  
  struct fscrypt_policy {
         __u8 version;
author	Boojin Kim <boojin.kim@samsung.com>
	Wed, 8 May 2019 01:15:28 +0000 (10:15 +0900)
committer	Kim Gunho <gunho.kim@samsung.com>
	Fri, 28 Jun 2019 14:44:58 +0000 (23:44 +0900)
fs/crypto/fscrypt_private.h		patch \| blob \| blame \| history
fs/crypto/keyinfo.c		patch \| blob \| blame \| history
include/uapi/linux/fs.h		patch \| blob \| blame \| history