Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 07c3e612 authored by Neeraj Soni's avatar Neeraj Soni
Browse files

Update Inline Crypto Engine support for File based Encryption 



Few changes done to better support ICE+FBE:
1. Check for ICE device support instead of mode while
   creating dummy context.
2. Support only AES-256 mode for file name encryption
   as of now for ICE based FBE.
3. Revert changes made on top of F2FS+FBE patch
   0017-fscrypt-updates-on-4.15-rc4.patch
   The change was done to fix boot up issue with this
   patch but now this can be reverted since fix is made
   to support bootup with this patch.

Change-Id: I839e2215db62ae9bebf1ba3b932395fb2555d315
Signed-off-by: default avatarNeeraj Soni <neersoni@codeaurora.org>
parent fed0967f

fs/crypto/fscrypt_ice.h

+1 −1
Original line number Diff line number Diff line
@@ -21,7 +21,7 @@ static inline bool fscrypt_should_be_processed_by_ice(const struct inode *inode) 
{

	if (!inode->i_sb->s_cop)

		return 0;

	if (!inode->i_sb->s_cop->is_encrypted((struct inode *)inode))

	if (!IS_ENCRYPTED((struct inode *)inode))

	return 0;



	return fscrypt_using_hardware_encryption(inode);

fs/crypto/fscrypt_private.h

+2 −1
Original line number Diff line number Diff line
@@ -105,7 +105,8 @@ static inline bool fscrypt_valid_enc_modes(u32 contents_mode, 
	    filenames_mode == FS_ENCRYPTION_MODE_SPECK128_256_CTS)

		return true;



	if (contents_mode == FS_ENCRYPTION_MODE_PRIVATE)

	if (contents_mode == FS_ENCRYPTION_MODE_PRIVATE &&

	    filenames_mode == FS_ENCRYPTION_MODE_AES_256_CTS)

		return true;



	return false;

fs/crypto/keyinfo.c

+1 −1
Original line number Diff line number Diff line
@@ -267,7 +267,7 @@ void __exit fscrypt_essiv_cleanup(void) 


static int fscrypt_data_encryption_mode(struct inode *inode)

{

	return fscrypt_should_be_processed_by_ice(inode) ?

	return fscrypt_is_ice_capable(inode->i_sb) ?

	FS_ENCRYPTION_MODE_PRIVATE : FS_ENCRYPTION_MODE_AES_256_XTS;

}

fs/ext4/super.c

+0 −6
Original line number Diff line number Diff line
@@ -1180,11 +1180,6 @@ static unsigned ext4_max_namelen(struct inode *inode) 
		EXT4_NAME_LEN;

}



static inline bool ext4_is_encrypted(struct inode *inode)

{

	return ext4_encrypted_inode(inode);

}



static const struct fscrypt_operations ext4_cryptops = {

	.key_prefix		= "ext4:",

	.get_context		= ext4_get_context,
@@ -1192,7 +1187,6 @@ static const struct fscrypt_operations ext4_cryptops = { 
	.dummy_context		= ext4_dummy_context,

	.empty_dir		= ext4_empty_dir,

	.max_namelen		= ext4_max_namelen,

	.is_encrypted       = ext4_is_encrypted,

};

#endif

fs/f2fs/super.c

+0 −6
Original line number Diff line number Diff line
@@ -1940,11 +1940,6 @@ static unsigned f2fs_max_namelen(struct inode *inode) 
			inode->i_sb->s_blocksize : F2FS_NAME_LEN;

}



static inline bool f2fs_is_encrypted(struct inode *inode)

{

	return f2fs_encrypted_file(inode);

}



static const struct fscrypt_operations f2fs_cryptops = {

	.key_prefix	= "f2fs:",

	.get_context	= f2fs_get_context,
@@ -1952,7 +1947,6 @@ static const struct fscrypt_operations f2fs_cryptops = { 
	.dummy_context	= f2fs_dummy_context,

	.empty_dir	= f2fs_empty_dir,

	.max_namelen	= f2fs_max_namelen,

	.is_encrypted = f2fs_is_encrypted,

};

#endif