Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9079675e authored by Neeraj Soni's avatar Neeraj Soni Committed by Blagovest Kolenichev
Browse files

fscrypt: support legacy inline crypto mode



Add support for legacy inline crypto mode in new v2 FBE
framework to make on disk data format compatible
to new v2 framework.

Change-Id: I3c1384604ee8e022db151299850b0dc330b6a17d
Signed-off-by: default avatarNeeraj Soni <neersoni@codeaurora.org>
parent d798a470
Loading
Loading
Loading
Loading
+8 −1
Original line number Diff line number Diff line
@@ -74,9 +74,16 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num,
{
	u8 flags = fscrypt_policy_flags(&ci->ci_policy);

	bool inlinecrypt = false;

#ifdef CONFIG_FS_ENCRYPTION_INLINE_CRYPT
	inlinecrypt = ci->ci_inlinecrypt;
#endif
	memset(iv, 0, ci->ci_mode->ivsize);

	if (flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) {
	if (flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 ||
		((fscrypt_policy_contents_mode(&ci->ci_policy) ==
		  FSCRYPT_MODE_PRIVATE) && inlinecrypt)) {
		WARN_ON_ONCE((u32)lblk_num != lblk_num);
		lblk_num |= (u64)ci->ci_inode->i_ino << 32;
	} else if (flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) {
+4 −0
Original line number Diff line number Diff line
@@ -245,6 +245,10 @@ static inline bool fscrypt_valid_enc_modes(u32 contents_mode,
	    filenames_mode == FSCRYPT_MODE_ADIANTUM)
		return true;

	if (contents_mode == FSCRYPT_MODE_PRIVATE &&
		filenames_mode == FSCRYPT_MODE_AES_256_CTS)
		return true;

	return false;
}

+1 −1
Original line number Diff line number Diff line
@@ -652,7 +652,7 @@ int fscrypt_ioctl_add_key(struct file *filp, void __user *_uarg)
			goto out_wipe_secret;

		err = -EINVAL;
		if (arg.__flags)
		if (arg.__flags & ~__FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED)
			goto out_wipe_secret;
		break;
	case FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER:
+7 −0
Original line number Diff line number Diff line
@@ -47,6 +47,13 @@ struct fscrypt_mode fscrypt_modes[] = {
		.ivsize = 32,
		.blk_crypto_mode = BLK_ENCRYPTION_MODE_ADIANTUM,
	},
	[FSCRYPT_MODE_PRIVATE] = {
		.friendly_name = "ice",
		.cipher_str = "xts(aes)",
		.keysize = 64,
		.ivsize = 16,
		.blk_crypto_mode = BLK_ENCRYPTION_MODE_AES_256_XTS,
	},
};

static struct fscrypt_mode *
+12 −0
Original line number Diff line number Diff line
@@ -284,6 +284,18 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
	u8 *derived_key;
	int err;

	/*Support legacy ice based content encryption mode*/
	if ((fscrypt_policy_contents_mode(&ci->ci_policy) ==
					  FSCRYPT_MODE_PRIVATE) &&
					  fscrypt_using_inline_encryption(ci)) {

		err = fscrypt_prepare_inline_crypt_key(&ci->ci_key,
						       raw_master_key,
						       ci->ci_mode->keysize,
						       false,
						       ci);
		return err;
	}
	/*
	 * This cannot be a stack buffer because it will be passed to the
	 * scatterlist crypto API during derive_key_aes().
Loading