Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 734d1ed8 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt 

Pull fscrypt updates from Eric Biggers:
 "This is a large update to fs/crypto/ which includes:

   - Add ioctls that add/remove encryption keys to/from a
     filesystem-level keyring.

     These fix user-reported issues where e.g. an encrypted home
     directory can break NetworkManager, sshd, Docker, etc. because they
     don't get access to the needed keyring. These ioctls also provide a
     way to lock encrypted directories that doesn't use the
     vm.drop_caches sysctl, so is faster, more reliable, and doesn't
     always need root.

   - Add a new encryption policy version ("v2") which switches to a more
     standard, secure, and flexible key derivation function, and starts
     verifying that the correct key was supplied before using it.

     The key derivation improvement is needed for its own sake as well
     as for ongoing feature work for which the current way is too
     inflexible.

  Work is in progress to update both Android and the 'fscrypt' userspace
  tool to use both these features. (Working patches are available and
  just need to be reviewed+merged.) Chrome OS will likely use them too.

  This has also been tested on ext4, f2fs, and ubifs with xfstests --
  both the existing encryption tests, and the new tests for this. This
  has also been in linux-next since Aug 16 with no reported issues. I'm
  also using an fscrypt v2-encrypted home directory on my personal
  desktop"

* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt: (27 commits)
  ext4 crypto: fix to check feature status before get policy
  fscrypt: document the new ioctls and policy version
  ubifs: wire up new fscrypt ioctls
  f2fs: wire up new fscrypt ioctls
  ext4: wire up new fscrypt ioctls
  fscrypt: require that key be added when setting a v2 encryption policy
  fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
  fscrypt: allow unprivileged users to add/remove keys for v2 policies
  fscrypt: v2 encryption policy support
  fscrypt: add an HKDF-SHA512 implementation
  fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
  fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
  fscrypt: rename keyinfo.c to keysetup.c
  fscrypt: move v1 policy key setup to keysetup_v1.c
  fscrypt: refactor key setup code in preparation for v2 policies
  fscrypt: rename fscrypt_master_key to fscrypt_direct_key
  fscrypt: add ->ci_inode to fscrypt_info
  fscrypt: use FSCRYPT_* definitions, not FS_*
  fscrypt: use FSCRYPT_ prefix for uapi constants
  ...
parents d013cc80 0642ea24

Documentation/filesystems/fscrypt.rst

+628 −130

File changed.

Preview size limit exceeded, changes collapsed.

MAINTAINERS

+1 −0
Original line number Diff line number Diff line
@@ -6662,6 +6662,7 @@ T: git git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git 
S:	Supported

F:	fs/crypto/

F:	include/linux/fscrypt*.h

F:	include/uapi/linux/fscrypt.h

F:	Documentation/filesystems/fscrypt.rst















FSI SUBSYSTEM

































fs/crypto/Kconfig



+2
−0




























Original line number
Diff line number
Diff line








@@ -7,6 +7,8 @@ config FS_ENCRYPTION













	select CRYPTO_ECB















	select CRYPTO_XTS















	select CRYPTO_CTS













	select CRYPTO_SHA512













	select CRYPTO_HMAC















	select KEYS















	help















	  Enable encryption of files and directories.  This

































fs/crypto/Makefile



+9
−1




























Original line number
Diff line number
Diff line















# SPDX-License-Identifier: GPL-2.0-only















obj-$(CONFIG_FS_ENCRYPTION)	+= fscrypto.o





























fscrypto-y := crypto.o fname.o hooks.o keyinfo.o policy.o













fscrypto-y := crypto.o \













	      fname.o \













	      hkdf.o \













	      hooks.o \













	      keyring.o \













	      keysetup.o \













	      keysetup_v1.o \













	      policy.o





























fscrypto-$(CONFIG_BLOCK) += bio.o
























fs/crypto/crypto.c



+17
−28




























Original line number
Diff line number
Diff line








@@ -141,7 +141,7 @@ void fscrypt_generate_iv(union fscrypt_iv *iv, u64 lblk_num,













	memset(iv, 0, ci->ci_mode->ivsize);















	iv->lblk_num = cpu_to_le64(lblk_num);





























	if (ci->ci_flags & FS_POLICY_FLAG_DIRECT_KEY)













	if (fscrypt_is_direct_key_policy(&ci->ci_policy))















		memcpy(iv->nonce, ci->ci_nonce, FS_KEY_DERIVATION_NONCE_SIZE);































	if (ci->ci_essiv_tfm != NULL)










@@ -188,10 +188,8 @@ int fscrypt_crypt_block(const struct inode *inode, fscrypt_direction_t rw,













		res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait);















	skcipher_request_free(req);















	if (res) {













		fscrypt_err(inode->i_sb,













			    "%scryption failed for inode %lu, block %llu: %d",













			    (rw == FS_DECRYPT ? "de" : "en"),













			    inode->i_ino, lblk_num, res);













		fscrypt_err(inode, "%scryption failed for block %llu: %d",













			    (rw == FS_DECRYPT ? "De" : "En"), lblk_num, res);















		return res;















	}















	return 0;










@@ -453,7 +451,7 @@ int fscrypt_initialize(unsigned int cop_flags)













	return res;















}





























void fscrypt_msg(struct super_block *sb, const char *level,













void fscrypt_msg(const struct inode *inode, const char *level,















		 const char *fmt, ...)















{















	static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,









@@ -467,8 +465,9 @@ void fscrypt_msg(struct super_block *sb, const char *level,













	va_start(args, fmt);















	vaf.fmt = fmt;















	vaf.va = &args;













	if (sb)













		printk("%sfscrypt (%s): %pV\n", level, sb->s_id, &vaf);













	if (inode)













		printk("%sfscrypt (%s, inode %lu): %pV\n",













		       level, inode->i_sb->s_id, inode->i_ino, &vaf);















	else















		printk("%sfscrypt: %pV\n", level, &vaf);















	va_end(args);









@@ -479,6 +478,8 @@ void fscrypt_msg(struct super_block *sb, const char *level,













 */















static int __init fscrypt_init(void)















{













	int err = -ENOMEM;





























	/*















	 * Use an unbound workqueue to allow bios to be decrypted in parallel















	 * even when they happen to complete on the same CPU.  This sacrifices









@@ -501,31 +502,19 @@ static int __init fscrypt_init(void)













	if (!fscrypt_info_cachep)















		goto fail_free_ctx;





























	err = fscrypt_init_keyring();













	if (err)













		goto fail_free_info;





























	return 0;





























fail_free_info:













	kmem_cache_destroy(fscrypt_info_cachep);















fail_free_ctx:















	kmem_cache_destroy(fscrypt_ctx_cachep);















fail_free_queue:















	destroy_workqueue(fscrypt_read_workqueue);















fail:













	return -ENOMEM;













}













module_init(fscrypt_init)



























/**













 * fscrypt_exit() - Shutdown the fs encryption system













 */













static void __exit fscrypt_exit(void)













{













	fscrypt_destroy();



























	if (fscrypt_read_workqueue)













		destroy_workqueue(fscrypt_read_workqueue);













	kmem_cache_destroy(fscrypt_ctx_cachep);













	kmem_cache_destroy(fscrypt_info_cachep);



























	fscrypt_essiv_cleanup();













	return err;















}













module_exit(fscrypt_exit);



























MODULE_LICENSE("GPL");












late_initcall(fscrypt_init)