Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a3ccc667 authored by Jaegeuk Kim's avatar Jaegeuk Kim
Browse files

fscrypt,f2fs: catch up fscrypt and f2fs-stable/v3.18 having v4.12-rc1 

This patch adds fs/crypto and updates fs/f2fs towards v4.12-rc1, cherry-picked
from f2fs-stable/linux-3.18.y.

Changes include:
	Merge branch 'linux-3.18.y' of git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable

 into linux-3.18.y
	f2fs: switch to using fscrypt_match_name()
	fscrypt: introduce helper function for filename matching
	fscrypt: fix context consistency check when key(s) unavailable
	fscrypt: Move key structure and constants to uapi
	fscrypt: remove unnecessary checks for NULL operations
	fscrypt: eliminate ->prepare_context() operation
	fscrypt: remove broken support for detecting keyring key revocation
	fscrypt: avoid collisions when presenting long encrypted filenames
	f2fs: check entire encrypted bigname when finding a dentry
	f2fs: sync f2fs_lookup() with ext4_lookup()
	f2fs: fix a mount fail for wrong next_scan_nid
	f2fs: relocate inode_{,un}lock in F2FS_IOC_SETFLAGS
	f2fs: show available_nids in f2fs/status
	f2fs: flush dirty nats periodically
	f2fs: introduce CP_TRIMMED_FLAG to avoid unneeded discard
	f2fs: allow cpc->reason to indicate more than one reason
	...

Change-Id: Iae7ac8d2aa890f6b15a4d20e625af1ccc5480848
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@google.com>
parent de048bba

fs/Kconfig

+2 −0
Original line number Diff line number Diff line
@@ -61,6 +61,8 @@ config FILE_LOCKING 
          for filesystems like NFS and for the flock() system

          call. Disabling this option saves about 11k.



source "fs/crypto/Kconfig"



source "fs/notify/Kconfig"



source "fs/quota/Kconfig"

fs/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -28,6 +28,7 @@ obj-$(CONFIG_SIGNALFD) += signalfd.o 
obj-$(CONFIG_TIMERFD)		+= timerfd.o

obj-$(CONFIG_EVENTFD)		+= eventfd.o

obj-$(CONFIG_AIO)               += aio.o

obj-$(CONFIG_FS_ENCRYPTION)	+= crypto/

obj-$(CONFIG_FILE_LOCKING)      += locks.o

obj-$(CONFIG_COMPAT)		+= compat.o compat_ioctl.o

obj-$(CONFIG_BINFMT_AOUT)	+= binfmt_aout.o

fs/crypto/Kconfig

0 → 100644
+18 −0
Original line number Diff line number Diff line 
config FS_ENCRYPTION

	tristate "FS Encryption (Per-file encryption)"

	depends on BLOCK

	select CRYPTO

	select CRYPTO_AES

	select CRYPTO_CBC

	select CRYPTO_ECB

	select CRYPTO_XTS

	select CRYPTO_CTS

	select CRYPTO_CTR

	select CRYPTO_SHA256

	select KEYS

	select ENCRYPTED_KEYS

	help

	  Enable encryption of files and directories.  This

	  feature is similar to ecryptfs, but it is more memory

	  efficient since it avoids caching the encrypted and

	  decrypted pages in the page cache.

fs/crypto/Makefile

0 → 100644
+4 −0
Original line number Diff line number Diff line 
obj-$(CONFIG_FS_ENCRYPTION)	+= fscrypto.o



fscrypto-y := crypto.o fname.o policy.o keyinfo.o

fscrypto-$(CONFIG_BLOCK) += bio.o

fs/crypto/bio.c

0 → 100644
+143 −0
Original line number Diff line number Diff line 
/*

 * This contains encryption functions for per-file encryption.

 *

 * Copyright (C) 2015, Google, Inc.

 * Copyright (C) 2015, Motorola Mobility

 *

 * Written by Michael Halcrow, 2014.

 *

 * Filename encryption additions

 *	Uday Savagaonkar, 2014

 * Encryption policy handling additions

 *	Ildar Muslukhov, 2014

 * Add fscrypt_pullback_bio_page()

 *	Jaegeuk Kim, 2015.

 *

 * This has not yet undergone a rigorous security audit.

 *

 * The usage of AES-XTS should conform to recommendations in NIST

 * Special Publication 800-38E and IEEE P1619/D16.

 */



#include <linux/pagemap.h>

#include <linux/module.h>

#include <linux/bio.h>

#include <linux/namei.h>

#include "fscrypt_private.h"



/*

 * Call fscrypt_decrypt_page on every single page, reusing the encryption

 * context.

 */

static void completion_pages(struct work_struct *work)

{

	struct fscrypt_ctx *ctx =

		container_of(work, struct fscrypt_ctx, r.work);

	struct bio *bio = ctx->r.bio;

	struct bio_vec *bv;

	int i;



	bio_for_each_segment_all(bv, bio, i) {

		struct page *page = bv->bv_page;

		int ret = fscrypt_decrypt_page(page->mapping->host, page,

				PAGE_SIZE, 0, page->index);



		if (ret) {

			WARN_ON_ONCE(1);

			SetPageError(page);

		} else {

			SetPageUptodate(page);

		}

		unlock_page(page);

	}

	fscrypt_release_ctx(ctx);

	bio_put(bio);

}



void fscrypt_decrypt_bio_pages(struct fscrypt_ctx *ctx, struct bio *bio)

{

	INIT_WORK(&ctx->r.work, completion_pages);

	ctx->r.bio = bio;

	queue_work(fscrypt_read_workqueue, &ctx->r.work);

}

EXPORT_SYMBOL(fscrypt_decrypt_bio_pages);



void fscrypt_pullback_bio_page(struct page **page, bool restore)

{

	struct fscrypt_ctx *ctx;

	struct page *bounce_page;



	/* The bounce data pages are unmapped. */

	if ((*page)->mapping)

		return;



	/* The bounce data page is unmapped. */

	bounce_page = *page;

	ctx = (struct fscrypt_ctx *)page_private(bounce_page);



	/* restore control page */

	*page = ctx->w.control_page;



	if (restore)

		fscrypt_restore_control_page(bounce_page);

}

EXPORT_SYMBOL(fscrypt_pullback_bio_page);



int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,

				sector_t pblk, unsigned int len)

{

	struct fscrypt_ctx *ctx;

	struct page *ciphertext_page = NULL;

	struct bio *bio;

	int ret, err = 0;



	BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE);



	ctx = fscrypt_get_ctx(inode, GFP_NOFS);

	if (IS_ERR(ctx))

		return PTR_ERR(ctx);



	ciphertext_page = fscrypt_alloc_bounce_page(ctx, GFP_NOWAIT);

	if (IS_ERR(ciphertext_page)) {

		err = PTR_ERR(ciphertext_page);

		goto errout;

	}



	while (len--) {

		err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk,

					     ZERO_PAGE(0), ciphertext_page,

					     PAGE_SIZE, 0, GFP_NOFS);

		if (err)

			goto errout;



		bio = bio_alloc(GFP_NOWAIT, 1);

		if (!bio) {

			err = -ENOMEM;

			goto errout;

		}

		bio->bi_bdev = inode->i_sb->s_bdev;

		bio->bi_iter.bi_sector =

			pblk << (inode->i_sb->s_blocksize_bits - 9);

		bio_set_op_attrs(bio, REQ_OP_WRITE, 0);

		ret = bio_add_page(bio, ciphertext_page,

					inode->i_sb->s_blocksize, 0);

		if (ret != inode->i_sb->s_blocksize) {

			/* should never happen! */

			WARN_ON(1);

			bio_put(bio);

			err = -EIO;

			goto errout;

		}

		err = submit_bio_wait(0, bio);

		bio_put(bio);

		if (err)

			goto errout;

		lblk++;

		pblk++;

	}

	err = 0;

errout:

	fscrypt_release_ctx(ctx);

	return err;

}

EXPORT_SYMBOL(fscrypt_zeroout_range);