Commit | Line | Data |
---|---|---|
cde4de12 JK |
1 | /* |
2 | * linux/fs/f2fs/f2fs_crypto.h | |
3 | * | |
4 | * Copied from linux/fs/ext4/ext4_crypto.h | |
5 | * | |
6 | * Copyright (C) 2015, Google, Inc. | |
7 | * | |
8 | * This contains encryption header content for f2fs | |
9 | * | |
10 | * Written by Michael Halcrow, 2015. | |
11 | * Modified by Jaegeuk Kim, 2015. | |
12 | */ | |
13 | #ifndef _F2FS_CRYPTO_H | |
14 | #define _F2FS_CRYPTO_H | |
15 | ||
16 | #include <linux/fs.h> | |
17 | ||
18 | #define F2FS_KEY_DESCRIPTOR_SIZE 8 | |
19 | ||
20 | /* Policy provided via an ioctl on the topmost directory */ | |
21 | struct f2fs_encryption_policy { | |
22 | char version; | |
23 | char contents_encryption_mode; | |
24 | char filenames_encryption_mode; | |
25 | char flags; | |
26 | char master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE]; | |
27 | } __attribute__((__packed__)); | |
28 | ||
29 | #define F2FS_ENCRYPTION_CONTEXT_FORMAT_V1 1 | |
30 | #define F2FS_KEY_DERIVATION_NONCE_SIZE 16 | |
31 | ||
32 | #define F2FS_POLICY_FLAGS_PAD_4 0x00 | |
33 | #define F2FS_POLICY_FLAGS_PAD_8 0x01 | |
34 | #define F2FS_POLICY_FLAGS_PAD_16 0x02 | |
35 | #define F2FS_POLICY_FLAGS_PAD_32 0x03 | |
36 | #define F2FS_POLICY_FLAGS_PAD_MASK 0x03 | |
37 | #define F2FS_POLICY_FLAGS_VALID 0x03 | |
38 | ||
39 | /** | |
40 | * Encryption context for inode | |
41 | * | |
42 | * Protector format: | |
43 | * 1 byte: Protector format (1 = this version) | |
44 | * 1 byte: File contents encryption mode | |
45 | * 1 byte: File names encryption mode | |
46 | * 1 byte: Flags | |
47 | * 8 bytes: Master Key descriptor | |
48 | * 16 bytes: Encryption Key derivation nonce | |
49 | */ | |
50 | struct f2fs_encryption_context { | |
51 | char format; | |
52 | char contents_encryption_mode; | |
53 | char filenames_encryption_mode; | |
54 | char flags; | |
55 | char master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE]; | |
56 | char nonce[F2FS_KEY_DERIVATION_NONCE_SIZE]; | |
57 | } __attribute__((__packed__)); | |
58 | ||
59 | /* Encryption parameters */ | |
60 | #define F2FS_XTS_TWEAK_SIZE 16 | |
61 | #define F2FS_AES_128_ECB_KEY_SIZE 16 | |
62 | #define F2FS_AES_256_GCM_KEY_SIZE 32 | |
63 | #define F2FS_AES_256_CBC_KEY_SIZE 32 | |
64 | #define F2FS_AES_256_CTS_KEY_SIZE 32 | |
65 | #define F2FS_AES_256_XTS_KEY_SIZE 64 | |
66 | #define F2FS_MAX_KEY_SIZE 64 | |
67 | ||
0adda907 JK |
68 | #define F2FS_KEY_DESC_PREFIX "f2fs:" |
69 | #define F2FS_KEY_DESC_PREFIX_SIZE 5 | |
70 | ||
cde4de12 JK |
71 | struct f2fs_encryption_key { |
72 | __u32 mode; | |
73 | char raw[F2FS_MAX_KEY_SIZE]; | |
74 | __u32 size; | |
75 | } __attribute__((__packed__)); | |
76 | ||
77 | struct f2fs_crypt_info { | |
cde4de12 JK |
78 | char ci_data_mode; |
79 | char ci_filename_mode; | |
80 | char ci_flags; | |
81 | struct crypto_ablkcipher *ci_ctfm; | |
82 | struct key *ci_keyring_key; | |
cde4de12 JK |
83 | char ci_master_key[F2FS_KEY_DESCRIPTOR_SIZE]; |
84 | }; | |
85 | ||
86 | #define F2FS_CTX_REQUIRES_FREE_ENCRYPT_FL 0x00000001 | |
4683ff83 | 87 | #define F2FS_WRITE_PATH_FL 0x00000002 |
cde4de12 JK |
88 | |
89 | struct f2fs_crypto_ctx { | |
ca40b030 JK |
90 | union { |
91 | struct { | |
92 | struct page *bounce_page; /* Ciphertext page */ | |
93 | struct page *control_page; /* Original page */ | |
94 | } w; | |
95 | struct { | |
96 | struct bio *bio; | |
97 | struct work_struct work; | |
98 | } r; | |
99 | struct list_head free_list; /* Free list */ | |
100 | }; | |
101 | char flags; /* Flags */ | |
cde4de12 JK |
102 | }; |
103 | ||
104 | struct f2fs_completion_result { | |
105 | struct completion completion; | |
106 | int res; | |
107 | }; | |
108 | ||
109 | #define DECLARE_F2FS_COMPLETION_RESULT(ecr) \ | |
110 | struct f2fs_completion_result ecr = { \ | |
111 | COMPLETION_INITIALIZER((ecr).completion), 0 } | |
112 | ||
113 | static inline int f2fs_encryption_key_size(int mode) | |
114 | { | |
115 | switch (mode) { | |
116 | case F2FS_ENCRYPTION_MODE_AES_256_XTS: | |
117 | return F2FS_AES_256_XTS_KEY_SIZE; | |
118 | case F2FS_ENCRYPTION_MODE_AES_256_GCM: | |
119 | return F2FS_AES_256_GCM_KEY_SIZE; | |
120 | case F2FS_ENCRYPTION_MODE_AES_256_CBC: | |
121 | return F2FS_AES_256_CBC_KEY_SIZE; | |
122 | case F2FS_ENCRYPTION_MODE_AES_256_CTS: | |
123 | return F2FS_AES_256_CTS_KEY_SIZE; | |
124 | default: | |
125 | BUG(); | |
126 | } | |
127 | return 0; | |
128 | } | |
129 | ||
130 | #define F2FS_FNAME_NUM_SCATTER_ENTRIES 4 | |
131 | #define F2FS_CRYPTO_BLOCK_SIZE 16 | |
132 | #define F2FS_FNAME_CRYPTO_DIGEST_SIZE 32 | |
133 | ||
134 | /** | |
135 | * For encrypted symlinks, the ciphertext length is stored at the beginning | |
136 | * of the string in little-endian format. | |
137 | */ | |
138 | struct f2fs_encrypted_symlink_data { | |
139 | __le16 len; | |
140 | char encrypted_path[1]; | |
141 | } __attribute__((__packed__)); | |
142 | ||
143 | /** | |
144 | * This function is used to calculate the disk space required to | |
145 | * store a filename of length l in encrypted symlink format. | |
146 | */ | |
147 | static inline u32 encrypted_symlink_data_len(u32 l) | |
148 | { | |
149 | return (l + sizeof(struct f2fs_encrypted_symlink_data) - 1); | |
150 | } | |
151 | #endif /* _F2FS_CRYPTO_H */ |