4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.gnu.org/licenses/gpl-2.0.html
23 * Copyright (c) 2019, 2020, Whamcloud.
26 * This file is part of Lustre, http://www.lustre.org/
29 #include "llite_internal.h"
31 #ifdef HAVE_LUSTRE_CRYPTO
32 #include <libcfs/libcfs_crypto.h>
34 static int ll_get_context(struct inode *inode, void *ctx, size_t len)
36 struct dentry *dentry = d_find_any_alias(inode);
41 env = cl_env_get(&refcheck);
45 /* Set lcc_getencctx=1 to allow this thread to read
46 * LL_XATTR_NAME_ENCRYPTION_CONTEXT xattr, as requested by llcrypt.
48 ll_cl_add(inode, env, NULL, LCC_RW);
49 ll_env_info(env)->lti_io_ctx.lcc_getencctx = 1;
51 rc = ll_vfs_getxattr(dentry, inode, LL_XATTR_NAME_ENCRYPTION_CONTEXT,
54 ll_cl_remove(inode, env);
55 cl_env_put(env, &refcheck);
60 /* used as encryption unit size */
61 if (S_ISREG(inode->i_mode))
62 inode->i_blkbits = LUSTRE_ENCRYPTION_BLOCKBITS;
66 int ll_set_encflags(struct inode *inode, void *encctx, __u32 encctxlen,
69 unsigned int ext_flags;
72 /* used as encryption unit size */
73 if (S_ISREG(inode->i_mode))
74 inode->i_blkbits = LUSTRE_ENCRYPTION_BLOCKBITS;
75 ext_flags = ll_inode_to_ext_flags(inode->i_flags) | LUSTRE_ENCRYPT_FL;
76 ll_update_inode_flags(inode, ext_flags);
78 if (encctx && encctxlen)
79 rc = ll_xattr_cache_insert(inode,
80 LL_XATTR_NAME_ENCRYPTION_CONTEXT,
85 return preload ? llcrypt_get_encryption_info(inode) : 0;
88 /* ll_set_context has 2 distinct behaviors, depending on the value of inode
91 * passed fs_data is a struct md_op_data *. We need to store enc ctx in
92 * op_data, so that it will be sent along to the server with the request that
93 * the caller is preparing, thus saving a setxattr request.
94 * - inode is not NULL:
95 * normal case in which passed fs_data is a struct dentry *, letting proceed
96 * with setxattr operation.
97 * This use case should only be used when explicitly setting a new encryption
98 * policy on an existing, empty directory.
100 static int ll_set_context(struct inode *inode, const void *ctx, size_t len,
103 struct dentry *dentry;
107 struct md_op_data *op_data = (struct md_op_data *)fs_data;
112 OBD_ALLOC(op_data->op_file_encctx, len);
113 if (op_data->op_file_encctx == NULL)
115 op_data->op_file_encctx_size = len;
116 memcpy(op_data->op_file_encctx, ctx, len);
120 /* Encrypting the root directory is not allowed */
121 if (is_root_inode(inode))
124 dentry = (struct dentry *)fs_data;
125 set_bit(LLIF_SET_ENC_CTX, &ll_i2info(inode)->lli_flags);
126 rc = ll_vfs_setxattr(dentry, inode, LL_XATTR_NAME_ENCRYPTION_CONTEXT,
127 ctx, len, XATTR_CREATE);
131 return ll_set_encflags(inode, (void *)ctx, len, false);
135 * ll_file_open_encrypt() - overlay to llcrypt_file_open
136 * @inode: the inode being opened
137 * @filp: the struct file being set up
139 * This overlay function is necessary to handle encrypted file open without
140 * the key. We allow this access pattern to applications that know what they
141 * are doing, by using the specific flag O_FILE_ENC.
142 * This flag is only compatible with O_DIRECT IOs, to make sure ciphertext
143 * data is wiped from page cache once IOs are finished.
145 int ll_file_open_encrypt(struct inode *inode, struct file *filp)
149 rc = llcrypt_file_open(inode, filp);
150 if (likely(rc != -ENOKEY))
154 (filp->f_flags & O_FILE_ENC) == O_FILE_ENC &&
155 filp->f_flags & O_DIRECT)
156 /* allow file open with O_FILE_ENC flag when we have O_DIRECT */
162 void llcrypt_free_ctx(void *encctx, __u32 size)
165 OBD_FREE(encctx, size);
168 bool ll_sbi_has_test_dummy_encryption(struct ll_sb_info *sbi)
170 return unlikely(test_bit(LL_SBI_TEST_DUMMY_ENCRYPTION, sbi->ll_flags));
173 static bool ll_dummy_context(struct inode *inode)
175 struct ll_sb_info *sbi = ll_i2sbi(inode);
177 return sbi ? ll_sbi_has_test_dummy_encryption(sbi) : false;
180 bool ll_sbi_has_encrypt(struct ll_sb_info *sbi)
182 return test_bit(LL_SBI_ENCRYPT, sbi->ll_flags);
185 void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set)
188 set_bit(LL_SBI_ENCRYPT, sbi->ll_flags);
190 clear_bit(LL_SBI_ENCRYPT, sbi->ll_flags);
191 clear_bit(LL_SBI_TEST_DUMMY_ENCRYPTION, sbi->ll_flags);
195 static bool ll_empty_dir(struct inode *inode)
197 /* used by llcrypt_ioctl_set_policy(), because a policy can only be set
200 /* Here we choose to return true, meaning we always call .set_context.
201 * Then we rely on server side, with mdd_fix_attr() that calls
202 * mdd_dir_is_empty() when setting encryption flag on directory.
208 * ll_setup_filename() - overlay to llcrypt_setup_filename
209 * @dir: the directory that will be searched
210 * @iname: the user-provided filename being searched for
211 * @lookup: 1 if we're allowed to proceed without the key because it's
212 * ->lookup() or we're finding the dir_entry for deletion; 0 if we cannot
213 * proceed without the key because we're going to create the dir_entry.
214 * @fname: the filename information to be filled in
215 * @fid: fid retrieved from user-provided filename
217 * This overlay function is necessary to properly encode @fname after
218 * encryption, as it will be sent over the wire.
219 * This overlay function is also necessary to handle the case of operations
220 * carried out without the key. Normally llcrypt makes use of digested names in
221 * that case. Having a digested name works for local file systems that can call
222 * llcrypt_match_name(), but Lustre server side is not aware of encryption.
223 * So for keyless @lookup operations on long names, for Lustre we choose to
224 * present to users the encoded struct ll_digest_filename, instead of a digested
225 * name. FID and name hash can then easily be extracted and put into the
226 * requests sent to servers.
228 int ll_setup_filename(struct inode *dir, const struct qstr *iname,
229 int lookup, struct llcrypt_name *fname,
236 if (fid && IS_ENCRYPTED(dir) && !llcrypt_has_encryption_key(dir) &&
237 iname->name[0] == '_')
240 dname.name = iname->name + digested;
241 dname.len = iname->len - digested;
248 rc = llcrypt_setup_filename(dir, &dname, lookup, fname);
249 if (rc == -ENOENT && lookup &&
250 !llcrypt_has_encryption_key(dir) &&
251 unlikely(filename_is_volatile(iname->name, iname->len, NULL))) {
252 /* For purpose of migration or mirroring without enc key, we
253 * allow lookup of volatile file without enc context.
255 memset(fname, 0, sizeof(struct llcrypt_name));
256 fname->disk_name.name = (unsigned char *)iname->name;
257 fname->disk_name.len = iname->len;
264 /* Without the key, for long names user should have struct
265 * ll_digest_filename representation of the dentry instead of
266 * the name. So make sure it is valid, return fid and put
267 * excerpt of cipher text name in disk_name.
269 struct ll_digest_filename *digest;
271 if (fname->crypto_buf.len < sizeof(struct ll_digest_filename)) {
275 digest = (struct ll_digest_filename *)fname->crypto_buf.name;
276 *fid = digest->ldf_fid;
277 if (!fid_is_sane(fid)) {
281 fname->disk_name.name = digest->ldf_excerpt;
282 fname->disk_name.len = LLCRYPT_FNAME_DIGEST_SIZE;
284 if (IS_ENCRYPTED(dir) &&
285 !name_is_dot_or_dotdot(fname->disk_name.name,
286 fname->disk_name.len)) {
287 int presented_len = critical_chars(fname->disk_name.name,
288 fname->disk_name.len);
291 buf = kmalloc(presented_len + 1, GFP_NOFS);
297 if (presented_len == fname->disk_name.len)
298 memcpy(buf, fname->disk_name.name, presented_len);
300 critical_encode(fname->disk_name.name,
301 fname->disk_name.len, buf);
302 buf[presented_len] = '\0';
303 kfree(fname->crypto_buf.name);
304 fname->crypto_buf.name = buf;
305 fname->crypto_buf.len = presented_len;
306 fname->disk_name.name = fname->crypto_buf.name;
307 fname->disk_name.len = fname->crypto_buf.len;
313 llcrypt_free_filename(fname);
318 * ll_fname_disk_to_usr() - overlay to llcrypt_fname_disk_to_usr
319 * @inode: the inode to convert name
320 * @hash: major hash for inode
321 * @minor_hash: minor hash for inode
322 * @iname: the user-provided filename needing conversion
323 * @oname: the filename information to be filled in
324 * @fid: the user-provided fid for filename
326 * The caller must have allocated sufficient memory for the @oname string.
328 * This overlay function is necessary to properly decode @iname before
329 * decryption, as it comes from the wire.
330 * This overlay function is also necessary to handle the case of operations
331 * carried out without the key. Normally llcrypt makes use of digested names in
332 * that case. Having a digested name works for local file systems that can call
333 * llcrypt_match_name(), but Lustre server side is not aware of encryption.
334 * So for keyless @lookup operations on long names, for Lustre we choose to
335 * present to users the encoded struct ll_digest_filename, instead of a digested
336 * name. FID and name hash can then easily be extracted and put into the
337 * requests sent to servers.
339 int ll_fname_disk_to_usr(struct inode *inode,
340 u32 hash, u32 minor_hash,
341 struct llcrypt_str *iname, struct llcrypt_str *oname,
344 struct llcrypt_str lltr = LLTR_INIT(iname->name, iname->len);
345 struct ll_digest_filename digest;
350 if (IS_ENCRYPTED(inode)) {
351 if (!name_is_dot_or_dotdot(lltr.name, lltr.len) &&
352 strnchr(lltr.name, lltr.len, '=')) {
353 /* Only proceed to critical decode if
354 * iname contains espace char '='.
358 buf = kmalloc(len, GFP_NOFS);
362 len = critical_decode(lltr.name, len, buf);
366 if (lltr.len > LLCRYPT_FNAME_MAX_UNDIGESTED_SIZE &&
367 !llcrypt_has_encryption_key(inode) &&
368 likely(llcrypt_policy_has_filename_enc(inode))) {
370 /* Without the key for long names, set the dentry name
371 * to the representing struct ll_digest_filename. It
372 * will be encoded by llcrypt for display, and will
373 * enable further lookup requests.
377 digest.ldf_fid = *fid;
378 memcpy(digest.ldf_excerpt,
379 LLCRYPT_FNAME_DIGEST(lltr.name, lltr.len),
380 LLCRYPT_FNAME_DIGEST_SIZE);
382 lltr.name = (char *)&digest;
383 lltr.len = sizeof(digest);
385 oname->name[0] = '_';
386 oname->name = oname->name + 1;
391 rc = llcrypt_fname_disk_to_usr(inode, hash, minor_hash, &lltr, oname);
394 oname->name = oname->name - digested;
395 oname->len = oname->len + digested;
400 /* Copied from llcrypt_d_revalidate, as it is not exported */
402 * Validate dentries in encrypted directories to make sure we aren't potentially
403 * caching stale dentries after a key has been added.
405 int ll_revalidate_d_crypto(struct dentry *dentry, unsigned int flags)
412 * Plaintext names are always valid, since llcrypt doesn't support
413 * reverting to ciphertext names without evicting the directory's inode
414 * -- which implies eviction of the dentries in the directory.
416 if (!(dentry->d_flags & DCACHE_ENCRYPTED_NAME))
420 * Ciphertext name; valid if the directory's key is still unavailable.
422 * Although llcrypt forbids rename() on ciphertext names, we still must
423 * use dget_parent() here rather than use ->d_parent directly. That's
424 * because a corrupted fs image may contain directory hard links, which
425 * the VFS handles by moving the directory's dentry tree in the dcache
426 * each time ->lookup() finds the directory and it already has a dentry
427 * elsewhere. Thus ->d_parent can be changing, and we must safely grab
428 * a reference to some ->d_parent to prevent it from being freed.
431 if (flags & LOOKUP_RCU)
434 dir = dget_parent(dentry);
435 err = llcrypt_get_encryption_info(d_inode(dir));
436 valid = !llcrypt_has_encryption_key(d_inode(dir));
445 const struct llcrypt_operations lustre_cryptops = {
446 .key_prefix = "lustre:",
447 .get_context = ll_get_context,
448 .set_context = ll_set_context,
449 .dummy_context = ll_dummy_context,
450 .empty_dir = ll_empty_dir,
451 .max_namelen = NAME_MAX,
453 #else /* !HAVE_LUSTRE_CRYPTO */
454 int ll_set_encflags(struct inode *inode, void *encctx, __u32 encctxlen,
460 int ll_file_open_encrypt(struct inode *inode, struct file *filp)
462 return llcrypt_file_open(inode, filp);
465 void llcrypt_free_ctx(void *encctx, __u32 size)
469 bool ll_sbi_has_test_dummy_encryption(struct ll_sb_info *sbi)
474 bool ll_sbi_has_encrypt(struct ll_sb_info *sbi)
479 void ll_sbi_set_encrypt(struct ll_sb_info *sbi, bool set)
483 int ll_setup_filename(struct inode *dir, const struct qstr *iname,
484 int lookup, struct llcrypt_name *fname,
493 return llcrypt_setup_filename(dir, iname, lookup, fname);
496 int ll_fname_disk_to_usr(struct inode *inode,
497 u32 hash, u32 minor_hash,
498 struct llcrypt_str *iname, struct llcrypt_str *oname,
501 return llcrypt_fname_disk_to_usr(inode, hash, minor_hash, iname, oname);
504 int ll_revalidate_d_crypto(struct dentry *dentry, unsigned int flags)