#include <linux/ceph/ceph_debug.h>
#include <linux/xattr.h>
#include <linux/fscrypt.h>
#include <linux/ceph/striper.h>
#include "super.h"
#include "mds_client.h"
#include "crypto.h"
static int ceph_crypt_get_context(struct inode *inode, void *ctx, size_t len)
{
struct ceph_inode_info *ci = ceph_inode(inode);
struct ceph_fscrypt_auth *cfa = (struct ceph_fscrypt_auth *)ci->fscrypt_auth;
u32 ctxlen;
if (!cfa || (ci->fscrypt_auth_len < (offsetof(struct ceph_fscrypt_auth, cfa_blob) + 1)))
return -ENOBUFS;
if (le32_to_cpu(cfa->cfa_version) != CEPH_FSCRYPT_AUTH_VERSION)
return -ENOBUFS;
ctxlen = le32_to_cpu(cfa->cfa_blob_len);
if (len < ctxlen)
return -ERANGE;
memcpy(ctx, cfa->cfa_blob, ctxlen);
return ctxlen;
}
static int ceph_crypt_set_context(struct inode *inode, const void *ctx,
size_t len, void *fs_data)
{
int ret;
struct iattr attr = { };
struct ceph_iattr cia = { };
struct ceph_fscrypt_auth *cfa;
WARN_ON_ONCE(fs_data);
if (len > FSCRYPT_SET_CONTEXT_MAX_SIZE)
return -EINVAL;
cfa = kzalloc_obj(*cfa);
if (!cfa)
return -ENOMEM;
cfa->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
cfa->cfa_blob_len = cpu_to_le32(len);
memcpy(cfa->cfa_blob, ctx, len);
cia.fscrypt_auth = cfa;
ret = __ceph_setattr(&nop_mnt_idmap, inode, &attr, &cia);
if (ret == 0)
inode_set_flags(inode, S_ENCRYPTED, S_ENCRYPTED);
kfree(cia.fscrypt_auth);
return ret;
}
static bool ceph_crypt_empty_dir(struct inode *inode)
{
struct ceph_inode_info *ci = ceph_inode(inode);
return ci->i_rsubdirs + ci->i_rfiles == 1;
}
static const union fscrypt_policy *ceph_get_dummy_policy(struct super_block *sb)
{
return ceph_sb_to_fs_client(sb)->fsc_dummy_enc_policy.policy;
}
static struct fscrypt_operations ceph_fscrypt_ops = {
.inode_info_offs = (int)offsetof(struct ceph_inode_info, i_crypt_info) -
(int)offsetof(struct ceph_inode_info, netfs.inode),
.needs_bounce_pages = 1,
.get_context = ceph_crypt_get_context,
.set_context = ceph_crypt_set_context,
.get_dummy_policy = ceph_get_dummy_policy,
.empty_dir = ceph_crypt_empty_dir,
};
void ceph_fscrypt_set_ops(struct super_block *sb)
{
fscrypt_set_ops(sb, &ceph_fscrypt_ops);
}
void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
{
fscrypt_free_dummy_policy(&fsc->fsc_dummy_enc_policy);
}
int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
struct ceph_acl_sec_ctx *as)
{
int ret, ctxsize;
bool encrypted = false;
struct ceph_inode_info *ci = ceph_inode(inode);
ret = fscrypt_prepare_new_inode(dir, inode, &encrypted);
if (ret)
return ret;
if (!encrypted)
return 0;
as->fscrypt_auth = kzalloc_obj(*as->fscrypt_auth);
if (!as->fscrypt_auth)
return -ENOMEM;
ctxsize = fscrypt_context_for_new_inode(as->fscrypt_auth->cfa_blob,
inode);
if (ctxsize < 0)
return ctxsize;
as->fscrypt_auth->cfa_version = cpu_to_le32(CEPH_FSCRYPT_AUTH_VERSION);
as->fscrypt_auth->cfa_blob_len = cpu_to_le32(ctxsize);
WARN_ON_ONCE(ci->fscrypt_auth);
kfree(ci->fscrypt_auth);
ci->fscrypt_auth_len = ceph_fscrypt_auth_len(as->fscrypt_auth);
ci->fscrypt_auth = kmemdup(as->fscrypt_auth, ci->fscrypt_auth_len,
GFP_KERNEL);
if (!ci->fscrypt_auth)
return -ENOMEM;
inode->i_flags |= S_ENCRYPTED;
return 0;
}
void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
struct ceph_acl_sec_ctx *as)
{
swap(req->r_fscrypt_auth, as->fscrypt_auth);
}
static struct inode *parse_longname(const struct inode *parent,
const char *name, int *name_len)
{
struct ceph_client *cl = ceph_inode_to_client(parent);
struct inode *dir = NULL;
struct ceph_vino vino = { .snap = CEPH_NOSNAP };
char *name_end, *inode_number;
int ret = -EIO;
if (*name_len <= 0 || name[0] != '_')
return ERR_PTR(-EIO);
char *str __free(kfree) = kmemdup_nul(name + 1, *name_len - 1, GFP_KERNEL);
if (!str)
return ERR_PTR(-ENOMEM);
name_end = strrchr(str, '_');
if (!name_end) {
doutc(cl, "failed to parse long snapshot name: %s\n", str);
return ERR_PTR(-EIO);
}
*name_len = (name_end - str);
if (*name_len <= 0) {
pr_err_client(cl, "failed to parse long snapshot name\n");
return ERR_PTR(-EIO);
}
inode_number = name_end + 1;
ret = kstrtou64(inode_number, 10, &vino.ino);
if (ret) {
doutc(cl, "failed to parse inode number: %s\n", str);
return ERR_PTR(ret);
}
dir = ceph_find_inode(parent->i_sb, vino);
if (!dir) {
dir = ceph_get_inode(parent->i_sb, vino, NULL);
if (IS_ERR(dir))
doutc(cl, "can't find inode %s (%s)\n", inode_number, name);
}
return dir;
}
int ceph_encode_encrypted_dname(struct inode *parent, char *buf, int elen)
{
struct ceph_client *cl = ceph_inode_to_client(parent);
struct inode *dir = parent;
char *p = buf;
u32 len;
int name_len = elen;
int ret;
u8 *cryptbuf = NULL;
if (ceph_snap(dir) == CEPH_SNAPDIR && *p == '_') {
dir = parse_longname(parent, p, &name_len);
if (IS_ERR(dir))
return PTR_ERR(dir);
p++;
}
if (!fscrypt_has_encryption_key(dir))
goto out;
if (!fscrypt_fname_encrypted_size(dir, name_len, NAME_MAX, &len)) {
elen = -ENAMETOOLONG;
goto out;
}
cryptbuf = kmalloc(len > CEPH_NOHASH_NAME_MAX ? NAME_MAX : len,
GFP_KERNEL);
if (!cryptbuf) {
elen = -ENOMEM;
goto out;
}
ret = fscrypt_fname_encrypt(dir,
&(struct qstr)QSTR_INIT(p, name_len),
cryptbuf, len);
if (ret) {
elen = ret;
goto out;
}
if (len > CEPH_NOHASH_NAME_MAX) {
u8 hash[SHA256_DIGEST_SIZE];
u8 *extra = cryptbuf + CEPH_NOHASH_NAME_MAX;
sha256(extra, len - CEPH_NOHASH_NAME_MAX, hash);
memcpy(extra, hash, SHA256_DIGEST_SIZE);
len = CEPH_NOHASH_NAME_MAX + SHA256_DIGEST_SIZE;
}
elen = base64_encode(cryptbuf, len, p, false, BASE64_IMAP);
doutc(cl, "base64-encoded ciphertext name = %.*s\n", elen, p);
WARN_ON(elen > 240);
if (dir != parent)
elen += 1 + sprintf(p + elen, "_%ld", dir->i_ino);
out:
kfree(cryptbuf);
if (dir != parent) {
if ((inode_state_read_once(dir) & I_NEW))
discard_new_inode(dir);
else
iput(dir);
}
return elen;
}
int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
struct fscrypt_str *oname, bool *is_nokey)
{
struct inode *dir = fname->dir;
struct fscrypt_str _tname = FSTR_INIT(NULL, 0);
struct fscrypt_str iname;
char *name = fname->name;
int name_len = fname->name_len;
int ret;
if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX)
return -EIO;
if ((ceph_snap(dir) == CEPH_SNAPDIR) && (name_len > 0) &&
(name[0] == '_')) {
dir = parse_longname(dir, name, &name_len);
if (IS_ERR(dir))
return PTR_ERR(dir);
name++;
}
if (!IS_ENCRYPTED(dir)) {
oname->name = fname->name;
oname->len = fname->name_len;
ret = 0;
goto out_inode;
}
ret = ceph_fscrypt_prepare_readdir(dir);
if (ret)
goto out_inode;
if (!fscrypt_has_encryption_key(dir)) {
if (fname->no_copy)
oname->name = fname->name;
else
memcpy(oname->name, fname->name, fname->name_len);
oname->len = fname->name_len;
if (is_nokey)
*is_nokey = true;
ret = 0;
goto out_inode;
}
if (fname->ctext_len == 0) {
int declen;
if (!tname) {
ret = fscrypt_fname_alloc_buffer(NAME_MAX, &_tname);
if (ret)
goto out_inode;
tname = &_tname;
}
declen = base64_decode(name, name_len,
tname->name, false, BASE64_IMAP);
if (declen <= 0) {
ret = -EIO;
goto out;
}
iname.name = tname->name;
iname.len = declen;
} else {
iname.name = fname->ctext;
iname.len = fname->ctext_len;
}
ret = fscrypt_fname_disk_to_usr(dir, 0, 0, &iname, oname);
if (!ret && (dir != fname->dir)) {
char tmp_buf[BASE64_CHARS(NAME_MAX)];
name_len = snprintf(tmp_buf, sizeof(tmp_buf), "_%.*s_%ld",
oname->len, oname->name, dir->i_ino);
memcpy(oname->name, tmp_buf, name_len);
oname->len = name_len;
}
out:
fscrypt_fname_free_buffer(&_tname);
out_inode:
if (dir != fname->dir) {
if ((inode_state_read_once(dir) & I_NEW))
discard_new_inode(dir);
else
iput(dir);
}
return ret;
}
int ceph_fscrypt_prepare_readdir(struct inode *dir)
{
bool had_key = fscrypt_has_encryption_key(dir);
int err;
if (!IS_ENCRYPTED(dir))
return 0;
err = __fscrypt_prepare_readdir(dir);
if (err)
return err;
if (!had_key && fscrypt_has_encryption_key(dir)) {
ceph_dir_clear_complete(dir);
return 1;
}
return 0;
}
int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
struct page *page, unsigned int len,
unsigned int offs, u64 lblk_num)
{
struct ceph_client *cl = ceph_inode_to_client(inode);
doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode,
ceph_vinop(inode), len, offs, lblk_num);
return fscrypt_decrypt_block_inplace(inode, page, len, offs, lblk_num);
}
int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
struct page *page, unsigned int len,
unsigned int offs, u64 lblk_num)
{
struct ceph_client *cl = ceph_inode_to_client(inode);
doutc(cl, "%p %llx.%llx len %u offs %u blk %llu\n", inode,
ceph_vinop(inode), len, offs, lblk_num);
return fscrypt_encrypt_block_inplace(inode, page, len, offs, lblk_num);
}
int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
u64 off, int len)
{
int i, num_blocks;
u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
int ret = 0;
num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
for (i = 0; i < num_blocks; ++i) {
int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
int pgidx = blkoff >> PAGE_SHIFT;
unsigned int pgoffs = offset_in_page(blkoff);
int fret;
fret = ceph_fscrypt_decrypt_block_inplace(inode, page[pgidx],
CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
baseblk + i);
if (fret < 0) {
if (ret == 0)
ret = fret;
break;
}
ret += CEPH_FSCRYPT_BLOCK_SIZE;
}
return ret;
}
int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
u64 off, struct ceph_sparse_extent *map,
u32 ext_cnt)
{
struct ceph_client *cl = ceph_inode_to_client(inode);
int i, ret = 0;
struct ceph_inode_info *ci = ceph_inode(inode);
u64 objno, objoff;
u32 xlen;
if (ext_cnt == 0) {
doutc(cl, "%p %llx.%llx empty array, ret 0\n", inode,
ceph_vinop(inode));
return 0;
}
ceph_calc_file_object_mapping(&ci->i_layout, off, map[0].len,
&objno, &objoff, &xlen);
for (i = 0; i < ext_cnt; ++i) {
struct ceph_sparse_extent *ext = &map[i];
int pgsoff = ext->off - objoff;
int pgidx = pgsoff >> PAGE_SHIFT;
int fret;
if ((ext->off | ext->len) & ~CEPH_FSCRYPT_BLOCK_MASK) {
pr_warn_client(cl,
"%p %llx.%llx bad encrypted sparse extent "
"idx %d off %llx len %llx\n",
inode, ceph_vinop(inode), i, ext->off,
ext->len);
return -EIO;
}
fret = ceph_fscrypt_decrypt_pages(inode, &page[pgidx],
off + pgsoff, ext->len);
doutc(cl, "%p %llx.%llx [%d] 0x%llx~0x%llx fret %d\n", inode,
ceph_vinop(inode), i, ext->off, ext->len, fret);
if (fret < 0) {
if (ret == 0)
ret = fret;
break;
}
ret = pgsoff + fret;
}
doutc(cl, "ret %d\n", ret);
return ret;
}
int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
int len)
{
int i, num_blocks;
u64 baseblk = off >> CEPH_FSCRYPT_BLOCK_SHIFT;
int ret = 0;
num_blocks = ceph_fscrypt_blocks(off, len & CEPH_FSCRYPT_BLOCK_MASK);
for (i = 0; i < num_blocks; ++i) {
int blkoff = i << CEPH_FSCRYPT_BLOCK_SHIFT;
int pgidx = blkoff >> PAGE_SHIFT;
unsigned int pgoffs = offset_in_page(blkoff);
int fret;
fret = ceph_fscrypt_encrypt_block_inplace(inode, page[pgidx],
CEPH_FSCRYPT_BLOCK_SIZE, pgoffs,
baseblk + i);
if (fret < 0) {
if (ret == 0)
ret = fret;
break;
}
ret += CEPH_FSCRYPT_BLOCK_SIZE;
}
return ret;
}
