1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * Ceph fscrypt functionality
4 */
5
6#ifndef _CEPH_CRYPTO_H
7#define _CEPH_CRYPTO_H
8
9#include <crypto/sha2.h>
10#include <linux/fscrypt.h>
11
12#define CEPH_FSCRYPT_BLOCK_SHIFT   12
13#define CEPH_FSCRYPT_BLOCK_SIZE    (_AC(1, UL) << CEPH_FSCRYPT_BLOCK_SHIFT)
14#define CEPH_FSCRYPT_BLOCK_MASK	   (~(CEPH_FSCRYPT_BLOCK_SIZE-1))
15
16struct ceph_fs_client;
17struct ceph_acl_sec_ctx;
18struct ceph_mds_request;
19
20struct ceph_fname {
21	struct inode	*dir;
22	char		*name;		// b64 encoded, possibly hashed
23	unsigned char	*ctext;		// binary crypttext (if any)
24	u32		name_len;	// length of name buffer
25	u32		ctext_len;	// length of crypttext
26	bool		no_copy;
27};
28
29/*
30 * Header for the crypted file when truncating the size, this
31 * will be sent to MDS, and the MDS will update the encrypted
32 * last block and then truncate the size.
33 */
34struct ceph_fscrypt_truncate_size_header {
35	__u8  ver;
36	__u8  compat;
37
38	/*
39	 * It will be sizeof(assert_ver + file_offset + block_size)
40	 * if the last block is empty when it's located in a file
41	 * hole. Or the data_len will plus CEPH_FSCRYPT_BLOCK_SIZE.
42	 */
43	__le32 data_len;
44
45	__le64 change_attr;
46	__le64 file_offset;
47	__le32 block_size;
48} __packed;
49
50struct ceph_fscrypt_auth {
51	__le32	cfa_version;
52	__le32	cfa_blob_len;
53	u8	cfa_blob[FSCRYPT_SET_CONTEXT_MAX_SIZE];
54} __packed;
55
56#define CEPH_FSCRYPT_AUTH_VERSION	1
57static inline u32 ceph_fscrypt_auth_len(struct ceph_fscrypt_auth *fa)
58{
59	u32 ctxsize = le32_to_cpu(fa->cfa_blob_len);
60
61	return offsetof(struct ceph_fscrypt_auth, cfa_blob) + ctxsize;
62}
63
64#ifdef CONFIG_FS_ENCRYPTION
65/*
66 * We want to encrypt filenames when creating them, but the encrypted
67 * versions of those names may have illegal characters in them. To mitigate
68 * that, we base64 encode them, but that gives us a result that can exceed
69 * NAME_MAX.
70 *
71 * Follow a similar scheme to fscrypt itself, and cap the filename to a
72 * smaller size. If the ciphertext name is longer than the value below, then
73 * sha256 hash the remaining bytes.
74 *
75 * For the fscrypt_nokey_name struct the dirhash[2] member is useless in ceph
76 * so the corresponding struct will be:
77 *
78 * struct fscrypt_ceph_nokey_name {
79 *	u8 bytes[157];
80 *	u8 sha256[SHA256_DIGEST_SIZE];
81 * }; // 180 bytes => 240 bytes base64-encoded, which is <= NAME_MAX (255)
82 *
83 * (240 bytes is the maximum size allowed for snapshot names to take into
84 *  account the format: '_<SNAPSHOT-NAME>_<INODE-NUMBER>'.)
85 *
86 * Note that for long names that end up having their tail portion hashed, we
87 * must also store the full encrypted name (in the dentry's alternate_name
88 * field).
89 */
90#define CEPH_NOHASH_NAME_MAX (180 - SHA256_DIGEST_SIZE)
91
92#define CEPH_BASE64_CHARS(nbytes) DIV_ROUND_UP((nbytes) * 4, 3)
93
94int ceph_base64_encode(const u8 *src, int srclen, char *dst);
95int ceph_base64_decode(const char *src, int srclen, u8 *dst);
96
97void ceph_fscrypt_set_ops(struct super_block *sb);
98
99void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc);
100
101int ceph_fscrypt_prepare_context(struct inode *dir, struct inode *inode,
102				 struct ceph_acl_sec_ctx *as);
103void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
104				struct ceph_acl_sec_ctx *as);
105int ceph_encode_encrypted_dname(struct inode *parent, struct qstr *d_name,
106				char *buf);
107int ceph_encode_encrypted_fname(struct inode *parent, struct dentry *dentry,
108				char *buf);
109
110static inline int ceph_fname_alloc_buffer(struct inode *parent,
111					  struct fscrypt_str *fname)
112{
113	if (!IS_ENCRYPTED(parent))
114		return 0;
115	return fscrypt_fname_alloc_buffer(NAME_MAX, fname);
116}
117
118static inline void ceph_fname_free_buffer(struct inode *parent,
119					  struct fscrypt_str *fname)
120{
121	if (IS_ENCRYPTED(parent))
122		fscrypt_fname_free_buffer(fname);
123}
124
125int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname,
126		      struct fscrypt_str *oname, bool *is_nokey);
127int ceph_fscrypt_prepare_readdir(struct inode *dir);
128
129static inline unsigned int ceph_fscrypt_blocks(u64 off, u64 len)
130{
131	/* crypto blocks cannot span more than one page */
132	BUILD_BUG_ON(CEPH_FSCRYPT_BLOCK_SHIFT > PAGE_SHIFT);
133
134	return ((off+len+CEPH_FSCRYPT_BLOCK_SIZE-1) >> CEPH_FSCRYPT_BLOCK_SHIFT) -
135		(off >> CEPH_FSCRYPT_BLOCK_SHIFT);
136}
137
138/*
139 * If we have an encrypted inode then we must adjust the offset and
140 * range of the on-the-wire read to cover an entire encryption block.
141 * The copy will be done using the original offset and length, after
142 * we've decrypted the result.
143 */
144static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
145						   u64 *off, u64 *len)
146{
147	if (IS_ENCRYPTED(inode)) {
148		*len = ceph_fscrypt_blocks(*off, *len) * CEPH_FSCRYPT_BLOCK_SIZE;
149		*off &= CEPH_FSCRYPT_BLOCK_MASK;
150	}
151}
152
153int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
154				  struct page *page, unsigned int len,
155				  unsigned int offs, u64 lblk_num);
156int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
157				  struct page *page, unsigned int len,
158				  unsigned int offs, u64 lblk_num,
159				  gfp_t gfp_flags);
160int ceph_fscrypt_decrypt_pages(struct inode *inode, struct page **page,
161			       u64 off, int len);
162int ceph_fscrypt_decrypt_extents(struct inode *inode, struct page **page,
163				 u64 off, struct ceph_sparse_extent *map,
164				 u32 ext_cnt);
165int ceph_fscrypt_encrypt_pages(struct inode *inode, struct page **page, u64 off,
166			       int len, gfp_t gfp);
167
168static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
169{
170	return fscrypt_is_bounce_page(page) ? fscrypt_pagecache_page(page) : page;
171}
172
173#else /* CONFIG_FS_ENCRYPTION */
174
175static inline void ceph_fscrypt_set_ops(struct super_block *sb)
176{
177}
178
179static inline void ceph_fscrypt_free_dummy_policy(struct ceph_fs_client *fsc)
180{
181}
182
183static inline int ceph_fscrypt_prepare_context(struct inode *dir,
184					       struct inode *inode,
185					       struct ceph_acl_sec_ctx *as)
186{
187	if (IS_ENCRYPTED(dir))
188		return -EOPNOTSUPP;
189	return 0;
190}
191
192static inline void ceph_fscrypt_as_ctx_to_req(struct ceph_mds_request *req,
193						struct ceph_acl_sec_ctx *as_ctx)
194{
195}
196
197static inline int ceph_encode_encrypted_dname(struct inode *parent,
198					      struct qstr *d_name, char *buf)
199{
200	memcpy(buf, d_name->name, d_name->len);
201	return d_name->len;
202}
203
204static inline int ceph_encode_encrypted_fname(struct inode *parent,
205					      struct dentry *dentry, char *buf)
206{
207	return -EOPNOTSUPP;
208}
209
210static inline int ceph_fname_alloc_buffer(struct inode *parent,
211					  struct fscrypt_str *fname)
212{
213	return 0;
214}
215
216static inline void ceph_fname_free_buffer(struct inode *parent,
217					  struct fscrypt_str *fname)
218{
219}
220
221static inline int ceph_fname_to_usr(const struct ceph_fname *fname,
222				    struct fscrypt_str *tname,
223				    struct fscrypt_str *oname, bool *is_nokey)
224{
225	oname->name = fname->name;
226	oname->len = fname->name_len;
227	return 0;
228}
229
230static inline int ceph_fscrypt_prepare_readdir(struct inode *dir)
231{
232	return 0;
233}
234
235static inline void ceph_fscrypt_adjust_off_and_len(struct inode *inode,
236						   u64 *off, u64 *len)
237{
238}
239
240static inline int ceph_fscrypt_decrypt_block_inplace(const struct inode *inode,
241					  struct page *page, unsigned int len,
242					  unsigned int offs, u64 lblk_num)
243{
244	return 0;
245}
246
247static inline int ceph_fscrypt_encrypt_block_inplace(const struct inode *inode,
248					  struct page *page, unsigned int len,
249					  unsigned int offs, u64 lblk_num,
250					  gfp_t gfp_flags)
251{
252	return 0;
253}
254
255static inline int ceph_fscrypt_decrypt_pages(struct inode *inode,
256					     struct page **page, u64 off,
257					     int len)
258{
259	return 0;
260}
261
262static inline int ceph_fscrypt_decrypt_extents(struct inode *inode,
263					       struct page **page, u64 off,
264					       struct ceph_sparse_extent *map,
265					       u32 ext_cnt)
266{
267	return 0;
268}
269
270static inline int ceph_fscrypt_encrypt_pages(struct inode *inode,
271					     struct page **page, u64 off,
272					     int len, gfp_t gfp)
273{
274	return 0;
275}
276
277static inline struct page *ceph_fscrypt_pagecache_page(struct page *page)
278{
279	return page;
280}
281#endif /* CONFIG_FS_ENCRYPTION */
282
283static inline loff_t ceph_fscrypt_page_offset(struct page *page)
284{
285	return page_offset(ceph_fscrypt_pagecache_page(page));
286}
287
288#endif /* _CEPH_CRYPTO_H */
289