Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt

	if (WARN_ON_ONCE(len <= 0))

		return -EINVAL;

	if (WARN_ON_ONCE(len % FS_CRYPTO_BLOCK_SIZE != 0))

	if (WARN_ON_ONCE(len % FSCRYPT_CONTENTS_ALIGNMENT != 0))

		return -EINVAL;

	fscrypt_generate_iv(&iv, lblk_num, ci);

 * fscrypt_encrypt_block_inplace() - Encrypt a filesystem block in-place

 * @inode:     The inode to which this block belongs

 * @page:      The page containing the block to encrypt

 * @len:       Size of block to encrypt.  Doesn't need to be a multiple of the

 *		fs block size, but must be a multiple of FS_CRYPTO_BLOCK_SIZE.

 * @len:       Size of block to encrypt.  This must be a multiple of

 *		FSCRYPT_CONTENTS_ALIGNMENT.

 * @offs:      Byte offset within @page at which the block to encrypt begins

 * @lblk_num:  Filesystem logical block number of the block, i.e. the 0-based

 *		number of the block within the file

 * fscrypt_decrypt_block_inplace() - Decrypt a filesystem block in-place

 * @inode:     The inode to which this block belongs

 * @page:      The page containing the block to decrypt

 * @len:       Size of block to decrypt.  Doesn't need to be a multiple of the

 *		fs block size, but must be a multiple of FS_CRYPTO_BLOCK_SIZE.

 * @len:       Size of block to decrypt.  This must be a multiple of

 *		FSCRYPT_CONTENTS_ALIGNMENT.

 * @offs:      Byte offset within @page at which the block to decrypt begins

 * @lblk_num:  Filesystem logical block number of the block, i.e. the 0-based

 *		number of the block within the file

#include <crypto/skcipher.h>

#include "fscrypt_private.h"

/*

 * The minimum message length (input and output length), in bytes, for all

 * filenames encryption modes.  Filenames shorter than this will be zero-padded

 * before being encrypted.

 */

#define FSCRYPT_FNAME_MIN_MSG_LEN 16

/*

 * struct fscrypt_nokey_name - identifier for directory entry when key is absent

 *

	if (orig_len > max_len)

		return false;

	encrypted_len = max(orig_len, (u32)FS_CRYPTO_BLOCK_SIZE);

	encrypted_len = max_t(u32, orig_len, FSCRYPT_FNAME_MIN_MSG_LEN);

	encrypted_len = round_up(encrypted_len, padding);

	*encrypted_len_ret = min(encrypted_len, max_len);

	return true;

		return 0;

	}

	if (iname->len < FS_CRYPTO_BLOCK_SIZE)

	if (iname->len < FSCRYPT_FNAME_MIN_MSG_LEN)

		return -EUCLEAN;

	if (fscrypt_has_encryption_key(inode))

fscrypt_find_master_key(struct super_block *sb,

			const struct fscrypt_key_specifier *mk_spec);

int fscrypt_add_test_dummy_key(struct super_block *sb,

			       struct fscrypt_key_specifier *key_spec);

int fscrypt_get_test_dummy_key_identifier(

			  u8 key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]);

int fscrypt_verify_key_added(struct super_block *sb,

			     const u8 identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]);

	int keysize;		/* key size in bytes */

	int security_strength;	/* security strength in bytes */

	int ivsize;		/* IV size in bytes */

	int logged_impl_name;

	int logged_cryptoapi_impl;

	int logged_blk_crypto_native;

	int logged_blk_crypto_fallback;

	enum blk_crypto_mode_num blk_crypto_mode;

};

bool fscrypt_policies_equal(const union fscrypt_policy *policy1,

			    const union fscrypt_policy *policy2);

int fscrypt_policy_to_key_spec(const union fscrypt_policy *policy,

			       struct fscrypt_key_specifier *key_spec);

bool fscrypt_supported_policy(const union fscrypt_policy *policy_u,

			      const struct inode *inode);

int fscrypt_policy_from_context(union fscrypt_policy *policy_u,

 * provides the key and IV to use.

 */

#include <linux/blk-crypto.h>

#include <linux/blk-crypto-profile.h>

#include <linux/blkdev.h>

#include <linux/buffer_head.h>

#include <linux/sched/mm.h>

	return DIV_ROUND_UP(lblk_bits, 8);

}

/*

 * Log a message when starting to use blk-crypto (native) or blk-crypto-fallback

 * for an encryption mode for the first time.  This is the blk-crypto

 * counterpart to the message logged when starting to use the crypto API for the

 * first time.  A limitation is that these messages don't convey which specific

 * filesystems or files are using each implementation.  However, *usually*

 * systems use just one implementation per mode, which makes these messages

 * helpful for debugging problems where the "wrong" implementation is used.

 */

static void fscrypt_log_blk_crypto_impl(struct fscrypt_mode *mode,

					struct request_queue **devs,

					int num_devs,

					const struct blk_crypto_config *cfg)

{

	int i;

	for (i = 0; i < num_devs; i++) {

		if (!IS_ENABLED(CONFIG_BLK_INLINE_ENCRYPTION_FALLBACK) ||

		    __blk_crypto_cfg_supported(devs[i]->crypto_profile, cfg)) {

			if (!xchg(&mode->logged_blk_crypto_native, 1))

				pr_info("fscrypt: %s using blk-crypto (native)\n",

					mode->friendly_name);

		} else if (!xchg(&mode->logged_blk_crypto_fallback, 1)) {

			pr_info("fscrypt: %s using blk-crypto-fallback\n",

				mode->friendly_name);

		}

	}

}

/* Enable inline encryption for this file if supported. */

int fscrypt_select_encryption_impl(struct fscrypt_info *ci)

{

			goto out_free_devs;

	}

	fscrypt_log_blk_crypto_impl(ci->ci_mode, devs, num_devs, &crypto_cfg);

	ci->ci_inlinecrypt = true;

out_free_devs:

	kfree(devs);

}

EXPORT_SYMBOL_GPL(fscrypt_ioctl_add_key);

/*

 * Add the key for '-o test_dummy_encryption' to the filesystem keyring.

 *

 * Use a per-boot random key to prevent people from misusing this option.

 */

int fscrypt_add_test_dummy_key(struct super_block *sb,

			       struct fscrypt_key_specifier *key_spec)

static void

fscrypt_get_test_dummy_secret(struct fscrypt_master_key_secret *secret)

{

	static u8 test_key[FSCRYPT_MAX_KEY_SIZE];

	get_random_once(test_key, FSCRYPT_MAX_KEY_SIZE);

	memset(secret, 0, sizeof(*secret));

	secret->size = FSCRYPT_MAX_KEY_SIZE;

	memcpy(secret->raw, test_key, FSCRYPT_MAX_KEY_SIZE);

}

int fscrypt_get_test_dummy_key_identifier(

				u8 key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE])

{

	struct fscrypt_master_key_secret secret;

	int err;

	get_random_once(test_key, FSCRYPT_MAX_KEY_SIZE);

	fscrypt_get_test_dummy_secret(&secret);

	memset(&secret, 0, sizeof(secret));

	secret.size = FSCRYPT_MAX_KEY_SIZE;

	memcpy(secret.raw, test_key, FSCRYPT_MAX_KEY_SIZE);

	err = fscrypt_init_hkdf(&secret.hkdf, secret.raw, secret.size);

	if (err)

		goto out;

	err = fscrypt_hkdf_expand(&secret.hkdf, HKDF_CONTEXT_KEY_IDENTIFIER,

				  NULL, 0, key_identifier,

				  FSCRYPT_KEY_IDENTIFIER_SIZE);

out:

	wipe_master_key_secret(&secret);

	return err;

}

	err = add_master_key(sb, &secret, key_spec);

/**

 * fscrypt_add_test_dummy_key() - add the test dummy encryption key

 * @sb: the filesystem instance to add the key to

 * @dummy_policy: the encryption policy for test_dummy_encryption

 *

 * If needed, add the key for the test_dummy_encryption mount option to the

 * filesystem.  To prevent misuse of this mount option, a per-boot random key is

 * used instead of a hardcoded one.  This makes it so that any encrypted files

 * created using this option won't be accessible after a reboot.

 *

 * Return: 0 on success, -errno on failure

 */

int fscrypt_add_test_dummy_key(struct super_block *sb,

			       const struct fscrypt_dummy_policy *dummy_policy)

{

	const union fscrypt_policy *policy = dummy_policy->policy;

	struct fscrypt_key_specifier key_spec;

	struct fscrypt_master_key_secret secret;

	int err;

	if (!policy)

		return 0;

	err = fscrypt_policy_to_key_spec(policy, &key_spec);

	if (err)

		return err;

	fscrypt_get_test_dummy_secret(&secret);

	err = add_master_key(sb, &secret, &key_spec);

	wipe_master_key_secret(&secret);

	return err;

}

EXPORT_SYMBOL_GPL(fscrypt_add_test_dummy_key);

/*

 * Verify that the current user has added a master key with the given identifier