crypto.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
crypto.c (2378B)
      1// SPDX-License-Identifier: GPL-2.0
      2#include "ubifs.h"
      3
      4static int ubifs_crypt_get_context(struct inode *inode, void *ctx, size_t len)
      5{
      6	return ubifs_xattr_get(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
      7			       ctx, len);
      8}
      9
     10static int ubifs_crypt_set_context(struct inode *inode, const void *ctx,
     11				   size_t len, void *fs_data)
     12{
     13	/*
     14	 * Creating an encryption context is done unlocked since we
     15	 * operate on a new inode which is not visible to other users
     16	 * at this point. So, no need to check whether inode is locked.
     17	 */
     18	return ubifs_xattr_set(inode, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT,
     19			       ctx, len, 0, false);
     20}
     21
     22static bool ubifs_crypt_empty_dir(struct inode *inode)
     23{
     24	return ubifs_check_dir_empty(inode) == 0;
     25}
     26
     27int ubifs_encrypt(const struct inode *inode, struct ubifs_data_node *dn,
     28		  unsigned int in_len, unsigned int *out_len, int block)
     29{
     30	struct ubifs_info *c = inode->i_sb->s_fs_info;
     31	void *p = &dn->data;
     32	unsigned int pad_len = round_up(in_len, UBIFS_CIPHER_BLOCK_SIZE);
     33	int err;
     34
     35	ubifs_assert(c, pad_len <= *out_len);
     36	dn->compr_size = cpu_to_le16(in_len);
     37
     38	/* pad to full block cipher length */
     39	if (pad_len != in_len)
     40		memset(p + in_len, 0, pad_len - in_len);
     41
     42	err = fscrypt_encrypt_block_inplace(inode, virt_to_page(p), pad_len,
     43					    offset_in_page(p), block, GFP_NOFS);
     44	if (err) {
     45		ubifs_err(c, "fscrypt_encrypt_block_inplace() failed: %d", err);
     46		return err;
     47	}
     48	*out_len = pad_len;
     49
     50	return 0;
     51}
     52
     53int ubifs_decrypt(const struct inode *inode, struct ubifs_data_node *dn,
     54		  unsigned int *out_len, int block)
     55{
     56	struct ubifs_info *c = inode->i_sb->s_fs_info;
     57	int err;
     58	unsigned int clen = le16_to_cpu(dn->compr_size);
     59	unsigned int dlen = *out_len;
     60
     61	if (clen <= 0 || clen > UBIFS_BLOCK_SIZE || clen > dlen) {
     62		ubifs_err(c, "bad compr_size: %i", clen);
     63		return -EINVAL;
     64	}
     65
     66	ubifs_assert(c, dlen <= UBIFS_BLOCK_SIZE);
     67	err = fscrypt_decrypt_block_inplace(inode, virt_to_page(&dn->data),
     68					    dlen, offset_in_page(&dn->data),
     69					    block);
     70	if (err) {
     71		ubifs_err(c, "fscrypt_decrypt_block_inplace() failed: %d", err);
     72		return err;
     73	}
     74	*out_len = clen;
     75
     76	return 0;
     77}
     78
     79const struct fscrypt_operations ubifs_crypt_operations = {
     80	.flags			= FS_CFLG_OWN_PAGES,
     81	.key_prefix		= "ubifs:",
     82	.get_context		= ubifs_crypt_get_context,
     83	.set_context		= ubifs_crypt_set_context,
     84	.empty_dir		= ubifs_crypt_empty_dir,
     85};