diff options
| author | Theodore Ts'o <tytso@mit.edu> | 2015-05-18 13:16:47 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2015-05-18 13:16:47 -0400 |
| commit | e2881b1b51d871a72911faf2fc7e090655940506 (patch) | |
| tree | 07bc66d72cc03479c98b7b63edb53f1fa4069383 /fs/ext4/crypto_key.c | |
| parent | d229959072eba40e1c2a4f53f8af17f1e770eb66 (diff) | |
| download | linux-e2881b1b51d871a72911faf2fc7e090655940506.tar.gz linux-e2881b1b51d871a72911faf2fc7e090655940506.tar.bz2 linux-e2881b1b51d871a72911faf2fc7e090655940506.zip | |
ext4 crypto: separate kernel and userspace structure for the key
Use struct ext4_encryption_key only for the master key passed via the
kernel keyring.
For internal kernel space users, we now use struct ext4_crypt_info.
This will allow us to put information from the policy structure so we
can cache it and avoid needing to constantly looking up the extended
attribute. We will do this in a spearate patch. This patch is mostly
mechnical to make it easier for patch review.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/crypto_key.c')
| -rw-r--r-- | fs/ext4/crypto_key.c | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c index 52170d0b7c40..ec6635dc50f9 100644 --- a/fs/ext4/crypto_key.c +++ b/fs/ext4/crypto_key.c @@ -91,7 +91,7 @@ out: int ext4_generate_encryption_key(struct inode *inode) { struct ext4_inode_info *ei = EXT4_I(inode); - struct ext4_encryption_key *crypt_key = &ei->i_encryption_key; + struct ext4_crypt_info *crypt_info = &ei->i_crypt_info; char full_key_descriptor[EXT4_KEY_DESC_PREFIX_SIZE + (EXT4_KEY_DESCRIPTOR_SIZE * 2) + 1]; struct key *keyring_key = NULL; @@ -112,17 +112,17 @@ int ext4_generate_encryption_key(struct inode *inode) ei->i_crypt_policy_flags = ctx.flags; if (S_ISREG(inode->i_mode)) - crypt_key->mode = ctx.contents_encryption_mode; + crypt_info->ci_mode = ctx.contents_encryption_mode; else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) - crypt_key->mode = ctx.filenames_encryption_mode; + crypt_info->ci_mode = ctx.filenames_encryption_mode; else { printk(KERN_ERR "ext4 crypto: Unsupported inode type.\n"); BUG(); } - crypt_key->size = ext4_encryption_key_size(crypt_key->mode); - BUG_ON(!crypt_key->size); + crypt_info->ci_size = ext4_encryption_key_size(crypt_info->ci_mode); + BUG_ON(!crypt_info->ci_size); if (DUMMY_ENCRYPTION_ENABLED(sbi)) { - memset(crypt_key->raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE); + memset(crypt_info->ci_raw, 0x42, EXT4_AES_256_XTS_KEY_SIZE); goto out; } memcpy(full_key_descriptor, EXT4_KEY_DESC_PREFIX, @@ -148,19 +148,20 @@ int ext4_generate_encryption_key(struct inode *inode) BUILD_BUG_ON(EXT4_AES_128_ECB_KEY_SIZE != EXT4_KEY_DERIVATION_NONCE_SIZE); BUG_ON(master_key->size != EXT4_AES_256_XTS_KEY_SIZE); - res = ext4_derive_key_aes(ctx.nonce, master_key->raw, crypt_key->raw); + res = ext4_derive_key_aes(ctx.nonce, master_key->raw, + crypt_info->ci_raw); out: if (keyring_key) key_put(keyring_key); if (res < 0) - crypt_key->mode = EXT4_ENCRYPTION_MODE_INVALID; + crypt_info->ci_mode = EXT4_ENCRYPTION_MODE_INVALID; return res; } int ext4_has_encryption_key(struct inode *inode) { struct ext4_inode_info *ei = EXT4_I(inode); - struct ext4_encryption_key *crypt_key = &ei->i_encryption_key; + struct ext4_crypt_info *crypt_info = &ei->i_crypt_info; - return (crypt_key->mode != EXT4_ENCRYPTION_MODE_INVALID); + return (crypt_info->ci_mode != EXT4_ENCRYPTION_MODE_INVALID); } |