xref: /kernel/linux/linux-6.6/fs/crypto/keysetup.c

98 /* Create a symmetric cipher object for the given encryption mode and key */
145  * Prepare the crypto transform object or blk-crypto key in @prep_key, given the
146  * raw key, encryption mode (@ci->ci_mode), flag indicating which encryption
171 /* Destroy a crypto transform object and/or blk-crypto key. */
180 /* Given a per-file encryption key, set up the file's crypto transform object */
243  * Derive a SipHash key from the given fscrypt master key and the given
246  * Note that the KDF produces a byte array, but the SipHash APIs expect the key
252 				      unsigned int infolen, siphash_key_t *key)
257 				  (u8 *)key, sizeof(*key));
261 	BUILD_BUG_ON(sizeof(*key) != 16);
262 	BUILD_BUG_ON(ARRAY_SIZE(key->key) != 2);
263 	le64_to_cpus(&key->key[0]);
264 	le64_to_cpus(&key->key[1]);
343 		 * with the master key directly but rather derive a per-mode
344 		 * encryption key.  This ensures that the master key is
345 		 * consistently used only for HKDF, avoiding key reuse issues.
379 	/* Derive a secret dirhash key for directories that need it. */
390  * Check whether the size of the given master key (@mk) is appropriate for the
393  * If the file uses a v1 encryption policy, then the master key must be at least
394  * as long as the derived key, as this is a requirement of the v1 KDF.
396  * Otherwise, the KDF can accept any size key, so we enforce a slightly looser
397  * requirement: we require that the size of the master key be at least the
398  * maximum security strength of any algorithm whose key will be derived from it
401  * required key size over @ci->ci_mode).  This allows AES-256-XTS keys to be
402  * derived from a 256-bit master key, which is cryptographically sufficient,
403  * rather than requiring a 512-bit master key which is unnecessarily long.  (We
418 			     "key with %s %*phN is too short (got %u bytes, need %u+ bytes)",
429  * Find the master key, then set up the inode's actual encryption key.
431  * If the master key is found in the filesystem-level keyring, then it is
435  * synchronize the master key being removed with a new inode starting to use it.
460 		 * Add the test_dummy_encryption key on-demand.  In principle,
463 		 * this key at mount time and cleaning up on mount failure.
478 		 * As a legacy fallback for v1 policies, search for the key in
539 		 * with the master key.  In addition, if we're removing the last
540 		 * inode from a master key struct that already had its secret
596 		 * Now link it into the master key's inode list.
619  * fscrypt_get_encryption_info() - set up an inode's encryption key
620  * @inode: the inode to set up the key for.  Must be encrypted.
622  *		       unrecognized encryption context) the same way as the key
633  *	   encryption key is unavailable.  (Use fscrypt_has_encryption_key() to
698  * Return: 0 on success, -ENOKEY if the encryption key is missing, or another
765  * fscrypt_drop_inode() - check whether the inode's master key has been removed
770  * use and their master key has been removed.
779 	 * If ci is NULL, then the inode doesn't have an encryption key set up
780 	 * so it's irrelevant.  If ci_master_key is NULL, then the master key
789 	 * protected by the key were cleaned by sync_filesystem().  But if
797 	 * Note: since we aren't holding the key semaphore, the result here can
800 	 * evicting while iput() is racing with the key being removed, since
801 	 * then the thread removing the key will either evict the inode itself

Indexes created Thu Nov 07 10:32:03 CST 2024