| blob | f76e770ff2447eb36cfb2608444e74de7723fb72 |
1 ext4 crypto: reorganize how we store keys in the inode
3 This is a pretty massive patch which does a number of different things:
5 1) The per-inode encryption information is now stored in an allocated
6 data structure, ext4_crypt_info, instead of directly in the node.
7 This reduces the size usage of an in-memory inode when it is not
8 using encryption.
10 2) We drop the ext4_fname_crypto_ctx entirely, and use the per-inode
11 encryption structure instead. This remove an unnecessary memory
12 allocation and free for the fname_crypto_ctx as well as allowing us
13 to reuse the ctfm in a directory for multiple lookups and file
14 creations.
16 3) We also cache the inode's policy information in the ext4_crypt_info
17 structure so we don't have to continually read it out of the
18 extended attributes.
20 4) We now keep the keyring key in the inode's encryption structure
21 instead of releasing it after we are done using it to derive the
22 per-inode key. This allows us to test to see if the key has been
23 revoked; if it has, we prevent the use of the derived key and free
24 it.
26 5) When an inode is released (or when the derived key is freed), we
27 will use memset_explicit() to zero out the derived key, so it's not
28 left hanging around in memory. This implies that when a user logs
29 out, it is important to first revoke the key, and then unlink it,
30 and then finally, to use "echo 3 > /proc/sys/vm/drop_caches" to
31 release any decrypted pages and dcache entries from the system
32 caches.
34 6) All this, and we also shrink the number of lines of code by around
35 100. :-)
37 Signed-off-by: Theodore Ts'o <tytso@mit.edu>
38 ---
39 fs/ext4/crypto.c | 9 +--
40 fs/ext4/crypto_fname.c | 284 ++++++++++++++++++++------------------------------------------------------
41 fs/ext4/crypto_key.c | 74 +++++++++++++++-----
42 fs/ext4/crypto_policy.c | 76 +++++++++++---------
43 fs/ext4/dir.c | 21 +++---
44 fs/ext4/ext4.h | 44 +++++++-----
45 fs/ext4/ext4_crypto.h | 16 ++---
46 fs/ext4/file.c | 4 +-
47 fs/ext4/namei.c | 42 ++++-------
48 fs/ext4/super.c | 7 +-
49 fs/ext4/symlink.c | 15 ++--
50 11 files changed, 246 insertions(+), 346 deletions(-)
52 diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
53 index 918200e..3a25aa4 100644
54 --- a/fs/ext4/crypto.c
55 +++ b/fs/ext4/crypto.c
56 @@ -118,8 +118,9 @@ struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode)
57 struct ext4_crypto_ctx *ctx = NULL;
58 int res = 0;
59 unsigned long flags;
60 - struct ext4_crypt_info *ci = &EXT4_I(inode)->i_crypt_info;
61 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
63 + BUG_ON(ci == NULL);
64 if (!ext4_read_workqueue)
65 ext4_init_crypto();
67 @@ -322,7 +323,7 @@ static int ext4_page_crypto(struct ext4_crypto_ctx *ctx,
68 int res = 0;
70 BUG_ON(!ctx->tfm);
71 - BUG_ON(ctx->mode != ei->i_crypt_info.ci_mode);
72 + BUG_ON(ctx->mode != ei->i_crypt_info->ci_mode);
74 if (ctx->mode != EXT4_ENCRYPTION_MODE_AES_256_XTS) {
75 printk_ratelimited(KERN_ERR
76 @@ -334,8 +335,8 @@ static int ext4_page_crypto(struct ext4_crypto_ctx *ctx,
77 crypto_ablkcipher_clear_flags(atfm, ~0);
78 crypto_tfm_set_flags(ctx->tfm, CRYPTO_TFM_REQ_WEAK_KEY);
80 - res = crypto_ablkcipher_setkey(atfm, ei->i_crypt_info.ci_raw,
81 - ei->i_crypt_info.ci_size);
82 + res = crypto_ablkcipher_setkey(atfm, ei->i_crypt_info->ci_raw,
83 + ei->i_crypt_info->ci_size);
84 if (res) {
85 printk_ratelimited(KERN_ERR
86 "%s: crypto_ablkcipher_setkey() failed\n",
87 diff --git a/fs/ext4/crypto_fname.c b/fs/ext4/crypto_fname.c
88 index d9f08dd..374d0e7 100644
89 --- a/fs/ext4/crypto_fname.c
90 +++ b/fs/ext4/crypto_fname.c
91 @@ -48,6 +48,12 @@ bool ext4_valid_filenames_enc_mode(uint32_t mode)
92 return (mode == EXT4_ENCRYPTION_MODE_AES_256_CTS);
93 }
95 +static unsigned max_name_len(struct inode *inode)
96 +{
97 + return S_ISLNK(inode->i_mode) ? inode->i_sb->s_blocksize :
98 + EXT4_NAME_LEN;
99 +}
100 +
101 /**
102 * ext4_fname_encrypt() -
103 *
104 @@ -55,28 +61,30 @@ bool ext4_valid_filenames_enc_mode(uint32_t mode)
105 * ciphertext. Errors are returned as negative numbers. We trust the caller to
106 * allocate sufficient memory to oname string.
107 */
108 -static int ext4_fname_encrypt(struct ext4_fname_crypto_ctx *ctx,
109 +static int ext4_fname_encrypt(struct inode *inode,
110 const struct qstr *iname,
111 struct ext4_str *oname)
112 {
113 u32 ciphertext_len;
114 struct ablkcipher_request *req = NULL;
115 DECLARE_EXT4_COMPLETION_RESULT(ecr);
116 - struct crypto_ablkcipher *tfm = ctx->ctfm;
117 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
118 + struct crypto_ablkcipher *tfm = ci->ci_ctfm;
119 int res = 0;
120 char iv[EXT4_CRYPTO_BLOCK_SIZE];
121 struct scatterlist src_sg, dst_sg;
122 - int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
123 + int padding = 4 << (ci->ci_flags & EXT4_POLICY_FLAGS_PAD_MASK);
124 char *workbuf, buf[32], *alloc_buf = NULL;
125 + unsigned lim = max_name_len(inode);
127 - if (iname->len <= 0 || iname->len > ctx->lim)
128 + if (iname->len <= 0 || iname->len > lim)
129 return -EIO;
131 ciphertext_len = (iname->len < EXT4_CRYPTO_BLOCK_SIZE) ?
132 EXT4_CRYPTO_BLOCK_SIZE : iname->len;
133 ciphertext_len = ext4_fname_crypto_round_up(ciphertext_len, padding);
134 - ciphertext_len = (ciphertext_len > ctx->lim)
135 - ? ctx->lim : ciphertext_len;
136 + ciphertext_len = (ciphertext_len > lim)
137 + ? lim : ciphertext_len;
139 if (ciphertext_len <= sizeof(buf)) {
140 workbuf = buf;
141 @@ -134,7 +142,7 @@ static int ext4_fname_encrypt(struct ext4_fname_crypto_ctx *ctx,
142 * Errors are returned as negative numbers.
143 * We trust the caller to allocate sufficient memory to oname string.
144 */
145 -static int ext4_fname_decrypt(struct ext4_fname_crypto_ctx *ctx,
146 +static int ext4_fname_decrypt(struct inode *inode,
147 const struct ext4_str *iname,
148 struct ext4_str *oname)
149 {
150 @@ -142,11 +150,13 @@ static int ext4_fname_decrypt(struct ext4_fname_crypto_ctx *ctx,
151 struct ablkcipher_request *req = NULL;
152 DECLARE_EXT4_COMPLETION_RESULT(ecr);
153 struct scatterlist src_sg, dst_sg;
154 - struct crypto_ablkcipher *tfm = ctx->ctfm;
155 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
156 + struct crypto_ablkcipher *tfm = ci->ci_ctfm;
157 int res = 0;
158 char iv[EXT4_CRYPTO_BLOCK_SIZE];
159 + unsigned lim = max_name_len(inode);
161 - if (iname->len <= 0 || iname->len > ctx->lim)
162 + if (iname->len <= 0 || iname->len > lim)
163 return -EIO;
165 tmp_in[0].name = iname->name;
166 @@ -242,171 +252,50 @@ static int digest_decode(const char *src, int len, char *dst)
167 return cp - dst;
168 }
170 -/**
171 - * ext4_free_fname_crypto_ctx() -
172 - *
173 - * Frees up a crypto context.
174 - */
175 -void ext4_free_fname_crypto_ctx(struct ext4_fname_crypto_ctx *ctx)
176 -{
177 - if (ctx == NULL || IS_ERR(ctx))
178 - return;
179 -
180 - if (ctx->ctfm && !IS_ERR(ctx->ctfm))
181 - crypto_free_ablkcipher(ctx->ctfm);
182 - if (ctx->htfm && !IS_ERR(ctx->htfm))
183 - crypto_free_hash(ctx->htfm);
184 - kfree(ctx);
185 -}
186 -
187 -/**
188 - * ext4_put_fname_crypto_ctx() -
189 - *
190 - * Return: The crypto context onto free list. If the free list is above a
191 - * threshold, completely frees up the context, and returns the memory.
192 - *
193 - * TODO: Currently we directly free the crypto context. Eventually we should
194 - * add code it to return to free list. Such an approach will increase
195 - * efficiency of directory lookup.
196 - */
197 -void ext4_put_fname_crypto_ctx(struct ext4_fname_crypto_ctx **ctx)
198 +int ext4_setup_fname_crypto(struct inode *inode)
199 {
200 - if (*ctx == NULL || IS_ERR(*ctx))
201 - return;
202 - ext4_free_fname_crypto_ctx(*ctx);
203 - *ctx = NULL;
204 -}
205 -
206 -/**
207 - * ext4_alloc_fname_crypto_ctx() -
208 - */
209 -struct ext4_fname_crypto_ctx *ext4_alloc_fname_crypto_ctx(
210 - const struct ext4_crypt_info *ci)
211 -{
212 - struct ext4_fname_crypto_ctx *ctx;
213 -
214 - ctx = kmalloc(sizeof(struct ext4_fname_crypto_ctx), GFP_NOFS);
215 - if (ctx == NULL)
216 - return ERR_PTR(-ENOMEM);
217 - if (ci->ci_mode == EXT4_ENCRYPTION_MODE_INVALID) {
218 - /* This will automatically set key mode to invalid
219 - * As enum for ENCRYPTION_MODE_INVALID is zero */
220 - memset(&ctx->ci, 0, sizeof(ctx->ci));
221 - } else {
222 - memcpy(&ctx->ci, ci, sizeof(struct ext4_crypt_info));
223 - }
224 - ctx->has_valid_key = (EXT4_ENCRYPTION_MODE_INVALID == ci->ci_mode)
225 - ? 0 : 1;
226 - ctx->ctfm_key_is_ready = 0;
227 - ctx->ctfm = NULL;
228 - ctx->htfm = NULL;
229 - return ctx;
230 -}
231 -
232 -/**
233 - * ext4_get_fname_crypto_ctx() -
234 - *
235 - * Allocates a free crypto context and initializes it to hold
236 - * the crypto material for the inode.
237 - *
238 - * Return: NULL if not encrypted. Error value on error. Valid pointer otherwise.
239 - */
240 -struct ext4_fname_crypto_ctx *ext4_get_fname_crypto_ctx(
241 - struct inode *inode, u32 max_ciphertext_len)
242 -{
243 - struct ext4_fname_crypto_ctx *ctx;
244 struct ext4_inode_info *ei = EXT4_I(inode);
245 + struct ext4_crypt_info *ci = ei->i_crypt_info;
246 + struct crypto_ablkcipher *ctfm;
247 int res;
249 /* Check if the crypto policy is set on the inode */
250 res = ext4_encrypted_inode(inode);
251 if (res == 0)
252 - return NULL;
253 -
254 - if (!ext4_has_encryption_key(inode))
255 - ext4_generate_encryption_key(inode);
256 -
257 - /* Get a crypto context based on the key. */
258 - ctx = ext4_alloc_fname_crypto_ctx(&(ei->i_crypt_info));
259 - if (IS_ERR(ctx))
260 - return ctx;
261 -
262 - ctx->flags = ei->i_crypt_policy_flags;
263 - if (ctx->has_valid_key) {
264 - if (ctx->ci.ci_mode != EXT4_ENCRYPTION_MODE_AES_256_CTS) {
265 - printk_once(KERN_WARNING
266 - "ext4: unsupported key mode %d\n",
267 - ctx->ci.ci_mode);
268 - return ERR_PTR(-ENOKEY);
269 - }
270 + return 0;
272 - /* As a first cut, we will allocate new tfm in every call.
273 - * later, we will keep the tfm around, in case the key gets
274 - * re-used */
275 - if (ctx->ctfm == NULL) {
276 - ctx->ctfm = crypto_alloc_ablkcipher("cts(cbc(aes))",
277 - 0, 0);
278 - }
279 - if (IS_ERR(ctx->ctfm)) {
280 - res = PTR_ERR(ctx->ctfm);
281 - printk(
282 - KERN_DEBUG "%s: error (%d) allocating crypto tfm\n",
283 - __func__, res);
284 - ctx->ctfm = NULL;
285 - ext4_put_fname_crypto_ctx(&ctx);
286 - return ERR_PTR(res);
287 - }
288 - if (ctx->ctfm == NULL) {
289 - printk(
290 - KERN_DEBUG "%s: could not allocate crypto tfm\n",
291 - __func__);
292 - ext4_put_fname_crypto_ctx(&ctx);
293 - return ERR_PTR(-ENOMEM);
294 - }
295 - ctx->lim = max_ciphertext_len;
296 - crypto_ablkcipher_clear_flags(ctx->ctfm, ~0);
297 - crypto_tfm_set_flags(crypto_ablkcipher_tfm(ctx->ctfm),
298 - CRYPTO_TFM_REQ_WEAK_KEY);
299 -
300 - /* If we are lucky, we will get a context that is already
301 - * set up with the right key. Else, we will have to
302 - * set the key */
303 - if (!ctx->ctfm_key_is_ready) {
304 - /* Since our crypto objectives for filename encryption
305 - * are pretty weak,
306 - * we directly use the inode master key */
307 - res = crypto_ablkcipher_setkey(ctx->ctfm,
308 - ctx->ci.ci_raw, ctx->ci.ci_size);
309 - if (res) {
310 - ext4_put_fname_crypto_ctx(&ctx);
311 - return ERR_PTR(-EIO);
312 - }
313 - ctx->ctfm_key_is_ready = 1;
314 - } else {
315 - /* In the current implementation, key should never be
316 - * marked "ready" for a context that has just been
317 - * allocated. So we should never reach here */
318 - BUG();
319 - }
320 - }
321 - if (ctx->htfm == NULL)
322 - ctx->htfm = crypto_alloc_hash("sha256", 0, CRYPTO_ALG_ASYNC);
323 - if (IS_ERR(ctx->htfm)) {
324 - res = PTR_ERR(ctx->htfm);
325 - printk(KERN_DEBUG "%s: error (%d) allocating hash tfm\n",
326 - __func__, res);
327 - ctx->htfm = NULL;
328 - ext4_put_fname_crypto_ctx(&ctx);
329 - return ERR_PTR(res);
330 + res = ext4_get_encryption_info(inode);
331 + if (res < 0)
332 + return res;
333 + ci = ei->i_crypt_info;
334 +
335 + if (!ci || ci->ci_ctfm)
336 + return 0;
337 +
338 + if (ci->ci_mode != EXT4_ENCRYPTION_MODE_AES_256_CTS) {
339 + printk_once(KERN_WARNING "ext4: unsupported key mode %d\n",
340 + ci->ci_mode);
341 + return -ENOKEY;
342 }
343 - if (ctx->htfm == NULL) {
344 - printk(KERN_DEBUG "%s: could not allocate hash tfm\n",
345 - __func__);
346 - ext4_put_fname_crypto_ctx(&ctx);
347 - return ERR_PTR(-ENOMEM);
348 +
349 + ctfm = crypto_alloc_ablkcipher("cts(cbc(aes))", 0, 0);
350 + if (!ctfm || IS_ERR(ctfm)) {
351 + res = ctfm ? PTR_ERR(ctfm) : -ENOMEM;
352 + printk(KERN_DEBUG "%s: error (%d) allocating crypto tfm\n",
353 + __func__, res);
354 + return res;
355 }
356 + crypto_ablkcipher_clear_flags(ctfm, ~0);
357 + crypto_tfm_set_flags(crypto_ablkcipher_tfm(ctfm),
358 + CRYPTO_TFM_REQ_WEAK_KEY);
360 - return ctx;
361 + res = crypto_ablkcipher_setkey(ctfm, ci->ci_raw, ci->ci_size);
362 + if (res) {
363 + crypto_free_ablkcipher(ctfm);
364 + return -EIO;
365 + }
366 + ci->ci_ctfm = ctfm;
367 + return 0;
368 }
370 /**
371 @@ -420,40 +309,20 @@ u32 ext4_fname_crypto_round_up(u32 size, u32 blksize)
372 }
374 /**
375 - * ext4_fname_crypto_namelen_on_disk() -
376 - */
377 -int ext4_fname_crypto_namelen_on_disk(struct ext4_fname_crypto_ctx *ctx,
378 - u32 namelen)
379 -{
380 - u32 ciphertext_len;
381 - int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
382 -
383 - if (ctx == NULL)
384 - return -EIO;
385 - if (!(ctx->has_valid_key))
386 - return -EACCES;
387 - ciphertext_len = (namelen < EXT4_CRYPTO_BLOCK_SIZE) ?
388 - EXT4_CRYPTO_BLOCK_SIZE : namelen;
389 - ciphertext_len = ext4_fname_crypto_round_up(ciphertext_len, padding);
390 - ciphertext_len = (ciphertext_len > ctx->lim)
391 - ? ctx->lim : ciphertext_len;
392 - return (int) ciphertext_len;
393 -}
394 -
395 -/**
396 * ext4_fname_crypto_alloc_obuff() -
397 *
398 * Allocates an output buffer that is sufficient for the crypto operation
399 * specified by the context and the direction.
400 */
401 -int ext4_fname_crypto_alloc_buffer(struct ext4_fname_crypto_ctx *ctx,
402 +int ext4_fname_crypto_alloc_buffer(struct inode *inode,
403 u32 ilen, struct ext4_str *crypto_str)
404 {
405 unsigned int olen;
406 - int padding = 4 << (ctx->flags & EXT4_POLICY_FLAGS_PAD_MASK);
407 + int padding = 16;
408 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
410 - if (!ctx)
411 - return -EIO;
412 + if (ci)
413 + padding = 4 << (ci->ci_flags & EXT4_POLICY_FLAGS_PAD_MASK);
414 if (padding < EXT4_CRYPTO_BLOCK_SIZE)
415 padding = EXT4_CRYPTO_BLOCK_SIZE;
416 olen = ext4_fname_crypto_round_up(ilen, padding);
417 @@ -484,7 +353,7 @@ void ext4_fname_crypto_free_buffer(struct ext4_str *crypto_str)
418 /**
419 * ext4_fname_disk_to_usr() - converts a filename from disk space to user space
420 */
421 -int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
422 +int _ext4_fname_disk_to_usr(struct inode *inode,
423 struct dx_hash_info *hinfo,
424 const struct ext4_str *iname,
425 struct ext4_str *oname)
426 @@ -492,8 +361,6 @@ int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
427 char buf[24];
428 int ret;
430 - if (ctx == NULL)
431 - return -EIO;
432 if (iname->len < 3) {
433 /*Check for . and .. */
434 if (iname->name[0] == '.' && iname->name[iname->len-1] == '.') {
435 @@ -503,8 +370,8 @@ int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
436 return oname->len;
437 }
438 }
439 - if (ctx->has_valid_key)
440 - return ext4_fname_decrypt(ctx, iname, oname);
441 + if (EXT4_I(inode)->i_crypt_info)
442 + return ext4_fname_decrypt(inode, iname, oname);
444 if (iname->len <= EXT4_FNAME_CRYPTO_DIGEST_SIZE) {
445 ret = digest_encode(iname->name, iname->len, oname->name);
446 @@ -523,7 +390,7 @@ int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
447 return ret + 1;
448 }
450 -int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
451 +int ext4_fname_disk_to_usr(struct inode *inode,
452 struct dx_hash_info *hinfo,
453 const struct ext4_dir_entry_2 *de,
454 struct ext4_str *oname)
455 @@ -531,21 +398,20 @@ int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
456 struct ext4_str iname = {.name = (unsigned char *) de->name,
457 .len = de->name_len };
459 - return _ext4_fname_disk_to_usr(ctx, hinfo, &iname, oname);
460 + return _ext4_fname_disk_to_usr(inode, hinfo, &iname, oname);
461 }
464 /**
465 * ext4_fname_usr_to_disk() - converts a filename from user space to disk space
466 */
467 -int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
468 +int ext4_fname_usr_to_disk(struct inode *inode,
469 const struct qstr *iname,
470 struct ext4_str *oname)
471 {
472 int res;
473 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
475 - if (ctx == NULL)
476 - return -EIO;
477 if (iname->len < 3) {
478 /*Check for . and .. */
479 if (iname->name[0] == '.' &&
480 @@ -556,8 +422,8 @@ int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
481 return oname->len;
482 }
483 }
484 - if (ctx->has_valid_key) {
485 - res = ext4_fname_encrypt(ctx, iname, oname);
486 + if (ci) {
487 + res = ext4_fname_encrypt(inode, iname, oname);
488 return res;
489 }
490 /* Without a proper key, a user is not allowed to modify the filenames
491 @@ -569,16 +435,13 @@ int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
492 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
493 int lookup, struct ext4_filename *fname)
494 {
495 - struct ext4_fname_crypto_ctx *ctx;
496 + struct ext4_crypt_info *ci;
497 int ret = 0, bigname = 0;
499 memset(fname, 0, sizeof(struct ext4_filename));
500 fname->usr_fname = iname;
502 - ctx = ext4_get_fname_crypto_ctx(dir, EXT4_NAME_LEN);
503 - if (IS_ERR(ctx))
504 - return PTR_ERR(ctx);
505 - if ((ctx == NULL) ||
506 + if (!ext4_encrypted_inode(dir) ||
507 ((iname->name[0] == '.') &&
508 ((iname->len == 1) ||
509 ((iname->name[1] == '.') && (iname->len == 2))))) {
510 @@ -586,12 +449,16 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
511 fname->disk_name.len = iname->len;
512 goto out;
513 }
514 - if (ctx->has_valid_key) {
515 - ret = ext4_fname_crypto_alloc_buffer(ctx, iname->len,
516 + ret = ext4_setup_fname_crypto(dir);
517 + if (ret)
518 + return ret;
519 + ci = EXT4_I(dir)->i_crypt_info;
520 + if (ci) {
521 + ret = ext4_fname_crypto_alloc_buffer(dir, iname->len,
522 &fname->crypto_buf);
523 if (ret < 0)
524 goto out;
525 - ret = ext4_fname_encrypt(ctx, iname, &fname->crypto_buf);
526 + ret = ext4_fname_encrypt(dir, iname, &fname->crypto_buf);
527 if (ret < 0)
528 goto out;
529 fname->disk_name.name = fname->crypto_buf.name;
530 @@ -634,7 +501,6 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
531 }
532 ret = 0;
533 out:
534 - ext4_put_fname_crypto_ctx(&ctx);
535 return ret;
536 }
538 diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
539 index ec6635d..0075e43 100644
540 --- a/fs/ext4/crypto_key.c
541 +++ b/fs/ext4/crypto_key.c
542 @@ -84,14 +84,26 @@ out:
543 return res;
544 }
546 -/**
547 - * ext4_generate_encryption_key() - generates an encryption key
548 - * @inode: The inode to generate the encryption key for.
549 - */
550 -int ext4_generate_encryption_key(struct inode *inode)
551 +void ext4_free_encryption_info(struct inode *inode)
552 +{
553 + struct ext4_inode_info *ei = EXT4_I(inode);
554 + struct ext4_crypt_info *ci = ei->i_crypt_info;
555 +
556 + if (!ci)
557 + return;
558 +
559 + if (ci->ci_keyring_key)
560 + key_put(ci->ci_keyring_key);
561 + crypto_free_ablkcipher(ci->ci_ctfm);
562 + memzero_explicit(&ci->ci_raw, sizeof(ci->ci_raw));
563 + kfree(ci);
564 + ei->i_crypt_info = NULL;
565 +}
566 +
567 +int _ext4_get_encryption_info(struct inode *inode)
568 {
569 struct ext4_inode_info *ei = EXT4_I(inode);
570 - struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
571 + struct ext4_crypt_info *crypt_info;
572 char full_key_descriptor[EXT4_KEY_DESC_PREFIX_SIZE +
573 (EXT4_KEY_DESCRIPTOR_SIZE * 2) + 1];
574 struct key *keyring_key = NULL;
575 @@ -99,18 +111,40 @@ int ext4_generate_encryption_key(struct inode *inode)
576 struct ext4_encryption_context ctx;
577 struct user_key_payload *ukp;
578 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
579 - int res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
580 - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
581 - &ctx, sizeof(ctx));
582 + int res;
584 - if (res != sizeof(ctx)) {
585 - if (res > 0)
586 - res = -EINVAL;
587 - goto out;
588 + if (ei->i_crypt_info) {
589 + if (!ei->i_crypt_info->ci_keyring_key ||
590 + key_validate(ei->i_crypt_info->ci_keyring_key) == 0)
591 + return 0;
592 + ext4_free_encryption_info(inode);
593 }
594 +
595 + res = ext4_xattr_get(inode, EXT4_XATTR_INDEX_ENCRYPTION,
596 + EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
597 + &ctx, sizeof(ctx));
598 + if (res < 0) {
599 + if (!DUMMY_ENCRYPTION_ENABLED(sbi))
600 + return res;
601 + ctx.contents_encryption_mode = EXT4_ENCRYPTION_MODE_AES_256_XTS;
602 + ctx.filenames_encryption_mode =
603 + EXT4_ENCRYPTION_MODE_AES_256_CTS;
604 + ctx.flags = 0;
605 + } else if (res != sizeof(ctx))
606 + return -EINVAL;
607 res = 0;
609 + crypt_info = kmalloc(sizeof(struct ext4_crypt_info), GFP_KERNEL);
610 + if (!crypt_info)
611 + return -ENOMEM;
612 +
613 ei->i_crypt_policy_flags = ctx.flags;
614 + crypt_info->ci_flags = ctx.flags;
615 + crypt_info->ci_data_mode = ctx.contents_encryption_mode;
616 + crypt_info->ci_filename_mode = ctx.filenames_encryption_mode;
617 + crypt_info->ci_ctfm = NULL;
618 + memcpy(crypt_info->ci_master_key, ctx.master_key_descriptor,
619 + sizeof(crypt_info->ci_master_key));
620 if (S_ISREG(inode->i_mode))
621 crypt_info->ci_mode = ctx.contents_encryption_mode;
622 else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode))
623 @@ -151,17 +185,23 @@ int ext4_generate_encryption_key(struct inode *inode)
624 res = ext4_derive_key_aes(ctx.nonce, master_key->raw,
625 crypt_info->ci_raw);
626 out:
627 + if (res < 0) {
628 + if (res == -ENOKEY)
629 + res = 0;
630 + kfree(crypt_info);
631 + } else {
632 + ei->i_crypt_info = crypt_info;
633 + crypt_info->ci_keyring_key = keyring_key;
634 + keyring_key = NULL;
635 + }
636 if (keyring_key)
637 key_put(keyring_key);
638 - if (res < 0)
639 - crypt_info->ci_mode = EXT4_ENCRYPTION_MODE_INVALID;
640 return res;
641 }
643 int ext4_has_encryption_key(struct inode *inode)
644 {
645 struct ext4_inode_info *ei = EXT4_I(inode);
646 - struct ext4_crypt_info *crypt_info = &ei->i_crypt_info;
648 - return (crypt_info->ci_mode != EXT4_ENCRYPTION_MODE_INVALID);
649 + return (ei->i_crypt_info != NULL);
650 }
651 diff --git a/fs/ext4/crypto_policy.c b/fs/ext4/crypto_policy.c
652 index a6d6291..370d3aa 100644
653 --- a/fs/ext4/crypto_policy.c
654 +++ b/fs/ext4/crypto_policy.c
655 @@ -126,7 +126,7 @@ int ext4_get_policy(struct inode *inode, struct ext4_encryption_policy *policy)
656 int ext4_is_child_context_consistent_with_parent(struct inode *parent,
657 struct inode *child)
658 {
659 - struct ext4_encryption_context parent_ctx, child_ctx;
660 + struct ext4_crypt_info *parent_ci, *child_ci;
661 int res;
663 if ((parent == NULL) || (child == NULL)) {
664 @@ -136,26 +136,28 @@ int ext4_is_child_context_consistent_with_parent(struct inode *parent,
665 /* no restrictions if the parent directory is not encrypted */
666 if (!ext4_encrypted_inode(parent))
667 return 1;
668 - res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
669 - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
670 - &parent_ctx, sizeof(parent_ctx));
671 - if (res != sizeof(parent_ctx))
672 - return 0;
673 /* if the child directory is not encrypted, this is always a problem */
674 if (!ext4_encrypted_inode(child))
675 return 0;
676 - res = ext4_xattr_get(child, EXT4_XATTR_INDEX_ENCRYPTION,
677 - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
678 - &child_ctx, sizeof(child_ctx));
679 - if (res != sizeof(child_ctx))
680 + res = ext4_get_encryption_info(parent);
681 + if (res)
682 + return 0;
683 + res = ext4_get_encryption_info(child);
684 + if (res)
685 + return 0;
686 + parent_ci = EXT4_I(parent)->i_crypt_info;
687 + child_ci = EXT4_I(child)->i_crypt_info;
688 + if (!parent_ci && !child_ci)
689 + return 1;
690 + if (!parent_ci || !child_ci)
691 return 0;
692 - return (memcmp(parent_ctx.master_key_descriptor,
693 - child_ctx.master_key_descriptor,
694 +
695 + return (memcmp(parent_ci->ci_master_key,
696 + child_ci->ci_master_key,
697 EXT4_KEY_DESCRIPTOR_SIZE) == 0 &&
698 - (parent_ctx.contents_encryption_mode ==
699 - child_ctx.contents_encryption_mode) &&
700 - (parent_ctx.filenames_encryption_mode ==
701 - child_ctx.filenames_encryption_mode));
702 + (parent_ci->ci_data_mode == child_ci->ci_data_mode) &&
703 + (parent_ci->ci_filename_mode == child_ci->ci_filename_mode) &&
704 + (parent_ci->ci_flags == child_ci->ci_flags));
705 }
707 /**
708 @@ -168,31 +170,37 @@ int ext4_is_child_context_consistent_with_parent(struct inode *parent,
709 int ext4_inherit_context(struct inode *parent, struct inode *child)
710 {
711 struct ext4_encryption_context ctx;
712 - int res = ext4_xattr_get(parent, EXT4_XATTR_INDEX_ENCRYPTION,
713 - EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
714 - &ctx, sizeof(ctx));
715 + struct ext4_crypt_info *ci;
716 + int res;
717 +
718 + res = ext4_get_encryption_info(parent);
719 + if (res < 0)
720 + return res;
721 + ci = EXT4_I(parent)->i_crypt_info;
722 + BUG_ON(ci == NULL);
724 - if (res != sizeof(ctx)) {
725 - if (DUMMY_ENCRYPTION_ENABLED(EXT4_SB(parent->i_sb))) {
726 - ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
727 - ctx.contents_encryption_mode =
728 - EXT4_ENCRYPTION_MODE_AES_256_XTS;
729 - ctx.filenames_encryption_mode =
730 - EXT4_ENCRYPTION_MODE_AES_256_CTS;
731 - ctx.flags = 0;
732 - memset(ctx.master_key_descriptor, 0x42,
733 - EXT4_KEY_DESCRIPTOR_SIZE);
734 - res = 0;
735 - } else {
736 - goto out;
737 - }
738 + ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
739 + if (DUMMY_ENCRYPTION_ENABLED(EXT4_SB(parent->i_sb))) {
740 + ctx.contents_encryption_mode = EXT4_ENCRYPTION_MODE_AES_256_XTS;
741 + ctx.filenames_encryption_mode =
742 + EXT4_ENCRYPTION_MODE_AES_256_CTS;
743 + ctx.flags = 0;
744 + memset(ctx.master_key_descriptor, 0x42,
745 + EXT4_KEY_DESCRIPTOR_SIZE);
746 + res = 0;
747 + } else {
748 + ctx.contents_encryption_mode = ci->ci_data_mode;
749 + ctx.filenames_encryption_mode = ci->ci_filename_mode;
750 + ctx.flags = ci->ci_flags;
751 + memcpy(ctx.master_key_descriptor, ci->ci_master_key,
752 + EXT4_KEY_DESCRIPTOR_SIZE);
753 }
754 get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
755 res = ext4_xattr_set(child, EXT4_XATTR_INDEX_ENCRYPTION,
756 EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
757 sizeof(ctx), 0);
758 -out:
759 if (!res)
760 ext4_set_inode_flag(child, EXT4_INODE_ENCRYPT);
761 return res;
762 +
763 }
764 diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c
765 index d799d5d..28cb94f 100644
766 --- a/fs/ext4/dir.c
767 +++ b/fs/ext4/dir.c
768 @@ -110,7 +110,6 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
769 struct super_block *sb = inode->i_sb;
770 struct buffer_head *bh = NULL;
771 int dir_has_error = 0;
772 - struct ext4_fname_crypto_ctx *enc_ctx = NULL;
773 struct ext4_str fname_crypto_str = {.name = NULL, .len = 0};
775 if (is_dx_dir(inode)) {
776 @@ -134,16 +133,14 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
777 return err;
778 }
780 - enc_ctx = ext4_get_fname_crypto_ctx(inode, EXT4_NAME_LEN);
781 - if (IS_ERR(enc_ctx))
782 - return PTR_ERR(enc_ctx);
783 - if (enc_ctx) {
784 - err = ext4_fname_crypto_alloc_buffer(enc_ctx, EXT4_NAME_LEN,
785 + err = ext4_setup_fname_crypto(inode);
786 + if (err)
787 + return err;
788 + if (ext4_encrypted_inode(inode)) {
789 + err = ext4_fname_crypto_alloc_buffer(inode, EXT4_NAME_LEN,
790 &fname_crypto_str);
791 - if (err < 0) {
792 - ext4_put_fname_crypto_ctx(&enc_ctx);
793 + if (err < 0)
794 return err;
795 - }
796 }
798 offset = ctx->pos & (sb->s_blocksize - 1);
799 @@ -239,8 +236,7 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
800 offset += ext4_rec_len_from_disk(de->rec_len,
801 sb->s_blocksize);
802 if (le32_to_cpu(de->inode)) {
803 - if (enc_ctx == NULL) {
804 - /* Directory is not encrypted */
805 + if (!ext4_encrypted_inode(inode)) {
806 if (!dir_emit(ctx, de->name,
807 de->name_len,
808 le32_to_cpu(de->inode),
809 @@ -250,7 +246,7 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx)
810 int save_len = fname_crypto_str.len;
812 /* Directory is encrypted */
813 - err = ext4_fname_disk_to_usr(enc_ctx,
814 + err = ext4_fname_disk_to_usr(inode,
815 NULL, de, &fname_crypto_str);
816 fname_crypto_str.len = save_len;
817 if (err < 0)
818 @@ -275,7 +271,6 @@ done:
819 err = 0;
820 errout:
821 #ifdef CONFIG_EXT4_FS_ENCRYPTION
822 - ext4_put_fname_crypto_ctx(&enc_ctx);
823 ext4_fname_crypto_free_buffer(&fname_crypto_str);
824 #endif
825 brelse(bh);
826 diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
827 index e3671c2..1db3bfa 100644
828 --- a/fs/ext4/ext4.h
829 +++ b/fs/ext4/ext4.h
830 @@ -955,7 +955,7 @@ struct ext4_inode_info {
832 #ifdef CONFIG_EXT4_FS_ENCRYPTION
833 /* Encryption params */
834 - struct ext4_crypt_info i_crypt_info;
835 + struct ext4_crypt_info *i_crypt_info;
836 #endif
837 };
839 @@ -2096,37 +2096,30 @@ static inline int ext4_sb_has_crypto(struct super_block *sb)
840 /* crypto_fname.c */
841 bool ext4_valid_filenames_enc_mode(uint32_t mode);
842 u32 ext4_fname_crypto_round_up(u32 size, u32 blksize);
843 -int ext4_fname_crypto_alloc_buffer(struct ext4_fname_crypto_ctx *ctx,
844 +int ext4_fname_crypto_alloc_buffer(struct inode *inode,
845 u32 ilen, struct ext4_str *crypto_str);
846 -int _ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
847 +int _ext4_fname_disk_to_usr(struct inode *inode,
848 struct dx_hash_info *hinfo,
849 const struct ext4_str *iname,
850 struct ext4_str *oname);
851 -int ext4_fname_disk_to_usr(struct ext4_fname_crypto_ctx *ctx,
852 +int ext4_fname_disk_to_usr(struct inode *inode,
853 struct dx_hash_info *hinfo,
854 const struct ext4_dir_entry_2 *de,
855 struct ext4_str *oname);
856 -int ext4_fname_usr_to_disk(struct ext4_fname_crypto_ctx *ctx,
857 +int ext4_fname_usr_to_disk(struct inode *inode,
858 const struct qstr *iname,
859 struct ext4_str *oname);
860 -int ext4_fname_crypto_namelen_on_disk(struct ext4_fname_crypto_ctx *ctx,
861 - u32 namelen);
862 #ifdef CONFIG_EXT4_FS_ENCRYPTION
863 -void ext4_put_fname_crypto_ctx(struct ext4_fname_crypto_ctx **ctx);
864 -struct ext4_fname_crypto_ctx *ext4_get_fname_crypto_ctx(struct inode *inode,
865 - u32 max_len);
866 +int ext4_setup_fname_crypto(struct inode *inode);
867 void ext4_fname_crypto_free_buffer(struct ext4_str *crypto_str);
868 int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
869 int lookup, struct ext4_filename *fname);
870 void ext4_fname_free_filename(struct ext4_filename *fname);
871 #else
872 static inline
873 -void ext4_put_fname_crypto_ctx(struct ext4_fname_crypto_ctx **ctx) { }
874 -static inline
875 -struct ext4_fname_crypto_ctx *ext4_get_fname_crypto_ctx(struct inode *inode,
876 - u32 max_len)
877 +int ext4_setup_fname_crypto(struct inode *inode)
878 {
879 - return NULL;
880 + return 0;
881 }
882 static inline void ext4_fname_crypto_free_buffer(struct ext4_str *p) { }
883 static inline int ext4_fname_setup_filename(struct inode *dir,
884 @@ -2143,15 +2136,34 @@ static inline void ext4_fname_free_filename(struct ext4_filename *fname) { }
887 /* crypto_key.c */
888 -int ext4_generate_encryption_key(struct inode *inode);
889 +void ext4_free_encryption_info(struct inode *inode);
890 +int _ext4_get_encryption_info(struct inode *inode);
892 #ifdef CONFIG_EXT4_FS_ENCRYPTION
893 int ext4_has_encryption_key(struct inode *inode);
894 +
895 +static inline int ext4_get_encryption_info(struct inode *inode)
896 +{
897 + struct ext4_crypt_info *ci = EXT4_I(inode)->i_crypt_info;
898 +
899 + if (!ci ||
900 + (ci->ci_keyring_key &&
901 + (ci->ci_keyring_key->flags & ((1 << KEY_FLAG_INVALIDATED) |
902 + (1 << KEY_FLAG_REVOKED) |
903 + (1 << KEY_FLAG_DEAD)))))
904 + return _ext4_get_encryption_info(inode);
905 + return 0;
906 +}
907 +
908 #else
909 static inline int ext4_has_encryption_key(struct inode *inode)
910 {
911 return 0;
912 }
913 +static inline int ext4_get_encryption_info(struct inode *inode)
914 +{
915 + return 0;
916 +}
917 #endif
920 diff --git a/fs/ext4/ext4_crypto.h b/fs/ext4/ext4_crypto.h
921 index deecbe8..d29687c 100644
922 --- a/fs/ext4/ext4_crypto.h
923 +++ b/fs/ext4/ext4_crypto.h
924 @@ -76,7 +76,13 @@ struct ext4_encryption_key {
925 struct ext4_crypt_info {
926 unsigned char ci_mode;
927 unsigned char ci_size;
928 + char ci_data_mode;
929 + char ci_filename_mode;
930 + char ci_flags;
931 + struct crypto_ablkcipher *ci_ctfm;
932 + struct key *ci_keyring_key;
933 char ci_raw[EXT4_MAX_KEY_SIZE];
934 + char ci_master_key[EXT4_KEY_DESCRIPTOR_SIZE];
935 };
937 #define EXT4_CTX_REQUIRES_FREE_ENCRYPT_FL 0x00000001
938 @@ -128,16 +134,6 @@ struct ext4_str {
939 u32 len;
940 };
942 -struct ext4_fname_crypto_ctx {
943 - u32 lim;
944 - struct crypto_ablkcipher *ctfm;
945 - struct crypto_hash *htfm;
946 - struct ext4_crypt_info ci;
947 - unsigned flags : 8;
948 - unsigned has_valid_key : 1;
949 - unsigned ctfm_key_is_ready : 1;
950 -};
951 -
952 /**
953 * For encrypted symlinks, the ciphertext length is stored at the beginning
954 * of the string in little-endian format.
955 diff --git a/fs/ext4/file.c b/fs/ext4/file.c
956 index 0613c25..875ca6b 100644
957 --- a/fs/ext4/file.c
958 +++ b/fs/ext4/file.c
959 @@ -223,7 +223,7 @@ static int ext4_file_mmap(struct file *file, struct vm_area_struct *vma)
960 struct inode *inode = file->f_mapping->host;
962 if (ext4_encrypted_inode(inode)) {
963 - int err = ext4_generate_encryption_key(inode);
964 + int err = ext4_get_encryption_info(inode);
965 if (err)
966 return 0;
967 }
968 @@ -289,7 +289,7 @@ static int ext4_file_open(struct inode * inode, struct file * filp)
969 }
970 ret = dquot_file_open(inode, filp);
971 if (!ret && ext4_encrypted_inode(inode)) {
972 - ret = ext4_generate_encryption_key(inode);
973 + ret = ext4_get_encryption_info(inode);
974 if (ret)
975 ret = -EACCES;
976 }
977 diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
978 index b340643..9bed99f 100644
979 --- a/fs/ext4/namei.c
980 +++ b/fs/ext4/namei.c
981 @@ -607,17 +607,14 @@ static struct stats dx_show_leaf(struct inode *dir,
982 char *name;
983 struct ext4_str fname_crypto_str
984 = {.name = NULL, .len = 0};
985 - struct ext4_fname_crypto_ctx *ctx = NULL;
986 int res;
988 name = de->name;
989 len = de->name_len;
990 - ctx = ext4_get_fname_crypto_ctx(dir,
991 - EXT4_NAME_LEN);
992 - if (IS_ERR(ctx)) {
993 - printk(KERN_WARNING "Error acquiring"
994 - " crypto ctxt--skipping crypto\n");
995 - ctx = NULL;
996 + res = ext4_setup_fname_crypto(dir);
997 + if (res) {
998 + printk(KERN_WARNING "Error setting up"
999 + " fname crypto: %d\n", res);
1000 }
1001 if (ctx == NULL) {
1002 /* Directory is not encrypted */
1003 @@ -637,7 +634,6 @@ static struct stats dx_show_leaf(struct inode *dir,
1004 "allocating crypto "
1005 "buffer--skipping "
1006 "crypto\n");
1007 - ext4_put_fname_crypto_ctx(&ctx);
1008 ctx = NULL;
1009 }
1010 res = ext4_fname_disk_to_usr(ctx, NULL, de,
1011 @@ -658,7 +654,6 @@ static struct stats dx_show_leaf(struct inode *dir,
1012 printk("%*.s:(E)%x.%u ", len, name,
1013 h.hash, (unsigned) ((char *) de
1014 - base));
1015 - ext4_put_fname_crypto_ctx(&ctx);
1016 ext4_fname_crypto_free_buffer(
1017 &fname_crypto_str);
1018 }
1019 @@ -944,7 +939,6 @@ static int htree_dirblock_to_tree(struct file *dir_file,
1020 struct buffer_head *bh;
1021 struct ext4_dir_entry_2 *de, *top;
1022 int err = 0, count = 0;
1023 - struct ext4_fname_crypto_ctx *ctx = NULL;
1024 struct ext4_str fname_crypto_str = {.name = NULL, .len = 0}, tmp_str;
1026 dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n",
1027 @@ -959,17 +953,15 @@ static int htree_dirblock_to_tree(struct file *dir_file,
1028 EXT4_DIR_REC_LEN(0));
1029 #ifdef CONFIG_EXT4_FS_ENCRYPTION
1030 /* Check if the directory is encrypted */
1031 - ctx = ext4_get_fname_crypto_ctx(dir, EXT4_NAME_LEN);
1032 - if (IS_ERR(ctx)) {
1033 - err = PTR_ERR(ctx);
1034 + err = ext4_setup_fname_crypto(dir);
1035 + if (err) {
1036 brelse(bh);
1037 return err;
1038 }
1039 - if (ctx != NULL) {
1040 - err = ext4_fname_crypto_alloc_buffer(ctx, EXT4_NAME_LEN,
1041 + if (ext4_encrypted_inode(dir)) {
1042 + err = ext4_fname_crypto_alloc_buffer(dir, EXT4_NAME_LEN,
1043 &fname_crypto_str);
1044 if (err < 0) {
1045 - ext4_put_fname_crypto_ctx(&ctx);
1046 brelse(bh);
1047 return err;
1048 }
1049 @@ -990,8 +982,7 @@ static int htree_dirblock_to_tree(struct file *dir_file,
1050 continue;
1051 if (de->inode == 0)
1052 continue;
1053 - if (ctx == NULL) {
1054 - /* Directory is not encrypted */
1055 + if (!ext4_encrypted_inode(dir)) {
1056 tmp_str.name = de->name;
1057 tmp_str.len = de->name_len;
1058 err = ext4_htree_store_dirent(dir_file,
1059 @@ -1001,7 +992,7 @@ static int htree_dirblock_to_tree(struct file *dir_file,
1060 int save_len = fname_crypto_str.len;
1062 /* Directory is encrypted */
1063 - err = ext4_fname_disk_to_usr(ctx, hinfo, de,
1064 + err = ext4_fname_disk_to_usr(dir, hinfo, de,
1065 &fname_crypto_str);
1066 if (err < 0) {
1067 count = err;
1068 @@ -1021,7 +1012,6 @@ static int htree_dirblock_to_tree(struct file *dir_file,
1069 errout:
1070 brelse(bh);
1071 #ifdef CONFIG_EXT4_FS_ENCRYPTION
1072 - ext4_put_fname_crypto_ctx(&ctx);
1073 ext4_fname_crypto_free_buffer(&fname_crypto_str);
1074 #endif
1075 return count;
1076 @@ -3107,7 +3097,6 @@ static int ext4_symlink(struct inode *dir,
1077 }
1079 if (encryption_required) {
1080 - struct ext4_fname_crypto_ctx *ctx = NULL;
1081 struct qstr istr;
1082 struct ext4_str ostr;
1084 @@ -3119,19 +3108,14 @@ static int ext4_symlink(struct inode *dir,
1085 err = ext4_inherit_context(dir, inode);
1086 if (err)
1087 goto err_drop_inode;
1088 - ctx = ext4_get_fname_crypto_ctx(inode,
1089 - inode->i_sb->s_blocksize);
1090 - if (IS_ERR_OR_NULL(ctx)) {
1091 - /* We just set the policy, so ctx should not be NULL */
1092 - err = (ctx == NULL) ? -EIO : PTR_ERR(ctx);
1093 + err = ext4_setup_fname_crypto(inode);
1094 + if (err)
1095 goto err_drop_inode;
1096 - }
1097 istr.name = (const unsigned char *) symname;
1098 istr.len = len;
1099 ostr.name = sd->encrypted_path;
1100 ostr.len = disk_link.len;
1101 - err = ext4_fname_usr_to_disk(ctx, &istr, &ostr);
1102 - ext4_put_fname_crypto_ctx(&ctx);
1103 + err = ext4_fname_usr_to_disk(inode, &istr, &ostr);
1104 if (err < 0)
1105 goto err_drop_inode;
1106 sd->len = cpu_to_le16(ostr.len);
1107 diff --git a/fs/ext4/super.c b/fs/ext4/super.c
1108 index a9ebe3d..ef19bda 100644
1109 --- a/fs/ext4/super.c
1110 +++ b/fs/ext4/super.c
1111 @@ -877,9 +877,8 @@ static struct inode *ext4_alloc_inode(struct super_block *sb)
1112 atomic_set(&ei->i_unwritten, 0);
1113 INIT_WORK(&ei->i_rsv_conversion_work, ext4_end_io_rsv_work);
1114 #ifdef CONFIG_EXT4_FS_ENCRYPTION
1115 - ei->i_crypt_info.ci_mode = EXT4_ENCRYPTION_MODE_INVALID;
1116 + ei->i_crypt_info = NULL;
1117 #endif
1118 -
1119 return &ei->vfs_inode;
1120 }
1122 @@ -956,6 +955,10 @@ void ext4_clear_inode(struct inode *inode)
1123 jbd2_free_inode(EXT4_I(inode)->jinode);
1124 EXT4_I(inode)->jinode = NULL;
1125 }
1126 +#ifdef CONFIG_EXT4_FS_ENCRYPTION
1127 + if (EXT4_I(inode)->i_crypt_info)
1128 + ext4_free_encryption_info(inode);
1129 +#endif
1130 }
1132 static struct inode *ext4_nfs_get_inode(struct super_block *sb,
1133 diff --git a/fs/ext4/symlink.c b/fs/ext4/symlink.c
1134 index ca65d45..3287088 100644
1135 --- a/fs/ext4/symlink.c
1136 +++ b/fs/ext4/symlink.c
1137 @@ -29,7 +29,6 @@ static void *ext4_follow_link(struct dentry *dentry, struct nameidata *nd)
1138 char *caddr, *paddr = NULL;
1139 struct ext4_str cstr, pstr;
1140 struct inode *inode = d_inode(dentry);
1141 - struct ext4_fname_crypto_ctx *ctx = NULL;
1142 struct ext4_encrypted_symlink_data *sd;
1143 loff_t size = min_t(loff_t, i_size_read(inode), PAGE_SIZE - 1);
1144 int res;
1145 @@ -38,19 +37,17 @@ static void *ext4_follow_link(struct dentry *dentry, struct nameidata *nd)
1146 if (!ext4_encrypted_inode(inode))
1147 return page_follow_link_light(dentry, nd);
1149 - ctx = ext4_get_fname_crypto_ctx(inode, inode->i_sb->s_blocksize);
1150 - if (IS_ERR(ctx))
1151 - return ctx;
1152 + res = ext4_setup_fname_crypto(inode);
1153 + if (res)
1154 + return ERR_PTR(res);
1156 if (ext4_inode_is_fast_symlink(inode)) {
1157 caddr = (char *) EXT4_I(inode)->i_data;
1158 max_size = sizeof(EXT4_I(inode)->i_data);
1159 } else {
1160 cpage = read_mapping_page(inode->i_mapping, 0, NULL);
1161 - if (IS_ERR(cpage)) {
1162 - ext4_put_fname_crypto_ctx(&ctx);
1163 + if (IS_ERR(cpage))
1164 return cpage;
1165 - }
1166 caddr = kmap(cpage);
1167 caddr[size] = 0;
1168 }
1169 @@ -75,21 +72,19 @@ static void *ext4_follow_link(struct dentry *dentry, struct nameidata *nd)
1170 }
1171 pstr.name = paddr;
1172 pstr.len = plen;
1173 - res = _ext4_fname_disk_to_usr(ctx, NULL, &cstr, &pstr);
1174 + res = _ext4_fname_disk_to_usr(inode, NULL, &cstr, &pstr);
1175 if (res < 0)
1176 goto errout;
1177 /* Null-terminate the name */
1178 if (res <= plen)
1179 paddr[res] = '\0';
1180 nd_set_link(nd, paddr);
1181 - ext4_put_fname_crypto_ctx(&ctx);
1182 if (cpage) {
1183 kunmap(cpage);
1184 page_cache_release(cpage);
1185 }
1186 return NULL;
1187 errout:
1188 - ext4_put_fname_crypto_ctx(&ctx);
1189 if (cpage) {
1190 kunmap(cpage);
1191 page_cache_release(cpage);