* [PATCH] fscrypt: Move key structure and constants to uapi
@ 2017-04-04 22:39 ` Joe Richey
0 siblings, 0 replies; 3+ messages in thread
From: Joe Richey @ 2017-04-04 22:39 UTC (permalink / raw)
To: linux-fsdevel
Cc: linux-fscrypt, linux-api, Jaegeuk Kim, Theodore Ts'o,
Michael Halcrow, Joe Richey
From: Joe Richey <joerichey@google.com>
This commit exposes the necessary constants and structures for a
userspace program to pass filesystem encryption keys into the keyring.
The fscrypt_key structure was already part of the kernel ABI, this
change just makes it so programs no longer have to redeclare these
structures (like e4crypt in e2fsprogs currently does).
Note that we do not expose the other FS_*_KEY_SIZE constants as they are
not necessary. Only XTS is supported for contents_encryption_mode, so
currently FS_MAX_KEY_SIZE bytes of key material must always be passed to
the kernel.
This commit also removes __packed from fscrypt_key as it does not
contain any implicit padding and does not refer to an on-disk structure.
Change-Id: Iafc7d0f2127a5521a4566e59f2ed1ffc1526a62b
Signed-off-by: Joe Richey <joerichey@google.com>
---
fs/crypto/fscrypt_private.h | 11 -----------
include/uapi/linux/fs.h | 13 +++++++++++++
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index e39696e64494..e08ca6d1ca0f 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -22,10 +22,6 @@
#define FS_AES_256_CBC_KEY_SIZE 32
#define FS_AES_256_CTS_KEY_SIZE 32
#define FS_AES_256_XTS_KEY_SIZE 64
-#define FS_MAX_KEY_SIZE 64
-
-#define FS_KEY_DESC_PREFIX "fscrypt:"
-#define FS_KEY_DESC_PREFIX_SIZE 8
#define FS_KEY_DERIVATION_NONCE_SIZE 16
@@ -51,13 +47,6 @@ struct fscrypt_context {
#define FS_ENCRYPTION_CONTEXT_FORMAT_V1 1
-/* This is passed in from userspace into the kernel keyring */
-struct fscrypt_key {
- u32 mode;
- u8 raw[FS_MAX_KEY_SIZE];
- u32 size;
-} __packed;
-
/*
* A pointer to this structure is stored in the file system's in-core
* representation of an inode.
diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
index 048a85e9f017..9691fda01245 100644
--- a/include/uapi/linux/fs.h
+++ b/include/uapi/linux/fs.h
@@ -285,6 +285,19 @@ struct fscrypt_policy {
#define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy)
+/* Parameters for passing an encryption key into the kernel keyring */
+#define FS_KEY_DESC_PREFIX "fscrypt:"
+#define FS_KEY_DESC_PREFIX_SIZE 8
+
+/* Structure that userspace passes to the kernel keyring */
+#define FS_MAX_KEY_SIZE 64
+
+struct fscrypt_key {
+ __u32 mode;
+ __u8 raw[FS_MAX_KEY_SIZE];
+ __u32 size;
+};
+
/*
* Inode flags (FS_IOC_GETFLAGS / FS_IOC_SETFLAGS)
*
--
2.12.2.715.g7642488e1d-goog
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH] fscrypt: Move key structure and constants to uapi
@ 2017-04-04 22:39 ` Joe Richey
0 siblings, 0 replies; 3+ messages in thread
From: Joe Richey @ 2017-04-04 22:39 UTC (permalink / raw)
To: linux-fsdevel-u79uwXL29TY76Z2rM5mHXA
Cc: linux-fscrypt-u79uwXL29TY76Z2rM5mHXA,
linux-api-u79uwXL29TY76Z2rM5mHXA, Jaegeuk Kim, Theodore Ts'o,
Michael Halcrow, Joe Richey
From: Joe Richey <joerichey-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
This commit exposes the necessary constants and structures for a
userspace program to pass filesystem encryption keys into the keyring.
The fscrypt_key structure was already part of the kernel ABI, this
change just makes it so programs no longer have to redeclare these
structures (like e4crypt in e2fsprogs currently does).
Note that we do not expose the other FS_*_KEY_SIZE constants as they are
not necessary. Only XTS is supported for contents_encryption_mode, so
currently FS_MAX_KEY_SIZE bytes of key material must always be passed to
the kernel.
This commit also removes __packed from fscrypt_key as it does not
contain any implicit padding and does not refer to an on-disk structure.
Change-Id: Iafc7d0f2127a5521a4566e59f2ed1ffc1526a62b
Signed-off-by: Joe Richey <joerichey-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
---
fs/crypto/fscrypt_private.h | 11 -----------
include/uapi/linux/fs.h | 13 +++++++++++++
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index e39696e64494..e08ca6d1ca0f 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -22,10 +22,6 @@
#define FS_AES_256_CBC_KEY_SIZE 32
#define FS_AES_256_CTS_KEY_SIZE 32
#define FS_AES_256_XTS_KEY_SIZE 64
-#define FS_MAX_KEY_SIZE 64
-
-#define FS_KEY_DESC_PREFIX "fscrypt:"
-#define FS_KEY_DESC_PREFIX_SIZE 8
#define FS_KEY_DERIVATION_NONCE_SIZE 16
@@ -51,13 +47,6 @@ struct fscrypt_context {
#define FS_ENCRYPTION_CONTEXT_FORMAT_V1 1
-/* This is passed in from userspace into the kernel keyring */
-struct fscrypt_key {
- u32 mode;
- u8 raw[FS_MAX_KEY_SIZE];
- u32 size;
-} __packed;
-
/*
* A pointer to this structure is stored in the file system's in-core
* representation of an inode.
diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
index 048a85e9f017..9691fda01245 100644
--- a/include/uapi/linux/fs.h
+++ b/include/uapi/linux/fs.h
@@ -285,6 +285,19 @@ struct fscrypt_policy {
#define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy)
+/* Parameters for passing an encryption key into the kernel keyring */
+#define FS_KEY_DESC_PREFIX "fscrypt:"
+#define FS_KEY_DESC_PREFIX_SIZE 8
+
+/* Structure that userspace passes to the kernel keyring */
+#define FS_MAX_KEY_SIZE 64
+
+struct fscrypt_key {
+ __u32 mode;
+ __u8 raw[FS_MAX_KEY_SIZE];
+ __u32 size;
+};
+
/*
* Inode flags (FS_IOC_GETFLAGS / FS_IOC_SETFLAGS)
*
--
2.12.2.715.g7642488e1d-goog
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] fscrypt: Move key structure and constants to uapi
2017-04-04 22:39 ` Joe Richey
(?)
@ 2017-04-06 19:21 ` Richard Weinberger
-1 siblings, 0 replies; 3+ messages in thread
From: Richard Weinberger @ 2017-04-06 19:21 UTC (permalink / raw)
To: Joe Richey
Cc: linux-fsdevel, linux-fscrypt, open list:ABI/API, Jaegeuk Kim,
Theodore Ts'o, Michael Halcrow, Joe Richey
On Wed, Apr 5, 2017 at 12:39 AM, Joe Richey <joerichey94@gmail.com> wrote:
> From: Joe Richey <joerichey@google.com>
>
> This commit exposes the necessary constants and structures for a
> userspace program to pass filesystem encryption keys into the keyring.
> The fscrypt_key structure was already part of the kernel ABI, this
> change just makes it so programs no longer have to redeclare these
> structures (like e4crypt in e2fsprogs currently does).
>
> Note that we do not expose the other FS_*_KEY_SIZE constants as they are
> not necessary. Only XTS is supported for contents_encryption_mode, so
> currently FS_MAX_KEY_SIZE bytes of key material must always be passed to
> the kernel.
>
> This commit also removes __packed from fscrypt_key as it does not
> contain any implicit padding and does not refer to an on-disk structure.
>
> Change-Id: Iafc7d0f2127a5521a4566e59f2ed1ffc1526a62b
Same here. :)
> Signed-off-by: Joe Richey <joerichey@google.com>
> ---
> fs/crypto/fscrypt_private.h | 11 -----------
> include/uapi/linux/fs.h | 13 +++++++++++++
> 2 files changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
> index e39696e64494..e08ca6d1ca0f 100644
> --- a/fs/crypto/fscrypt_private.h
> +++ b/fs/crypto/fscrypt_private.h
> @@ -22,10 +22,6 @@
> #define FS_AES_256_CBC_KEY_SIZE 32
> #define FS_AES_256_CTS_KEY_SIZE 32
> #define FS_AES_256_XTS_KEY_SIZE 64
> -#define FS_MAX_KEY_SIZE 64
> -
> -#define FS_KEY_DESC_PREFIX "fscrypt:"
> -#define FS_KEY_DESC_PREFIX_SIZE 8
>
> #define FS_KEY_DERIVATION_NONCE_SIZE 16
>
> @@ -51,13 +47,6 @@ struct fscrypt_context {
>
> #define FS_ENCRYPTION_CONTEXT_FORMAT_V1 1
>
> -/* This is passed in from userspace into the kernel keyring */
> -struct fscrypt_key {
> - u32 mode;
> - u8 raw[FS_MAX_KEY_SIZE];
> - u32 size;
> -} __packed;
> -
> /*
> * A pointer to this structure is stored in the file system's in-core
> * representation of an inode.
> diff --git a/include/uapi/linux/fs.h b/include/uapi/linux/fs.h
> index 048a85e9f017..9691fda01245 100644
> --- a/include/uapi/linux/fs.h
> +++ b/include/uapi/linux/fs.h
> @@ -285,6 +285,19 @@ struct fscrypt_policy {
> #define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
> #define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy)
>
> +/* Parameters for passing an encryption key into the kernel keyring */
> +#define FS_KEY_DESC_PREFIX "fscrypt:"
> +#define FS_KEY_DESC_PREFIX_SIZE 8
> +
> +/* Structure that userspace passes to the kernel keyring */
> +#define FS_MAX_KEY_SIZE 64
> +
> +struct fscrypt_key {
> + __u32 mode;
> + __u8 raw[FS_MAX_KEY_SIZE];
> + __u32 size;
> +};
> +
Reviewed-by: Richard Weinberger <richard@nod.at>
--
Thanks,
//richard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-04-06 19:21 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-04 22:39 [PATCH] fscrypt: Move key structure and constants to uapi Joe Richey
2017-04-04 22:39 ` Joe Richey
2017-04-06 19:21 ` Richard Weinberger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.