fs/ecryptfs/mmap.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * eCryptfs: Linux filesystem encryption layer
0004  * This is where eCryptfs coordinates the symmetric encryption and
0005  * decryption of the file data as it passes between the lower
0006  * encrypted file and the upper decrypted file.
0007  *
0008  * Copyright (C) 1997-2003 Erez Zadok
0009  * Copyright (C) 2001-2003 Stony Brook University
0010  * Copyright (C) 2004-2007 International Business Machines Corp.
0011  *   Author(s): Michael A. Halcrow <mahalcro@us.ibm.com>
0012  */
0013
0014 #include <linux/pagemap.h>
0015 #include <linux/writeback.h>
0016 #include <linux/page-flags.h>
0017 #include <linux/mount.h>
0018 #include <linux/file.h>
0019 #include <linux/scatterlist.h>
0020 #include <linux/slab.h>
0021 #include <linux/xattr.h>
0022 #include <asm/unaligned.h>
0023 #include "ecryptfs_kernel.h"
0024
0025 /*
0026  * ecryptfs_get_locked_page
0027  *
0028  * Get one page from cache or lower f/s, return error otherwise.
0029  *
0030  * Returns locked and up-to-date page (if ok), with increased
0031  * refcnt.
0032  */
0033 struct page *ecryptfs_get_locked_page(struct inode *inode, loff_t index)
0034 {
0035     struct page *page = read_mapping_page(inode->i_mapping, index, NULL);
0036     if (!IS_ERR(page))
0037         lock_page(page);
0038     return page;
0039 }
0040
0041 /**
0042  * ecryptfs_writepage
0043  * @page: Page that is locked before this call is made
0044  * @wbc: Write-back control structure
0045  *
0046  * Returns zero on success; non-zero otherwise
0047  *
0048  * This is where we encrypt the data and pass the encrypted data to
0049  * the lower filesystem.  In OpenPGP-compatible mode, we operate on
0050  * entire underlying packets.
0051  */
0052 static int ecryptfs_writepage(struct page *page, struct writeback_control *wbc)
0053 {
0054     int rc;
0055
0056     rc = ecryptfs_encrypt_page(page);
0057     if (rc) {
0058         ecryptfs_printk(KERN_WARNING, "Error encrypting "
0059                 "page (upper index [0x%.16lx])\n", page->index);
0060         ClearPageUptodate(page);
0061         goto out;
0062     }
0063     SetPageUptodate(page);
0064 out:
0065     unlock_page(page);
0066     return rc;
0067 }
0068
0069 static void strip_xattr_flag(char *page_virt,
0070                  struct ecryptfs_crypt_stat *crypt_stat)
0071 {
0072     if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
0073         size_t written;
0074
0075         crypt_stat->flags &= ~ECRYPTFS_METADATA_IN_XATTR;
0076         ecryptfs_write_crypt_stat_flags(page_virt, crypt_stat,
0077                         &written);
0078         crypt_stat->flags |= ECRYPTFS_METADATA_IN_XATTR;
0079     }
0080 }
0081
0082 /*
0083  *   Header Extent:
0084  *     Octets 0-7:        Unencrypted file size (big-endian)
0085  *     Octets 8-15:       eCryptfs special marker
0086  *     Octets 16-19:      Flags
0087  *      Octet 16:         File format version number (between 0 and 255)
0088  *      Octets 17-18:     Reserved
0089  *      Octet 19:         Bit 1 (lsb): Reserved
0090  *                        Bit 2: Encrypted?
0091  *                        Bits 3-8: Reserved
0092  *     Octets 20-23:      Header extent size (big-endian)
0093  *     Octets 24-25:      Number of header extents at front of file
0094  *                        (big-endian)
0095  *     Octet  26:         Begin RFC 2440 authentication token packet set
0096  */
0097
0098 /**
0099  * ecryptfs_copy_up_encrypted_with_header
0100  * @page: Sort of a ``virtual'' representation of the encrypted lower
0101  *        file. The actual lower file does not have the metadata in
0102  *        the header. This is locked.
0103  * @crypt_stat: The eCryptfs inode's cryptographic context
0104  *
0105  * The ``view'' is the version of the file that userspace winds up
0106  * seeing, with the header information inserted.
0107  */
0108 static int
0109 ecryptfs_copy_up_encrypted_with_header(struct page *page,
0110                        struct ecryptfs_crypt_stat *crypt_stat)
0111 {
0112     loff_t extent_num_in_page = 0;
0113     loff_t num_extents_per_page = (PAGE_SIZE
0114                        / crypt_stat->extent_size);
0115     int rc = 0;
0116
0117     while (extent_num_in_page < num_extents_per_page) {
0118         loff_t view_extent_num = ((((loff_t)page->index)
0119                        * num_extents_per_page)
0120                       + extent_num_in_page);
0121         size_t num_header_extents_at_front =
0122             (crypt_stat->metadata_size / crypt_stat->extent_size);
0123
0124         if (view_extent_num < num_header_extents_at_front) {
0125             /* This is a header extent */
0126             char *page_virt;
0127
0128             page_virt = kmap_atomic(page);
0129             memset(page_virt, 0, PAGE_SIZE);
0130             /* TODO: Support more than one header extent */
0131             if (view_extent_num == 0) {
0132                 size_t written;
0133
0134                 rc = ecryptfs_read_xattr_region(
0135                     page_virt, page->mapping->host);
0136                 strip_xattr_flag(page_virt + 16, crypt_stat);
0137                 ecryptfs_write_header_metadata(page_virt + 20,
0138                                    crypt_stat,
0139                                    &written);
0140             }
0141             kunmap_atomic(page_virt);
0142             flush_dcache_page(page);
0143             if (rc) {
0144                 printk(KERN_ERR "%s: Error reading xattr "
0145                        "region; rc = [%d]\n", __func__, rc);
0146                 goto out;
0147             }
0148         } else {
0149             /* This is an encrypted data extent */
0150             loff_t lower_offset =
0151                 ((view_extent_num * crypt_stat->extent_size)
0152                  - crypt_stat->metadata_size);
0153
0154             rc = ecryptfs_read_lower_page_segment(
0155                 page, (lower_offset >> PAGE_SHIFT),
0156                 (lower_offset & ~PAGE_MASK),
0157                 crypt_stat->extent_size, page->mapping->host);
0158             if (rc) {
0159                 printk(KERN_ERR "%s: Error attempting to read "
0160                        "extent at offset [%lld] in the lower "
0161                        "file; rc = [%d]\n", __func__,
0162                        lower_offset, rc);
0163                 goto out;
0164             }
0165         }
0166         extent_num_in_page++;
0167     }
0168 out:
0169     return rc;
0170 }
0171
0172 /**
0173  * ecryptfs_read_folio
0174  * @file: An eCryptfs file
0175  * @folio: Folio from eCryptfs inode mapping into which to stick the read data
0176  *
0177  * Read in a folio, decrypting if necessary.
0178  *
0179  * Returns zero on success; non-zero on error.
0180  */
0181 static int ecryptfs_read_folio(struct file *file, struct folio *folio)
0182 {
0183     struct page *page = &folio->page;
0184     struct ecryptfs_crypt_stat *crypt_stat =
0185         &ecryptfs_inode_to_private(page->mapping->host)->crypt_stat;
0186     int rc = 0;
0187
0188     if (!crypt_stat || !(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
0189         rc = ecryptfs_read_lower_page_segment(page, page->index, 0,
0190                               PAGE_SIZE,
0191                               page->mapping->host);
0192     } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
0193         if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
0194             rc = ecryptfs_copy_up_encrypted_with_header(page,
0195                                     crypt_stat);
0196             if (rc) {
0197                 printk(KERN_ERR "%s: Error attempting to copy "
0198                        "the encrypted content from the lower "
0199                        "file whilst inserting the metadata "
0200                        "from the xattr into the header; rc = "
0201                        "[%d]\n", __func__, rc);
0202                 goto out;
0203             }
0204
0205         } else {
0206             rc = ecryptfs_read_lower_page_segment(
0207                 page, page->index, 0, PAGE_SIZE,
0208                 page->mapping->host);
0209             if (rc) {
0210                 printk(KERN_ERR "Error reading page; rc = "
0211                        "[%d]\n", rc);
0212                 goto out;
0213             }
0214         }
0215     } else {
0216         rc = ecryptfs_decrypt_page(page);
0217         if (rc) {
0218             ecryptfs_printk(KERN_ERR, "Error decrypting page; "
0219                     "rc = [%d]\n", rc);
0220             goto out;
0221         }
0222     }
0223 out:
0224     if (rc)
0225         ClearPageUptodate(page);
0226     else
0227         SetPageUptodate(page);
0228     ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16lx]\n",
0229             page->index);
0230     unlock_page(page);
0231     return rc;
0232 }
0233
0234 /*
0235  * Called with lower inode mutex held.
0236  */
0237 static int fill_zeros_to_end_of_page(struct page *page, unsigned int to)
0238 {
0239     struct inode *inode = page->mapping->host;
0240     int end_byte_in_page;
0241
0242     if ((i_size_read(inode) / PAGE_SIZE) != page->index)
0243         goto out;
0244     end_byte_in_page = i_size_read(inode) % PAGE_SIZE;
0245     if (to > end_byte_in_page)
0246         end_byte_in_page = to;
0247     zero_user_segment(page, end_byte_in_page, PAGE_SIZE);
0248 out:
0249     return 0;
0250 }
0251
0252 /**
0253  * ecryptfs_write_begin
0254  * @file: The eCryptfs file
0255  * @mapping: The eCryptfs object
0256  * @pos: The file offset at which to start writing
0257  * @len: Length of the write
0258  * @flags: Various flags
0259  * @pagep: Pointer to return the page
0260  * @fsdata: Pointer to return fs data (unused)
0261  *
0262  * This function must zero any hole we create
0263  *
0264  * Returns zero on success; non-zero otherwise
0265  */
0266 static int ecryptfs_write_begin(struct file *file,
0267             struct address_space *mapping,
0268             loff_t pos, unsigned len,
0269             struct page **pagep, void **fsdata)
0270 {
0271     pgoff_t index = pos >> PAGE_SHIFT;
0272     struct page *page;
0273     loff_t prev_page_end_size;
0274     int rc = 0;
0275
0276     page = grab_cache_page_write_begin(mapping, index);
0277     if (!page)
0278         return -ENOMEM;
0279     *pagep = page;
0280
0281     prev_page_end_size = ((loff_t)index << PAGE_SHIFT);
0282     if (!PageUptodate(page)) {
0283         struct ecryptfs_crypt_stat *crypt_stat =
0284             &ecryptfs_inode_to_private(mapping->host)->crypt_stat;
0285
0286         if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
0287             rc = ecryptfs_read_lower_page_segment(
0288                 page, index, 0, PAGE_SIZE, mapping->host);
0289             if (rc) {
0290                 printk(KERN_ERR "%s: Error attempting to read "
0291                        "lower page segment; rc = [%d]\n",
0292                        __func__, rc);
0293                 ClearPageUptodate(page);
0294                 goto out;
0295             } else
0296                 SetPageUptodate(page);
0297         } else if (crypt_stat->flags & ECRYPTFS_VIEW_AS_ENCRYPTED) {
0298             if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) {
0299                 rc = ecryptfs_copy_up_encrypted_with_header(
0300                     page, crypt_stat);
0301                 if (rc) {
0302                     printk(KERN_ERR "%s: Error attempting "
0303                            "to copy the encrypted content "
0304                            "from the lower file whilst "
0305                            "inserting the metadata from "
0306                            "the xattr into the header; rc "
0307                            "= [%d]\n", __func__, rc);
0308                     ClearPageUptodate(page);
0309                     goto out;
0310                 }
0311                 SetPageUptodate(page);
0312             } else {
0313                 rc = ecryptfs_read_lower_page_segment(
0314                     page, index, 0, PAGE_SIZE,
0315                     mapping->host);
0316                 if (rc) {
0317                     printk(KERN_ERR "%s: Error reading "
0318                            "page; rc = [%d]\n",
0319                            __func__, rc);
0320                     ClearPageUptodate(page);
0321                     goto out;
0322                 }
0323                 SetPageUptodate(page);
0324             }
0325         } else {
0326             if (prev_page_end_size
0327                 >= i_size_read(page->mapping->host)) {
0328                 zero_user(page, 0, PAGE_SIZE);
0329                 SetPageUptodate(page);
0330             } else if (len < PAGE_SIZE) {
0331                 rc = ecryptfs_decrypt_page(page);
0332                 if (rc) {
0333                     printk(KERN_ERR "%s: Error decrypting "
0334                            "page at index [%ld]; "
0335                            "rc = [%d]\n",
0336                            __func__, page->index, rc);
0337                     ClearPageUptodate(page);
0338                     goto out;
0339                 }
0340                 SetPageUptodate(page);
0341             }
0342         }
0343     }
0344     /* If creating a page or more of holes, zero them out via truncate.
0345      * Note, this will increase i_size. */
0346     if (index != 0) {
0347         if (prev_page_end_size > i_size_read(page->mapping->host)) {
0348             rc = ecryptfs_truncate(file->f_path.dentry,
0349                            prev_page_end_size);
0350             if (rc) {
0351                 printk(KERN_ERR "%s: Error on attempt to "
0352                        "truncate to (higher) offset [%lld];"
0353                        " rc = [%d]\n", __func__,
0354                        prev_page_end_size, rc);
0355                 goto out;
0356             }
0357         }
0358     }
0359     /* Writing to a new page, and creating a small hole from start
0360      * of page?  Zero it out. */
0361     if ((i_size_read(mapping->host) == prev_page_end_size)
0362         && (pos != 0))
0363         zero_user(page, 0, PAGE_SIZE);
0364 out:
0365     if (unlikely(rc)) {
0366         unlock_page(page);
0367         put_page(page);
0368         *pagep = NULL;
0369     }
0370     return rc;
0371 }
0372
0373 /*
0374  * ecryptfs_write_inode_size_to_header
0375  *
0376  * Writes the lower file size to the first 8 bytes of the header.
0377  *
0378  * Returns zero on success; non-zero on error.
0379  */
0380 static int ecryptfs_write_inode_size_to_header(struct inode *ecryptfs_inode)
0381 {
0382     char *file_size_virt;
0383     int rc;
0384
0385     file_size_virt = kmalloc(sizeof(u64), GFP_KERNEL);
0386     if (!file_size_virt) {
0387         rc = -ENOMEM;
0388         goto out;
0389     }
0390     put_unaligned_be64(i_size_read(ecryptfs_inode), file_size_virt);
0391     rc = ecryptfs_write_lower(ecryptfs_inode, file_size_virt, 0,
0392                   sizeof(u64));
0393     kfree(file_size_virt);
0394     if (rc < 0)
0395         printk(KERN_ERR "%s: Error writing file size to header; "
0396                "rc = [%d]\n", __func__, rc);
0397     else
0398         rc = 0;
0399 out:
0400     return rc;
0401 }
0402
0403 struct kmem_cache *ecryptfs_xattr_cache;
0404
0405 static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode)
0406 {
0407     ssize_t size;
0408     void *xattr_virt;
0409     struct dentry *lower_dentry =
0410         ecryptfs_inode_to_private(ecryptfs_inode)->lower_file->f_path.dentry;
0411     struct inode *lower_inode = d_inode(lower_dentry);
0412     int rc;
0413
0414     if (!(lower_inode->i_opflags & IOP_XATTR)) {
0415         printk(KERN_WARNING
0416                "No support for setting xattr in lower filesystem\n");
0417         rc = -ENOSYS;
0418         goto out;
0419     }
0420     xattr_virt = kmem_cache_alloc(ecryptfs_xattr_cache, GFP_KERNEL);
0421     if (!xattr_virt) {
0422         rc = -ENOMEM;
0423         goto out;
0424     }
0425     inode_lock(lower_inode);
0426     size = __vfs_getxattr(lower_dentry, lower_inode, ECRYPTFS_XATTR_NAME,
0427                   xattr_virt, PAGE_SIZE);
0428     if (size < 0)
0429         size = 8;
0430     put_unaligned_be64(i_size_read(ecryptfs_inode), xattr_virt);
0431     rc = __vfs_setxattr(&init_user_ns, lower_dentry, lower_inode,
0432                 ECRYPTFS_XATTR_NAME, xattr_virt, size, 0);
0433     inode_unlock(lower_inode);
0434     if (rc)
0435         printk(KERN_ERR "Error whilst attempting to write inode size "
0436                "to lower file xattr; rc = [%d]\n", rc);
0437     kmem_cache_free(ecryptfs_xattr_cache, xattr_virt);
0438 out:
0439     return rc;
0440 }
0441
0442 int ecryptfs_write_inode_size_to_metadata(struct inode *ecryptfs_inode)
0443 {
0444     struct ecryptfs_crypt_stat *crypt_stat;
0445
0446     crypt_stat = &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
0447     BUG_ON(!(crypt_stat->flags & ECRYPTFS_ENCRYPTED));
0448     if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR)
0449         return ecryptfs_write_inode_size_to_xattr(ecryptfs_inode);
0450     else
0451         return ecryptfs_write_inode_size_to_header(ecryptfs_inode);
0452 }
0453
0454 /**
0455  * ecryptfs_write_end
0456  * @file: The eCryptfs file object
0457  * @mapping: The eCryptfs object
0458  * @pos: The file position
0459  * @len: The length of the data (unused)
0460  * @copied: The amount of data copied
0461  * @page: The eCryptfs page
0462  * @fsdata: The fsdata (unused)
0463  */
0464 static int ecryptfs_write_end(struct file *file,
0465             struct address_space *mapping,
0466             loff_t pos, unsigned len, unsigned copied,
0467             struct page *page, void *fsdata)
0468 {
0469     pgoff_t index = pos >> PAGE_SHIFT;
0470     unsigned from = pos & (PAGE_SIZE - 1);
0471     unsigned to = from + copied;
0472     struct inode *ecryptfs_inode = mapping->host;
0473     struct ecryptfs_crypt_stat *crypt_stat =
0474         &ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat;
0475     int rc;
0476
0477     ecryptfs_printk(KERN_DEBUG, "Calling fill_zeros_to_end_of_page"
0478             "(page w/ index = [0x%.16lx], to = [%d])\n", index, to);
0479     if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
0480         rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, 0,
0481                                to);
0482         if (!rc) {
0483             rc = copied;
0484             fsstack_copy_inode_size(ecryptfs_inode,
0485                 ecryptfs_inode_to_lower(ecryptfs_inode));
0486         }
0487         goto out;
0488     }
0489     if (!PageUptodate(page)) {
0490         if (copied < PAGE_SIZE) {
0491             rc = 0;
0492             goto out;
0493         }
0494         SetPageUptodate(page);
0495     }
0496     /* Fills in zeros if 'to' goes beyond inode size */
0497     rc = fill_zeros_to_end_of_page(page, to);
0498     if (rc) {
0499         ecryptfs_printk(KERN_WARNING, "Error attempting to fill "
0500             "zeros in page with index = [0x%.16lx]\n", index);
0501         goto out;
0502     }
0503     rc = ecryptfs_encrypt_page(page);
0504     if (rc) {
0505         ecryptfs_printk(KERN_WARNING, "Error encrypting page (upper "
0506                 "index [0x%.16lx])\n", index);
0507         goto out;
0508     }
0509     if (pos + copied > i_size_read(ecryptfs_inode)) {
0510         i_size_write(ecryptfs_inode, pos + copied);
0511         ecryptfs_printk(KERN_DEBUG, "Expanded file size to "
0512             "[0x%.16llx]\n",
0513             (unsigned long long)i_size_read(ecryptfs_inode));
0514     }
0515     rc = ecryptfs_write_inode_size_to_metadata(ecryptfs_inode);
0516     if (rc)
0517         printk(KERN_ERR "Error writing inode size to metadata; "
0518                "rc = [%d]\n", rc);
0519     else
0520         rc = copied;
0521 out:
0522     unlock_page(page);
0523     put_page(page);
0524     return rc;
0525 }
0526
0527 static sector_t ecryptfs_bmap(struct address_space *mapping, sector_t block)
0528 {
0529     struct inode *lower_inode = ecryptfs_inode_to_lower(mapping->host);
0530     int ret = bmap(lower_inode, &block);
0531
0532     if (ret)
0533         return 0;
0534     return block;
0535 }
0536
0537 #include <linux/buffer_head.h>
0538
0539 const struct address_space_operations ecryptfs_aops = {
0540     /*
0541      * XXX: This is pretty broken for multiple reasons: ecryptfs does not
0542      * actually use buffer_heads, and ecryptfs will crash without
0543      * CONFIG_BLOCK.  But it matches the behavior before the default for
0544      * address_space_operations without the ->dirty_folio method was
0545      * cleaned up, so this is the best we can do without maintainer
0546      * feedback.
0547      */
0548 #ifdef CONFIG_BLOCK
0549     .dirty_folio    = block_dirty_folio,
0550     .invalidate_folio = block_invalidate_folio,
0551 #endif
0552     .writepage = ecryptfs_writepage,
0553     .read_folio = ecryptfs_read_folio,
0554     .write_begin = ecryptfs_write_begin,
0555     .write_end = ecryptfs_write_end,
0556     .bmap = ecryptfs_bmap,
0557 };