28 static void wipe_master_key_secret(struct fscrypt_master_key_secret *secret)  in wipe_master_key_secret()  argument
30 	fscrypt_destroy_hkdf(&secret->hkdf);  in wipe_master_key_secret()
31 	memzero_explicit(secret, sizeof(*secret));  in wipe_master_key_secret()
84 			seq_puts(m, ": secret removed");  in fscrypt_key_describe()
330  * Allocate a new fscrypt_master_key which contains the given secret, set it as
334 static int add_new_master_key(struct fscrypt_master_key_secret *secret,  in add_new_master_key()  argument
349 	move_master_key_secret(&mk->mk_secret, secret);  in add_new_master_key()
352 	refcount_set(&mk->mk_refcount, 1); /* secret is present */  in add_new_master_key()
394 				   struct fscrypt_master_key_secret *secret)  in add_existing_master_key()  argument
429 	/* Re-add the secret if needed. */  in add_existing_master_key()
432 		move_master_key_secret(&mk->mk_secret, secret);  in add_existing_master_key()
439 			     struct fscrypt_master_key_secret *secret,  in do_add_master_key()  argument
457 		err = add_new_master_key(secret, mk_spec, sb->s_master_keys);  in do_add_master_key()
460 		 * Found the key in ->s_master_keys.  Re-add the secret if  in do_add_master_key()
464 		err = add_existing_master_key(key->payload.data[0], secret);  in do_add_master_key()
480 			  struct fscrypt_master_key_secret *secret,  in add_master_key()  argument
486 		err = fscrypt_init_hkdf(&secret->hkdf, secret->raw,  in add_master_key()
487 					secret->size);  in add_master_key()
495 		memzero_explicit(secret->raw, secret->size);  in add_master_key()
498 		err = fscrypt_hkdf_expand(&secret->hkdf,  in add_master_key()
505 	return do_add_master_key(sb, secret, key_spec);  in add_master_key()
565  * store it into 'secret'.
579 			   struct fscrypt_master_key_secret *secret)  in get_keyring_key()  argument
599 	secret->size = key->datalen - sizeof(*payload);  in get_keyring_key()
600 	memcpy(secret->raw, payload->raw, secret->size);  in get_keyring_key()
640 	struct fscrypt_master_key_secret secret;  in fscrypt_ioctl_add_key()  local
661 	memset(&secret, 0, sizeof(secret));  in fscrypt_ioctl_add_key()
665 		err = get_keyring_key(arg.key_id, arg.key_spec.type, &secret);  in fscrypt_ioctl_add_key()
672 		secret.size = arg.raw_size;  in fscrypt_ioctl_add_key()
674 		if (copy_from_user(secret.raw, uarg->raw, secret.size))  in fscrypt_ioctl_add_key()
678 	err = add_master_key(sb, &secret, &arg.key_spec);  in fscrypt_ioctl_add_key()
690 	wipe_master_key_secret(&secret);  in fscrypt_ioctl_add_key()
704 	struct fscrypt_master_key_secret secret;  in fscrypt_add_test_dummy_key()  local
709 	memset(&secret, 0, sizeof(secret));  in fscrypt_add_test_dummy_key()
710 	secret.size = FSCRYPT_MAX_KEY_SIZE;  in fscrypt_add_test_dummy_key()
711 	memcpy(secret.raw, test_key, FSCRYPT_MAX_KEY_SIZE);  in fscrypt_add_test_dummy_key()
713 	err = add_master_key(sb, &secret, key_spec);  in fscrypt_add_test_dummy_key()
714 	wipe_master_key_secret(&secret);  in fscrypt_add_test_dummy_key()
902  * To "remove the key itself", first we wipe the actual master key secret, so
908  * state (without the actual secret key) where it tracks the list of remaining
910  * alternatively can re-add the secret key again.
975 	/* No user claims remaining.  Go ahead and wipe the secret. */  in do_remove_key()
986 		 * No inodes reference the key, and we wiped the secret, so the  in do_remove_key()
1002 	 * key, wiped the secret, or tried locking the files again.  Users need  in do_remove_key()
1032  * secret has been removed, but some files which had been unlocked with it are
1042  * secret key is shared by multiple users, applications may wish to add an