28 static void wipe_master_key_secret(struct fscrypt_master_key_secret *secret)  in wipe_master_key_secret()  argument
30 	fscrypt_destroy_hkdf(&secret->hkdf);  in wipe_master_key_secret()
31 	memzero_explicit(secret, sizeof(*secret));  in wipe_master_key_secret()
84 			seq_puts(m, ": secret removed");  in fscrypt_key_describe()
330  * Allocate a new fscrypt_master_key which contains the given secret, set it as
334 static int add_new_master_key(struct fscrypt_master_key_secret *secret,  in add_new_master_key()  argument
349 	move_master_key_secret(&mk->mk_secret, secret);  in add_new_master_key()
351 	refcount_set(&mk->mk_refcount, 1); /* secret is present */  in add_new_master_key()
393 				   struct fscrypt_master_key_secret *secret)  in add_existing_master_key()  argument
428 	/* Re-add the secret if needed. */  in add_existing_master_key()
430 		move_master_key_secret(&mk->mk_secret, secret);  in add_existing_master_key()
435 			     struct fscrypt_master_key_secret *secret,  in do_add_master_key()  argument
453 		err = add_new_master_key(secret, mk_spec, sb->s_master_keys);  in do_add_master_key()
456 		 * Found the key in ->s_master_keys.  Re-add the secret if  in do_add_master_key()
460 		err = add_existing_master_key(key->payload.data[0], secret);  in do_add_master_key()
476 			  struct fscrypt_master_key_secret *secret,  in add_master_key()  argument
482 		err = fscrypt_init_hkdf(&secret->hkdf, secret->raw,  in add_master_key()
483 					secret->size);  in add_master_key()
491 		memzero_explicit(secret->raw, secret->size);  in add_master_key()
494 		err = fscrypt_hkdf_expand(&secret->hkdf,  in add_master_key()
501 	return do_add_master_key(sb, secret, key_spec);  in add_master_key()
561  * store it into 'secret'.
575 			   struct fscrypt_master_key_secret *secret)  in get_keyring_key()  argument
595 	secret->size = key->datalen - sizeof(*payload);  in get_keyring_key()
596 	memcpy(secret->raw, payload->raw, secret->size);  in get_keyring_key()
636 	struct fscrypt_master_key_secret secret;  in fscrypt_ioctl_add_key()  local
657 	memset(&secret, 0, sizeof(secret));  in fscrypt_ioctl_add_key()
661 		err = get_keyring_key(arg.key_id, arg.key_spec.type, &secret);  in fscrypt_ioctl_add_key()
668 		secret.size = arg.raw_size;  in fscrypt_ioctl_add_key()
670 		if (copy_from_user(secret.raw, uarg->raw, secret.size))  in fscrypt_ioctl_add_key()
674 	err = add_master_key(sb, &secret, &arg.key_spec);  in fscrypt_ioctl_add_key()
686 	wipe_master_key_secret(&secret);  in fscrypt_ioctl_add_key()
700 	struct fscrypt_master_key_secret secret;  in fscrypt_add_test_dummy_key()  local
705 	memset(&secret, 0, sizeof(secret));  in fscrypt_add_test_dummy_key()
706 	secret.size = FSCRYPT_MAX_KEY_SIZE;  in fscrypt_add_test_dummy_key()
707 	memcpy(secret.raw, test_key, FSCRYPT_MAX_KEY_SIZE);  in fscrypt_add_test_dummy_key()
709 	err = add_master_key(sb, &secret, key_spec);  in fscrypt_add_test_dummy_key()
710 	wipe_master_key_secret(&secret);  in fscrypt_add_test_dummy_key()
898  * To "remove the key itself", first we wipe the actual master key secret, so
904  * state (without the actual secret key) where it tracks the list of remaining
906  * alternatively can re-add the secret key again.
971 	/* No user claims remaining.  Go ahead and wipe the secret. */  in do_remove_key()
980 		 * No inodes reference the key, and we wiped the secret, so the  in do_remove_key()
996 	 * key, wiped the secret, or tried locking the files again.  Users need  in do_remove_key()
1026  * secret has been removed, but some files which had been unlocked with it are
1036  * secret key is shared by multiple users, applications may wish to add an