policy.c - OpenGrok cross reference for /Linux-v6.1/fs/crypto/policy.c

Lines Matching refs:policy
36 int fscrypt_policy_to_key_spec(const union fscrypt_policy *policy,  in fscrypt_policy_to_key_spec()  argument
39 	switch (policy->version) {  in fscrypt_policy_to_key_spec()
42 		memcpy(key_spec->u.descriptor, policy->v1.master_key_descriptor,  in fscrypt_policy_to_key_spec()
47 		memcpy(key_spec->u.identifier, policy->v2.master_key_identifier,  in fscrypt_policy_to_key_spec()
109 static bool supported_iv_ino_lblk_policy(const struct fscrypt_policy_v2 *policy,  in supported_iv_ino_lblk_policy()  argument
124 	if (policy->contents_encryption_mode != FSCRYPT_MODE_AES_256_XTS) {  in supported_iv_ino_lblk_policy()
159 static bool fscrypt_supported_v1_policy(const struct fscrypt_policy_v1 *policy,  in fscrypt_supported_v1_policy()  argument
162 	if (!fscrypt_valid_enc_modes_v1(policy->contents_encryption_mode,  in fscrypt_supported_v1_policy()
163 				     policy->filenames_encryption_mode)) {  in fscrypt_supported_v1_policy()
166 			     policy->contents_encryption_mode,  in fscrypt_supported_v1_policy()
167 			     policy->filenames_encryption_mode);  in fscrypt_supported_v1_policy()
171 	if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |  in fscrypt_supported_v1_policy()
174 			     policy->flags);  in fscrypt_supported_v1_policy()
178 	if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&  in fscrypt_supported_v1_policy()
179 	    !supported_direct_key_modes(inode, policy->contents_encryption_mode,  in fscrypt_supported_v1_policy()
180 					policy->filenames_encryption_mode))  in fscrypt_supported_v1_policy()
193 static bool fscrypt_supported_v2_policy(const struct fscrypt_policy_v2 *policy,  in fscrypt_supported_v2_policy()  argument
198 	if (!fscrypt_valid_enc_modes_v2(policy->contents_encryption_mode,  in fscrypt_supported_v2_policy()
199 				     policy->filenames_encryption_mode)) {  in fscrypt_supported_v2_policy()
202 			     policy->contents_encryption_mode,  in fscrypt_supported_v2_policy()
203 			     policy->filenames_encryption_mode);  in fscrypt_supported_v2_policy()
207 	if (policy->flags & ~(FSCRYPT_POLICY_FLAGS_PAD_MASK |  in fscrypt_supported_v2_policy()
212 			     policy->flags);  in fscrypt_supported_v2_policy()
216 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY);  in fscrypt_supported_v2_policy()
217 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64);  in fscrypt_supported_v2_policy()
218 	count += !!(policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32);  in fscrypt_supported_v2_policy()
221 			     policy->flags);  in fscrypt_supported_v2_policy()
225 	if ((policy->flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) &&  in fscrypt_supported_v2_policy()
226 	    !supported_direct_key_modes(inode, policy->contents_encryption_mode,  in fscrypt_supported_v2_policy()
227 					policy->filenames_encryption_mode))  in fscrypt_supported_v2_policy()
230 	if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) &&  in fscrypt_supported_v2_policy()
231 	    !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_64",  in fscrypt_supported_v2_policy()
241 	if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) &&  in fscrypt_supported_v2_policy()
242 	    !supported_iv_ino_lblk_policy(policy, inode, "IV_INO_LBLK_32",  in fscrypt_supported_v2_policy()
246 	if (memchr_inv(policy->__reserved, 0, sizeof(policy->__reserved))) {  in fscrypt_supported_v2_policy()
297 		const struct fscrypt_policy_v1 *policy = &policy_u->v1;  in fscrypt_new_context()  local
302 			policy->contents_encryption_mode;  in fscrypt_new_context()
304 			policy->filenames_encryption_mode;  in fscrypt_new_context()
305 		ctx->flags = policy->flags;  in fscrypt_new_context()
307 		       policy->master_key_descriptor,  in fscrypt_new_context()
313 		const struct fscrypt_policy_v2 *policy = &policy_u->v2;  in fscrypt_new_context()  local
318 			policy->contents_encryption_mode;  in fscrypt_new_context()
320 			policy->filenames_encryption_mode;  in fscrypt_new_context()
321 		ctx->flags = policy->flags;  in fscrypt_new_context()
323 		       policy->master_key_identifier,  in fscrypt_new_context()
359 		struct fscrypt_policy_v1 *policy = &policy_u->v1;  in fscrypt_policy_from_context()  local
361 		policy->version = FSCRYPT_POLICY_V1;  in fscrypt_policy_from_context()
362 		policy->contents_encryption_mode =  in fscrypt_policy_from_context()
364 		policy->filenames_encryption_mode =  in fscrypt_policy_from_context()
366 		policy->flags = ctx->flags;  in fscrypt_policy_from_context()
367 		memcpy(policy->master_key_descriptor,  in fscrypt_policy_from_context()
369 		       sizeof(policy->master_key_descriptor));  in fscrypt_policy_from_context()
374 		struct fscrypt_policy_v2 *policy = &policy_u->v2;  in fscrypt_policy_from_context()  local
376 		policy->version = FSCRYPT_POLICY_V2;  in fscrypt_policy_from_context()
377 		policy->contents_encryption_mode =  in fscrypt_policy_from_context()
379 		policy->filenames_encryption_mode =  in fscrypt_policy_from_context()
381 		policy->flags = ctx->flags;  in fscrypt_policy_from_context()
382 		memcpy(policy->__reserved, ctx->__reserved,  in fscrypt_policy_from_context()
383 		       sizeof(policy->__reserved));  in fscrypt_policy_from_context()
384 		memcpy(policy->master_key_identifier,  in fscrypt_policy_from_context()
386 		       sizeof(policy->master_key_identifier));  in fscrypt_policy_from_context()
395 static int fscrypt_get_policy(struct inode *inode, union fscrypt_policy *policy)  in fscrypt_get_policy()  argument
404 		*policy = ci->ci_policy;  in fscrypt_get_policy()
415 	return fscrypt_policy_from_context(policy, &ctx, ret);  in fscrypt_get_policy()
419 				 const union fscrypt_policy *policy)  in set_encryption_policy()  argument
426 	if (!fscrypt_supported_policy(policy, inode))  in set_encryption_policy()
429 	switch (policy->version) {  in set_encryption_policy()
447 					       policy->v2.master_key_identifier);  in set_encryption_policy()
450 		if (policy->v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)  in set_encryption_policy()
460 	ctxsize = fscrypt_new_context(&ctx, policy, nonce);  in set_encryption_policy()
467 	union fscrypt_policy policy;  in fscrypt_ioctl_set_policy()  local
474 	if (get_user(policy.version, (const u8 __user *)arg))  in fscrypt_ioctl_set_policy()
477 	size = fscrypt_policy_size(&policy);  in fscrypt_ioctl_set_policy()
492 	version = policy.version;  in fscrypt_ioctl_set_policy()
493 	if (copy_from_user(&policy, arg, size))  in fscrypt_ioctl_set_policy()
495 	policy.version = version;  in fscrypt_ioctl_set_policy()
515 			ret = set_encryption_policy(inode, &policy);  in fscrypt_ioctl_set_policy()
517 		   (ret == 0 && !fscrypt_policies_equal(&policy,  in fscrypt_ioctl_set_policy()
533 	union fscrypt_policy policy;  in fscrypt_ioctl_get_policy()  local
536 	err = fscrypt_get_policy(file_inode(filp), &policy);  in fscrypt_ioctl_get_policy()
540 	if (policy.version != FSCRYPT_POLICY_V1)  in fscrypt_ioctl_get_policy()
543 	if (copy_to_user(arg, &policy, sizeof(policy.v1)))  in fscrypt_ioctl_get_policy()
553 	union fscrypt_policy *policy = (union fscrypt_policy *)&arg.policy;  in fscrypt_ioctl_get_policy_ex()  local
560 		     offsetof(typeof(arg), policy));  in fscrypt_ioctl_get_policy_ex()
561 	BUILD_BUG_ON(sizeof(arg.policy) != sizeof(*policy));  in fscrypt_ioctl_get_policy_ex()
563 	err = fscrypt_get_policy(file_inode(filp), policy);  in fscrypt_ioctl_get_policy_ex()
566 	policy_size = fscrypt_policy_size(policy);  in fscrypt_ioctl_get_policy_ex()
769 	union fscrypt_policy *policy;  in fscrypt_parse_test_dummy_encryption()  local
775 	policy = kzalloc(sizeof(*policy), GFP_KERNEL);  in fscrypt_parse_test_dummy_encryption()
776 	if (!policy)  in fscrypt_parse_test_dummy_encryption()
780 		policy->version = FSCRYPT_POLICY_V1;  in fscrypt_parse_test_dummy_encryption()
781 		policy->v1.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;  in fscrypt_parse_test_dummy_encryption()
782 		policy->v1.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;  in fscrypt_parse_test_dummy_encryption()
783 		memset(policy->v1.master_key_descriptor, 0x42,  in fscrypt_parse_test_dummy_encryption()
786 		policy->version = FSCRYPT_POLICY_V2;  in fscrypt_parse_test_dummy_encryption()
787 		policy->v2.contents_encryption_mode = FSCRYPT_MODE_AES_256_XTS;  in fscrypt_parse_test_dummy_encryption()
788 		policy->v2.filenames_encryption_mode = FSCRYPT_MODE_AES_256_CTS;  in fscrypt_parse_test_dummy_encryption()
790 				policy->v2.master_key_identifier);  in fscrypt_parse_test_dummy_encryption()
798 	if (dummy_policy->policy) {  in fscrypt_parse_test_dummy_encryption()
799 		if (fscrypt_policies_equal(policy, dummy_policy->policy))  in fscrypt_parse_test_dummy_encryption()
805 	dummy_policy->policy = policy;  in fscrypt_parse_test_dummy_encryption()
806 	policy = NULL;  in fscrypt_parse_test_dummy_encryption()
809 	kfree(policy);  in fscrypt_parse_test_dummy_encryption()
824 	if (!p1->policy && !p2->policy)  in fscrypt_dummy_policies_equal()
826 	if (!p1->policy || !p2->policy)  in fscrypt_dummy_policies_equal()
828 	return fscrypt_policies_equal(p1->policy, p2->policy);  in fscrypt_dummy_policies_equal()
844 	const union fscrypt_policy *policy = fscrypt_get_dummy_policy(sb);  in fscrypt_show_test_dummy_encryption()  local
847 	if (!policy)  in fscrypt_show_test_dummy_encryption()
850 	vers = policy->version;  in fscrypt_show_test_dummy_encryption()