Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (54 commits) tpm_nsc: Fix bug when loading multiple TPM drivers tpm: Move tpm_tis_reenable_interrupts out of CONFIG_PNP block tpm: Fix compilation warning when CONFIG_PNP is not defined TOMOYO: Update kernel-doc. tpm: Fix a typo tpm_tis: Probing function for Intel iTPM bug tpm_tis: Fix the probing for interrupts tpm_tis: Delay ACPI S3 suspend while the TPM is busy tpm_tis: Re-enable interrupts upon (S3) resume tpm: Fix display of data in pubek sysfs entry tpm_tis: Add timeouts sysfs entry tpm: Adjust interface timeouts if they are too small tpm: Use interface timeouts returned from the TPM tpm_tis: Introduce durations sysfs entry tpm: Adjust the durations if they are too small tpm: Use durations returned from TPM TOMOYO: Enable conditional ACL. TOMOYO: Allow using argv[]/envp[] of execve() as conditions. TOMOYO: Allow using executable's realpath and symlink's target as conditions. TOMOYO: Allow using owner/group etc. of file objects as conditions. ... Fix up trivial conflict in security/tomoyo/realpath.c
This commit is contained in:
Linus Torvalds
@@ -29,6 +29,7 @@
|
||||
#define ECRYPTFS_KERNEL_H
|
||||
|
||||
#include <keys/user-type.h>
|
||||
#include <keys/encrypted-type.h>
|
||||
#include <linux/fs.h>
|
||||
#include <linux/fs_stack.h>
|
||||
#include <linux/namei.h>
|
||||
@@ -36,125 +37,18 @@
|
||||
#include <linux/hash.h>
|
||||
#include <linux/nsproxy.h>
|
||||
#include <linux/backing-dev.h>
|
||||
#include <linux/ecryptfs.h>
|
||||
|
||||
/* Version verification for shared data structures w/ userspace */
|
||||
#define ECRYPTFS_VERSION_MAJOR 0x00
|
||||
#define ECRYPTFS_VERSION_MINOR 0x04
|
||||
#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x03
|
||||
/* These flags indicate which features are supported by the kernel
|
||||
* module; userspace tools such as the mount helper read
|
||||
* ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine
|
||||
* how to behave. */
|
||||
#define ECRYPTFS_VERSIONING_PASSPHRASE 0x00000001
|
||||
#define ECRYPTFS_VERSIONING_PUBKEY 0x00000002
|
||||
#define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004
|
||||
#define ECRYPTFS_VERSIONING_POLICY 0x00000008
|
||||
#define ECRYPTFS_VERSIONING_XATTR 0x00000010
|
||||
#define ECRYPTFS_VERSIONING_MULTKEY 0x00000020
|
||||
#define ECRYPTFS_VERSIONING_DEVMISC 0x00000040
|
||||
#define ECRYPTFS_VERSIONING_HMAC 0x00000080
|
||||
#define ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION 0x00000100
|
||||
#define ECRYPTFS_VERSIONING_GCM 0x00000200
|
||||
#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
|
||||
| ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH \
|
||||
| ECRYPTFS_VERSIONING_PUBKEY \
|
||||
| ECRYPTFS_VERSIONING_XATTR \
|
||||
| ECRYPTFS_VERSIONING_MULTKEY \
|
||||
| ECRYPTFS_VERSIONING_DEVMISC \
|
||||
| ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION)
|
||||
#define ECRYPTFS_MAX_PASSWORD_LENGTH 64
|
||||
#define ECRYPTFS_MAX_PASSPHRASE_BYTES ECRYPTFS_MAX_PASSWORD_LENGTH
|
||||
#define ECRYPTFS_SALT_SIZE 8
|
||||
#define ECRYPTFS_SALT_SIZE_HEX (ECRYPTFS_SALT_SIZE*2)
|
||||
/* The original signature size is only for what is stored on disk; all
|
||||
* in-memory representations are expanded hex, so it better adapted to
|
||||
* be passed around or referenced on the command line */
|
||||
#define ECRYPTFS_SIG_SIZE 8
|
||||
#define ECRYPTFS_SIG_SIZE_HEX (ECRYPTFS_SIG_SIZE*2)
|
||||
#define ECRYPTFS_PASSWORD_SIG_SIZE ECRYPTFS_SIG_SIZE_HEX
|
||||
#define ECRYPTFS_MAX_KEY_BYTES 64
|
||||
#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512
|
||||
#define ECRYPTFS_DEFAULT_IV_BYTES 16
|
||||
#define ECRYPTFS_FILE_VERSION 0x03
|
||||
#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
|
||||
#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
|
||||
#define ECRYPTFS_DEFAULT_MSG_CTX_ELEMS 32
|
||||
#define ECRYPTFS_DEFAULT_SEND_TIMEOUT HZ
|
||||
#define ECRYPTFS_MAX_MSG_CTX_TTL (HZ*3)
|
||||
#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
|
||||
#define ECRYPTFS_DEFAULT_NUM_USERS 4
|
||||
#define ECRYPTFS_MAX_NUM_USERS 32768
|
||||
#define ECRYPTFS_XATTR_NAME "user.ecryptfs"
|
||||
|
||||
#define RFC2440_CIPHER_DES3_EDE 0x02
|
||||
#define RFC2440_CIPHER_CAST_5 0x03
|
||||
#define RFC2440_CIPHER_BLOWFISH 0x04
|
||||
#define RFC2440_CIPHER_AES_128 0x07
|
||||
#define RFC2440_CIPHER_AES_192 0x08
|
||||
#define RFC2440_CIPHER_AES_256 0x09
|
||||
#define RFC2440_CIPHER_TWOFISH 0x0a
|
||||
#define RFC2440_CIPHER_CAST_6 0x0b
|
||||
|
||||
#define RFC2440_CIPHER_RSA 0x01
|
||||
|
||||
/**
|
||||
* For convenience, we may need to pass around the encrypted session
|
||||
* key between kernel and userspace because the authentication token
|
||||
* may not be extractable. For example, the TPM may not release the
|
||||
* private key, instead requiring the encrypted data and returning the
|
||||
* decrypted data.
|
||||
*/
|
||||
struct ecryptfs_session_key {
|
||||
#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT 0x00000001
|
||||
#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT 0x00000002
|
||||
#define ECRYPTFS_CONTAINS_DECRYPTED_KEY 0x00000004
|
||||
#define ECRYPTFS_CONTAINS_ENCRYPTED_KEY 0x00000008
|
||||
u32 flags;
|
||||
u32 encrypted_key_size;
|
||||
u32 decrypted_key_size;
|
||||
u8 encrypted_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES];
|
||||
u8 decrypted_key[ECRYPTFS_MAX_KEY_BYTES];
|
||||
};
|
||||
|
||||
struct ecryptfs_password {
|
||||
u32 password_bytes;
|
||||
s32 hash_algo;
|
||||
u32 hash_iterations;
|
||||
u32 session_key_encryption_key_bytes;
|
||||
#define ECRYPTFS_PERSISTENT_PASSWORD 0x01
|
||||
#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02
|
||||
u32 flags;
|
||||
/* Iterated-hash concatenation of salt and passphrase */
|
||||
u8 session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES];
|
||||
u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
|
||||
/* Always in expanded hex */
|
||||
u8 salt[ECRYPTFS_SALT_SIZE];
|
||||
};
|
||||
|
||||
enum ecryptfs_token_types {ECRYPTFS_PASSWORD, ECRYPTFS_PRIVATE_KEY};
|
||||
|
||||
struct ecryptfs_private_key {
|
||||
u32 key_size;
|
||||
u32 data_len;
|
||||
u8 signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
|
||||
char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1];
|
||||
u8 data[];
|
||||
};
|
||||
|
||||
/* May be a password or a private key */
|
||||
struct ecryptfs_auth_tok {
|
||||
u16 version; /* 8-bit major and 8-bit minor */
|
||||
u16 token_type;
|
||||
#define ECRYPTFS_ENCRYPT_ONLY 0x00000001
|
||||
u32 flags;
|
||||
struct ecryptfs_session_key session_key;
|
||||
u8 reserved[32];
|
||||
union {
|
||||
struct ecryptfs_password password;
|
||||
struct ecryptfs_private_key private_key;
|
||||
} token;
|
||||
} __attribute__ ((packed));
|
||||
|
||||
void ecryptfs_dump_auth_tok(struct ecryptfs_auth_tok *auth_tok);
|
||||
extern void ecryptfs_to_hex(char *dst, char *src, size_t src_size);
|
||||
extern void ecryptfs_from_hex(char *dst, char *src, int dst_size);
|
||||
@@ -185,11 +79,47 @@ struct ecryptfs_page_crypt_context {
|
||||
} param;
|
||||
};
|
||||
|
||||
#if defined(CONFIG_ENCRYPTED_KEYS) || defined(CONFIG_ENCRYPTED_KEYS_MODULE)
|
||||
static inline struct ecryptfs_auth_tok *
|
||||
ecryptfs_get_encrypted_key_payload_data(struct key *key)
|
||||
{
|
||||
if (key->type == &key_type_encrypted)
|
||||
return (struct ecryptfs_auth_tok *)
|
||||
(&((struct encrypted_key_payload *)key->payload.data)->payload_data);
|
||||
else
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static inline struct key *ecryptfs_get_encrypted_key(char *sig)
|
||||
{
|
||||
return request_key(&key_type_encrypted, sig, NULL);
|
||||
}
|
||||
|
||||
#else
|
||||
static inline struct ecryptfs_auth_tok *
|
||||
ecryptfs_get_encrypted_key_payload_data(struct key *key)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static inline struct key *ecryptfs_get_encrypted_key(char *sig)
|
||||
{
|
||||
return ERR_PTR(-ENOKEY);
|
||||
}
|
||||
|
||||
#endif /* CONFIG_ENCRYPTED_KEYS */
|
||||
|
||||
static inline struct ecryptfs_auth_tok *
|
||||
ecryptfs_get_key_payload_data(struct key *key)
|
||||
{
|
||||
return (struct ecryptfs_auth_tok *)
|
||||
(((struct user_key_payload*)key->payload.data)->data);
|
||||
struct ecryptfs_auth_tok *auth_tok;
|
||||
|
||||
auth_tok = ecryptfs_get_encrypted_key_payload_data(key);
|
||||
if (!auth_tok)
|
||||
return (struct ecryptfs_auth_tok *)
|
||||
(((struct user_key_payload *)key->payload.data)->data);
|
||||
else
|
||||
return auth_tok;
|
||||
}
|
||||
|
||||
#define ECRYPTFS_MAX_KEYSET_SIZE 1024
|
||||
|
||||
@@ -1635,11 +1635,14 @@ int ecryptfs_keyring_auth_tok_for_sig(struct key **auth_tok_key,
|
||||
|
||||
(*auth_tok_key) = request_key(&key_type_user, sig, NULL);
|
||||
if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
|
||||
printk(KERN_ERR "Could not find key with description: [%s]\n",
|
||||
sig);
|
||||
rc = process_request_key_err(PTR_ERR(*auth_tok_key));
|
||||
(*auth_tok_key) = NULL;
|
||||
goto out;
|
||||
(*auth_tok_key) = ecryptfs_get_encrypted_key(sig);
|
||||
if (!(*auth_tok_key) || IS_ERR(*auth_tok_key)) {
|
||||
printk(KERN_ERR "Could not find key with description: [%s]\n",
|
||||
sig);
|
||||
rc = process_request_key_err(PTR_ERR(*auth_tok_key));
|
||||
(*auth_tok_key) = NULL;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
down_write(&(*auth_tok_key)->sem);
|
||||
rc = ecryptfs_verify_auth_tok_from_key(*auth_tok_key, auth_tok);
|
||||
|
||||
Reference in New Issue
Block a user