[f2fs-dev] [PATCH] f2fs_io: Add get file name encryption mode

linux-f2fs-devel.lists.sourceforge.net archive mirror
 help / color / mirror / Atom feed

* [f2fs-dev] [PATCH] f2fs_io: Add get file name encryption mode
@ 2021-04-22 15:49 Jaegeuk Kim
  0 siblings, 0 replies; only message in thread
From: Jaegeuk Kim @ 2021-04-22 15:49 UTC (permalink / raw)
  To: linux-f2fs-devel; +Cc: Jaegeuk Kim

From: Robin Hsu <robinhsu@google.com>

This patch add an ioctl to get filename encryption mode.

Signed-off-by: Robin Hsu <robinhsu@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
---
 tools/f2fs_io/f2fs_io.c | 63 +++++++++++++++++++++++++++++++++++++++++
 tools/f2fs_io/f2fs_io.h | 36 +++++++++++++++++++++++
 2 files changed, 99 insertions(+)

diff --git a/tools/f2fs_io/f2fs_io.c b/tools/f2fs_io/f2fs_io.c
index 033c256d14d1..fa7d3f5e4b36 100644
--- a/tools/f2fs_io/f2fs_io.c
+++ b/tools/f2fs_io/f2fs_io.c
@@ -1096,6 +1096,68 @@ static void do_compress(int argc, char **argv, const struct cmd_desc *cmd)
 	exit(0);
 }
 
+#define get_filename_encrypt_mode_desc "get file name encrypt mode"
+#define get_filename_encrypt_mode_help					\
+"f2fs_io filename_encrypt_mode [file or directory path]\n\n"		\
+"Get the file name encription mode of the given file/directory.\n"	\
+
+static void do_get_filename_encrypt_mode (int argc, char **argv,
+						const struct cmd_desc *cmd)
+{
+	static const char *enc_name[] = {
+		"invalid", /* FS_ENCRYPTION_MODE_INVALID (0) */
+		"aes-256-xts", /* FS_ENCRYPTION_MODE_AES_256_XTS (1) */
+		"aes-256-gcm", /* FS_ENCRYPTION_MODE_AES_256_GCM (2) */
+		"aes-256-cbc", /* FS_ENCRYPTION_MODE_AES_256_CBC (3) */
+		"aes-256-cts", /* FS_ENCRYPTION_MODE_AES_256_CTS (4) */
+		"aes-128-cbc", /* FS_ENCRYPTION_MODE_AES_128_CBC (5) */
+		"aes-128-cts", /* FS_ENCRYPTION_MODE_AES_128_CTS (6) */
+		"speck128-256-xts", /* FS_ENCRYPTION_MODE_SPECK128_256_XTS (7) */
+		"speck128-256-cts", /* FS_ENCRYPTION_MODE_SPECK128_256_CTS (8) */
+		"adiantum", /* FS_ENCRYPTION_MODE_ADIANTUM (9) */
+	};
+	int fd, mode, ret;
+	struct fscrypt_get_policy_ex_arg arg;
+
+	if (argc != 2) {
+		fputs("Excess arguments\n\n", stderr);
+		fputs(cmd->cmd_help, stderr);
+		exit(1);
+	}
+
+	fd = xopen(argv[1], O_RDONLY, 0);
+	arg.policy_size = sizeof(arg.policy);
+	ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY_EX, &arg);
+	if (ret != 0 && errno == ENOTTY)
+		ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, arg.policy.v1);
+	close(fd);
+
+	if (ret) {
+		perror("FS_IOC_GET_ENCRYPTION_POLICY|_EX");
+		exit(1);
+	}
+
+	switch (arg.policy.version) {
+	case FSCRYPT_POLICY_V1:
+		mode = arg.policy.v1.filenames_encryption_mode;
+		break;
+	case FSCRYPT_POLICY_V2:
+		mode = arg.policy.v2.filenames_encryption_mode;
+		break;
+	default:
+		printf("Do not support policy version: %d\n",
+							arg.policy.version);
+		exit(1);
+	}
+
+	if (mode >= sizeof(enc_name)/sizeof(enc_name[0])) {
+		printf("Do not support algorithm: %d\n", mode);
+		exit(1);
+	}
+	printf ("%s\n", enc_name[mode]);
+	exit(0);
+}
+
 #define CMD_HIDDEN 	0x0001
 #define CMD(name) { #name, do_##name, name##_desc, name##_help, 0 }
 #define _CMD(name) { #name, do_##name, NULL, NULL, CMD_HIDDEN }
@@ -1125,6 +1187,7 @@ const struct cmd_desc cmd_list[] = {
 	CMD(set_coption),
 	CMD(decompress),
 	CMD(compress),
+	CMD(get_filename_encrypt_mode),
 	{ NULL, NULL, NULL, NULL, 0 }
 };
 
diff --git a/tools/f2fs_io/f2fs_io.h b/tools/f2fs_io/f2fs_io.h
index d53e5765c538..3a0278fd6ddf 100644
--- a/tools/f2fs_io/f2fs_io.h
+++ b/tools/f2fs_io/f2fs_io.h
@@ -91,6 +91,42 @@ typedef u32	__be32;
 #define F2FS_IOC_DECOMPRESS_FILE        _IO(F2FS_IOCTL_MAGIC, 23)
 #define F2FS_IOC_COMPRESS_FILE          _IO(F2FS_IOCTL_MAGIC, 24)
 
+#ifndef FS_IOC_GET_ENCRYPTION_POLICY
+#define FSCRYPT_POLICY_V1		0
+#define FSCRYPT_KEY_DESCRIPTOR_SIZE	8
+struct fscrypt_policy_v1 {
+	__u8 version;
+	__u8 contents_encryption_mode;
+	__u8 filenames_encryption_mode;
+	__u8 flags;
+	__u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE];
+};
+#define FS_IOC_GET_ENCRYPTION_POLICY		_IOW('f', 21, struct fscrypt_policy_v1)
+#endif
+
+#ifndef FS_IOC_GET_ENCRYPTION_POLICY_EX
+#define FSCRYPT_POLICY_V2		2
+#define FSCRYPT_KEY_IDENTIFIER_SIZE	16
+struct fscrypt_policy_v2 {
+	__u8 version;
+	__u8 contents_encryption_mode;
+	__u8 filenames_encryption_mode;
+	__u8 flags;
+	__u8 __reserved[4];
+	__u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
+};
+/* Struct passed to FS_IOC_GET_ENCRYPTION_POLICY_EX */
+struct fscrypt_get_policy_ex_arg {
+	__u64 policy_size; /* input/output */
+	union {
+		__u8 version;
+		struct fscrypt_policy_v1 v1;
+		struct fscrypt_policy_v2 v2;
+	} policy; /* output */
+};
+#define FS_IOC_GET_ENCRYPTION_POLICY_EX		_IOWR('f', 22, __u8[9]) /* size + version */
+#endif
+
 #define F2FS_IOC_SET_ENCRYPTION_POLICY	FS_IOC_SET_ENCRYPTION_POLICY
 #define F2FS_IOC_GET_ENCRYPTION_POLICY	FS_IOC_GET_ENCRYPTION_POLICY
 #define F2FS_IOC_GET_ENCRYPTION_PWSALT	FS_IOC_GET_ENCRYPTION_PWSALT
-- 
2.31.1.368.gbe11c130af-goog



_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2021-04-22 15:50 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-04-22 15:49 [f2fs-dev] [PATCH] f2fs_io: Add get file name encryption mode Jaegeuk Kim

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).