* [f2fs-dev] [PATCH v2] f2fs-tools: support to show fscrypt_context_v2 in print_xattr_entry
@ 2023-07-14 15:58 Weichao Guo via Linux-f2fs-devel
2023-07-15 4:47 ` Eric Biggers
0 siblings, 1 reply; 2+ messages in thread
From: Weichao Guo via Linux-f2fs-devel @ 2023-07-14 15:58 UTC (permalink / raw)
To: jaegeuk, chao, ebiggers; +Cc: linux-f2fs-devel
As the fscrypt context has two versions now, this patch adds the
support of fscrypt_context_v2 for print_xattr_entry.
Signed-off-by: Weichao Guo <guoweichao@oppo.com>
Signed-off-by: Sheng Yong <shengyong@oppo.com>
---
fsck/mount.c | 46 +++++++++++++++++++++++++++++---------------
fsck/xattr.h | 54 +++++++++++++++++++++++++++++++++++++++++++---------
2 files changed, 76 insertions(+), 24 deletions(-)
diff --git a/fsck/mount.c b/fsck/mount.c
index df0314d..fce01d1 100644
--- a/fsck/mount.c
+++ b/fsck/mount.c
@@ -194,7 +194,7 @@ static void print_xattr_entry(const struct f2fs_xattr_entry *ent)
{
const u8 *value = (const u8 *)&ent->e_name[ent->e_name_len];
const int size = le16_to_cpu(ent->e_value_size);
- const struct fscrypt_context *ctx;
+ const union fscrypt_context *ctx;
int i;
MSG(0, "\nxattr: e_name_index:%d e_name:", ent->e_name_index);
@@ -211,22 +211,38 @@ static void print_xattr_entry(const struct f2fs_xattr_entry *ent)
return;
#endif
case F2FS_XATTR_INDEX_ENCRYPTION:
- ctx = (const struct fscrypt_context *)value;
- if (size != sizeof(*ctx) ||
- ctx->format != FS_ENCRYPTION_CONTEXT_FORMAT_V1)
+ ctx = (const union fscrypt_context *)value;
+ if (size != fscrypt_context_size(ctx))
break;
- MSG(0, "format: %d\n", ctx->format);
- MSG(0, "contents_encryption_mode: 0x%x\n", ctx->contents_encryption_mode);
- MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->filenames_encryption_mode);
- MSG(0, "flags: 0x%x\n", ctx->flags);
- MSG(0, "master_key_descriptor: ");
- for (i = 0; i < FS_KEY_DESCRIPTOR_SIZE; i++)
- MSG(0, "%02X", ctx->master_key_descriptor[i]);
- MSG(0, "\nnonce: ");
- for (i = 0; i < FS_KEY_DERIVATION_NONCE_SIZE; i++)
- MSG(0, "%02X", ctx->nonce[i]);
- MSG(0, "\n");
+ switch (ctx->version) {
+ case FSCRYPT_CONTEXT_V1:
+ MSG(0, "format: %d\n", ctx->version);
+ MSG(0, "contents_encryption_mode: 0x%x\n", ctx->v1.contents_encryption_mode);
+ MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->v1.filenames_encryption_mode);
+ MSG(0, "flags: 0x%x\n", ctx->v1.flags);
+ MSG(0, "master_key_descriptor: ");
+ for (i = 0; i < FSCRYPT_KEY_DESCRIPTOR_SIZE; i++)
+ MSG(0, "%02X", ctx->v1.master_key_descriptor[i]);
+ MSG(0, "\nnonce: ");
+ for (i = 0; i < FSCRYPT_FILE_NONCE_SIZE; i++)
+ MSG(0, "%02X", ctx->v1.nonce[i]);
+ MSG(0, "\n");
return;
+ case FSCRYPT_CONTEXT_V2:
+ MSG(0, "format: %d\n", ctx->version);
+ MSG(0, "contents_encryption_mode: 0x%x\n", ctx->v2.contents_encryption_mode);
+ MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->v2.filenames_encryption_mode);
+ MSG(0, "flags: 0x%x\n", ctx->v2.flags);
+ MSG(0, "master_key_identifier: ");
+ for (i = 0; i < FSCRYPT_KEY_IDENTIFIER_SIZE; i++)
+ MSG(0, "%02X", ctx->v2.master_key_identifier[i]);
+ MSG(0, "\nnonce: ");
+ for (i = 0; i < FSCRYPT_FILE_NONCE_SIZE; i++)
+ MSG(0, "%02X", ctx->v2.nonce[i]);
+ MSG(0, "\n");
+ return;
+ }
+ break;
}
for (i = 0; i < size; i++)
MSG(0, "%02X", value[i]);
diff --git a/fsck/xattr.h b/fsck/xattr.h
index 22ea35c..b155cc8 100644
--- a/fsck/xattr.h
+++ b/fsck/xattr.h
@@ -34,22 +34,58 @@ struct f2fs_xattr_entry {
char e_name[0]; /* attribute name */
};
-#define FS_ENCRYPTION_CONTEXT_FORMAT_V1 1
-#ifndef FS_KEY_DESCRIPTOR_SIZE
-#define FS_KEY_DESCRIPTOR_SIZE 8
+#define FSCRYPT_CONTEXT_V1 1
+#define FSCRYPT_CONTEXT_V2 2
+#ifndef FSCRYPT_KEY_DESCRIPTOR_SIZE
+#define FSCRYPT_KEY_DESCRIPTOR_SIZE 8
#endif
-#define FS_KEY_DERIVATION_NONCE_SIZE 16
+#ifndef FSCRYPT_KEY_IDENTIFIER_SIZE
+#define FSCRYPT_KEY_IDENTIFIER_SIZE 16
+#endif
+#define FSCRYPT_FILE_NONCE_SIZE 16
+
+struct fscrypt_context_v1 {
+ u8 version; /* FSCRYPT_CONTEXT_V1 */
+ u8 contents_encryption_mode;
+ u8 filenames_encryption_mode;
+ u8 flags;
+ u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE];
+ u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
+};
-struct fscrypt_context {
- u8 format;
+struct fscrypt_context_v2 {
+ u8 version; /* FSCRYPT_CONTEXT_V2 */
u8 contents_encryption_mode;
u8 filenames_encryption_mode;
u8 flags;
- u8 master_key_descriptor[FS_KEY_DESCRIPTOR_SIZE];
- u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE];
+ u8 __reserved[4];
+ u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
+ u8 nonce[FSCRYPT_FILE_NONCE_SIZE];
};
-static_assert(sizeof(struct fscrypt_context) == 28, "");
+union fscrypt_context {
+ u8 version;
+ struct fscrypt_context_v1 v1;
+ struct fscrypt_context_v2 v2;
+};
+
+static_assert(sizeof(struct fscrypt_context_v1) == 28, "");
+static_assert(sizeof(struct fscrypt_context_v2) == 40, "");
+
+/*
+* Return the size expected for the given fscrypt_context based on its version
+* number, or 0 if the context version is unrecognized.
+*/
+static inline int fscrypt_context_size(const union fscrypt_context *ctx)
+{
+ switch (ctx->version) {
+ case FSCRYPT_CONTEXT_V1:
+ return sizeof(ctx->v1);
+ case FSCRYPT_CONTEXT_V2:
+ return sizeof(ctx->v2);
+ }
+ return 0;
+}
#define F2FS_ACL_VERSION 0x0001
--
2.40.1
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [f2fs-dev] [PATCH v2] f2fs-tools: support to show fscrypt_context_v2 in print_xattr_entry
2023-07-14 15:58 [f2fs-dev] [PATCH v2] f2fs-tools: support to show fscrypt_context_v2 in print_xattr_entry Weichao Guo via Linux-f2fs-devel
@ 2023-07-15 4:47 ` Eric Biggers
0 siblings, 0 replies; 2+ messages in thread
From: Eric Biggers @ 2023-07-15 4:47 UTC (permalink / raw)
To: Weichao Guo; +Cc: jaegeuk, linux-f2fs-devel
On Fri, Jul 14, 2023 at 11:58:43PM +0800, Weichao Guo wrote:
> As the fscrypt context has two versions now, this patch adds the
> support of fscrypt_context_v2 for print_xattr_entry.
>
> Signed-off-by: Weichao Guo <guoweichao@oppo.com>
> Signed-off-by: Sheng Yong <shengyong@oppo.com>
> ---
> fsck/mount.c | 46 +++++++++++++++++++++++++++++---------------
> fsck/xattr.h | 54 +++++++++++++++++++++++++++++++++++++++++++---------
> 2 files changed, 76 insertions(+), 24 deletions(-)
>
> diff --git a/fsck/mount.c b/fsck/mount.c
> index df0314d..fce01d1 100644
> --- a/fsck/mount.c
> +++ b/fsck/mount.c
> @@ -194,7 +194,7 @@ static void print_xattr_entry(const struct f2fs_xattr_entry *ent)
> {
> const u8 *value = (const u8 *)&ent->e_name[ent->e_name_len];
> const int size = le16_to_cpu(ent->e_value_size);
> - const struct fscrypt_context *ctx;
> + const union fscrypt_context *ctx;
> int i;
>
> MSG(0, "\nxattr: e_name_index:%d e_name:", ent->e_name_index);
> @@ -211,22 +211,38 @@ static void print_xattr_entry(const struct f2fs_xattr_entry *ent)
> return;
> #endif
> case F2FS_XATTR_INDEX_ENCRYPTION:
> - ctx = (const struct fscrypt_context *)value;
> - if (size != sizeof(*ctx) ||
> - ctx->format != FS_ENCRYPTION_CONTEXT_FORMAT_V1)
> + ctx = (const union fscrypt_context *)value;
> + if (size != fscrypt_context_size(ctx))
> break;
> - MSG(0, "format: %d\n", ctx->format);
If size == 0, this will read past the end of the xattr value.
> - MSG(0, "contents_encryption_mode: 0x%x\n", ctx->contents_encryption_mode);
> - MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->filenames_encryption_mode);
> - MSG(0, "flags: 0x%x\n", ctx->flags);
> - MSG(0, "master_key_descriptor: ");
> - for (i = 0; i < FS_KEY_DESCRIPTOR_SIZE; i++)
> - MSG(0, "%02X", ctx->master_key_descriptor[i]);
> - MSG(0, "\nnonce: ");
> - for (i = 0; i < FS_KEY_DERIVATION_NONCE_SIZE; i++)
> - MSG(0, "%02X", ctx->nonce[i]);
> - MSG(0, "\n");
> + switch (ctx->version) {
> + case FSCRYPT_CONTEXT_V1:
> + MSG(0, "format: %d\n", ctx->version);
> + MSG(0, "contents_encryption_mode: 0x%x\n", ctx->v1.contents_encryption_mode);
> + MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->v1.filenames_encryption_mode);
> + MSG(0, "flags: 0x%x\n", ctx->v1.flags);
> + MSG(0, "master_key_descriptor: ");
> + for (i = 0; i < FSCRYPT_KEY_DESCRIPTOR_SIZE; i++)
> + MSG(0, "%02X", ctx->v1.master_key_descriptor[i]);
> + MSG(0, "\nnonce: ");
> + for (i = 0; i < FSCRYPT_FILE_NONCE_SIZE; i++)
> + MSG(0, "%02X", ctx->v1.nonce[i]);
> + MSG(0, "\n");
> return;
> + case FSCRYPT_CONTEXT_V2:
> + MSG(0, "format: %d\n", ctx->version);
> + MSG(0, "contents_encryption_mode: 0x%x\n", ctx->v2.contents_encryption_mode);
> + MSG(0, "filenames_encryption_mode: 0x%x\n", ctx->v2.filenames_encryption_mode);
> + MSG(0, "flags: 0x%x\n", ctx->v2.flags);
> + MSG(0, "master_key_identifier: ");
> + for (i = 0; i < FSCRYPT_KEY_IDENTIFIER_SIZE; i++)
> + MSG(0, "%02X", ctx->v2.master_key_identifier[i]);
> + MSG(0, "\nnonce: ");
> + for (i = 0; i < FSCRYPT_FILE_NONCE_SIZE; i++)
> + MSG(0, "%02X", ctx->v2.nonce[i]);
> + MSG(0, "\n");
> + return;
> + }
> + break;
The two return statements are missing a level of indentation.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-15 4:48 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-14 15:58 [f2fs-dev] [PATCH v2] f2fs-tools: support to show fscrypt_context_v2 in print_xattr_entry Weichao Guo via Linux-f2fs-devel
2023-07-15 4:47 ` Eric Biggers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).