1 /* 2 * Copyright (C) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 #ifndef KEY_CONTROL_H 16 #define KEY_CONTROL_H 17 18 #include <linux/keyctl.h> 19 #include <linux/version.h> 20 #if ((defined LINUX_VERSION_CODE ) && LINUX_VERSION_CODE >= KERNEL_VERSION(5, 4, 0)) 21 #include <linux/fscrypt.h> 22 #define SUPPORT_FSCRYPT_V2 23 #else 24 #include "fscrypt_uapi.h" 25 #endif 26 27 #include <stdbool.h> 28 29 #ifdef __cplusplus 30 extern "C" { 31 #endif 32 33 #define POLICY_BUF_SIZE (100) 34 35 enum { 36 FSCRYPT_INVALID = 0, 37 FSCRYPT_V1 = 1, 38 FSCRYPT_V2 = 2, 39 }; 40 41 union FscryptPolicy { 42 struct fscrypt_policy_v1 v1; 43 #ifdef SUPPORT_FSCRYPT_V2 44 struct fscrypt_policy_v2 v2; 45 #endif 46 }; 47 48 typedef unsigned char uint8_t; 49 typedef int key_serial_t; 50 51 static const char *FSCRYPT_POLICY_KEY = "fscrypt.policy.config"; 52 static const char *PATH_FSCRYPT_VER = "/fscrypt_version"; 53 54 key_serial_t KeyCtrlGetKeyringId(key_serial_t id, int create); 55 key_serial_t KeyCtrlAddKey(const char *type, const char *description, 56 const key_serial_t ringId); 57 key_serial_t KeyCtrlAddKeyEx(const char *type, const char *description, 58 struct fscrypt_key *fsKey, const key_serial_t ringId); 59 long KeyCtrlSearch(key_serial_t ringId, const char *type, const char *description, 60 key_serial_t destRingId); 61 long KeyCtrlUnlink(key_serial_t key, key_serial_t keyring); 62 63 #ifdef SUPPORT_FSCRYPT_V2 64 bool KeyCtrlInstallKey(const char *mnt, struct fscrypt_add_key_arg *arg); 65 bool KeyCtrlRemoveKey(const char *mnt, struct fscrypt_remove_key_arg *arg); 66 bool KeyCtrlGetKeyStatus(const char *mnt, struct fscrypt_get_key_status_arg *arg); 67 bool KeyCtrlGetPolicyEx(const char *path, struct fscrypt_get_policy_ex_arg *policy); 68 #endif 69 70 bool KeyCtrlSetPolicy(const char *path, union FscryptPolicy *policy); 71 bool KeyCtrlGetPolicy(const char *path, struct fscrypt_policy *policy); 72 73 uint8_t KeyCtrlGetFscryptVersion(const char *mnt); 74 uint8_t KeyCtrlLoadVersion(const char *keyPath); 75 76 bool KeyCtrlHasFscryptSyspara(void); 77 78 #ifdef __cplusplus 79 } 80 #endif 81 82 #endif