41 static void free_master_key(struct fscrypt_master_key *mk)  in free_master_key()  argument
45 	wipe_master_key_secret(&mk->mk_secret);  in free_master_key()
48 		fscrypt_destroy_prepared_key(&mk->mk_direct_keys[i]);  in free_master_key()
49 		fscrypt_destroy_prepared_key(&mk->mk_iv_ino_lblk_64_keys[i]);  in free_master_key()
50 		fscrypt_destroy_prepared_key(&mk->mk_iv_ino_lblk_32_keys[i]);  in free_master_key()
53 	key_put(mk->mk_users);  in free_master_key()
54 	kfree_sensitive(mk);  in free_master_key()
81 		const struct fscrypt_master_key *mk = key->payload.data[0];  in fscrypt_key_describe()  local
83 		if (!is_master_key_secret_present(&mk->mk_secret))  in fscrypt_key_describe()
255 static int allocate_master_key_users_keyring(struct fscrypt_master_key *mk)  in allocate_master_key_users_keyring()  argument
261 					    mk->mk_spec.u.identifier);  in allocate_master_key_users_keyring()
269 	mk->mk_users = keyring;  in allocate_master_key_users_keyring()
277 static struct key *find_master_key_user(struct fscrypt_master_key *mk)  in find_master_key_user()  argument
281 	format_mk_user_description(description, mk->mk_spec.u.identifier);  in find_master_key_user()
282 	return search_fscrypt_keyring(mk->mk_users, &key_type_fscrypt_user,  in find_master_key_user()
292 static int add_master_key_user(struct fscrypt_master_key *mk)  in add_master_key_user()  argument
298 	format_mk_user_description(description, mk->mk_spec.u.identifier);  in add_master_key_user()
305 	err = key_instantiate_and_link(mk_user, NULL, 0, mk->mk_users, NULL);  in add_master_key_user()
316 static int remove_master_key_user(struct fscrypt_master_key *mk)  in remove_master_key_user()  argument
321 	mk_user = find_master_key_user(mk);  in remove_master_key_user()
324 	err = key_unlink(mk->mk_users, mk_user);  in remove_master_key_user()
338 	struct fscrypt_master_key *mk;  in add_new_master_key()  local
343 	mk = kzalloc(sizeof(*mk), GFP_KERNEL);  in add_new_master_key()
344 	if (!mk)  in add_new_master_key()
347 	mk->mk_spec = *mk_spec;  in add_new_master_key()
349 	move_master_key_secret(&mk->mk_secret, secret);  in add_new_master_key()
350 	init_rwsem(&mk->mk_secret_sem);  in add_new_master_key()
352 	refcount_set(&mk->mk_refcount, 1); /* secret is present */  in add_new_master_key()
353 	INIT_LIST_HEAD(&mk->mk_decrypted_inodes);  in add_new_master_key()
354 	spin_lock_init(&mk->mk_decrypted_inodes_lock);  in add_new_master_key()
357 		err = allocate_master_key_users_keyring(mk);  in add_new_master_key()
360 		err = add_master_key_user(mk);  in add_new_master_key()
379 	err = key_instantiate_and_link(key, mk, sizeof(*mk), keyring, NULL);  in add_new_master_key()
387 	free_master_key(mk);  in add_new_master_key()
393 static int add_existing_master_key(struct fscrypt_master_key *mk,  in add_existing_master_key()  argument
404 	if (mk->mk_users) {  in add_existing_master_key()
405 		mk_user = find_master_key_user(mk);  in add_existing_master_key()
415 	rekey = !is_master_key_secret_present(&mk->mk_secret);  in add_existing_master_key()
416 	if (rekey && !refcount_inc_not_zero(&mk->mk_refcount))  in add_existing_master_key()
420 	if (mk->mk_users) {  in add_existing_master_key()
421 		err = add_master_key_user(mk);  in add_existing_master_key()
423 			if (rekey && refcount_dec_and_test(&mk->mk_refcount))  in add_existing_master_key()
431 		down_write(&mk->mk_secret_sem);  in add_existing_master_key()
432 		move_master_key_secret(&mk->mk_secret, secret);  in add_existing_master_key()
433 		up_write(&mk->mk_secret_sem);  in add_existing_master_key()
739 	struct fscrypt_master_key *mk;  in fscrypt_verify_key_added()  local
750 	mk = key->payload.data[0];  in fscrypt_verify_key_added()
751 	mk_user = find_master_key_user(mk);  in fscrypt_verify_key_added()
784 static void evict_dentries_for_decrypted_inodes(struct fscrypt_master_key *mk)  in evict_dentries_for_decrypted_inodes()  argument
790 	spin_lock(&mk->mk_decrypted_inodes_lock);  in evict_dentries_for_decrypted_inodes()
792 	list_for_each_entry(ci, &mk->mk_decrypted_inodes, ci_master_key_link) {  in evict_dentries_for_decrypted_inodes()
801 		spin_unlock(&mk->mk_decrypted_inodes_lock);  in evict_dentries_for_decrypted_inodes()
807 		spin_lock(&mk->mk_decrypted_inodes_lock);  in evict_dentries_for_decrypted_inodes()
810 	spin_unlock(&mk->mk_decrypted_inodes_lock);  in evict_dentries_for_decrypted_inodes()
815 				 struct fscrypt_master_key *mk)  in check_for_busy_inodes()  argument
822 	spin_lock(&mk->mk_decrypted_inodes_lock);  in check_for_busy_inodes()
824 	list_for_each(pos, &mk->mk_decrypted_inodes)  in check_for_busy_inodes()
828 		spin_unlock(&mk->mk_decrypted_inodes_lock);  in check_for_busy_inodes()
835 			list_first_entry(&mk->mk_decrypted_inodes,  in check_for_busy_inodes()
840 	spin_unlock(&mk->mk_decrypted_inodes_lock);  in check_for_busy_inodes()
848 		     sb->s_id, busy_count, master_key_spec_type(&mk->mk_spec),  in check_for_busy_inodes()
849 		     master_key_spec_len(&mk->mk_spec), (u8 *)&mk->mk_spec.u,  in check_for_busy_inodes()
855 				       struct fscrypt_master_key *mk)  in try_to_lock_encrypted_files()  argument
880 	evict_dentries_for_decrypted_inodes(mk);  in try_to_lock_encrypted_files()
889 	err2 = check_for_busy_inodes(sb, mk);  in try_to_lock_encrypted_files()
921 	struct fscrypt_master_key *mk;  in do_remove_key()  local
947 	mk = key->payload.data[0];  in do_remove_key()
952 	if (mk->mk_users && mk->mk_users->keys.nr_leaves_on_tree != 0) {  in do_remove_key()
954 			err = keyring_clear(mk->mk_users);  in do_remove_key()
956 			err = remove_master_key_user(mk);  in do_remove_key()
961 		if (mk->mk_users->keys.nr_leaves_on_tree != 0) {  in do_remove_key()
977 	if (is_master_key_secret_present(&mk->mk_secret)) {  in do_remove_key()
978 		down_write(&mk->mk_secret_sem);  in do_remove_key()
979 		wipe_master_key_secret(&mk->mk_secret);  in do_remove_key()
980 		dead = refcount_dec_and_test(&mk->mk_refcount);  in do_remove_key()
981 		up_write(&mk->mk_secret_sem);  in do_remove_key()
993 		err = try_to_lock_encrypted_files(sb, mk);  in do_remove_key()
1055 	struct fscrypt_master_key *mk;  in fscrypt_ioctl_get_key_status()  local
1079 	mk = key->payload.data[0];  in fscrypt_ioctl_get_key_status()
1082 	if (!is_master_key_secret_present(&mk->mk_secret)) {  in fscrypt_ioctl_get_key_status()
1089 	if (mk->mk_users) {  in fscrypt_ioctl_get_key_status()
1092 		arg.user_count = mk->mk_users->keys.nr_leaves_on_tree;  in fscrypt_ioctl_get_key_status()
1093 		mk_user = find_master_key_user(mk);  in fscrypt_ioctl_get_key_status()