1 /*
2 * f2fscrypt.c - f2fs encryption management utility
3 *
4 * Authors: Kinglong Mee <kinglongmee@gmail.com>
5 *
6 * Copied from e4crypt that for ext4 filesystem.
7 * Authors: Michael Halcrow <mhalcrow@google.com>,
8 * Ildar Muslukhov <ildarm@google.com>
9 */
10
11 #ifndef _LARGEFILE_SOURCE
12 #define _LARGEFILE_SOURCE
13 #endif
14
15 #ifndef _LARGEFILE64_SOURCE
16 #define _LARGEFILE64_SOURCE
17 #endif
18
19 #ifndef _GNU_SOURCE
20 #define _GNU_SOURCE
21 #endif
22
23 #include "config.h"
24 #include <assert.h>
25 #include <errno.h>
26 #include <getopt.h>
27 #include <dirent.h>
28 #include <errno.h>
29 #include <stdarg.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <mntent.h>
34 #include <sys/ioctl.h>
35 #include <sys/stat.h>
36 #include <sys/types.h>
37 #include <fcntl.h>
38 #include <termios.h>
39 #include <unistd.h>
40 #include <signal.h>
41 #include <linux/fs.h>
42 #include <uuid/uuid.h>
43
44 #if !defined(HAVE_ADD_KEY) || !defined(HAVE_KEYCTL)
45 #include <sys/syscall.h>
46 #endif
47 #ifdef HAVE_SYS_KEY_H
48 #include <sys/key.h>
49 #endif
50
51 #define F2FS_MAX_KEY_SIZE 64
52 #define F2FS_MAX_PASSPHRASE_SIZE 1024
53 #define F2FS_MAX_SALT_SIZE 256
54
55 /* Encryption algorithms, key size and key reference len */
56 #define F2FS_ENCRYPTION_MODE_INVALID 0
57 #define F2FS_ENCRYPTION_MODE_AES_256_XTS 1
58 #define F2FS_ENCRYPTION_MODE_AES_256_GCM 2
59 #define F2FS_ENCRYPTION_MODE_AES_256_CBC 3
60 #define F2FS_ENCRYPTION_MODE_AES_256_CTS 4
61
62 #define F2FS_AES_256_XTS_KEY_SIZE 64
63 #define F2FS_AES_256_GCM_KEY_SIZE 32
64 #define F2FS_AES_256_CBC_KEY_SIZE 32
65 #define F2FS_AES_256_CTS_KEY_SIZE 32
66 #define F2FS_MAX_KEY_SIZE 64
67
68 /* Password derivation constants */
69 #define F2FS_MAX_PASSPHRASE_SIZE 1024
70 #define F2FS_MAX_SALT_SIZE 256
71 #define F2FS_PBKDF2_ITERATIONS 0xFFFF
72
73 /* special process keyring shortcut IDs */
74 #define KEY_SPEC_THREAD_KEYRING -1
75 #define KEY_SPEC_PROCESS_KEYRING -2
76 #define KEY_SPEC_SESSION_KEYRING -3
77 #define KEY_SPEC_USER_KEYRING -4
78 #define KEY_SPEC_USER_SESSION_KEYRING -5
79 #define KEY_SPEC_GROUP_KEYRING -6
80
81 #define KEYCTL_GET_KEYRING_ID 0
82 #define KEYCTL_JOIN_SESSION_KEYRING 1
83 #define KEYCTL_DESCRIBE 6
84 #define KEYCTL_SEARCH 10
85 #define KEYCTL_SESSION_TO_PARENT 18
86
87 /*
88 * File system encryption support
89 */
90 /* Policy provided via an ioctl on the topmost directory */
91 #define F2FS_KEY_DESCRIPTOR_SIZE 8
92 #define F2FS_KEY_REF_STR_BUF_SIZE ((F2FS_KEY_DESCRIPTOR_SIZE * 2) + 1)
93
94 struct f2fs_fscrypt_policy {
95 __u8 version;
96 __u8 contents_encryption_mode;
97 __u8 filenames_encryption_mode;
98 __u8 flags;
99 __u8 master_key_descriptor[F2FS_KEY_DESCRIPTOR_SIZE];
100 } __attribute__((packed));
101
102 #define F2FS_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct f2fs_fscrypt_policy)
103 #define F2FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
104 #define F2FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct f2fs_fscrypt_policy)
105
106 typedef int32_t key_serial_t;
107
108
109
110 #define OPT_VERBOSE 0x0001
111 #define OPT_QUIET 0x0002
112
113 struct f2fs_encryption_key {
114 __u32 mode;
115 char raw[F2FS_MAX_KEY_SIZE];
116 __u32 size;
117 } __attribute__((__packed__));
118
119 int options;
120
121 extern void f2fs_sha512(const unsigned char *in, unsigned long in_size,
122 unsigned char *out);
123
124 #ifndef HAVE_KEYCTL
keyctl(int cmd,...)125 static long keyctl(int cmd, ...)
126 {
127 va_list va;
128 unsigned long arg2, arg3, arg4, arg5;
129
130 va_start(va, cmd);
131 arg2 = va_arg(va, unsigned long);
132 arg3 = va_arg(va, unsigned long);
133 arg4 = va_arg(va, unsigned long);
134 arg5 = va_arg(va, unsigned long);
135 va_end(va);
136 return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
137 }
138 #endif
139
140 #ifndef HAVE_ADD_KEY
add_key(const char * type,const char * description,const void * payload,size_t plen,key_serial_t keyring)141 static key_serial_t add_key(const char *type, const char *description,
142 const void *payload, size_t plen,
143 key_serial_t keyring)
144 {
145 return syscall(__NR_add_key, type, description, payload,
146 plen, keyring);
147 }
148 #endif
149
150 static const unsigned char *hexchars = (const unsigned char *) "0123456789abcdef";
151 static const size_t hexchars_size = 16;
152
153 #define SHA512_LENGTH 64
154 #define F2FS_KEY_TYPE_LOGON "logon"
155 #define F2FS_KEY_DESC_PREFIX "f2fs:"
156 #define F2FS_KEY_DESC_PREFIX_SIZE 5
157
int_log2(int arg)158 static int int_log2(int arg)
159 {
160 int l = 0;
161
162 arg >>= 1;
163 while (arg) {
164 l++;
165 arg >>= 1;
166 }
167 return l;
168 }
169
validate_paths(int argc,char * argv[],int path_start_index)170 static void validate_paths(int argc, char *argv[], int path_start_index)
171 {
172 int x;
173 int valid = 1;
174 struct stat st;
175
176 for (x = path_start_index; x < argc; x++) {
177 int ret = access(argv[x], W_OK);
178 if (ret) {
179 invalid:
180 perror(argv[x]);
181 valid = 0;
182 continue;
183 }
184 ret = stat(argv[x], &st);
185 if (ret < 0)
186 goto invalid;
187 if (!S_ISDIR(st.st_mode)) {
188 fprintf(stderr, "%s is not a directory\n", argv[x]);
189 goto invalid;
190 }
191 }
192 if (!valid)
193 exit(1);
194 }
195
hex2byte(const char * hex,size_t hex_size,unsigned char * bytes,size_t bytes_size)196 static int hex2byte(const char *hex, size_t hex_size, unsigned char *bytes,
197 size_t bytes_size)
198 {
199 size_t x;
200 unsigned char *h, *l;
201
202 if (hex_size % 2)
203 return -EINVAL;
204 for (x = 0; x < hex_size; x += 2) {
205 h = memchr(hexchars, hex[x], hexchars_size);
206 if (!h)
207 return -EINVAL;
208 l = memchr(hexchars, hex[x + 1], hexchars_size);
209 if (!l)
210 return -EINVAL;
211 if ((x >> 1) >= bytes_size)
212 return -EINVAL;
213 bytes[x >> 1] = (((unsigned char)(h - hexchars) << 4) +
214 (unsigned char)(l - hexchars));
215 }
216 return 0;
217 }
218
219 /*
220 * Salt handling
221 */
222 struct salt {
223 unsigned char *salt;
224 char key_ref_str[F2FS_KEY_REF_STR_BUF_SIZE];
225 unsigned char key_desc[F2FS_KEY_DESCRIPTOR_SIZE];
226 unsigned char key[F2FS_MAX_KEY_SIZE];
227 size_t salt_len;
228 };
229 struct salt *salt_list;
230 unsigned num_salt;
231 unsigned max_salt;
232 char in_passphrase[F2FS_MAX_PASSPHRASE_SIZE];
233
find_by_salt(unsigned char * salt,size_t salt_len)234 static struct salt *find_by_salt(unsigned char *salt, size_t salt_len)
235 {
236 unsigned int i;
237 struct salt *p;
238
239 for (i = 0, p = salt_list; i < num_salt; i++, p++)
240 if ((p->salt_len == salt_len) &&
241 !memcmp(p->salt, salt, salt_len))
242 return p;
243 return NULL;
244 }
245
add_salt(unsigned char * salt,size_t salt_len)246 static void add_salt(unsigned char *salt, size_t salt_len)
247 {
248 if (find_by_salt(salt, salt_len))
249 return;
250 if (num_salt >= max_salt) {
251 max_salt = num_salt + 10;
252 salt_list = realloc(salt_list, max_salt * sizeof(struct salt));
253 if (!salt_list) {
254 fprintf(stderr, "Couldn't allocate salt list\n");
255 exit(1);
256 }
257 }
258 salt_list[num_salt].salt = salt;
259 salt_list[num_salt].salt_len = salt_len;
260 num_salt++;
261 }
262
clear_secrets(void)263 static void clear_secrets(void)
264 {
265 if (salt_list) {
266 memset(salt_list, 0, sizeof(struct salt) * max_salt);
267 free(salt_list);
268 salt_list = NULL;
269 }
270 memset(in_passphrase, 0, sizeof(in_passphrase));
271 }
272
die_signal_handler(int signum,siginfo_t * siginfo,void * context)273 static void die_signal_handler(int signum, siginfo_t *siginfo, void *context)
274 {
275 clear_secrets();
276 exit(-1);
277 }
278
sigcatcher_setup(void)279 static void sigcatcher_setup(void)
280 {
281 struct sigaction sa;
282
283 memset(&sa, 0, sizeof(struct sigaction));
284 sa.sa_sigaction = die_signal_handler;
285 sa.sa_flags = SA_SIGINFO;
286
287 sigaction(SIGHUP, &sa, 0);
288 sigaction(SIGINT, &sa, 0);
289 sigaction(SIGQUIT, &sa, 0);
290 sigaction(SIGFPE, &sa, 0);
291 sigaction(SIGILL, &sa, 0);
292 sigaction(SIGBUS, &sa, 0);
293 sigaction(SIGSEGV, &sa, 0);
294 sigaction(SIGABRT, &sa, 0);
295 sigaction(SIGPIPE, &sa, 0);
296 sigaction(SIGALRM, &sa, 0);
297 sigaction(SIGTERM, &sa, 0);
298 sigaction(SIGUSR1, &sa, 0);
299 sigaction(SIGUSR2, &sa, 0);
300 sigaction(SIGPOLL, &sa, 0);
301 sigaction(SIGPROF, &sa, 0);
302 sigaction(SIGSYS, &sa, 0);
303 sigaction(SIGTRAP, &sa, 0);
304 sigaction(SIGVTALRM, &sa, 0);
305 sigaction(SIGXCPU, &sa, 0);
306 sigaction(SIGXFSZ, &sa, 0);
307 }
308
309
310 #define PARSE_FLAGS_NOTSUPP_OK 0x0001
311 #define PARSE_FLAGS_FORCE_FN 0x0002
312
parse_salt(char * salt_str,int flags)313 static void parse_salt(char *salt_str, int flags)
314 {
315 unsigned char buf[F2FS_MAX_SALT_SIZE];
316 char *cp = salt_str;
317 unsigned char *salt_buf;
318 int fd, ret, salt_len = 0;
319
320 if (flags & PARSE_FLAGS_FORCE_FN)
321 goto salt_from_filename;
322 if (strncmp(cp, "s:", 2) == 0) {
323 cp += 2;
324 salt_len = strlen(cp);
325 if (salt_len >= F2FS_MAX_SALT_SIZE)
326 goto invalid_salt;
327 strncpy((char *) buf, cp, sizeof(buf));
328 } else if (cp[0] == '/') {
329 salt_from_filename:
330 fd = open(cp, O_RDONLY | O_DIRECTORY);
331 if (fd == -1 && errno == ENOTDIR)
332 fd = open(cp, O_RDONLY);
333 if (fd == -1) {
334 perror(cp);
335 exit(1);
336 }
337 ret = ioctl(fd, F2FS_IOC_GET_ENCRYPTION_PWSALT, &buf);
338 close(fd);
339 if (ret < 0) {
340 if (flags & PARSE_FLAGS_NOTSUPP_OK)
341 return;
342 perror("F2FS_IOC_GET_ENCRYPTION_PWSALT");
343 exit(1);
344 }
345 if (options & OPT_VERBOSE) {
346 char tmp[80];
347 uuid_unparse(buf, tmp);
348 printf("%s has pw salt %s\n", cp, tmp);
349 }
350 salt_len = 16;
351 } else if (strncmp(cp, "f:", 2) == 0) {
352 cp += 2;
353 goto salt_from_filename;
354 } else if (strncmp(cp, "0x", 2) == 0) {
355 unsigned char *h, *l;
356
357 cp += 2;
358 if (strlen(cp) & 1)
359 goto invalid_salt;
360 while (*cp) {
361 if (salt_len >= F2FS_MAX_SALT_SIZE)
362 goto invalid_salt;
363 h = memchr(hexchars, *cp++, hexchars_size);
364 l = memchr(hexchars, *cp++, hexchars_size);
365 if (!h || !l)
366 goto invalid_salt;
367 buf[salt_len++] =
368 (((unsigned char)(h - hexchars) << 4) +
369 (unsigned char)(l - hexchars));
370 }
371 } else if (uuid_parse(cp, buf) == 0) {
372 salt_len = 16;
373 } else {
374 invalid_salt:
375 fprintf(stderr, "Invalid salt: %s\n", salt_str);
376 exit(1);
377 }
378 salt_buf = malloc(salt_len);
379 if (!salt_buf) {
380 fprintf(stderr, "Couldn't allocate salt\n");
381 exit(1);
382 }
383 memcpy(salt_buf, buf, salt_len);
384 add_salt(salt_buf, salt_len);
385 }
386
set_policy(struct salt * set_salt,int pad,int argc,char * argv[],int path_start_index)387 static void set_policy(struct salt *set_salt, int pad,
388 int argc, char *argv[], int path_start_index)
389 {
390 struct salt *salt;
391 struct f2fs_fscrypt_policy policy;
392 uuid_t uu;
393 int fd;
394 int x;
395 int rc;
396
397 if ((pad != 4) && (pad != 8) &&
398 (pad != 16) && (pad != 32)) {
399 fprintf(stderr, "Invalid padding %d\n", pad);
400 exit(1);
401 }
402
403 for (x = path_start_index; x < argc; x++) {
404 fd = open(argv[x], O_DIRECTORY);
405 if (fd == -1) {
406 perror(argv[x]);
407 exit(1);
408 }
409 if (set_salt)
410 salt = set_salt;
411 else {
412 if (ioctl(fd, F2FS_IOC_GET_ENCRYPTION_PWSALT,
413 &uu) < 0) {
414 perror("F2FS_IOC_GET_ENCRYPTION_PWSALT");
415 exit(1);
416 }
417 salt = find_by_salt(uu, sizeof(uu));
418 if (!salt) {
419 fprintf(stderr, "Couldn't find salt!?!\n");
420 exit(1);
421 }
422 }
423 policy.version = 0;
424 policy.contents_encryption_mode =
425 F2FS_ENCRYPTION_MODE_AES_256_XTS;
426 policy.filenames_encryption_mode =
427 F2FS_ENCRYPTION_MODE_AES_256_CTS;
428 policy.flags = int_log2(pad >> 2);
429 memcpy(policy.master_key_descriptor, salt->key_desc,
430 F2FS_KEY_DESCRIPTOR_SIZE);
431 rc = ioctl(fd, F2FS_IOC_SET_ENCRYPTION_POLICY, &policy);
432 close(fd);
433 if (rc) {
434 printf("Error [%s] setting policy.\nThe key descriptor "
435 "[%s] may not match the existing encryption "
436 "context for directory [%s].\n",
437 strerror(errno), salt->key_ref_str, argv[x]);
438 continue;
439 }
440 printf("Key with descriptor [%s] applied to %s.\n",
441 salt->key_ref_str, argv[x]);
442 }
443 }
444
pbkdf2_sha512(const char * passphrase,struct salt * salt,unsigned int count,unsigned char derived_key[F2FS_MAX_KEY_SIZE])445 static void pbkdf2_sha512(const char *passphrase, struct salt *salt,
446 unsigned int count,
447 unsigned char derived_key[F2FS_MAX_KEY_SIZE])
448 {
449 size_t passphrase_size = strlen(passphrase);
450 unsigned char buf[SHA512_LENGTH + F2FS_MAX_PASSPHRASE_SIZE] = {0};
451 unsigned char tempbuf[SHA512_LENGTH] = {0};
452 char final[SHA512_LENGTH] = {0};
453 unsigned char saltbuf[F2FS_MAX_SALT_SIZE + F2FS_MAX_PASSPHRASE_SIZE] = {0};
454 int actual_buf_len = SHA512_LENGTH + passphrase_size;
455 int actual_saltbuf_len = F2FS_MAX_SALT_SIZE + passphrase_size;
456 unsigned int x, y;
457 __u32 *final_u32 = (__u32 *)final;
458 __u32 *temp_u32 = (__u32 *)tempbuf;
459
460 if (passphrase_size > F2FS_MAX_PASSPHRASE_SIZE) {
461 printf("Passphrase size is %zd; max is %d.\n", passphrase_size,
462 F2FS_MAX_PASSPHRASE_SIZE);
463 exit(1);
464 }
465 if (salt->salt_len > F2FS_MAX_SALT_SIZE) {
466 printf("Salt size is %zd; max is %d.\n", salt->salt_len,
467 F2FS_MAX_SALT_SIZE);
468 exit(1);
469 }
470 assert(F2FS_MAX_KEY_SIZE <= SHA512_LENGTH);
471
472 memcpy(saltbuf, salt->salt, salt->salt_len);
473 memcpy(&saltbuf[F2FS_MAX_SALT_SIZE], passphrase, passphrase_size);
474
475 memcpy(&buf[SHA512_LENGTH], passphrase, passphrase_size);
476
477 for (x = 0; x < count; ++x) {
478 if (x == 0) {
479 f2fs_sha512(saltbuf, actual_saltbuf_len, tempbuf);
480 } else {
481 /*
482 * buf: [previous hash || passphrase]
483 */
484 memcpy(buf, tempbuf, SHA512_LENGTH);
485 f2fs_sha512(buf, actual_buf_len, tempbuf);
486 }
487 for (y = 0; y < (sizeof(final) / sizeof(*final_u32)); ++y)
488 final_u32[y] = final_u32[y] ^ temp_u32[y];
489 }
490 memcpy(derived_key, final, F2FS_MAX_KEY_SIZE);
491 }
492
disable_echo(struct termios * saved_settings)493 static int disable_echo(struct termios *saved_settings)
494 {
495 struct termios current_settings;
496 int rc = 0;
497
498 rc = tcgetattr(0, ¤t_settings);
499 if (rc)
500 return rc;
501 *saved_settings = current_settings;
502 current_settings.c_lflag &= ~ECHO;
503 rc = tcsetattr(0, TCSANOW, ¤t_settings);
504
505 return rc;
506 }
507
get_passphrase(char * passphrase,int len)508 static void get_passphrase(char *passphrase, int len)
509 {
510 char *p;
511 struct termios current_settings;
512
513 assert(len > 0);
514 disable_echo(¤t_settings);
515 p = fgets(passphrase, len, stdin);
516 tcsetattr(0, TCSANOW, ¤t_settings);
517 printf("\n");
518 if (!p) {
519 printf("Aborting.\n");
520 exit(1);
521 }
522 p = strrchr(passphrase, '\n');
523 if (!p)
524 p = passphrase + len - 1;
525 *p = '\0';
526 }
527
528 struct keyring_map {
529 char name[4];
530 size_t name_len;
531 int code;
532 };
533
534 static const struct keyring_map keyrings[] = {
535 {"@us", 3, KEY_SPEC_USER_SESSION_KEYRING},
536 {"@u", 2, KEY_SPEC_USER_KEYRING},
537 {"@s", 2, KEY_SPEC_SESSION_KEYRING},
538 {"@g", 2, KEY_SPEC_GROUP_KEYRING},
539 {"@p", 2, KEY_SPEC_PROCESS_KEYRING},
540 {"@t", 2, KEY_SPEC_THREAD_KEYRING},
541 };
542
get_keyring_id(const char * keyring)543 static int get_keyring_id(const char *keyring)
544 {
545 unsigned int x;
546 char *end;
547
548 /*
549 * If no keyring is specified, by default use either the user
550 * session key ring or the session keyring. Fetching the
551 * session keyring will return the user session keyring if no
552 * session keyring has been set.
553 *
554 * We need to do this instead of simply adding the key to
555 * KEY_SPEC_SESSION_KEYRING since trying to add a key to a
556 * session keyring that does not yet exist will cause the
557 * kernel to create a session keyring --- which wil then get
558 * garbage collected as soon as f2fscrypt exits.
559 *
560 * The fact that the keyctl system call and the add_key system
561 * call treats KEY_SPEC_SESSION_KEYRING differently when a
562 * session keyring does not exist is very unfortunate and
563 * confusing, but so it goes...
564 */
565 if (keyring == NULL)
566 return keyctl(KEYCTL_GET_KEYRING_ID,
567 KEY_SPEC_SESSION_KEYRING, 0);
568 for (x = 0; x < (sizeof(keyrings) / sizeof(keyrings[0])); ++x) {
569 if (strcmp(keyring, keyrings[x].name) == 0) {
570 return keyrings[x].code;
571 }
572 }
573 x = strtoul(keyring, &end, 10);
574 if (*end == '\0') {
575 if (keyctl(KEYCTL_DESCRIBE, x, NULL, 0) < 0)
576 return 0;
577 return x;
578 }
579 return 0;
580 }
581
generate_key_ref_str(struct salt * salt)582 static void generate_key_ref_str(struct salt *salt)
583 {
584 unsigned char key_ref1[SHA512_LENGTH];
585 unsigned char key_ref2[SHA512_LENGTH];
586 int x;
587
588 f2fs_sha512(salt->key, F2FS_MAX_KEY_SIZE, key_ref1);
589 f2fs_sha512(key_ref1, SHA512_LENGTH, key_ref2);
590 memcpy(salt->key_desc, key_ref2, F2FS_KEY_DESCRIPTOR_SIZE);
591 for (x = 0; x < F2FS_KEY_DESCRIPTOR_SIZE; ++x) {
592 sprintf(&salt->key_ref_str[x * 2], "%02x",
593 salt->key_desc[x]);
594 }
595 salt->key_ref_str[F2FS_KEY_REF_STR_BUF_SIZE - 1] = '\0';
596 }
597
insert_key_into_keyring(const char * keyring,struct salt * salt)598 static void insert_key_into_keyring(const char *keyring, struct salt *salt)
599 {
600 int keyring_id = get_keyring_id(keyring);
601 struct f2fs_encryption_key key;
602 char key_ref_full[F2FS_KEY_DESC_PREFIX_SIZE +
603 F2FS_KEY_REF_STR_BUF_SIZE];
604 int rc;
605
606 if (keyring_id == 0) {
607 printf("Invalid keyring [%s].\n", keyring);
608 exit(1);
609 }
610 sprintf(key_ref_full, "%s%s", F2FS_KEY_DESC_PREFIX,
611 salt->key_ref_str);
612 rc = keyctl(KEYCTL_SEARCH, keyring_id, F2FS_KEY_TYPE_LOGON,
613 key_ref_full, 0);
614 if (rc != -1) {
615 if ((options & OPT_QUIET) == 0)
616 printf("Key with descriptor [%s] already exists\n",
617 salt->key_ref_str);
618 return;
619 } else if ((rc == -1) && (errno != ENOKEY)) {
620 printf("keyctl_search failed: %s\n", strerror(errno));
621 if (errno == -EINVAL)
622 printf("Keyring [%s] is not available.\n", keyring);
623 exit(1);
624 }
625 key.mode = F2FS_ENCRYPTION_MODE_AES_256_XTS;
626 memcpy(key.raw, salt->key, F2FS_MAX_KEY_SIZE);
627 key.size = F2FS_MAX_KEY_SIZE;
628 rc = add_key(F2FS_KEY_TYPE_LOGON, key_ref_full, (void *)&key,
629 sizeof(key), keyring_id);
630 if (rc == -1) {
631 if (errno == EDQUOT) {
632 printf("Error adding key to keyring; quota exceeded\n");
633 } else {
634 printf("Error adding key with key descriptor [%s]: "
635 "%s\n", salt->key_ref_str, strerror(errno));
636 }
637 exit(1);
638 } else {
639 if ((options & OPT_QUIET) == 0)
640 printf("Added key with descriptor [%s]\n",
641 salt->key_ref_str);
642 }
643 }
644
get_default_salts(void)645 static void get_default_salts(void)
646 {
647 FILE *f = setmntent("/etc/mtab", "r");
648 struct mntent *mnt;
649
650 while (f && ((mnt = getmntent(f)) != NULL)) {
651 if (strcmp(mnt->mnt_type, "f2fs") ||
652 access(mnt->mnt_dir, R_OK))
653 continue;
654 parse_salt(mnt->mnt_dir, PARSE_FLAGS_NOTSUPP_OK);
655 }
656 endmntent(f);
657 }
658
659 /* Functions which implement user commands */
660
661 struct cmd_desc {
662 const char *cmd_name;
663 void (*cmd_func)(int, char **, const struct cmd_desc *);
664 const char *cmd_desc;
665 const char *cmd_help;
666 int cmd_flags;
667 };
668
669 #define CMD_HIDDEN 0x0001
670
671 static void do_help(int argc, char **argv, const struct cmd_desc *cmd);
672
673 #define add_key_desc "adds a key to the user's keyring"
674 #define add_key_help \
675 "f2fscrypt add_key -S salt [ -k keyring ] [-v] [-q] [ path ... ]\n\n" \
676 "Prompts the user for a passphrase and inserts it into the specified\n" \
677 "keyring. If no keyring is specified, f2fscrypt will use the session\n" \
678 "keyring if it exists or the user session keyring if it does not.\n\n" \
679 "If one or more directory paths are specified, f2fscrypt will try to\n" \
680 "set the policy of those directories to use the key just entered by\n" \
681 "the user.\n"
682
do_add_key(int argc,char ** argv,const struct cmd_desc * cmd)683 static void do_add_key(int argc, char **argv, const struct cmd_desc *cmd)
684 {
685 struct salt *salt;
686 char *keyring = NULL;
687 int i, opt, pad = 4;
688 unsigned j;
689
690 while ((opt = getopt(argc, argv, "k:S:p:vq")) != -1) {
691 switch (opt) {
692 case 'k':
693 /* Specify a keyring. */
694 keyring = optarg;
695 break;
696 case 'p':
697 pad = atoi(optarg);
698 break;
699 case 'S':
700 /* Salt value for passphrase. */
701 parse_salt(optarg, 0);
702 break;
703 case 'v':
704 options |= OPT_VERBOSE;
705 break;
706 case 'q':
707 options |= OPT_QUIET;
708 break;
709 default:
710 fprintf(stderr, "Unrecognized option: %c\n", opt);
711 case '?':
712 fputs("USAGE:\n ", stderr);
713 fputs(cmd->cmd_help, stderr);
714 exit(1);
715 }
716 }
717 if (num_salt == 0)
718 get_default_salts();
719 if (num_salt == 0) {
720 fprintf(stderr, "No salt values available\n");
721 exit(1);
722 }
723 validate_paths(argc, argv, optind);
724 for (i = optind; i < argc; i++)
725 parse_salt(argv[i], PARSE_FLAGS_FORCE_FN);
726 printf("Enter passphrase (echo disabled): ");
727 get_passphrase(in_passphrase, sizeof(in_passphrase));
728 for (j = 0, salt = salt_list; j < num_salt; j++, salt++) {
729 pbkdf2_sha512(in_passphrase, salt,
730 F2FS_PBKDF2_ITERATIONS, salt->key);
731 generate_key_ref_str(salt);
732 insert_key_into_keyring(keyring, salt);
733 }
734 if (optind != argc)
735 set_policy(NULL, pad, argc, argv, optind);
736 clear_secrets();
737 exit(0);
738 }
739
740 #define set_policy_desc "sets a policy for directories"
741 #define set_policy_help \
742 "f2fscrypt set_policy policy path ... \n\n" \
743 "Sets the policy for the directories specified on the command line.\n" \
744 "All directories must be empty to set the policy; if the directory\n" \
745 "already has a policy established, f2fscrypt will validate that it the\n" \
746 "policy matches what was specified. A policy is an encryption key\n" \
747 "identifier consisting of 16 hexadecimal characters.\n"
748
do_set_policy(int argc,char ** argv,const struct cmd_desc * cmd)749 static void do_set_policy(int argc, char **argv, const struct cmd_desc *cmd)
750 {
751 struct salt saltbuf;
752 int c, pad = 4;
753
754 while ((c = getopt (argc, argv, "p:")) != EOF) {
755 switch (c) {
756 case 'p':
757 pad = atoi(optarg);
758 break;
759 }
760 }
761
762 if (argc < optind + 2) {
763 fprintf(stderr, "Missing required argument(s).\n\n");
764 fputs("USAGE:\n ", stderr);
765 fputs(cmd->cmd_help, stderr);
766 exit(1);
767 }
768
769 if ((strlen(argv[optind]) != (F2FS_KEY_DESCRIPTOR_SIZE * 2)) ||
770 hex2byte(argv[optind], (F2FS_KEY_DESCRIPTOR_SIZE * 2),
771 saltbuf.key_desc, F2FS_KEY_DESCRIPTOR_SIZE)) {
772 printf("Invalid key descriptor [%s]. Valid characters "
773 "are 0-9 and a-f, lower case. "
774 "Length must be %d.\n",
775 argv[optind], (F2FS_KEY_DESCRIPTOR_SIZE * 2));
776 exit(1);
777 }
778 validate_paths(argc, argv, optind+1);
779 strcpy(saltbuf.key_ref_str, argv[optind]);
780 set_policy(&saltbuf, pad, argc, argv, optind+1);
781 exit(0);
782 }
783
784 #define get_policy_desc "get the encryption for directories"
785 #define get_policy_help \
786 "f2fscrypt get_policy path ... \n\n" \
787 "Gets the policy for the directories specified on the command line.\n"
788
do_get_policy(int argc,char ** argv,const struct cmd_desc * cmd)789 static void do_get_policy(int argc, char **argv, const struct cmd_desc *cmd)
790 {
791 struct f2fs_fscrypt_policy policy;
792 struct stat st;
793 int i, j, fd, rc;
794
795 if (argc < 2) {
796 fprintf(stderr, "Missing required argument(s).\n\n");
797 fputs("USAGE:\n ", stderr);
798 fputs(cmd->cmd_help, stderr);
799 exit(1);
800 }
801
802 for (i = 1; i < argc; i++) {
803 if (stat(argv[i], &st) < 0) {
804 perror(argv[i]);
805 continue;
806 }
807 fd = open(argv[i],
808 S_ISDIR(st.st_mode) ? O_DIRECTORY : O_RDONLY);
809 if (fd == -1) {
810 perror(argv[i]);
811 exit(1);
812 }
813 rc = ioctl(fd, F2FS_IOC_GET_ENCRYPTION_POLICY, &policy);
814 close(fd);
815 if (rc) {
816 printf("Error getting policy for %s: %s\n",
817 argv[i], strerror(errno));
818 continue;
819 }
820 printf("%s: ", argv[i]);
821 for (j = 0; j < F2FS_KEY_DESCRIPTOR_SIZE; j++) {
822 printf("%02x", (unsigned char) policy.master_key_descriptor[j]);
823 }
824 fputc('\n', stdout);
825 }
826 exit(0);
827 }
828
829 #define new_session_desc "give the invoking process a new session keyring"
830 #define new_session_help \
831 "f2fscrypt new_session\n\n" \
832 "Give the invoking process (typically a shell) a new session keyring,\n" \
833 "discarding its old session keyring.\n"
834
do_new_session(int argc,char ** argv,const struct cmd_desc * cmd)835 static void do_new_session(int argc, char **argv, const struct cmd_desc *cmd)
836 {
837 long keyid, ret;
838
839 if (argc > 1) {
840 fputs("Excess arguments\n\n", stderr);
841 fputs(cmd->cmd_help, stderr);
842 exit(1);
843 }
844 keyid = keyctl(KEYCTL_JOIN_SESSION_KEYRING, NULL);
845 if (keyid < 0) {
846 perror("KEYCTL_JOIN_SESSION_KEYRING");
847 exit(1);
848 }
849 ret = keyctl(KEYCTL_SESSION_TO_PARENT, NULL);
850 if (ret < 0) {
851 perror("KEYCTL_SESSION_TO_PARENT");
852 exit(1);
853 }
854 printf("Switched invoking process to new session keyring %ld\n", keyid);
855 exit(0);
856 }
857
858 #define CMD(name) { #name, do_##name, name##_desc, name##_help, 0 }
859 #define _CMD(name) { #name, do_##name, NULL, NULL, CMD_HIDDEN }
860
861 const struct cmd_desc cmd_list[] = {
862 _CMD(help),
863 CMD(add_key),
864 CMD(get_policy),
865 CMD(new_session),
866 CMD(set_policy),
867 { NULL, NULL, NULL, NULL, 0 }
868 };
869
do_help(int argc,char ** argv,const struct cmd_desc * cmd)870 static void do_help(int argc, char **argv, const struct cmd_desc *cmd)
871 {
872 const struct cmd_desc *p;
873
874 if (argc > 1) {
875 for (p = cmd_list; p->cmd_name; p++) {
876 if (p->cmd_flags & CMD_HIDDEN)
877 continue;
878 if (strcmp(p->cmd_name, argv[1]) == 0) {
879 putc('\n', stdout);
880 fputs("USAGE:\n ", stdout);
881 fputs(p->cmd_help, stdout);
882 exit(0);
883 }
884 }
885 printf("Unknown command: %s\n\n", argv[1]);
886 }
887
888 fputs("Available commands:\n", stdout);
889 for (p = cmd_list; p->cmd_name; p++) {
890 if (p->cmd_flags & CMD_HIDDEN)
891 continue;
892 printf(" %-20s %s\n", p->cmd_name, p->cmd_desc);
893 }
894 printf("\nTo get more information on a command, "
895 "type 'f2fscrypt help cmd'\n");
896 exit(0);
897 }
898
main(int argc,char * argv[])899 int main(int argc, char *argv[])
900 {
901 const struct cmd_desc *cmd;
902
903 if (argc < 2)
904 do_help(argc, argv, cmd_list);
905
906 sigcatcher_setup();
907 for (cmd = cmd_list; cmd->cmd_name; cmd++) {
908 if (strcmp(cmd->cmd_name, argv[1]) == 0) {
909 cmd->cmd_func(argc-1, argv+1, cmd);
910 exit(0);
911 }
912 }
913 printf("Unknown command: %s\n\n", argv[1]);
914 do_help(1, argv, cmd_list);
915 return 0;
916 }
917