From: Robin Hsu <[email protected]> This patch add an ioctl to get filename encryption mode.
Signed-off-by: Robin Hsu <[email protected]> Signed-off-by: Jaegeuk Kim <[email protected]> --- tools/f2fs_io/f2fs_io.c | 63 +++++++++++++++++++++++++++++++++++++++++ tools/f2fs_io/f2fs_io.h | 36 +++++++++++++++++++++++ 2 files changed, 99 insertions(+) diff --git a/tools/f2fs_io/f2fs_io.c b/tools/f2fs_io/f2fs_io.c index 033c256d14d1..fa7d3f5e4b36 100644 --- a/tools/f2fs_io/f2fs_io.c +++ b/tools/f2fs_io/f2fs_io.c @@ -1096,6 +1096,68 @@ static void do_compress(int argc, char **argv, const struct cmd_desc *cmd) exit(0); } +#define get_filename_encrypt_mode_desc "get file name encrypt mode" +#define get_filename_encrypt_mode_help \ +"f2fs_io filename_encrypt_mode [file or directory path]\n\n" \ +"Get the file name encription mode of the given file/directory.\n" \ + +static void do_get_filename_encrypt_mode (int argc, char **argv, + const struct cmd_desc *cmd) +{ + static const char *enc_name[] = { + "invalid", /* FS_ENCRYPTION_MODE_INVALID (0) */ + "aes-256-xts", /* FS_ENCRYPTION_MODE_AES_256_XTS (1) */ + "aes-256-gcm", /* FS_ENCRYPTION_MODE_AES_256_GCM (2) */ + "aes-256-cbc", /* FS_ENCRYPTION_MODE_AES_256_CBC (3) */ + "aes-256-cts", /* FS_ENCRYPTION_MODE_AES_256_CTS (4) */ + "aes-128-cbc", /* FS_ENCRYPTION_MODE_AES_128_CBC (5) */ + "aes-128-cts", /* FS_ENCRYPTION_MODE_AES_128_CTS (6) */ + "speck128-256-xts", /* FS_ENCRYPTION_MODE_SPECK128_256_XTS (7) */ + "speck128-256-cts", /* FS_ENCRYPTION_MODE_SPECK128_256_CTS (8) */ + "adiantum", /* FS_ENCRYPTION_MODE_ADIANTUM (9) */ + }; + int fd, mode, ret; + struct fscrypt_get_policy_ex_arg arg; + + if (argc != 2) { + fputs("Excess arguments\n\n", stderr); + fputs(cmd->cmd_help, stderr); + exit(1); + } + + fd = xopen(argv[1], O_RDONLY, 0); + arg.policy_size = sizeof(arg.policy); + ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY_EX, &arg); + if (ret != 0 && errno == ENOTTY) + ret = ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, arg.policy.v1); + close(fd); + + if (ret) { + perror("FS_IOC_GET_ENCRYPTION_POLICY|_EX"); + exit(1); + } + + switch (arg.policy.version) { + case FSCRYPT_POLICY_V1: + mode = arg.policy.v1.filenames_encryption_mode; + break; + case FSCRYPT_POLICY_V2: + mode = arg.policy.v2.filenames_encryption_mode; + break; + default: + printf("Do not support policy version: %d\n", + arg.policy.version); + exit(1); + } + + if (mode >= sizeof(enc_name)/sizeof(enc_name[0])) { + printf("Do not support algorithm: %d\n", mode); + exit(1); + } + printf ("%s\n", enc_name[mode]); + exit(0); +} + #define CMD_HIDDEN 0x0001 #define CMD(name) { #name, do_##name, name##_desc, name##_help, 0 } #define _CMD(name) { #name, do_##name, NULL, NULL, CMD_HIDDEN } @@ -1125,6 +1187,7 @@ const struct cmd_desc cmd_list[] = { CMD(set_coption), CMD(decompress), CMD(compress), + CMD(get_filename_encrypt_mode), { NULL, NULL, NULL, NULL, 0 } }; diff --git a/tools/f2fs_io/f2fs_io.h b/tools/f2fs_io/f2fs_io.h index d53e5765c538..3a0278fd6ddf 100644 --- a/tools/f2fs_io/f2fs_io.h +++ b/tools/f2fs_io/f2fs_io.h @@ -91,6 +91,42 @@ typedef u32 __be32; #define F2FS_IOC_DECOMPRESS_FILE _IO(F2FS_IOCTL_MAGIC, 23) #define F2FS_IOC_COMPRESS_FILE _IO(F2FS_IOCTL_MAGIC, 24) +#ifndef FS_IOC_GET_ENCRYPTION_POLICY +#define FSCRYPT_POLICY_V1 0 +#define FSCRYPT_KEY_DESCRIPTOR_SIZE 8 +struct fscrypt_policy_v1 { + __u8 version; + __u8 contents_encryption_mode; + __u8 filenames_encryption_mode; + __u8 flags; + __u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; +}; +#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy_v1) +#endif + +#ifndef FS_IOC_GET_ENCRYPTION_POLICY_EX +#define FSCRYPT_POLICY_V2 2 +#define FSCRYPT_KEY_IDENTIFIER_SIZE 16 +struct fscrypt_policy_v2 { + __u8 version; + __u8 contents_encryption_mode; + __u8 filenames_encryption_mode; + __u8 flags; + __u8 __reserved[4]; + __u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; +}; +/* Struct passed to FS_IOC_GET_ENCRYPTION_POLICY_EX */ +struct fscrypt_get_policy_ex_arg { + __u64 policy_size; /* input/output */ + union { + __u8 version; + struct fscrypt_policy_v1 v1; + struct fscrypt_policy_v2 v2; + } policy; /* output */ +}; +#define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) /* size + version */ +#endif + #define F2FS_IOC_SET_ENCRYPTION_POLICY FS_IOC_SET_ENCRYPTION_POLICY #define F2FS_IOC_GET_ENCRYPTION_POLICY FS_IOC_GET_ENCRYPTION_POLICY #define F2FS_IOC_GET_ENCRYPTION_PWSALT FS_IOC_GET_ENCRYPTION_PWSALT -- 2.31.1.368.gbe11c130af-goog _______________________________________________ Linux-f2fs-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
