aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2018-10-18 16:36:53 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2018-11-01 12:39:19 +0100
commit2144f88af24e03879b4c09fe15c5c982d296b7a3 (patch)
treeb33e25fad4d56a3c3dccc43971f2f3089431c54b
parentdbdc4adb939c15b1b342dc0a48a994bc83148c16 (diff)
mkfs.ubifs: Move symlink data encryption to helper function
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
-rw-r--r--ubifs-utils/mkfs.ubifs/mkfs.ubifs.c81
1 files changed, 44 insertions, 37 deletions
diff --git a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
index b7d68c6..b402945 100644
--- a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
+++ b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
@@ -1443,6 +1443,46 @@ static int set_fscrypt_context(struct ubifs_ino_node *host_ino, ino_t inum,
fctx, sizeof(*fctx));
}
+static int encrypt_symlink(void *dst, void *data, unsigned int data_len,
+ struct fscrypt_context *fctx)
+{
+ struct fscrypt_symlink_data *sd;
+ void *inbuf, *outbuf, *crypt_key;
+ unsigned int max_namelen = UBIFS_MAX_INO_DATA;
+ unsigned int padding = 4 << (fctx->flags & FS_POLICY_FLAGS_PAD_MASK);
+ unsigned int cryptlen;
+ unsigned int link_disk_len = fscrypt_fname_encrypted_size(fctx, data_len) + sizeof(struct fscrypt_symlink_data);
+
+ cryptlen = max_t(unsigned int, data_len, FS_CRYPTO_BLOCK_SIZE);
+ cryptlen = round_up(cryptlen, padding);
+ cryptlen = min(cryptlen, max_namelen);
+
+ sd = xzalloc(link_disk_len);
+ inbuf = xmalloc(cryptlen);
+ /* CTS mode needs a block size aligned buffer */
+ outbuf = xmalloc(round_up(cryptlen, FS_CRYPTO_BLOCK_SIZE));
+
+ memset(inbuf, 0, cryptlen);
+ memcpy(inbuf, data, data_len);
+
+ crypt_key = calc_fscrypt_subkey(fctx);
+ if (!crypt_key)
+ return err_msg("could not compute subkey");
+ if (encrypt_aes128_cbc_cts(inbuf, cryptlen, crypt_key, outbuf) < 0)
+ return err_msg("could not encrypt filename");
+
+ memcpy(sd->encrypted_path, outbuf, cryptlen);
+ sd->len = cpu_to_le16(cryptlen);
+ memcpy(dst, sd, link_disk_len);
+ ((char *)dst)[link_disk_len - 1] = '\0';
+
+ free(crypt_key);
+ free(inbuf);
+ free(outbuf);
+ free(sd);
+ return link_disk_len;
+}
+
/**
* add_inode - write an inode.
* @st: stat information of source inode
@@ -1503,43 +1543,10 @@ static int add_inode(struct stat *st, ino_t inum, void *data,
if (!fctx) {
memcpy(&ino->data, data, data_len);
} else {
- //TODO turn this into a common helper
- struct fscrypt_symlink_data *sd;
- void *inbuf, *outbuf, *crypt_key;
- unsigned int max_namelen = UBIFS_MAX_INO_DATA;
- unsigned int padding = 4 << (fctx->flags & FS_POLICY_FLAGS_PAD_MASK);
- unsigned int cryptlen;
- unsigned int link_disk_len = fscrypt_fname_encrypted_size(fctx, data_len) + sizeof(struct fscrypt_symlink_data);
-
- cryptlen = max_t(unsigned int, data_len, FS_CRYPTO_BLOCK_SIZE);
- cryptlen = round_up(cryptlen, padding);
- cryptlen = min(cryptlen, max_namelen);
-
- sd = xzalloc(link_disk_len);
- inbuf = xmalloc(cryptlen);
- /* CTS mode needs a block size aligned buffer */
- outbuf = xmalloc(round_up(cryptlen, FS_CRYPTO_BLOCK_SIZE));
-
- memset(inbuf, 0, cryptlen);
- memcpy(inbuf, data, data_len);
-
- crypt_key = calc_fscrypt_subkey(fctx);
- if (!crypt_key)
- return err_msg("could not compute subkey");
- if (encrypt_aes128_cbc_cts(inbuf, cryptlen, crypt_key, outbuf) < 0)
- return err_msg("could not encrypt filename");
-
- memcpy(sd->encrypted_path, outbuf, cryptlen);
- sd->len = cpu_to_le16(cryptlen);
- memcpy(&ino->data, sd, link_disk_len);
- ((char *)&ino->data)[link_disk_len - 1] = '\0';
-
- data_len = link_disk_len;
-
- free(crypt_key);
- free(inbuf);
- free(outbuf);
- free(sd);
+ ret = encrypt_symlink(&ino->data, data, data_len, fctx);
+ if (ret < 0)
+ return ret;
+ data_len = ret;
}
}
ino->data_len = cpu_to_le32(data_len);