blob: 948f5bc1660face0dcc941d1164f340df3260154 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
/* fill fi->keyring_key */
int f2fs_validate_key(struct inode *inode)
{
u8 full_key_descriptor[FS_KEY_DESC_PREFIX_SIZE +
(FS_KEY_DESCRIPTOR_SIZE * 2) + 1];
struct key *keyring_key = NULL;
u8 key[F2FS_SET_KEY_SIZE];
int ret;
ret = f2fs_getxattr(inode, F2FS_XATTR_INDEX_KEY,
F2FS_XATTR_NAME_ENCRYPTION_CONTEXT,
key, F2FS_SET_KEY_SIZE, NULL);
if (ret)
return ret;
memcpy(full_key_descriptor, F2FS_KEY_DESC_PREFIX,
F2FS_KEY_DESC_PREFIX_SIZE);
sprintf(full_key_descriptor + F2FS_KEY_DESC_PREFIX_SIZE,
"%*phN", F2FS_KEY_DESCRIPTOR_SIZE, key);
full_key_descriptor[F2FS_KEY_DESC_PREFIX_SIZE +
(2 * F2FS_KEY_DESCRIPTOR_SIZE)] = '\0';
keyring_key = request_key(&key_type_logon, full_key_descriptor, NULL);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
if (keyring_key->type != &key_type_logon) {
printk_once(KERN_WARNING
"%s: key type must be logon\n", __func__);
key_put(keyring_key);
return -ENOKEY;
}
key_put(keyring_key);
return 0;
}
|
