Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:fs\crypto\keyring.c Create Date:2022-07-28 20:23:54
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Add a master encryption key to the filesystem, causing all files which were* encrypted with it to appear "unlocked" (decrypted) when accessed.* When adding a key for use by v1 encryption policies, this ioctl is

Proto:int fscrypt_ioctl_add_key(struct file *filp, void __user *_uarg)

Type:int

Parameter:

TypeParameterName
struct file *filp
void __user *_uarg
494  sb = i_sb
495  __user * uarg = _uarg
500  If copy_from_user( & arg, uarg, size of arg ) Then Return -EFAULT
503  If Not valid_key_spec( & key_spec) Then Return -EINVAL
506  If raw_size < FSCRYPT_MIN_KEY_SIZE || raw_size > FSCRYPT_MAX_KEY_SIZE Then Return -EINVAL
510  If memchr_inv - Find an unmatching character in an area of memory.*@start: The memory area*@c: Find a character other than c*@bytes: The size of the area.* returns the address of the first character other than @c, or %NULL Then Return -EINVAL
513  memset( & secret, 0, size of secret )
514  Size of the raw key in bytes. Set even if ->raw isn't set. = raw_size
515  err = -EFAULT
516  If copy_from_user(For v1 policy keys: the raw key. Wiped for v2 policy keys. , raw, Size of the raw key in bytes. Set even if ->raw isn't set. ) Then Go to out_wipe_secret
520  Case of FSCRYPT_KEY_SPEC_TYPE_* == v1 policy keys are specified by an arbitrary 8-byte key "descriptor",* matching fscrypt_policy_v1::master_key_descriptor.
526  err = -EACCES
527  If Not Check operation authority Then Go to out_wipe_secret
529  Break
530  Case of FSCRYPT_KEY_SPEC_TYPE_* == v2 policy keys are specified by a 16-byte key "identifier" which the kernel* calculates as a cryptographic hash of the key itself,* matching fscrypt_policy_v2::master_key_identifier.
531  err = Compute HKDF-Extract using the given master key as the input keying material,* and prepare an HMAC transform object keyed by the resulting pseudorandom key.* Afterwards, the keyed HMAC transform object can be used for HKDF-Expand many
532  If err Then Go to out_wipe_secret
539  memzero_explicit - Fill a region of memory (e
542  err = HKDF-Expand (RFC 5869 section 2
546  If err Then Go to out_wipe_secret
548  err = -EFAULT
549  If copy_to_user(identifier, identifier, FSCRYPT_KEY_IDENTIFIER_SIZE) Then Go to out_wipe_secret
553  Break
554  Default
555  WARN_ON(1)
556  err = -EINVAL
557  Go to out_wipe_secret
560  err = add_master_key(sb, & secret, & key_spec)
561  out_wipe_secret :
562  wipe_master_key_secret( & secret)
563  Return err