github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/fs_ioctl_fscrypt.txt (about) 1 # Copyright 2019 syzkaller project authors. All rights reserved. 2 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 3 4 # Reference: https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html#user-api 5 6 include <uapi/linux/fs.h> 7 include <uapi/linux/fscrypt.h> 8 9 ioctl$FS_IOC_SET_ENCRYPTION_POLICY(fd fd_dir, cmd const[FS_IOC_SET_ENCRYPTION_POLICY], arg ptr[in, fscrypt_policy]) 10 ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(fd fd_dir, cmd const[FS_IOC_GET_ENCRYPTION_PWSALT], arg ptr[out, array[int8, 16]]) 11 ioctl$FS_IOC_GET_ENCRYPTION_POLICY(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_POLICY], arg ptr[out, fscrypt_policy_v1]) 12 ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_POLICY_EX], arg ptr[inout, fscrypt_get_policy_ex_arg]) 13 ioctl$FS_IOC_ADD_ENCRYPTION_KEY(fd fd_dir, cmd const[FS_IOC_ADD_ENCRYPTION_KEY], arg ptr[inout, fscrypt_add_key_arg]) 14 ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(fd fd_dir, cmd const[FS_IOC_REMOVE_ENCRYPTION_KEY], arg ptr[inout, fscrypt_remove_key_arg]) 15 ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(fd fd_dir, cmd const[FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS], arg ptr[inout, fscrypt_remove_key_arg]) 16 ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(fd fd_dir, cmd const[FS_IOC_GET_ENCRYPTION_KEY_STATUS], arg ptr[inout, fscrypt_get_key_status_arg]) 17 ioctl$FS_IOC_GET_ENCRYPTION_NONCE(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_NONCE], arg ptr[out, array[int8, 16]]) 18 19 # Define the types for fscrypt raw keys, key identifiers, and key descriptors. 20 # 21 # "Key identifiers" are the new way to identify fscrypt keys. They are 16-byte 22 # values that must be computed in a specific way from the raw key. The 23 # FS_IOC_ADD_ENCRYPTION_KEY ioctl will do this computation and return the 24 # identifier to userspace, as a side effect of adding a key. But it's unclear 25 # that syzkaller can understand this flow yet (as arrays can't be resources), so 26 # we also define some sample keys with precomputed identifiers to use. 27 # 28 # "Key descriptors" are the old way to identify fscrypt keys. They are 8-byte 29 # values arbitrarily assigned by userspace. 30 31 fscrypt_raw_key [ 32 auto array[int8[16:64]] 33 # 64-byte keys (usable with aes256, aes128, adiantum) 34 a stringnoz[`0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f40`] 35 b stringnoz["aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111111111111"] 36 # 32-byte key (usable with aes128, adiantum) 37 c stringnoz["abcdefghijklmnopqrstuvwxyz0123456"] 38 # 16-byte key (usable with aes128 only) 39 d stringnoz["abcdefghijklmnop"] 40 ] [varlen] 41 42 fscrypt_key_identifier [ 43 auto array[int8, FSCRYPT_KEY_IDENTIFIER_SIZE] 44 # These 16-byte values are computed from the raw keys listed above. 45 a stringnoz[`69b2f6edeee720cce0577937eb8a6751`] 46 b stringnoz[`912ae510a458723a839a9fad701538ac`] 47 c stringnoz[`1c2d6754b6cc7daacb599875d7faf9bb`] 48 d stringnoz[`7eb80af3f24ef086726a4cea3a154ce0`] 49 ] 50 51 fscrypt_key_descriptor [ 52 auto array[int8, FSCRYPT_KEY_DESCRIPTOR_SIZE] 53 # These are arbitrary 8-byte values. 54 desc1 stringnoz[`0000111122223333`] 55 desc2 stringnoz[`e355a76a11a1be18`] 56 desc3 stringnoz[`e8dab99234bb312e`] 57 desc4 stringnoz[`85baa174f0cb1142`] 58 ] 59 60 # fscrypt_key_descriptor translated into a hex string 61 fscrypt_key_descriptor_hex [ 62 auto array[flags[hex_chars, int8], 16] 63 desc1 stringnoz["0000111122223333"] 64 desc2 stringnoz["e355a76a11a1be18"] 65 desc3 stringnoz["e8dab99234bb312e"] 66 desc4 stringnoz["85baa174f0cb1142"] 67 ] 68 69 # Below are the data structures needed to put keys for fscrypt_policy_v1 in the 70 # regular Linux keyrings via the add_key() syscall. Note that this part of the 71 # API is deprecated in favor of FS_IOC_ADD_ENCRYPTION_KEY and fscrypt_policy_v2. 72 73 fscrypt_v1_key_description { 74 prefix stringnoz["fscrypt:"] 75 descriptor fscrypt_key_descriptor_hex 76 nil const[0, int8] 77 } 78 79 fscrypt_v1_key_payload { 80 mode const[0, int32] 81 # This really should be fscrypt_raw_key, but that has the varlen attribute so it 82 # doesn't work in this struct. 83 raw array[int8, 64] 84 size int32[16:64] 85 } 86 87 # Structs for the ioctls that get and set encryption policies 88 89 fscrypt_policy_v1 { 90 version const[0, int8] 91 modes fscrypt_policy_modes 92 flags flags[fscrypt_policy_flags, int8] 93 master_key_descriptor fscrypt_key_descriptor 94 } 95 96 fscrypt_policy_v2 { 97 version const[2, int8] 98 modes fscrypt_policy_modes 99 flags flags[fscrypt_policy_flags, int8] 100 reserved array[const[0, int8], 4] 101 master_key_identifier fscrypt_key_identifier 102 } 103 104 fscrypt_policy [ 105 v1 fscrypt_policy_v1 106 v2 fscrypt_policy_v2 107 ] [varlen] 108 109 fscrypt_policy_modes [ 110 aes256 fscrypt_policy_mode_t[FSCRYPT_MODE_AES_256_XTS, FSCRYPT_MODE_AES_256_CTS] 111 aes128 fscrypt_policy_mode_t[FSCRYPT_MODE_AES_128_CBC, FSCRYPT_MODE_AES_128_CTS] 112 adiantum fscrypt_policy_mode_t[FSCRYPT_MODE_ADIANTUM, FSCRYPT_MODE_ADIANTUM] 113 ] 114 115 type fscrypt_policy_mode_t[CONTENTS, FILENAMES] { 116 contents_encryption_mode const[CONTENTS, int8] 117 filenames_encryption_mode const[FILENAMES, int8] 118 } 119 120 fscrypt_policy_flags = FSCRYPT_POLICY_FLAGS_PAD_4, FSCRYPT_POLICY_FLAGS_PAD_8, FSCRYPT_POLICY_FLAGS_PAD_16, FSCRYPT_POLICY_FLAGS_PAD_32, FSCRYPT_POLICY_FLAG_DIRECT_KEY, FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64, FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 121 122 fscrypt_get_policy_ex_arg { 123 policy_size len[policy, int64] (in) 124 policy array[const[0, int8]] (out) 125 } 126 127 # Structs for the ioctls that manage keys in the filesystem-level keyring 128 129 fscrypt_key_specifier [ 130 desc fscrypt_key_specifier__by_descriptor 131 id fscrypt_key_specifier__by_identifier 132 ] 133 134 fscrypt_key_specifier__by_descriptor { 135 type const[FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR, int32] 136 reserved const[0, int32] 137 descriptor fscrypt_key_descriptor 138 reserved2 array[const[0, int8], 24] 139 } 140 141 fscrypt_key_specifier__by_identifier { 142 type const[FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER, int32] 143 reserved const[0, int32] 144 identifier fscrypt_key_identifier 145 reserved2 array[const[0, int8], 16] 146 } 147 148 # Usually, fscrypt_key_specifier is entirely an input. But in 149 # FS_IOC_ADD_ENCRYPTION_KEY, if 'fscrypt_add_key_arg::key_spec.type' is set to 150 # FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER, then 151 # 'fscrypt_add_key_arg::key_spec.identifier' is an output field. The version of 152 # fscrypt_key_specifier below has per-field directions set to represent this. 153 fscrypt_key_specifier__for_add_key [ 154 desc fscrypt_key_specifier__by_descriptor 155 id fscrypt_key_specifier__by_identifier_for_add_key 156 ] 157 158 fscrypt_key_specifier__by_identifier_for_add_key { 159 type const[FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER, int32] (in) 160 reserved const[0, int32] (in) 161 identifier fscrypt_key_identifier (out) 162 reserved2 array[const[0, int8], 16] (in) 163 } 164 165 fscrypt_key_specifier_type = FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR, FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER 166 167 fscrypt_provisioning_key_payload { 168 type flags[fscrypt_key_specifier_type, int32] 169 reserved const[0, int32] 170 raw fscrypt_raw_key 171 } 172 173 fscrypt_add_key_arg { 174 key_spec fscrypt_key_specifier__for_add_key 175 raw_size bytesize[raw, int32] (in) 176 key_id fscrypt_provisioning_key[opt] (in) 177 reserved array[const[0, int32], 8] (in) 178 raw fscrypt_raw_key (in) 179 } 180 181 fscrypt_remove_key_arg { 182 key_spec fscrypt_key_specifier (in) 183 removal_status_flags int32 (out) 184 reserved array[const[0, int32], 5] (in) 185 } 186 187 fscrypt_get_key_status_arg { 188 key_spec fscrypt_key_specifier (in) 189 reserved array[const[0, int32], 6] (in) 190 191 status int32 (out) 192 status_flags int32 (out) 193 user_count int32 (out) 194 out_reserved array[const[0, int32], 13] (out) 195 }