Merge android-4.4.128 (89904cc) into msm-4.4

* refs/heads/tmp-89904cc
  ANDROID: Add build server config for cuttlefish.
  ANDROID: Add defconfig for cuttlefish.
  FROMLIST: staging: Android: Add 'vsoc' driver for cuttlefish.
  Revert "proc: make oom adjustment files user read-only"
  Revert "fixup! proc: make oom adjustment files user read-only"
  Linux 4.4.128
  Revert "xhci: plat: Register shutdown for xhci_plat"
  vrf: Fix use after free and double free in vrf_finish_output
  ipv6: the entire IPv6 header chain must fit the first fragment
  net/ipv6: Increment OUTxxx counters after netfilter hook
  net sched actions: fix dumping which requires several messages to user space
  r8169: fix setting driver_data after register_netdev
  vti6: better validate user provided tunnel names
  ip6_tunnel: better validate user provided tunnel names
  ip6_gre: better validate user provided tunnel names
  ipv6: sit: better validate user provided tunnel names
  ip_tunnel: better validate user provided tunnel names
  net: fool proof dev_valid_name()
  bonding: process the err returned by dev_set_allmulti properly in bond_enslave
  bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
  bonding: fix the err path for dev hwaddr sync in bond_enslave
  vlan: also check phy_driver ts_info for vlan's real device
  vhost: correctly remove wait queue during poll failure
  sky2: Increase D3 delay to sky2 stops working after suspend
  sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
  sctp: do not leak kernel memory to user space
  pptp: remove a buggy dst release in pptp_connect()
  net/sched: fix NULL dereference in the error path of tcf_bpf_init()
  netlink: make sure nladdr has correct size in netlink_connect()
  net/ipv6: Fix route leaking between VRFs
  net: fix possible out-of-bound read in skb_network_protocol()
  arp: fix arp_filter on l3slave devices
  Kbuild: provide a __UNIQUE_ID for clang
  futex: Remove requirement for lock_page() in get_futex_key()
  random: use lockless method of accessing and updating f->reg_idx
  virtio_net: check return value of skb_to_sgvec in one more location
  virtio_net: check return value of skb_to_sgvec always
  rxrpc: check return value of skb_to_sgvec always
  ipsec: check return value of skb_to_sgvec always
  perf tools: Fix copyfile_offset update of output offset
  cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
  EDAC, mv64x60: Fix an error handling path
  tty: n_gsm: Allow ADM response in addition to UA for control dlci
  blk-mq: fix kernel oops in blk_mq_tag_idle()
  scsi: libsas: initialize sas_phy status according to response of DISCOVER
  scsi: libsas: fix error when getting phy events
  scsi: libsas: fix memory leak in sas_smp_get_phy_events()
  bcache: segregate flash only volume write streams
  bcache: stop writeback thread after detaching
  vxlan: dont migrate permanent fdb entries during learn
  s390/dasd: fix hanging safe offline
  ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
  ACPICA: Events: Add runtime stub support for event APIs
  cpuidle: dt: Add missing 'of_node_put()'
  Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
  iio: magnetometer: st_magn_spi: fix spi_device_id table
  sparc64: ldc abort during vds iso boot
  sctp: fix recursive locking warning in sctp_do_peeloff
  bnx2x: Allow vfs to disable txvlan offload
  xen: avoid type warning in xchg_xen_ulong
  skbuff: only inherit relevant tx_flags
  perf tests: Decompress kernel module before objdump
  net: emac: fix reset timeout with AR8035 phy
  Fix loop device flush before configure v3
  MIPS: kprobes: flush_insn_slot should flush only if probe initialised
  MIPS: mm: adjust PKMAP location
  MIPS: mm: fixed mappings: correct initialisation
  perf/core: Correct event creation with PERF_FORMAT_GROUP
  e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
  ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
  net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
  mceusb: sporadic RX truncation corruption fix
  cx25840: fix unchecked return values
  e1000e: fix race condition around skb_tstamp_tx()
  tags: honor COMPILED_SOURCE with apart output directory
  perf report: Ensure the perf DSO mapping matches what libdw sees
  perf header: Set proper module name when build-id event found
  net/mlx4: Check if Granular QoS per VF has been enabled before updating QP qos_vport
  net/mlx4: Fix the check in attaching steering rules
  sit: reload iphdr in ipip6_rcv
  skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
  bio-integrity: Do not allocate integrity context for bio w/o data
  Fix serial console on SNI RM400 machines
  cxgb4: fix incorrect cim_la output for T6
  drm/omap: fix tiled buffer stride calculations
  mISDN: Fix a sleep-in-atomic bug
  qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and qlcnic_82xx_hw_read_wx_2M
  perf trace: Add mmap alias for s390
  powerpc/spufs: Fix coredump of SPU contexts
  clk: Fix __set_clk_rates error print-string
  clk: scpi: fix return type of __scpi_dvfs_round_rate
  KVM: SVM: do not zero out segment attributes if segment is unusable or not present
  net: freescale: fix potential null pointer dereference
  SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
  rtc: interface: Validate alarm-time before handling rollover
  rtc: opal: Handle disabled TPO in opal_get_tpo_time()
  cxgb4: FW upgrade fixes
  net/mlx5: avoid build warning for uniprocessor
  arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
  dmaengine: imx-sdma: Handle return value of clk_prepare_enable
  powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
  ovl: filter trusted xattr for non-admin
  hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
  wl1251: check return from call to wl1251_acx_arp_ip_filter
  ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
  gpio: label descriptors using the device name
  vfb: fix video mode and line_length being set when loaded
  scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
  scsi: libiscsi: Allow sd_shutdown on bad transport
  ASoC: Intel: cht_bsw_rt5645: Analog Mic support
  media: videobuf2-core: don't go out of the buffer range
  hwmon: (ina2xx) Make calibration register value fixed
  rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
  l2tp: fix missing print session offset info
  perf probe: Add warning message if there is unexpected event name
  thermal: power_allocator: fix one race condition issue for thermal_instances list
  ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
  net: llc: add lock_sock in llc_ui_bind to avoid a race condition
  KVM: nVMX: Fix handling of lmsw instruction
  bonding: Don't update slave->link until ready to commit
  Input: elan_i2c - clear INT before resetting controller
  net: move somaxconn init from sysctl code
  tcp: better validation of received ack sequences
  ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
  fix race in drivers/char/random.c:get_reg()
  scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
  ASoC: rsnd: SSI PIO adjust to 24bit mode
  pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
  netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
  libceph: NULL deref on crush_decode() error path
  net: ieee802154: fix net_device reference release too early
  mlx5: fix bug reading rss_hash_type from CQE
  block: fix an error code in add_partition()
  selinux: do not check open permission on sockets
  net/mlx5: Tolerate irq_set_affinity_hint() failures
  sched/numa: Use down_read_trylock() for the mmap_sem
  leds: pca955x: Correct I2C Functionality
  ray_cs: Avoid reading past end of buffer
  ARM: davinci: da8xx: Create DSP device only when assigned memory
  md-cluster: fix potential lock issue in add_new_disk
  ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
  iio: hi8435: cleanup reset gpio
  iio: hi8435: avoid garbage event at first enable
  xfrm: fix state migration copy replay sequence numbers
  selftests/powerpc: Fix TM resched DSCR test with some compilers
  ath5k: fix memory leak on buf on failed eeprom read
  powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
  scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
  sh_eth: Use platform device for printing before register_netdev()
  serial: sh-sci: Fix race condition causing garbage during shutdown
  serial: 8250: omap: Disable DMA for console UART
  USB: ene_usb6250: fix SCSI residue overwriting
  net: x25: fix one potential use-after-free issue
  USB: ene_usb6250: fix first command execution
  usb: chipidea: properly handle host or gadget initialization failure
  arp: honour gratuitous ARP _replies_
  neighbour: update neigh timestamps iff update is effective
  ata: libahci: properly propagate return value of platform_get_irq()
  btrfs: fix incorrect error return ret being passed to mapping_set_error
  usb: dwc3: keystone: check return value
  async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
  ipv6: avoid dad-failures for addresses with NODAD
  ARM: dts: imx6qdl-wandboard: Fix audio channel swap
  x86/tsc: Provide 'tsc=unstable' boot parameter
  staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
  ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
  PowerCap: Fix an error code in powercap_register_zone()
  bus: brcmstb_gisb: correct support for 64-bit address output
  bus: brcmstb_gisb: Use register offsets with writes too
  SMB2: Fix share type handling
  vmxnet3: ensure that adapter is in proper state during force_close
  KVM: PPC: Book3S PR: Check copy_to/from_user return values
  Input: elantech - force relative mode on a certain module
  Input: elan_i2c - check if device is there before really probing
  netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
  net: qca_spi: Fix alignment issues in rx path
  blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split op
  CIFS: silence lockdep splat in cifs_relock_file()
  NFSv4.1: Work around a Linux server bug...
  net/mlx4_en: Avoid adding steering rules with invalid ring
  s390: move _text symbol to address higher than zero
  pidns: disable pid allocation if pid_ns_prepare_proc() is failed in alloc_pid()
  drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
  lockd: fix lockd shutdown race
  net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
  net: cdc_ncm: Fix TX zero padding
  ipmi_ssif: unlock on allocation failure
  qlge: Avoid reading past end of buffer
  bna: Avoid reading past end of buffer
  mac80211: bail out from prep_connection() if a reconfig is ongoing
  af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
  IB/srpt: Fix abort handling
  NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
  x86/asm: Don't use RBP as a temporary register in csum_partial_copy_generic()
  rtc: snvs: fix an incorrect check of return value
  md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
  cfg80211: make RATE_INFO_BW_20 the default
  ANDROID: proc: add null check in proc_uid_init
  f2fs/fscrypt: updates to v4.17-rc1
  Reduce amount of casting in drivers/tty/goldfish.c.

Conflicts:
	drivers/staging/android/Kconfig
	drivers/staging/android/Makefile

Change-Id: Ic7aa3df76a0312b8d6d84f8a8e11e793311a239a
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>

5 files changed, 250 insertions, 79 deletions

diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 732a786cce9d..ce654526c0fb 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -27,6 +27,7 @@
 #include <linux/dcache.h>
 #include <linux/namei.h>
 #include <crypto/aes.h>
+#include <crypto/skcipher.h>
 #include "fscrypt_private.h"
 
 static unsigned int num_prealloc_crypto_pages = 32;
diff --git a/fs/crypto/fname.c b/fs/crypto/fname.c
index 6eb434363ff2..b18fa323d1d9 100644
--- a/fs/crypto/fname.c
+++ b/fs/crypto/fname.c
@@ -12,42 +12,46 @@
 
 #include <linux/scatterlist.h>
 #include <linux/ratelimit.h>
+#include <crypto/skcipher.h>
 #include "fscrypt_private.h"
 
+static inline bool fscrypt_is_dot_dotdot(const struct qstr *str)
+{
+	if (str->len == 1 && str->name[0] == '.')
+		return true;
+
+	if (str->len == 2 && str->name[0] == '.' && str->name[1] == '.')
+		return true;
+
+	return false;
+}
+
 /**
  * fname_encrypt() - encrypt a filename
  *
- * The caller must have allocated sufficient memory for the @oname string.
+ * The output buffer must be at least as large as the input buffer.
+ * Any extra space is filled with NUL padding before encryption.
  *
  * Return: 0 on success, -errno on failure
  */
-static int fname_encrypt(struct inode *inode,
-			const struct qstr *iname, struct fscrypt_str *oname)
+int fname_encrypt(struct inode *inode, const struct qstr *iname,
+		  u8 *out, unsigned int olen)
 {
 	struct skcipher_request *req = NULL;
 	DECLARE_CRYPTO_WAIT(wait);
-	struct fscrypt_info *ci = inode->i_crypt_info;
-	struct crypto_skcipher *tfm = ci->ci_ctfm;
+	struct crypto_skcipher *tfm = inode->i_crypt_info->ci_ctfm;
 	int res = 0;
 	char iv[FS_CRYPTO_BLOCK_SIZE];
 	struct scatterlist sg;
-	int padding = 4 << (ci->ci_flags & FS_POLICY_FLAGS_PAD_MASK);
-	unsigned int lim;
-	unsigned int cryptlen;
-
-	lim = inode->i_sb->s_cop->max_namelen(inode);
-	if (iname->len <= 0 || iname->len > lim)
-		return -EIO;
 
 	/*
 	 * Copy the filename to the output buffer for encrypting in-place and
 	 * pad it with the needed number of NUL bytes.
 	 */
-	cryptlen = max_t(unsigned int, iname->len, FS_CRYPTO_BLOCK_SIZE);
-	cryptlen = round_up(cryptlen, padding);
-	cryptlen = min(cryptlen, lim);
-	memcpy(oname->name, iname->name, iname->len);
-	memset(oname->name + iname->len, 0, cryptlen - iname->len);
+	if (WARN_ON(olen < iname->len))
+		return -ENOBUFS;
+	memcpy(out, iname->name, iname->len);
+	memset(out + iname->len, 0, olen - iname->len);
 
 	/* Initialize the IV */
 	memset(iv, 0, FS_CRYPTO_BLOCK_SIZE);
@@ -62,8 +66,8 @@ static int fname_encrypt(struct inode *inode,
 	skcipher_request_set_callback(req,
 			CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
 			crypto_req_done, &wait);
-	sg_init_one(&sg, oname->name, cryptlen);
-	skcipher_request_set_crypt(req, &sg, &sg, cryptlen, iv);
+	sg_init_one(&sg, out, olen);
+	skcipher_request_set_crypt(req, &sg, &sg, olen, iv);
 
 	/* Do the encryption */
 	res = crypto_wait_req(crypto_skcipher_encrypt(req), &wait);
@@ -74,7 +78,6 @@ static int fname_encrypt(struct inode *inode,
 		return res;
 	}
 
-	oname->len = cryptlen;
 	return 0;
 }
 
@@ -187,50 +190,52 @@ static int digest_decode(const char *src, int len, char *dst)
 	return cp - dst;
 }
 
-u32 fscrypt_fname_encrypted_size(const struct inode *inode, u32 ilen)
+bool fscrypt_fname_encrypted_size(const struct inode *inode, u32 orig_len,
+				  u32 max_len, u32 *encrypted_len_ret)
 {
-	int padding = 32;
-	struct fscrypt_info *ci = inode->i_crypt_info;
-
-	if (ci)
-		padding = 4 << (ci->ci_flags & FS_POLICY_FLAGS_PAD_MASK);
-	ilen = max(ilen, (u32)FS_CRYPTO_BLOCK_SIZE);
-	return round_up(ilen, padding);
+	int padding = 4 << (inode->i_crypt_info->ci_flags &
+			    FS_POLICY_FLAGS_PAD_MASK);
+	u32 encrypted_len;
+
+	if (orig_len > max_len)
+		return false;
+	encrypted_len = max(orig_len, (u32)FS_CRYPTO_BLOCK_SIZE);
+	encrypted_len = round_up(encrypted_len, padding);
+	*encrypted_len_ret = min(encrypted_len, max_len);
+	return true;
 }
-EXPORT_SYMBOL(fscrypt_fname_encrypted_size);
 
 /**
- * fscrypt_fname_crypto_alloc_obuff() -
+ * fscrypt_fname_alloc_buffer - allocate a buffer for presented filenames
+ *
+ * Allocate a buffer that is large enough to hold any decrypted or encoded
+ * filename (null-terminated), for the given maximum encrypted filename length.
  *
- * Allocates an output buffer that is sufficient for the crypto operation
- * specified by the context and the direction.
+ * Return: 0 on success, -errno on failure
  */
 int fscrypt_fname_alloc_buffer(const struct inode *inode,
-				u32 ilen, struct fscrypt_str *crypto_str)
+			       u32 max_encrypted_len,
+			       struct fscrypt_str *crypto_str)
 {
-	u32 olen = fscrypt_fname_encrypted_size(inode, ilen);
 	const u32 max_encoded_len =
 		max_t(u32, BASE64_CHARS(FSCRYPT_FNAME_MAX_UNDIGESTED_SIZE),
 		      1 + BASE64_CHARS(sizeof(struct fscrypt_digested_name)));
+	u32 max_presented_len;
 
-	crypto_str->len = olen;
-	olen = max(olen, max_encoded_len);
+	max_presented_len = max(max_encoded_len, max_encrypted_len);
 
-	/*
-	 * Allocated buffer can hold one more character to null-terminate the
-	 * string
-	 */
-	crypto_str->name = kmalloc(olen + 1, GFP_NOFS);
-	if (!(crypto_str->name))
+	crypto_str->name = kmalloc(max_presented_len + 1, GFP_NOFS);
+	if (!crypto_str->name)
 		return -ENOMEM;
+	crypto_str->len = max_presented_len;
 	return 0;
 }
 EXPORT_SYMBOL(fscrypt_fname_alloc_buffer);
 
 /**
- * fscrypt_fname_crypto_free_buffer() -
+ * fscrypt_fname_free_buffer - free the buffer for presented filenames
  *
- * Frees the buffer allocated for crypto operation.
+ * Free the buffer allocated by fscrypt_fname_alloc_buffer().
  */
 void fscrypt_fname_free_buffer(struct fscrypt_str *crypto_str)
 {
@@ -297,35 +302,6 @@ int fscrypt_fname_disk_to_usr(struct inode *inode,
 EXPORT_SYMBOL(fscrypt_fname_disk_to_usr);
 
 /**
- * fscrypt_fname_usr_to_disk() - converts a filename from user space to disk
- * space
- *
- * The caller must have allocated sufficient memory for the @oname string.
- *
- * Return: 0 on success, -errno on failure
- */
-int fscrypt_fname_usr_to_disk(struct inode *inode,
-			const struct qstr *iname,
-			struct fscrypt_str *oname)
-{
-	if (fscrypt_is_dot_dotdot(iname)) {
-		oname->name[0] = '.';
-		oname->name[iname->len - 1] = '.';
-		oname->len = iname->len;
-		return 0;
-	}
-	if (inode->i_crypt_info)
-		return fname_encrypt(inode, iname, oname);
-	/*
-	 * Without a proper key, a user is not allowed to modify the filenames
-	 * in a directory. Consequently, a user space name cannot be mapped to
-	 * a disk-space name
-	 */
-	return -ENOKEY;
-}
-EXPORT_SYMBOL(fscrypt_fname_usr_to_disk);
-
-/**
  * fscrypt_setup_filename() - prepare to search a possibly encrypted directory
  * @dir: the directory that will be searched
  * @iname: the user-provided filename being searched for
@@ -368,11 +344,17 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname,
 		return ret;
 
 	if (dir->i_crypt_info) {
-		ret = fscrypt_fname_alloc_buffer(dir, iname->len,
-							&fname->crypto_buf);
-		if (ret)
-			return ret;
-		ret = fname_encrypt(dir, iname, &fname->crypto_buf);
+		if (!fscrypt_fname_encrypted_size(dir, iname->len,
+						  dir->i_sb->s_cop->max_namelen(dir),
+						  &fname->crypto_buf.len))
+			return -ENAMETOOLONG;
+		fname->crypto_buf.name = kmalloc(fname->crypto_buf.len,
+						 GFP_NOFS);
+		if (!fname->crypto_buf.name)
+			return -ENOMEM;
+
+		ret = fname_encrypt(dir, iname, fname->crypto_buf.name,
+				    fname->crypto_buf.len);
 		if (ret)
 			goto errout;
 		fname->disk_name.name = fname->crypto_buf.name;
@@ -424,7 +406,7 @@ int fscrypt_setup_filename(struct inode *dir, const struct qstr *iname,
 	return 0;
 
 errout:
-	fscrypt_fname_free_buffer(&fname->crypto_buf);
+	kfree(fname->crypto_buf.name);
 	return ret;
 }
 EXPORT_SYMBOL(fscrypt_setup_filename);
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c3ad415cd14f..5c296d4af4a9 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -49,6 +49,15 @@ struct fscrypt_context {
 
 #define FS_ENCRYPTION_CONTEXT_FORMAT_V1		1
 
+/**
+ * For encrypted symlinks, the ciphertext length is stored at the beginning
+ * of the string in little-endian format.
+ */
+struct fscrypt_symlink_data {
+	__le16 len;
+	char encrypted_path[1];
+} __packed;
+
 /*
  * A pointer to this structure is stored in the file system's in-core
  * representation of an inode.
@@ -81,7 +90,22 @@ static inline void bio_set_op_attrs(struct bio *bio, unsigned op,
 	bio->bi_rw = op | op_flags;
 }
 
+static inline bool fscrypt_valid_enc_modes(u32 contents_mode,
+					   u32 filenames_mode)
+{
+	if (contents_mode == FS_ENCRYPTION_MODE_AES_128_CBC &&
+	    filenames_mode == FS_ENCRYPTION_MODE_AES_128_CTS)
+		return true;
+
+	if (contents_mode == FS_ENCRYPTION_MODE_AES_256_XTS &&
+	    filenames_mode == FS_ENCRYPTION_MODE_AES_256_CTS)
+		return true;
+
+	return false;
+}
+
 /* crypto.c */
+extern struct kmem_cache *fscrypt_info_cachep;
 extern int fscrypt_initialize(unsigned int cop_flags);
 extern struct workqueue_struct *fscrypt_read_workqueue;
 extern int fscrypt_do_page_crypto(const struct inode *inode,
@@ -93,6 +117,13 @@ extern int fscrypt_do_page_crypto(const struct inode *inode,
 extern struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx,
 					      gfp_t gfp_flags);
 
+/* fname.c */
+extern int fname_encrypt(struct inode *inode, const struct qstr *iname,
+			 u8 *out, unsigned int olen);
+extern bool fscrypt_fname_encrypted_size(const struct inode *inode,
+					 u32 orig_len, u32 max_len,
+					 u32 *encrypted_len_ret);
+
 /* keyinfo.c */
 extern void __exit fscrypt_essiv_cleanup(void);
 
diff --git a/fs/crypto/hooks.c b/fs/crypto/hooks.c
index 9f5fb2eb9cf7..bc010e4609ef 100644
--- a/fs/crypto/hooks.c
+++ b/fs/crypto/hooks.c
@@ -110,3 +110,159 @@ int __fscrypt_prepare_lookup(struct inode *dir, struct dentry *dentry)
 	return 0;
 }
 EXPORT_SYMBOL_GPL(__fscrypt_prepare_lookup);
+
+int __fscrypt_prepare_symlink(struct inode *dir, unsigned int len,
+			      unsigned int max_len,
+			      struct fscrypt_str *disk_link)
+{
+	int err;
+
+	/*
+	 * To calculate the size of the encrypted symlink target we need to know
+	 * the amount of NUL padding, which is determined by the flags set in
+	 * the encryption policy which will be inherited from the directory.
+	 * The easiest way to get access to this is to just load the directory's
+	 * fscrypt_info, since we'll need it to create the dir_entry anyway.
+	 *
+	 * Note: in test_dummy_encryption mode, @dir may be unencrypted.
+	 */
+	err = fscrypt_get_encryption_info(dir);
+	if (err)
+		return err;
+	if (!fscrypt_has_encryption_key(dir))
+		return -ENOKEY;
+
+	/*
+	 * Calculate the size of the encrypted symlink and verify it won't
+	 * exceed max_len.  Note that for historical reasons, encrypted symlink
+	 * targets are prefixed with the ciphertext length, despite this
+	 * actually being redundant with i_size.  This decreases by 2 bytes the
+	 * longest symlink target we can accept.
+	 *
+	 * We could recover 1 byte by not counting a null terminator, but
+	 * counting it (even though it is meaningless for ciphertext) is simpler
+	 * for now since filesystems will assume it is there and subtract it.
+	 */
+	if (!fscrypt_fname_encrypted_size(dir, len,
+					  max_len - sizeof(struct fscrypt_symlink_data),
+					  &disk_link->len))
+		return -ENAMETOOLONG;
+	disk_link->len += sizeof(struct fscrypt_symlink_data);
+
+	disk_link->name = NULL;
+	return 0;
+}
+EXPORT_SYMBOL_GPL(__fscrypt_prepare_symlink);
+
+int __fscrypt_encrypt_symlink(struct inode *inode, const char *target,
+			      unsigned int len, struct fscrypt_str *disk_link)
+{
+	int err;
+	struct qstr iname = QSTR_INIT(target, len);
+	struct fscrypt_symlink_data *sd;
+	unsigned int ciphertext_len;
+
+	err = fscrypt_require_key(inode);
+	if (err)
+		return err;
+
+	if (disk_link->name) {
+		/* filesystem-provided buffer */
+		sd = (struct fscrypt_symlink_data *)disk_link->name;
+	} else {
+		sd = kmalloc(disk_link->len, GFP_NOFS);
+		if (!sd)
+			return -ENOMEM;
+	}
+	ciphertext_len = disk_link->len - sizeof(*sd);
+	sd->len = cpu_to_le16(ciphertext_len);
+
+	err = fname_encrypt(inode, &iname, sd->encrypted_path, ciphertext_len);
+	if (err) {
+		if (!disk_link->name)
+			kfree(sd);
+		return err;
+	}
+	/*
+	 * Null-terminating the ciphertext doesn't make sense, but we still
+	 * count the null terminator in the length, so we might as well
+	 * initialize it just in case the filesystem writes it out.
+	 */
+	sd->encrypted_path[ciphertext_len] = '\0';
+
+	if (!disk_link->name)
+		disk_link->name = (unsigned char *)sd;
+	return 0;
+}
+EXPORT_SYMBOL_GPL(__fscrypt_encrypt_symlink);
+
+/**
+ * fscrypt_get_symlink - get the target of an encrypted symlink
+ * @inode: the symlink inode
+ * @caddr: the on-disk contents of the symlink
+ * @max_size: size of @caddr buffer
+ * @done: if successful, will be set up to free the returned target
+ *
+ * If the symlink's encryption key is available, we decrypt its target.
+ * Otherwise, we encode its target for presentation.
+ *
+ * This may sleep, so the filesystem must have dropped out of RCU mode already.
+ *
+ * Return: the presentable symlink target or an ERR_PTR()
+ */
+void *fscrypt_get_symlink(struct inode *inode, const void *caddr,
+				unsigned int max_size)
+{
+	const struct fscrypt_symlink_data *sd;
+	struct fscrypt_str cstr, pstr;
+	int err;
+
+	/* This is for encrypted symlinks only */
+	if (WARN_ON(!IS_ENCRYPTED(inode)))
+		return ERR_PTR(-EINVAL);
+
+	/*
+	 * Try to set up the symlink's encryption key, but we can continue
+	 * regardless of whether the key is available or not.
+	 */
+	err = fscrypt_get_encryption_info(inode);
+	if (err)
+		return ERR_PTR(err);
+
+	/*
+	 * For historical reasons, encrypted symlink targets are prefixed with
+	 * the ciphertext length, even though this is redundant with i_size.
+	 */
+
+	if (max_size < sizeof(*sd))
+		return ERR_PTR(-EUCLEAN);
+	sd = caddr;
+	cstr.name = (unsigned char *)sd->encrypted_path;
+	cstr.len = le16_to_cpu(sd->len);
+
+	if (cstr.len == 0)
+		return ERR_PTR(-EUCLEAN);
+
+	if (cstr.len + sizeof(*sd) - 1 > max_size)
+		return ERR_PTR(-EUCLEAN);
+
+	err = fscrypt_fname_alloc_buffer(inode, cstr.len, &pstr);
+	if (err)
+		return ERR_PTR(err);
+
+	err = fscrypt_fname_disk_to_usr(inode, 0, 0, &cstr, &pstr);
+	if (err)
+		goto err_kfree;
+
+	err = -EUCLEAN;
+	if (pstr.name[0] == '\0')
+		goto err_kfree;
+
+	pstr.name[pstr.len] = '\0';
+	return pstr.name;
+
+err_kfree:
+	kfree(pstr.name);
+	return ERR_PTR(err);
+}
+EXPORT_SYMBOL_GPL(fscrypt_get_symlink);
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 444c65ed6db8..7c00331da5df 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -13,6 +13,7 @@
 #include <linux/ratelimit.h>
 #include <crypto/aes.h>
 #include <crypto/sha.h>
+#include <crypto/skcipher.h>
 #include "fscrypt_private.h"
 
 static struct crypto_shash *essiv_hash_tfm;