summaryrefslogtreecommitdiff
path: root/fs/ext4
diff options
context:
space:
mode:
Diffstat (limited to 'fs/ext4')
-rw-r--r--fs/ext4/crypto.c14
-rw-r--r--fs/ext4/crypto_fname.c6
-rw-r--r--fs/ext4/crypto_key.c6
-rw-r--r--fs/ext4/crypto_policy.c14
-rw-r--r--fs/ext4/ext4.h5
-rw-r--r--fs/ext4/ext4_crypto.h4
6 files changed, 20 insertions, 29 deletions
diff --git a/fs/ext4/crypto.c b/fs/ext4/crypto.c
index b13cf12ebfd5..f5099a3386ec 100644
--- a/fs/ext4/crypto.c
+++ b/fs/ext4/crypto.c
@@ -455,18 +455,10 @@ errout:
return err;
}
-bool ext4_valid_enc_modes(uint32_t contents_mode, uint32_t filenames_mode)
+bool ext4_valid_contents_enc_mode(uint32_t mode)
{
- if (contents_mode == EXT4_ENCRYPTION_MODE_AES_256_XTS ||
- contents_mode == EXT4_ENCRYPTION_MODE_PRIVATE) {
- return (filenames_mode == EXT4_ENCRYPTION_MODE_AES_256_CTS ||
- filenames_mode == EXT4_ENCRYPTION_MODE_AES_256_HEH);
- }
-
- if (contents_mode == EXT4_ENCRYPTION_MODE_SPECK128_256_XTS)
- return filenames_mode == EXT4_ENCRYPTION_MODE_SPECK128_256_CTS;
-
- return false;
+ return (mode == EXT4_ENCRYPTION_MODE_AES_256_XTS ||
+ mode == EXT4_ENCRYPTION_MODE_PRIVATE);
}
/**
diff --git a/fs/ext4/crypto_fname.c b/fs/ext4/crypto_fname.c
index 5e5afb6ef71a..026716bdbbfc 100644
--- a/fs/ext4/crypto_fname.c
+++ b/fs/ext4/crypto_fname.c
@@ -42,6 +42,12 @@ static void ext4_dir_crypt_complete(struct crypto_async_request *req, int res)
complete(&ecr->completion);
}
+bool ext4_valid_filenames_enc_mode(uint32_t mode)
+{
+ return (mode == EXT4_ENCRYPTION_MODE_AES_256_CTS ||
+ mode == EXT4_ENCRYPTION_MODE_AES_256_HEH);
+}
+
static unsigned max_name_len(struct inode *inode)
{
return S_ISLNK(inode->i_mode) ? inode->i_sb->s_blocksize :
diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
index 832baaf08484..d3d6b28ce9b9 100644
--- a/fs/ext4/crypto_key.c
+++ b/fs/ext4/crypto_key.c
@@ -278,12 +278,6 @@ retry:
case EXT4_ENCRYPTION_MODE_AES_256_HEH:
cipher_str = "heh(aes)";
break;
- case EXT4_ENCRYPTION_MODE_SPECK128_256_XTS:
- cipher_str = "xts(speck128)";
- break;
- case EXT4_ENCRYPTION_MODE_SPECK128_256_CTS:
- cipher_str = "cts(cbc(speck128))";
- break;
default:
printk_once(KERN_WARNING
"ext4: unsupported key mode %d (ino %u)\n",
diff --git a/fs/ext4/crypto_policy.c b/fs/ext4/crypto_policy.c
index 818fa45ecf08..e4f4fc4e56ab 100644
--- a/fs/ext4/crypto_policy.c
+++ b/fs/ext4/crypto_policy.c
@@ -60,12 +60,16 @@ static int ext4_create_encryption_context_from_policy(
ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
memcpy(ctx.master_key_descriptor, policy->master_key_descriptor,
EXT4_KEY_DESCRIPTOR_SIZE);
- if (!ext4_valid_enc_modes(policy->contents_encryption_mode,
- policy->filenames_encryption_mode)) {
+ if (!ext4_valid_contents_enc_mode(policy->contents_encryption_mode)) {
printk(KERN_WARNING
- "%s: Invalid encryption modes (contents %d, filenames %d)\n",
- __func__, policy->contents_encryption_mode,
- policy->filenames_encryption_mode);
+ "%s: Invalid contents encryption mode %d\n", __func__,
+ policy->contents_encryption_mode);
+ return -EINVAL;
+ }
+ if (!ext4_valid_filenames_enc_mode(policy->filenames_encryption_mode)) {
+ printk(KERN_WARNING
+ "%s: Invalid filenames encryption mode %d\n", __func__,
+ policy->filenames_encryption_mode);
return -EINVAL;
}
if (policy->flags & ~EXT4_POLICY_FLAGS_VALID)
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index 3c7cba1966ee..19c646885714 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -589,8 +589,6 @@ enum {
#define EXT4_ENCRYPTION_MODE_AES_256_GCM 2
#define EXT4_ENCRYPTION_MODE_AES_256_CBC 3
#define EXT4_ENCRYPTION_MODE_AES_256_CTS 4
-#define EXT4_ENCRYPTION_MODE_SPECK128_256_XTS 7
-#define EXT4_ENCRYPTION_MODE_SPECK128_256_CTS 8
#define EXT4_ENCRYPTION_MODE_PRIVATE 127
#define EXT4_ENCRYPTION_MODE_AES_256_HEH 126
@@ -2257,7 +2255,7 @@ int ext4_get_policy(struct inode *inode,
/* crypto.c */
extern struct kmem_cache *ext4_crypt_info_cachep;
-bool ext4_valid_enc_modes(uint32_t contents_mode, uint32_t filenames_mode);
+bool ext4_valid_contents_enc_mode(uint32_t mode);
uint32_t ext4_validate_encryption_key_size(uint32_t mode, uint32_t size);
extern struct workqueue_struct *ext4_read_workqueue;
struct ext4_crypto_ctx *ext4_get_crypto_ctx(struct inode *inode,
@@ -2289,6 +2287,7 @@ static inline int ext4_sb_has_crypto(struct super_block *sb)
#endif
/* crypto_fname.c */
+bool ext4_valid_filenames_enc_mode(uint32_t mode);
u32 ext4_fname_crypto_round_up(u32 size, u32 blksize);
unsigned ext4_fname_encrypted_size(struct inode *inode, u32 ilen);
int ext4_fname_crypto_alloc_buffer(struct inode *inode,
diff --git a/fs/ext4/ext4_crypto.h b/fs/ext4/ext4_crypto.h
index 55bf6a1ad737..e28cc5aab04a 100644
--- a/fs/ext4/ext4_crypto.h
+++ b/fs/ext4/ext4_crypto.h
@@ -131,10 +131,6 @@ static inline int ext4_encryption_key_size(int mode)
return EXT4_AES_256_CTS_KEY_SIZE;
case EXT4_ENCRYPTION_MODE_AES_256_HEH:
return EXT4_AES_256_HEH_KEY_SIZE;
- case EXT4_ENCRYPTION_MODE_SPECK128_256_XTS:
- return 64;
- case EXT4_ENCRYPTION_MODE_SPECK128_256_CTS:
- return 32;
default:
BUG();
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 15:37:42 +0000