From 5eebf863430b86333cb3e0c179cc5d7b1f0deb0f Mon Sep 17 00:00:00 2001 From: Andrey Markovytch Date: Mon, 25 May 2015 21:54:28 +0300 Subject: ecryptfs: enhancing ecryptfs to be configurable with encryption type enabled eCryptfs for qcom targets. In addition to the usual options, a special mode 'aes-xts' was added for qcom ICE hw encryption Change-Id: I20c01adc46c977b4a5db0be9ff93384cda14bc56 Signed-off-by: Lina Zarivach Signed-off-by: Andrey Markovytch [gbroner@codeaurora.org: fix merge conflict] Signed-off-by: Gilad Broner --- include/linux/ecryptfs.h | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) (limited to 'include/linux/ecryptfs.h') diff --git a/include/linux/ecryptfs.h b/include/linux/ecryptfs.h index 8d5ab998a222..4f3006ae2a42 100644 --- a/include/linux/ecryptfs.h +++ b/include/linux/ecryptfs.h @@ -1,6 +1,9 @@ #ifndef _LINUX_ECRYPTFS_H #define _LINUX_ECRYPTFS_H +struct inode; +struct page; + /* Version verification for shared data structures w/ userspace */ #define ECRYPTFS_VERSION_MAJOR 0x00 #define ECRYPTFS_VERSION_MINOR 0x04 @@ -41,6 +44,7 @@ #define RFC2440_CIPHER_AES_256 0x09 #define RFC2440_CIPHER_TWOFISH 0x0a #define RFC2440_CIPHER_CAST_6 0x0b +#define RFC2440_CIPHER_AES_XTS_256 0x0c #define RFC2440_CIPHER_RSA 0x01 @@ -102,4 +106,42 @@ struct ecryptfs_auth_tok { } token; } __attribute__ ((packed)); +#define ECRYPTFS_INVALID_EVENTS_HANDLE -1 + +/** + * ecryptfs_events struct represents a partial interface + * towards ecryptfs module. If registered to ecryptfs events, + * one can receive push notifications. + * A first callback received from ecryptfs will probably be + * about file opening (open_cb), + * in which ecryptfs passes its ecryptfs_data for future usage. + * This data represents a file and must be passed in every query functions + * such as ecryptfs_get_key_size(), ecryptfs_get_cipher() etc. + */ +struct ecryptfs_events { + bool (*is_cipher_supported_cb)(char *cipher); + void (*open_cb)(struct inode *inode, void *ecrytpfs_data); + void (*release_cb)(struct inode *inode); + int (*encrypt_cb)(struct page *in_page, struct page *out_page, + struct inode *inode, unsigned long extent_offset); + int (*decrypt_cb)(struct page *in_page, struct page *out_page, + struct inode *inode, unsigned long extent_offset); + bool (*is_hw_crypt_cb)(void); +}; + + +int ecryptfs_register_to_events(struct ecryptfs_events *ops); + +int ecryptfs_unregister_from_events(int user_handle); + +const unsigned char *ecryptfs_get_key(void *ecrytpfs_data); + +size_t ecryptfs_get_key_size(void *ecrytpfs_data); + +const unsigned char *ecryptfs_get_cipher(void *ecrytpfs_data); + +bool ecryptfs_is_page_in_metadata(void *ecrytpfs_data, pgoff_t offset); + +bool ecryptfs_is_data_equal(void *ecrytpfs_data1, void *ecrytpfs_data2); + #endif /* _LINUX_ECRYPTFS_H */ -- cgit v1.2.3