17af0ab0dSEric Biggers /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 27af0ab0dSEric Biggers /* 37af0ab0dSEric Biggers * fscrypt user API 47af0ab0dSEric Biggers * 57af0ab0dSEric Biggers * These ioctls can be used on filesystems that support fscrypt. See the 67af0ab0dSEric Biggers * "User API" section of Documentation/filesystems/fscrypt.rst. 77af0ab0dSEric Biggers */ 87af0ab0dSEric Biggers #ifndef _UAPI_LINUX_FSCRYPT_H 97af0ab0dSEric Biggers #define _UAPI_LINUX_FSCRYPT_H 107af0ab0dSEric Biggers 11e933addeSEric Biggers #include <linux/ioctl.h> 127af0ab0dSEric Biggers #include <linux/types.h> 137af0ab0dSEric Biggers 147af0ab0dSEric Biggers /* Encryption policy flags */ 152336d0deSEric Biggers #define FSCRYPT_POLICY_FLAGS_PAD_4 0x00 162336d0deSEric Biggers #define FSCRYPT_POLICY_FLAGS_PAD_8 0x01 172336d0deSEric Biggers #define FSCRYPT_POLICY_FLAGS_PAD_16 0x02 182336d0deSEric Biggers #define FSCRYPT_POLICY_FLAGS_PAD_32 0x03 192336d0deSEric Biggers #define FSCRYPT_POLICY_FLAGS_PAD_MASK 0x03 205dae460cSEric Biggers #define FSCRYPT_POLICY_FLAG_DIRECT_KEY 0x04 21b103fb76SEric Biggers #define FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 0x08 22e3b1078bSEric Biggers #define FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 0x10 237af0ab0dSEric Biggers 247af0ab0dSEric Biggers /* Encryption algorithms */ 252336d0deSEric Biggers #define FSCRYPT_MODE_AES_256_XTS 1 262336d0deSEric Biggers #define FSCRYPT_MODE_AES_256_CTS 4 272336d0deSEric Biggers #define FSCRYPT_MODE_AES_128_CBC 5 282336d0deSEric Biggers #define FSCRYPT_MODE_AES_128_CTS 6 29e0cefadaSTianjia Zhang #define FSCRYPT_MODE_SM4_XTS 7 30e0cefadaSTianjia Zhang #define FSCRYPT_MODE_SM4_CTS 8 312336d0deSEric Biggers #define FSCRYPT_MODE_ADIANTUM 9 326b2a51ffSNathan Huckleberry #define FSCRYPT_MODE_AES_256_HCTR2 10 336b2a51ffSNathan Huckleberry /* If adding a mode number > 10, update FSCRYPT_MODE_MAX in fscrypt_private.h */ 347af0ab0dSEric Biggers 355dae460cSEric Biggers /* 365dae460cSEric Biggers * Legacy policy version; ad-hoc KDF and no key verification. 375dae460cSEric Biggers * For new encrypted directories, use fscrypt_policy_v2 instead. 385dae460cSEric Biggers * 395dae460cSEric Biggers * Careful: the .version field for this is actually 0, not 1. 405dae460cSEric Biggers */ 415dae460cSEric Biggers #define FSCRYPT_POLICY_V1 0 425dae460cSEric Biggers #define FSCRYPT_KEY_DESCRIPTOR_SIZE 8 435dae460cSEric Biggers struct fscrypt_policy_v1 { 447af0ab0dSEric Biggers __u8 version; 457af0ab0dSEric Biggers __u8 contents_encryption_mode; 467af0ab0dSEric Biggers __u8 filenames_encryption_mode; 477af0ab0dSEric Biggers __u8 flags; 482336d0deSEric Biggers __u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; 497af0ab0dSEric Biggers }; 507af0ab0dSEric Biggers 5122d94f49SEric Biggers /* 5222d94f49SEric Biggers * Process-subscribed "logon" key description prefix and payload format. 5322d94f49SEric Biggers * Deprecated; prefer FS_IOC_ADD_ENCRYPTION_KEY instead. 5422d94f49SEric Biggers */ 552336d0deSEric Biggers #define FSCRYPT_KEY_DESC_PREFIX "fscrypt:" 562336d0deSEric Biggers #define FSCRYPT_KEY_DESC_PREFIX_SIZE 8 572336d0deSEric Biggers #define FSCRYPT_MAX_KEY_SIZE 64 587af0ab0dSEric Biggers struct fscrypt_key { 597af0ab0dSEric Biggers __u32 mode; 602336d0deSEric Biggers __u8 raw[FSCRYPT_MAX_KEY_SIZE]; 617af0ab0dSEric Biggers __u32 size; 627af0ab0dSEric Biggers }; 6322d94f49SEric Biggers 6422d94f49SEric Biggers /* 655dae460cSEric Biggers * New policy version with HKDF and key verification (recommended). 665dae460cSEric Biggers */ 675dae460cSEric Biggers #define FSCRYPT_POLICY_V2 2 685dae460cSEric Biggers #define FSCRYPT_KEY_IDENTIFIER_SIZE 16 695dae460cSEric Biggers struct fscrypt_policy_v2 { 705dae460cSEric Biggers __u8 version; 715dae460cSEric Biggers __u8 contents_encryption_mode; 725dae460cSEric Biggers __u8 filenames_encryption_mode; 735dae460cSEric Biggers __u8 flags; 74*5b118884SEric Biggers __u8 log2_data_unit_size; 75*5b118884SEric Biggers __u8 __reserved[3]; 765dae460cSEric Biggers __u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; 775dae460cSEric Biggers }; 785dae460cSEric Biggers 795dae460cSEric Biggers /* Struct passed to FS_IOC_GET_ENCRYPTION_POLICY_EX */ 805dae460cSEric Biggers struct fscrypt_get_policy_ex_arg { 815dae460cSEric Biggers __u64 policy_size; /* input/output */ 825dae460cSEric Biggers union { 835dae460cSEric Biggers __u8 version; 845dae460cSEric Biggers struct fscrypt_policy_v1 v1; 855dae460cSEric Biggers struct fscrypt_policy_v2 v2; 865dae460cSEric Biggers } policy; /* output */ 875dae460cSEric Biggers }; 885dae460cSEric Biggers 895dae460cSEric Biggers /* 905dae460cSEric Biggers * v1 policy keys are specified by an arbitrary 8-byte key "descriptor", 915dae460cSEric Biggers * matching fscrypt_policy_v1::master_key_descriptor. 9222d94f49SEric Biggers */ 9322d94f49SEric Biggers #define FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR 1 9422d94f49SEric Biggers 9522d94f49SEric Biggers /* 965dae460cSEric Biggers * v2 policy keys are specified by a 16-byte key "identifier" which the kernel 975dae460cSEric Biggers * calculates as a cryptographic hash of the key itself, 985dae460cSEric Biggers * matching fscrypt_policy_v2::master_key_identifier. 995dae460cSEric Biggers */ 1005dae460cSEric Biggers #define FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER 2 1015dae460cSEric Biggers 1025dae460cSEric Biggers /* 1035dae460cSEric Biggers * Specifies a key, either for v1 or v2 policies. This doesn't contain the 1045dae460cSEric Biggers * actual key itself; this is just the "name" of the key. 10522d94f49SEric Biggers */ 10622d94f49SEric Biggers struct fscrypt_key_specifier { 10722d94f49SEric Biggers __u32 type; /* one of FSCRYPT_KEY_SPEC_TYPE_* */ 10822d94f49SEric Biggers __u32 __reserved; 10922d94f49SEric Biggers union { 11022d94f49SEric Biggers __u8 __reserved[32]; /* reserve some extra space */ 11122d94f49SEric Biggers __u8 descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; 1125dae460cSEric Biggers __u8 identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; 11322d94f49SEric Biggers } u; 11422d94f49SEric Biggers }; 11522d94f49SEric Biggers 11693edd392SEric Biggers /* 11793edd392SEric Biggers * Payload of Linux keyring key of type "fscrypt-provisioning", referenced by 11893edd392SEric Biggers * fscrypt_add_key_arg::key_id as an alternative to fscrypt_add_key_arg::raw. 11993edd392SEric Biggers */ 12093edd392SEric Biggers struct fscrypt_provisioning_key_payload { 12193edd392SEric Biggers __u32 type; 12293edd392SEric Biggers __u32 __reserved; 12393edd392SEric Biggers __u8 raw[]; 12493edd392SEric Biggers }; 12593edd392SEric Biggers 12622d94f49SEric Biggers /* Struct passed to FS_IOC_ADD_ENCRYPTION_KEY */ 12722d94f49SEric Biggers struct fscrypt_add_key_arg { 12822d94f49SEric Biggers struct fscrypt_key_specifier key_spec; 12922d94f49SEric Biggers __u32 raw_size; 13093edd392SEric Biggers __u32 key_id; 13193edd392SEric Biggers __u32 __reserved[8]; 13222d94f49SEric Biggers __u8 raw[]; 13322d94f49SEric Biggers }; 13422d94f49SEric Biggers 135b1c0ec35SEric Biggers /* Struct passed to FS_IOC_REMOVE_ENCRYPTION_KEY */ 136b1c0ec35SEric Biggers struct fscrypt_remove_key_arg { 137b1c0ec35SEric Biggers struct fscrypt_key_specifier key_spec; 138b1c0ec35SEric Biggers #define FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY 0x00000001 13923c688b5SEric Biggers #define FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS 0x00000002 140b1c0ec35SEric Biggers __u32 removal_status_flags; /* output */ 141b1c0ec35SEric Biggers __u32 __reserved[5]; 142b1c0ec35SEric Biggers }; 143b1c0ec35SEric Biggers 1445a7e2992SEric Biggers /* Struct passed to FS_IOC_GET_ENCRYPTION_KEY_STATUS */ 1455a7e2992SEric Biggers struct fscrypt_get_key_status_arg { 1465a7e2992SEric Biggers /* input */ 1475a7e2992SEric Biggers struct fscrypt_key_specifier key_spec; 1485a7e2992SEric Biggers __u32 __reserved[6]; 1495a7e2992SEric Biggers 1505a7e2992SEric Biggers /* output */ 1515a7e2992SEric Biggers #define FSCRYPT_KEY_STATUS_ABSENT 1 1525a7e2992SEric Biggers #define FSCRYPT_KEY_STATUS_PRESENT 2 1535a7e2992SEric Biggers #define FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED 3 1545a7e2992SEric Biggers __u32 status; 15523c688b5SEric Biggers #define FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF 0x00000001 15623c688b5SEric Biggers __u32 status_flags; 15723c688b5SEric Biggers __u32 user_count; 15823c688b5SEric Biggers __u32 __out_reserved[13]; 1595a7e2992SEric Biggers }; 1605a7e2992SEric Biggers 161c7f0207bSEric Biggers #define FS_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct fscrypt_policy_v1) 16222d94f49SEric Biggers #define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16]) 163c7f0207bSEric Biggers #define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy_v1) 1645dae460cSEric Biggers #define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) /* size + version */ 16522d94f49SEric Biggers #define FS_IOC_ADD_ENCRYPTION_KEY _IOWR('f', 23, struct fscrypt_add_key_arg) 166b1c0ec35SEric Biggers #define FS_IOC_REMOVE_ENCRYPTION_KEY _IOWR('f', 24, struct fscrypt_remove_key_arg) 16778a1b96bSEric Biggers #define FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS _IOWR('f', 25, struct fscrypt_remove_key_arg) 1685a7e2992SEric Biggers #define FS_IOC_GET_ENCRYPTION_KEY_STATUS _IOWR('f', 26, struct fscrypt_get_key_status_arg) 169e98ad464SEric Biggers #define FS_IOC_GET_ENCRYPTION_NONCE _IOR('f', 27, __u8[16]) 17022d94f49SEric Biggers 1712336d0deSEric Biggers /**********************************************************************/ 1722336d0deSEric Biggers 1732336d0deSEric Biggers /* old names; don't add anything new here! */ 1743b6df59bSEric Biggers #ifndef __KERNEL__ 175c7f0207bSEric Biggers #define fscrypt_policy fscrypt_policy_v1 1762336d0deSEric Biggers #define FS_KEY_DESCRIPTOR_SIZE FSCRYPT_KEY_DESCRIPTOR_SIZE 1772336d0deSEric Biggers #define FS_POLICY_FLAGS_PAD_4 FSCRYPT_POLICY_FLAGS_PAD_4 1782336d0deSEric Biggers #define FS_POLICY_FLAGS_PAD_8 FSCRYPT_POLICY_FLAGS_PAD_8 1792336d0deSEric Biggers #define FS_POLICY_FLAGS_PAD_16 FSCRYPT_POLICY_FLAGS_PAD_16 1802336d0deSEric Biggers #define FS_POLICY_FLAGS_PAD_32 FSCRYPT_POLICY_FLAGS_PAD_32 1812336d0deSEric Biggers #define FS_POLICY_FLAGS_PAD_MASK FSCRYPT_POLICY_FLAGS_PAD_MASK 1822336d0deSEric Biggers #define FS_POLICY_FLAG_DIRECT_KEY FSCRYPT_POLICY_FLAG_DIRECT_KEY 1833ceb6543SEric Biggers #define FS_POLICY_FLAGS_VALID 0x07 /* contains old flags only */ 1842336d0deSEric Biggers #define FS_ENCRYPTION_MODE_INVALID 0 /* never used */ 1852336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_256_XTS FSCRYPT_MODE_AES_256_XTS 1862336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_256_GCM 2 /* never used */ 1872336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_256_CBC 3 /* never used */ 1882336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_256_CTS FSCRYPT_MODE_AES_256_CTS 1892336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_128_CBC FSCRYPT_MODE_AES_128_CBC 1902336d0deSEric Biggers #define FS_ENCRYPTION_MODE_AES_128_CTS FSCRYPT_MODE_AES_128_CTS 1912336d0deSEric Biggers #define FS_ENCRYPTION_MODE_ADIANTUM FSCRYPT_MODE_ADIANTUM 1922336d0deSEric Biggers #define FS_KEY_DESC_PREFIX FSCRYPT_KEY_DESC_PREFIX 1932336d0deSEric Biggers #define FS_KEY_DESC_PREFIX_SIZE FSCRYPT_KEY_DESC_PREFIX_SIZE 1942336d0deSEric Biggers #define FS_MAX_KEY_SIZE FSCRYPT_MAX_KEY_SIZE 1953b6df59bSEric Biggers #endif /* !__KERNEL__ */ 1967af0ab0dSEric Biggers 1977af0ab0dSEric Biggers #endif /* _UAPI_LINUX_FSCRYPT_H */ 198