diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/linux/fs_ioctl.txt | 23 | ||||
| -rw-r--r-- | sys/linux/fscrypt.txt | 95 |
2 files changed, 95 insertions, 23 deletions
diff --git a/sys/linux/fs_ioctl.txt b/sys/linux/fs_ioctl.txt index 977bfdbac..49abb6c01 100644 --- a/sys/linux/fs_ioctl.txt +++ b/sys/linux/fs_ioctl.txt @@ -23,31 +23,8 @@ ioctl$FS_IOC_FSGETXATTR(fd fd, cmd const[FS_IOC_FSGETXATTR], arg ptr[in, fsxattr ioctl$FS_IOC_FSSETXATTR(fd fd, cmd const[FS_IOC_FSSETXATTR], arg ptr[in, fsxattr]) ioctl$FS_IOC_GETFSLABEL(fd fd, cmd const[FS_IOC_GETFSLABEL], arg ptr[out, array[const[0, int8], FSLABEL_MAX]]) ioctl$FS_IOC_SETFSLABEL(fd fd, cmd const[FS_IOC_SETFSLABEL], arg ptr[in, array[int8, FSLABEL_MAX]]) -ioctl$FS_IOC_SET_ENCRYPTION_POLICY(fd fd, cmd const[FS_IOC_SET_ENCRYPTION_POLICY], arg ptr[in, fscrypt_policy]) -ioctl$FS_IOC_GET_ENCRYPTION_POLICY(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_POLICY], arg ptr[out, array[int8, 16]]) -ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_PWSALT], arg ptr[out, fscrypt_policy]) ioctl$FS_IOC_GETFSMAP(fd fd, cmd const[FS_IOC_GETFSMAP], arg ptr[in, fsmap_head]) -fscrypt_policy { - version const[0, int8] - mode fscrypt_policy_mode - flags flags[fs_policy_flags, int8] - master_key_descriptor array[int8, FS_KEY_DESCRIPTOR_SIZE] -} - -fscrypt_policy_mode [ - aes128 fscrypt_policy_mode_t[FS_ENCRYPTION_MODE_AES_128_CBC, FS_ENCRYPTION_MODE_AES_128_CTS] - aes256 fscrypt_policy_mode_t[FS_ENCRYPTION_MODE_AES_256_XTS, FS_ENCRYPTION_MODE_AES_256_CTS] - speck128 fscrypt_policy_mode_t[FS_ENCRYPTION_MODE_SPECK128_256_XTS, FS_ENCRYPTION_MODE_SPECK128_256_CTS] -] - -type fscrypt_policy_mode_t[CONTENTS, FILENAMES] { - contents_encryption_mode const[CONTENTS, int8] - filenames_encryption_mode const[FILENAMES, int8] -} - -fs_policy_flags = FS_POLICY_FLAGS_PAD_4, FS_POLICY_FLAGS_PAD_8, FS_POLICY_FLAGS_PAD_16 - space_resv { l_type const[0, int16] l_whence flags[seek_whence, int16] diff --git a/sys/linux/fscrypt.txt b/sys/linux/fscrypt.txt new file mode 100644 index 000000000..79f6b9a04 --- /dev/null +++ b/sys/linux/fscrypt.txt @@ -0,0 +1,95 @@ +# Copyright 2019 syzkaller project authors. All rights reserved. +# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. + +include <uapi/linux/fs.h> +include <uapi/linux/fscrypt.h> + +ioctl$FS_IOC_SET_ENCRYPTION_POLICY(fd fd, cmd const[FS_IOC_SET_ENCRYPTION_POLICY], arg ptr[in, fscrypt_policy]) +ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_PWSALT], arg ptr[out, array[int8, 16]]) +ioctl$FS_IOC_GET_ENCRYPTION_POLICY(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_POLICY], arg ptr[out, fscrypt_policy_v1]) +ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_POLICY_EX], arg ptr[inout, fscrypt_get_policy_ex_arg]) +ioctl$FS_IOC_ADD_ENCRYPTION_KEY(fd fd, cmd const[FS_IOC_ADD_ENCRYPTION_KEY], arg ptr[inout, fscrypt_add_key_arg]) +ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(fd fd, cmd const[FS_IOC_REMOVE_ENCRYPTION_KEY], arg ptr[inout, fscrypt_remove_key_arg]) +ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(fd fd, cmd const[FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS], arg ptr[inout, fscrypt_remove_key_arg]) +ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(fd fd, cmd const[FS_IOC_GET_ENCRYPTION_KEY_STATUS], arg ptr[inout, fscrypt_get_key_status_arg]) + +type fscrypt_key_descriptor array[int8, FSCRYPT_KEY_DESCRIPTOR_SIZE] +type fscrypt_key_identifier array[int8, FSCRYPT_KEY_IDENTIFIER_SIZE] + +fscrypt_policy_v1 { + version const[0, int8] + modes fscrypt_policy_modes + flags flags[fscrypt_policy_flags, int8] + master_key_descriptor fscrypt_key_descriptor +} + +fscrypt_policy_v2 { + version const[2, int8] + modes fscrypt_policy_modes + flags flags[fscrypt_policy_flags, int8] + reserved array[const[0, int8], 4] + master_key_identifier fscrypt_key_identifier +} + +fscrypt_policy [ + v1 fscrypt_policy_v1 + v2 fscrypt_policy_v2 +] [varlen] + +fscrypt_policy_modes [ + aes256 fscrypt_policy_mode_t[FSCRYPT_MODE_AES_256_XTS, FSCRYPT_MODE_AES_256_CTS] + aes128 fscrypt_policy_mode_t[FSCRYPT_MODE_AES_128_CBC, FSCRYPT_MODE_AES_128_CTS] + adiantum fscrypt_policy_mode_t[FSCRYPT_MODE_ADIANTUM, FSCRYPT_MODE_ADIANTUM] +] + +type fscrypt_policy_mode_t[CONTENTS, FILENAMES] { + contents_encryption_mode const[CONTENTS, int8] + filenames_encryption_mode const[FILENAMES, int8] +} + +fscrypt_policy_flags = FSCRYPT_POLICY_FLAGS_PAD_4, FSCRYPT_POLICY_FLAGS_PAD_8, FSCRYPT_POLICY_FLAGS_PAD_16, FSCRYPT_POLICY_FLAGS_PAD_32, FSCRYPT_POLICY_FLAG_DIRECT_KEY + +fscrypt_get_policy_ex_arg { + policy_size len[policy, int64] +# policy is an output field, so just leave it zeroed. + policy array[const[0, int8]] +} + +fscrypt_key_specifier { + type flags[fscrypt_key_specifier_type, int32] + reserved const[0, int32] + u fscrypt_key_specifier_payload +} + +fscrypt_key_specifier_type = FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR, FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER + +fscrypt_key_specifier_payload [ + reserved array[int8, 32] + descriptor fscrypt_key_descriptor + identifier fscrypt_key_identifier +] + +fscrypt_add_key_arg { + key_spec fscrypt_key_specifier + raw_size len[raw, int32] + reserved array[const[0, int32], 9] + raw array[int8] +} + +fscrypt_remove_key_arg { + key_spec fscrypt_key_specifier +# removal_status_flags is an output field, so just leave it zeroed. + removal_status_flags const[0, int32] + reserved array[const[0, int32], 5] +} + +fscrypt_get_key_status_arg { + key_spec fscrypt_key_specifier + reserved array[const[0, int32], 6] + +# The following are output fields, so just leave them zeroed. + status const[0, int32] + status_flags const[0, int32] + user_count const[0, int32] + out_reserved array[const[0, int32], 13] +} |