From 8c0a5eacbac818f9011015b17992f53d9cec3e8f Mon Sep 17 00:00:00 2001 From: "joerichey@google.com" Date: Tue, 4 Apr 2017 16:46:32 +0000 Subject: [PATCH] unix: add support for Linux filesystem encryption This CL adds in the necessary types and constants to support Linux filesystem encryption. This includes the structs for the keys and polices as well as the constants for key size and encryption algorithms. This code also reduces the scope of some of the regexes in mkerrors.sh. This is to reduce the number of unrelated constants added in with this change. Note that due to a bug in the Linux uapi headers, not all of the necessary constants and structures are declared in linux/fs.h despite being part of the kernel ABI. This means that some constants and types had to be manually added in. The bug has been patched (https://patchwork.kernel.org/patch/9662723), and the manual additions can be removed when the patch is merged into the mainline kernel. Change-Id: Ib508ad99bdf4c0068933ffcf351c52bb359cfcf4 Reviewed-on: https://go-review.googlesource.com/41417 Reviewed-by: Matt Layher Reviewed-by: Ian Lance Taylor Run-TryBot: Matt Layher TryBot-Result: Gobot Gobot --- unix/linux/types.go | 15 +++++++++++++++ unix/mkerrors.sh | 9 ++++++++- unix/zerrors_linux_386.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_amd64.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_arm.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_arm64.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_mips.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_mips64.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_mips64le.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_mipsle.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_ppc64.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_ppc64le.go | 23 +++++++++++++++++++++++ unix/zerrors_linux_s390x.go | 23 +++++++++++++++++++++++ unix/ztypes_linux_386.go | 14 ++++++++++++++ unix/ztypes_linux_amd64.go | 14 ++++++++++++++ unix/ztypes_linux_arm.go | 14 ++++++++++++++ unix/ztypes_linux_arm64.go | 14 ++++++++++++++ unix/ztypes_linux_mips.go | 14 ++++++++++++++ unix/ztypes_linux_mips64.go | 14 ++++++++++++++ unix/ztypes_linux_mips64le.go | 14 ++++++++++++++ unix/ztypes_linux_mipsle.go | 14 ++++++++++++++ unix/ztypes_linux_ppc64.go | 14 ++++++++++++++ unix/ztypes_linux_ppc64le.go | 14 ++++++++++++++ unix/ztypes_linux_s390x.go | 14 ++++++++++++++ 24 files changed, 430 insertions(+), 1 deletion(-) diff --git a/unix/linux/types.go b/unix/linux/types.go index 2f8b7cc0..d3bf24a4 100644 --- a/unix/linux/types.go +++ b/unix/linux/types.go @@ -56,6 +56,7 @@ package unix #include #include #include +#include #include // On mips64, the glibc stat and kernel stat do not agree @@ -107,6 +108,14 @@ struct stat { #endif +// Certain constants and structs are missing from the fs/crypto UAPI +#define FS_MAX_KEY_SIZE 64 +struct fscrypt_key { + __u32 mode; + __u8 raw[FS_MAX_KEY_SIZE]; + __u32 size; +}; + #ifdef TCSETS2 // On systems that have "struct termios2" use this as type Termios. typedef struct termios2 termios_t; @@ -248,6 +257,12 @@ type Fsid C.fsid_t type Flock_t C.struct_flock +// Filesystem Encryption + +type FscryptPolicy C.struct_fscrypt_policy + +type FscryptKey C.struct_fscrypt_key + // Advice to Fadvise const ( diff --git a/unix/mkerrors.sh b/unix/mkerrors.sh index 23648b5b..1bd1c9e6 100755 --- a/unix/mkerrors.sh +++ b/unix/mkerrors.sh @@ -161,6 +161,7 @@ struct ltchars { #include #include #include +#include #include #include #include @@ -196,6 +197,11 @@ struct ltchars { // but it is already in bluetooth_linux.go #undef SOL_BLUETOOTH #endif + +// Certain constants are missing from the fs/crypto UAPI +#define FS_KEY_DESC_PREFIX "fscrypt:" +#define FS_KEY_DESC_PREFIX_SIZE 8 +#define FS_MAX_KEY_SIZE 64 ' includes_NetBSD=' @@ -390,12 +396,13 @@ ccflags="$@" $2 ~ /^CLOCK_/ || $2 ~ /^CAN_/ || $2 ~ /^ALG_/ || + $2 ~ /^FS_(POLICY_FLAGS|KEY_DESC|ENCRYPTION_MODE|[A-Z0-9_]+_KEY_SIZE|IOC_(GET|SET)_ENCRYPTION)/ || $2 ~ /^GRND_/ || $2 ~ /^SPLICE_/ || $2 ~ /^(VM|VMADDR)_/ || $2 !~ "WMESGLEN" && $2 ~ /^W[A-Z0-9]+$/ || - $2 ~ /^BLK/ {printf("\t%s = C.%s\n", $2, $2)} + $2 ~ /^BLK[A-Z]*(GET$|SET$|BUF$|PART$|SIZE)/ {printf("\t%s = C.%s\n", $2, $2)} $2 ~ /^__WCOREFLAG$/ {next} $2 ~ /^__W[A-Z0-9]+$/ {printf("\t%s = C.%s\n", substr($2,3), $2)} diff --git a/unix/zerrors_linux_386.go b/unix/zerrors_linux_386.go index 14a56e03..341bdfc9 100644 --- a/unix/zerrors_linux_386.go +++ b/unix/zerrors_linux_386.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x1264 BLKGETSIZE = 0x1260 BLKGETSIZE64 = 0x80041272 + BLKPBSZGET = 0x127b BLKRAGET = 0x1263 BLKRASET = 0x1262 BLKROGET = 0x125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x1000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_amd64.go b/unix/zerrors_linux_amd64.go index bc7ecee8..f636a396 100644 --- a/unix/zerrors_linux_amd64.go +++ b/unix/zerrors_linux_amd64.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x1264 BLKGETSIZE = 0x1260 BLKGETSIZE64 = 0x80081272 + BLKPBSZGET = 0x127b BLKRAGET = 0x1263 BLKRASET = 0x1262 BLKROGET = 0x125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x1000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_arm.go b/unix/zerrors_linux_arm.go index 189e1e91..986a9473 100644 --- a/unix/zerrors_linux_arm.go +++ b/unix/zerrors_linux_arm.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x1264 BLKGETSIZE = 0x1260 BLKGETSIZE64 = 0x80041272 + BLKPBSZGET = 0x127b BLKRAGET = 0x1263 BLKRASET = 0x1262 BLKROGET = 0x125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x1000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -809,6 +828,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -822,6 +842,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -838,6 +860,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_arm64.go b/unix/zerrors_linux_arm64.go index ed41e120..b72a6453 100644 --- a/unix/zerrors_linux_arm64.go +++ b/unix/zerrors_linux_arm64.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x1264 BLKGETSIZE = 0x1260 BLKGETSIZE64 = 0x80081272 + BLKPBSZGET = 0x127b BLKRAGET = 0x1263 BLKRASET = 0x1262 BLKROGET = 0x125e @@ -450,6 +451,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x1000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_mips.go b/unix/zerrors_linux_mips.go index e1af3af4..198a3054 100644 --- a/unix/zerrors_linux_mips.go +++ b/unix/zerrors_linux_mips.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40041272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x2000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_mips64.go b/unix/zerrors_linux_mips64.go index 35c7280b..37d66f31 100644 --- a/unix/zerrors_linux_mips64.go +++ b/unix/zerrors_linux_mips64.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40081272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x2000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_mips64le.go b/unix/zerrors_linux_mips64le.go index 768e9a75..0f33f0fa 100644 --- a/unix/zerrors_linux_mips64le.go +++ b/unix/zerrors_linux_mips64le.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40081272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x2000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_mipsle.go b/unix/zerrors_linux_mipsle.go index b6ea4b7c..3fa39fa7 100644 --- a/unix/zerrors_linux_mipsle.go +++ b/unix/zerrors_linux_mipsle.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40041272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x2000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -810,6 +829,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -823,6 +843,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -839,6 +861,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_ppc64.go b/unix/zerrors_linux_ppc64.go index cf2546c7..4585ef77 100644 --- a/unix/zerrors_linux_ppc64.go +++ b/unix/zerrors_linux_ppc64.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40081272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x4000 FFDLY = 0x4000 FLUSHO = 0x800000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -809,6 +828,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -822,6 +842,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -838,6 +860,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_ppc64le.go b/unix/zerrors_linux_ppc64le.go index 0609cc13..b2a9128c 100644 --- a/unix/zerrors_linux_ppc64le.go +++ b/unix/zerrors_linux_ppc64le.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x20001264 BLKGETSIZE = 0x20001260 BLKGETSIZE64 = 0x40081272 + BLKPBSZGET = 0x2000127b BLKRAGET = 0x20001263 BLKRASET = 0x20001262 BLKROGET = 0x2000125e @@ -449,6 +450,24 @@ const ( FF1 = 0x4000 FFDLY = 0x4000 FLUSHO = 0x800000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -809,6 +828,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -822,6 +842,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -838,6 +860,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/zerrors_linux_s390x.go b/unix/zerrors_linux_s390x.go index f9556ed1..f8b0eb7b 100644 --- a/unix/zerrors_linux_s390x.go +++ b/unix/zerrors_linux_s390x.go @@ -168,6 +168,7 @@ const ( BLKFRASET = 0x1264 BLKGETSIZE = 0x1260 BLKGETSIZE64 = 0x80081272 + BLKPBSZGET = 0x127b BLKRAGET = 0x1263 BLKRASET = 0x1262 BLKROGET = 0x125e @@ -449,6 +450,24 @@ const ( FF1 = 0x8000 FFDLY = 0x8000 FLUSHO = 0x1000 + FS_ENCRYPTION_MODE_AES_256_CBC = 0x3 + FS_ENCRYPTION_MODE_AES_256_CTS = 0x4 + FS_ENCRYPTION_MODE_AES_256_GCM = 0x2 + FS_ENCRYPTION_MODE_AES_256_XTS = 0x1 + FS_ENCRYPTION_MODE_INVALID = 0x0 + FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614 + FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613 + FS_KEY_DESCRIPTOR_SIZE = 0x8 + FS_KEY_DESC_PREFIX = "fscrypt:" + FS_KEY_DESC_PREFIX_SIZE = 0x8 + FS_MAX_KEY_SIZE = 0x40 + FS_POLICY_FLAGS_PAD_16 = 0x2 + FS_POLICY_FLAGS_PAD_32 = 0x3 + FS_POLICY_FLAGS_PAD_4 = 0x0 + FS_POLICY_FLAGS_PAD_8 = 0x1 + FS_POLICY_FLAGS_PAD_MASK = 0x3 + FS_POLICY_FLAGS_VALID = 0x3 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 F_EXLCK = 0x4 @@ -809,6 +828,7 @@ const ( MS_ACTIVE = 0x40000000 MS_ASYNC = 0x1 MS_BIND = 0x1000 + MS_BORN = 0x20000000 MS_DIRSYNC = 0x80 MS_INVALIDATE = 0x2 MS_I_VERSION = 0x800000 @@ -822,6 +842,8 @@ const ( MS_NODEV = 0x4 MS_NODIRATIME = 0x800 MS_NOEXEC = 0x8 + MS_NOREMOTELOCK = 0x8000000 + MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 @@ -838,6 +860,7 @@ const ( MS_SYNC = 0x4 MS_SYNCHRONOUS = 0x10 MS_UNBINDABLE = 0x20000 + MS_VERBOSE = 0x8000 NAME_MAX = 0xff NETLINK_ADD_MEMBERSHIP = 0x1 NETLINK_AUDIT = 0x9 diff --git a/unix/ztypes_linux_386.go b/unix/ztypes_linux_386.go index 8fc7b822..7333755b 100644 --- a/unix/ztypes_linux_386.go +++ b/unix/ztypes_linux_386.go @@ -152,6 +152,20 @@ type Flock_t struct { Pid int32 } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_amd64.go b/unix/ztypes_linux_amd64.go index 6eb6c960..5807e174 100644 --- a/unix/ztypes_linux_amd64.go +++ b/unix/ztypes_linux_amd64.go @@ -154,6 +154,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_arm.go b/unix/ztypes_linux_arm.go index bb103b02..db7c8bfa 100644 --- a/unix/ztypes_linux_arm.go +++ b/unix/ztypes_linux_arm.go @@ -156,6 +156,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_arm64.go b/unix/ztypes_linux_arm64.go index 36ba9082..19cca4f0 100644 --- a/unix/ztypes_linux_arm64.go +++ b/unix/ztypes_linux_arm64.go @@ -155,6 +155,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_mips.go b/unix/ztypes_linux_mips.go index ac79d82b..d04ca4c2 100644 --- a/unix/ztypes_linux_mips.go +++ b/unix/ztypes_linux_mips.go @@ -155,6 +155,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_mips64.go b/unix/ztypes_linux_mips64.go index 98c53a8f..60b83a12 100644 --- a/unix/ztypes_linux_mips64.go +++ b/unix/ztypes_linux_mips64.go @@ -155,6 +155,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_mips64le.go b/unix/ztypes_linux_mips64le.go index 99638abe..9e9c680c 100644 --- a/unix/ztypes_linux_mips64le.go +++ b/unix/ztypes_linux_mips64le.go @@ -155,6 +155,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_mipsle.go b/unix/ztypes_linux_mipsle.go index b7131a43..482b48fd 100644 --- a/unix/ztypes_linux_mipsle.go +++ b/unix/ztypes_linux_mipsle.go @@ -155,6 +155,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_ppc64.go b/unix/ztypes_linux_ppc64.go index a78282b1..4410abb8 100644 --- a/unix/ztypes_linux_ppc64.go +++ b/unix/ztypes_linux_ppc64.go @@ -156,6 +156,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_ppc64le.go b/unix/ztypes_linux_ppc64le.go index 564092e2..10947c3e 100644 --- a/unix/ztypes_linux_ppc64le.go +++ b/unix/ztypes_linux_ppc64le.go @@ -156,6 +156,20 @@ type Flock_t struct { Pad_cgo_1 [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1 diff --git a/unix/ztypes_linux_s390x.go b/unix/ztypes_linux_s390x.go index 03452c6d..57dbb36b 100644 --- a/unix/ztypes_linux_s390x.go +++ b/unix/ztypes_linux_s390x.go @@ -155,6 +155,20 @@ type Flock_t struct { _ [4]byte } +type FscryptPolicy struct { + Version uint8 + Contents_encryption_mode uint8 + Filenames_encryption_mode uint8 + Flags uint8 + Master_key_descriptor [8]uint8 +} + +type FscryptKey struct { + Mode uint32 + Raw [64]uint8 + Size uint32 +} + const ( FADV_NORMAL = 0x0 FADV_RANDOM = 0x1