On Mon, Apr 10, 2023 at 03:40:00PM -0400, Sweet Tea Dorminy wrote:
> +static const u8 FSCRYPT_POLICY_FLAGS_KEY_MASK =
> + (FSCRYPT_POLICY_FLAG_DIRECT_KEY
> + | FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64
> + | FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32);
A comment describing the meaning of the above constant would be helpful.
> +static size_t fill_hkdf_info(const struct fscrypt_info *ci, u8 *hkdf_info)
Maybe call this fill_hkdf_info_for_mode_key() to avoid ambiguity with other uses
of HKDF? Also, maybe add an explicit array size to hkdf_info? E.g.
hkdf_info[MAX_MODE_KEY_HKDF_INFO_SIZE]
> +static u8 hkdf_context_for_policy(const union fscrypt_policy *policy)
> +{
> + switch (fscrypt_policy_flags(policy) & FSCRYPT_POLICY_FLAGS_KEY_MASK) {
> + case FSCRYPT_POLICY_FLAG_DIRECT_KEY:
> + return HKDF_CONTEXT_DIRECT_KEY;
> + case FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64:
> + return HKDF_CONTEXT_IV_INO_LBLK_64_KEY;
> + case FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32:
> + return HKDF_CONTEXT_IV_INO_LBLK_32_KEY;
> + default:
> + return 0;
> + }
> +}
There's an extra level of indentation above.
Also, more importantly, since fill_hkdf_info() checks the policy flags anyway,
maybe just handle the HKDF context bytes directly in there? E.g.:
if (ci->ci_policy.v2.flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY) {
hkdf_info[0] = HKDF_CONTEXT_DIRECT_KEY;
return 1;
}
if (ci->ci_policy.v2.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32)
hkdf_info[0] = HKDF_CONTEXT_IV_INO_LBLK_32_KEY;
else
hkdf_info[0] = HKDF_CONTEXT_IV_INO_LBLK_64_KEY;
memcpy(&hkdf_info[1], &sb->s_uuid, sizeof(sb->s_uuid));
return 1 + sizeof(sb->s_uuid);
- Eric
|