From f4ecbf76c7e486b5d37c8803b290196665c7c878 Mon Sep 17 00:00:00 2001
From: Jiten Patel <jitepate@codeaurora.org>
Date: Sun, 17 Jan 2021 20:17:38 +0530
Subject: [PATCH] fs: crypto: Add support for legacy pfk based FBE

Enable legacy method to generate aes keys derived
from nonce and master key. In private mode the keys
will be used as file encryption keys and set into
Inline Crypto Engine hardware.
This will be used to support OTA upgrades where
device were launched using legacy PFK generation
method.

Test:
1) Flashed P meta, create multiple files under /data.
2) Set PIN
3) Build R (include OTA changes) and flash
   APPS images of R except userdata and boot the device.
4) Device booted upto UI.
5) Unlock device by PIN set on P build.
6) Files created with Q build retained.
7) Created new files under /data and checked retention across
   multiple re-boots.

Change-Id: I6b4e49ed4549bf4f27ea63ab33016b00dca9fcf0
Signed-off-by: Jiten Patel <jitepate@codeaurora.org>
---
 fs/crypto/Kconfig       |  9 +++++++++
 fs/crypto/keysetup_v1.c | 23 +++++++++++++++++++++--
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
index 97c0a113f4cc..fbf7b094703b 100644
--- a/fs/crypto/Kconfig
+++ b/fs/crypto/Kconfig
@@ -29,3 +29,12 @@ config FS_ENCRYPTION_INLINE_CRYPT
 	depends on FS_ENCRYPTION && BLK_INLINE_ENCRYPTION
 	help
 	  Enable fscrypt to use inline encryption hardware if available.
+
+config ENABLE_LEGACY_PFK
+	bool "Legacy method to generate per file key"
+	default n
+	help
+	  Enable legacy method to generate aes keys derived
+	  from nonce and master key. In private mode the keys
+	  will be used by inline crypto hardware to encrypt the
+	  file content.
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index 59ffa3c64324..0dc04c55ad55 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -302,7 +302,7 @@ static int setup_v1_file_key_direct(struct fscrypt_info *ci,
 static int setup_v1_file_key_derived(struct fscrypt_info *ci,
 				     const u8 *raw_master_key)
 {
-	u8 *derived_key;
+	u8 *derived_key = NULL;
 	int err;
 	int i;
 	union {
@@ -334,7 +334,21 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
 			ci->ci_hashed_ino = siphash_1u64(ci->ci_inode->i_ino,
 							 &ino_hash_key.k);
 		}
+
+#if IS_ENABLED(CONFIG_ENABLE_LEGACY_PFK)
+		derived_key = kmalloc(ci->ci_mode->keysize, GFP_NOFS);
+		if (!derived_key)
+			return -ENOMEM;
+
+		err = derive_key_aes(raw_master_key, ci->ci_nonce,
+				     derived_key, ci->ci_mode->keysize);
+		if (err)
+			goto out;
+
+		memcpy(key_new.bytes, derived_key, ci->ci_mode->keysize);
+#else
 		memcpy(key_new.bytes, raw_master_key, ci->ci_mode->keysize);
+#endif
 
 		for (i = 0; i < ARRAY_SIZE(key_new.words); i++)
 			__cpu_to_be32s(&key_new.words[i]);
@@ -344,6 +358,9 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
 						       ci->ci_mode->keysize,
 						       false,
 						       ci);
+		if (derived_key)
+			kzfree(derived_key);
+
 		return err;
 	}
 	/*
@@ -361,7 +378,9 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
 
 	err = fscrypt_set_per_file_enc_key(ci, derived_key);
 out:
-	kzfree(derived_key);
+	if (derived_key)
+		kzfree(derived_key);
+
 	return err;
 }