Commit 29a98c1c authored by Eric Biggers's avatar Eric Biggers

fscrypt: use ENOPKG when crypto API support missing

Return ENOPKG rather than ENOENT when trying to open a file that's
encrypted using algorithms not available in the kernel's crypto API.

This avoids an ambiguity, since ENOENT is also returned when the file
doesn't exist.

Note: this is the same approach I'm taking for fs-verity.
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
parent a4d14e91
...@@ -237,11 +237,12 @@ allocate_skcipher_for_mode(struct fscrypt_mode *mode, const u8 *raw_key, ...@@ -237,11 +237,12 @@ allocate_skcipher_for_mode(struct fscrypt_mode *mode, const u8 *raw_key,
tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0); tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
if (IS_ERR(tfm)) { if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode, fscrypt_warn(inode,
"Missing crypto API support for %s (API name: \"%s\")", "Missing crypto API support for %s (API name: \"%s\")",
mode->friendly_name, mode->cipher_str); mode->friendly_name, mode->cipher_str);
else return ERR_PTR(-ENOPKG);
}
fscrypt_err(inode, "Error allocating '%s' transform: %ld", fscrypt_err(inode, "Error allocating '%s' transform: %ld",
mode->cipher_str, PTR_ERR(tfm)); mode->cipher_str, PTR_ERR(tfm));
return tfm; return tfm;
...@@ -389,10 +390,11 @@ static int derive_essiv_salt(const u8 *key, int keysize, u8 *salt) ...@@ -389,10 +390,11 @@ static int derive_essiv_salt(const u8 *key, int keysize, u8 *salt)
tfm = crypto_alloc_shash("sha256", 0, 0); tfm = crypto_alloc_shash("sha256", 0, 0);
if (IS_ERR(tfm)) { if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(NULL, fscrypt_warn(NULL,
"Missing crypto API support for SHA-256"); "Missing crypto API support for SHA-256");
else return -ENOPKG;
}
fscrypt_err(NULL, fscrypt_err(NULL,
"Error allocating SHA-256 transform: %ld", "Error allocating SHA-256 transform: %ld",
PTR_ERR(tfm)); PTR_ERR(tfm));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment