1 /*- 2 * SPDX-License-Identifier: (BSD-2-Clause-FreeBSD AND RSA-MD) 3 * 4 * Copyright (c) 2010, 2013 Zheng Liu <lz@freebsd.org> 5 * Copyright (c) 2012, Vyacheslav Matyushin 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD$ 30 */ 31 32 /* 33 * The following notice applies to the code in ext2_half_md4(): 34 * 35 * Copyright (C) 1990-2, RSA Data Security, Inc. All rights reserved. 36 * 37 * License to copy and use this software is granted provided that it 38 * is identified as the "RSA Data Security, Inc. MD4 Message-Digest 39 * Algorithm" in all material mentioning or referencing this software 40 * or this function. 41 * 42 * License is also granted to make and use derivative works provided 43 * that such works are identified as "derived from the RSA Data 44 * Security, Inc. MD4 Message-Digest Algorithm" in all material 45 * mentioning or referencing the derived work. 46 * 47 * RSA Data Security, Inc. makes no representations concerning either 48 * the merchantability of this software or the suitability of this 49 * software for any particular purpose. It is provided "as is" 50 * without express or implied warranty of any kind. 51 * 52 * These notices must be retained in any copies of any part of this 53 * documentation and/or software. 54 */ 55 56 #include <sys/param.h> 57 #include <sys/systm.h> 58 #include <sys/conf.h> 59 #include <sys/vnode.h> 60 #include <sys/stat.h> 61 #include <sys/mount.h> 62 63 #include <vfs/ext2fs/ext2fs.h> 64 #include <vfs/ext2fs/fs.h> 65 #include <vfs/ext2fs/htree.h> 66 #include <vfs/ext2fs/inode.h> 67 #include <vfs/ext2fs/ext2_mount.h> 68 #include <vfs/ext2fs/ext2_extern.h> 69 70 SDT_PROVIDER_DECLARE(ext2fs); 71 /* 72 * ext2fs trace probe: 73 * arg0: verbosity. Higher numbers give more verbose messages 74 * arg1: Textual message 75 */ 76 SDT_PROBE_DEFINE2(ext2fs, , trace, hash, "int", "char*"); 77 78 /* F, G, and H are MD4 functions */ 79 #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) 80 #define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) 81 #define H(x, y, z) ((x) ^ (y) ^ (z)) 82 83 /* ROTATE_LEFT rotates x left n bits */ 84 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) 85 86 /* 87 * FF, GG, and HH are transformations for rounds 1, 2, and 3. 88 * Rotation is separated from addition to prevent recomputation. 89 */ 90 #define FF(a, b, c, d, x, s) { \ 91 (a) += F ((b), (c), (d)) + (x); \ 92 (a) = ROTATE_LEFT ((a), (s)); \ 93 } 94 95 #define GG(a, b, c, d, x, s) { \ 96 (a) += G ((b), (c), (d)) + (x) + (uint32_t)0x5A827999; \ 97 (a) = ROTATE_LEFT ((a), (s)); \ 98 } 99 100 #define HH(a, b, c, d, x, s) { \ 101 (a) += H ((b), (c), (d)) + (x) + (uint32_t)0x6ED9EBA1; \ 102 (a) = ROTATE_LEFT ((a), (s)); \ 103 } 104 105 /* 106 * MD4 basic transformation. It transforms state based on block. 107 * 108 * This is a half md4 algorithm since Linux uses this algorithm for dir 109 * index. This function is derived from the RSA Data Security, Inc. MD4 110 * Message-Digest Algorithm and was modified as necessary. 111 * 112 * The return value of this function is uint32_t in Linux, but actually we don't 113 * need to check this value, so in our version this function doesn't return any 114 * value. 115 */ 116 static void 117 ext2_half_md4(uint32_t hash[4], uint32_t data[8]) 118 { 119 uint32_t a = hash[0], b = hash[1], c = hash[2], d = hash[3]; 120 121 /* Round 1 */ 122 FF(a, b, c, d, data[0], 3); 123 FF(d, a, b, c, data[1], 7); 124 FF(c, d, a, b, data[2], 11); 125 FF(b, c, d, a, data[3], 19); 126 FF(a, b, c, d, data[4], 3); 127 FF(d, a, b, c, data[5], 7); 128 FF(c, d, a, b, data[6], 11); 129 FF(b, c, d, a, data[7], 19); 130 131 /* Round 2 */ 132 GG(a, b, c, d, data[1], 3); 133 GG(d, a, b, c, data[3], 5); 134 GG(c, d, a, b, data[5], 9); 135 GG(b, c, d, a, data[7], 13); 136 GG(a, b, c, d, data[0], 3); 137 GG(d, a, b, c, data[2], 5); 138 GG(c, d, a, b, data[4], 9); 139 GG(b, c, d, a, data[6], 13); 140 141 /* Round 3 */ 142 HH(a, b, c, d, data[3], 3); 143 HH(d, a, b, c, data[7], 9); 144 HH(c, d, a, b, data[2], 11); 145 HH(b, c, d, a, data[6], 15); 146 HH(a, b, c, d, data[1], 3); 147 HH(d, a, b, c, data[5], 9); 148 HH(c, d, a, b, data[0], 11); 149 HH(b, c, d, a, data[4], 15); 150 151 hash[0] += a; 152 hash[1] += b; 153 hash[2] += c; 154 hash[3] += d; 155 } 156 157 /* 158 * Tiny Encryption Algorithm. 159 */ 160 static void 161 ext2_tea(uint32_t hash[4], uint32_t data[8]) 162 { 163 uint32_t tea_delta = 0x9E3779B9; 164 uint32_t sum; 165 uint32_t x = hash[0], y = hash[1]; 166 int n = 16; 167 int i = 1; 168 169 while (n-- > 0) { 170 sum = i * tea_delta; 171 x += ((y << 4) + data[0]) ^ (y + sum) ^ ((y >> 5) + data[1]); 172 y += ((x << 4) + data[2]) ^ (x + sum) ^ ((x >> 5) + data[3]); 173 i++; 174 } 175 176 hash[0] += x; 177 hash[1] += y; 178 } 179 180 static uint32_t 181 ext2_legacy_hash(const char *name, int len, int unsigned_char) 182 { 183 uint32_t h0, h1 = 0x12A3FE2D, h2 = 0x37ABE8F9; 184 uint32_t multi = 0x6D22F5; 185 const unsigned char *uname = (const unsigned char *)name; 186 const signed char *sname = (const signed char *)name; 187 int val, i; 188 189 for (i = 0; i < len; i++) { 190 if (unsigned_char) 191 val = (u_int)*uname++; 192 else 193 val = (int)*sname++; 194 195 h0 = h2 + (h1 ^ (val * multi)); 196 if (h0 & 0x80000000) 197 h0 -= 0x7FFFFFFF; 198 h2 = h1; 199 h1 = h0; 200 } 201 202 return (h1 << 1); 203 } 204 205 static void 206 ext2_prep_hashbuf(const char *src, int slen, uint32_t *dst, int dlen, 207 int unsigned_char) 208 { 209 uint32_t padding = slen | (slen << 8) | (slen << 16) | (slen << 24); 210 uint32_t buf_val; 211 const unsigned char *ubuf = (const unsigned char *)src; 212 const signed char *sbuf = (const signed char *)src; 213 int len, i; 214 int buf_byte; 215 216 if (slen > dlen) 217 len = dlen; 218 else 219 len = slen; 220 221 buf_val = padding; 222 223 for (i = 0; i < len; i++) { 224 if (unsigned_char) 225 buf_byte = (u_int)ubuf[i]; 226 else 227 buf_byte = (int)sbuf[i]; 228 229 if ((i % 4) == 0) 230 buf_val = padding; 231 232 buf_val <<= 8; 233 buf_val += buf_byte; 234 235 if ((i % 4) == 3) { 236 *dst++ = buf_val; 237 dlen -= sizeof(uint32_t); 238 buf_val = padding; 239 } 240 } 241 242 dlen -= sizeof(uint32_t); 243 if (dlen >= 0) 244 *dst++ = buf_val; 245 246 dlen -= sizeof(uint32_t); 247 while (dlen >= 0) { 248 *dst++ = padding; 249 dlen -= sizeof(uint32_t); 250 } 251 } 252 253 int 254 ext2_htree_hash(const char *name, int len, 255 uint32_t *hash_seed, int hash_version, 256 uint32_t *hash_major, uint32_t *hash_minor) 257 { 258 uint32_t hash[4]; 259 uint32_t data[8]; 260 uint32_t major = 0, minor = 0; 261 int unsigned_char = 0; 262 263 if (!name || !hash_major) 264 return (-1); 265 266 if (len < 1 || len > 255) 267 goto error; 268 269 hash[0] = 0x67452301; 270 hash[1] = 0xEFCDAB89; 271 hash[2] = 0x98BADCFE; 272 hash[3] = 0x10325476; 273 274 if (hash_seed) 275 memcpy(hash, hash_seed, sizeof(hash)); 276 277 switch (hash_version) { 278 case EXT2_HTREE_TEA_UNSIGNED: 279 unsigned_char = 1; 280 /* FALLTHROUGH */ 281 case EXT2_HTREE_TEA: 282 while (len > 0) { 283 ext2_prep_hashbuf(name, len, data, 16, unsigned_char); 284 ext2_tea(hash, data); 285 len -= 16; 286 name += 16; 287 } 288 major = hash[0]; 289 minor = hash[1]; 290 break; 291 case EXT2_HTREE_LEGACY_UNSIGNED: 292 unsigned_char = 1; 293 /* FALLTHROUGH */ 294 case EXT2_HTREE_LEGACY: 295 major = ext2_legacy_hash(name, len, unsigned_char); 296 break; 297 case EXT2_HTREE_HALF_MD4_UNSIGNED: 298 unsigned_char = 1; 299 /* FALLTHROUGH */ 300 case EXT2_HTREE_HALF_MD4: 301 while (len > 0) { 302 ext2_prep_hashbuf(name, len, data, 32, unsigned_char); 303 ext2_half_md4(hash, data); 304 len -= 32; 305 name += 32; 306 } 307 major = hash[1]; 308 minor = hash[2]; 309 break; 310 default: 311 SDT_PROBE2(ext2fs, , trace, hash, 1, "unexpected hash version"); 312 goto error; 313 } 314 315 major &= ~1; 316 if (major == (EXT2_HTREE_EOF << 1)) 317 major = (EXT2_HTREE_EOF - 1) << 1; 318 *hash_major = major; 319 if (hash_minor) 320 *hash_minor = minor; 321 322 return (0); 323 324 error: 325 *hash_major = 0; 326 if (hash_minor) 327 *hash_minor = 0; 328 return (-1); 329 } 330