Mobile Device Management
 
Native SDK
ddar::metadata Class Reference

Metadata provides key-value paired persistent cache and chunk of volatile memory connected to a file. More...

#include <ddar.h>

List of all members.

Public Member Functions

virtual int persistent_set (const char *name, const void *value, int size)=0
 Set persistent cache entry.
virtual int persistent_get (const char *name, void *value)=0
 Get persistent cache entry.
virtual unsigned long get_inode ()=0
 Returns inode number of the file.

Public Attributes

void * ephemeral_addr
 Ephemeral cache memory chunk.
int ephemeral_size
 Size of ephemeral cache memory chunk.
contextcontext
 Holds ddar::context object associated to the file.

Static Public Attributes

static constexpr const int MAX_PERSISTENT_CACHE_NAME_LEN = 32
static constexpr const int MAX_PERSISTENT_CACHE_VALUE_LEN = 128

Detailed Description

Metadata provides key-value paired persistent cache and chunk of volatile memory connected to a file.

Metadata objects are always on the stack, hence no need locking and valid only during following crypto functions:

See also:
bool abstract_crypto::prepare(context *context, metadata *md)
bool abstract_crypto::encrypt(metadata *md, void *pt, void *ct, unsigned long page_offset, int page_len)
bool abstract_crypto::decrypt(metadata *md, void *ct, unsigned long page_offset, int page_len)

Persistent cache - Store key-value pairs in persistent memory associated with a file. The crypto plug-in shall store key derivation materials to use later to generate FEK(file encryption key) and also other attributes; such as version info, domain and etc,..

Ephemeral cache - Provides cache in kernel space memory and mmap()ed to the user space address region during crypto operation. The main objective is to avoid storing sensitive information (e.g., FEK) into a persistent memory either user space program has to derive FEK every time before crypto operation. Ephemeral cache is allocated in the kernel, it will be zeroed out in data-lock state together with other sensitive materials associated with the file (e.g., ext4 inode eviction invalidates OEM encryption key)


Member Function Documentation

virtual int ddar::metadata::persistent_get ( const char *  name,
void *  value 
) [pure virtual]

Get persistent cache entry.

Errors: ~~~ ENODATA The named entry does not exist ENOTSUP Persistent storage is not supported by the file system ~~~

Returns:
On success, return a nonnegative value which is the size of value. On failure, -1 is returned
virtual int ddar::metadata::persistent_set ( const char *  name,
const void *  value,
int  size 
) [pure virtual]

Set persistent cache entry.

Errors: ~~~ ENOSPC There is insufficient space remaining to store new entry ENOTSUP Persistent storage is not supported by the file system ~~~

Returns:
On success, zero is returned. On failure, -1 is returned

Member Data Documentation

Ephemeral cache memory chunk.

ephemeral_addr is only valid within crypto function scope (prepare, encrypt, decrypt) caller should not keep the address and use it later


The documentation for this class was generated from the following file:
 All Classes Namespaces Functions Variables Enumerations