| big_key.c (498495dba268b20e8eadd7fe93c140c68b6cc9d2) | big_key.c (d9f4bb1a0f4db493efe6d7c58ffe696a57de7eb3) |
|---|---|
| 1/* Large capacity key type 2 * 3 * Copyright (C) 2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 4 * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public Licence --- 8 unchanged lines hidden (view full) --- 17#include <linux/shmem_fs.h> 18#include <linux/err.h> 19#include <linux/scatterlist.h> 20#include <linux/random.h> 21#include <keys/user-type.h> 22#include <keys/big_key-type.h> 23#include <crypto/aead.h> 24 | 1/* Large capacity key type 2 * 3 * Copyright (C) 2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 4 * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public Licence --- 8 unchanged lines hidden (view full) --- 17#include <linux/shmem_fs.h> 18#include <linux/err.h> 19#include <linux/scatterlist.h> 20#include <linux/random.h> 21#include <keys/user-type.h> 22#include <keys/big_key-type.h> 23#include <crypto/aead.h> 24 |
| 25struct big_key_buf { 26 unsigned int nr_pages; 27 void *virt; 28 struct scatterlist *sg; 29 struct page *pages[]; 30}; 31 |
|
| 25/* 26 * Layout of key payload words. 27 */ 28enum { 29 big_key_data, 30 big_key_path, 31 big_key_path_2nd_part, 32 big_key_len, --- 53 unchanged lines hidden (view full) --- 86/* 87 * Since changing the key affects the entire object, we need a mutex. 88 */ 89static DEFINE_MUTEX(big_key_aead_lock); 90 91/* 92 * Encrypt/decrypt big_key data 93 */ | 32/* 33 * Layout of key payload words. 34 */ 35enum { 36 big_key_data, 37 big_key_path, 38 big_key_path_2nd_part, 39 big_key_len, --- 53 unchanged lines hidden (view full) --- 93/* 94 * Since changing the key affects the entire object, we need a mutex. 95 */ 96static DEFINE_MUTEX(big_key_aead_lock); 97 98/* 99 * Encrypt/decrypt big_key data 100 */ |
| 94static int big_key_crypt(enum big_key_op op, u8 *data, size_t datalen, u8 *key) | 101static int big_key_crypt(enum big_key_op op, struct big_key_buf *buf, size_t datalen, u8 *key) |
| 95{ 96 int ret; | 102{ 103 int ret; |
| 97 struct scatterlist sgio; | |
| 98 struct aead_request *aead_req; 99 /* We always use a zero nonce. The reason we can get away with this is 100 * because we're using a different randomly generated key for every 101 * different encryption. Notably, too, key_type_big_key doesn't define 102 * an .update function, so there's no chance we'll wind up reusing the 103 * key to encrypt updated data. Simply put: one key, one encryption. 104 */ 105 u8 zero_nonce[crypto_aead_ivsize(big_key_aead)]; 106 107 aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL); 108 if (!aead_req) 109 return -ENOMEM; 110 111 memset(zero_nonce, 0, sizeof(zero_nonce)); | 104 struct aead_request *aead_req; 105 /* We always use a zero nonce. The reason we can get away with this is 106 * because we're using a different randomly generated key for every 107 * different encryption. Notably, too, key_type_big_key doesn't define 108 * an .update function, so there's no chance we'll wind up reusing the 109 * key to encrypt updated data. Simply put: one key, one encryption. 110 */ 111 u8 zero_nonce[crypto_aead_ivsize(big_key_aead)]; 112 113 aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL); 114 if (!aead_req) 115 return -ENOMEM; 116 117 memset(zero_nonce, 0, sizeof(zero_nonce)); |
| 112 sg_init_one(&sgio, data, datalen + (op == BIG_KEY_ENC ? ENC_AUTHTAG_SIZE : 0)); 113 aead_request_set_crypt(aead_req, &sgio, &sgio, datalen, zero_nonce); | 118 aead_request_set_crypt(aead_req, buf->sg, buf->sg, datalen, zero_nonce); |
| 114 aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); 115 aead_request_set_ad(aead_req, 0); 116 117 mutex_lock(&big_key_aead_lock); 118 if (crypto_aead_setkey(big_key_aead, key, ENC_KEY_SIZE)) { 119 ret = -EAGAIN; 120 goto error; 121 } 122 if (op == BIG_KEY_ENC) 123 ret = crypto_aead_encrypt(aead_req); 124 else 125 ret = crypto_aead_decrypt(aead_req); 126error: 127 mutex_unlock(&big_key_aead_lock); 128 aead_request_free(aead_req); 129 return ret; 130} 131 132/* | 119 aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); 120 aead_request_set_ad(aead_req, 0); 121 122 mutex_lock(&big_key_aead_lock); 123 if (crypto_aead_setkey(big_key_aead, key, ENC_KEY_SIZE)) { 124 ret = -EAGAIN; 125 goto error; 126 } 127 if (op == BIG_KEY_ENC) 128 ret = crypto_aead_encrypt(aead_req); 129 else 130 ret = crypto_aead_decrypt(aead_req); 131error: 132 mutex_unlock(&big_key_aead_lock); 133 aead_request_free(aead_req); 134 return ret; 135} 136 137/* |
| 138 * Free up the buffer. 139 */ 140static void big_key_free_buffer(struct big_key_buf *buf) 141{ 142 unsigned int i; 143 144 if (buf->virt) { 145 memset(buf->virt, 0, buf->nr_pages * PAGE_SIZE); 146 vunmap(buf->virt); 147 } 148 149 for (i = 0; i < buf->nr_pages; i++) 150 if (buf->pages[i]) 151 __free_page(buf->pages[i]); 152 153 kfree(buf); 154} 155 156/* 157 * Allocate a buffer consisting of a set of pages with a virtual mapping 158 * applied over them. 159 */ 160static void *big_key_alloc_buffer(size_t len) 161{ 162 struct big_key_buf *buf; 163 unsigned int npg = (len + PAGE_SIZE - 1) >> PAGE_SHIFT; 164 unsigned int i, l; 165 166 buf = kzalloc(sizeof(struct big_key_buf) + 167 sizeof(struct page) * npg + 168 sizeof(struct scatterlist) * npg, 169 GFP_KERNEL); 170 if (!buf) 171 return NULL; 172 173 buf->nr_pages = npg; 174 buf->sg = (void *)(buf->pages + npg); 175 sg_init_table(buf->sg, npg); 176 177 for (i = 0; i < buf->nr_pages; i++) { 178 buf->pages[i] = alloc_page(GFP_KERNEL); 179 if (!buf->pages[i]) 180 goto nomem; 181 182 l = min_t(size_t, len, PAGE_SIZE); 183 sg_set_page(&buf->sg[i], buf->pages[i], l, 0); 184 len -= l; 185 } 186 187 buf->virt = vmap(buf->pages, buf->nr_pages, VM_MAP, PAGE_KERNEL); 188 if (!buf->virt) 189 goto nomem; 190 191 return buf; 192 193nomem: 194 big_key_free_buffer(buf); 195 return NULL; 196} 197 198/* |
|
| 133 * Preparse a big key 134 */ 135int big_key_preparse(struct key_preparsed_payload *prep) 136{ | 199 * Preparse a big key 200 */ 201int big_key_preparse(struct key_preparsed_payload *prep) 202{ |
| 203 struct big_key_buf *buf; |
|
| 137 struct path *path = (struct path *)&prep->payload.data[big_key_path]; 138 struct file *file; 139 u8 *enckey; | 204 struct path *path = (struct path *)&prep->payload.data[big_key_path]; 205 struct file *file; 206 u8 *enckey; |
| 140 u8 *data = NULL; | |
| 141 ssize_t written; | 207 ssize_t written; |
| 142 size_t datalen = prep->datalen; | 208 size_t datalen = prep->datalen, enclen = datalen + ENC_AUTHTAG_SIZE; |
| 143 int ret; 144 | 209 int ret; 210 |
| 145 ret = -EINVAL; | |
| 146 if (datalen <= 0 || datalen > 1024 * 1024 || !prep->data) | 211 if (datalen <= 0 || datalen > 1024 * 1024 || !prep->data) |
| 147 goto error; | 212 return -EINVAL; |
| 148 149 /* Set an arbitrary quota */ 150 prep->quotalen = 16; 151 152 prep->payload.data[big_key_len] = (void *)(unsigned long)datalen; 153 154 if (datalen > BIG_KEY_FILE_THRESHOLD) { 155 /* Create a shmem file to store the data in. This will permit the data 156 * to be swapped out if needed. 157 * 158 * File content is stored encrypted with randomly generated key. 159 */ | 213 214 /* Set an arbitrary quota */ 215 prep->quotalen = 16; 216 217 prep->payload.data[big_key_len] = (void *)(unsigned long)datalen; 218 219 if (datalen > BIG_KEY_FILE_THRESHOLD) { 220 /* Create a shmem file to store the data in. This will permit the data 221 * to be swapped out if needed. 222 * 223 * File content is stored encrypted with randomly generated key. 224 */ |
| 160 size_t enclen = datalen + ENC_AUTHTAG_SIZE; | |
| 161 loff_t pos = 0; 162 | 225 loff_t pos = 0; 226 |
| 163 data = kmalloc(enclen, GFP_KERNEL); 164 if (!data) | 227 buf = big_key_alloc_buffer(enclen); 228 if (!buf) |
| 165 return -ENOMEM; | 229 return -ENOMEM; |
| 166 memcpy(data, prep->data, datalen); | 230 memcpy(buf->virt, prep->data, datalen); |
| 167 168 /* generate random key */ 169 enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL); 170 if (!enckey) { 171 ret = -ENOMEM; 172 goto error; 173 } 174 ret = get_random_bytes_wait(enckey, ENC_KEY_SIZE); 175 if (unlikely(ret)) 176 goto err_enckey; 177 178 /* encrypt aligned data */ | 231 232 /* generate random key */ 233 enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL); 234 if (!enckey) { 235 ret = -ENOMEM; 236 goto error; 237 } 238 ret = get_random_bytes_wait(enckey, ENC_KEY_SIZE); 239 if (unlikely(ret)) 240 goto err_enckey; 241 242 /* encrypt aligned data */ |
| 179 ret = big_key_crypt(BIG_KEY_ENC, data, datalen, enckey); | 243 ret = big_key_crypt(BIG_KEY_ENC, buf, datalen, enckey); |
| 180 if (ret) 181 goto err_enckey; 182 183 /* save aligned data to file */ 184 file = shmem_kernel_file_setup("", enclen, 0); 185 if (IS_ERR(file)) { 186 ret = PTR_ERR(file); 187 goto err_enckey; 188 } 189 | 244 if (ret) 245 goto err_enckey; 246 247 /* save aligned data to file */ 248 file = shmem_kernel_file_setup("", enclen, 0); 249 if (IS_ERR(file)) { 250 ret = PTR_ERR(file); 251 goto err_enckey; 252 } 253 |
| 190 written = kernel_write(file, data, enclen, &pos); | 254 written = kernel_write(file, buf->virt, enclen, &pos); |
| 191 if (written != enclen) { 192 ret = written; 193 if (written >= 0) 194 ret = -ENOMEM; 195 goto err_fput; 196 } 197 198 /* Pin the mount and dentry to the key so that we can open it again 199 * later 200 */ 201 prep->payload.data[big_key_data] = enckey; 202 *path = file->f_path; 203 path_get(path); 204 fput(file); | 255 if (written != enclen) { 256 ret = written; 257 if (written >= 0) 258 ret = -ENOMEM; 259 goto err_fput; 260 } 261 262 /* Pin the mount and dentry to the key so that we can open it again 263 * later 264 */ 265 prep->payload.data[big_key_data] = enckey; 266 *path = file->f_path; 267 path_get(path); 268 fput(file); |
| 205 kzfree(data); | 269 big_key_free_buffer(buf); |
| 206 } else { 207 /* Just store the data in a buffer */ 208 void *data = kmalloc(datalen, GFP_KERNEL); 209 210 if (!data) 211 return -ENOMEM; 212 213 prep->payload.data[big_key_data] = data; 214 memcpy(data, prep->data, prep->datalen); 215 } 216 return 0; 217 218err_fput: 219 fput(file); 220err_enckey: 221 kzfree(enckey); 222error: | 270 } else { 271 /* Just store the data in a buffer */ 272 void *data = kmalloc(datalen, GFP_KERNEL); 273 274 if (!data) 275 return -ENOMEM; 276 277 prep->payload.data[big_key_data] = data; 278 memcpy(data, prep->data, prep->datalen); 279 } 280 return 0; 281 282err_fput: 283 fput(file); 284err_enckey: 285 kzfree(enckey); 286error: |
| 223 kzfree(data); | 287 big_key_free_buffer(buf); |
| 224 return ret; 225} 226 227/* 228 * Clear preparsement. 229 */ 230void big_key_free_preparse(struct key_preparsed_payload *prep) 231{ --- 61 unchanged lines hidden (view full) --- 293{ 294 size_t datalen = (size_t)key->payload.data[big_key_len]; 295 long ret; 296 297 if (!buffer || buflen < datalen) 298 return datalen; 299 300 if (datalen > BIG_KEY_FILE_THRESHOLD) { | 288 return ret; 289} 290 291/* 292 * Clear preparsement. 293 */ 294void big_key_free_preparse(struct key_preparsed_payload *prep) 295{ --- 61 unchanged lines hidden (view full) --- 357{ 358 size_t datalen = (size_t)key->payload.data[big_key_len]; 359 long ret; 360 361 if (!buffer || buflen < datalen) 362 return datalen; 363 364 if (datalen > BIG_KEY_FILE_THRESHOLD) { |
| 365 struct big_key_buf *buf; |
|
| 301 struct path *path = (struct path *)&key->payload.data[big_key_path]; 302 struct file *file; | 366 struct path *path = (struct path *)&key->payload.data[big_key_path]; 367 struct file *file; |
| 303 u8 *data; | |
| 304 u8 *enckey = (u8 *)key->payload.data[big_key_data]; 305 size_t enclen = datalen + ENC_AUTHTAG_SIZE; 306 loff_t pos = 0; 307 | 368 u8 *enckey = (u8 *)key->payload.data[big_key_data]; 369 size_t enclen = datalen + ENC_AUTHTAG_SIZE; 370 loff_t pos = 0; 371 |
| 308 data = kmalloc(enclen, GFP_KERNEL); 309 if (!data) | 372 buf = big_key_alloc_buffer(enclen); 373 if (!buf) |
| 310 return -ENOMEM; 311 312 file = dentry_open(path, O_RDONLY, current_cred()); 313 if (IS_ERR(file)) { 314 ret = PTR_ERR(file); 315 goto error; 316 } 317 318 /* read file to kernel and decrypt */ | 374 return -ENOMEM; 375 376 file = dentry_open(path, O_RDONLY, current_cred()); 377 if (IS_ERR(file)) { 378 ret = PTR_ERR(file); 379 goto error; 380 } 381 382 /* read file to kernel and decrypt */ |
| 319 ret = kernel_read(file, data, enclen, &pos); | 383 ret = kernel_read(file, buf->virt, enclen, &pos); |
| 320 if (ret >= 0 && ret != enclen) { 321 ret = -EIO; 322 goto err_fput; 323 } 324 | 384 if (ret >= 0 && ret != enclen) { 385 ret = -EIO; 386 goto err_fput; 387 } 388 |
| 325 ret = big_key_crypt(BIG_KEY_DEC, data, enclen, enckey); | 389 ret = big_key_crypt(BIG_KEY_DEC, buf, enclen, enckey); |
| 326 if (ret) 327 goto err_fput; 328 329 ret = datalen; 330 331 /* copy decrypted data to user */ | 390 if (ret) 391 goto err_fput; 392 393 ret = datalen; 394 395 /* copy decrypted data to user */ |
| 332 if (copy_to_user(buffer, data, datalen) != 0) | 396 if (copy_to_user(buffer, buf->virt, datalen) != 0) |
| 333 ret = -EFAULT; 334 335err_fput: 336 fput(file); 337error: | 397 ret = -EFAULT; 398 399err_fput: 400 fput(file); 401error: |
| 338 kzfree(data); | 402 big_key_free_buffer(buf); |
| 339 } else { 340 ret = datalen; 341 if (copy_to_user(buffer, key->payload.data[big_key_data], 342 datalen) != 0) 343 ret = -EFAULT; 344 } 345 346 return ret; --- 36 unchanged lines hidden --- | 403 } else { 404 ret = datalen; 405 if (copy_to_user(buffer, key->payload.data[big_key_data], 406 datalen) != 0) 407 ret = -EFAULT; 408 } 409 410 return ret; --- 36 unchanged lines hidden --- |