Security: Keys: Big keys stored encrypted
Solved TODO task: big keys saved to shmem file are now stored encrypted. The encryption key is randomly generated and saved to payload[big_key_data]. Signed-off-by: Kirill Marinushkin <k.marinushkin@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com>steinar/wifi_calib_4_9_kernel
Kirill Marinushkin
David Howells
parent
898de7d0f2
commit
13100a72f4
|
|
@ -41,6 +41,10 @@ config BIG_KEYS
|
|||
bool "Large payload keys"
|
||||
depends on KEYS
|
||||
depends on TMPFS
|
||||
select CRYPTO
|
||||
select CRYPTO_AES
|
||||
select CRYPTO_ECB
|
||||
select CRYPTO_RNG
|
||||
help
|
||||
This option provides support for holding large keys within the kernel
|
||||
(for example Kerberos ticket caches). The data may be stored out to
|
||||
|
|
|
|||
|
|
@ -14,8 +14,10 @@
|
|||
#include <linux/file.h>
|
||||
#include <linux/shmem_fs.h>
|
||||
#include <linux/err.h>
|
||||
#include <linux/scatterlist.h>
|
||||
#include <keys/user-type.h>
|
||||
#include <keys/big_key-type.h>
|
||||
#include <crypto/rng.h>
|
||||
|
||||
/*
|
||||
* Layout of key payload words.
|
||||
|
|
@ -27,6 +29,14 @@ enum {
|
|||
big_key_len,
|
||||
};
|
||||
|
||||
/*
|
||||
* Crypto operation with big_key data
|
||||
*/
|
||||
enum big_key_op {
|
||||
BIG_KEY_ENC,
|
||||
BIG_KEY_DEC,
|
||||
};
|
||||
|
||||
/*
|
||||
* If the data is under this limit, there's no point creating a shm file to
|
||||
* hold it as the permanently resident metadata for the shmem fs will be at
|
||||
|
|
@ -34,6 +44,11 @@ enum {
|
|||
*/
|
||||
#define BIG_KEY_FILE_THRESHOLD (sizeof(struct inode) + sizeof(struct dentry))
|
||||
|
||||
/*
|
||||
* Key size for big_key data encryption
|
||||
*/
|
||||
#define ENC_KEY_SIZE 16
|
||||
|
||||
/*
|
||||
* big_key defined keys take an arbitrary string as the description and an
|
||||
* arbitrary blob of data as the payload
|
||||
|
|
@ -49,6 +64,54 @@ struct key_type key_type_big_key = {
|
|||
.read = big_key_read,
|
||||
};
|
||||
|
||||
/*
|
||||
* Crypto names for big_key data encryption
|
||||
*/
|
||||
static const char big_key_rng_name[] = "stdrng";
|
||||
static const char big_key_alg_name[] = "ecb(aes)";
|
||||
|
||||
/*
|
||||
* Crypto algorithms for big_key data encryption
|
||||
*/
|
||||
static struct crypto_rng *big_key_rng;
|
||||
static struct crypto_blkcipher *big_key_blkcipher;
|
||||
|
||||
/*
|
||||
* Generate random key to encrypt big_key data
|
||||
*/
|
||||
static inline int big_key_gen_enckey(u8 *key)
|
||||
{
|
||||
return crypto_rng_get_bytes(big_key_rng, key, ENC_KEY_SIZE);
|
||||
}
|
||||
|
||||
/*
|
||||
* Encrypt/decrypt big_key data
|
||||
*/
|
||||
static int big_key_crypt(enum big_key_op op, u8 *data, size_t datalen, u8 *key)
|
||||
{
|
||||
int ret = -EINVAL;
|
||||
struct scatterlist sgio;
|
||||
struct blkcipher_desc desc;
|
||||
|
||||
if (crypto_blkcipher_setkey(big_key_blkcipher, key, ENC_KEY_SIZE)) {
|
||||
ret = -EAGAIN;
|
||||
goto error;
|
||||
}
|
||||
|
||||
desc.flags = 0;
|
||||
desc.tfm = big_key_blkcipher;
|
||||
|
||||
sg_init_one(&sgio, data, datalen);
|
||||
|
||||
if (op == BIG_KEY_ENC)
|
||||
ret = crypto_blkcipher_encrypt(&desc, &sgio, &sgio, datalen);
|
||||
else
|
||||
ret = crypto_blkcipher_decrypt(&desc, &sgio, &sgio, datalen);
|
||||
|
||||
error:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* Preparse a big key
|
||||
*/
|
||||
|
|
@ -56,6 +119,8 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
|||
{
|
||||
struct path *path = (struct path *)&prep->payload.data[big_key_path];
|
||||
struct file *file;
|
||||
u8 *enckey;
|
||||
u8 *data = NULL;
|
||||
ssize_t written;
|
||||
size_t datalen = prep->datalen;
|
||||
int ret;
|
||||
|
|
@ -73,16 +138,43 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
|||
/* Create a shmem file to store the data in. This will permit the data
|
||||
* to be swapped out if needed.
|
||||
*
|
||||
* TODO: Encrypt the stored data with a temporary key.
|
||||
* File content is stored encrypted with randomly generated key.
|
||||
*/
|
||||
file = shmem_kernel_file_setup("", datalen, 0);
|
||||
if (IS_ERR(file)) {
|
||||
ret = PTR_ERR(file);
|
||||
size_t enclen = ALIGN(datalen, crypto_blkcipher_blocksize(big_key_blkcipher));
|
||||
|
||||
/* prepare aligned data to encrypt */
|
||||
data = kmalloc(enclen, GFP_KERNEL);
|
||||
if (!data)
|
||||
return -ENOMEM;
|
||||
|
||||
memcpy(data, prep->data, datalen);
|
||||
memset(data + datalen, 0x00, enclen - datalen);
|
||||
|
||||
/* generate random key */
|
||||
enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL);
|
||||
if (!enckey) {
|
||||
ret = -ENOMEM;
|
||||
goto error;
|
||||
}
|
||||
|
||||
written = kernel_write(file, prep->data, prep->datalen, 0);
|
||||
if (written != datalen) {
|
||||
ret = big_key_gen_enckey(enckey);
|
||||
if (ret)
|
||||
goto err_enckey;
|
||||
|
||||
/* encrypt aligned data */
|
||||
ret = big_key_crypt(BIG_KEY_ENC, data, enclen, enckey);
|
||||
if (ret)
|
||||
goto err_enckey;
|
||||
|
||||
/* save aligned data to file */
|
||||
file = shmem_kernel_file_setup("", enclen, 0);
|
||||
if (IS_ERR(file)) {
|
||||
ret = PTR_ERR(file);
|
||||
goto err_enckey;
|
||||
}
|
||||
|
||||
written = kernel_write(file, data, enclen, 0);
|
||||
if (written != enclen) {
|
||||
ret = written;
|
||||
if (written >= 0)
|
||||
ret = -ENOMEM;
|
||||
|
|
@ -92,12 +184,15 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
|||
/* Pin the mount and dentry to the key so that we can open it again
|
||||
* later
|
||||
*/
|
||||
prep->payload.data[big_key_data] = enckey;
|
||||
*path = file->f_path;
|
||||
path_get(path);
|
||||
fput(file);
|
||||
kfree(data);
|
||||
} else {
|
||||
/* Just store the data in a buffer */
|
||||
void *data = kmalloc(datalen, GFP_KERNEL);
|
||||
|
||||
if (!data)
|
||||
return -ENOMEM;
|
||||
|
||||
|
|
@ -108,7 +203,10 @@ int big_key_preparse(struct key_preparsed_payload *prep)
|
|||
|
||||
err_fput:
|
||||
fput(file);
|
||||
err_enckey:
|
||||
kfree(enckey);
|
||||
error:
|
||||
kfree(data);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
@ -119,10 +217,10 @@ void big_key_free_preparse(struct key_preparsed_payload *prep)
|
|||
{
|
||||
if (prep->datalen > BIG_KEY_FILE_THRESHOLD) {
|
||||
struct path *path = (struct path *)&prep->payload.data[big_key_path];
|
||||
|
||||
path_put(path);
|
||||
} else {
|
||||
kfree(prep->payload.data[big_key_data]);
|
||||
}
|
||||
kfree(prep->payload.data[big_key_data]);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -147,15 +245,15 @@ void big_key_destroy(struct key *key)
|
|||
{
|
||||
size_t datalen = (size_t)key->payload.data[big_key_len];
|
||||
|
||||
if (datalen) {
|
||||
if (datalen > BIG_KEY_FILE_THRESHOLD) {
|
||||
struct path *path = (struct path *)&key->payload.data[big_key_path];
|
||||
|
||||
path_put(path);
|
||||
path->mnt = NULL;
|
||||
path->dentry = NULL;
|
||||
} else {
|
||||
kfree(key->payload.data[big_key_data]);
|
||||
key->payload.data[big_key_data] = NULL;
|
||||
}
|
||||
kfree(key->payload.data[big_key_data]);
|
||||
key->payload.data[big_key_data] = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -188,17 +286,41 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen)
|
|||
if (datalen > BIG_KEY_FILE_THRESHOLD) {
|
||||
struct path *path = (struct path *)&key->payload.data[big_key_path];
|
||||
struct file *file;
|
||||
loff_t pos;
|
||||
u8 *data;
|
||||
u8 *enckey = (u8 *)key->payload.data[big_key_data];
|
||||
size_t enclen = ALIGN(datalen, crypto_blkcipher_blocksize(big_key_blkcipher));
|
||||
|
||||
data = kmalloc(enclen, GFP_KERNEL);
|
||||
if (!data)
|
||||
return -ENOMEM;
|
||||
|
||||
file = dentry_open(path, O_RDONLY, current_cred());
|
||||
if (IS_ERR(file))
|
||||
return PTR_ERR(file);
|
||||
if (IS_ERR(file)) {
|
||||
ret = PTR_ERR(file);
|
||||
goto error;
|
||||
}
|
||||
|
||||
pos = 0;
|
||||
ret = vfs_read(file, buffer, datalen, &pos);
|
||||
fput(file);
|
||||
if (ret >= 0 && ret != datalen)
|
||||
/* read file to kernel and decrypt */
|
||||
ret = kernel_read(file, 0, data, enclen);
|
||||
if (ret >= 0 && ret != enclen) {
|
||||
ret = -EIO;
|
||||
goto err_fput;
|
||||
}
|
||||
|
||||
ret = big_key_crypt(BIG_KEY_DEC, data, enclen, enckey);
|
||||
if (ret)
|
||||
goto err_fput;
|
||||
|
||||
ret = datalen;
|
||||
|
||||
/* copy decrypted data to user */
|
||||
if (copy_to_user(buffer, data, datalen) != 0)
|
||||
ret = -EFAULT;
|
||||
|
||||
err_fput:
|
||||
fput(file);
|
||||
error:
|
||||
kfree(data);
|
||||
} else {
|
||||
ret = datalen;
|
||||
if (copy_to_user(buffer, key->payload.data[big_key_data],
|
||||
|
|
@ -209,8 +331,48 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen)
|
|||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* Register key type
|
||||
*/
|
||||
static int __init big_key_init(void)
|
||||
{
|
||||
return register_key_type(&key_type_big_key);
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize big_key crypto and RNG algorithms
|
||||
*/
|
||||
static int __init big_key_crypto_init(void)
|
||||
{
|
||||
int ret = -EINVAL;
|
||||
|
||||
/* init RNG */
|
||||
big_key_rng = crypto_alloc_rng(big_key_rng_name, 0, 0);
|
||||
if (IS_ERR(big_key_rng)) {
|
||||
big_key_rng = NULL;
|
||||
return -EFAULT;
|
||||
}
|
||||
|
||||
/* seed RNG */
|
||||
ret = crypto_rng_reset(big_key_rng, NULL, crypto_rng_seedsize(big_key_rng));
|
||||
if (ret)
|
||||
goto error;
|
||||
|
||||
/* init block cipher */
|
||||
big_key_blkcipher = crypto_alloc_blkcipher(big_key_alg_name, 0, 0);
|
||||
if (IS_ERR(big_key_blkcipher)) {
|
||||
big_key_blkcipher = NULL;
|
||||
ret = -EFAULT;
|
||||
goto error;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
error:
|
||||
crypto_free_rng(big_key_rng);
|
||||
big_key_rng = NULL;
|
||||
return ret;
|
||||
}
|
||||
|
||||
device_initcall(big_key_init);
|
||||
late_initcall(big_key_crypto_init);
|
||||
|
|
|
|||
Loading…
Reference in New Issue