lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 19 Jul 2018 00:39:54 +0800
From:   Chen Yu <yu.c.chen@...el.com>
To:     linux-pm@...r.kernel.org
Cc:     Rui Zhang <rui.zhang@...el.com>,
        "Gu, Kookoo" <kookoo.gu@...el.com>, Chen Yu <yu.c.chen@...el.com>,
        "Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
        Pavel Machek <pavel@....cz>, Len Brown <len.brown@...el.com>,
        "Lee, Chun-Yi" <jlee@...e.com>, Eric Biggers <ebiggers@...gle.com>,
        "Theodore Ts'o" <tytso@....edu>,
        Stephan Mueller <smueller@...onox.de>,
        Denis Kenzior <denkenz@...il.com>,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 2/4][RFC v2] PM / hibernate: Install crypto hooks for hibernation encryption

The encryption helper functions are installed into hibernation
framework for later use.

Suggested-by: Rafael J. Wysocki <rafael.j.wysocki@...el.com>
Cc: Rafael J. Wysocki <rafael.j.wysocki@...el.com>
Cc: Pavel Machek <pavel@....cz>
Cc: Len Brown <len.brown@...el.com>
Cc: "Lee, Chun-Yi" <jlee@...e.com>
Cc: Eric Biggers <ebiggers@...gle.com>
Cc: "Theodore Ts'o" <tytso@....edu>
Cc: Stephan Mueller <smueller@...onox.de>
Cc: Denis Kenzior <denkenz@...il.com>
Cc: linux-pm@...r.kernel.org
Cc: linux-crypto@...r.kernel.org
Cc: linux-kernel@...r.kernel.org
Signed-off-by: Chen Yu <yu.c.chen@...el.com>
---
 include/linux/suspend.h           | 40 +++++++++++++++++++++++
 kernel/power/crypto_hibernation.c | 10 ++++++
 kernel/power/hibernate.c          | 67 +++++++++++++++++++++++++++++++++++++++
 kernel/power/power.h              |  2 ++
 4 files changed, 119 insertions(+)

diff --git a/include/linux/suspend.h b/include/linux/suspend.h
index 440b62f..b45a857 100644
--- a/include/linux/suspend.h
+++ b/include/linux/suspend.h
@@ -391,6 +391,46 @@ extern void hibernation_set_ops(const struct platform_hibernation_ops *ops);
 extern int hibernate(void);
 extern bool system_entering_hibernation(void);
 extern bool hibernation_available(void);
+#if IS_ENABLED(CONFIG_CRYPTO_HIBERNATION)
+struct hibernation_crypto_ops {
+	int (*crypto_data)(
+		const char *inbuf, int inlen,
+		char *outbuf, int outlen,
+		unsigned int cmd,
+		int page_idx);
+	void (*save)(void *buf);
+	void (*restore)(void *buf);
+	int (*init)(bool suspend);
+};
+
+extern void hibernation_set_crypto_ops(
+		const struct hibernation_crypto_ops *ops);
+extern int hibernation_crypto_data(
+		const char *inbuf,
+		int inlen,
+		char *outbuf,
+		int outlen,
+		unsigned int cmd,
+		int page_idx);
+extern void hibernation_crypto_save(void *outbuf);
+extern void hibernation_crypto_restore(void *inbuf);
+extern int hibernation_crypto_init(bool suspend);
+extern int hibernation_crypto_mode;
+#else
+static inline int hibernation_crypto_data(
+		const char *inbuf,
+		int inlen,
+		char *outbuf,
+		int outlen,
+		unsigned int cmd,
+		int page_idx) { return 0; }
+static inline void hibernation_crypto_save(void *outbuf) {}
+static inline void hibernation_crypto_restore(void *inbuf) {}
+static inline int hibernation_crypto_init(bool suspend)
+{
+	return 0;
+}
+#endif
 asmlinkage int swsusp_save(void);
 extern struct pbe *restore_pblist;
 #else /* CONFIG_HIBERNATION */
diff --git a/kernel/power/crypto_hibernation.c b/kernel/power/crypto_hibernation.c
index 406bb0c..845eb54 100644
--- a/kernel/power/crypto_hibernation.c
+++ b/kernel/power/crypto_hibernation.c
@@ -36,6 +36,7 @@
 #include <linux/moduleparam.h>
 #include <linux/cdev.h>
 #include <linux/major.h>
+#include <linux/suspend.h>
 #include <crypto/skcipher.h>
 #include <crypto/akcipher.h>
 #include <crypto/aes.h>
@@ -288,6 +289,13 @@ static int crypto_init(bool suspend)
 	return 0;
 }
 
+static const struct hibernation_crypto_ops crypto_ops = {
+	.crypto_data = crypto_data,
+	.save = crypto_save,
+	.restore = crypto_restore,
+	.init = crypto_init,
+};
+
 /* key/salt probing via ioctl. */
 dev_t crypto_dev;
 static struct class *crypto_dev_class;
@@ -384,6 +392,8 @@ static int crypto_hibernate_init(void)
 	/* generate the random salt */
 	get_random_bytes(get_salt_ptr(), HIBERNATE_MAX_SALT_BYTES);
 
+	hibernation_set_crypto_ops(&crypto_ops);
+
 	return 0;
 
  r_device:
diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
index 9c85c78..a9e82f8 100644
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -59,6 +59,16 @@ enum {
 	/* keep last */
 	__HIBERNATION_AFTER_LAST
 };
+
+#if IS_ENABLED(CONFIG_CRYPTO_HIBERNATION)
+enum {
+	HIBERNATION_ENCRYPT,
+	HIBERNATION_SIGNATURE,
+	HIBERNATION_ENCRYPT_SIGNATURE,
+};
+int hibernation_crypto_mode = HIBERNATION_ENCRYPT;
+#endif
+
 #define HIBERNATION_MAX (__HIBERNATION_AFTER_LAST-1)
 #define HIBERNATION_FIRST (HIBERNATION_INVALID + 1)
 
@@ -96,6 +106,63 @@ void hibernation_set_ops(const struct platform_hibernation_ops *ops)
 }
 EXPORT_SYMBOL_GPL(hibernation_set_ops);
 
+#if IS_ENABLED(CONFIG_CRYPTO_HIBERNATION)
+/* Install encryption/decryption/signature hooks. */
+static const struct hibernation_crypto_ops *hibernation_crypto_ops;
+
+void hibernation_set_crypto_ops(const struct hibernation_crypto_ops *ops)
+{
+	hibernation_crypto_ops = ops;
+}
+EXPORT_SYMBOL_GPL(hibernation_set_crypto_ops);
+
+int hibernation_crypto_data(
+		const char *inbuf,
+		int inlen,
+		char *outbuf,
+		int outlen,
+		unsigned int mode,
+		int page_idx)
+{
+	if (hibernation_crypto_ops &&
+	    hibernation_crypto_ops->crypto_data)
+		return hibernation_crypto_ops->crypto_data(inbuf,
+			inlen, outbuf, outlen, mode, page_idx);
+	else
+		return -EINVAL;
+}
+EXPORT_SYMBOL_GPL(hibernation_crypto_data);
+
+/* Invoked before hibernate. */
+void hibernation_crypto_save(void *outbuf)
+{
+	if (hibernation_crypto_ops &&
+	    hibernation_crypto_ops->save)
+		hibernation_crypto_ops->save(outbuf);
+}
+EXPORT_SYMBOL_GPL(hibernation_crypto_save);
+
+/* Invoked before resumed. */
+void hibernation_crypto_restore(void *inbuf)
+{
+	if (hibernation_crypto_ops &&
+	    hibernation_crypto_ops->restore)
+		hibernation_crypto_ops->restore(inbuf);
+}
+EXPORT_SYMBOL_GPL(hibernation_crypto_restore);
+
+/* Initialization for crypto helper facilities. */
+int hibernation_crypto_init(bool suspend)
+{
+	if (hibernation_crypto_ops &&
+	    hibernation_crypto_ops->init)
+		return hibernation_crypto_ops->init(suspend);
+	else
+		return -EINVAL;
+}
+EXPORT_SYMBOL_GPL(hibernation_crypto_init);
+
+#endif
 static bool entering_platform_hibernation;
 
 bool system_entering_hibernation(void)
diff --git a/kernel/power/power.h b/kernel/power/power.h
index a539bdb..ba3b24c 100644
--- a/kernel/power/power.h
+++ b/kernel/power/power.h
@@ -107,6 +107,8 @@ struct hibernation_crypto {
 	struct hibernation_crypto_keys keys;
 };
 
+extern void hibernation_set_crypto_ops(
+	const struct hibernation_crypto_ops *ops);
 #else
 #define HIBERNATE_MAX_SALT_BYTES	0
 #endif
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ