lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 17 Jan 2024 15:38:13 +0800
From: Coiby Xu <coxu@...hat.com>
To: Ondrej Kozina <okozina@...hat.com>
Cc: kexec@...ts.infradead.org, Milan Broz <gmazyland@...il.com>, 
	Thomas Staudt <tstaudt@...ibm.com>, Daniel P . Berrangé <berrange@...hat.com>, 
	Kairui Song <ryncsn@...il.com>, dm-devel@...hat.com, Jan Pazdziora <jpazdziora@...hat.com>, 
	Pingfan Liu <kernelfans@...il.com>, Baoquan He <bhe@...hat.com>, Dave Young <dyoung@...hat.com>, 
	linux-kernel@...r.kernel.org, x86@...nel.org, Dave Hansen <dave.hansen@...el.com>, 
	Vitaly Kuznetsov <vkuznets@...hat.com>
Subject: Re: Re: [PATCH v2 0/5] Support kdump with LUKS encryption by reusing
 LUKS volume key

On Tue, Jan 16, 2024 at 11:37:10AM +0100, Ondrej Kozina wrote:
>Hi Coiby,

Hi Ondrej,

>
>I've started working on a patchset for systemd utility. I have one 
>question/suggestion:
>
>On 10/01/2024 08:15, Coiby Xu wrote:
>>LUKS is the standard for Linux disk encryption. Many users choose LUKS
>>and in some use cases like Confidential VM it's mandated. With kdump
>>enabled, when the 1st kernel crashes, the system could boot into the
>>kdump/crash kernel and dump the memory image i.e. /proc/vmcore to a
>>specified target. Currently, when dumping vmcore to a LUKS
>>encrypted device, there are two problems,
>>
>>  - Kdump kernel may not be able to decrypt the LUKS partition. For some
>>    machines, a system administrator may not have a chance to enter the
>>    password to decrypt the device in kdump initramfs after the 1st kernel
>>    crashes; For cloud confidential VMs, depending on the policy the
>>    kdump kernel may not be able to unseal the key with TPM and the
>>    console virtual keyboard is untrusted
>>
>>  - LUKS2 by default use the memory-hard Argon2 key derivation function
>>    which is quite memory-consuming compared to the limited memory reserved
>>    for kdump. Take Fedora example, by default, only 256M is reserved for
>>    systems having memory between 4G-64G. With LUKS enabled, ~1300M needs
>>    to be reserved for kdump. Note if the memory reserved for kdump can't
>>    be used by 1st kernel i.e. an user sees ~1300M memory missing in the
>>    1st kernel.
>>Besides users (at least for Fedora) usually expect kdump to work out of
>>the box i.e. no manual password input is needed. And it doesn't make
>>sense to derivate the key again in kdump kernel which seems to be
>>redundant work.
>>
>>This patch set addresses the above issues by reusing the LUKS volume key
>>in kdump kernel with the help of cryptsetup's new APIs
>>(--link-vk-to-keyring/--volume-key-keyring). Here is the life cycle of
>>this kdump copy of LUKS volume key,
>>
>>  1. After the 1st kernel loads the initramfs during boot, systemd
>>     use an user-input passphrase or TPM-sealed key to de-crypt the LUKS
>>     volume key and then save the volume key to specified keyring
>>     (using the --link-vk-to-keyring API) and the key will expire within
>>     specified time.
>>
>>  2.  A user space tool (kdump initramfs builder) writes the key description to
>>     /sys/kernel/crash_dm_crypt_key to inform the 1st kernel to save a
>>     temporary copy of the volume key while building the kdump initramfs
>
>So this volume key copy cached by systemd utility in 1st kernel does 
>not have to be readable from userspace.
>
>>
>>  3. The kexec_file_load syscall saves the temporary copy of the volume
>>     key to kdump reserved memory and wipe the copy.
>>
>>  4. When the 1st kernel crashes and the kdump initramfs is booted, the kdump
>>     initramfs asks the kdump kernel to create a user key using the
>>     key stored in kdump reserved memory by writing the key
>>     description to /sys/kernel/crash_dm_crypt_key. Then the LUKS
>>     encrypted devide is unlocked with libcryptsetup's
>>     --volume-key-keyring API.
>
>Unlike here where it has to readable from uspace so that libcryptsetup 
>can verify the volume key.
>
>Is it correct?
>O.

Oh, my assumed --link-vk-to-keyring only support user key which must be
wrong. So yes, you are absolutely correct that "volume key copy cached
by systemd utility in 1st kernel does not have to be readable from
userspace". Thanks for the suggestion!


-- 
Best regards,
Coiby

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ