lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240906-wrapped-keys-v6-0-d59e61bc0cb4@linaro.org>
Date: Fri, 06 Sep 2024 20:07:03 +0200
From: Bartosz Golaszewski <brgl@...ev.pl>
To: Jens Axboe <axboe@...nel.dk>, Jonathan Corbet <corbet@....net>, 
 Alasdair Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...nel.org>, 
 Mikulas Patocka <mpatocka@...hat.com>, 
 Adrian Hunter <adrian.hunter@...el.com>, 
 Asutosh Das <quic_asutoshd@...cinc.com>, 
 Ritesh Harjani <ritesh.list@...il.com>, 
 Ulf Hansson <ulf.hansson@...aro.org>, Alim Akhtar <alim.akhtar@...sung.com>, 
 Avri Altman <avri.altman@....com>, Bart Van Assche <bvanassche@....org>, 
 "James E.J. Bottomley" <James.Bottomley@...senPartnership.com>, 
 "Martin K. Petersen" <martin.petersen@...cle.com>, 
 Eric Biggers <ebiggers@...nel.org>, "Theodore Y. Ts'o" <tytso@....edu>, 
 Jaegeuk Kim <jaegeuk@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>, 
 Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, 
 Bjorn Andersson <andersson@...nel.org>, 
 Konrad Dybcio <konradybcio@...nel.org>, 
 Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>, 
 Dmitry Baryshkov <dmitry.baryshkov@...aro.org>, 
 Gaurav Kashyap <quic_gaurkash@...cinc.com>, 
 Neil Armstrong <neil.armstrong@...aro.org>
Cc: linux-block@...r.kernel.org, linux-doc@...r.kernel.org, 
 linux-kernel@...r.kernel.org, dm-devel@...ts.linux.dev, 
 linux-mmc@...r.kernel.org, linux-scsi@...r.kernel.org, 
 linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org, 
 linux-arm-msm@...r.kernel.org, 
 Bartosz Golaszewski <bartosz.golaszewski@...aro.org>, 
 Eric Biggers <ebiggers@...gle.com>, 
 Om Prakash Singh <quic_omprsing@...cinc.com>
Subject: [PATCH v6 00/17] Hardware wrapped key support for QCom ICE and UFS
 core

I took this work over from Gaurav Kashyap and integrated Eric's series
into it for an easier discussion on the actual API to be used for
wrapped keys as well as if and how to enable users to indicate whether
wrapped keys should be used at all.

I know Dmitry's opinion on that and expect this to be more of an RFC
rather than a real patch series. That being said, what is here, works
fine on sm8650.

Hardware-wrapped keys are encrypted keys that can only be unwrapped
(decrypted) and used by hardware - either by the inline encryption
hardware itself, or by a dedicated hardware block that can directly
provision keys to the inline encryption hardware. For more details,
please see patches 1-3 in this series which extend the inline encryption
docs with more information.

This series adds support for wrapped keys to the block layer, fscrypt
and then build upwards from there by implementing relevant callbacks in
QCom SCM driver, then the ICE driver and finally in UFS core and QCom
layer.

Tested on sm8650-qrd.

How to test:

Use the wip-wrapped-keys branch from https://github.com/ebiggers/fscryptctl
to build a custom fscryptctl that supports generating wrapped keys.

Enable the following config options:
CONFIG_BLK_INLINE_ENCRYPTION=y
CONFIG_QCOM_INLINE_CRYPTO_ENGINE=m
CONFIG_FS_ENCRYPTION_INLINE_CRYPT=y
CONFIG_SCSI_UFS_CRYPTO=y

$ mkfs.ext4 -F -O encrypt,stable_inodes /dev/disk/by-partlabel/userdata
$ mount /dev/disk/by-partlabel/userdata -o inlinecrypt /mnt
$ fscryptctl generate_hw_wrapped_key /dev/disk/by-partlabel/userdata > /mnt/key.longterm
$ fscryptctl prepare_hw_wrapped_key /dev/disk/by-partlabel/userdata < /mnt/key.longterm > /tmp/key.ephemeral
$ KEYID=$(fscryptctl add_key --hw-wrapped-key < /tmp/key.ephemeral /mnt)
$ rm -rf /mnt/dir
$ mkdir /mnt/dir
$ fscryptctl set_policy --hw-wrapped-key --iv-ino-lblk-64 "$KEYID" /mnt/dir
$ dmesg > /mnt/dir/test.txt
$ sync

Reboot the board

$ mount /dev/disk/by-partlabel/userdata -o inlinecrypt /mnt
$ ls /mnt/dir
$ fscryptctl prepare_hw_wrapped_key /dev/disk/by-partlabel/userdata < /mnt/key.longterm > /tmp/key.ephemeral
$ KEYID=$(fscryptctl add_key --hw-wrapped-key < /tmp/key.ephemeral /mnt)
$ fscryptctl set_policy --hw-wrapped-key --iv-ino-lblk-64 "$KEYID" /mnt/dir
$ cat /mnt/dir/test.txt # File should now be decrypted

Changes since v5:
- add the wrapped key support from Eric Biggers to the series
- remove the new DT property from the series and instead query the
  at run-time rustZone to find out if wrapped keys are supported
- make the wrapped key support into a UFS capability, not a quirk
- improve kerneldocs
- improve and rework coding style in most patches
- improve and reformat commit messages
- simplify the offset calculation for CRYPTOCFG
- split out the DTS changes into a separate series

Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@...aro.org>
---
Bartosz Golaszewski (1):
      firmware: qcom: scm: add a call for checking wrapped key support

Eric Biggers (4):
      blk-crypto: add basic hardware-wrapped key support
      blk-crypto: show supported key types in sysfs
      blk-crypto: add ioctls to create and prepare hardware-wrapped keys
      fscrypt: add support for hardware-wrapped keys

Gaurav Kashyap (12):
      ice, ufs, mmc: use the blk_crypto_key struct when programming the key
      firmware: qcom: scm: add a call for deriving the software secret
      firmware: qcom: scm: add calls for creating, preparing and importing keys
      soc: qcom: ice: add HWKM support to the ICE driver
      soc: qcom: ice: add support for hardware wrapped keys
      soc: qcom: ice: add support for generating, importing and preparing keys
      ufs: core: add support for wrapped keys to UFS core
      ufs: core: add support for deriving the software secret
      ufs: core: add support for generating, importing and preparing keys
      ufs: host: add support for wrapped keys in QCom UFS
      ufs: host: add a callback for deriving software secrets and use it
      ufs: host: add support for generating, importing and preparing wrapped keys

 Documentation/ABI/stable/sysfs-block               |  18 ++
 Documentation/block/inline-encryption.rst          | 245 +++++++++++++-
 Documentation/filesystems/fscrypt.rst              | 154 ++++++++-
 Documentation/userspace-api/ioctl/ioctl-number.rst |   2 +
 block/blk-crypto-fallback.c                        |   5 +-
 block/blk-crypto-internal.h                        |  10 +
 block/blk-crypto-profile.c                         | 103 ++++++
 block/blk-crypto-sysfs.c                           |  35 ++
 block/blk-crypto.c                                 | 194 ++++++++++-
 block/ioctl.c                                      |   5 +
 drivers/firmware/qcom/qcom_scm.c                   | 233 ++++++++++++++
 drivers/firmware/qcom/qcom_scm.h                   |   4 +
 drivers/md/dm-table.c                              |   1 +
 drivers/mmc/host/cqhci-crypto.c                    |   9 +-
 drivers/mmc/host/cqhci.h                           |   2 +
 drivers/mmc/host/sdhci-msm.c                       |   6 +-
 drivers/soc/qcom/ice.c                             | 355 ++++++++++++++++++++-
 drivers/ufs/core/ufshcd-crypto.c                   |  86 ++++-
 drivers/ufs/host/ufs-qcom.c                        |  61 +++-
 fs/crypto/fscrypt_private.h                        |  71 ++++-
 fs/crypto/hkdf.c                                   |   4 +-
 fs/crypto/inline_crypt.c                           |  44 ++-
 fs/crypto/keyring.c                                | 124 +++++--
 fs/crypto/keysetup.c                               |  54 +++-
 fs/crypto/keysetup_v1.c                            |   5 +-
 fs/crypto/policy.c                                 |  11 +-
 include/linux/blk-crypto-profile.h                 |  73 +++++
 include/linux/blk-crypto.h                         |  75 ++++-
 include/linux/firmware/qcom/qcom_scm.h             |   8 +
 include/soc/qcom/ice.h                             |  18 +-
 include/uapi/linux/blk-crypto.h                    |  44 +++
 include/uapi/linux/fs.h                            |   6 +-
 include/uapi/linux/fscrypt.h                       |   7 +-
 include/ufs/ufshcd.h                               |  21 ++
 34 files changed, 1958 insertions(+), 135 deletions(-)
---
base-commit: ad40aff1edffeccc412cde93894196dca7bc739e
change-id: 20240802-wrapped-keys-eea0032fbfed

Best regards,
-- 
Bartosz Golaszewski <bartosz.golaszewski@...aro.org>


Powered by blists - more mailing lists