lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250210202336.349924-1-ebiggers@kernel.org>
Date: Mon, 10 Feb 2025 12:23:32 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: linux-fscrypt@...r.kernel.org,
	linux-scsi@...r.kernel.org
Cc: linux-block@...r.kernel.org,
	linux-mmc@...r.kernel.org,
	linux-arm-msm@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Bartosz Golaszewski <brgl@...ev.pl>,
	Gaurav Kashyap <quic_gaurkash@...cinc.com>,
	Bjorn Andersson <andersson@...nel.org>,
	Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
	Jens Axboe <axboe@...nel.dk>,
	Konrad Dybcio <konradybcio@...nel.org>,
	Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>
Subject: [PATCH v12 0/4] Driver and fscrypt support for HW-wrapped inline encryption keys

This patchset is based on linux-block/for-next and is also available at:

    git fetch https://git.kernel.org/pub/scm/fs/fscrypt/linux.git wrapped-keys-v12

Now that the block layer support for hardware-wrapped inline encryption
keys has been applied for 6.15
(https://lore.kernel.org/r/173920649542.40307.8847368467858129326.b4-ty@kernel.dk),
this series refreshes the remaining patches.  They add the support for
hardware-wrapped inline encryption keys to the Qualcomm ICE and UFS
drivers and to fscrypt.  All tested on SM8650 with xfstests.

TBD whether these will land in 6.15 too, or wait until 6.16 when the
block patches that patches 2-4 depend on will have landed.

Changed in v12:
  - Rebased onto linux-block/for-next
  - Fixed endianness error in drivers/soc/qcom/ice.c
  - Added Acked-bys
  - Updated the fscrypt patch to go back to having just
    FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED (as in v8) instead of
    FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED_V0 and
    FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED_V1.  Upon further discussion it
    seemed the partial V0 compatibility was not going to be as helpful
    as I had hoped, so instead we'll just have the single new version
    that does things properly.  Note, I've updated my wip-wrapped-keys
    branch of fscryptctl accordingly.

Changed in v11:
  - Rebased onto v6.14-rc1.  Dropped the patches that were upstreamed in
    6.14, and put the block patches first in the series again.
  - Significantly cleaned up the patch "soc: qcom: ice: add HWKM support
    to the ICE driver".  Some of the notable changes were dropping the
    unnecessary support for HWKM v1, and replacing qcom_ice_using_hwkm()
    with qcom_ice_get_supported_key_type().
  - Consistently used and documented the EBADMSG error code for invalid
    hardware-wrapped keys.
  - Other minor cleanups.

Changed in v10:
  - Fixed bugs in qcom_scm_derive_sw_secret() and cqhci_crypto_init().
  - Added "ufs: qcom: fix crypto key eviction" and
    "mmc: sdhci-msm: fix crypto key eviction".
  - Split removing ufs_hba_variant_ops::program_key into its own patch.
  - Minor cleanups.
  - Added Tested-by.

Changed in v9 (relative to v7 patchset from Bartosz Golaszewski):
  - ufs-qcom and sdhci-msm now just initialize the blk_crypto_profile
    themselves, like what ufs-exynos was doing.  This avoids needing to
    add all the host-specific hooks for wrapped key support to the MMC
    and UFS core drivers.
  - When passing the blk_crypto_key further down the stack, it now
    replaces parameters like the algorithm ID, to avoid creating two
    sources of truth.
  - The module parameter qcom_ice.use_wrapped_keys should work correctly now.
  - The fscrypt support no longer uses a policy flag to indicate when a
    file is protected by a HW-wrapped key, since it was already implied
    by the file's key identifier being that of a HW-wrapped key.
    Originally there was an issue where raw and HW-wrapped keys could
    share key identifiers, but I had fixed that earlier by introducing a
    new HKDF context byte.
  - The term "standard keys" is no longer used.  Now "raw keys" is
    consistently used instead.  I've found that people find the term
    "raw keys" to be more intuitive.  Also HW-wrapped keys could in
    principle be standardized.
  - I've reordered the patchset to place preparatory patches that don't
    depend on the actual HW-wrapped key support first.

For older changelogs, see
https://lore.kernel.org/r/20241202-wrapped-keys-v7-0-67c3ca3f3282@linaro.org and
https://lore.kernel.org/r/20231104211259.17448-1-ebiggers@kernel.org

Eric Biggers (3):
  soc: qcom: ice: make qcom_ice_program_key() take struct blk_crypto_key
  ufs: qcom: add support for wrapped keys
  fscrypt: add support for hardware-wrapped keys

Gaurav Kashyap (1):
  soc: qcom: ice: add HWKM support to the ICE driver

 Documentation/filesystems/fscrypt.rst | 187 +++++++++++---
 drivers/mmc/host/sdhci-msm.c          |  16 +-
 drivers/soc/qcom/ice.c                | 350 ++++++++++++++++++++++++--
 drivers/ufs/host/ufs-qcom.c           |  57 ++++-
 fs/crypto/fscrypt_private.h           |  75 +++++-
 fs/crypto/hkdf.c                      |   4 +-
 fs/crypto/inline_crypt.c              |  44 +++-
 fs/crypto/keyring.c                   | 138 +++++++---
 fs/crypto/keysetup.c                  |  63 ++++-
 fs/crypto/keysetup_v1.c               |   4 +-
 include/soc/qcom/ice.h                |  34 ++-
 include/uapi/linux/fscrypt.h          |   6 +-
 12 files changed, 809 insertions(+), 169 deletions(-)


base-commit: 352245090aa60dbaa11b4f7da18f31caf42aeb82
-- 
2.48.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ