xref: /OK3568_Linux_fs/kernel/drivers/md/dm-default-key.c (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (C) 2017 Google, Inc.
4  */
5 
6 #include <linux/blk-crypto.h>
7 #include <linux/device-mapper.h>
8 #include <linux/module.h>
9 
10 #define DM_MSG_PREFIX		"default-key"
11 
12 #define DM_DEFAULT_KEY_MAX_WRAPPED_KEY_SIZE 128
13 
14 static const struct dm_default_key_cipher {
15 	const char *name;
16 	enum blk_crypto_mode_num mode_num;
17 	int key_size;
18 } dm_default_key_ciphers[] = {
19 	{
20 		.name = "aes-xts-plain64",
21 		.mode_num = BLK_ENCRYPTION_MODE_AES_256_XTS,
22 		.key_size = 64,
23 	}, {
24 		.name = "xchacha12,aes-adiantum-plain64",
25 		.mode_num = BLK_ENCRYPTION_MODE_ADIANTUM,
26 		.key_size = 32,
27 	},
28 };
29 
30 /**
31  * struct dm_default_c - private data of a default-key target
32  * @dev: the underlying device
33  * @start: starting sector of the range of @dev which this target actually maps.
34  *	   For this purpose a "sector" is 512 bytes.
35  * @cipher_string: the name of the encryption algorithm being used
36  * @iv_offset: starting offset for IVs.  IVs are generated as if the target were
37  *	       preceded by @iv_offset 512-byte sectors.
38  * @sector_size: crypto sector size in bytes (usually 4096)
39  * @sector_bits: log2(sector_size)
40  * @key: the encryption key to use
41  * @max_dun: the maximum DUN that may be used (computed from other params)
42  */
43 struct default_key_c {
44 	struct dm_dev *dev;
45 	sector_t start;
46 	const char *cipher_string;
47 	u64 iv_offset;
48 	unsigned int sector_size;
49 	unsigned int sector_bits;
50 	struct blk_crypto_key key;
51 	bool is_hw_wrapped;
52 	u64 max_dun;
53 };
54 
55 static const struct dm_default_key_cipher *
lookup_cipher(const char * cipher_string)56 lookup_cipher(const char *cipher_string)
57 {
58 	int i;
59 
60 	for (i = 0; i < ARRAY_SIZE(dm_default_key_ciphers); i++) {
61 		if (strcmp(cipher_string, dm_default_key_ciphers[i].name) == 0)
62 			return &dm_default_key_ciphers[i];
63 	}
64 	return NULL;
65 }
66 
default_key_dtr(struct dm_target * ti)67 static void default_key_dtr(struct dm_target *ti)
68 {
69 	struct default_key_c *dkc = ti->private;
70 	int err;
71 
72 	if (dkc->dev) {
73 		err = blk_crypto_evict_key(bdev_get_queue(dkc->dev->bdev),
74 					   &dkc->key);
75 		if (err && err != -ENOKEY)
76 			DMWARN("Failed to evict crypto key: %d", err);
77 		dm_put_device(ti, dkc->dev);
78 	}
79 	kfree_sensitive(dkc->cipher_string);
80 	kfree_sensitive(dkc);
81 }
82 
default_key_ctr_optional(struct dm_target * ti,unsigned int argc,char ** argv)83 static int default_key_ctr_optional(struct dm_target *ti,
84 				    unsigned int argc, char **argv)
85 {
86 	struct default_key_c *dkc = ti->private;
87 	struct dm_arg_set as;
88 	static const struct dm_arg _args[] = {
89 		{0, 4, "Invalid number of feature args"},
90 	};
91 	unsigned int opt_params;
92 	const char *opt_string;
93 	bool iv_large_sectors = false;
94 	char dummy;
95 	int err;
96 
97 	as.argc = argc;
98 	as.argv = argv;
99 
100 	err = dm_read_arg_group(_args, &as, &opt_params, &ti->error);
101 	if (err)
102 		return err;
103 
104 	while (opt_params--) {
105 		opt_string = dm_shift_arg(&as);
106 		if (!opt_string) {
107 			ti->error = "Not enough feature arguments";
108 			return -EINVAL;
109 		}
110 		if (!strcmp(opt_string, "allow_discards")) {
111 			ti->num_discard_bios = 1;
112 		} else if (sscanf(opt_string, "sector_size:%u%c",
113 				  &dkc->sector_size, &dummy) == 1) {
114 			if (dkc->sector_size < SECTOR_SIZE ||
115 			    dkc->sector_size > 4096 ||
116 			    !is_power_of_2(dkc->sector_size)) {
117 				ti->error = "Invalid sector_size";
118 				return -EINVAL;
119 			}
120 		} else if (!strcmp(opt_string, "iv_large_sectors")) {
121 			iv_large_sectors = true;
122 		} else if (!strcmp(opt_string, "wrappedkey_v0")) {
123 			dkc->is_hw_wrapped = true;
124 		} else {
125 			ti->error = "Invalid feature arguments";
126 			return -EINVAL;
127 		}
128 	}
129 
130 	/* dm-default-key doesn't implement iv_large_sectors=false. */
131 	if (dkc->sector_size != SECTOR_SIZE && !iv_large_sectors) {
132 		ti->error = "iv_large_sectors must be specified";
133 		return -EINVAL;
134 	}
135 
136 	return 0;
137 }
138 
139 /*
140  * Construct a default-key mapping:
141  * <cipher> <key> <iv_offset> <dev_path> <start>
142  *
143  * This syntax matches dm-crypt's, but lots of unneeded functionality has been
144  * removed.  Also, dm-default-key requires that the "iv_large_sectors" option be
145  * given whenever a non-default sector size is used.
146  */
default_key_ctr(struct dm_target * ti,unsigned int argc,char ** argv)147 static int default_key_ctr(struct dm_target *ti, unsigned int argc, char **argv)
148 {
149 	struct default_key_c *dkc;
150 	const struct dm_default_key_cipher *cipher;
151 	u8 raw_key[DM_DEFAULT_KEY_MAX_WRAPPED_KEY_SIZE];
152 	unsigned int raw_key_size;
153 	unsigned int dun_bytes;
154 	unsigned long long tmpll;
155 	char dummy;
156 	int err;
157 
158 	if (argc < 5) {
159 		ti->error = "Not enough arguments";
160 		return -EINVAL;
161 	}
162 
163 	dkc = kzalloc(sizeof(*dkc), GFP_KERNEL);
164 	if (!dkc) {
165 		ti->error = "Out of memory";
166 		return -ENOMEM;
167 	}
168 	ti->private = dkc;
169 
170 	/* <cipher> */
171 	dkc->cipher_string = kstrdup(argv[0], GFP_KERNEL);
172 	if (!dkc->cipher_string) {
173 		ti->error = "Out of memory";
174 		err = -ENOMEM;
175 		goto bad;
176 	}
177 	cipher = lookup_cipher(dkc->cipher_string);
178 	if (!cipher) {
179 		ti->error = "Unsupported cipher";
180 		err = -EINVAL;
181 		goto bad;
182 	}
183 
184 	/* <key> */
185 	raw_key_size = strlen(argv[1]);
186 	if (raw_key_size > 2 * DM_DEFAULT_KEY_MAX_WRAPPED_KEY_SIZE ||
187 	    raw_key_size % 2) {
188 		ti->error = "Invalid keysize";
189 		err = -EINVAL;
190 		goto bad;
191 	}
192 	raw_key_size /= 2;
193 	if (hex2bin(raw_key, argv[1], raw_key_size) != 0) {
194 		ti->error = "Malformed key string";
195 		err = -EINVAL;
196 		goto bad;
197 	}
198 
199 	/* <iv_offset> */
200 	if (sscanf(argv[2], "%llu%c", &dkc->iv_offset, &dummy) != 1) {
201 		ti->error = "Invalid iv_offset sector";
202 		err = -EINVAL;
203 		goto bad;
204 	}
205 
206 	/* <dev_path> */
207 	err = dm_get_device(ti, argv[3], dm_table_get_mode(ti->table),
208 			    &dkc->dev);
209 	if (err) {
210 		ti->error = "Device lookup failed";
211 		goto bad;
212 	}
213 
214 	/* <start> */
215 	if (sscanf(argv[4], "%llu%c", &tmpll, &dummy) != 1 ||
216 	    tmpll != (sector_t)tmpll) {
217 		ti->error = "Invalid start sector";
218 		err = -EINVAL;
219 		goto bad;
220 	}
221 	dkc->start = tmpll;
222 
223 	/* optional arguments */
224 	dkc->sector_size = SECTOR_SIZE;
225 	if (argc > 5) {
226 		err = default_key_ctr_optional(ti, argc - 5, &argv[5]);
227 		if (err)
228 			goto bad;
229 	}
230 	dkc->sector_bits = ilog2(dkc->sector_size);
231 	if (ti->len & ((dkc->sector_size >> SECTOR_SHIFT) - 1)) {
232 		ti->error = "Device size is not a multiple of sector_size";
233 		err = -EINVAL;
234 		goto bad;
235 	}
236 
237 	dkc->max_dun = (dkc->iv_offset + ti->len - 1) >>
238 		       (dkc->sector_bits - SECTOR_SHIFT);
239 	dun_bytes = DIV_ROUND_UP(fls64(dkc->max_dun), 8);
240 
241 	err = blk_crypto_init_key(&dkc->key, raw_key, raw_key_size,
242 				  dkc->is_hw_wrapped, cipher->mode_num,
243 				  dun_bytes, dkc->sector_size);
244 	if (err) {
245 		ti->error = "Error initializing blk-crypto key";
246 		goto bad;
247 	}
248 
249 	err = blk_crypto_start_using_key(&dkc->key,
250 					 bdev_get_queue(dkc->dev->bdev));
251 	if (err) {
252 		ti->error = "Error starting to use blk-crypto";
253 		goto bad;
254 	}
255 
256 	ti->num_flush_bios = 1;
257 
258 	err = 0;
259 	goto out;
260 
261 bad:
262 	default_key_dtr(ti);
263 out:
264 	memzero_explicit(raw_key, sizeof(raw_key));
265 	return err;
266 }
267 
default_key_map(struct dm_target * ti,struct bio * bio)268 static int default_key_map(struct dm_target *ti, struct bio *bio)
269 {
270 	const struct default_key_c *dkc = ti->private;
271 	sector_t sector_in_target;
272 	u64 dun[BLK_CRYPTO_DUN_ARRAY_SIZE] = { 0 };
273 
274 	bio_set_dev(bio, dkc->dev->bdev);
275 
276 	/*
277 	 * If the bio is a device-level request which doesn't target a specific
278 	 * sector, there's nothing more to do.
279 	 */
280 	if (bio_sectors(bio) == 0)
281 		return DM_MAPIO_REMAPPED;
282 
283 	/* Map the bio's sector to the underlying device. (512-byte sectors) */
284 	sector_in_target = dm_target_offset(ti, bio->bi_iter.bi_sector);
285 	bio->bi_iter.bi_sector = dkc->start + sector_in_target;
286 
287 	/*
288 	 * If the bio should skip dm-default-key (i.e. if it's for an encrypted
289 	 * file's contents), or if it doesn't have any data (e.g. if it's a
290 	 * DISCARD request), there's nothing more to do.
291 	 */
292 	if (bio_should_skip_dm_default_key(bio) || !bio_has_data(bio))
293 		return DM_MAPIO_REMAPPED;
294 
295 	/*
296 	 * Else, dm-default-key needs to set this bio's encryption context.
297 	 * It must not already have one.
298 	 */
299 	if (WARN_ON_ONCE(bio_has_crypt_ctx(bio)))
300 		return DM_MAPIO_KILL;
301 
302 	/* Calculate the DUN and enforce data-unit (crypto sector) alignment. */
303 	dun[0] = dkc->iv_offset + sector_in_target; /* 512-byte sectors */
304 	if (dun[0] & ((dkc->sector_size >> SECTOR_SHIFT) - 1))
305 		return DM_MAPIO_KILL;
306 	dun[0] >>= dkc->sector_bits - SECTOR_SHIFT; /* crypto sectors */
307 
308 	/*
309 	 * This check isn't necessary as we should have calculated max_dun
310 	 * correctly, but be safe.
311 	 */
312 	if (WARN_ON_ONCE(dun[0] > dkc->max_dun))
313 		return DM_MAPIO_KILL;
314 
315 	bio_crypt_set_ctx(bio, &dkc->key, dun, GFP_NOIO);
316 
317 	return DM_MAPIO_REMAPPED;
318 }
319 
default_key_status(struct dm_target * ti,status_type_t type,unsigned int status_flags,char * result,unsigned int maxlen)320 static void default_key_status(struct dm_target *ti, status_type_t type,
321 			       unsigned int status_flags, char *result,
322 			       unsigned int maxlen)
323 {
324 	const struct default_key_c *dkc = ti->private;
325 	unsigned int sz = 0;
326 	int num_feature_args = 0;
327 
328 	switch (type) {
329 	case STATUSTYPE_INFO:
330 		result[0] = '\0';
331 		break;
332 
333 	case STATUSTYPE_TABLE:
334 		/* Omit the key for now. */
335 		DMEMIT("%s - %llu %s %llu", dkc->cipher_string, dkc->iv_offset,
336 		       dkc->dev->name, (unsigned long long)dkc->start);
337 
338 		num_feature_args += !!ti->num_discard_bios;
339 		if (dkc->sector_size != SECTOR_SIZE)
340 			num_feature_args += 2;
341 		if (dkc->is_hw_wrapped)
342 			num_feature_args += 1;
343 		if (num_feature_args != 0) {
344 			DMEMIT(" %d", num_feature_args);
345 			if (ti->num_discard_bios)
346 				DMEMIT(" allow_discards");
347 			if (dkc->sector_size != SECTOR_SIZE) {
348 				DMEMIT(" sector_size:%u", dkc->sector_size);
349 				DMEMIT(" iv_large_sectors");
350 			}
351 			if (dkc->is_hw_wrapped)
352 				DMEMIT(" wrappedkey_v0");
353 		}
354 		break;
355 	}
356 }
357 
default_key_prepare_ioctl(struct dm_target * ti,struct block_device ** bdev)358 static int default_key_prepare_ioctl(struct dm_target *ti,
359 				     struct block_device **bdev)
360 {
361 	const struct default_key_c *dkc = ti->private;
362 	const struct dm_dev *dev = dkc->dev;
363 
364 	*bdev = dev->bdev;
365 
366 	/* Only pass ioctls through if the device sizes match exactly. */
367 	if (dkc->start != 0 ||
368 	    ti->len != i_size_read(dev->bdev->bd_inode) >> SECTOR_SHIFT)
369 		return 1;
370 	return 0;
371 }
372 
default_key_iterate_devices(struct dm_target * ti,iterate_devices_callout_fn fn,void * data)373 static int default_key_iterate_devices(struct dm_target *ti,
374 				       iterate_devices_callout_fn fn,
375 				       void *data)
376 {
377 	const struct default_key_c *dkc = ti->private;
378 
379 	return fn(ti, dkc->dev, dkc->start, ti->len, data);
380 }
381 
default_key_io_hints(struct dm_target * ti,struct queue_limits * limits)382 static void default_key_io_hints(struct dm_target *ti,
383 				 struct queue_limits *limits)
384 {
385 	const struct default_key_c *dkc = ti->private;
386 	const unsigned int sector_size = dkc->sector_size;
387 
388 	limits->logical_block_size =
389 		max_t(unsigned int, limits->logical_block_size, sector_size);
390 	limits->physical_block_size =
391 		max_t(unsigned int, limits->physical_block_size, sector_size);
392 	limits->io_min = max_t(unsigned int, limits->io_min, sector_size);
393 }
394 
395 static struct target_type default_key_target = {
396 	.name			= "default-key",
397 	.version		= {2, 1, 0},
398 	.features		= DM_TARGET_PASSES_CRYPTO,
399 	.module			= THIS_MODULE,
400 	.ctr			= default_key_ctr,
401 	.dtr			= default_key_dtr,
402 	.map			= default_key_map,
403 	.status			= default_key_status,
404 	.prepare_ioctl		= default_key_prepare_ioctl,
405 	.iterate_devices	= default_key_iterate_devices,
406 	.io_hints		= default_key_io_hints,
407 };
408 
dm_default_key_init(void)409 static int __init dm_default_key_init(void)
410 {
411 	return dm_register_target(&default_key_target);
412 }
413 
dm_default_key_exit(void)414 static void __exit dm_default_key_exit(void)
415 {
416 	dm_unregister_target(&default_key_target);
417 }
418 
419 module_init(dm_default_key_init);
420 module_exit(dm_default_key_exit);
421 
422 MODULE_AUTHOR("Paul Lawrence <paullawrence@google.com>");
423 MODULE_AUTHOR("Paul Crowley <paulcrowley@google.com>");
424 MODULE_AUTHOR("Eric Biggers <ebiggers@google.com>");
425 MODULE_DESCRIPTION(DM_NAME " target for encrypting filesystem metadata");
426 MODULE_LICENSE("GPL");
427