Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp676273imm; Wed, 18 Jul 2018 08:49:40 -0700 (PDT) X-Google-Smtp-Source: AAOMgpc8vEa/hyedN6J/WUdJy7jEnTKyAI7NTXm3MxyhV027anUKO9TjXXkAE6h++Hbrs/xdo2ju X-Received: by 2002:a17:902:6b0b:: with SMTP id o11-v6mr6579008plk.101.1531928980915; Wed, 18 Jul 2018 08:49:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531928980; cv=none; d=google.com; s=arc-20160816; b=iUzdh156DRTJSGIPivos5mvdD/5OR5jU1uRvxFjlZ4Q0jA/5CM9jEyQ1WcRx+RzrBn HzM/Of6JMZMVyzmyin9r1HOsmI7PEhdrJgP9uJQ7tna7Im+LXtSPwjb8Rt5Kon7F7bcl u2Hn96xoxXYkr1olurJ/qsVuY6LzGjSDe5JaHjhfkMtKQXUrM3DgDgotxIjZz0VDhUBw RhK3+ByHqtTMIN3ixvmdhNu04ElrWRSlJJAuFQ908TvSMhJWWn6wdKy/5xITw1UJhIzb cOODPGi03CU1e2a6CBcnwAGMs/QQJJLQs4STExa/1jzhcVKMWsx9XvQ+w7JOAY4eouRw Z8eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=L+ahukbM0YBNrQZz07wSF91tonSE0K1tSyWHQEmCJO0=; b=JPcJe25z8N/KSYoJyNDZgPUhhwUIXRACXKXT4IJUKjQLS2Gr6vQK7HnjWlaIyZDQ3D f4ZwssIu/KbOLLB7LP1wd/SMrXI1gNsri8G0RlTWJyTRp6tci8GMBgjkg/JXtizJKVBX 2Pna/Cq+btMTkt1xScC3LFRa/E6We/XxJGGLxN/mAv3Z4IiufYNtkH7tMPh33xxw6WeV 1RGo59rZHCcq8IVsMMZp4+gE8ziwuuOn5BuP4P0Ko7kB35SnvrVFogHUF5Gs2nHzJ2/j 2RzKR6l28FFM4oY1c+6DBiPennCW2B24/ICo9sRgfEZfhIB+IftlgNQEvDC/opDhhv3o M0aw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b39-v6si3502048plb.249.2018.07.18.08.49.25; Wed, 18 Jul 2018 08:49:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731128AbeGRQ1V (ORCPT + 99 others); Wed, 18 Jul 2018 12:27:21 -0400 Received: from smtp.nue.novell.com ([195.135.221.5]:37883 "EHLO smtp.nue.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730436AbeGRQ1V (ORCPT ); Wed, 18 Jul 2018 12:27:21 -0400 Received: from linux-l9pv.suse (124-11-22-254.static.tfn.net.tw [124.11.22.254]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Wed, 18 Jul 2018 17:48:45 +0200 Date: Wed, 18 Jul 2018 23:48:19 +0800 From: joeyli To: Yu Chen Cc: "Rafael J. Wysocki" , Pavel Machek , Len Brown , Borislav Petkov , linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org, "Rafael J . Wysocki" , "Gu, Kookoo" Subject: Re: [PATCH 2/3][RFC] PM / Hibernate: Encrypt the snapshot pages before submitted to the block device Message-ID: <20180718154819.GH18419@linux-l9pv.suse> References: <5a1cc6bff40ff9a3e023392c69b881e91b16837a.1529486870.git.yu.c.chen@intel.com> <20180628130641.GG3628@linux-l9pv.suse> <20180628135017.GA6561@sandybridge-desktop> <20180628142856.GH3628@linux-l9pv.suse> <20180628145207.GA10891@sandybridge-desktop> <20180629125943.GK3628@linux-l9pv.suse> <20180706152856.GB9631@sandybridge-desktop> <20180712101037.GI7985@linux-l9pv.suse> <20180713073425.GA29266@sandybridge-desktop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180713073425.GA29266@sandybridge-desktop> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jul 13, 2018 at 03:34:25PM +0800, Yu Chen wrote: > Hi, > On Thu, Jul 12, 2018 at 06:10:37PM +0800, joeyli wrote: > > Hi Yu Chen, > > > > Sorry for my delay... > > > > On Fri, Jul 06, 2018 at 11:28:56PM +0800, Yu Chen wrote: [...snip] > > > > Why the cryption code must be indepent of snapshot code? > > > > > > > Modules can be easier to be maintained and customized/improved in the future IMO.. > > > > hm... currently I didn't see apparent benefit on this... > > > > About modularization, is it possible to separate the key handler code > > from crypto_hibernation.c? Otherwise the snapshot signature needs > > to depend on encrypt function. > > > I understand. > It seems that we can reuse crypto_data() for the signature logic. > For example, add one parameter for crypto_data(..., crypto_mode) > the crypto_mode is a combination of ENCRYPT/DECRYPT/SIGNATURE_START/SIGNATURE_END, > and can be controled by sysfs. If SIGNATURE_START is enabled, the crypto_data() > invokes crypto_shash_update() to get "hmac(sha512)" hash, and if SIGNATURE_END > is enabled, crypto_shash_final() stores the final result in global buffer I agree that the swsusp_prepare and hmac-hash codes can be extract to crypto_hibernation. > struct hibernation_crypto.keys.digest[SNAPSHOT_DIGEST_SIZE] which can be > passed to the restore kernel, the same as the salt. Besides, The salt is stored in the swsusp_header and put in swap. What I want is that the signature of snapshot should be keep in the snapshot header as my original design in patch. The benefit is that the snapshot with signature can be stored to any place but not just swap. The user space can take snapshot image with signature to anywhere. > the swsusp_prepare_hash() in your code could be moved into > init_crypto_helper(), thus the signature key could also reuse > the same key passed from user space or via get_efi_secret_key(). > In this way, the change in snapshot.c is minimal and the crypto > facilities could be maintained in one file. I agree. But as I mentioned in that mail, the key handler codes in hibernation_crypto() should be extract to another C file to avoid the logic is mixed with the crypto code. The benefit is that we can add more key sources like encrypted key or EFI key in the future. > > > > > 2. There's no need to traverse the snapshot image twice, if the > > > > > image is large(there's requirement on servers now) we can > > > > > simplyly do the encryption before the disk IO, and this is > > > > > why PATCH[2/3] looks like this. > > > > > > > > If the encryption solution is only for block device, then the uswsusp > > > > interface must be locked-down when kernel is in locked mode: > > > > > > > > uswsusp: Disable when the kernel is locked down > > > > https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit/?h=lockdown-20180410&id=8732c1663d7c0305ae01ba5a1ee4d2299b7b4612 > > > > > > > > I still suggest to keep the solution to direct encript the snapshot > > > > image for uswsusp because the snapshot can be encrypted by kernel > > > > before user space get it. > > > > > > > > I mean that if the uswsusp be used, then kernel direct encrypts the > > > > snapshot image, otherwise kernel encrypts pages before block io. > > > > > > > I did not quite get the point, if the kernel has been locked down, > > > then the uswsusp is disabled, why the kernel encrypts the snapshot > > > for uswsusp? > > > > There have some functions be locked-down because there have no > > appropriate mechanisms to check the integrity of writing data. If > > the snapshot image can be encrypted and authentication, then the > > uswsusp interface is avaiable for userspace. We do not need to lock > > it down. > Ok, I got your point. To be honest, I like your implementation to treat > the snapshot data seperately except that it might cause small overhead > when traversing large number of snapshot and make snapshot logic a little > coupling with crypto logic. Let me send our v2 using the crypto-before-blockio > for review and maybe change to your solution using the encapsulated APIs in > crypto_hibernate.c. Because sometimes I stick on other topics... If you are urgent for pushing your encryption solution. Please do not consider too much on signature check. Just complete your patches and push to kernel mainline. I will follow your result to respin my signature work. Thanks Joey Lee