Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp773578imm; Thu, 13 Sep 2018 07:32:33 -0700 (PDT) X-Google-Smtp-Source: ANB0VdaYAo4n5/59SwRpVCAv7H2oswy5HOBN8NP7/zcmGznR3lKM5gTFhEccx5KoRD84bAZ7CYsB X-Received: by 2002:a17:902:74ca:: with SMTP id f10-v6mr7713813plt.260.1536849153736; Thu, 13 Sep 2018 07:32:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536849153; cv=none; d=google.com; s=arc-20160816; b=a5qsdRuLw+JuLs4O1zdChWSfE409XKpqzVzEmsQwm963v3NkqzR2jkY/hb4/U+NooD YoOsX4DT9p6MiGgYZmfaCMFAy+1h3WXoEFGodq6azxmtCvLgAtbdyda6Rx4j+2ROsHyU fmib1keRm+ejVGmVIRr/dTEE217534gs/2M29Ad7E96cRK4S8P9Cea1OQClQg5okdZ35 RHgnTiZvMB6P8VTYVDwIUt17ncXt3FMotbbrlDJdd5kwykZ0qvJBtVpxHNoavsEC2EEf 2MF14BgPxhiU6P/Q5RSEoueyAIahqdWZOcxTCMzV/v4Zuj4hlaH9gU6TCk5nbpEPSAlu p9iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=NkGUmS9vIBnUyKuK2kh1pZO1tM4bGTQzcxbwLXk40GY=; b=Va8geDdTgEl7ylAc4McrSwz6K1a8xXGwnnJIBsoA9vdmy2c/AuzE1cFUSoEp0yt3RN 7CYtNqYkg5dBKvu2dGaLruK+31xRibIMQXorLdKkV7G5mjD//CkqmihPNf0EXmkqh5b6 ddtu4gJa3PbvRdoJoaZEJ112EfPajjI6+uEvAPzK3JU6uX8Oys+RI3rHLj0zStB9BQrL iWRJ7Zb01UpiEjCGPi7XIbXXq0gNp86OOpfdZVoQCNxNzMxdds2JADP+g1fj/UazdCrh HKEHGS6s9A/j0a9UB/7RxmPCumXCr7sMhA5NCcO1eUjytsamP9ra0j8CZMnRfMTeYC5S jL5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=OZbqiTUw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n14-v6si4268363pgg.216.2018.09.13.07.31.57; Thu, 13 Sep 2018 07:32:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=OZbqiTUw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727873AbeIMTlc (ORCPT + 99 others); Thu, 13 Sep 2018 15:41:32 -0400 Received: from mail-ot1-f66.google.com ([209.85.210.66]:40782 "EHLO mail-ot1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727473AbeIMTlc (ORCPT ); Thu, 13 Sep 2018 15:41:32 -0400 Received: by mail-ot1-f66.google.com with SMTP id v10-v6so1418268otk.7 for ; Thu, 13 Sep 2018 07:31:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NkGUmS9vIBnUyKuK2kh1pZO1tM4bGTQzcxbwLXk40GY=; b=OZbqiTUwOZZ1qHwyz90bNbKJ48HtcdyYeXaBFHeXA+JQWTFsA2dP2VJx/8BUvoxBHk 4iktUlTRR/saRwc3GVO0B5NMPQWONhkXq0IHSvZiOYThhn20ICeBc8w+LU8WcuNrHdw/ qwsAH2ksfp/ciMSsIxuDTgiEU3JmeetRNfO8X+8Ph8ygIKrhHYPlU9m8+u0XI81rb15Y cRil6axwKGtDwixftkxgEs8/snadHRL/RPa90WEqzEPpiozsfigpKtoRFdji496amWDk mK6AoPGkQCnNY9MHfhKT7w8A2AoBECMuZMVNdlnzu5SfKfcp4OhI74X9xPxPPli86J7w nGmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NkGUmS9vIBnUyKuK2kh1pZO1tM4bGTQzcxbwLXk40GY=; b=Qq4MI/A4cNsbNxkhyAufvPUwr0Z4R2eG3KaIbIb50fzoH2wxcHt8Idpf0OUnx1GXLE Zug3vcWBrHIL1i1vqwwUqouVeYdDKgOZWmXtH3Kw5OX+xNxbFQBjWpbGPwBMhZ5rPQUw 2BdpFhXaDHczI83rcJAXM5KXeVprUGWHao9OIhSL1JDc52AfxRdIju8LOPTCR74oSamD XZ+VoexlLvU00pvBWJpjPuApF0zOIVGsc9PeIM0vav4OWgepEynmkBeEVuqs9CGms7bY CPdnxl3/gQ7N7s0exMWjMMf7QY7L5PXJdRbyzr8haVEyVhAVDTSHs4c6PQUTpoIlVAhR f7fA== X-Gm-Message-State: APzg51BBEbZ2SIlmdESbHu9tJOpyYNrFWdYEeDCUslIhM0fItXxNKoVE i/ya9fmuSvSKXmlt+YuFqetHvSxAyC/S4fipxwnzxQ== X-Received: by 2002:a9d:436a:: with SMTP id y39-v6mr1354508oti.166.1536849104762; Thu, 13 Sep 2018 07:31:44 -0700 (PDT) MIME-Version: 1.0 References: <20180912142337.21955-1-jlee@suse.com> <20180912142337.21955-2-jlee@suse.com> In-Reply-To: <20180912142337.21955-2-jlee@suse.com> From: Jann Horn Date: Thu, 13 Sep 2018 16:31:18 +0200 Message-ID: Subject: Re: [PATCH 1/5] PM / hibernate: Create snapshot keys handler To: joeyli.kernel@gmail.com Cc: rjw@rjwysocki.net, Pavel Machek , kernel list , linux-pm@vger.kernel.org, joeyli , rafael.j.wysocki@intel.com, yu.c.chen@intel.com, oneukum@suse.com, yu.chen.surf@gmail.com, David Howells , ggherdovich@suse.cz, keyrings@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +cc keyrings list On Thu, Sep 13, 2018 at 4:08 PM Lee, Chun-Yi wrote: > This patch adds a snapshot keys handler for using the key retention > service api to create keys for snapshot image encryption and > authentication. > > This handler uses TPM trusted key as the snapshot master key, and the > encryption key and authentication key are derived from the snapshot > key. The user defined key can also be used as the snapshot master key > , but user must be aware that the security of user key relies on user > space. > > The name of snapshot key is fixed to "swsusp-kmk". User should use > the keyctl tool to load the key blob to root's user keyring. e.g. > > # /bin/keyctl add trusted swsusp-kmk "load `cat swsusp-kmk.blob`" @u > > or create a new user key. e.g. > > # /bin/keyctl add user swsusp-kmk password @u > > Then the disk_kmk sysfs file can be used to trigger the initialization > of snapshot key: > > # echo 1 > /sys/power/disk_kmk > > After the initialization be triggered, the secret in the payload of > swsusp-key will be copied by hibernation and be erased. Then user can > use keyctl to remove swsusp-kmk key from root's keyring. > > If user does not trigger the initialization by disk_kmk file after > swsusp-kmk be loaded to kernel. Then the snapshot key will be > initialled when hibernation be triggered. [...] > +static ssize_t disk_kmk_store(struct kobject *kobj, struct kobj_attribute *attr, > + const char *buf, size_t n) > +{ > + int error = 0; > + char *p; > + int len; > + > + if (!capable(CAP_SYS_ADMIN)) > + return -EPERM; This is wrong, you can't use capable() in a write handler. You'd have to use file_ns_capable(), and I think sysfs currently doesn't give you a pointer to the struct file. If you want to do this in a write handler, you'll have to either get rid of this check or plumb through the cred struct pointer. Alternatively, you could use some interface that doesn't go through a write handler. > + p = memchr(buf, '\n', n); > + len = p ? p - buf : n; > + if (strncmp(buf, "1", len)) > + return -EINVAL; > + > + error = snapshot_key_init(); > + > + return error ? error : n; > +} > + [...] > + > +static int user_key_init(void) > +{ > + struct user_key_payload *ukp; > + struct key *key; > + int err = 0; > + > + pr_debug("%s\n", __func__); > + > + /* find out swsusp-key */ > + key = request_key(&key_type_user, skey.key_name, NULL); request_key() looks at current's keyring. That shouldn't happen in a write handler. > + if (IS_ERR(key)) { > + pr_err("Request key error: %ld\n", PTR_ERR(key)); > + err = PTR_ERR(key); > + return err; > + } > + > + down_write(&key->sem); > + ukp = user_key_payload_locked(key); > + if (!ukp) { > + /* key was revoked before we acquired its semaphore */ > + err = -EKEYREVOKED; > + goto key_invalid; > + } > + if (invalid_key(ukp->data, ukp->datalen)) { > + err = -EINVAL; > + goto key_invalid; > + } > + skey.key_len = ukp->datalen; > + memcpy(skey.key, ukp->data, ukp->datalen); > + /* burn the original key contents */ > + memzero_explicit(ukp->data, ukp->datalen); You just zero out the contents of the supplied key? That seems very unidiomatic for the keys subsystem, and makes me wonder why you're using the keys subsystem for this in the first place. It doesn't look like normal use of the keys subsystem. > +key_invalid: > + up_write(&key->sem); > + key_put(key); > + > + return err; > +} > + > +/* this function may sleeps */ > +int snapshot_key_init(void) > +{ > + int err; > + > + pr_debug("%s\n", __func__); > + > + if (skey.initialized) > + return 0; > + > + hash_tfm = crypto_alloc_shash(hash_alg, 0, CRYPTO_ALG_ASYNC); > + if (IS_ERR(hash_tfm)) { > + pr_err("Can't allocate %s transform: %ld\n", > + hash_alg, PTR_ERR(hash_tfm)); > + return PTR_ERR(hash_tfm); > + } > + > + err = trusted_key_init(); > + if (err) > + err = user_key_init(); > + if (err) > + goto key_fail; > + > + skey.initialized = true; Does this need a memory barrier to prevent reordering of the "skey.initialized = true" assignment before the key is fully initialized? > + > + pr_info("Snapshot key is initialled.\n"); > + > + return 0; > + > +key_fail: > + crypto_free_shash(hash_tfm); > + hash_tfm = NULL; > + > + return err; > +} > -- > 2.13.6 > >