ANDROID: fscrypt, blk-crypto: drop HW-wrapped key compatibility check
In the updated HW-wrapped key code in the android14 kernels, HW-wrapped keys are only allowed on a multi-block-device filesystem if they have a compatible HW-wrapped keys implementation. While in principle this is a good thing to check, my implementation of it, which simply checks whether the block devices have the same crypto profiles, doesn't work when device-mapper is being used. To actually do that check correctly, I think we'd need to add a HW-wrapped keys implementation name or ID to the crypto capabilities. That being said, in Android the HW-wrapped keys implementation is a global thing anyway. So in the interest of not overcomplicating things, for now let's just drop these extra checks that are causing problems. Bug: 160883801 Bug: 265180564 Fixes:4887dd4fe3("ANDROID: fscrypt: add support for hardware-wrapped keys") Fixes:3918b39c3e("ANDROID: update "block: add basic hardware-wrapped key support" to v7") Change-Id: Ia49d62cc2c56447fb898f19bf67df1a38af379f8 Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
Eric Biggers
Todd Kjos
@@ -467,9 +467,7 @@ EXPORT_SYMBOL_GPL(blk_crypto_register);
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* blk_crypto_derive_sw_secret() - Derive software secret from wrapped key
|
* blk_crypto_derive_sw_secret() - Derive software secret from wrapped key
|
||||||
* @bdev: a block device whose hardware-wrapped keys implementation is
|
* @bdev: a block device that supports hardware-wrapped keys
|
||||||
* compatible (blk_crypto_hw_wrapped_keys_compatible()) with all block
|
|
||||||
* devices on which the key will be used.
|
|
||||||
* @eph_key: the hardware-wrapped key in ephemerally-wrapped form
|
* @eph_key: the hardware-wrapped key in ephemerally-wrapped form
|
||||||
* @eph_key_size: size of @eph_key in bytes
|
* @eph_key_size: size of @eph_key in bytes
|
||||||
* @sw_secret: (output) the software secret
|
* @sw_secret: (output) the software secret
|
||||||
@@ -506,20 +504,6 @@ int blk_crypto_derive_sw_secret(struct block_device *bdev,
|
|||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(blk_crypto_derive_sw_secret);
|
EXPORT_SYMBOL_GPL(blk_crypto_derive_sw_secret);
|
||||||
|
|
||||||
/**
|
|
||||||
* blk_crypto_hw_wrapped_keys_compatible() - Check HW-wrapped key compatibility
|
|
||||||
* @bdev1: the first block device
|
|
||||||
* @bdev2: the second block device
|
|
||||||
*
|
|
||||||
* Return: true if HW-wrapped keys used on @bdev1 can also be used on @bdev2.
|
|
||||||
*/
|
|
||||||
bool blk_crypto_hw_wrapped_keys_compatible(struct block_device *bdev1,
|
|
||||||
struct block_device *bdev2)
|
|
||||||
{
|
|
||||||
return bdev_get_queue(bdev1)->crypto_profile ==
|
|
||||||
bdev_get_queue(bdev2)->crypto_profile;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* blk_crypto_intersect_capabilities() - restrict supported crypto capabilities
|
* blk_crypto_intersect_capabilities() - restrict supported crypto capabilities
|
||||||
* by child device
|
* by child device
|
||||||
|
|||||||
@@ -243,9 +243,6 @@ int fscrypt_derive_sw_secret(struct super_block *sb,
|
|||||||
const u8 *wrapped_key, size_t wrapped_key_size,
|
const u8 *wrapped_key, size_t wrapped_key_size,
|
||||||
u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
|
u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
|
||||||
{
|
{
|
||||||
struct block_device **devs;
|
|
||||||
unsigned int num_devs;
|
|
||||||
unsigned int i;
|
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
/* The filesystem must be mounted with -o inlinecrypt. */
|
/* The filesystem must be mounted with -o inlinecrypt. */
|
||||||
@@ -256,31 +253,12 @@ int fscrypt_derive_sw_secret(struct super_block *sb,
|
|||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
err = blk_crypto_derive_sw_secret(sb->s_bdev, wrapped_key,
|
||||||
* Hardware-wrapped keys might be specific to a particular storage
|
|
||||||
* device, so for now we don't allow them to be used if the filesystem
|
|
||||||
* uses block devices with different crypto profiles. This way, there
|
|
||||||
* is no ambiguity about which ->derive_sw_secret method to call.
|
|
||||||
*/
|
|
||||||
devs = fscrypt_get_devices(sb, &num_devs);
|
|
||||||
if (IS_ERR(devs))
|
|
||||||
return PTR_ERR(devs);
|
|
||||||
for (i = 1; i < num_devs; i++) {
|
|
||||||
if (!blk_crypto_hw_wrapped_keys_compatible(devs[0], devs[i])) {
|
|
||||||
fscrypt_warn(NULL,
|
|
||||||
"%s: unsupported multi-device configuration for hardware-wrapped keys",
|
|
||||||
sb->s_id);
|
|
||||||
kfree(devs);
|
|
||||||
return -EOPNOTSUPP;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
err = blk_crypto_derive_sw_secret(devs[0], wrapped_key,
|
|
||||||
wrapped_key_size, sw_secret);
|
wrapped_key_size, sw_secret);
|
||||||
if (err == -EOPNOTSUPP)
|
if (err == -EOPNOTSUPP)
|
||||||
fscrypt_warn(NULL,
|
fscrypt_warn(NULL,
|
||||||
"%s: block device doesn't support hardware-wrapped keys\n",
|
"%s: block device doesn't support hardware-wrapped keys\n",
|
||||||
sb->s_id);
|
sb->s_id);
|
||||||
kfree(devs);
|
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -163,9 +163,6 @@ int blk_crypto_derive_sw_secret(struct block_device *bdev,
|
|||||||
const u8 *eph_key, size_t eph_key_size,
|
const u8 *eph_key, size_t eph_key_size,
|
||||||
u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]);
|
u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]);
|
||||||
|
|
||||||
bool blk_crypto_hw_wrapped_keys_compatible(struct block_device *bdev1,
|
|
||||||
struct block_device *bdev2);
|
|
||||||
|
|
||||||
#else /* CONFIG_BLK_INLINE_ENCRYPTION */
|
#else /* CONFIG_BLK_INLINE_ENCRYPTION */
|
||||||
|
|
||||||
static inline bool bio_has_crypt_ctx(struct bio *bio)
|
static inline bool bio_has_crypt_ctx(struct bio *bio)
|
||||||
|
|||||||
Reference in New Issue
Block a user