ANDROID: fscrypt, blk-crypto: drop HW-wrapped key compatibility check

In the updated HW-wrapped key code in the android14 kernels, HW-wrapped keys are only allowed on a multi-block-device filesystem if they have a compatible HW-wrapped keys implementation. While in principle this is a good thing to check, my implementation of it, which simply checks whether the block devices have the same crypto profiles, doesn't work when device-mapper is being used. To actually do that check correctly, I think we'd need to add a HW-wrapped keys implementation name or ID to the crypto capabilities. That being said, in Android the HW-wrapped keys implementation is a global thing anyway. So in the interest of not overcomplicating things, for now let's just drop these extra checks that are causing problems. Bug: 160883801 Bug: 265180564 Fixes: 4887dd4fe3 ("ANDROID: fscrypt: add support for hardware-wrapped keys") Fixes: 3918b39c3e ("ANDROID: update "block: add basic hardware-wrapped key support" to v7") Change-Id: Ia49d62cc2c56447fb898f19bf67df1a38af379f8 Signed-off-by: Eric Biggers <ebiggers@google.com>
2023-01-13 00:23:41 +00:00
parent a8962f626f
commit b170ae24d0
3 changed files with 2 additions and 43 deletions
--- a/block/blk-crypto-profile.c
+++ b/block/blk-crypto-profile.c
@@ -467,9 +467,7 @@ EXPORT_SYMBOL_GPL(blk_crypto_register);

 /**
 * blk_crypto_derive_sw_secret() - Derive software secret from wrapped key
- * @bdev: a block device whose hardware-wrapped keys implementation is
- *	  compatible (blk_crypto_hw_wrapped_keys_compatible()) with all block
- *	  devices on which the key will be used.
+ * @bdev: a block device that supports hardware-wrapped keys
 * @eph_key: the hardware-wrapped key in ephemerally-wrapped form
 * @eph_key_size: size of @eph_key in bytes
 * @sw_secret: (output) the software secret
@@ -506,20 +504,6 @@ int blk_crypto_derive_sw_secret(struct block_device *bdev,
 }
 EXPORT_SYMBOL_GPL(blk_crypto_derive_sw_secret);

-/**
- * blk_crypto_hw_wrapped_keys_compatible() - Check HW-wrapped key compatibility
- * @bdev1: the first block device
- * @bdev2: the second block device
- *
- * Return: true if HW-wrapped keys used on @bdev1 can also be used on @bdev2.
- */
-bool blk_crypto_hw_wrapped_keys_compatible(struct block_device *bdev1,
-					   struct block_device *bdev2)
-{
-	return bdev_get_queue(bdev1)->crypto_profile ==
-		bdev_get_queue(bdev2)->crypto_profile;
-}
-
 /**
 * blk_crypto_intersect_capabilities() - restrict supported crypto capabilities
 *					 by child device
--- a/fs/crypto/inline_crypt.c
+++ b/fs/crypto/inline_crypt.c
@@ -243,9 +243,6 @@ int fscrypt_derive_sw_secret(struct super_block *sb,
 			     const u8 *wrapped_key, size_t wrapped_key_size,
 			     u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
 {
-	struct block_device **devs;
-	unsigned int num_devs;
-	unsigned int i;
 	int err;

 	/* The filesystem must be mounted with -o inlinecrypt. */
@@ -256,31 +253,12 @@ int fscrypt_derive_sw_secret(struct super_block *sb,
 		return -EOPNOTSUPP;
 	}

-	/*
-	 * Hardware-wrapped keys might be specific to a particular storage
-	 * device, so for now we don't allow them to be used if the filesystem
-	 * uses block devices with different crypto profiles.  This way, there
-	 * is no ambiguity about which ->derive_sw_secret method to call.
-	 */
-	devs = fscrypt_get_devices(sb, &num_devs);
-	if (IS_ERR(devs))
-		return PTR_ERR(devs);
-	for (i = 1; i < num_devs; i++) {
-		if (!blk_crypto_hw_wrapped_keys_compatible(devs[0], devs[i])) {
-			fscrypt_warn(NULL,
-				     "%s: unsupported multi-device configuration for hardware-wrapped keys",
-				     sb->s_id);
-			kfree(devs);
-			return -EOPNOTSUPP;
-		}
-	}
-	err = blk_crypto_derive_sw_secret(devs[0], wrapped_key,
+	err = blk_crypto_derive_sw_secret(sb->s_bdev, wrapped_key,
 					  wrapped_key_size, sw_secret);
 	if (err == -EOPNOTSUPP)
 		fscrypt_warn(NULL,
 			     "%s: block device doesn't support hardware-wrapped keys\n",
 			     sb->s_id);
-	kfree(devs);
 	return err;
 }

--- a/include/linux/blk-crypto.h
+++ b/include/linux/blk-crypto.h
@@ -163,9 +163,6 @@ int blk_crypto_derive_sw_secret(struct block_device *bdev,
 				const u8 *eph_key, size_t eph_key_size,
 				u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]);

-bool blk_crypto_hw_wrapped_keys_compatible(struct block_device *bdev1,
-					   struct block_device *bdev2);
-
 #else /* CONFIG_BLK_INLINE_ENCRYPTION */

 static inline bool bio_has_crypt_ctx(struct bio *bio)