1 // SPDX-License-Identifier: GPL-2.0-only 2 #include <linux/key.h> 3 #include <linux/keyctl.h> 4 #include <keys/user-type.h> 5 #include <linux/crash_dump.h> 6 #include <linux/cc_platform.h> 7 #include <linux/configfs.h> 8 #include <linux/module.h> 9 10 #define KEY_NUM_MAX 128 /* maximum dm crypt keys */ 11 #define KEY_SIZE_MAX 256 /* maximum dm crypt key size */ 12 #define KEY_DESC_MAX_LEN 128 /* maximum dm crypt key description size */ 13 14 static unsigned int key_count; 15 16 struct dm_crypt_key { 17 unsigned int key_size; 18 char key_desc[KEY_DESC_MAX_LEN]; 19 u8 data[KEY_SIZE_MAX]; 20 }; 21 22 static struct keys_header { 23 unsigned int total_keys; 24 struct dm_crypt_key keys[] __counted_by(total_keys); 25 } *keys_header; 26 27 static size_t get_keys_header_size(size_t total_keys) 28 { 29 return struct_size(keys_header, keys, total_keys); 30 } 31 32 unsigned long long dm_crypt_keys_addr; 33 EXPORT_SYMBOL_GPL(dm_crypt_keys_addr); 34 35 static int __init setup_dmcryptkeys(char *arg) 36 { 37 char *end; 38 39 if (!arg) 40 return -EINVAL; 41 dm_crypt_keys_addr = memparse(arg, &end); 42 if (end > arg) 43 return 0; 44 45 dm_crypt_keys_addr = 0; 46 return -EINVAL; 47 } 48 49 early_param("dmcryptkeys", setup_dmcryptkeys); 50 51 /* 52 * Architectures may override this function to read dm crypt keys 53 */ 54 ssize_t __weak dm_crypt_keys_read(char *buf, size_t count, u64 *ppos) 55 { 56 struct kvec kvec = { .iov_base = buf, .iov_len = count }; 57 struct iov_iter iter; 58 59 iov_iter_kvec(&iter, READ, &kvec, 1, count); 60 return read_from_oldmem(&iter, count, ppos, cc_platform_has(CC_ATTR_MEM_ENCRYPT)); 61 } 62 63 static int add_key_to_keyring(struct dm_crypt_key *dm_key, 64 key_ref_t keyring_ref) 65 { 66 key_ref_t key_ref; 67 int r; 68 69 /* create or update the requested key and add it to the target keyring */ 70 key_ref = key_create_or_update(keyring_ref, "user", dm_key->key_desc, 71 dm_key->data, dm_key->key_size, 72 KEY_USR_ALL, KEY_ALLOC_IN_QUOTA); 73 74 if (!IS_ERR(key_ref)) { 75 r = key_ref_to_ptr(key_ref)->serial; 76 key_ref_put(key_ref); 77 kexec_dprintk("Success adding key %s", dm_key->key_desc); 78 } else { 79 r = PTR_ERR(key_ref); 80 kexec_dprintk("Error when adding key"); 81 } 82 83 key_ref_put(keyring_ref); 84 return r; 85 } 86 87 static void get_keys_from_kdump_reserved_memory(void) 88 { 89 struct keys_header *keys_header_loaded; 90 91 arch_kexec_unprotect_crashkres(); 92 93 keys_header_loaded = kmap_local_page(pfn_to_page( 94 kexec_crash_image->dm_crypt_keys_addr >> PAGE_SHIFT)); 95 96 memcpy(keys_header, keys_header_loaded, get_keys_header_size(key_count)); 97 kunmap_local(keys_header_loaded); 98 arch_kexec_protect_crashkres(); 99 } 100 101 static int restore_dm_crypt_keys_to_thread_keyring(void) 102 { 103 struct dm_crypt_key *key; 104 size_t keys_header_size; 105 key_ref_t keyring_ref; 106 u64 addr; 107 108 /* find the target keyring (which must be writable) */ 109 keyring_ref = 110 lookup_user_key(KEY_SPEC_USER_KEYRING, 0x01, KEY_NEED_WRITE); 111 if (IS_ERR(keyring_ref)) { 112 kexec_dprintk("Failed to get the user keyring\n"); 113 return PTR_ERR(keyring_ref); 114 } 115 116 addr = dm_crypt_keys_addr; 117 dm_crypt_keys_read((char *)&key_count, sizeof(key_count), &addr); 118 if (key_count < 0 || key_count > KEY_NUM_MAX) { 119 kexec_dprintk("Failed to read the number of dm-crypt keys\n"); 120 return -1; 121 } 122 123 kexec_dprintk("There are %u keys\n", key_count); 124 addr = dm_crypt_keys_addr; 125 126 keys_header_size = get_keys_header_size(key_count); 127 keys_header = kzalloc(keys_header_size, GFP_KERNEL); 128 if (!keys_header) 129 return -ENOMEM; 130 131 dm_crypt_keys_read((char *)keys_header, keys_header_size, &addr); 132 133 for (int i = 0; i < keys_header->total_keys; i++) { 134 key = &keys_header->keys[i]; 135 kexec_dprintk("Get key (size=%u)\n", key->key_size); 136 add_key_to_keyring(key, keyring_ref); 137 } 138 139 return 0; 140 } 141 142 static int read_key_from_user_keying(struct dm_crypt_key *dm_key) 143 { 144 const struct user_key_payload *ukp; 145 struct key *key; 146 147 kexec_dprintk("Requesting logon key %s", dm_key->key_desc); 148 key = request_key(&key_type_logon, dm_key->key_desc, NULL); 149 150 if (IS_ERR(key)) { 151 pr_warn("No such logon key %s\n", dm_key->key_desc); 152 return PTR_ERR(key); 153 } 154 155 ukp = user_key_payload_locked(key); 156 if (!ukp) 157 return -EKEYREVOKED; 158 159 if (ukp->datalen > KEY_SIZE_MAX) { 160 pr_err("Key size %u exceeds maximum (%u)\n", ukp->datalen, KEY_SIZE_MAX); 161 return -EINVAL; 162 } 163 164 memcpy(dm_key->data, ukp->data, ukp->datalen); 165 dm_key->key_size = ukp->datalen; 166 kexec_dprintk("Get dm crypt key (size=%u) %s: %8ph\n", dm_key->key_size, 167 dm_key->key_desc, dm_key->data); 168 return 0; 169 } 170 171 struct config_key { 172 struct config_item item; 173 const char *description; 174 }; 175 176 static inline struct config_key *to_config_key(struct config_item *item) 177 { 178 return container_of(item, struct config_key, item); 179 } 180 181 static ssize_t config_key_description_show(struct config_item *item, char *page) 182 { 183 return sprintf(page, "%s\n", to_config_key(item)->description); 184 } 185 186 static ssize_t config_key_description_store(struct config_item *item, 187 const char *page, size_t count) 188 { 189 struct config_key *config_key = to_config_key(item); 190 size_t len; 191 int ret; 192 193 ret = -EINVAL; 194 len = strcspn(page, "\n"); 195 196 if (len > KEY_DESC_MAX_LEN) { 197 pr_err("The key description shouldn't exceed %u characters", KEY_DESC_MAX_LEN); 198 return ret; 199 } 200 201 if (!len) 202 return ret; 203 204 kfree(config_key->description); 205 ret = -ENOMEM; 206 config_key->description = kmemdup_nul(page, len, GFP_KERNEL); 207 if (!config_key->description) 208 return ret; 209 210 return count; 211 } 212 213 CONFIGFS_ATTR(config_key_, description); 214 215 static struct configfs_attribute *config_key_attrs[] = { 216 &config_key_attr_description, 217 NULL, 218 }; 219 220 static void config_key_release(struct config_item *item) 221 { 222 kfree(to_config_key(item)); 223 key_count--; 224 } 225 226 static struct configfs_item_operations config_key_item_ops = { 227 .release = config_key_release, 228 }; 229 230 static const struct config_item_type config_key_type = { 231 .ct_item_ops = &config_key_item_ops, 232 .ct_attrs = config_key_attrs, 233 .ct_owner = THIS_MODULE, 234 }; 235 236 static struct config_item *config_keys_make_item(struct config_group *group, 237 const char *name) 238 { 239 struct config_key *config_key; 240 241 if (key_count > KEY_NUM_MAX) { 242 pr_err("Only %u keys at maximum to be created\n", KEY_NUM_MAX); 243 return ERR_PTR(-EINVAL); 244 } 245 246 config_key = kzalloc(sizeof(struct config_key), GFP_KERNEL); 247 if (!config_key) 248 return ERR_PTR(-ENOMEM); 249 250 config_item_init_type_name(&config_key->item, name, &config_key_type); 251 252 key_count++; 253 254 return &config_key->item; 255 } 256 257 static ssize_t config_keys_count_show(struct config_item *item, char *page) 258 { 259 return sprintf(page, "%d\n", key_count); 260 } 261 262 CONFIGFS_ATTR_RO(config_keys_, count); 263 264 static bool is_dm_key_reused; 265 266 static ssize_t config_keys_reuse_show(struct config_item *item, char *page) 267 { 268 return sprintf(page, "%d\n", is_dm_key_reused); 269 } 270 271 static ssize_t config_keys_reuse_store(struct config_item *item, 272 const char *page, size_t count) 273 { 274 if (!kexec_crash_image || !kexec_crash_image->dm_crypt_keys_addr) { 275 kexec_dprintk( 276 "dm-crypt keys haven't be saved to crash-reserved memory\n"); 277 return -EINVAL; 278 } 279 280 if (kstrtobool(page, &is_dm_key_reused)) 281 return -EINVAL; 282 283 if (is_dm_key_reused) 284 get_keys_from_kdump_reserved_memory(); 285 286 return count; 287 } 288 289 CONFIGFS_ATTR(config_keys_, reuse); 290 291 static struct configfs_attribute *config_keys_attrs[] = { 292 &config_keys_attr_count, 293 &config_keys_attr_reuse, 294 NULL, 295 }; 296 297 /* 298 * Note that, since no extra work is required on ->drop_item(), 299 * no ->drop_item() is provided. 300 */ 301 static struct configfs_group_operations config_keys_group_ops = { 302 .make_item = config_keys_make_item, 303 }; 304 305 static const struct config_item_type config_keys_type = { 306 .ct_group_ops = &config_keys_group_ops, 307 .ct_attrs = config_keys_attrs, 308 .ct_owner = THIS_MODULE, 309 }; 310 311 static bool restore; 312 313 static ssize_t config_keys_restore_show(struct config_item *item, char *page) 314 { 315 return sprintf(page, "%d\n", restore); 316 } 317 318 static ssize_t config_keys_restore_store(struct config_item *item, 319 const char *page, size_t count) 320 { 321 if (!restore) 322 restore_dm_crypt_keys_to_thread_keyring(); 323 324 if (kstrtobool(page, &restore)) 325 return -EINVAL; 326 327 return count; 328 } 329 330 CONFIGFS_ATTR(config_keys_, restore); 331 332 static struct configfs_attribute *kdump_config_keys_attrs[] = { 333 &config_keys_attr_restore, 334 NULL, 335 }; 336 337 static const struct config_item_type kdump_config_keys_type = { 338 .ct_attrs = kdump_config_keys_attrs, 339 .ct_owner = THIS_MODULE, 340 }; 341 342 static struct configfs_subsystem config_keys_subsys = { 343 .su_group = { 344 .cg_item = { 345 .ci_namebuf = "crash_dm_crypt_keys", 346 .ci_type = &config_keys_type, 347 }, 348 }, 349 }; 350 351 static int build_keys_header(void) 352 { 353 struct config_item *item = NULL; 354 struct config_key *key; 355 int i, r; 356 357 if (keys_header != NULL) 358 kvfree(keys_header); 359 360 keys_header = kzalloc(get_keys_header_size(key_count), GFP_KERNEL); 361 if (!keys_header) 362 return -ENOMEM; 363 364 keys_header->total_keys = key_count; 365 366 i = 0; 367 list_for_each_entry(item, &config_keys_subsys.su_group.cg_children, 368 ci_entry) { 369 if (item->ci_type != &config_key_type) 370 continue; 371 372 key = to_config_key(item); 373 374 if (!key->description) { 375 pr_warn("No key description for key %s\n", item->ci_name); 376 return -EINVAL; 377 } 378 379 strscpy(keys_header->keys[i].key_desc, key->description, 380 KEY_DESC_MAX_LEN); 381 r = read_key_from_user_keying(&keys_header->keys[i]); 382 if (r != 0) { 383 kexec_dprintk("Failed to read key %s\n", 384 keys_header->keys[i].key_desc); 385 return r; 386 } 387 i++; 388 kexec_dprintk("Found key: %s\n", item->ci_name); 389 } 390 391 return 0; 392 } 393 394 int crash_load_dm_crypt_keys(struct kimage *image) 395 { 396 struct kexec_buf kbuf = { 397 .image = image, 398 .buf_min = 0, 399 .buf_max = ULONG_MAX, 400 .top_down = false, 401 .random = true, 402 }; 403 int r; 404 405 406 if (key_count <= 0) { 407 kexec_dprintk("No dm-crypt keys\n"); 408 return -ENOENT; 409 } 410 411 if (!is_dm_key_reused) { 412 image->dm_crypt_keys_addr = 0; 413 r = build_keys_header(); 414 if (r) 415 return r; 416 } 417 418 kbuf.buffer = keys_header; 419 kbuf.bufsz = get_keys_header_size(key_count); 420 421 kbuf.memsz = kbuf.bufsz; 422 kbuf.buf_align = ELF_CORE_HEADER_ALIGN; 423 kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; 424 r = kexec_add_buffer(&kbuf); 425 if (r) { 426 kvfree((void *)kbuf.buffer); 427 return r; 428 } 429 image->dm_crypt_keys_addr = kbuf.mem; 430 image->dm_crypt_keys_sz = kbuf.bufsz; 431 kexec_dprintk( 432 "Loaded dm crypt keys to kexec_buffer bufsz=0x%lx memsz=0x%lx\n", 433 kbuf.bufsz, kbuf.memsz); 434 435 return r; 436 } 437 438 static int __init configfs_dmcrypt_keys_init(void) 439 { 440 int ret; 441 442 if (is_kdump_kernel()) { 443 config_keys_subsys.su_group.cg_item.ci_type = 444 &kdump_config_keys_type; 445 } 446 447 config_group_init(&config_keys_subsys.su_group); 448 mutex_init(&config_keys_subsys.su_mutex); 449 ret = configfs_register_subsystem(&config_keys_subsys); 450 if (ret) { 451 pr_err("Error %d while registering subsystem %s\n", ret, 452 config_keys_subsys.su_group.cg_item.ci_namebuf); 453 goto out_unregister; 454 } 455 456 return 0; 457 458 out_unregister: 459 configfs_unregister_subsystem(&config_keys_subsys); 460 461 return ret; 462 } 463 464 module_init(configfs_dmcrypt_keys_init); 465