Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include "KeyUtil.h" |
| 18 | |
| 19 | #include <iomanip> |
| 20 | #include <sstream> |
| 21 | #include <string> |
| 22 | |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 23 | #include <fcntl.h> |
Eric Biggers | 3e9c996 | 2019-12-16 15:55:12 -0800 | [diff] [blame] | 24 | #include <linux/fscrypt.h> |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 25 | #include <openssl/sha.h> |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 26 | #include <sys/ioctl.h> |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 27 | |
| 28 | #include <android-base/file.h> |
| 29 | #include <android-base/logging.h> |
Nikita Ioffe | eea8bd3 | 2020-04-20 22:21:49 +0100 | [diff] [blame] | 30 | #include <android-base/properties.h> |
Elliott Hughes | c3bda18 | 2017-05-09 17:01:04 -0700 | [diff] [blame] | 31 | #include <keyutils.h> |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 32 | |
| 33 | #include "KeyStorage.h" |
| 34 | #include "Utils.h" |
| 35 | |
| 36 | namespace android { |
| 37 | namespace vold { |
| 38 | |
Paul Crowley | f443038 | 2020-04-05 19:34:31 -0700 | [diff] [blame] | 39 | using android::fscrypt::EncryptionOptions; |
| 40 | using android::fscrypt::EncryptionPolicy; |
| 41 | |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 42 | const KeyGeneration neverGen() { |
| 43 | return KeyGeneration{0, false, false}; |
| 44 | } |
| 45 | |
| 46 | static bool randomKey(size_t size, KeyBuffer* key) { |
| 47 | *key = KeyBuffer(size); |
Pavel Grafov | e2e2d30 | 2017-08-01 17:15:53 +0100 | [diff] [blame] | 48 | if (ReadRandomBytes(key->size(), key->data()) != 0) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 49 | // TODO status_t plays badly with PLOG, fix it. |
| 50 | LOG(ERROR) << "Random read failed"; |
| 51 | return false; |
| 52 | } |
| 53 | return true; |
| 54 | } |
| 55 | |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 56 | bool generateStorageKey(const KeyGeneration& gen, KeyBuffer* key) { |
David Anderson | e179157 | 2021-11-05 18:57:49 -0700 | [diff] [blame] | 57 | if (!gen.allow_gen) { |
| 58 | LOG(ERROR) << "Generating storage key not allowed"; |
| 59 | return false; |
| 60 | } |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 61 | if (gen.use_hw_wrapped_key) { |
| 62 | if (gen.keysize != FSCRYPT_MAX_KEY_SIZE) { |
| 63 | LOG(ERROR) << "Cannot generate a wrapped key " << gen.keysize << " bytes long"; |
| 64 | return false; |
| 65 | } |
Eric Biggers | b2024e0 | 2021-03-15 12:44:36 -0700 | [diff] [blame] | 66 | LOG(DEBUG) << "Generating wrapped storage key"; |
Barani Muthukumaran | 3dfb094 | 2020-02-03 13:06:45 -0800 | [diff] [blame] | 67 | return generateWrappedStorageKey(key); |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 68 | } else { |
Eric Biggers | b2024e0 | 2021-03-15 12:44:36 -0700 | [diff] [blame] | 69 | LOG(DEBUG) << "Generating standard storage key"; |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 70 | return randomKey(gen.keysize, key); |
Barani Muthukumaran | 3dfb094 | 2020-02-03 13:06:45 -0800 | [diff] [blame] | 71 | } |
Barani Muthukumaran | 3dfb094 | 2020-02-03 13:06:45 -0800 | [diff] [blame] | 72 | } |
| 73 | |
Eric Biggers | 7604eb9 | 2020-07-16 14:29:59 -0700 | [diff] [blame] | 74 | static bool isFsKeyringSupportedImpl() { |
| 75 | android::base::unique_fd fd(open("/data", O_RDONLY | O_DIRECTORY | O_CLOEXEC)); |
| 76 | |
| 77 | // FS_IOC_ADD_ENCRYPTION_KEY with a NULL argument will fail with ENOTTY if |
| 78 | // the ioctl isn't supported. Otherwise it will fail with another error |
| 79 | // code such as EFAULT. |
| 80 | // |
| 81 | // Note that there's no need to check for FS_IOC_REMOVE_ENCRYPTION_KEY, |
| 82 | // since it's guaranteed to be available if FS_IOC_ADD_ENCRYPTION_KEY is. |
| 83 | // There's also no need to check for support on external volumes separately |
| 84 | // from /data, since either the kernel supports the ioctls on all |
| 85 | // fscrypt-capable filesystems or it doesn't. |
| 86 | errno = 0; |
| 87 | (void)ioctl(fd, FS_IOC_ADD_ENCRYPTION_KEY, NULL); |
| 88 | if (errno == ENOTTY) { |
| 89 | LOG(INFO) << "Kernel doesn't support FS_IOC_ADD_ENCRYPTION_KEY. Falling back to " |
| 90 | "session keyring"; |
| 91 | return false; |
| 92 | } |
| 93 | if (errno != EFAULT) { |
| 94 | PLOG(WARNING) << "Unexpected error from FS_IOC_ADD_ENCRYPTION_KEY"; |
| 95 | } |
| 96 | LOG(DEBUG) << "Detected support for FS_IOC_ADD_ENCRYPTION_KEY"; |
| 97 | android::base::SetProperty("ro.crypto.uses_fs_ioc_add_encryption_key", "true"); |
| 98 | return true; |
| 99 | } |
| 100 | |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 101 | // Return true if the kernel supports the ioctls to add/remove fscrypt keys |
| 102 | // directly to/from the filesystem. |
| 103 | bool isFsKeyringSupported(void) { |
Eric Biggers | 7604eb9 | 2020-07-16 14:29:59 -0700 | [diff] [blame] | 104 | static bool supported = isFsKeyringSupportedImpl(); |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 105 | return supported; |
| 106 | } |
| 107 | |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 108 | // Get raw keyref - used to make keyname and to pass to ioctl |
Eric Biggers | ba997ee | 2018-10-23 13:07:43 -0700 | [diff] [blame] | 109 | static std::string generateKeyRef(const uint8_t* key, int length) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 110 | SHA512_CTX c; |
| 111 | |
| 112 | SHA512_Init(&c); |
| 113 | SHA512_Update(&c, key, length); |
| 114 | unsigned char key_ref1[SHA512_DIGEST_LENGTH]; |
| 115 | SHA512_Final(key_ref1, &c); |
| 116 | |
| 117 | SHA512_Init(&c); |
| 118 | SHA512_Update(&c, key_ref1, SHA512_DIGEST_LENGTH); |
| 119 | unsigned char key_ref2[SHA512_DIGEST_LENGTH]; |
| 120 | SHA512_Final(key_ref2, &c); |
| 121 | |
Eric Biggers | 506342f | 2019-12-17 13:11:25 -0800 | [diff] [blame] | 122 | static_assert(FSCRYPT_KEY_DESCRIPTOR_SIZE <= SHA512_DIGEST_LENGTH, |
| 123 | "Hash too short for descriptor"); |
| 124 | return std::string((char*)key_ref2, FSCRYPT_KEY_DESCRIPTOR_SIZE); |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 125 | } |
| 126 | |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 127 | static bool fillKey(const KeyBuffer& key, fscrypt_key* fs_key) { |
Eric Biggers | 506342f | 2019-12-17 13:11:25 -0800 | [diff] [blame] | 128 | if (key.size() != FSCRYPT_MAX_KEY_SIZE) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 129 | LOG(ERROR) << "Wrong size key " << key.size(); |
| 130 | return false; |
| 131 | } |
Eric Biggers | 506342f | 2019-12-17 13:11:25 -0800 | [diff] [blame] | 132 | static_assert(FSCRYPT_MAX_KEY_SIZE == sizeof(fs_key->raw), "Mismatch of max key sizes"); |
| 133 | fs_key->mode = 0; // unused by kernel |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 134 | memcpy(fs_key->raw, key.data(), key.size()); |
Eric Biggers | 506342f | 2019-12-17 13:11:25 -0800 | [diff] [blame] | 135 | fs_key->size = key.size(); |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 136 | return true; |
| 137 | } |
| 138 | |
Paul Crowley | 14c8c07 | 2018-09-18 13:30:21 -0700 | [diff] [blame] | 139 | static char const* const NAME_PREFIXES[] = {"ext4", "f2fs", "fscrypt", nullptr}; |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 140 | |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 141 | static std::string keyrefstring(const std::string& raw_ref) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 142 | std::ostringstream o; |
Chen, Luhai | 5744dfe | 2017-08-18 14:49:45 +0800 | [diff] [blame] | 143 | for (unsigned char i : raw_ref) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 144 | o << std::hex << std::setw(2) << std::setfill('0') << (int)i; |
| 145 | } |
| 146 | return o.str(); |
| 147 | } |
| 148 | |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 149 | static std::string buildLegacyKeyName(const std::string& prefix, const std::string& raw_ref) { |
| 150 | return prefix + ":" + keyrefstring(raw_ref); |
| 151 | } |
| 152 | |
| 153 | // Get the ID of the keyring we store all fscrypt keys in when the kernel is too |
| 154 | // old to support FS_IOC_ADD_ENCRYPTION_KEY and FS_IOC_REMOVE_ENCRYPTION_KEY. |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 155 | static bool fscryptKeyring(key_serial_t* device_keyring) { |
| 156 | *device_keyring = keyctl_search(KEY_SPEC_SESSION_KEYRING, "keyring", "fscrypt", 0); |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 157 | if (*device_keyring == -1) { |
| 158 | PLOG(ERROR) << "Unable to find device keyring"; |
| 159 | return false; |
| 160 | } |
| 161 | return true; |
| 162 | } |
| 163 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 164 | // Add an encryption key of type "logon" to the global session keyring. |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 165 | static bool installKeyLegacy(const KeyBuffer& key, const std::string& raw_ref) { |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 166 | // Place fscrypt_key into automatically zeroing buffer. |
| 167 | KeyBuffer fsKeyBuffer(sizeof(fscrypt_key)); |
| 168 | fscrypt_key& fs_key = *reinterpret_cast<fscrypt_key*>(fsKeyBuffer.data()); |
Pavel Grafov | e2e2d30 | 2017-08-01 17:15:53 +0100 | [diff] [blame] | 169 | |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 170 | if (!fillKey(key, &fs_key)) return false; |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 171 | key_serial_t device_keyring; |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 172 | if (!fscryptKeyring(&device_keyring)) return false; |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 173 | for (char const* const* name_prefix = NAME_PREFIXES; *name_prefix != nullptr; name_prefix++) { |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 174 | auto ref = buildLegacyKeyName(*name_prefix, raw_ref); |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 175 | key_serial_t key_id = |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 176 | add_key("logon", ref.c_str(), (void*)&fs_key, sizeof(fs_key), device_keyring); |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 177 | if (key_id == -1) { |
| 178 | PLOG(ERROR) << "Failed to insert key into keyring " << device_keyring; |
| 179 | return false; |
| 180 | } |
| 181 | LOG(DEBUG) << "Added key " << key_id << " (" << ref << ") to keyring " << device_keyring |
| 182 | << " in process " << getpid(); |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 183 | } |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 184 | return true; |
| 185 | } |
| 186 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 187 | // Installs fscrypt-provisioning key into session level kernel keyring. |
| 188 | // This allows for the given key to be installed back into filesystem keyring. |
| 189 | // For more context see reloadKeyFromSessionKeyring. |
| 190 | static bool installProvisioningKey(const KeyBuffer& key, const std::string& ref, |
| 191 | const fscrypt_key_specifier& key_spec) { |
| 192 | key_serial_t device_keyring; |
| 193 | if (!fscryptKeyring(&device_keyring)) return false; |
| 194 | |
| 195 | // Place fscrypt_provisioning_key_payload into automatically zeroing buffer. |
| 196 | KeyBuffer buf(sizeof(fscrypt_provisioning_key_payload) + key.size(), 0); |
| 197 | fscrypt_provisioning_key_payload& provisioning_key = |
| 198 | *reinterpret_cast<fscrypt_provisioning_key_payload*>(buf.data()); |
| 199 | memcpy(provisioning_key.raw, key.data(), key.size()); |
| 200 | provisioning_key.type = key_spec.type; |
| 201 | |
| 202 | key_serial_t key_id = add_key("fscrypt-provisioning", ref.c_str(), (void*)&provisioning_key, |
| 203 | buf.size(), device_keyring); |
| 204 | if (key_id == -1) { |
| 205 | PLOG(ERROR) << "Failed to insert fscrypt-provisioning key for " << ref |
| 206 | << " into session keyring"; |
| 207 | return false; |
| 208 | } |
| 209 | LOG(DEBUG) << "Added fscrypt-provisioning key for " << ref << " to session keyring"; |
| 210 | return true; |
| 211 | } |
| 212 | |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 213 | // Build a struct fscrypt_key_specifier for use in the key management ioctls. |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 214 | static bool buildKeySpecifier(fscrypt_key_specifier* spec, const EncryptionPolicy& policy) { |
| 215 | switch (policy.options.version) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 216 | case 1: |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 217 | if (policy.key_raw_ref.size() != FSCRYPT_KEY_DESCRIPTOR_SIZE) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 218 | LOG(ERROR) << "Invalid key specifier size for v1 encryption policy: " |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 219 | << policy.key_raw_ref.size(); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 220 | return false; |
| 221 | } |
| 222 | spec->type = FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR; |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 223 | memcpy(spec->u.descriptor, policy.key_raw_ref.c_str(), FSCRYPT_KEY_DESCRIPTOR_SIZE); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 224 | return true; |
| 225 | case 2: |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 226 | if (policy.key_raw_ref.size() != FSCRYPT_KEY_IDENTIFIER_SIZE) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 227 | LOG(ERROR) << "Invalid key specifier size for v2 encryption policy: " |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 228 | << policy.key_raw_ref.size(); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 229 | return false; |
| 230 | } |
| 231 | spec->type = FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER; |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 232 | memcpy(spec->u.identifier, policy.key_raw_ref.c_str(), FSCRYPT_KEY_IDENTIFIER_SIZE); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 233 | return true; |
| 234 | default: |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 235 | LOG(ERROR) << "Invalid encryption policy version: " << policy.options.version; |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 236 | return false; |
| 237 | } |
| 238 | } |
| 239 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 240 | // Installs key into keyring of a filesystem mounted on |mountpoint|. |
| 241 | // |
| 242 | // It's callers responsibility to fill key specifier, and either arg->raw or arg->key_id. |
| 243 | // |
| 244 | // In case arg->key_spec.type equals to FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER |
| 245 | // arg->key_spec.u.identifier will be populated with raw key reference generated |
| 246 | // by kernel. |
| 247 | // |
| 248 | // For documentation on difference between arg->raw and arg->key_id see |
| 249 | // https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html#fs-ioc-add-encryption-key |
| 250 | static bool installFsKeyringKey(const std::string& mountpoint, const EncryptionOptions& options, |
| 251 | fscrypt_add_key_arg* arg) { |
Eric Biggers | e0217d7 | 2020-07-16 16:31:00 -0700 | [diff] [blame] | 252 | if (options.use_hw_wrapped_key) arg->__flags |= __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED; |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 253 | |
| 254 | android::base::unique_fd fd(open(mountpoint.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC)); |
| 255 | if (fd == -1) { |
| 256 | PLOG(ERROR) << "Failed to open " << mountpoint << " to install key"; |
| 257 | return false; |
| 258 | } |
| 259 | |
| 260 | if (ioctl(fd, FS_IOC_ADD_ENCRYPTION_KEY, arg) != 0) { |
| 261 | PLOG(ERROR) << "Failed to install fscrypt key to " << mountpoint; |
| 262 | return false; |
| 263 | } |
| 264 | |
| 265 | return true; |
| 266 | } |
| 267 | |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 268 | bool installKey(const std::string& mountpoint, const EncryptionOptions& options, |
| 269 | const KeyBuffer& key, EncryptionPolicy* policy) { |
| 270 | policy->options = options; |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 271 | // Put the fscrypt_add_key_arg in an automatically-zeroing buffer, since we |
| 272 | // have to copy the raw key into it. |
| 273 | KeyBuffer arg_buf(sizeof(struct fscrypt_add_key_arg) + key.size(), 0); |
| 274 | struct fscrypt_add_key_arg* arg = (struct fscrypt_add_key_arg*)arg_buf.data(); |
| 275 | |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 276 | // Initialize the "key specifier", which is like a name for the key. |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 277 | switch (options.version) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 278 | case 1: |
| 279 | // A key for a v1 policy is specified by an arbitrary 8-byte |
| 280 | // "descriptor", which must be provided by userspace. We use the |
| 281 | // first 8 bytes from the double SHA-512 of the key itself. |
Pig | adb9199 | 2020-09-25 22:56:33 +0800 | [diff] [blame] | 282 | if (options.use_hw_wrapped_key) { |
| 283 | /* When wrapped key is supported, only the first 32 bytes are |
| 284 | the same per boot. The second 32 bytes can change as the ephemeral |
| 285 | key is different. */ |
| 286 | policy->key_raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size()/2); |
| 287 | } else { |
| 288 | policy->key_raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size()); |
| 289 | } |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 290 | if (!isFsKeyringSupported()) { |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 291 | return installKeyLegacy(key, policy->key_raw_ref); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 292 | } |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 293 | if (!buildKeySpecifier(&arg->key_spec, *policy)) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 294 | return false; |
| 295 | } |
| 296 | break; |
| 297 | case 2: |
| 298 | // A key for a v2 policy is specified by an 16-byte "identifier", |
| 299 | // which is a cryptographic hash of the key itself which the kernel |
| 300 | // computes and returns. Any user-provided value is ignored; we |
| 301 | // just need to set the specifier type to indicate that we're adding |
| 302 | // this type of key. |
| 303 | arg->key_spec.type = FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER; |
| 304 | break; |
| 305 | default: |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 306 | LOG(ERROR) << "Invalid encryption policy version: " << options.version; |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 307 | return false; |
| 308 | } |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 309 | |
| 310 | arg->raw_size = key.size(); |
| 311 | memcpy(arg->raw, key.data(), key.size()); |
| 312 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 313 | if (!installFsKeyringKey(mountpoint, options, arg)) return false; |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 314 | |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 315 | if (arg->key_spec.type == FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER) { |
| 316 | // Retrieve the key identifier that the kernel computed. |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 317 | policy->key_raw_ref = |
| 318 | std::string((char*)arg->key_spec.u.identifier, FSCRYPT_KEY_IDENTIFIER_SIZE); |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 319 | } |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 320 | std::string ref = keyrefstring(policy->key_raw_ref); |
| 321 | LOG(DEBUG) << "Installed fscrypt key with ref " << ref << " to " << mountpoint; |
| 322 | |
| 323 | if (!installProvisioningKey(key, ref, arg->key_spec)) return false; |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 324 | return true; |
| 325 | } |
| 326 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 327 | // Remove an encryption key of type "logon" from the global session keyring. |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 328 | static bool evictKeyLegacy(const std::string& raw_ref) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 329 | key_serial_t device_keyring; |
Eric Biggers | a701c45 | 2018-10-23 13:06:55 -0700 | [diff] [blame] | 330 | if (!fscryptKeyring(&device_keyring)) return false; |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 331 | bool success = true; |
| 332 | for (char const* const* name_prefix = NAME_PREFIXES; *name_prefix != nullptr; name_prefix++) { |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 333 | auto ref = buildLegacyKeyName(*name_prefix, raw_ref); |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 334 | auto key_serial = keyctl_search(device_keyring, "logon", ref.c_str(), 0); |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 335 | |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 336 | // Unlink the key from the keyring. Prefer unlinking to revoking or |
| 337 | // invalidating, since unlinking is actually no less secure currently, and |
| 338 | // it avoids bugs in certain kernel versions where the keyring key is |
| 339 | // referenced from places it shouldn't be. |
| 340 | if (keyctl_unlink(key_serial, device_keyring) != 0) { |
| 341 | PLOG(ERROR) << "Failed to unlink key with serial " << key_serial << " ref " << ref; |
| 342 | success = false; |
| 343 | } else { |
| 344 | LOG(DEBUG) << "Unlinked key with serial " << key_serial << " ref " << ref; |
| 345 | } |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 346 | } |
Paul Crowley | cd8bfe3 | 2017-06-19 16:05:55 -0700 | [diff] [blame] | 347 | return success; |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 348 | } |
| 349 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 350 | static bool evictProvisioningKey(const std::string& ref) { |
| 351 | key_serial_t device_keyring; |
| 352 | if (!fscryptKeyring(&device_keyring)) { |
| 353 | return false; |
| 354 | } |
| 355 | |
| 356 | auto key_serial = keyctl_search(device_keyring, "fscrypt-provisioning", ref.c_str(), 0); |
| 357 | if (key_serial == -1 && errno != ENOKEY) { |
| 358 | PLOG(ERROR) << "Error searching session keyring for fscrypt-provisioning key for " << ref; |
| 359 | return false; |
| 360 | } |
| 361 | |
| 362 | if (key_serial != -1 && keyctl_unlink(key_serial, device_keyring) != 0) { |
| 363 | PLOG(ERROR) << "Failed to unlink fscrypt-provisioning key for " << ref |
| 364 | << " from session keyring"; |
| 365 | return false; |
| 366 | } |
| 367 | return true; |
| 368 | } |
| 369 | |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 370 | bool evictKey(const std::string& mountpoint, const EncryptionPolicy& policy) { |
| 371 | if (policy.options.version == 1 && !isFsKeyringSupported()) { |
| 372 | return evictKeyLegacy(policy.key_raw_ref); |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 373 | } |
| 374 | |
| 375 | android::base::unique_fd fd(open(mountpoint.c_str(), O_RDONLY | O_DIRECTORY | O_CLOEXEC)); |
| 376 | if (fd == -1) { |
| 377 | PLOG(ERROR) << "Failed to open " << mountpoint << " to evict key"; |
| 378 | return false; |
| 379 | } |
| 380 | |
| 381 | struct fscrypt_remove_key_arg arg; |
| 382 | memset(&arg, 0, sizeof(arg)); |
| 383 | |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 384 | if (!buildKeySpecifier(&arg.key_spec, policy)) { |
Eric Biggers | 83a73d7 | 2019-09-30 13:06:47 -0700 | [diff] [blame] | 385 | return false; |
| 386 | } |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 387 | |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 388 | std::string ref = keyrefstring(policy.key_raw_ref); |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 389 | |
| 390 | if (ioctl(fd, FS_IOC_REMOVE_ENCRYPTION_KEY, &arg) != 0) { |
| 391 | PLOG(ERROR) << "Failed to evict fscrypt key with ref " << ref << " from " << mountpoint; |
| 392 | return false; |
| 393 | } |
| 394 | |
| 395 | LOG(DEBUG) << "Evicted fscrypt key with ref " << ref << " from " << mountpoint; |
| 396 | if (arg.removal_status_flags & FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS) { |
| 397 | // Should never happen because keys are only added/removed as root. |
| 398 | LOG(ERROR) << "Unexpected case: key with ref " << ref << " is still added by other users!"; |
| 399 | } else if (arg.removal_status_flags & FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY) { |
| 400 | LOG(ERROR) << "Files still open after removing key with ref " << ref |
| 401 | << ". These files were not locked!"; |
| 402 | } |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 403 | |
| 404 | if (!evictProvisioningKey(ref)) return false; |
Eric Biggers | f3dc420 | 2019-09-30 13:05:58 -0700 | [diff] [blame] | 405 | return true; |
| 406 | } |
| 407 | |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 408 | bool retrieveOrGenerateKey(const std::string& key_path, const std::string& tmp_path, |
| 409 | const KeyAuthentication& key_authentication, const KeyGeneration& gen, |
Eric Biggers | f74373b | 2020-11-05 19:58:26 -0800 | [diff] [blame] | 410 | KeyBuffer* key) { |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 411 | if (pathExists(key_path)) { |
| 412 | LOG(DEBUG) << "Key exists, using: " << key_path; |
Eric Biggers | f74373b | 2020-11-05 19:58:26 -0800 | [diff] [blame] | 413 | if (!retrieveKey(key_path, key_authentication, key)) return false; |
Paul Crowley | d575981 | 2016-06-02 11:04:27 -0700 | [diff] [blame] | 414 | } else { |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 415 | if (!gen.allow_gen) { |
Paul Crowley | 14c8c07 | 2018-09-18 13:30:21 -0700 | [diff] [blame] | 416 | LOG(ERROR) << "No key found in " << key_path; |
| 417 | return false; |
Paul Crowley | d575981 | 2016-06-02 11:04:27 -0700 | [diff] [blame] | 418 | } |
| 419 | LOG(INFO) << "Creating new key in " << key_path; |
Paul Crowley | 4eac264 | 2020-02-12 11:04:05 -0800 | [diff] [blame] | 420 | if (!generateStorageKey(gen, key)) return false; |
Paul Crowley | 77df7f2 | 2020-01-23 15:29:30 -0800 | [diff] [blame] | 421 | if (!storeKeyAtomically(key_path, tmp_path, key_authentication, *key)) return false; |
Paul Crowley | d575981 | 2016-06-02 11:04:27 -0700 | [diff] [blame] | 422 | } |
| 423 | return true; |
| 424 | } |
| 425 | |
Nikita Ioffe | 1c6731c | 2020-02-28 19:50:31 +0000 | [diff] [blame] | 426 | bool reloadKeyFromSessionKeyring(const std::string& mountpoint, const EncryptionPolicy& policy) { |
| 427 | key_serial_t device_keyring; |
| 428 | if (!fscryptKeyring(&device_keyring)) { |
| 429 | return false; |
| 430 | } |
| 431 | |
| 432 | std::string ref = keyrefstring(policy.key_raw_ref); |
| 433 | auto key_serial = keyctl_search(device_keyring, "fscrypt-provisioning", ref.c_str(), 0); |
| 434 | if (key_serial == -1) { |
| 435 | PLOG(ERROR) << "Failed to find fscrypt-provisioning key for " << ref |
| 436 | << " in session keyring"; |
| 437 | return false; |
| 438 | } |
| 439 | |
| 440 | LOG(DEBUG) << "Installing fscrypt-provisioning key for " << ref << " back into " << mountpoint |
| 441 | << " fs-keyring"; |
| 442 | |
| 443 | struct fscrypt_add_key_arg arg; |
| 444 | memset(&arg, 0, sizeof(arg)); |
| 445 | if (!buildKeySpecifier(&arg.key_spec, policy)) return false; |
| 446 | arg.key_id = key_serial; |
| 447 | if (!installFsKeyringKey(mountpoint, policy.options, &arg)) return false; |
| 448 | |
| 449 | return true; |
| 450 | } |
| 451 | |
Paul Crowley | f71ace3 | 2016-06-02 11:01:19 -0700 | [diff] [blame] | 452 | } // namespace vold |
| 453 | } // namespace android |