From: Mae Kasza <git@badat.dev>
To: Hongbo Li <lihongbo22@huawei.com>,
Kent Overstreet <kent.overstreet@linux.dev>,
Mae Kasza <git@badat.dev>
Cc: linux-bcachefs@vger.kernel.org
Subject: Re: [PATCH] cmd_set_passphrase: initialize KDF parameters
Date: Tue, 13 Aug 2024 15:16:36 +0200 [thread overview]
Message-ID: <5252a768-7abe-4af1-8d78-9cbfbd1c9186@badat.dev> (raw)
In-Reply-To: <9aca486e-ed70-4826-9cae-024fb64b12a8@huawei.com>
On 8/12/24 04:50, Hongbo Li wrote:
>
>
> On 2024/8/12 9:41, Kent Overstreet wrote:
>> On Sun, Aug 11, 2024 at 11:40:38PM GMT, Mae Kasza wrote:
>>> From: mae <git@badat.dev>
>>>
>>> The set-passphrase command failed to derive the key for disks initially
>>> formatted with --encrypted and --no_passphrase.
>>>
>>> This happened because bch_sb_crypt_init only configures the KDF params
>>> if a passphrase is specified.
>>> This commit makes the command initialize the KDF with the same
>>> parameters
>>> as bch_sb_crypt_init if the key wasn't encrypted before.
>>>
>>> Signed-off-by: Mae Kasza <git@badat.dev>
>>
>> This looks good to me, but I'm in the middle of a 20 hour drive and not
>> feeling super confident to review crypto stuff tonight, so maybe someone
>> else can go over it too before I pull it in..
>>
>>> ---
>>> c_src/cmd_key.c | 9 +++++++--
>>> c_src/crypto.c | 13 ++++++++-----
>>> c_src/crypto.h | 1 +
>>> 3 files changed, 16 insertions(+), 7 deletions(-)
>>>
>>> diff --git a/c_src/cmd_key.c b/c_src/cmd_key.c
>>> index adb0ac8d..2da83758 100644
>>> --- a/c_src/cmd_key.c
>>> +++ b/c_src/cmd_key.c
>>> @@ -104,7 +104,8 @@ int cmd_set_passphrase(int argc, char *argv[])
>>> if (IS_ERR(c))
>>> die("Error opening %s: %s", argv[1],
>>> bch2_err_str(PTR_ERR(c)));
>>> - struct bch_sb_field_crypt *crypt =
>>> bch2_sb_field_get(c->disk_sb.sb, crypt);
>>> + struct bch_sb *sb = c->disk_sb.sb;
>>> + struct bch_sb_field_crypt *crypt = bch2_sb_field_get(sb, crypt);
>>> if (!crypt)
>>> die("Filesystem does not have encryption enabled");
>>> @@ -116,9 +117,13 @@ int cmd_set_passphrase(int argc, char *argv[])
>>> die("Error getting current key");
>>> char *new_passphrase = read_passphrase_twice("Enter new
>>> passphrase: ");
>>> + if (!bch2_key_is_encrypted(&crypt->key)) {
>>> + bch_crypt_default_kdf_init(crypt);
> It works, but using bch_sb_crypt_init to reinitialize crypt may be
> better. In bch_sb_crypt_init, it has initialized the crypt and also
> cleaned new_passphrase.
>
> Thanks
> Hongbo
>
bch_sb_crypt_init also reinitializes the crypt->key, so I can't just
reuse it here.
I could extract it into a bch_crypt_update_passphrase function.
Originally I wanted to avoid doing that to limit the scope of this
patchset, but I'll give it a shot
Thanks for the review!
Mae
>>> + }
>>> +
>>> struct bch_key passphrase_key = derive_passphrase(crypt,
>>> new_passphrase);
>>> - if (bch2_chacha_encrypt_key(&passphrase_key,
>>> __bch2_sb_key_nonce(c->disk_sb.sb),
>>> + if (bch2_chacha_encrypt_key(&passphrase_key,
>>> __bch2_sb_key_nonce(sb),
>>> &new_key, sizeof(new_key)))
>>> die("error encrypting key");
>>> crypt->key = new_key;
>>> diff --git a/c_src/crypto.c b/c_src/crypto.c
>>> index 32671bd8..30ad92d4 100644
>>> --- a/c_src/crypto.c
>>> +++ b/c_src/crypto.c
>>> @@ -180,11 +180,7 @@ void bch_sb_crypt_init(struct bch_sb *sb,
>>> get_random_bytes(&crypt->key.key, sizeof(crypt->key.key));
>>> if (passphrase) {
>>> -
>>> - SET_BCH_CRYPT_KDF_TYPE(crypt, BCH_KDF_SCRYPT);
>>> - SET_BCH_KDF_SCRYPT_N(crypt, ilog2(16384));
>>> - SET_BCH_KDF_SCRYPT_R(crypt, ilog2(8));
>>> - SET_BCH_KDF_SCRYPT_P(crypt, ilog2(16));
>>> + bch_crypt_default_kdf_init(crypt);
>>> struct bch_key passphrase_key = derive_passphrase(crypt,
>>> passphrase);
>>> @@ -199,3 +195,10 @@ void bch_sb_crypt_init(struct bch_sb *sb,
>>> memzero_explicit(&passphrase_key, sizeof(passphrase_key));
>>> }
>>> }
>>> +
>>> +void bch_crypt_default_kdf_init(struct bch_sb_field_crypt *crypt) {
>>> + SET_BCH_CRYPT_KDF_TYPE(crypt, BCH_KDF_SCRYPT);
>>> + SET_BCH_KDF_SCRYPT_N(crypt, ilog2(16384));
>>> + SET_BCH_KDF_SCRYPT_R(crypt, ilog2(8));
>>> + SET_BCH_KDF_SCRYPT_P(crypt, ilog2(16));
>>> +}
>>> diff --git a/c_src/crypto.h b/c_src/crypto.h
>>> index baea6d86..846a8931 100644
>>> --- a/c_src/crypto.h
>>> +++ b/c_src/crypto.h
>>> @@ -18,5 +18,6 @@ void bch2_passphrase_check(struct bch_sb *, const
>>> char *,
>>> void bch2_add_key(struct bch_sb *, const char *, const char *,
>>> const char *);
>>> void bch_sb_crypt_init(struct bch_sb *sb, struct
>>> bch_sb_field_crypt *,
>>> const char *);
>>> +void bch_crypt_default_kdf_init(struct bch_sb_field_crypt *);
>>> #endif /* _CRYPTO_H */
>>> --
>>> 2.45.2
>>>
>>
>>
>
next prev parent reply other threads:[~2024-08-13 13:16 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-11 21:40 Mae Kasza
2024-08-11 21:40 ` [PATCH] cmd_set_passphrase: initialize KDF parameters Mae Kasza
2024-08-12 1:41 ` Kent Overstreet
2024-08-12 2:50 ` Hongbo Li
2024-08-13 13:16 ` Mae Kasza [this message]
2024-08-13 17:37 ` [PATCH] Extract bch_crypt_update_passphrase function Mae Kasza
2024-08-14 2:21 ` Hongbo Li
2024-08-14 12:29 ` Mae Kasza
2024-08-14 2:10 ` [PATCH] cmd_set_passphrase: initialize KDF parameters Hongbo Li
2024-08-14 12:25 ` Mae Kasza
2024-09-13 21:39 ` Mae Kasza
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5252a768-7abe-4af1-8d78-9cbfbd1c9186@badat.dev \
--to=git@badat.dev \
--cc=kent.overstreet@linux.dev \
--cc=lihongbo22@huawei.com \
--cc=linux-bcachefs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox