From: Maxim Levitsky <mlevitsk@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Kevin Wolf" <kwolf@redhat.com>, "Fam Zheng" <fam@euphon.net>,
"Daniel P. Berrangé" <berrange@redhat.com>,
qemu-block@nongnu.org, "Markus Armbruster" <armbru@redhat.com>,
"Max Reitz" <mreitz@redhat.com>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
"Maxim Levitsky" <mlevitsk@redhat.com>
Subject: [Qemu-devel] [PATCH v2 12/13] qcrypto-luks: use g_autowipe
Date: Mon, 26 Aug 2019 16:51:02 +0300 [thread overview]
Message-ID: <20190826135103.22410-13-mlevitsk@redhat.com> (raw)
In-Reply-To: <20190826135103.22410-1-mlevitsk@redhat.com>
This patch makes the luks crypto driver use the g_autowipe to erase the master keys,
and the passwords from the memory.
Note that this is not a complete solution, since these keys are also present in the
chipers, and in the secrets.
Some of them still can be erased, at least at driver instance close.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
---
crypto/block-luks.c | 61 ++++++++++++++++-----------------------------
1 file changed, 22 insertions(+), 39 deletions(-)
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 6a43d97ce5..db0fb764b4 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -32,6 +32,7 @@
#include "qemu/uuid.h"
#include "qemu/coroutine.h"
+#include "autowipe.h"
/*
* Reference for the LUKS format implemented here is
@@ -698,19 +699,18 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
{
QCryptoBlockLUKS *luks = block->opaque;
QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx];
- g_autofree uint8_t *splitkey = NULL;
+ g_autowipe uint8_t *splitkey = NULL;
size_t splitkeylen;
- g_autofree uint8_t *slotkey = NULL;
+ g_autowipe uint8_t *slotkey = NULL;
g_autoptr(QCryptoCipher) cipher = NULL;
g_autoptr(QCryptoIVGen) ivgen = NULL;
Error *local_err = NULL;
uint64_t iters;
- int ret = -1;
if (qcrypto_random_bytes(slot->salt,
QCRYPTO_BLOCK_LUKS_SALT_LEN,
errp) < 0) {
- goto cleanup;
+ return -1;
}
splitkeylen = luks->header.master_key_len * slot->stripes;
@@ -728,14 +728,14 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
&local_err);
if (local_err) {
error_propagate(errp, local_err);
- goto cleanup;
+ return -1;
}
if (iters > (ULLONG_MAX / iter_time)) {
error_setg_errno(errp, ERANGE,
"PBKDF iterations %llu too large to scale",
(unsigned long long)iters);
- goto cleanup;
+ return -1;
}
/* iter_time was in millis, but count_iters reported for secs */
@@ -745,7 +745,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
error_setg_errno(errp, ERANGE,
"PBKDF iterations %llu larger than %u",
(unsigned long long)iters, UINT32_MAX);
- goto cleanup;
+ return -1;
}
slot->iterations =
@@ -764,7 +764,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
slot->iterations,
slotkey, luks->header.master_key_len,
errp) < 0) {
- goto cleanup;
+ return -1;
}
@@ -777,7 +777,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
slotkey, luks->header.master_key_len,
errp);
if (!cipher) {
- goto cleanup;
+ return -1;
}
ivgen = qcrypto_ivgen_new(luks->ivgen_alg,
@@ -786,7 +786,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
slotkey, luks->header.master_key_len,
errp);
if (!ivgen) {
- goto cleanup;
+ return -1;
}
/*
@@ -802,7 +802,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
masterkey,
splitkey,
errp) < 0) {
- goto cleanup;
+ return -1;
}
/*
@@ -815,7 +815,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
splitkey,
splitkeylen,
errp) < 0) {
- goto cleanup;
+ return -1;
}
/* Write out the slot's master key material. */
@@ -825,25 +825,16 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
splitkey, splitkeylen,
opaque,
errp) != splitkeylen) {
- goto cleanup;
+ return -1;
}
slot->active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED;
if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
- goto cleanup;
+ return -1;
}
- ret = 0;
-
-cleanup:
- if (slotkey) {
- memset(slotkey, 0, luks->header.master_key_len);
- }
- if (splitkey) {
- memset(splitkey, 0, splitkeylen);
- }
- return ret;
+ return 0;
}
/*
@@ -868,9 +859,9 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
{
QCryptoBlockLUKS *luks = block->opaque;
const QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx];
- g_autofree uint8_t *splitkey = NULL;
+ g_autowipe uint8_t *splitkey = NULL;
size_t splitkeylen;
- g_autofree uint8_t *possiblekey = NULL;
+ g_autowipe uint8_t *possiblekey = NULL;
ssize_t rv;
g_autoptr(QCryptoCipher) cipher = NULL;
uint8_t keydigest[QCRYPTO_BLOCK_LUKS_DIGEST_LEN];
@@ -1059,8 +1050,8 @@ qcrypto_block_luks_open(QCryptoBlock *block,
{
QCryptoBlockLUKS *luks = NULL;
int ret = 0;
- g_autofree uint8_t *masterkey = NULL;
- g_autofree char *password = NULL;
+ g_autowipe uint8_t *masterkey = NULL;
+ g_autowipe char *password = NULL;
if (!(flags & QCRYPTO_BLOCK_OPEN_NO_IO)) {
if (!options->u.luks.key_secret) {
@@ -1151,6 +1142,7 @@ qcrypto_block_luks_open(QCryptoBlock *block,
fail:
qcrypto_block_free_cipher(block);
qcrypto_ivgen_free(block->ivgen);
+
g_free(luks);
return ret;
}
@@ -1176,11 +1168,11 @@ qcrypto_block_luks_create(QCryptoBlock *block,
QCryptoBlockLUKS *luks;
QCryptoBlockCreateOptionsLUKS luks_opts;
Error *local_err = NULL;
- g_autofree uint8_t *masterkey = NULL;
+ g_autowipe uint8_t *masterkey = NULL;
size_t header_sectors;
size_t split_key_sectors;
size_t i;
- g_autofree char *password;
+ g_autowipe char *password;
const char *cipher_alg;
const char *cipher_mode;
const char *ivgen_alg;
@@ -1445,23 +1437,14 @@ qcrypto_block_luks_create(QCryptoBlock *block,
goto error;
}
-
- memset(masterkey, 0, luks->header.master_key_len);
return 0;
-
error:
- if (masterkey) {
- memset(masterkey, 0, luks->header.master_key_len);
- }
-
qcrypto_block_free_cipher(block);
qcrypto_ivgen_free(block->ivgen);
-
g_free(luks);
return -1;
}
-
static int qcrypto_block_luks_get_info(QCryptoBlock *block,
QCryptoBlockInfo *info,
Error **errp)
--
2.17.2
next prev parent reply other threads:[~2019-08-26 14:08 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-26 13:50 [Qemu-devel] [PATCH v2 00/13] RFC crypto/luks: preparation for encryption key managment Maxim Levitsky
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 01/13] introduce g_autowipe Maxim Levitsky
2019-08-27 10:46 ` Tony Nguyen
2019-08-27 10:52 ` Daniel P. Berrangé
2019-08-27 11:24 ` Maxim Levitsky
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 02/13] block-crypto: misc refactoring Maxim Levitsky
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 03/13] qcrypto-luks: rename some fields in QCryptoBlockLUKSHeader Maxim Levitsky
2019-09-06 12:27 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 04/13] qcrypto-luks: don't overwrite cipher_mode in header Maxim Levitsky
2019-09-06 12:29 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 05/13] qcrypto-luks: simplify masterkey and masterkey length Maxim Levitsky
2019-09-06 12:30 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 06/13] qcrypto-block: pass keyslot index rather that pointer to the keyslot Maxim Levitsky
2019-09-06 12:32 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 07/13] qcrypto-luks: use the parsed encryption settings in QCryptoBlockLUKS Maxim Levitsky
2019-09-06 12:35 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 08/13] qcrypto-luks: extract store and load header Maxim Levitsky
2019-09-06 13:06 ` Daniel P. Berrangé
2019-08-26 13:50 ` [Qemu-devel] [PATCH v2 09/13] qcrypto-block: extract check and parse header Maxim Levitsky
2019-09-06 13:11 ` Daniel P. Berrangé
2019-09-12 7:24 ` Maxim Levitsky
2019-08-26 13:51 ` [Qemu-devel] [PATCH v2 10/13] qcrypto-luks: refactoring: extract store key function Maxim Levitsky
2019-09-06 13:14 ` Daniel P. Berrangé
2019-08-26 13:51 ` [Qemu-devel] [PATCH v2 11/13] qcrypto-luks: refactoring: simplify the math used for keyslot locations Maxim Levitsky
2019-09-06 13:17 ` Daniel P. Berrangé
2019-09-12 7:40 ` Maxim Levitsky
2019-08-26 13:51 ` Maxim Levitsky [this message]
2019-08-26 13:51 ` [Qemu-devel] [PATCH v2 13/13] qcrypto-luks: implement more rigorous header checking Maxim Levitsky
2019-09-06 13:34 ` Daniel P. Berrangé
2019-09-12 8:11 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190826135103.22410-13-mlevitsk@redhat.com \
--to=mlevitsk@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=fam@euphon.net \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).