/src/cryptsetup/lib/luks1/keyencryption.c
Line | Count | Source |
1 | | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | | /* |
3 | | * LUKS - Linux Unified Key Setup |
4 | | * |
5 | | * Copyright (C) 2004-2006 Clemens Fruhwirth <clemens@endorphin.org> |
6 | | * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved. |
7 | | * Copyright (C) 2012-2025 Milan Broz |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include <string.h> |
12 | | #include <errno.h> |
13 | | #include <sys/stat.h> |
14 | | #include "luks.h" |
15 | | #include "af.h" |
16 | | #include "internal.h" |
17 | | |
18 | | static void _error_hint(struct crypt_device *ctx, const char *device, |
19 | | const char *cipher, const char *mode, size_t keyLength) |
20 | 0 | { |
21 | 0 | char *c, cipher_spec[MAX_CIPHER_LEN * 3]; |
22 | |
|
23 | 0 | if (snprintf(cipher_spec, sizeof(cipher_spec), "%s-%s", cipher, mode) < 0) |
24 | 0 | return; |
25 | | |
26 | 0 | log_err(ctx, _("Failed to setup dm-crypt key mapping for device %s.\n" |
27 | 0 | "Check that kernel supports %s cipher (check syslog for more info)."), |
28 | 0 | device, cipher_spec); |
29 | |
|
30 | 0 | if (!strncmp(mode, "xts", 3) && (keyLength != 256 && keyLength != 512)) |
31 | 0 | log_err(ctx, _("Key size in XTS mode must be 256 or 512 bits.")); |
32 | 0 | else if (!(c = strchr(mode, '-')) || strlen(c) < 4) |
33 | 0 | log_err(ctx, _("Cipher specification should be in [cipher]-[mode]-[iv] format.")); |
34 | 0 | } |
35 | | |
36 | | static int LUKS_endec_template(char *src, size_t srcLength, |
37 | | const char *cipher, const char *cipher_mode, |
38 | | struct volume_key *vk, |
39 | | unsigned int sector, |
40 | | ssize_t (*func)(int, size_t, size_t, void *, size_t), |
41 | | int mode, |
42 | | struct crypt_device *ctx) |
43 | 0 | { |
44 | 0 | char name[PATH_MAX], path[PATH_MAX]; |
45 | 0 | char cipher_spec[MAX_CIPHER_LEN * 3]; |
46 | 0 | struct crypt_dm_active_device dmd = { |
47 | 0 | .flags = CRYPT_ACTIVATE_PRIVATE, |
48 | 0 | }; |
49 | 0 | int r, devfd = -1, remove_dev = 0; |
50 | 0 | size_t bsize, keyslot_alignment, alignment; |
51 | |
|
52 | 0 | log_dbg(ctx, "Using dmcrypt to access keyslot area."); |
53 | |
|
54 | 0 | bsize = device_block_size(ctx, crypt_metadata_device(ctx)); |
55 | 0 | alignment = device_alignment(crypt_metadata_device(ctx)); |
56 | 0 | if (!bsize || !alignment) |
57 | 0 | return -EINVAL; |
58 | | |
59 | 0 | if (bsize > LUKS_ALIGN_KEYSLOTS) |
60 | 0 | keyslot_alignment = LUKS_ALIGN_KEYSLOTS; |
61 | 0 | else |
62 | 0 | keyslot_alignment = bsize; |
63 | 0 | dmd.size = size_round_up(srcLength, keyslot_alignment) / SECTOR_SIZE; |
64 | |
|
65 | 0 | if (mode == O_RDONLY) |
66 | 0 | dmd.flags |= CRYPT_ACTIVATE_READONLY; |
67 | |
|
68 | 0 | if (snprintf(name, sizeof(name), "temporary-cryptsetup-%d", getpid()) < 0) |
69 | 0 | return -ENOMEM; |
70 | 0 | if (snprintf(path, sizeof(path), "%s/%s", dm_get_dir(), name) < 0) |
71 | 0 | return -ENOMEM; |
72 | 0 | if (snprintf(cipher_spec, sizeof(cipher_spec), "%s-%s", cipher, cipher_mode) < 0) |
73 | 0 | return -ENOMEM; |
74 | | |
75 | 0 | r = device_block_adjust(ctx, crypt_metadata_device(ctx), DEV_OK, |
76 | 0 | sector, &dmd.size, &dmd.flags); |
77 | 0 | if (r < 0) { |
78 | 0 | log_err(ctx, _("Device %s does not exist or access denied."), |
79 | 0 | device_path(crypt_metadata_device(ctx))); |
80 | 0 | return -EIO; |
81 | 0 | } |
82 | | |
83 | 0 | if (mode != O_RDONLY && dmd.flags & CRYPT_ACTIVATE_READONLY) { |
84 | 0 | log_err(ctx, _("Cannot write to device %s, permission denied."), |
85 | 0 | device_path(crypt_metadata_device(ctx))); |
86 | 0 | return -EACCES; |
87 | 0 | } |
88 | | |
89 | 0 | r = dm_crypt_target_set(&dmd.segment, 0, dmd.size, |
90 | 0 | crypt_metadata_device(ctx), vk, cipher_spec, 0, sector, |
91 | 0 | NULL, 0, 0, SECTOR_SIZE); |
92 | 0 | if (r) |
93 | 0 | goto out; |
94 | | |
95 | 0 | r = dm_create_device(ctx, name, "TEMP", &dmd); |
96 | 0 | if (r < 0) { |
97 | 0 | if (r != -EACCES && r != -ENOTSUP) |
98 | 0 | _error_hint(ctx, device_path(crypt_metadata_device(ctx)), |
99 | 0 | cipher, cipher_mode, crypt_volume_key_length(vk) * 8); |
100 | 0 | r = -EIO; |
101 | 0 | goto out; |
102 | 0 | } |
103 | 0 | remove_dev = 1; |
104 | |
|
105 | 0 | devfd = open(path, mode | O_DIRECT | O_SYNC); |
106 | 0 | if (devfd == -1) { |
107 | 0 | log_err(ctx, _("Failed to open temporary keystore device.")); |
108 | 0 | r = -EIO; |
109 | 0 | goto out; |
110 | 0 | } |
111 | | |
112 | 0 | r = func(devfd, bsize, alignment, src, srcLength); |
113 | 0 | if (r < 0) { |
114 | 0 | log_err(ctx, _("Failed to access temporary keystore device.")); |
115 | 0 | r = -EIO; |
116 | 0 | } else |
117 | 0 | r = 0; |
118 | 0 | out: |
119 | 0 | dm_targets_free(ctx, &dmd); |
120 | 0 | if (devfd != -1) |
121 | 0 | close(devfd); |
122 | 0 | if (remove_dev) |
123 | 0 | dm_remove_device(ctx, name, CRYPT_DEACTIVATE_FORCE); |
124 | 0 | return r; |
125 | 0 | } |
126 | | |
127 | | int LUKS_encrypt_to_storage(char *src, size_t srcLength, |
128 | | const char *cipher, |
129 | | const char *cipher_mode, |
130 | | struct volume_key *vk, |
131 | | unsigned int sector, |
132 | | struct crypt_device *ctx) |
133 | 0 | { |
134 | 0 | struct device *device = crypt_metadata_device(ctx); |
135 | 0 | struct crypt_storage *s; |
136 | 0 | int devfd, r = 0; |
137 | | |
138 | | /* Only whole sector writes supported */ |
139 | 0 | if (MISALIGNED_512(srcLength)) |
140 | 0 | return -EINVAL; |
141 | | |
142 | | /* Encrypt buffer */ |
143 | 0 | r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, crypt_volume_key_get_key(vk), |
144 | 0 | crypt_volume_key_length(vk), false); |
145 | |
|
146 | 0 | if (r) |
147 | 0 | log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).", |
148 | 0 | cipher, cipher_mode, r); |
149 | | |
150 | | /* Fallback to old temporary dmcrypt device */ |
151 | 0 | if (r == -ENOTSUP || r == -ENOENT) |
152 | 0 | return LUKS_endec_template(src, srcLength, cipher, cipher_mode, |
153 | 0 | vk, sector, write_blockwise, O_RDWR, ctx); |
154 | | |
155 | 0 | if (r) { |
156 | 0 | _error_hint(ctx, device_path(device), cipher, cipher_mode, |
157 | 0 | crypt_volume_key_length(vk) * 8); |
158 | 0 | return r; |
159 | 0 | } |
160 | | |
161 | 0 | log_dbg(ctx, "Using userspace crypto wrapper to access keyslot area."); |
162 | |
|
163 | 0 | r = crypt_storage_encrypt(s, 0, srcLength, src); |
164 | 0 | crypt_storage_destroy(s); |
165 | |
|
166 | 0 | if (r) |
167 | 0 | return r; |
168 | | |
169 | 0 | r = -EIO; |
170 | | |
171 | | /* Write buffer to device */ |
172 | 0 | if (device_is_locked(device)) |
173 | 0 | devfd = device_open_locked(ctx, device, O_RDWR); |
174 | 0 | else |
175 | 0 | devfd = device_open(ctx, device, O_RDWR); |
176 | 0 | if (devfd < 0) |
177 | 0 | goto out; |
178 | | |
179 | 0 | if (write_lseek_blockwise(devfd, device_block_size(ctx, device), |
180 | 0 | device_alignment(device), src, srcLength, |
181 | 0 | sector * SECTOR_SIZE) < 0) |
182 | 0 | goto out; |
183 | | |
184 | 0 | r = 0; |
185 | 0 | out: |
186 | 0 | device_sync(ctx, device); |
187 | 0 | if (r) |
188 | 0 | log_err(ctx, _("IO error while encrypting keyslot.")); |
189 | |
|
190 | 0 | return r; |
191 | 0 | } |
192 | | |
193 | | int LUKS_decrypt_from_storage(char *dst, size_t dstLength, |
194 | | const char *cipher, |
195 | | const char *cipher_mode, |
196 | | struct volume_key *vk, |
197 | | unsigned int sector, |
198 | | struct crypt_device *ctx) |
199 | 0 | { |
200 | 0 | struct device *device = crypt_metadata_device(ctx); |
201 | 0 | struct crypt_storage *s; |
202 | 0 | struct stat st; |
203 | 0 | int devfd, r = 0; |
204 | | |
205 | | /* Only whole sector reads supported */ |
206 | 0 | if (MISALIGNED_512(dstLength)) |
207 | 0 | return -EINVAL; |
208 | | |
209 | 0 | r = crypt_storage_init(&s, SECTOR_SIZE, cipher, cipher_mode, crypt_volume_key_get_key(vk), |
210 | 0 | crypt_volume_key_length(vk), false); |
211 | |
|
212 | 0 | if (r) |
213 | 0 | log_dbg(ctx, "Userspace crypto wrapper cannot use %s-%s (%d).", |
214 | 0 | cipher, cipher_mode, r); |
215 | | |
216 | | /* Fallback to old temporary dmcrypt device */ |
217 | 0 | if (r == -ENOTSUP || r == -ENOENT) |
218 | 0 | return LUKS_endec_template(dst, dstLength, cipher, cipher_mode, |
219 | 0 | vk, sector, read_blockwise, O_RDONLY, ctx); |
220 | | |
221 | 0 | if (r) { |
222 | 0 | _error_hint(ctx, device_path(device), cipher, cipher_mode, |
223 | 0 | crypt_volume_key_length(vk) * 8); |
224 | 0 | return r; |
225 | 0 | } |
226 | | |
227 | 0 | log_dbg(ctx, "Using userspace crypto wrapper to access keyslot area."); |
228 | | |
229 | | /* Read buffer from device */ |
230 | 0 | if (device_is_locked(device)) |
231 | 0 | devfd = device_open_locked(ctx, device, O_RDONLY); |
232 | 0 | else |
233 | 0 | devfd = device_open(ctx, device, O_RDONLY); |
234 | 0 | if (devfd < 0) { |
235 | 0 | log_err(ctx, _("Cannot open device %s."), device_path(device)); |
236 | 0 | crypt_storage_destroy(s); |
237 | 0 | return -EIO; |
238 | 0 | } |
239 | | |
240 | 0 | if (read_lseek_blockwise(devfd, device_block_size(ctx, device), |
241 | 0 | device_alignment(device), dst, dstLength, |
242 | 0 | sector * SECTOR_SIZE) < 0) { |
243 | 0 | if (!fstat(devfd, &st) && (st.st_size < (off_t)dstLength)) |
244 | 0 | log_err(ctx, _("Device %s is too small."), device_path(device)); |
245 | 0 | else |
246 | 0 | log_err(ctx, _("IO error while decrypting keyslot.")); |
247 | |
|
248 | 0 | crypt_storage_destroy(s); |
249 | 0 | return -EIO; |
250 | 0 | } |
251 | | |
252 | | /* Decrypt buffer */ |
253 | 0 | r = crypt_storage_decrypt(s, 0, dstLength, dst); |
254 | 0 | crypt_storage_destroy(s); |
255 | |
|
256 | 0 | return r; |
257 | 0 | } |