* [PATCH v4 1/3] block: sed-opal: SED Opal keystore
2022-08-19 22:31 [PATCH v4 0/3] generic and PowerPC SED Opal keystore gjoyce
@ 2022-08-19 22:31 ` gjoyce
2022-10-07 18:23 ` Jonathan Derrick
2022-08-19 22:31 ` [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support gjoyce
2022-08-19 22:31 ` [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys gjoyce
2 siblings, 1 reply; 10+ messages in thread
From: gjoyce @ 2022-08-19 22:31 UTC (permalink / raw)
To: linux-block
Cc: linuxppc-dev, jonathan.derrick, brking, msuchanek, mpe, nayna,
axboe, akpm, gjoyce, linux-efi, keyrings, dhowells, jarkko
From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
Add read and write functions that allow SED Opal keys to stored
in a permanent keystore.
Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
---
block/Makefile | 2 +-
block/sed-opal-key.c | 23 +++++++++++++++++++++++
include/linux/sed-opal-key.h | 15 +++++++++++++++
3 files changed, 39 insertions(+), 1 deletion(-)
create mode 100644 block/sed-opal-key.c
create mode 100644 include/linux/sed-opal-key.h
diff --git a/block/Makefile b/block/Makefile
index 4e01bb71ad6e..464a9f209552 100644
--- a/block/Makefile
+++ b/block/Makefile
@@ -35,7 +35,7 @@ obj-$(CONFIG_BLK_DEV_ZONED) += blk-zoned.o
obj-$(CONFIG_BLK_WBT) += blk-wbt.o
obj-$(CONFIG_BLK_DEBUG_FS) += blk-mq-debugfs.o
obj-$(CONFIG_BLK_DEBUG_FS_ZONED)+= blk-mq-debugfs-zoned.o
-obj-$(CONFIG_BLK_SED_OPAL) += sed-opal.o
+obj-$(CONFIG_BLK_SED_OPAL) += sed-opal.o sed-opal-key.o
obj-$(CONFIG_BLK_PM) += blk-pm.o
obj-$(CONFIG_BLK_INLINE_ENCRYPTION) += blk-crypto.o blk-crypto-profile.o \
blk-crypto-sysfs.o
diff --git a/block/sed-opal-key.c b/block/sed-opal-key.c
new file mode 100644
index 000000000000..32ef988cd53b
--- /dev/null
+++ b/block/sed-opal-key.c
@@ -0,0 +1,23 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * SED key operations.
+ *
+ * Copyright (C) 2022 IBM Corporation
+ *
+ * These are the accessor functions (read/write) for SED Opal
+ * keys. Specific keystores can provide overrides.
+ *
+ */
+
+#include <linux/kernel.h>
+#include <linux/sed-opal-key.h>
+
+int __weak sed_read_key(char *keyname, char *key, u_int *keylen)
+{
+ return -EOPNOTSUPP;
+}
+
+int __weak sed_write_key(char *keyname, char *key, u_int keylen)
+{
+ return -EOPNOTSUPP;
+}
diff --git a/include/linux/sed-opal-key.h b/include/linux/sed-opal-key.h
new file mode 100644
index 000000000000..c9b1447986d8
--- /dev/null
+++ b/include/linux/sed-opal-key.h
@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * SED key operations.
+ *
+ * Copyright (C) 2022 IBM Corporation
+ *
+ * These are the accessor functions (read/write) for SED Opal
+ * keys. Specific keystores can provide overrides.
+ *
+ */
+
+#include <linux/kernel.h>
+
+int sed_read_key(char *keyname, char *key, u_int *keylen);
+int sed_write_key(char *keyname, char *key, u_int keylen);
--
gjoyce@linux.vnet.ibm.com
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH v4 1/3] block: sed-opal: SED Opal keystore
2022-08-19 22:31 ` [PATCH v4 1/3] block: sed-opal: " gjoyce
@ 2022-10-07 18:23 ` Jonathan Derrick
0 siblings, 0 replies; 10+ messages in thread
From: Jonathan Derrick @ 2022-10-07 18:23 UTC (permalink / raw)
To: gjoyce, linux-block
Cc: linuxppc-dev, brking, msuchanek, mpe, nayna, axboe, akpm,
linux-efi, keyrings, dhowells, jarkko
Reviewed-by: Jonathan Derrick <jonathan.derrick@linux.dev>
On 8/19/2022 4:31 PM, gjoyce@linux.vnet.ibm.com wrote:
> From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
>
> Add read and write functions that allow SED Opal keys to stored
> in a permanent keystore.
>
> Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
> ---
> block/Makefile | 2 +-
> block/sed-opal-key.c | 23 +++++++++++++++++++++++
> include/linux/sed-opal-key.h | 15 +++++++++++++++
> 3 files changed, 39 insertions(+), 1 deletion(-)
> create mode 100644 block/sed-opal-key.c
> create mode 100644 include/linux/sed-opal-key.h
>
> diff --git a/block/Makefile b/block/Makefile
> index 4e01bb71ad6e..464a9f209552 100644
> --- a/block/Makefile
> +++ b/block/Makefile
> @@ -35,7 +35,7 @@ obj-$(CONFIG_BLK_DEV_ZONED) += blk-zoned.o
> obj-$(CONFIG_BLK_WBT) += blk-wbt.o
> obj-$(CONFIG_BLK_DEBUG_FS) += blk-mq-debugfs.o
> obj-$(CONFIG_BLK_DEBUG_FS_ZONED)+= blk-mq-debugfs-zoned.o
> -obj-$(CONFIG_BLK_SED_OPAL) += sed-opal.o
> +obj-$(CONFIG_BLK_SED_OPAL) += sed-opal.o sed-opal-key.o
> obj-$(CONFIG_BLK_PM) += blk-pm.o
> obj-$(CONFIG_BLK_INLINE_ENCRYPTION) += blk-crypto.o blk-crypto-profile.o \
> blk-crypto-sysfs.o
> diff --git a/block/sed-opal-key.c b/block/sed-opal-key.c
> new file mode 100644
> index 000000000000..32ef988cd53b
> --- /dev/null
> +++ b/block/sed-opal-key.c
> @@ -0,0 +1,23 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * SED key operations.
> + *
> + * Copyright (C) 2022 IBM Corporation
> + *
> + * These are the accessor functions (read/write) for SED Opal
> + * keys. Specific keystores can provide overrides.
> + *
> + */
> +
> +#include <linux/kernel.h>
> +#include <linux/sed-opal-key.h>
> +
> +int __weak sed_read_key(char *keyname, char *key, u_int *keylen)
> +{
> + return -EOPNOTSUPP;
> +}
> +
> +int __weak sed_write_key(char *keyname, char *key, u_int keylen)
> +{
> + return -EOPNOTSUPP;
> +}
> diff --git a/include/linux/sed-opal-key.h b/include/linux/sed-opal-key.h
> new file mode 100644
> index 000000000000..c9b1447986d8
> --- /dev/null
> +++ b/include/linux/sed-opal-key.h
> @@ -0,0 +1,15 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * SED key operations.
> + *
> + * Copyright (C) 2022 IBM Corporation
> + *
> + * These are the accessor functions (read/write) for SED Opal
> + * keys. Specific keystores can provide overrides.
> + *
> + */
> +
> +#include <linux/kernel.h>
> +
> +int sed_read_key(char *keyname, char *key, u_int *keylen);
> +int sed_write_key(char *keyname, char *key, u_int keylen);
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support
2022-08-19 22:31 [PATCH v4 0/3] generic and PowerPC SED Opal keystore gjoyce
2022-08-19 22:31 ` [PATCH v4 1/3] block: sed-opal: " gjoyce
@ 2022-08-19 22:31 ` gjoyce
2022-10-07 18:22 ` Jonathan Derrick
2022-10-07 19:09 ` Elliott, Robert (Servers)
2022-08-19 22:31 ` [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys gjoyce
2 siblings, 2 replies; 10+ messages in thread
From: gjoyce @ 2022-08-19 22:31 UTC (permalink / raw)
To: linux-block
Cc: linuxppc-dev, jonathan.derrick, brking, msuchanek, mpe, nayna,
axboe, akpm, gjoyce, linux-efi, keyrings, dhowells, jarkko
From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
Define operations for SED Opal to read/write keys
from POWER LPAR Platform KeyStore(PLPKS). This allows
for non-volatile storage of SED Opal keys.
Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
---
arch/powerpc/platforms/pseries/Makefile | 1 +
.../powerpc/platforms/pseries/plpks_sed_ops.c | 124 ++++++++++++++++++
2 files changed, 125 insertions(+)
create mode 100644 arch/powerpc/platforms/pseries/plpks_sed_ops.c
diff --git a/arch/powerpc/platforms/pseries/Makefile b/arch/powerpc/platforms/pseries/Makefile
index 14e143b946a3..b7fea9e48a58 100644
--- a/arch/powerpc/platforms/pseries/Makefile
+++ b/arch/powerpc/platforms/pseries/Makefile
@@ -29,6 +29,7 @@ obj-$(CONFIG_PPC_SPLPAR) += vphn.o
obj-$(CONFIG_PPC_SVM) += svm.o
obj-$(CONFIG_FA_DUMP) += rtas-fadump.o
obj-$(CONFIG_PSERIES_PLPKS) += plpks.o
+obj-$(CONFIG_PSERIES_PLPKS) += plpks_sed_ops.o
obj-$(CONFIG_SUSPEND) += suspend.o
obj-$(CONFIG_PPC_VAS) += vas.o vas-sysfs.o
diff --git a/arch/powerpc/platforms/pseries/plpks_sed_ops.c b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
new file mode 100644
index 000000000000..833226738448
--- /dev/null
+++ b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
@@ -0,0 +1,124 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * POWER Platform specific code for non-volatile SED key access
+ * Copyright (C) 2022 IBM Corporation
+ *
+ * Define operations for SED Opal to read/write keys
+ * from POWER LPAR Platform KeyStore(PLPKS).
+ *
+ * Self Encrypting Drives(SED) key storage using PLPKS
+ */
+
+#include <linux/kernel.h>
+#include <linux/slab.h>
+#include <linux/string.h>
+#include <linux/ioctl.h>
+#include <linux/sed-opal-key.h>
+#include "plpks.h"
+
+/*
+ * structure that contains all SED data
+ */
+struct plpks_sed_object_data {
+ u_char version;
+ u_char pad1[7];
+ u_long authority;
+ u_long range;
+ u_int key_len;
+ u_char key[32];
+};
+
+#define PLPKS_PLATVAR_POLICY WORLDREADABLE
+#define PLPKS_PLATVAR_OS_COMMON 4
+
+#define PLPKS_SED_OBJECT_DATA_V0 0
+#define PLPKS_SED_MANGLED_LABEL "/default/pri"
+#define PLPKS_SED_COMPONENT "sed-opal"
+#define PLPKS_SED_KEY "opal-boot-pin"
+
+/*
+ * authority is admin1 and range is global
+ */
+#define PLPKS_SED_AUTHORITY 0x0000000900010001
+#define PLPKS_SED_RANGE 0x0000080200000001
+
+void plpks_init_var(struct plpks_var *var, char *keyname)
+{
+ var->name = keyname;
+ var->namelen = strlen(keyname);
+ if (strcmp(PLPKS_SED_KEY, keyname) == 0) {
+ var->name = PLPKS_SED_MANGLED_LABEL;
+ var->namelen = strlen(keyname);
+ }
+ var->policy = PLPKS_PLATVAR_POLICY;
+ var->os = PLPKS_PLATVAR_OS_COMMON;
+ var->data = NULL;
+ var->datalen = 0;
+ var->component = PLPKS_SED_COMPONENT;
+}
+
+/*
+ * Read the SED Opal key from PLPKS given the label
+ */
+int sed_read_key(char *keyname, char *key, u_int *keylen)
+{
+ struct plpks_var var;
+ struct plpks_sed_object_data *data;
+ u_int offset = 0;
+ int ret;
+
+ plpks_init_var(&var, keyname);
+
+ offset = offsetof(struct plpks_sed_object_data, key);
+
+ ret = plpks_read_os_var(&var);
+ if (ret != 0)
+ return ret;
+
+ if (offset > var.datalen)
+ offset = 0;
+
+ data = (struct plpks_sed_object_data *)var.data;
+ *keylen = be32_to_cpu(data->key_len);
+
+ if (var.data) {
+ memcpy(key, var.data + offset, var.datalen - offset);
+ key[*keylen] = '\0';
+ kfree(var.data);
+ }
+
+ return 0;
+}
+
+/*
+ * Write the SED Opal key to PLPKS given the label
+ */
+int sed_write_key(char *keyname, char *key, u_int keylen)
+{
+ struct plpks_var var;
+ struct plpks_sed_object_data data;
+ struct plpks_var_name vname;
+
+ plpks_init_var(&var, keyname);
+
+ var.datalen = sizeof(struct plpks_sed_object_data);
+ var.data = (u8 *)&data;
+
+ /* initialize SED object */
+ data.version = PLPKS_SED_OBJECT_DATA_V0;
+ data.authority = cpu_to_be64(PLPKS_SED_AUTHORITY);
+ data.range = cpu_to_be64(PLPKS_SED_RANGE);
+ memset(&data.pad1, '\0', sizeof(data.pad1));
+ data.key_len = cpu_to_be32(keylen);
+ memcpy(data.key, (char *)key, keylen);
+
+ /*
+ * Key update requires remove first. The return value
+ * is ignored since it's okay if the key doesn't exist.
+ */
+ vname.namelen = var.namelen;
+ vname.name = var.name;
+ plpks_remove_var(var.component, var.os, vname);
+
+ return plpks_write_var(var);
+}
--
gjoyce@linux.vnet.ibm.com
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support
2022-08-19 22:31 ` [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support gjoyce
@ 2022-10-07 18:22 ` Jonathan Derrick
2022-10-07 19:09 ` Elliott, Robert (Servers)
1 sibling, 0 replies; 10+ messages in thread
From: Jonathan Derrick @ 2022-10-07 18:22 UTC (permalink / raw)
To: gjoyce, linux-block
Cc: linuxppc-dev, brking, msuchanek, mpe, nayna, axboe, akpm,
linux-efi, keyrings, dhowells, jarkko
LGTM
Reviewed-by: Jonathan Derrick <jonathan.derrick@linux.dev>
On 8/19/2022 4:31 PM, gjoyce@linux.vnet.ibm.com wrote:
> From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
>
> Define operations for SED Opal to read/write keys
> from POWER LPAR Platform KeyStore(PLPKS). This allows
> for non-volatile storage of SED Opal keys.
>
> Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
> ---
> arch/powerpc/platforms/pseries/Makefile | 1 +
> .../powerpc/platforms/pseries/plpks_sed_ops.c | 124 ++++++++++++++++++
> 2 files changed, 125 insertions(+)
> create mode 100644 arch/powerpc/platforms/pseries/plpks_sed_ops.c
>
> diff --git a/arch/powerpc/platforms/pseries/Makefile b/arch/powerpc/platforms/pseries/Makefile
> index 14e143b946a3..b7fea9e48a58 100644
> --- a/arch/powerpc/platforms/pseries/Makefile
> +++ b/arch/powerpc/platforms/pseries/Makefile
> @@ -29,6 +29,7 @@ obj-$(CONFIG_PPC_SPLPAR) += vphn.o
> obj-$(CONFIG_PPC_SVM) += svm.o
> obj-$(CONFIG_FA_DUMP) += rtas-fadump.o
> obj-$(CONFIG_PSERIES_PLPKS) += plpks.o
> +obj-$(CONFIG_PSERIES_PLPKS) += plpks_sed_ops.o
>
> obj-$(CONFIG_SUSPEND) += suspend.o
> obj-$(CONFIG_PPC_VAS) += vas.o vas-sysfs.o
> diff --git a/arch/powerpc/platforms/pseries/plpks_sed_ops.c b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
> new file mode 100644
> index 000000000000..833226738448
> --- /dev/null
> +++ b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
> @@ -0,0 +1,124 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * POWER Platform specific code for non-volatile SED key access
> + * Copyright (C) 2022 IBM Corporation
> + *
> + * Define operations for SED Opal to read/write keys
> + * from POWER LPAR Platform KeyStore(PLPKS).
> + *
> + * Self Encrypting Drives(SED) key storage using PLPKS
> + */
> +
> +#include <linux/kernel.h>
> +#include <linux/slab.h>
> +#include <linux/string.h>
> +#include <linux/ioctl.h>
> +#include <linux/sed-opal-key.h>
> +#include "plpks.h"
> +
> +/*
> + * structure that contains all SED data
> + */
> +struct plpks_sed_object_data {
> + u_char version;
> + u_char pad1[7];
> + u_long authority;
> + u_long range;
> + u_int key_len;
> + u_char key[32];
> +};
> +
> +#define PLPKS_PLATVAR_POLICY WORLDREADABLE
> +#define PLPKS_PLATVAR_OS_COMMON 4
> +
> +#define PLPKS_SED_OBJECT_DATA_V0 0
> +#define PLPKS_SED_MANGLED_LABEL "/default/pri"
> +#define PLPKS_SED_COMPONENT "sed-opal"
> +#define PLPKS_SED_KEY "opal-boot-pin"
> +
> +/*
> + * authority is admin1 and range is global
> + */
> +#define PLPKS_SED_AUTHORITY 0x0000000900010001
> +#define PLPKS_SED_RANGE 0x0000080200000001
> +
> +void plpks_init_var(struct plpks_var *var, char *keyname)
> +{
> + var->name = keyname;
> + var->namelen = strlen(keyname);
> + if (strcmp(PLPKS_SED_KEY, keyname) == 0) {
> + var->name = PLPKS_SED_MANGLED_LABEL;
> + var->namelen = strlen(keyname);
> + }
> + var->policy = PLPKS_PLATVAR_POLICY;
> + var->os = PLPKS_PLATVAR_OS_COMMON;
> + var->data = NULL;
> + var->datalen = 0;
> + var->component = PLPKS_SED_COMPONENT;
> +}
> +
> +/*
> + * Read the SED Opal key from PLPKS given the label
> + */
> +int sed_read_key(char *keyname, char *key, u_int *keylen)
> +{
> + struct plpks_var var;
> + struct plpks_sed_object_data *data;
> + u_int offset = 0;
> + int ret;
> +
> + plpks_init_var(&var, keyname);
> +
> + offset = offsetof(struct plpks_sed_object_data, key);
> +
> + ret = plpks_read_os_var(&var);
> + if (ret != 0)
> + return ret;
> +
> + if (offset > var.datalen)
> + offset = 0;
> +
> + data = (struct plpks_sed_object_data *)var.data;
> + *keylen = be32_to_cpu(data->key_len);
> +
> + if (var.data) {
> + memcpy(key, var.data + offset, var.datalen - offset)> + key[*keylen] = '\0';
> + kfree(var.data);
> + }
> +
> + return 0;
> +}
> +
> +/*
> + * Write the SED Opal key to PLPKS given the label
> + */
> +int sed_write_key(char *keyname, char *key, u_int keylen)
> +{
> + struct plpks_var var;
> + struct plpks_sed_object_data data;
> + struct plpks_var_name vname;
> +
> + plpks_init_var(&var, keyname);
> +
> + var.datalen = sizeof(struct plpks_sed_object_data);
> + var.data = (u8 *)&data;
> +
> + /* initialize SED object */
> + data.version = PLPKS_SED_OBJECT_DATA_V0;
> + data.authority = cpu_to_be64(PLPKS_SED_AUTHORITY);
> + data.range = cpu_to_be64(PLPKS_SED_RANGE);
> + memset(&data.pad1, '\0', sizeof(data.pad1));
> + data.key_len = cpu_to_be32(keylen);
> + memcpy(data.key, (char *)key, keylen);
> +
> + /*
> + * Key update requires remove first. The return value
> + * is ignored since it's okay if the key doesn't exist.
> + */
> + vname.namelen = var.namelen;
> + vname.name = var.name;
> + plpks_remove_var(var.component, var.os, vname);
> +
> + return plpks_write_var(var);
> +}
^ permalink raw reply [flat|nested] 10+ messages in thread
* RE: [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support
2022-08-19 22:31 ` [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support gjoyce
2022-10-07 18:22 ` Jonathan Derrick
@ 2022-10-07 19:09 ` Elliott, Robert (Servers)
2022-11-16 23:44 ` Greg Joyce
1 sibling, 1 reply; 10+ messages in thread
From: Elliott, Robert (Servers) @ 2022-10-07 19:09 UTC (permalink / raw)
To: gjoyce, linux-block
Cc: linuxppc-dev, jonathan.derrick, brking, msuchanek, mpe, nayna,
axboe, akpm, linux-efi, keyrings, dhowells, jarkko
> -----Original Message-----
> From: gjoyce@linux.vnet.ibm.com <gjoyce@linux.vnet.ibm.com>
> Sent: Friday, August 19, 2022 5:32 PM
> To: linux-block@vger.kernel.org
> Cc: linuxppc-dev@lists.ozlabs.org; jonathan.derrick@linux.dev;
> brking@linux.vnet.ibm.com; msuchanek@suse.de; mpe@ellerman.id.au;
> nayna@linux.ibm.com; axboe@kernel.dk; akpm@linux-foundation.org;
> gjoyce@linux.vnet.ibm.com; linux-efi@vger.kernel.org;
> keyrings@vger.kernel.org; dhowells@redhat.com; jarkko@kernel.org
> Subject: [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support
>
> +++ b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
...
> +struct plpks_sed_object_data {
> + u_char version;
> + u_char pad1[7];
> + u_long authority;
> + u_long range;
> + u_int key_len;
> + u_char key[32];
> +};
...
> +/*
> + * Read the SED Opal key from PLPKS given the label
> + */
> +int sed_read_key(char *keyname, char *key, u_int *keylen)
> +{
...
> + *keylen = be32_to_cpu(data->key_len);
> +
> + if (var.data) {
> + memcpy(key, var.data + offset, var.datalen - offset);
> + key[*keylen] = '\0';
Is there a guarantee that key_len is always < sizeof key, or
does that need to be checked in more places?
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support
2022-10-07 19:09 ` Elliott, Robert (Servers)
@ 2022-11-16 23:44 ` Greg Joyce
0 siblings, 0 replies; 10+ messages in thread
From: Greg Joyce @ 2022-11-16 23:44 UTC (permalink / raw)
To: Elliott, Robert (Servers), linux-block
Cc: linuxppc-dev, jonathan.derrick, brking, msuchanek, mpe, nayna,
axboe, akpm, linux-efi, keyrings, dhowells, jarkko
On Fri, 2022-10-07 at 19:09 +0000, Elliott, Robert (Servers) wrote:
> > -----Original Message-----
> > From: gjoyce@linux.vnet.ibm.com <gjoyce@linux.vnet.ibm.com>
> > Sent: Friday, August 19, 2022 5:32 PM
> > To: linux-block@vger.kernel.org
> > Cc: linuxppc-dev@lists.ozlabs.org; jonathan.derrick@linux.dev;
> > brking@linux.vnet.ibm.com; msuchanek@suse.de; mpe@ellerman.id.au;
> > nayna@linux.ibm.com; axboe@kernel.dk; akpm@linux-foundation.org;
> > gjoyce@linux.vnet.ibm.com; linux-efi@vger.kernel.org;
> > keyrings@vger.kernel.org; dhowells@redhat.com; jarkko@kernel.org
> > Subject: [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore
> > support
> >
> > +++ b/arch/powerpc/platforms/pseries/plpks_sed_ops.c
> ...
> > +struct plpks_sed_object_data {
> > + u_char version;
> > + u_char pad1[7];
> > + u_long authority;
> > + u_long range;
> > + u_int key_len;
> > + u_char key[32];
> > +};
> ...
> > +/*
> > + * Read the SED Opal key from PLPKS given the label
> > + */
> > +int sed_read_key(char *keyname, char *key, u_int *keylen)
> > +{
> ...
> > + *keylen = be32_to_cpu(data->key_len);
> > +
> > + if (var.data) {
> > + memcpy(key, var.data + offset, var.datalen - offset);
> > + key[*keylen] = '\0';
>
> Is there a guarantee that key_len is always < sizeof key, or
> does that need to be checked in more places?
Changed keylen paramter to be the maximum size that it copied. This
will help avoid buffer overwrite.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys
2022-08-19 22:31 [PATCH v4 0/3] generic and PowerPC SED Opal keystore gjoyce
2022-08-19 22:31 ` [PATCH v4 1/3] block: sed-opal: " gjoyce
2022-08-19 22:31 ` [PATCH v4 2/3] powerpc/pseries: PLPKS SED Opal keystore support gjoyce
@ 2022-08-19 22:31 ` gjoyce
2022-10-07 18:21 ` Jonathan Derrick
2 siblings, 1 reply; 10+ messages in thread
From: gjoyce @ 2022-08-19 22:31 UTC (permalink / raw)
To: linux-block
Cc: linuxppc-dev, jonathan.derrick, brking, msuchanek, mpe, nayna,
axboe, akpm, gjoyce, linux-efi, keyrings, dhowells, jarkko
From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
Allow for permanent SED authentication keys by
reading/writing to the SED Opal non-volatile keystore.
Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
---
block/sed-opal.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/block/sed-opal.c b/block/sed-opal.c
index 3bdb31cf3e7c..11b0eb3a656b 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -18,6 +18,7 @@
#include <linux/uaccess.h>
#include <uapi/linux/sed-opal.h>
#include <linux/sed-opal.h>
+#include <linux/sed-opal-key.h>
#include <linux/string.h>
#include <linux/kdev_t.h>
#include <linux/key.h>
@@ -2697,7 +2698,13 @@ static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
if (ret)
return ret;
- /* update keyring with new password */
+ /* update keyring and arch var with new password */
+ ret = sed_write_key(OPAL_AUTH_KEY,
+ opal_pw->new_user_pw.opal_key.key,
+ opal_pw->new_user_pw.opal_key.key_len);
+ if (ret != -EOPNOTSUPP)
+ pr_warn("error updating SED key: %d\n", ret);
+
ret = update_sed_opal_key(OPAL_AUTH_KEY,
opal_pw->new_user_pw.opal_key.key,
opal_pw->new_user_pw.opal_key.key_len);
@@ -2920,6 +2927,8 @@ EXPORT_SYMBOL_GPL(sed_ioctl);
static int __init sed_opal_init(void)
{
struct key *kr;
+ char init_sed_key[OPAL_KEY_MAX];
+ int keylen = OPAL_KEY_MAX;
kr = keyring_alloc(".sed_opal",
GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, current_cred(),
@@ -2932,6 +2941,11 @@ static int __init sed_opal_init(void)
sed_opal_keyring = kr;
- return 0;
+ if (sed_read_key(OPAL_AUTH_KEY, init_sed_key, &keylen) < 0) {
+ memset(init_sed_key, '\0', sizeof(init_sed_key));
+ keylen = OPAL_KEY_MAX;
+ }
+
+ return update_sed_opal_key(OPAL_AUTH_KEY, init_sed_key, keylen);
}
late_initcall(sed_opal_init);
--
gjoyce@linux.vnet.ibm.com
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys
2022-08-19 22:31 ` [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys gjoyce
@ 2022-10-07 18:21 ` Jonathan Derrick
2022-11-16 23:16 ` Greg Joyce
0 siblings, 1 reply; 10+ messages in thread
From: Jonathan Derrick @ 2022-10-07 18:21 UTC (permalink / raw)
To: gjoyce, linux-block
Cc: linuxppc-dev, brking, msuchanek, mpe, nayna, axboe, akpm,
linux-efi, keyrings, dhowells, jarkko
LGTM besides comment below
Reviewed-by: Jonathan Derrick <jonathan.derrick@linux.dev>
On 8/19/2022 4:31 PM, gjoyce@linux.vnet.ibm.com wrote:
> From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
>
> Allow for permanent SED authentication keys by
> reading/writing to the SED Opal non-volatile keystore.
>
> Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
> ---
> block/sed-opal.c | 18 ++++++++++++++++--
> 1 file changed, 16 insertions(+), 2 deletions(-)
>
> diff --git a/block/sed-opal.c b/block/sed-opal.c
> index 3bdb31cf3e7c..11b0eb3a656b 100644
> --- a/block/sed-opal.c
> +++ b/block/sed-opal.c
> @@ -18,6 +18,7 @@
> #include <linux/uaccess.h>
> #include <uapi/linux/sed-opal.h>
> #include <linux/sed-opal.h>
> +#include <linux/sed-opal-key.h>
> #include <linux/string.h>
> #include <linux/kdev_t.h>
> #include <linux/key.h>
> @@ -2697,7 +2698,13 @@ static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
> if (ret)
> return ret;
>
> - /* update keyring with new password */
> + /* update keyring and arch var with new password */
> + ret = sed_write_key(OPAL_AUTH_KEY,
> + opal_pw->new_user_pw.opal_key.key,
> + opal_pw->new_user_pw.opal_key.key_len);
> + if (ret != -EOPNOTSUPP)
> + pr_warn("error updating SED key: %d\n", ret);
I cant see any reason this would fail and make the keys inconsistent, but it seems
like update_sed_opal_key() should be dependent on sed_write_key() succeeding
> +
> ret = update_sed_opal_key(OPAL_AUTH_KEY,
> opal_pw->new_user_pw.opal_key.key,
> opal_pw->new_user_pw.opal_key.key_len);
> @@ -2920,6 +2927,8 @@ EXPORT_SYMBOL_GPL(sed_ioctl);
> static int __init sed_opal_init(void)
> {
> struct key *kr;
> + char init_sed_key[OPAL_KEY_MAX];
> + int keylen = OPAL_KEY_MAX;
>
> kr = keyring_alloc(".sed_opal",
> GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, current_cred(),
> @@ -2932,6 +2941,11 @@ static int __init sed_opal_init(void)
>
> sed_opal_keyring = kr;
>
> - return 0;
> + if (sed_read_key(OPAL_AUTH_KEY, init_sed_key, &keylen) < 0) {
> + memset(init_sed_key, '\0', sizeof(init_sed_key));
> + keylen = OPAL_KEY_MAX;
> + }
> +
> + return update_sed_opal_key(OPAL_AUTH_KEY, init_sed_key, keylen);
> }
> late_initcall(sed_opal_init);
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v4 3/3] block: sed-opal: keystore access for SED Opal keys
2022-10-07 18:21 ` Jonathan Derrick
@ 2022-11-16 23:16 ` Greg Joyce
0 siblings, 0 replies; 10+ messages in thread
From: Greg Joyce @ 2022-11-16 23:16 UTC (permalink / raw)
To: Jonathan Derrick, linux-block
Cc: linuxppc-dev, brking, msuchanek, mpe, nayna, axboe, akpm,
linux-efi, keyrings, dhowells, jarkko
On Fri, 2022-10-07 at 12:21 -0600, Jonathan Derrick wrote:
> LGTM besides comment below
>
> Reviewed-by: Jonathan Derrick <jonathan.derrick@linux.dev>
>
> On 8/19/2022 4:31 PM, gjoyce@linux.vnet.ibm.com wrote:
> > From: Greg Joyce <gjoyce@linux.vnet.ibm.com>
> >
> > Allow for permanent SED authentication keys by
> > reading/writing to the SED Opal non-volatile keystore.
> >
> > Signed-off-by: Greg Joyce <gjoyce@linux.vnet.ibm.com>
> > ---
> > block/sed-opal.c | 18 ++++++++++++++++--
> > 1 file changed, 16 insertions(+), 2 deletions(-)
> >
> > diff --git a/block/sed-opal.c b/block/sed-opal.c
> > index 3bdb31cf3e7c..11b0eb3a656b 100644
> > --- a/block/sed-opal.c
> > +++ b/block/sed-opal.c
> > @@ -18,6 +18,7 @@
> > #include <linux/uaccess.h>
> > #include <uapi/linux/sed-opal.h>
> > #include <linux/sed-opal.h>
> > +#include <linux/sed-opal-key.h>
> > #include <linux/string.h>
> > #include <linux/kdev_t.h>
> > #include <linux/key.h>
> > @@ -2697,7 +2698,13 @@ static int opal_set_new_pw(struct opal_dev
> > *dev, struct opal_new_pw *opal_pw)
> > if (ret)
> > return ret;
> >
> > - /* update keyring with new password */
> > + /* update keyring and arch var with new password */
> > + ret = sed_write_key(OPAL_AUTH_KEY,
> > + opal_pw->new_user_pw.opal_key.key,
> > + opal_pw->new_user_pw.opal_key.key_len);
> > + if (ret != -EOPNOTSUPP)
> > + pr_warn("error updating SED key: %d\n", ret);
> I cant see any reason this would fail and make the keys inconsistent,
> but it seems
> like update_sed_opal_key() should be dependent on sed_write_key()
> succeeding
The thought was that since the key was already updated on the SED
drive, there should be an attempt to update it in the key store
even in the unlikely event the keyring update failed.
>
> > +
> > ret = update_sed_opal_key(OPAL_AUTH_KEY,
> > opal_pw->new_user_pw.opal_key.key,
> > opal_pw-
> > >new_user_pw.opal_key.key_len);
> > @@ -2920,6 +2927,8 @@ EXPORT_SYMBOL_GPL(sed_ioctl);
> > static int __init sed_opal_init(void)
> > {
> > struct key *kr;
> > + char init_sed_key[OPAL_KEY_MAX];
> > + int keylen = OPAL_KEY_MAX;
> >
> > kr = keyring_alloc(".sed_opal",
> > GLOBAL_ROOT_UID, GLOBAL_ROOT_GID,
> > current_cred(),
> > @@ -2932,6 +2941,11 @@ static int __init sed_opal_init(void)
> >
> > sed_opal_keyring = kr;
> >
> > - return 0;
> > + if (sed_read_key(OPAL_AUTH_KEY, init_sed_key, &keylen) < 0) {
> > + memset(init_sed_key, '\0', sizeof(init_sed_key));
> > + keylen = OPAL_KEY_MAX;
> > + }
> > +
> > + return update_sed_opal_key(OPAL_AUTH_KEY, init_sed_key,
> > keylen);
> > }
> > late_initcall(sed_opal_init);
^ permalink raw reply [flat|nested] 10+ messages in thread