Home » Mailing list archives » linux-kernel » 2010 » December » 28

[RFC][PATCH v2 0/6] eCryptfs: added support for the encrypted key type

Previous thread: Patch[2/2]:hwmon:Adding_Threshold_Support_to_Coretemp.c by R, Durgadoss on Tuesday, December 28, 2010 - 3:26 am. (2 messages)

Next thread: [PATCHSET REPOST] x86: unify x86_32 and 64 NUMA init paths, take#3 by Tejun Heo on Tuesday, December 28, 2010 - 4:48 am. (30 messages)
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 0/6] eCryptfs: added support for the encrypted key type
Date: Tuesday, December 28, 2010 - 3:48 am

This patch set adds support for the 'encrypted' key type in the eCryptfs
filesystem.

Changelog from version v1:
- added title and fixed text formatting in Documentation/keys-ecryptfs.txt;
- using isxdigit() in the function valid_ecryptfs_desc().

Roberto Sassu


Roberto Sassu (6):
  encrypted-keys: fixed valid_master_desc() function description
  encrypted-keys: added additional debug messages
  encrypted-keys: add key format support
  eCryptfs: export global eCryptfs definitions to
    include/linux/ecryptfs.h
  encrypted-keys: add ecryptfs format support
  eCryptfs: added support for the encrypted key type

 Documentation/keys-ecryptfs.txt          |   68 +++++++++
 Documentation/keys-trusted-encrypted.txt |   52 ++++---
 fs/ecryptfs/ecryptfs_kernel.h            |  120 ++--------------
 fs/ecryptfs/keystore.c                   |   15 ++-
 include/keys/encrypted-type.h            |   13 ++-
 include/linux/ecryptfs.h                 |  113 ++++++++++++++
 security/keys/Makefile                   |    2 +-
 security/keys/encrypted_defined.c        |  242 ++++++++++++++++++++++++------
 security/keys/keys_ecryptfs.c            |   81 ++++++++++
 security/keys/keys_ecryptfs.h            |   30 ++++
 10 files changed, 551 insertions(+), 185 deletions(-)
 create mode 100644 Documentation/keys-ecryptfs.txt
 create mode 100644 include/linux/ecryptfs.h
 create mode 100644 security/keys/keys_ecryptfs.c
 create mode 100644 security/keys/keys_ecryptfs.h

-- 
1.7.2.3


[ message continues ]
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 1/6] encrypted-keys: fixed valid_master_desc() function description
Date: Tuesday, December 28, 2010 - 3:48 am

Valid key type prefixes for the parameter 'key-type' are: 'trusted' and
'user'.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
 security/keys/encrypted_defined.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index 32d27c8..c1c5e27 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -84,7 +84,7 @@ static int aes_get_sizes(void)
 /*
  * valid_master_desc - verify the 'key-type:desc' of a new/updated master-key
  *
- * key-type:= "trusted:" | "encrypted:"
+ * key-type:= "trusted:" | "user:"
  * desc:= master-key description
  *
  * Verify that 'key-type' is valid and that 'desc' exists. On key update,
-- 
1.7.2.3


[ message continues ]
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 2/6] encrypted-keys: added additional debug messages
Date: Tuesday, December 28, 2010 - 3:48 am

Some debug messages have been added in the function datablob_parse() in
order to better identify errors returned when dealing with 'encrypted'
keys.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
 security/keys/encrypted_defined.c |   44 +++++++++++++++++++++++++++---------
 1 files changed, 33 insertions(+), 11 deletions(-)

diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index c1c5e27..0f3c159 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -133,46 +133,68 @@ static int datablob_parse(char *datablob, char **master_desc,
 	substring_t args[MAX_OPT_ARGS];
 	int ret = -EINVAL;
 	int key_cmd;
-	char *p;
+	char *keyword;
 
-	p = strsep(&datablob, " \t");
-	if (!p)
+	keyword = strsep(&datablob, " \t");
+	if (!keyword) {
+		pr_err("encrypted_key: insufficient parameters specified\n");
 		return ret;
-	key_cmd = match_token(p, key_tokens, args);
+	}
+	key_cmd = match_token(keyword, key_tokens, args);
 
 	*master_desc = strsep(&datablob, " \t");
-	if (!*master_desc)
+	if (!*master_desc) {
+		pr_err("encrypted_key: master key parameter is missing\n");
 		goto out;
+	}
 
-	if (valid_master_desc(*master_desc, NULL) < 0)
+	if (valid_master_desc(*master_desc, NULL) < 0) {
+		pr_err("encrypted_key: master key parameter \'%s\' "
+		       "is invalid\n", *master_desc);
 		goto out;
+	}
 
 	if (decrypted_datalen) {
 		*decrypted_datalen = strsep(&datablob, " \t");
-		if (!*decrypted_datalen)
+		if (!*decrypted_datalen) {
+			pr_err("encrypted_key: keylen parameter is missing\n");
 			goto out;
+		}
 	}
 
 	switch (key_cmd) {
 	case Opt_new:
-		if (!decrypted_datalen)
+		if (!decrypted_datalen) {
+			pr_err("encrypted_key: keyword \'%s\' not allowed when "
+			       "updating an existent key\n", keyword);
 			break;
+		}
 		ret = 0;
 		break;
 	case Opt_load:
-		if (!decrypted_datalen)
+		if (!decrypted_datalen) {
+			pr_err("encrypted_key: keyword \'%s\' not allowed ...
[ message continues ]
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 3/6] encrypted-keys: add key format support
Date: Tuesday, December 28, 2010 - 3:48 am

This patch introduces a new parameter, called 'format', that defines the
format of data stored by encrypted keys. The 'default' format identifies
encrypted keys containing only the symmetric key, while other formats can
be defined to support additional information. The 'format' parameter is
written in the datablob produced by commands 'keyctl print' or
'keyctl pipe' and is integrity protected by the HMAC.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
 Documentation/keys-trusted-encrypted.txt |   48 +++++++----
 include/keys/encrypted-type.h            |   13 +++-
 security/keys/encrypted_defined.c        |  141 +++++++++++++++++++++---------
 3 files changed, 142 insertions(+), 60 deletions(-)

diff --git a/Documentation/keys-trusted-encrypted.txt b/Documentation/keys-trusted-encrypted.txt
index 8fb79bc..0afcb50 100644
--- a/Documentation/keys-trusted-encrypted.txt
+++ b/Documentation/keys-trusted-encrypted.txt
@@ -53,12 +53,19 @@ they are only as secure as the user key encrypting them.  The master user key
 should therefore be loaded in as secure a way as possible, preferably early in
 boot.
 
+The decrypted portion of encrypted keys can contain either a simple symmetric
+key or a more complex structure. The format of the more complex structure is
+application specific, which is identified by 'format'.
+
 Usage:
-  keyctl add encrypted name "new key-type:master-key-name keylen" ring
-  keyctl add encrypted name "load hex_blob" ring
-  keyctl update keyid "update key-type:master-key-name"
+    keyctl add encrypted name "new [format] key-type:master-key-name keylen"
+        ring
+    keyctl add encrypted name "load hex_blob" ring
+    keyctl update keyid "update key-type:master-key-name"
+
+format:= 'default'
+key-type:= 'trusted' | 'user'
 
-where 'key-type' is either 'trusted' or 'user'.
 
 Examples of trusted and encrypted key usage:
 
@@ -114,15 +121,25 @@ Reseal a trusted key under new pcr values:
     ...
[ message continues ]
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 4/6] eCryptfs: export global eCryptfs definitions to include/linux/ecryptfs.h
Date: Tuesday, December 28, 2010 - 3:48 am

Some eCryptfs specific definitions, such as the current version and the
authentication token structure, are moved to the new include file
'include/linux/ecryptfs.h', in order to be available for all kernel
subsystems.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
 fs/ecryptfs/ecryptfs_kernel.h |  109 +---------------------------------------
 include/linux/ecryptfs.h      |  113 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 114 insertions(+), 108 deletions(-)
 create mode 100644 include/linux/ecryptfs.h

diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 0032a9f..a27cad4 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -36,125 +36,18 @@
 #include <linux/hash.h>
 #include <linux/nsproxy.h>
 #include <linux/backing-dev.h>
+#include <linux/ecryptfs.h>
 
-/* Version verification for shared data structures w/ userspace */
-#define ECRYPTFS_VERSION_MAJOR 0x00
-#define ECRYPTFS_VERSION_MINOR 0x04
-#define ECRYPTFS_SUPPORTED_FILE_VERSION 0x03
-/* These flags indicate which features are supported by the kernel
- * module; userspace tools such as the mount helper read
- * ECRYPTFS_VERSIONING_MASK from a sysfs handle in order to determine
- * how to behave. */
-#define ECRYPTFS_VERSIONING_PASSPHRASE            0x00000001
-#define ECRYPTFS_VERSIONING_PUBKEY                0x00000002
-#define ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH 0x00000004
-#define ECRYPTFS_VERSIONING_POLICY                0x00000008
-#define ECRYPTFS_VERSIONING_XATTR                 0x00000010
-#define ECRYPTFS_VERSIONING_MULTKEY               0x00000020
-#define ECRYPTFS_VERSIONING_DEVMISC               0x00000040
-#define ECRYPTFS_VERSIONING_HMAC                  0x00000080
-#define ECRYPTFS_VERSIONING_FILENAME_ENCRYPTION   0x00000100
-#define ECRYPTFS_VERSIONING_GCM                   0x00000200
-#define ECRYPTFS_VERSIONING_MASK (ECRYPTFS_VERSIONING_PASSPHRASE \
-				  | ECRYPTFS_VERSIONING_PLAINTEXT_PASSTHROUGH ...
[ message continues ]
[view original message]
From: Roberto Sassu
Subject: [RFC][PATCH v2 5/6] encrypted-keys: add ecryptfs format support
Date: Tuesday, December 28, 2010 - 3:48 am

The 'encrypted' key type defines its own payload format which contains a
symmetric key randomly generated that cannot be used directly to mount
an eCryptfs filesystem, because it expects an authentication token
structure.

This patch introduces the new format 'ecryptfs' that allows to store an
authentication token structure inside the encrypted key payload containing
a randomly generated symmetric key, as the same for the format 'default'.

More details about the usage of encrypted keys with the eCryptfs
filesystem can be found in the file 'Documentation/keys-ecryptfs.txt'.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
---
 Documentation/keys-ecryptfs.txt          |   68 +++++++++++++++++++++++++
 Documentation/keys-trusted-encrypted.txt |    6 ++-
 security/keys/Makefile                   |    2 +-
 security/keys/encrypted_defined.c        |   75 +++++++++++++++++++++++++---
 security/keys/keys_ecryptfs.c            |   81 ++++++++++++++++++++++++++++++
 security/keys/keys_ecryptfs.h            |   30 +++++++++++
 6 files changed, 252 insertions(+), 10 deletions(-)
 create mode 100644 Documentation/keys-ecryptfs.txt
 create mode 100644 security/keys/keys_ecryptfs.c
 create mode 100644 security/keys/keys_ecryptfs.h

diff --git a/Documentation/keys-ecryptfs.txt b/Documentation/keys-ecryptfs.txt
new file mode 100644
index 0000000..c3bbeba
--- /dev/null
+++ b/Documentation/keys-ecryptfs.txt
@@ -0,0 +1,68 @@
+		Encrypted keys for the eCryptfs filesystem
+
+ECryptfs is a stacked filesystem which transparently encrypts and decrypts each
+file using a randomly generated File Encryption Key (FEK).
+
+Each FEK is in turn encrypted with a File Encryption Key Encryption Key (FEFEK)
+either in kernel space or in user space with a daemon called 'ecryptfsd'.  In
+the former case the operation is performed directly by the kernel CryptoAPI
+using a key, the FEFEK, derived from a user prompted passphrase;  in the latter
+the FEK is encrypted by 'ecryptfsd' with the help of ...
[ message continues ]
Previous thread: Patch[2/2]:hwmon:Adding_Threshold_Support_to_Coretemp.c by R, Durgadoss on Tuesday, December 28, 2010 - 3:26 am. (2 messages)

Next thread: [PATCHSET REPOST] x86: unify x86_32 and 64 NUMA init paths, take#3 by Tejun Heo on Tuesday, December 28, 2010 - 4:48 am. (30 messages)