From patchwork Thu Jun 1 07:24:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Coiby Xu X-Patchwork-Id: 101794 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp117283vqr; Thu, 1 Jun 2023 00:42:57 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5FxA3zO2AFH6ZZKfv4VV2SYw4tk7mAGJ91lqPV2wZZJjF2bQF5Qz6KtGYMIIT4j8mGMFE5 X-Received: by 2002:a05:6808:1395:b0:398:4a82:76e1 with SMTP id c21-20020a056808139500b003984a8276e1mr7782609oiw.36.1685605376836; Thu, 01 Jun 2023 00:42:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685605376; cv=none; d=google.com; s=arc-20160816; b=aV0T51KEj3HpkdZN3dhExqR3giYmzu8gqMZ35xYkQn42O2jC64bieGbYLJoIVBnZh9 RTW9h6zP6cTsBpF2+pMsEjhng0Xy/h/i1oppJ4owCIAfucq0kkZA5CNhpeC6TWNwSjkt C8TmolRyNGeqY9dwRx3wY5TCX5ZV6/fQVj5BiGOYHVc82DM5wdsxiCL551HxvKm4NgJS v7S8HNB1DtOcTI7jvMHimVl9lnYm4jFY1g3Z0QPDimsdP5VEHM12OALlIdTXBuAc/UJr snbytTCq1A0y7X6ZqrJJkuE29V84o2121Xhmw6+f+aMZsfc0SRb9DRgE2lfksv1S5W01 ftHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AV8aUvr4ixGLZyIesmYQLsbGSBUr0/xlhliel/t7Lh8=; b=I0DEGr5bS8s/SbFvfGwvI18lKkSLc+v+23g5GtoBRPGmPlcXEkvq6q3j+oR6OpH+oQ 1OE/IkWazM/sETq7tM72xoMeAKHJZ0xn6agM0iql40R132NLti3qyh3BlZp/kbHdDVjs 2h86H3UKrHrzqIAnh1UhOPGNBV7X8Jws3p0QYpAyghr6Ugd+95iZfYcCYm3AAJybWhvV erKMkV31yGMzQNsMWDWg/cbHUgUkuKAfayV07kLx9WjjAqUs1Psfepy2wyvYB5UZbugG tL2LThYMfE/kJy8PMqSu5bqDIMfETTXVWbaoXjqCvpVLDxX3fy5LwYuEtcqRobBbFTtC wTUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=K9c8Zm6B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y7-20020aa793c7000000b0064d32440768si4964029pff.138.2023.06.01.00.42.42; Thu, 01 Jun 2023 00:42:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=K9c8Zm6B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231815AbjFAHZt (ORCPT + 99 others); Thu, 1 Jun 2023 03:25:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231783AbjFAHZq (ORCPT ); Thu, 1 Jun 2023 03:25:46 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 24179184 for ; Thu, 1 Jun 2023 00:24:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685604294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AV8aUvr4ixGLZyIesmYQLsbGSBUr0/xlhliel/t7Lh8=; b=K9c8Zm6BwoJeB31EY74w3URzxj6zFDliZuWsim08otfp6MIJWyaGgiNGjp+dWv7TrLJPDR dCxy2nX/fGlCsZM8pVZ06mYTalwn9vVDEXI4R9NwXk1xVsu6CkX+akptNNzdu6+aVAeaB1 ti+KiOoPUMVY8pY0xSsycA2cjD6qCtQ= Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-486-oVvbfSETNHap7HRxXCrzfQ-1; Thu, 01 Jun 2023 03:24:53 -0400 X-MC-Unique: oVvbfSETNHap7HRxXCrzfQ-1 Received: by mail-pl1-f200.google.com with SMTP id d9443c01a7336-1b031a8fbe5so1757505ad.2 for ; Thu, 01 Jun 2023 00:24:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685604292; x=1688196292; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AV8aUvr4ixGLZyIesmYQLsbGSBUr0/xlhliel/t7Lh8=; b=TYFVh+p2kDOM5KzD6LophXd19IFL0SDunKEiMcbETcJNVO2iPgF290I9FfT/lBYs4K q/kiQl3540xSgqeWiRp37jZTAxgdJTK3VSJf8LcQiQBbjxhiwlO2Vd0x84mcl2rsMixc 61p9R9NPtDR4Ht3TPtkqzP5Brkd8Udiw48+9etlBVkJNF+DI2vI+YiS+px6G9I5kasQN xrLj6Q7PJh8HGjyLzpw+6GTTmA9rpx28PJQRtG2AA9A2rcBmIYhrnUN0IHDJ3ez9QUxV 8Q/855cb8sRHbgRoljaXWxNpLAdFaN2QDVxFwTb3ddeZkFOZPQ4tT7eIf09gHiOYAhgx kMTg== X-Gm-Message-State: AC+VfDzi9gnLquowFEm/HF/QrL2nKD3eP5MaN1jTuBpqSFafmy+rJxc3 XyD+JiZY2/mSdtwPCkXhbtcr1YCxPX4Yvj7qExMYoxB2SAhkoNQ0lQuk40rn/3m/lz1C6lGa5hb dOU9fOyua3JkBTKjtkso5e3oP X-Received: by 2002:a17:902:e811:b0:1b0:5e97:ee2e with SMTP id u17-20020a170902e81100b001b05e97ee2emr6960535plg.19.1685604292000; Thu, 01 Jun 2023 00:24:52 -0700 (PDT) X-Received: by 2002:a17:902:e811:b0:1b0:5e97:ee2e with SMTP id u17-20020a170902e81100b001b05e97ee2emr6960516plg.19.1685604291629; Thu, 01 Jun 2023 00:24:51 -0700 (PDT) Received: from localhost ([43.228.180.230]) by smtp.gmail.com with ESMTPSA id z15-20020a170903018f00b00199203a4fa3sm2666890plg.203.2023.06.01.00.24.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jun 2023 00:24:51 -0700 (PDT) From: Coiby Xu To: kexec@lists.infradead.org Cc: Milan Broz , Thomas Staudt , Kairui Song , dm-devel@redhat.com, Jan Pazdziora , Pingfan Liu , Baoquan He , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov , Eric Biederman Subject: [PATCH 1/5] kexec_file: allow to place kexec_buf randomly Date: Thu, 1 Jun 2023 15:24:40 +0800 Message-Id: <20230601072444.2033855-2-coxu@redhat.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601072444.2033855-1-coxu@redhat.com> References: <20230601072444.2033855-1-coxu@redhat.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767485343373869640?= X-GMAIL-MSGID: =?utf-8?q?1767485343373869640?= Currently, kexec_buf is placed in order which means for the same machine, the info in the kexec_buf is always located at the same position each time the machine is booted. This may cause a risk for sensitive information like LUKS volume key. Now struct kexec_buf has a new field random which indicates it's supposed to be placed in a random position. Suggested-by: Jan Pazdziora Signed-off-by: Coiby Xu --- include/linux/kexec.h | 2 ++ kernel/kexec_file.c | 15 +++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/include/linux/kexec.h b/include/linux/kexec.h index 22b5cd24f581..5b2440444112 100644 --- a/include/linux/kexec.h +++ b/include/linux/kexec.h @@ -172,6 +172,7 @@ int kexec_image_post_load_cleanup_default(struct kimage *image); * @buf_min: The buffer can't be placed below this address. * @buf_max: The buffer can't be placed above this address. * @top_down: Allocate from top of memory. + * @random: Place the buffer at a random position. */ struct kexec_buf { struct kimage *image; @@ -183,6 +184,7 @@ struct kexec_buf { unsigned long buf_min; unsigned long buf_max; bool top_down; + bool random; }; int kexec_load_purgatory(struct kimage *image, struct kexec_buf *kbuf); diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index f989f5f1933b..5dbfc119eb6a 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include #include "kexec_internal.h" @@ -419,6 +420,16 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, return ret; } +static unsigned long kexec_random_start(unsigned long start, unsigned long end) +{ + unsigned long temp_start; + unsigned short i; + + get_random_bytes(&i, sizeof(unsigned short)); + temp_start = start + (end - start) / USHRT_MAX * i; + return temp_start; +} + static int locate_mem_hole_top_down(unsigned long start, unsigned long end, struct kexec_buf *kbuf) { @@ -427,6 +438,8 @@ static int locate_mem_hole_top_down(unsigned long start, unsigned long end, temp_end = min(end, kbuf->buf_max); temp_start = temp_end - kbuf->memsz; + if (kbuf->random) + temp_start = kexec_random_start(temp_start, temp_end); do { /* align down start */ @@ -464,6 +477,8 @@ static int locate_mem_hole_bottom_up(unsigned long start, unsigned long end, unsigned long temp_start, temp_end; temp_start = max(start, kbuf->buf_min); + if (kbuf->random) + temp_start = kexec_random_start(temp_start, end); do { temp_start = ALIGN(temp_start, kbuf->buf_align); From patchwork Thu Jun 1 07:24:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Coiby Xu X-Patchwork-Id: 101789 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp111192vqr; Thu, 1 Jun 2023 00:27:52 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6sMimbmzVrv8Gx3LoNTitJnBLu5xw7PKsawrc8yGIt5KBsI6CACs15tqmT5ulPyb3s/ueA X-Received: by 2002:a17:90b:17ca:b0:250:3bc3:2b09 with SMTP id me10-20020a17090b17ca00b002503bc32b09mr6049894pjb.12.1685604472135; Thu, 01 Jun 2023 00:27:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685604472; cv=none; d=google.com; s=arc-20160816; b=MDRBGVNWNEKAEzamYT7nc5qYi+Lv03IjwKOyEc5/U4Iaw53kHYxD4FxINNnADcTb0Q /CTF7giqbHDFiKV4l2d+ZbpEb28dGUovLx0qZfpnpoGbVEwPVaxaWckzmpoO1qFaxgjM IA6P6Xn6zQN42pmYIfb+u+2aXTQy0OPb3TXn5wy8HSBnm3bOgDkUqKDzcnsuIXidGXAP Woibmd25uvZyidVt41R+hM8WOKw4X1S7kFRzz3i9MEZeFMbGEcaO7048Z8Gfo7QAXR5q NdnW0sCvo/N/wxa0SKDsf2csBFNLo7aOh3dBxO7X1x0rpxp+Rr33W9sEgxIFZ4stAxue kKfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AVNhkRwZAfrMBhKh//wi6Z59DrttLTByCXwnmuvQ7Sk=; b=lFb70HzxNZmGAD4rc3dKJ7jwD+3USwl3JMSXHRWsnNsRqmuC/pPxu2dZReP9oMdRgu mdRYzsWHB9srzjlajb2BVbWyXvnu45Uq+Ggx65mtnPv1Rqn3msTSwsn6bBLSJU1FSTbz NAiTRiCun4pA8vDmWrkMMGHDnihNAyJ514VFiJQZ4RdX6Ga9O0xZ98OyFg7uhkO1la40 uqdV6Ua3VAdwz8nApItvvfmEmfxXaVyzBB305xej+B7dNq/RdYD5k2Pcohxgj3adkIWP 4jm73iazEOOPd3avOMGjZAzwWH8ceMiVen9swQIyjhULhdwaCpGvtnih1oMufLYFL1Ov MIdQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=fwFKzULv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ce21-20020a17090aff1500b002533873625dsi699543pjb.24.2023.06.01.00.27.36; Thu, 01 Jun 2023 00:27:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=fwFKzULv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231511AbjFAHZq (ORCPT + 99 others); Thu, 1 Jun 2023 03:25:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231371AbjFAHZo (ORCPT ); Thu, 1 Jun 2023 03:25:44 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 852EB13E for ; Thu, 1 Jun 2023 00:24:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685604297; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AVNhkRwZAfrMBhKh//wi6Z59DrttLTByCXwnmuvQ7Sk=; b=fwFKzULvG2I2S94hr65HA1VMsl3EkViDqVU3iLf0yXX8DlHXrfXGTz6VeASXbcbASgqrD0 2TRfgodcPK6hHz8OlLkL423mJ8cB7iE3GptQO9hSN4ZDwz8KTfkctqlG8VyNUpD6CtB/F8 4at0iTlMMOdYk7RMB5MuTxCfbULQRgM= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-645-mI8yZIRROdCh5DcXlQSo0A-1; Thu, 01 Jun 2023 03:24:56 -0400 X-MC-Unique: mI8yZIRROdCh5DcXlQSo0A-1 Received: by mail-qt1-f198.google.com with SMTP id d75a77b69052e-3f80c977f15so5029071cf.2 for ; Thu, 01 Jun 2023 00:24:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685604296; x=1688196296; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AVNhkRwZAfrMBhKh//wi6Z59DrttLTByCXwnmuvQ7Sk=; b=QT22WzI6/67PnXgtEOBUp4lA+Ww10w8KLsnNHotAbEQc1+/YWCfQxvajomqwrO6hMR l5TfIeQN6H/69/DNDFUdMiiL7M02NlegSIC+m6GkGc9hnLV8TrikuIIXl6/QrDCPpn9o kfJXpYts/KyO93B44ZLwYTkMmvoe348pSRusUBGDywnBrjQC7RNW6fb3bwVRiMmrz+8Z 0n7br4j3pAuYoGu/wtdDkLOaRTUCEoAN40H6JLpbPRY6bkxWhmgyLZN3GgWnqfo4M+3T rf6osgq2o+dSLAzbvI+mAPv/38KsbJHxOjTvgsBTgumLq1U2rIxJq0IzR/QDTgiuMWgD HZNQ== X-Gm-Message-State: AC+VfDzryhWxJzgE40e3pcbiby2AvedtMPEH45kvQ31182TkKBBmDF1H pUjWs/x5pJYxhnutU8UTXRNzxwcMr5z5GucwUvJFUIyjiKtMAaQjqpF1o1kEoT4NSA7HUZn9iRU kA8BhggmEE7N0FsnBL74GW6fr X-Received: by 2002:a05:622a:3c7:b0:3f4:eb26:6d42 with SMTP id k7-20020a05622a03c700b003f4eb266d42mr7982586qtx.63.1685604295826; Thu, 01 Jun 2023 00:24:55 -0700 (PDT) X-Received: by 2002:a05:622a:3c7:b0:3f4:eb26:6d42 with SMTP id k7-20020a05622a03c700b003f4eb266d42mr7982558qtx.63.1685604295538; Thu, 01 Jun 2023 00:24:55 -0700 (PDT) Received: from localhost ([43.228.180.230]) by smtp.gmail.com with ESMTPSA id i28-20020a63541c000000b0053efb8fae02sm2465297pgb.24.2023.06.01.00.24.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jun 2023 00:24:55 -0700 (PDT) From: Coiby Xu To: kexec@lists.infradead.org Cc: Milan Broz , Thomas Staudt , Kairui Song , dm-devel@redhat.com, Jan Pazdziora , Pingfan Liu , Baoquan He , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov , Vivek Goyal Subject: [PATCH 2/5] crash_dump: save the LUKS volume key temporarily Date: Thu, 1 Jun 2023 15:24:41 +0800 Message-Id: <20230601072444.2033855-3-coxu@redhat.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601072444.2033855-1-coxu@redhat.com> References: <20230601072444.2033855-1-coxu@redhat.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767484394978623765?= X-GMAIL-MSGID: =?utf-8?q?1767484394978623765?= After having the volume key, crytpsetup/systemd-cryptsetup saves the volume key as a logon key to its thread keyring and this key is destroyed immediately with the terminated thread. So a temporary copy of the volume key is needed in order to later save it to kdump reserved memory when the crash kernel is loaded later. crytpsetup/systemd-cryptsetup will write the key description to /sys/kernel/crash_luks_volume_key so the kernel will read the logon key and save a temporary copy for later user. kdump has 1 hour at maximum to get the temporary copy before the key gets wiped. And after kdump retrieves the key, the key will be wiped immediately. Signed-off-by: Coiby Xu --- include/linux/crash_core.h | 2 + kernel/Makefile | 2 +- kernel/crash_dump_luks.c | 90 ++++++++++++++++++++++++++++++++++++++ kernel/ksysfs.c | 19 ++++++++ 4 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 kernel/crash_dump_luks.c diff --git a/include/linux/crash_core.h b/include/linux/crash_core.h index de62a722431e..596d83b8f362 100644 --- a/include/linux/crash_core.h +++ b/include/linux/crash_core.h @@ -83,5 +83,7 @@ int parse_crashkernel_high(char *cmdline, unsigned long long system_ram, unsigned long long *crash_size, unsigned long long *crash_base); int parse_crashkernel_low(char *cmdline, unsigned long long system_ram, unsigned long long *crash_size, unsigned long long *crash_base); +int crash_sysfs_luks_volume_key_write(const char *key_des, size_t count); +int crash_pass_temp_luks_volume_key(void **addr, unsigned long *sz); #endif /* LINUX_CRASH_CORE_H */ diff --git a/kernel/Makefile b/kernel/Makefile index b69c95315480..8412afa4a9f0 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -118,7 +118,7 @@ obj-$(CONFIG_PERF_EVENTS) += events/ obj-$(CONFIG_USER_RETURN_NOTIFIER) += user-return-notifier.o obj-$(CONFIG_PADATA) += padata.o -obj-$(CONFIG_CRASH_DUMP) += crash_dump.o +obj-$(CONFIG_CRASH_DUMP) += crash_dump.o crash_dump_luks.o obj-$(CONFIG_JUMP_LABEL) += jump_label.o obj-$(CONFIG_CONTEXT_TRACKING) += context_tracking.o obj-$(CONFIG_TORTURE_TEST) += torture.o diff --git a/kernel/crash_dump_luks.c b/kernel/crash_dump_luks.c new file mode 100644 index 000000000000..2d88b77a93f8 --- /dev/null +++ b/kernel/crash_dump_luks.c @@ -0,0 +1,90 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include +#include + +static u8 *luks_volume_key; +static unsigned int luks_volume_key_size; + +void wipe_luks_volume_key(void) +{ + if (luks_volume_key) { + memset(luks_volume_key, 0, luks_volume_key_size * sizeof(u8)); + kfree(luks_volume_key); + luks_volume_key = NULL; + } +} + +static void _wipe_luks_volume_key(struct work_struct *dummy) +{ + wipe_luks_volume_key(); +} + +static DECLARE_DELAYED_WORK(wipe_luks_volume_key_work, _wipe_luks_volume_key); + +static unsigned __read_mostly wipe_key_delay = 3600; /* 1 hour */ + +static int crash_save_temp_luks_volume_key(const char *key_desc, size_t count) +{ + const struct user_key_payload *ukp; + struct key *key; + + + if (luks_volume_key) { + memset(luks_volume_key, 0, luks_volume_key_size * sizeof(u8)); + kfree(luks_volume_key); + } + + pr_debug("Requesting key %s", key_desc); + key = request_key(&key_type_logon, key_desc, NULL); + + if (IS_ERR(key)) { + pr_debug("No such key %s", key_desc); + return PTR_ERR(key); + } + + ukp = user_key_payload_locked(key); + if (!ukp) + return -EKEYREVOKED; + + luks_volume_key = kmalloc(ukp->datalen, GFP_KERNEL); + if (!luks_volume_key) + return -ENOMEM; + memcpy(luks_volume_key, ukp->data, ukp->datalen); + luks_volume_key_size = ukp->datalen; + pr_debug("LUKS master key (size=%u): %8ph\n", luks_volume_key_size, luks_volume_key); + schedule_delayed_work(&wipe_luks_volume_key_work, + round_jiffies_relative(wipe_key_delay * HZ)); + return 0; +} + +int crash_sysfs_luks_volume_key_write(const char *key_desc, size_t count) +{ + if (!is_kdump_kernel()) + return crash_save_temp_luks_volume_key(key_desc, count); + return -EINVAL; +} +EXPORT_SYMBOL(crash_sysfs_luks_volume_key_write); + +int crash_pass_temp_luks_volume_key(void **addr, unsigned long *sz) +{ + unsigned long luks_key_sz; + unsigned char *buf; + unsigned int *size_ptr; + + if (!luks_volume_key) + return -EINVAL; + + luks_key_sz = sizeof(unsigned int) + luks_volume_key_size * sizeof(u8); + + buf = vzalloc(luks_key_sz); + if (!buf) + return -ENOMEM; + + size_ptr = (unsigned int *)buf; + memcpy(size_ptr, &luks_volume_key_size, sizeof(unsigned int)); + memcpy(size_ptr + 1, luks_volume_key, luks_volume_key_size * sizeof(u8)); + *addr = buf; + *sz = luks_key_sz; + wipe_luks_volume_key(); + return 0; +} diff --git a/kernel/ksysfs.c b/kernel/ksysfs.c index aad7a3bfd846..cc64a895c334 100644 --- a/kernel/ksysfs.c +++ b/kernel/ksysfs.c @@ -165,6 +165,24 @@ static ssize_t vmcoreinfo_show(struct kobject *kobj, } KERNEL_ATTR_RO(vmcoreinfo); +static ssize_t crash_luks_volume_key_show(struct kobject *kobj, + struct kobj_attribute *attr, + char *buf) +{ + return 0; +} + +static ssize_t crash_luks_volume_key_store(struct kobject *kobj, + struct kobj_attribute *attr, + const char *buf, size_t count) +{ + int ret; + + ret = crash_sysfs_luks_volume_key_write(buf, count); + return ret < 0 ? ret : count; +} +KERNEL_ATTR_RW(crash_luks_volume_key); + #endif /* CONFIG_CRASH_CORE */ /* whether file capabilities are enabled */ @@ -255,6 +273,7 @@ static struct attribute * kernel_attrs[] = { #endif #ifdef CONFIG_CRASH_CORE &vmcoreinfo_attr.attr, + &crash_luks_volume_key_attr.attr, #endif #ifndef CONFIG_TINY_RCU &rcu_expedited_attr.attr, From patchwork Thu Jun 1 07:24:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Coiby Xu X-Patchwork-Id: 101792 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp116639vqr; Thu, 1 Jun 2023 00:41:07 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7VXUbH7BmUSxZtMg5DEN35l6+I3eKJiahF1Qu9QhvNrHVnnaa7sCCcFKgy3j2IJk/tqm9I X-Received: by 2002:a17:902:a508:b0:1ae:8a22:d0dd with SMTP id s8-20020a170902a50800b001ae8a22d0ddmr4791099plq.58.1685605266855; Thu, 01 Jun 2023 00:41:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685605266; cv=none; d=google.com; s=arc-20160816; b=Ljsr5fDrSr5jzrYp12R1hzj27MvtOwF3IWzWYm33TVjS15KO+KnmR5I5eeA760Iz8S mEN1+p6MOVRbQ+rYixiBj3wBwlVAlvWgGrqVkBSKpWz9yhFpjUlqjeggoHUJKNi90gOt Gpz7aH8Dl2GbgdmcqzCMDyFlm66GqAht8diKPnlZya+ikgoVDoNDPYgiE3J4UUSwhkic Ps+NetkJwh1i+puYJc2cEvvMu6Es0DdGA60Hbm37TZcPHrCr8JkHf3daGrYqkty2S33S GoIU6Emxa+HodPgDdnoyMuW66MljgpcCcTmOgxa6PcHrfXbvMIy7bcIbQjeVnpdQ2YzP RJBw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BSdEOOvVOvBHgbxdtA0aSxX16fM93R7Xrib46N4HMRQ=; b=Ij2ADBube4WbWXIOSnZgS3IfslGdam+jHLpk0MT2gQ4AuAZsqNBOKhYP00nOk2kk/+ EjM6JK3d6yGSFJIZZU4glYbV3KKoyUErub/GdtXal19ijBskeWnsvpQ6I2SzyYEAsXjM EHQ88g6LSpQAYiDd7tQYdtOrMXiTz0dAOGF253UNZWPfqpakYL7m/gbcmL/8vHUKzRUX Fe7EHTB5+ddEiQdKf/Q+C02/IRBVpdSxibwnyupvoOe37WqyXiTvLhsnw6HieK4FZrzT UGqLqMYKkKI0MR15ZsJ9wOR9nHP+FHIDBbaEzxFW+EWr9oUahRBTe99aTHJ34w4Simy5 YwMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=esm0yLUV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m7-20020a170902768700b001adf0f9cf6fsi2243693pll.303.2023.06.01.00.40.50; Thu, 01 Jun 2023 00:41:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=esm0yLUV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231970AbjFAH0B (ORCPT + 99 others); Thu, 1 Jun 2023 03:26:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42644 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231800AbjFAHZs (ORCPT ); Thu, 1 Jun 2023 03:25:48 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7D40F9F for ; Thu, 1 Jun 2023 00:25:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685604302; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BSdEOOvVOvBHgbxdtA0aSxX16fM93R7Xrib46N4HMRQ=; b=esm0yLUVbBXHsbucG2ZuTgmO4I9hOD6eap4CqfacLceGVnnC59lU87xoE4fIqwxXyLC94P vjGU0r03Kl1WzqEcATesreacg/byuEN4ElTAJ9QI/+eAZWXIcEPDPOaklvWkDNdF9IpT45 4QqkCmE/m0iGeO7TFY8tf/HDT9QB0v0= Received: from mail-pf1-f200.google.com (mail-pf1-f200.google.com [209.85.210.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-314-0WOvoThUO4OfG3aQVH3dIA-1; Thu, 01 Jun 2023 03:25:01 -0400 X-MC-Unique: 0WOvoThUO4OfG3aQVH3dIA-1 Received: by mail-pf1-f200.google.com with SMTP id d2e1a72fcca58-650abd6d92eso44108b3a.3 for ; Thu, 01 Jun 2023 00:25:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685604300; x=1688196300; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BSdEOOvVOvBHgbxdtA0aSxX16fM93R7Xrib46N4HMRQ=; b=XrTTX8X9zLSy1a9OLTVPSm9H6O6RLdFrOWRSSMYMv/bWMS9IWs0fSGzsoB6hY0/CcR JDoBO+ynC4vYXsGsmR6aT9rwNR969jac9BZipkXgLkT3c5XbZAlWsmz3VnYEKb0cQUO+ 35Pb3LWj3t5vFTGLTOlfNephhIJnqaaOozzFh1XxNqd6bfMeQKZZPrs4cjpOenxJoccd Yh2lDTVvELIGhtz/W3HfA+eCkkoxlu12ZJxkahA5MEfGx6lZ7bOhaY2r2fKPiRIdosbF EPYWmAkDvR4/0Tnq+0DivNa/5X6kG0Fzcat5Eyu4Pr3AymlTCAHc5hWds1wcMnNuNUr4 u2Ug== X-Gm-Message-State: AC+VfDxNzRb2G0OcB1U5mVk9qc5F2zedtmxn9xsvkHkNoQvITkzIidFs t1OapTDCLa2oiNU7dYmv70J384l0HP9vH1d62KQT5okHjMhS7DuKklX/8xgIRa8fSUXpPyVliXp iDqQGRsKRxX9WPw+BxxbZNQ2P X-Received: by 2002:a05:6a00:1a51:b0:63b:5496:7af5 with SMTP id h17-20020a056a001a5100b0063b54967af5mr7757653pfv.1.1685604300240; Thu, 01 Jun 2023 00:25:00 -0700 (PDT) X-Received: by 2002:a05:6a00:1a51:b0:63b:5496:7af5 with SMTP id h17-20020a056a001a5100b0063b54967af5mr7757634pfv.1.1685604299873; Thu, 01 Jun 2023 00:24:59 -0700 (PDT) Received: from localhost ([43.228.180.230]) by smtp.gmail.com with ESMTPSA id f18-20020aa78b12000000b0064d27a28451sm4433388pfd.100.2023.06.01.00.24.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jun 2023 00:24:59 -0700 (PDT) From: Coiby Xu To: kexec@lists.infradead.org Cc: Milan Broz , Thomas Staudt , Kairui Song , dm-devel@redhat.com, Jan Pazdziora , Pingfan Liu , Baoquan He , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov , Vivek Goyal Subject: [PATCH 3/5] crash_dump: retrieve LUKS volume key in kdump kernel Date: Thu, 1 Jun 2023 15:24:42 +0800 Message-Id: <20230601072444.2033855-4-coxu@redhat.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601072444.2033855-1-coxu@redhat.com> References: <20230601072444.2033855-1-coxu@redhat.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767485227941318497?= X-GMAIL-MSGID: =?utf-8?q?1767485227941318497?= Crash kernel will retrieve the LUKS volume key based on the luksvolumekey command line parameter. When libcryptsetup writes the key description to /sys/kernel/crash_luks_volume_key, crash kernel will create a thread keyring and add a logon key. Signed-off-by: Coiby Xu --- include/linux/crash_dump.h | 2 + kernel/crash_dump_luks.c | 116 ++++++++++++++++++++++++++++++++++++- 2 files changed, 116 insertions(+), 2 deletions(-) diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h index 0f3a656293b0..bc848e058c64 100644 --- a/include/linux/crash_dump.h +++ b/include/linux/crash_dump.h @@ -15,6 +15,8 @@ extern unsigned long long elfcorehdr_addr; extern unsigned long long elfcorehdr_size; +extern unsigned long long luks_volume_key_addr; + #ifdef CONFIG_CRASH_DUMP extern int elfcorehdr_alloc(unsigned long long *addr, unsigned long long *size); extern void elfcorehdr_free(unsigned long long addr); diff --git a/kernel/crash_dump_luks.c b/kernel/crash_dump_luks.c index 2d88b77a93f8..63718db318c3 100644 --- a/kernel/crash_dump_luks.c +++ b/kernel/crash_dump_luks.c @@ -1,7 +1,82 @@ // SPDX-License-Identifier: GPL-2.0-only +#include +#include #include #include +unsigned long long luks_volume_key_addr; +EXPORT_SYMBOL_GPL(luks_volume_key_addr); + +static int __init setup_luksvolumekey(char *arg) +{ + char *end; + + if (!arg) + return -EINVAL; + luks_volume_key_addr = memparse(arg, &end); + if (end > arg) + return 0; + + luks_volume_key_addr = 0; + return -EINVAL; +} + +early_param("luksvolumekey", setup_luksvolumekey); + +/* + * Architectures may override this function to read LUKS master key + */ +ssize_t __weak luks_key_read(char *buf, size_t count, u64 *ppos) +{ + struct kvec kvec = { .iov_base = buf, .iov_len = count }; + struct iov_iter iter; + + iov_iter_kvec(&iter, READ, &kvec, 1, count); + return read_from_oldmem(&iter, count, ppos, false); +} + +static int retrive_kdump_luks_volume_key(u8 *buffer, unsigned int *sz) +{ + unsigned int key_size; + size_t lukskeybuf_sz; + unsigned int *size_ptr; + char *lukskeybuf; + u64 addr; + int r; + + if (luks_volume_key_addr == 0) { + pr_debug("LUKS master key memory address inaccessible"); + return -EINVAL; + } + + addr = luks_volume_key_addr; + + /* Read LUKS master key size */ + r = luks_key_read((char *)&key_size, sizeof(unsigned int), &addr); + + if (r < 0) + return r; + + pr_debug("Retrieve LUKS master key: size=%u\n", key_size); + /* Read in LUKS maste rkey */ + lukskeybuf_sz = sizeof(unsigned int) + key_size * sizeof(u8); + lukskeybuf = (void *)__get_free_pages(GFP_KERNEL | __GFP_ZERO, + get_order(lukskeybuf_sz)); + if (!lukskeybuf) + return -ENOMEM; + + addr = luks_volume_key_addr; + r = luks_key_read((char *)lukskeybuf, lukskeybuf_sz, &addr); + + if (r < 0) + return r; + size_ptr = (unsigned int *)lukskeybuf; + memcpy(buffer, size_ptr + 1, key_size * sizeof(u8)); + pr_debug("Retrieve LUKS master key (size=%u): %48ph...\n", key_size, buffer); + *sz = key_size; + return 0; +} + static u8 *luks_volume_key; static unsigned int luks_volume_key_size; @@ -23,12 +98,48 @@ static DECLARE_DELAYED_WORK(wipe_luks_volume_key_work, _wipe_luks_volume_key); static unsigned __read_mostly wipe_key_delay = 3600; /* 1 hour */ +static int retore_luks_volume_key_to_thread_keyring(const char *key_desc) +{ + key_ref_t keyring_ref, key_ref; + int ret; + + /* find the target keyring (which must be writable) */ + keyring_ref = lookup_user_key(KEY_SPEC_THREAD_KEYRING, 0x01, KEY_NEED_WRITE); + if (IS_ERR(keyring_ref)) { + pr_alert("Failed to get keyring"); + return PTR_ERR(keyring_ref); + } + + luks_volume_key = kmalloc(128, GFP_KERNEL); + ret = retrive_kdump_luks_volume_key(luks_volume_key, &luks_volume_key_size); + if (ret) { + kfree(luks_volume_key); + return ret; + } + + /* create or update the requested key and add it to the target keyring */ + key_ref = key_create_or_update(keyring_ref, "logon", key_desc, + luks_volume_key, luks_volume_key_size, + KEY_PERM_UNDEF, KEY_ALLOC_IN_QUOTA); + + if (!IS_ERR(key_ref)) { + ret = key_ref_to_ptr(key_ref)->serial; + key_ref_put(key_ref); + pr_alert("Success adding key %s", key_desc); + } else { + ret = PTR_ERR(key_ref); + pr_alert("Error when adding key"); + } + + key_ref_put(keyring_ref); + return ret; +} + static int crash_save_temp_luks_volume_key(const char *key_desc, size_t count) { const struct user_key_payload *ukp; struct key *key; - if (luks_volume_key) { memset(luks_volume_key, 0, luks_volume_key_size * sizeof(u8)); kfree(luks_volume_key); @@ -61,7 +172,8 @@ int crash_sysfs_luks_volume_key_write(const char *key_desc, size_t count) { if (!is_kdump_kernel()) return crash_save_temp_luks_volume_key(key_desc, count); - return -EINVAL; + else + return retore_luks_volume_key_to_thread_keyring(key_desc); } EXPORT_SYMBOL(crash_sysfs_luks_volume_key_write); From patchwork Thu Jun 1 07:24:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Coiby Xu X-Patchwork-Id: 101793 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp116984vqr; Thu, 1 Jun 2023 00:41:59 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4d45Auh5hZr5A/CwsPAvKryyHWLi7Kao2pcjDbC7EOgDJeBG+dInw2FbYp0i4g/dsw0vFM X-Received: by 2002:a17:90a:c78c:b0:256:47f3:73d3 with SMTP id gn12-20020a17090ac78c00b0025647f373d3mr5606802pjb.29.1685605318822; Thu, 01 Jun 2023 00:41:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685605318; cv=none; d=google.com; s=arc-20160816; b=fQ+AQDDNKoTZb3hT46dFTdqFLyjo6gPkDB2WayVEApIRQwoz8im5DxoX9n6CJKJ8ft tNCX7FrqAXHVRaAoRSE6zQ19In7V7rIe+1/FLSLp2303qwIunqejhRaUIkM24suOykhI mxDGLdC7EdxX9DRhmZBJpAOU3F1qKJUNYIVcKUHR8oUgOVQWTIxh0OWEnQe9D1ZMimkc YGtcvbe1g5qEWS/S/g01DefeGfZzCP1TMEOKOFzBSn9a/a0A129hV7KbO456BJY9wkNQ WY3R26vc0WeuI0vIBQ6WjATBDl/RQTSIgvl4ZU1/AMHPJSwhxKFW5R6r7IgjaBDw5ege +o5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AgH6lkMBE6SH6kwKQ2OLQdShNDxo5U5zIXrPWoXTrzY=; b=zqKz5P9PoC9TvASY3StmfdpmjIZet8OcbJh+NgPiI9Qf6LnJUFCJxKkk6n9GOTiftG 6EHG/gNyFjmbBMomYjcVm8JNrolS2E/V+j9WU9KFp7/blZ56TefUYD3qsb9dU+VUL4ed 7QpyYpxxwrR95hHVfus+8ZLrA+v2bPW2XuapTWDFGkU/rs/eag9GQ2GjyyfocPlWhLlI IX26a+wsGLQc4ecR3V4wE6oxmLNRswok76RKVuYB0+4ppTi98ceqKgNIRsvICqXyo8uW 79L4MJ3DiQSms08r1pBkX5Cx5WqR2BwJdgw8ucyLVnWghtl2CnpAPyGwjWrehfBmMrnY EnMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="Ic1/+iMa"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o27-20020a63921b000000b0053ef5472639si2435041pgd.489.2023.06.01.00.41.46; Thu, 01 Jun 2023 00:41:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="Ic1/+iMa"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231952AbjFAHZ5 (ORCPT + 99 others); Thu, 1 Jun 2023 03:25:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42698 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231799AbjFAHZs (ORCPT ); Thu, 1 Jun 2023 03:25:48 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E5E3E18C for ; Thu, 1 Jun 2023 00:25:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685604306; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AgH6lkMBE6SH6kwKQ2OLQdShNDxo5U5zIXrPWoXTrzY=; b=Ic1/+iMatjM9SMHanwDvYALW62vQLEMabsTxInIjq4qAeiwnEMmT6T4miSP0p1TAFASM+A JFc4w6g7stwqUdOldQQHCEOH16dVaYybE/fdexDPFeee+T8PMfOGQO2ldw408p4T0uJd9t 37CqvX5FX62VftGPIqCzYb9wQwF7bkQ= Received: from mail-pj1-f72.google.com (mail-pj1-f72.google.com [209.85.216.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-492-9esEm7IFNhmHtrhKtE_vPg-1; Thu, 01 Jun 2023 03:25:05 -0400 X-MC-Unique: 9esEm7IFNhmHtrhKtE_vPg-1 Received: by mail-pj1-f72.google.com with SMTP id 98e67ed59e1d1-2568caac092so105325a91.1 for ; Thu, 01 Jun 2023 00:25:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685604304; x=1688196304; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AgH6lkMBE6SH6kwKQ2OLQdShNDxo5U5zIXrPWoXTrzY=; b=DCip9q1FcegtiUB8eYvU0LGklsXXLSlYGi2S9YetDwABjdwAUkAmUOi0V8mqz2u+Hw cuIjUUN5uFfGyFfH+PLSi+G8OW/E7Rf3YvtG20QI9a/v5NbpZzrcCJdnqmbaXgdxuNSE mLZO69sXHkmQI+mqvnOXiY38e9YrTrJPTIyz8Gfq9Co+G3v5eVo/Bz2kRH4AMxyKOS3+ gnu5yY0EQBOKYuxiUFEyrGsYmV12bGGk8SbS7LDVwUgsuVyMaTBj6u+0025DInrKXu1a +VVDFTJ9U2B3LptbV09VYn70hTyV66Am6/sjfhc2WCxG82sJhvHbbRjnqRMCbu6O4z1g FmWA== X-Gm-Message-State: AC+VfDwFcca25ITcTulUIb/uNmd9DxlMoPBYfJviquEyVNsyFSCpnCzj wHuziQewDLYxlBTvxfSTTS2s31tiZoKkufWXxlKbkfgFq4p7zFyKly8JpcxU+9NbgKGYOzQDu6d I4lXhU62up8CeqhACz5/hLpRR X-Received: by 2002:a17:90a:1d5:b0:258:ad44:1881 with SMTP id 21-20020a17090a01d500b00258ad441881mr348554pjd.11.1685604303891; Thu, 01 Jun 2023 00:25:03 -0700 (PDT) X-Received: by 2002:a17:90a:1d5:b0:258:ad44:1881 with SMTP id 21-20020a17090a01d500b00258ad441881mr348543pjd.11.1685604303582; Thu, 01 Jun 2023 00:25:03 -0700 (PDT) Received: from localhost ([43.228.180.230]) by smtp.gmail.com with ESMTPSA id o11-20020a17090a4e8b00b00256799877ffsm702466pjh.47.2023.06.01.00.25.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jun 2023 00:25:03 -0700 (PDT) From: Coiby Xu To: kexec@lists.infradead.org Cc: Milan Broz , Thomas Staudt , Kairui Song , dm-devel@redhat.com, Jan Pazdziora , Pingfan Liu , Baoquan He , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Eric Biederman Subject: [PATCH 4/5] x86/crash: pass the LUKS volume key to kdump kernel Date: Thu, 1 Jun 2023 15:24:43 +0800 Message-Id: <20230601072444.2033855-5-coxu@redhat.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601072444.2033855-1-coxu@redhat.com> References: <20230601072444.2033855-1-coxu@redhat.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767485283044892542?= X-GMAIL-MSGID: =?utf-8?q?1767485283044892542?= 1st kernel will build up the kernel command parameter luksvolumekey as similar to elfcorehdr to pass the memory address of the stored info of LUKS volume key to kdump kernel. Signed-off-by: Coiby Xu --- arch/x86/include/asm/crash.h | 1 + arch/x86/kernel/crash.c | 47 ++++++++++++++++++++++++++++++- arch/x86/kernel/kexec-bzimage64.c | 7 +++++ include/linux/kexec.h | 4 +++ 4 files changed, 58 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/crash.h b/arch/x86/include/asm/crash.h index 8b6bd63530dc..485f75dce2ca 100644 --- a/arch/x86/include/asm/crash.h +++ b/arch/x86/include/asm/crash.h @@ -4,6 +4,7 @@ struct kimage; +int crash_load_luks_volume_key(struct kimage *image); int crash_load_segments(struct kimage *image); int crash_setup_memmap_entries(struct kimage *image, struct boot_params *params); diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index cdd92ab43cda..32d4a9e3badf 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -289,6 +289,7 @@ static int memmap_exclude_ranges(struct kimage *image, struct crash_mem *cmem, unsigned long long mend) { unsigned long start, end; + int r; cmem->ranges[0].start = mstart; cmem->ranges[0].end = mend; @@ -297,7 +298,19 @@ static int memmap_exclude_ranges(struct kimage *image, struct crash_mem *cmem, /* Exclude elf header region */ start = image->elf_load_addr; end = start + image->elf_headers_sz - 1; - return crash_exclude_mem_range(cmem, start, end); + r = crash_exclude_mem_range(cmem, start, end); + + if (r) + return r; + + /* Exclude LUKS volume key region */ + if (image->luks_volume_key_addr) { + start = image->luks_volume_key_addr; + end = start + image->luks_volume_key_sz - 1; + return crash_exclude_mem_range(cmem, start, end); + } + + return r; } /* Prepare memory map for crash dump kernel */ @@ -368,6 +381,38 @@ int crash_setup_memmap_entries(struct kimage *image, struct boot_params *params) return ret; } +int crash_load_luks_volume_key(struct kimage *image) +{ + int ret; + struct kexec_buf kbuf = { + .image = image, + .buf_min = 0, + .buf_max = ULONG_MAX, + .top_down = false, + .random = true, + }; + + image->luks_volume_key_addr = 0; + ret = crash_pass_temp_luks_volume_key(&kbuf.buffer, &kbuf.bufsz); + if (ret) + return ret; + + kbuf.memsz = kbuf.bufsz; + kbuf.buf_align = ELF_CORE_HEADER_ALIGN; + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN; + ret = kexec_add_buffer(&kbuf); + if (ret) { + vfree((void *)kbuf.buffer); + return ret; + } + image->luks_volume_key_addr = kbuf.mem; + image->luks_volume_key_sz = kbuf.bufsz; + pr_debug("Loaded LUKS volume key at 0x%lx bufsz=0x%lx memsz=0x%lx\n", + image->luks_volume_key_addr, kbuf.bufsz, kbuf.bufsz); + + return ret; +} + int crash_load_segments(struct kimage *image) { int ret; diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c index a61c12c01270..a859e9e5c876 100644 --- a/arch/x86/kernel/kexec-bzimage64.c +++ b/arch/x86/kernel/kexec-bzimage64.c @@ -76,6 +76,10 @@ static int setup_cmdline(struct kimage *image, struct boot_params *params, if (image->type == KEXEC_TYPE_CRASH) { len = sprintf(cmdline_ptr, "elfcorehdr=0x%lx ", image->elf_load_addr); + + if (image->luks_volume_key_addr != 0) + len += sprintf(cmdline_ptr + len, + "luksvolumekey=0x%lx ", image->luks_volume_key_addr); } memcpy(cmdline_ptr + len, cmdline, cmdline_len); cmdline_len += len; @@ -433,6 +437,9 @@ static void *bzImage64_load(struct kimage *image, char *kernel, ret = crash_load_segments(image); if (ret) return ERR_PTR(ret); + ret = crash_load_luks_volume_key(image); + if (ret) + pr_debug("Either no LUKS volume key or error to retrieve the LUKS volume key\n"); } /* diff --git a/include/linux/kexec.h b/include/linux/kexec.h index 5b2440444112..20d213076e46 100644 --- a/include/linux/kexec.h +++ b/include/linux/kexec.h @@ -374,6 +374,10 @@ struct kimage { void *elf_headers; unsigned long elf_headers_sz; unsigned long elf_load_addr; + + /* LUKS volume key buffer */ + unsigned long luks_volume_key_addr; + unsigned long luks_volume_key_sz; }; /* kexec interface functions */ From patchwork Thu Jun 1 07:24:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Coiby Xu X-Patchwork-Id: 101795 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp118414vqr; Thu, 1 Jun 2023 00:45:47 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7+VIp/7Mf5Rd6dMkHDQKfMuSjsfOIZVgGiEioayO96a1LfiKC7WAlIs8KKX5LvSJJh+1cp X-Received: by 2002:a05:6a00:18a1:b0:648:1311:fbc4 with SMTP id x33-20020a056a0018a100b006481311fbc4mr11039543pfh.33.1685605547074; Thu, 01 Jun 2023 00:45:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685605547; cv=none; d=google.com; s=arc-20160816; b=kN9UvnaPaHErvxEZIHsrOw79TGJ9+lklKjxuRartEThUQZhxgqwyYUZjjYCquxXO1w q7P9PJOi2n3ipMWDpxudo0O/P2bDeITGM3jtGG/QaaWPXcrccT9f96AFXgY7HmE9Gjg8 K52RJE7nDR6u8PtdndKQ7MIbVglUVGfGabUOw6GZpcBIzgw5OeR8yrGtur6Eoo7rgXNi +M/X2RG8LGYBWRJ7T+xr6FKZS9uAmJNe9tAepxEwpPct4KRcSlcRFqgRPoaj7PiokWPU WOSHMbfwKuU1Rwxb1z6njKoV8vD4pAK77R7B3LScRVjC38nppWBsYORySKx9xwj2A/dh Mp7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aefU4VwU8oFOQYKmAqFmOKJxhlCYs6WtVK98Xo9Ylw8=; b=ArXSJM9a7AS3sbM5xoEtAMql3VzdZBX/HEZVWN4euzTUDhP/tfwCUrLMxF72SL0G8d Xl/4HX/tO0A+IdRF5biUmCOGIZEE6AuzF68vZ5gNkmSqY+an6CeaTZ8U0S0GkLGAGVBU UgeTCoSUNckVneSMI7B3nk279KiTqWq85s3C7KMeKoog1YTF6Oy4XVpy09yFuq/nL0Xw QP+WxFrfWoFQOcxDRDNZtdPGeH9xTd5KmBQ6O8JFWOecbHqnDkyrqUpmJg7B/XxocQgg 5JPtqtrfirnznkv+vzHh7HaWiAQ6S1/tBFU1VwKuFzsgA00Nh5gKzEC6fm06MDX5jLyw MmCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WETCygIf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 125-20020a620683000000b0064d5e926241si2154928pfg.149.2023.06.01.00.45.32; Thu, 01 Jun 2023 00:45:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WETCygIf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231965AbjFAH0L (ORCPT + 99 others); Thu, 1 Jun 2023 03:26:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42684 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231895AbjFAHZ5 (ORCPT ); Thu, 1 Jun 2023 03:25:57 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C58E180 for ; Thu, 1 Jun 2023 00:25:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1685604309; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aefU4VwU8oFOQYKmAqFmOKJxhlCYs6WtVK98Xo9Ylw8=; b=WETCygIfvoUR4I/DFrO0Vu0WkJ/DyQ+6nprEwNcFQcTNr4cqMn7qoM4qlWhev97ZLRCc/8 SboM+RmR1oFlStBSlFS3jlU1DdEm/9UhS6Qtx1bEi/xwrNRc1DFxtHudmodzACopnj7vRy kbWjh8FFJMa5rew0SV22jWLX2isBTmM= Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-433-oUVdstSjMGWKwHLJB7JtBw-1; Thu, 01 Jun 2023 03:25:08 -0400 X-MC-Unique: oUVdstSjMGWKwHLJB7JtBw-1 Received: by mail-pg1-f199.google.com with SMTP id 41be03b00d2f7-528ab7097afso566462a12.1 for ; Thu, 01 Jun 2023 00:25:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685604307; x=1688196307; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aefU4VwU8oFOQYKmAqFmOKJxhlCYs6WtVK98Xo9Ylw8=; b=PQjxXAEYSS7baW7CSbcDyJph30QjAAVj3P+JmVJIomsHogVO77gj1yo3bLmNnsB7T/ WAjEq4rP20nrvZJy4tmV4Wls2Coi9nAFwNq53Yz+JD40eFjWbqVDOTLYNBrbK1kDoAYt jjkbid2G8OECKrrVfkgXGQ76LY3Q7Gg3HnZJCMHn1RXU6XgFMoTnJ9FiyAcciGCnhO/6 KgjOL3wb9xokW66rHBwa/el/YOqOGayJsY/J6f0ByD+shIxDvHhq78bYkInwDgEaVfzH HznseSFTGq6rEpBexBdxZBjrORIF4Hi2qabJ4zXAH4t6Dd8Js+Nagr2mhx9lD9URtoFe MVSQ== X-Gm-Message-State: AC+VfDz511Gpo29Mywaym1fLFiI2kP94cQ6RxGCGtMatZ5TS2QiojKy9 BKHF7HT+berYiL9aOfGTTmWw2p7jRlNMB1qnMyBJCr8hmEXNAQkBGQdSQxFIV6JMyeYp24s7aN9 luOtlVTyTbz4qQiMkQE5huVpz X-Received: by 2002:a05:6a21:998c:b0:10c:37ed:3e88 with SMTP id ve12-20020a056a21998c00b0010c37ed3e88mr8900710pzb.23.1685604307395; Thu, 01 Jun 2023 00:25:07 -0700 (PDT) X-Received: by 2002:a05:6a21:998c:b0:10c:37ed:3e88 with SMTP id ve12-20020a056a21998c00b0010c37ed3e88mr8900696pzb.23.1685604307121; Thu, 01 Jun 2023 00:25:07 -0700 (PDT) Received: from localhost ([43.228.180.230]) by smtp.gmail.com with ESMTPSA id y15-20020a17090322cf00b001ac5896e96esm2644901plg.207.2023.06.01.00.25.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jun 2023 00:25:06 -0700 (PDT) From: Coiby Xu To: kexec@lists.infradead.org Cc: Milan Broz , Thomas Staudt , Kairui Song , dm-devel@redhat.com, Jan Pazdziora , Pingfan Liu , Baoquan He , Dave Young , linux-kernel@vger.kernel.org, x86@kernel.org, Dave Hansen , Vitaly Kuznetsov , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH 5/5] x86/crash: make the page that stores the LUKS volume key inaccessible Date: Thu, 1 Jun 2023 15:24:44 +0800 Message-Id: <20230601072444.2033855-6-coxu@redhat.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601072444.2033855-1-coxu@redhat.com> References: <20230601072444.2033855-1-coxu@redhat.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767485522082247443?= X-GMAIL-MSGID: =?utf-8?q?1767485522082247443?= This adds an addition layer of protection for the saved copy of LUKS volume key. Trying to access the saved copy will cause page fault. Suggested-by: Pingfan Liu Signed-off-by: Coiby Xu --- arch/x86/kernel/machine_kexec_64.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c index 1a3e2c05a8a5..82d1ecb35827 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -546,9 +546,23 @@ static void kexec_mark_crashkres(bool protect) kexec_mark_range(control, crashk_res.end, protect); } +static void kexec_mark_luks_volume_key_inaccessible(void) +{ + unsigned long start_paddr, end_paddr; + unsigned int nr_pages; + + if (kexec_crash_image->luks_volume_key_addr) { + start_paddr = kexec_crash_image->luks_volume_key_addr; + end_paddr = start_paddr + kexec_crash_image->luks_volume_key_sz - 1; + nr_pages = (PAGE_ALIGN(end_paddr) - PAGE_ALIGN_DOWN(start_paddr))/PAGE_SIZE; + set_memory_np((unsigned long)phys_to_virt(start_paddr), nr_pages); + } +} + void arch_kexec_protect_crashkres(void) { kexec_mark_crashkres(true); + kexec_mark_luks_volume_key_inaccessible(); } void arch_kexec_unprotect_crashkres(void)