grub/include/grub/cryptodisk.h
Glenn Washburn 1deb521452 cryptodisk: Add support for using detached header files
Using the disk read hook mechanism, setup a read hook on the source disk
which will read from the given header file during the scan and recovery
cryptodisk backend functions. Disk read hooks are executed after the data
has been read from the disk. This is okay, because the read hook is given
the read buffer before its sent back to the caller. In this case, the hook
can then overwrite the data read from the disk device with data from the
header file sent in as the read hook data. This is transparent to the
read caller. Since the callers of this function have just opened the
source disk, there are no current read hooks, so there's no need to
save/restore them nor consider if they should be called or not.

This hook assumes that the header is at the start of the volume, which
is not the case for some formats (e.g. GELI). So GELI will return an
error if a detached header is specified. It also can only be used
with formats where the detached header file can be written to the
first blocks of the volume and the volume could still be unlocked.
So the header file can not be formatted differently from the on-disk
header. If these assumpts are not met, detached header file processing
must be specially handled in the cryptodisk backend module.

The hook will be called potentially many times by a backend. This is fine
because of the assumptions mentioned and the read hook reads from absolute
offsets and is stateless.

Also add a --header (short -H) option to cryptomount which takes a file
argument.

Signed-off-by: Glenn Washburn <development@efficientek.com>
Reviewed-by: Patrick Steinhardt <ps@pks.im>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2022-07-04 14:43:25 +02:00

191 lines
5.8 KiB
C

/*
* GRUB -- GRand Unified Bootloader
* Copyright (C) 2002,2003,2004,2005,2006,2007,2008,2009 Free Software Foundation, Inc.
*
* GRUB is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* GRUB is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef GRUB_CRYPTODISK_HEADER
#define GRUB_CRYPTODISK_HEADER 1
#include <grub/disk.h>
#include <grub/file.h>
#include <grub/crypto.h>
#include <grub/list.h>
#ifdef GRUB_UTIL
#include <grub/emu/hostdisk.h>
#endif
typedef enum
{
GRUB_CRYPTODISK_MODE_ECB,
GRUB_CRYPTODISK_MODE_CBC,
GRUB_CRYPTODISK_MODE_PCBC,
GRUB_CRYPTODISK_MODE_XTS,
GRUB_CRYPTODISK_MODE_LRW
} grub_cryptodisk_mode_t;
typedef enum
{
GRUB_CRYPTODISK_MODE_IV_NULL,
GRUB_CRYPTODISK_MODE_IV_PLAIN,
GRUB_CRYPTODISK_MODE_IV_PLAIN64,
GRUB_CRYPTODISK_MODE_IV_ESSIV,
GRUB_CRYPTODISK_MODE_IV_BENBI,
GRUB_CRYPTODISK_MODE_IV_BYTECOUNT64,
GRUB_CRYPTODISK_MODE_IV_BYTECOUNT64_HASH
} grub_cryptodisk_mode_iv_t;
#define GRUB_CRYPTODISK_MAX_UUID_LENGTH 71
/* LUKS1 specification defines the block size to always be 512 bytes. */
#define GRUB_LUKS1_LOG_SECTOR_SIZE 9
/* By default dm-crypt increments the IV every 512 bytes. */
#define GRUB_CRYPTODISK_IV_LOG_SIZE 9
#define GRUB_CRYPTODISK_GF_LOG_SIZE 7
#define GRUB_CRYPTODISK_GF_SIZE (1U << GRUB_CRYPTODISK_GF_LOG_SIZE)
#define GRUB_CRYPTODISK_GF_LOG_BYTES (GRUB_CRYPTODISK_GF_LOG_SIZE - 3)
#define GRUB_CRYPTODISK_GF_BYTES (1U << GRUB_CRYPTODISK_GF_LOG_BYTES)
#define GRUB_CRYPTODISK_MAX_KEYLEN 128
#define GRUB_CRYPTODISK_MAX_PASSPHRASE 256
#define GRUB_CRYPTODISK_MAX_KEYFILE_SIZE 8192
struct grub_cryptodisk;
typedef gcry_err_code_t
(*grub_cryptodisk_rekey_func_t) (struct grub_cryptodisk *dev,
grub_uint64_t zoneno);
struct grub_cryptomount_args
{
/* scan: Flag to indicate that only bootable volumes should be decrypted */
grub_uint32_t check_boot : 1;
/* scan: Only volumes matching this UUID should be decrpyted */
char *search_uuid;
/* recover_key: Key data used to decrypt voume */
grub_uint8_t *key_data;
/* recover_key: Length of key_data */
grub_size_t key_len;
grub_file_t hdr_file;
};
typedef struct grub_cryptomount_args *grub_cryptomount_args_t;
struct grub_cryptodisk
{
struct grub_cryptodisk *next;
struct grub_cryptodisk **prev;
char *source;
/*
* The number of sectors the start of the encrypted data is offset into the
* underlying disk, where sectors are the size noted by log_sector_size.
*/
grub_disk_addr_t offset_sectors;
/* Total number of encrypted sectors of size (1 << log_sector_size). */
grub_disk_addr_t total_sectors;
grub_disk_t source_disk;
int ref;
grub_crypto_cipher_handle_t cipher;
grub_crypto_cipher_handle_t secondary_cipher;
grub_crypto_cipher_handle_t essiv_cipher;
const gcry_md_spec_t *essiv_hash, *hash, *iv_hash;
grub_cryptodisk_mode_t mode;
grub_cryptodisk_mode_iv_t mode_iv;
int benbi_log;
unsigned long id, source_id;
enum grub_disk_dev_id source_dev_id;
char uuid[GRUB_CRYPTODISK_MAX_UUID_LENGTH + 1];
grub_uint8_t lrw_key[GRUB_CRYPTODISK_GF_BYTES];
grub_uint8_t *lrw_precalc;
grub_uint8_t iv_prefix[64];
grub_size_t iv_prefix_len;
grub_uint8_t key[GRUB_CRYPTODISK_MAX_KEYLEN];
grub_size_t keysize;
#ifdef GRUB_UTIL
char *cheat;
grub_util_fd_t cheat_fd;
#endif
const char *modname;
int log_sector_size;
grub_cryptodisk_rekey_func_t rekey;
int rekey_shift;
grub_uint8_t rekey_key[64];
grub_uint64_t last_rekey;
int rekey_derived_size;
grub_disk_addr_t partition_start;
};
typedef struct grub_cryptodisk *grub_cryptodisk_t;
struct grub_cryptodisk_dev
{
struct grub_cryptodisk_dev *next;
struct grub_cryptodisk_dev **prev;
grub_cryptodisk_t (*scan) (grub_disk_t disk, grub_cryptomount_args_t cargs);
grub_err_t (*recover_key) (grub_disk_t disk, grub_cryptodisk_t dev, grub_cryptomount_args_t cargs);
};
typedef struct grub_cryptodisk_dev *grub_cryptodisk_dev_t;
extern grub_cryptodisk_dev_t EXPORT_VAR (grub_cryptodisk_list);
#ifndef GRUB_LST_GENERATOR
static inline void
grub_cryptodisk_dev_register (grub_cryptodisk_dev_t cr)
{
grub_list_push (GRUB_AS_LIST_P (&grub_cryptodisk_list), GRUB_AS_LIST (cr));
}
#endif
static inline void
grub_cryptodisk_dev_unregister (grub_cryptodisk_dev_t cr)
{
grub_list_remove (GRUB_AS_LIST (cr));
}
#define FOR_CRYPTODISK_DEVS(var) FOR_LIST_ELEMENTS((var), (grub_cryptodisk_list))
grub_err_t
grub_cryptodisk_setcipher (grub_cryptodisk_t crypt, const char *ciphername, const char *ciphermode);
gcry_err_code_t
grub_cryptodisk_setkey (grub_cryptodisk_t dev,
grub_uint8_t *key, grub_size_t keysize);
gcry_err_code_t
grub_cryptodisk_decrypt (struct grub_cryptodisk *dev,
grub_uint8_t * data, grub_size_t len,
grub_disk_addr_t sector, grub_size_t log_sector_size);
grub_err_t
grub_cryptodisk_insert (grub_cryptodisk_t newdev, const char *name,
grub_disk_t source);
#ifdef GRUB_UTIL
grub_err_t
grub_cryptodisk_cheat_insert (grub_cryptodisk_t newdev, const char *name,
grub_disk_t source, const char *cheat);
void
grub_util_cryptodisk_get_abstraction (grub_disk_t disk,
void (*cb) (const char *val, void *data),
void *data);
char *
grub_util_get_geli_uuid (const char *dev);
#endif
grub_cryptodisk_t grub_cryptodisk_get_by_uuid (const char *uuid);
grub_cryptodisk_t grub_cryptodisk_get_by_source_disk (grub_disk_t disk);
#endif