Re: [RFC 0/4] Support kdump with LUKS encryption by reusing LUKS master key

From: Milan Broz
Date: Fri Mar 18 2022 - 09:53:46 EST

Next message: Stefan Berger: "Re: [PATCH -next] tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()"
Previous message: kernel test robot: "[mingo-tip:master 1863/2335] net/ipv6/mcast.c:257:5: warning: no previous prototype for function 'ipv6_sock_mc_join_ssm'"
In reply to: Coiby Xu: "Re: [RFC 0/4] Support kdump with LUKS encryption by reusing LUKS master key"
Next in thread: Coiby Xu: "Re: [RFC 0/4] Support kdump with LUKS encryption by reusing LUKS master key"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 18/03/2022 13:21, Coiby Xu wrote:
...

Why is it not done through keyring and forcing kdump to retain key there
(under the same keyring key name as dm-crypt used)?
Kernel dm-crypt supports this already; LUKS2 uses keyring by default too.
That's all you need, or not? Why do you need to add another "kdump:" thing?
IOW why kdump cannot copy the key to keyring under the name dm-crypt
has in the mapping table and let dm-crypt activate the device almost without
code changes?

Sorry, I haven't explained how kdump works. Once the 1st kernel crashes and
the system boots into the kdump kernel, the kdump kernel only have direct
access to the memory exclusively reserved for it i.e. the kdump kernel
loses the direct access to the keyring constructed in the 1st kernel. In
theory, the kdump kernel could do some "hacking" to find out the key
stored in the memory directly managed by the 1st kernel but I imagine
this would be difficult task (imagine I present the memory dump of my
computer to you and ask you to rebuild all the relevant kernel data
structures and find the key). Besides, it's not reliable to read the
memory directly managed by the first kernel for example the memory could
be corrupt. So we have to pass the master key from the 1st kernel to the kdump
kernel.

OK, then why you cannot store it to the (2nd) kdump kernel keyring?
(From the kdump area copy, then you do not need to patch anything else
in dm-crypt than that one line storing the key to the kdump area.)

A clear approach would be to store the key in the 2nd kernel kdump keyring
and allow userspace to read it.
Then cryptsetup can just validate the key (LUKS key digest does not use Argon)
and activates it without asking for a passphrase.
Perhaps this will need some new cryptsetup option (or API call), but I think
it can be done.

Or, you can actually simulate it with
cryptsetup open ... --master-key-file <file>
where this keyfile contains directly the volume key, not a passphrase.
The key digest is verified in this case only; no costly PBKDF is needed.

If you have a way to retrieve the kdump stored key to kdump userspace, this
is perhaps a much simpler solution.

All this is against all countermeasures to not expose encryption key
directly - but if kdump is debugging environment, just saying...

Milan

Next message: Stefan Berger: "Re: [PATCH -next] tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()"
Previous message: kernel test robot: "[mingo-tip:master 1863/2335] net/ipv6/mcast.c:257:5: warning: no previous prototype for function 'ipv6_sock_mc_join_ssm'"
In reply to: Coiby Xu: "Re: [RFC 0/4] Support kdump with LUKS encryption by reusing LUKS master key"
Next in thread: Coiby Xu: "Re: [RFC 0/4] Support kdump with LUKS encryption by reusing LUKS master key"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]