ubifs: Create functions to embed a HMAC in a node

With authentication support some nodes (master node, super block node) get a HMAC embedded into them. This patch adds functions to prepare and write such a node. The difficulty is that besides the HMAC the nodes also have a CRC which must stay valid. This means we first have to initialize all fields in the node, then calculate the HMAC (not covering the CRC) and finally calculate the CRC. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Richard Weinberger <richard@nod.at>
author: Sascha Hauer <s.hauer@pengutronix.de> 2018-09-07 08:36:33 -0400
committer: Richard Weinberger <richard@nod.at> 2018-10-23 07:48:37 -0400
commit: a384b47e4954a0f834749fcbe1c096c40ff5eb35 (patch)
tree: 512ccd678b77a62ad99a674e309204437fa5bf04
parent: 49525e5eecca5e1b4a83ac217868e8d8b843539f (diff)
2 files changed, 70 insertions, 6 deletions
diff --git a/fs/ubifs/io.c b/fs/ubifs/io.c
index 4bd61fe146e0..d124117efd42 100644
--- a/fs/ubifs/io.c
+++ b/fs/ubifs/io.c
@@ -395,6 +395,39 @@ void ubifs_crc_node(struct ubifs_info *c, void *node, int len)
 }
 /**
+ * ubifs_prepare_node_hmac - prepare node to be written to flash.
+ * @c: UBIFS file-system description object
+ * @node: the node to pad
+ * @len: node length
+ * @hmac_offs: offset of the HMAC in the node
+ * @pad: if the buffer has to be padded
+ *
+ * This function prepares node at @node to be written to the media - it
+ * calculates node CRC, fills the common header, and adds proper padding up to
+ * the next minimum I/O unit if @pad is not zero. if @hmac_offs is positive then
+ * a HMAC is inserted into the node at the given offset.
+ *
+ * This function returns 0 for success or a negative error code otherwise.
+ */
+int ubifs_prepare_node_hmac(struct ubifs_info *c, void *node, int len,
+                            int hmac_offs, int pad)
+{
+        int err;
+        ubifs_init_node(c, node, len, pad);
+        if (hmac_offs > 0) {
+                err = ubifs_node_insert_hmac(c, node, len, hmac_offs);
+                if (err)
+                        return err;
+        }
+        ubifs_crc_node(c, node, len);
+        return 0;
+}
+/**
 * ubifs_prepare_node - prepare node to be written to flash.
 * @c: UBIFS file-system description object
 * @node: the node to pad
@@ -407,8 +440,11 @@ void ubifs_crc_node(struct ubifs_info *c, void *node, int len)
 */
 void ubifs_prepare_node(struct ubifs_info *c, void *node, int len, int pad)
 {
-        ubifs_init_node(c, node, len, pad);
+        /*
-        ubifs_crc_node(c, node, len);
+         * Deliberately ignore return value since this function can only fail
+         * when a hmac offset is given.
+         */
+        ubifs_prepare_node_hmac(c, node, len, 0, pad);
 }
 /**
@@ -861,12 +897,13 @@ out:
 }
 /**
- * ubifs_write_node - write node to the media.
+ * ubifs_write_node_hmac - write node to the media.
 * @c: UBIFS file-system description object
 * @buf: the node to write
 * @len: node length
 * @lnum: logical eraseblock number
 * @offs: offset within the logical eraseblock
+ * @hmac_offs: offset of the HMAC within the node
 *
 * This function automatically fills node magic number, assigns sequence
 * number, and calculates node CRC checksum. The length of the @buf buffer has
@@ -874,8 +911,8 @@ out:
 * appends padding node and padding bytes if needed. Returns zero in case of
 * success and a negative error code in case of failure.
 */
-int ubifs_write_node(struct ubifs_info *c, void *buf, int len, int lnum,
+int ubifs_write_node_hmac(struct ubifs_info *c, void *buf, int len, int lnum,
-                     int offs)
+                          int offs, int hmac_offs)
 {
        int err, buf_len = ALIGN(len, c->min_io_size);
@@ -890,7 +927,10 @@ int ubifs_write_node(struct ubifs_info *c, void *buf, int len, int lnum,
        if (c->ro_error)
                return -EROFS;
-        ubifs_prepare_node(c, buf, len, 1);
+        err = ubifs_prepare_node_hmac(c, buf, len, hmac_offs, 1);
+        if (err)
+                return err;
        err = ubifs_leb_write(c, lnum, buf, offs, buf_len);
        if (err)
                ubifs_dump_node(c, buf);
@@ -899,6 +939,26 @@ int ubifs_write_node(struct ubifs_info *c, void *buf, int len, int lnum,
 }
 /**
+ * ubifs_write_node - write node to the media.
+ * @c: UBIFS file-system description object
+ * @buf: the node to write
+ * @len: node length
+ * @lnum: logical eraseblock number
+ * @offs: offset within the logical eraseblock
+ *
+ * This function automatically fills node magic number, assigns sequence
+ * number, and calculates node CRC checksum. The length of the @buf buffer has
+ * to be aligned to the minimal I/O unit size. This function automatically
+ * appends padding node and padding bytes if needed. Returns zero in case of
+ * success and a negative error code in case of failure.
+ */
+int ubifs_write_node(struct ubifs_info *c, void *buf, int len, int lnum,
+                     int offs)
+{
+        return ubifs_write_node_hmac(c, buf, len, lnum, offs, -1);
+}
+/**
 * ubifs_read_node_wbuf - read node from the media or write-buffer.
 * @wbuf: wbuf to check for un-written data
 * @buf: buffer to read to
diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h
index 3300f68c4097..42e904b060f9 100644
--- a/fs/ubifs/ubifs.h
+++ b/fs/ubifs/ubifs.h
@@ -1710,11 +1710,15 @@ int ubifs_read_node_wbuf(struct ubifs_wbuf *wbuf, void *buf, int type, int len,
                         int lnum, int offs);
 int ubifs_write_node(struct ubifs_info *c, void *node, int len, int lnum,
                     int offs);
+int ubifs_write_node_hmac(struct ubifs_info *c, void *buf, int len, int lnum,
+                          int offs, int hmac_offs);
 int ubifs_check_node(const struct ubifs_info *c, const void *buf, int lnum,
                     int offs, int quiet, int must_chk_crc);
 void ubifs_init_node(struct ubifs_info *c, void *buf, int len, int pad);
 void ubifs_crc_node(struct ubifs_info *c, void *buf, int len);
 void ubifs_prepare_node(struct ubifs_info *c, void *buf, int len, int pad);
+int ubifs_prepare_node_hmac(struct ubifs_info *c, void *node, int len,
+                            int hmac_offs, int pad);
 void ubifs_prep_grp_node(struct ubifs_info *c, void *node, int len, int last);
 int ubifs_io_init(struct ubifs_info *c);
 void ubifs_pad(const struct ubifs_info *c, void *buf, int pad);
author	Sascha Hauer <s.hauer@pengutronix.de>	2018-09-07 08:36:33 -0400
committer	Richard Weinberger <richard@nod.at>	2018-10-23 07:48:37 -0400
commit	a384b47e4954a0f834749fcbe1c096c40ff5eb35 (patch)
tree	512ccd678b77a62ad99a674e309204437fa5bf04
parent	49525e5eecca5e1b4a83ac217868e8d8b843539f (diff)

diff --git a/fs/ubifs/io.c b/fs/ubifs/io.c index 4bd61fe146e0..d124117efd42 100644 --- a/fs/ubifs/io.c +++ b/fs/ubifs/io.c
@@ -395,6 +395,39 @@ void ubifs_crc_node(struct ubifs_info c, void node, int len)
395	}	395	}
396		396
397	/**	397	/**
		398	* ubifs_prepare_node_hmac - prepare node to be written to flash.
		399	* @c: UBIFS file-system description object
		400	* @node: the node to pad
		401	* @len: node length
		402	* @hmac_offs: offset of the HMAC in the node
		403	* @pad: if the buffer has to be padded
		404	*
		405	* This function prepares node at @node to be written to the media - it
		406	* calculates node CRC, fills the common header, and adds proper padding up to
		407	* the next minimum I/O unit if @pad is not zero. if @hmac_offs is positive then
		408	* a HMAC is inserted into the node at the given offset.
		409	*
		410	* This function returns 0 for success or a negative error code otherwise.
		411	*/
		412	int ubifs_prepare_node_hmac(struct ubifs_info c, void node, int len,
		413	int hmac_offs, int pad)
		414	{
		415	int err;
		416
		417	ubifs_init_node(c, node, len, pad);
		418
		419	if (hmac_offs > 0) {
		420	err = ubifs_node_insert_hmac(c, node, len, hmac_offs);
		421	if (err)
		422	return err;
		423	}
		424
		425	ubifs_crc_node(c, node, len);
		426
		427	return 0;
		428	}
		429
		430	/**
398	* ubifs_prepare_node - prepare node to be written to flash.	431	* ubifs_prepare_node - prepare node to be written to flash.
399	* @c: UBIFS file-system description object	432	* @c: UBIFS file-system description object
400	* @node: the node to pad	433	* @node: the node to pad
@@ -407,8 +440,11 @@ void ubifs_crc_node(struct ubifs_info c, void node, int len)
407	*/	440	*/
408	void ubifs_prepare_node(struct ubifs_info c, void node, int len, int pad)	441	void ubifs_prepare_node(struct ubifs_info c, void node, int len, int pad)
409	{	442	{
410	ubifs_init_node(c, node, len, pad);	443	/*
411	ubifs_crc_node(c, node, len);	444	* Deliberately ignore return value since this function can only fail
		445	* when a hmac offset is given.
		446	*/
		447	ubifs_prepare_node_hmac(c, node, len, 0, pad);
412	}	448	}
413		449
414	/**	450	/**
@@ -861,12 +897,13 @@ out:
861	}	897	}
862		898
863	/**	899	/**
864	* ubifs_write_node - write node to the media.	900	* ubifs_write_node_hmac - write node to the media.
865	* @c: UBIFS file-system description object	901	* @c: UBIFS file-system description object
866	* @buf: the node to write	902	* @buf: the node to write
867	* @len: node length	903	* @len: node length
868	* @lnum: logical eraseblock number	904	* @lnum: logical eraseblock number
869	* @offs: offset within the logical eraseblock	905	* @offs: offset within the logical eraseblock
		906	* @hmac_offs: offset of the HMAC within the node
870	*	907	*
871	* This function automatically fills node magic number, assigns sequence	908	* This function automatically fills node magic number, assigns sequence
872	* number, and calculates node CRC checksum. The length of the @buf buffer has	909	* number, and calculates node CRC checksum. The length of the @buf buffer has
@@ -874,8 +911,8 @@ out:
874	* appends padding node and padding bytes if needed. Returns zero in case of	911	* appends padding node and padding bytes if needed. Returns zero in case of
875	* success and a negative error code in case of failure.	912	* success and a negative error code in case of failure.
876	*/	913	*/
877	int ubifs_write_node(struct ubifs_info c, void buf, int len, int lnum,	914	int ubifs_write_node_hmac(struct ubifs_info c, void buf, int len, int lnum,
878	int offs)	915	int offs, int hmac_offs)
879	{	916	{
880	int err, buf_len = ALIGN(len, c->min_io_size);	917	int err, buf_len = ALIGN(len, c->min_io_size);
881		918
@@ -890,7 +927,10 @@ int ubifs_write_node(struct ubifs_info c, void buf, int len, int lnum,
890	if (c->ro_error)	927	if (c->ro_error)
891	return -EROFS;	928	return -EROFS;
892		929
893	ubifs_prepare_node(c, buf, len, 1);	930	err = ubifs_prepare_node_hmac(c, buf, len, hmac_offs, 1);
		931	if (err)
		932	return err;
		933
894	err = ubifs_leb_write(c, lnum, buf, offs, buf_len);	934	err = ubifs_leb_write(c, lnum, buf, offs, buf_len);
895	if (err)	935	if (err)
896	ubifs_dump_node(c, buf);	936	ubifs_dump_node(c, buf);
@@ -899,6 +939,26 @@ int ubifs_write_node(struct ubifs_info c, void buf, int len, int lnum,
899	}	939	}
900		940
901	/**	941	/**
		942	* ubifs_write_node - write node to the media.
		943	* @c: UBIFS file-system description object
		944	* @buf: the node to write
		945	* @len: node length
		946	* @lnum: logical eraseblock number
		947	* @offs: offset within the logical eraseblock
		948	*
		949	* This function automatically fills node magic number, assigns sequence
		950	* number, and calculates node CRC checksum. The length of the @buf buffer has
		951	* to be aligned to the minimal I/O unit size. This function automatically
		952	* appends padding node and padding bytes if needed. Returns zero in case of
		953	* success and a negative error code in case of failure.
		954	*/
		955	int ubifs_write_node(struct ubifs_info c, void buf, int len, int lnum,
		956	int offs)
		957	{
		958	return ubifs_write_node_hmac(c, buf, len, lnum, offs, -1);
		959	}
		960
		961	/**
902	* ubifs_read_node_wbuf - read node from the media or write-buffer.	962	* ubifs_read_node_wbuf - read node from the media or write-buffer.
903	* @wbuf: wbuf to check for un-written data	963	* @wbuf: wbuf to check for un-written data
904	* @buf: buffer to read to	964	* @buf: buffer to read to


diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index 3300f68c4097..42e904b060f9 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h
@@ -1710,11 +1710,15 @@ int ubifs_read_node_wbuf(struct ubifs_wbuf wbuf, void buf, int type, int len,
1710	int lnum, int offs);	1710	int lnum, int offs);
1711	int ubifs_write_node(struct ubifs_info c, void node, int len, int lnum,	1711	int ubifs_write_node(struct ubifs_info c, void node, int len, int lnum,
1712	int offs);	1712	int offs);
		1713	int ubifs_write_node_hmac(struct ubifs_info c, void buf, int len, int lnum,
		1714	int offs, int hmac_offs);
1713	int ubifs_check_node(const struct ubifs_info c, const void buf, int lnum,	1715	int ubifs_check_node(const struct ubifs_info c, const void buf, int lnum,
1714	int offs, int quiet, int must_chk_crc);	1716	int offs, int quiet, int must_chk_crc);
1715	void ubifs_init_node(struct ubifs_info c, void buf, int len, int pad);	1717	void ubifs_init_node(struct ubifs_info c, void buf, int len, int pad);
1716	void ubifs_crc_node(struct ubifs_info c, void buf, int len);	1718	void ubifs_crc_node(struct ubifs_info c, void buf, int len);
1717	void ubifs_prepare_node(struct ubifs_info c, void buf, int len, int pad);	1719	void ubifs_prepare_node(struct ubifs_info c, void buf, int len, int pad);
		1720	int ubifs_prepare_node_hmac(struct ubifs_info c, void node, int len,
		1721	int hmac_offs, int pad);
1718	void ubifs_prep_grp_node(struct ubifs_info c, void node, int len, int last);	1722	void ubifs_prep_grp_node(struct ubifs_info c, void node, int len, int last);
1719	int ubifs_io_init(struct ubifs_info *c);	1723	int ubifs_io_init(struct ubifs_info *c);
1720	void ubifs_pad(const struct ubifs_info c, void buf, int pad);	1724	void ubifs_pad(const struct ubifs_info c, void buf, int pad);