From patchwork Wed Aug 8 13:14:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Angelo Compagnucci X-Patchwork-Id: 955065 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=googlegroups.com (client-ip=2a00:1450:4864:20::43f; helo=mail-wr1-x43f.google.com; envelope-from=swupdate+bncbdnkrafg44krbv6zvpnqkgqeubxa5wa@googlegroups.com; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=amarulasolutions.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.b="npTEAtR5"; dkim-atps=neutral Received: from mail-wr1-x43f.google.com (mail-wr1-x43f.google.com [IPv6:2a00:1450:4864:20::43f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41lsLg60Vbz9s0n for ; Wed, 8 Aug 2018 23:15:06 +1000 (AEST) Received: by mail-wr1-x43f.google.com with SMTP id w2-v6sf1778706wrt.13 for ; Wed, 08 Aug 2018 06:15:06 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1533734103; cv=pass; d=google.com; s=arc-20160816; b=IFvBbnjtqkysppvmbHVgDARFAfHGmo61nY1bnW4LfVFusg2fjfXYcq6q3UlwfuqsO2 Oz4fYjVr7uwwf5flbRiPdI9j1GX5CnY1QLbd+3QsqbQD8DcwB+1Fi9mtxGHqsLFv3gov oyZTaCdeWrFDUO61/vQWwdZ4l8CJ7nyeplEonACT6Cjm12QdvzeGAgW0iC1oTBdkDULZ oP2LEKteZKXTFv/IODXx7c8TcmRpDtMjy2oI8BhCv5/EQ2QsEx4aTgbrUKMeSbgnYn/X lEbuvcWP9QNtDNvYAG73FuBd37UQ09nUprbeJrmcv+AddF0BtYMq/iGc5BsdhO90v0Zb cfxw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:arc-authentication-results :arc-message-signature:mime-version:sender:dkim-signature :arc-authentication-results; bh=ejEWTQV3dlBN0VEzId7Ib32JxyTILe1sotg/0bf03IQ=; b=vj7htzmtvuBisD/id6gOsPX8wr21UcAdpWnfQ5txiuFtxDt8s3ihjSxCl5Ujfx+nPM erL05eSohI7ge61OZU4wEW2XcKOOLPi7+XqJWPHbHuMF14xA7vXJMLKB/FsVvy6YF+Ro vT23y//RujJSxGwXV5wUs+s/p8ioutH3v/wpEbXFObfrE/PJ5F3Y0dZDXpFKKMny3BVo K5hhfxhZZRrtoB4F/npCaMg5TxJ5i4jVvkUF6Z538WxHW7iR8ZQlt34CrY40zywFL2tg u+n4PGQNbA6cCokihk8In33Adtz3afWTmCCyTitNQYLaxZsea7yL1UFv20RA8KZlxZkP tXiQ== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=U1GfOd7z; spf=pass (google.com: domain of angelo@amarulasolutions.com designates 2a00:1450:4864:20::442 as permitted sender) smtp.mailfrom=angelo@amarulasolutions.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:from:to:cc:subject:date:message-id:in-reply-to :references:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=ejEWTQV3dlBN0VEzId7Ib32JxyTILe1sotg/0bf03IQ=; b=npTEAtR54ASFG4acmFtxpubg0T9dSQIdGtVid1FpvDdGSRxA75vBd6OVnw5dz5fcB+ 1WWzYjA+l6W8+sR4hVRXEIZxqwY5cqqna/Sb8VSRUgJfAI2DlAtBWPweBKVp0ftM9qhw o2BqjmoeJHhj2McmnLOWiyNzLcjssGgzohiIa7IxPxtXAIyTINaPGszU6qrmNekgXDrq 4JvVNdIZ9E6cViQSpgtRIda9Lv6s9tkX5noVUKjoj/zxW/j/Kk1sFfVSRDkkkPeIwlgQ EUfE6CqTD49u5ylwu+JSaWLLummIY3C1hasLTnY0dH8tdOaTgW0HwNs+Uu/4QDLWEzcT MmFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date :message-id:in-reply-to:references:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=ejEWTQV3dlBN0VEzId7Ib32JxyTILe1sotg/0bf03IQ=; b=fF9Uuck24n4dx/XVKkq7AdEcoZK1T+nP+L6B3E0eibq/je5oWqb+F++YZExnpSKASX 4962dg85XFATzkhoQyWtboUqg9RhJxPV3XyoRThUEGIV8LyRTKjYbkrAnL5PgvS3Nrb9 4mVtKcOgl27ErPHZXjWo1CXsBA+Jv7Q/41A8NNcEjq7n8MLUpZV7Y/0wfwWqvxCw4mAA HFsaBLXAcMcV358Evb1fHMFLch2394MUXHmqYYYoYQxkZ2Vsqr6gc/VlTYSSMy/cAFy4 3NB7apSs90XsJlclYbnuPAvGV8kVbFpvHj26WcQexWVK8SNkCIxybgzhemtmYhUzbuwf utkQ== Sender: swupdate@googlegroups.com X-Gm-Message-State: AOUpUlGRB4GrNYrg1jo+GoDCDU/1B8KvT01E/SepRGQBDdZYjKPac8JA Vyih0e1ctetpBAZgxd+AuV8= X-Google-Smtp-Source: AA+uWPxN18dMqYPrUts1KTvhMwQBtr8kDqqVinsExr4/U8pc+gXhoP8WkASAduGhBwA3p95BneRumA== X-Received: by 2002:adf:eece:: with SMTP id a14-v6mr30645wrp.1.1533734103760; Wed, 08 Aug 2018 06:15:03 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: swupdate@googlegroups.com Received: by 2002:a1c:7c18:: with SMTP id x24-v6ls1260648wmc.5.canary-gmail; Wed, 08 Aug 2018 06:15:03 -0700 (PDT) X-Received: by 2002:a1c:f60a:: with SMTP id w10-v6mr271350wmc.19.1533734103278; Wed, 08 Aug 2018 06:15:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533734103; cv=none; d=google.com; s=arc-20160816; b=KlKfr/8/jWZN5e8Q4ojrxQh+xSmJo7U0pLtkuVO9Lp9kzyDYIf6yV5jUMyiU5Gb3iH O97CdVsZhABjQli7hLy3Vzn8QlR6cDklcH9KCuNxmQnt/6pOf/wUQHORadBeGkarVsB6 gvaDiYRN9pUhPr+3EoLcXX3UIYV/wr7micNg8aYwwuT767SGSt9w4yUeEq2ZiwCU3bVM l8LUPEnlGkm0h8R8TXWc8qpXVWPNcXnLW8esXSBO1bxwvUPElGSbBTdH82T3lbE7Fgld a/DK1a6MDy6wVLO0K2iIYbtabHLmRqK9zEAagLW5WPwLQoG2dVGvYSCOUKcs0g7jiqBz I3jQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=AT7uoEjzLzdWOXpw/LICSBjxvgjVOIYSOPDWJ+gN+Z4=; b=SQeaAtBgj8NGZ6iJTvi/DIcZ9aaw0+60HGGpUrRpbwN69ugfslENVIidgAHN6RYAWE ikr0hHOGWW9ifuyLLphWSqEdAsc54e/cL6w+bSk2eqWPDdthI7BEva6C7ePT/AyzMU3M ygWFT03Oz3bU19ZWw41LBqcdpMmgi5m7mNDwiXyrAbXHtnlI87L3EqbEjeQrQvOTnGjS ir82twId6EXYok1th+V5h0Xe3+s3pntUMNAi39tGok9aqhV8Rfx2JwCQIMpVb1Ikqfwu aeHRq0o5K1j+NUJCXuE4ejjzm9N7YNL3S+luph4udft1o2kJYS/AV4dwWezfH5DbwezR pA6Q== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=U1GfOd7z; spf=pass (google.com: domain of angelo@amarulasolutions.com designates 2a00:1450:4864:20::442 as permitted sender) smtp.mailfrom=angelo@amarulasolutions.com Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com. [2a00:1450:4864:20::442]) by gmr-mx.google.com with ESMTPS id r2-v6si422176wmh.1.2018.08.08.06.15.03 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Aug 2018 06:15:03 -0700 (PDT) Received-SPF: pass (google.com: domain of angelo@amarulasolutions.com designates 2a00:1450:4864:20::442 as permitted sender) client-ip=2a00:1450:4864:20::442; Received: by mail-wr1-x442.google.com with SMTP id g1-v6so2007869wru.2 for ; Wed, 08 Aug 2018 06:15:03 -0700 (PDT) X-Received: by 2002:a5d:4785:: with SMTP id w5-v6mr1787851wrq.188.1533734102358; Wed, 08 Aug 2018 06:15:02 -0700 (PDT) Received: from localhost.localdomain ([89.202.204.147]) by smtp.gmail.com with ESMTPSA id y184-v6sm5026768wmg.17.2018.08.08.06.15.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Aug 2018 06:15:01 -0700 (PDT) From: Angelo Compagnucci To: swupdate@googlegroups.com Cc: Angelo Compagnucci Subject: [swupdate] [PATCH v4 2/2] Encryption of ubi volume image Date: Wed, 8 Aug 2018 15:14:57 +0200 Message-Id: <1533734097-31833-2-git-send-email-angelo@amarulasolutions.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1533734097-31833-1-git-send-email-angelo@amarulasolutions.com> References: <1533734097-31833-1-git-send-email-angelo@amarulasolutions.com> X-Original-Sender: angelo@amarulasolutions.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@amarulasolutions.com header.s=google header.b=U1GfOd7z; spf=pass (google.com: domain of angelo@amarulasolutions.com designates 2a00:1450:4864:20::442 as permitted sender) smtp.mailfrom=angelo@amarulasolutions.com Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , Encryption on ubi volumes is actually broken cause a mismatch between the size expected to be written and the actual size after decrypting. This behavior is not related to swupdate: indeed it's kernel api for ubi volumes that requires to declare the size to be written before to actually write anything. Before this patch, the size to be written on disk is retrieved from the size of the encrypted image when the real size of a decrypted image is instead smaller. This patch adds a "decrypted-size" property to the sw-description to explicitly tell to swupdate to allocate that size for ubi volumes. This parameter should be updated to the real size of the image just before assembling the update. Signed-off-by: Angelo Compagnucci Acked-by: Stefano Babic --- doc/source/encrypted_images.rst | 26 ++++++++++++++++++++++++++ handlers/ubivol_handler.c | 12 +++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/doc/source/encrypted_images.rst b/doc/source/encrypted_images.rst index a7d85a2..a2592d8 100644 --- a/doc/source/encrypted_images.rst +++ b/doc/source/encrypted_images.rst @@ -52,6 +52,32 @@ generation command above. Accordingly, drop the ``-S `` parameter in the encryption command and omit the 3rd field of the key file to be supplied to SWUpdate being the salt. +Encryption of UBI volumes +------------------------- + +Due to a limit in the Linux kernel api for UBI volumes, the size reserved to be +written on disk should be declared before actually write anything. +Unfortunately, the size of an encrypted image is not know until the complete +decryption, thus preventing to correctly declare the size of the file to be +written on disk. + +For this reason UBI images can declare the special property "decrypted-size" like +this: + +:: + + images: ( { + filename = "rootfs.ubifs.enc"; + volume = "rootfs"; + encrypted = true; + properties = {decrypted-size = "104857600";} + } + ); + +The real size of the decrypted image should be calculated and written to the +sw-description before assembling the cpio archive. +In this example, 104857600 is the size of the rootfs after the decryption: the +encrypted size is by the way larger. Example sw-description with Encrypted Image ------------------------------------------- diff --git a/handlers/ubivol_handler.c b/handlers/ubivol_handler.c index 0c6fcbf..247a644 100644 --- a/handlers/ubivol_handler.c +++ b/handlers/ubivol_handler.c @@ -42,9 +42,19 @@ static int update_volume(libubi_t libubi, struct img_type *img, char node[64]; int err; char sbuf[128]; + char *decrypted_size_str = NULL; bytes = img->size; if (img->is_encrypted) { + + decrypted_size_str = dict_get_value(&img->properties, "decrypted-size"); + + bytes = ustrtoull(decrypted_size_str, 0); + if (errno){ + ERROR("decrypted-size argument: ustrtoull failed"); + return -1; + } + if (img->compressed) { ERROR("Decryption of compressed UBI images not supported"); return -1; @@ -53,7 +63,7 @@ static int update_volume(libubi_t libubi, struct img_type *img, ERROR("Encrypted image size (%lld) too small", bytes); return -1; } - bytes -= AES_BLOCK_SIZE; + TRACE("Image is crypted, decrypted size %lld bytes", bytes); } if (!libubi) {