Date: Sat, 10 Dec 2016 13:20:50 -0600 From: Justin Hibbits <chmeeedalf@gmail.com> To: Konrad Witaszczyk <def@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r309818 - in head: etc/defaults etc/rc.d sbin sbin/decryptcore sbin/dumpon sbin/savecore share/man/man5 sys/amd64/amd64 sys/arm/arm sys/arm64/arm64 sys/conf sys/ddb sys/dev/null sys/geo... Message-ID: <043C7408-A0FA-4316-B24B-3A181146FE20@gmail.com> In-Reply-To: <201612101620.uBAGKdUg033773@repo.freebsd.org> References: <201612101620.uBAGKdUg033773@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 10, 2016, at 10:20 AM, Konrad Witaszczyk wrote: > Author: def > Date: Sat Dec 10 16:20:39 2016 > New Revision: 309818 > URL: https://svnweb.freebsd.org/changeset/base/309818 > > Log: > Add support for encrypted kernel crash dumps. > > Changes include modifications in kernel crash dump routines, > dumpon(8) and > savecore(8). A new tool called decryptcore(8) was added. > > A new DIOCSKERNELDUMP I/O control was added to send a kernel crash > dump > configuration in the diocskerneldump_arg structure to the kernel. > The old DIOCSKERNELDUMP I/O control was renamed to > DIOCSKERNELDUMP_FREEBSD11 for > backward ABI compatibility. > > dumpon(8) generates an one-time random symmetric key and encrypts > it using > an RSA public key in capability mode. Currently only AES-256-CBC is > supported > but EKCD was designed to implement support for other algorithms in > the future. > The public key is chosen using the -k flag. The dumpon rc(8) script > can do this > automatically during startup using the dumppubkey rc.conf(5) > variable. Once the > keys are calculated dumpon sends them to the kernel via > DIOCSKERNELDUMP I/O > control. > > When the kernel receives the DIOCSKERNELDUMP I/O control it > generates a random > IV and sets up the key schedule for the specified algorithm. Each > time the > kernel tries to write a crash dump to the dump device, the IV is > replaced by > a SHA-256 hash of the previous value. This is intended to make a > possible > differential cryptanalysis harder since it is possible to write > multiple crash > dumps without reboot by repeating the following commands: > # sysctl debug.kdb.enter=1 > db> call doadump(0) > db> continue > # savecore > > A kernel dump key consists of an algorithm identifier, an IV and an > encrypted > symmetric key. The kernel dump key size is included in a kernel > dump header. > The size is an unsigned 32-bit integer and it is aligned to a block > size. > The header structure has 512 bytes to match the block size so it > was required to > make a panic string 4 bytes shorter to add a new field to the > header structure. > If the kernel dump key size in the header is nonzero it is assumed > that the > kernel dump key is placed after the first header on the dump device > and the core > dump is encrypted. > > Separate functions were implemented to write the kernel dump header > and the > kernel dump key as they need to be unencrypted. The dump_write > function encrypts > data if the kernel was compiled with the EKCD option. Encrypted > kernel textdumps > are not supported due to the way they are constructed which makes > it impossible > to use the CBC mode for encryption. It should be also noted that > textdumps don't > contain sensitive data by design as a user decides what information > should be > dumped. > > savecore(8) writes the kernel dump key to a key.# file if its size > in the header > is nonzero. # is the number of the current core dump. > > decryptcore(8) decrypts the core dump using a private RSA key and > the kernel > dump key. This is performed by a child process in capability mode. > If the decryption was not successful the parent process removes a > partially > decrypted core dump. > > Description on how to encrypt crash dumps was added to the > decryptcore(8), > dumpon(8), rc.conf(5) and savecore(8) manual pages. > > EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 > using QEMU. > The feature still has to be tested on arm and arm64 as it wasn't > possible to run > FreeBSD due to the problems with QEMU emulation and lack of hardware. > > Designed by: def, pjd > Reviewed by: cem, oshogbo, pjd > Partial review: delphij, emaste, jhb, kib > Approved by: pjd (mentor) > Differential Revision: https://reviews.freebsd.org/D4712 > > Added: > head/sbin/decryptcore/ > head/sbin/decryptcore/Makefile (contents, props changed) > head/sbin/decryptcore/decryptcore.8 (contents, props changed) > head/sbin/decryptcore/decryptcore.c (contents, props changed) > Modified: > head/etc/defaults/rc.conf > head/etc/rc.d/dumpon > head/sbin/Makefile > head/sbin/dumpon/Makefile > head/sbin/dumpon/dumpon.8 > head/sbin/dumpon/dumpon.c > head/sbin/savecore/savecore.8 > head/sbin/savecore/savecore.c > head/share/man/man5/rc.conf.5 > head/sys/amd64/amd64/minidump_machdep.c > head/sys/arm/arm/minidump_machdep.c > head/sys/arm64/arm64/minidump_machdep.c > head/sys/conf/NOTES > head/sys/conf/files > head/sys/conf/options > head/sys/ddb/db_textdump.c > head/sys/dev/null/null.c > head/sys/geom/geom_dev.c > head/sys/i386/i386/minidump_machdep.c > head/sys/kern/kern_dump.c > head/sys/kern/kern_shutdown.c > head/sys/mips/mips/minidump_machdep.c > head/sys/sparc64/sparc64/dump_machdep.c > head/sys/sys/conf.h > head/sys/sys/disk.h > head/sys/sys/kerneldump.h Nice! Any reason you left out PowerPC from this list though? - Justin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?043C7408-A0FA-4316-B24B-3A181146FE20>