1/* 2 * CDDL HEADER START 3 * 4 * This file and its contents are supplied under the terms of the 5 * Common Development and Distribution License ("CDDL"), version 1.0. 6 * You may only use this file in accordance with the terms of version 7 * 1.0 of the CDDL. 8 * 9 * A full copy of the text of the CDDL should have accompanied this 10 * source. A copy of the CDDL is also available via the Internet at 11 * http://www.illumos.org/license/CDDL. 12 * 13 * CDDL HEADER END 14 */ 15 16/* 17 * Copyright (c) 2017, Datto, Inc. All rights reserved. 18 * Copyright 2020 Joyent, Inc. 19 */ 20 21#include <sys/zfs_context.h> 22#include <sys/fs/zfs.h> 23#include <sys/dsl_crypt.h> 24#include <libintl.h> 25#include <termios.h> 26#include <signal.h> 27#include <errno.h> 28#include <openssl/evp.h> 29#include <libzfs.h> 30#include "libzfs_impl.h" 31#include "zfeature_common.h" 32 33/* 34 * User keys are used to decrypt the master encryption keys of a dataset. This 35 * indirection allows a user to change his / her access key without having to 36 * re-encrypt the entire dataset. User keys can be provided in one of several 37 * ways. Raw keys are simply given to the kernel as is. Similarly, hex keys 38 * are converted to binary and passed into the kernel. Password based keys are 39 * a bit more complicated. Passwords alone do not provide suitable entropy for 40 * encryption and may be too short or too long to be used. In order to derive 41 * a more appropriate key we use a PBKDF2 function. This function is designed 42 * to take a (relatively) long time to calculate in order to discourage 43 * attackers from guessing from a list of common passwords. PBKDF2 requires 44 * 2 additional parameters. The first is the number of iterations to run, which 45 * will ultimately determine how long it takes to derive the resulting key from 46 * the password. The second parameter is a salt that is randomly generated for 47 * each dataset. The salt is used to "tweak" PBKDF2 such that a group of 48 * attackers cannot reasonably generate a table of commonly known passwords to 49 * their output keys and expect it work for all past and future PBKDF2 users. 50 * We store the salt as a hidden property of the dataset (although it is 51 * technically ok if the salt is known to the attacker). 52 */ 53 54#define MIN_PASSPHRASE_LEN 8 55#define MAX_PASSPHRASE_LEN 512 56#define MAX_KEY_PROMPT_ATTEMPTS 3 57 58static int caught_interrupt; 59 60static int get_key_material_file(libzfs_handle_t *, const char *, const char *, 61 zfs_keyformat_t, boolean_t, uint8_t **, size_t *); 62 63static zfs_uri_handler_t uri_handlers[] = { 64 { "file", get_key_material_file }, 65 { NULL, NULL } 66}; 67 68static int 69pkcs11_get_urandom(uint8_t *buf, size_t bytes) 70{ 71 int rand; 72 ssize_t bytes_read = 0; 73 74 rand = open("/dev/urandom", O_RDONLY | O_CLOEXEC); 75 76 if (rand < 0) 77 return (rand); 78 79 while (bytes_read < bytes) { 80 ssize_t rc = read(rand, buf + bytes_read, bytes - bytes_read); 81 if (rc < 0) 82 break; 83 bytes_read += rc; 84 } 85 86 (void) close(rand); 87 88 return (bytes_read); 89} 90 91static int 92zfs_prop_parse_keylocation(libzfs_handle_t *restrict hdl, const char *str, 93 zfs_keylocation_t *restrict locp, char **restrict schemep) 94{ 95 *locp = ZFS_KEYLOCATION_NONE; 96 *schemep = NULL; 97 98 if (strcmp("prompt", str) == 0) { 99 *locp = ZFS_KEYLOCATION_PROMPT; 100 return (0); 101 } 102 103 regmatch_t pmatch[2]; 104 105 if (regexec(&hdl->libzfs_urire, str, ARRAY_SIZE(pmatch), 106 pmatch, 0) == 0) { 107 size_t scheme_len; 108 109 if (pmatch[1].rm_so == -1) { 110 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 111 "Invalid URI")); 112 return (EINVAL); 113 } 114 115 scheme_len = pmatch[1].rm_eo - pmatch[1].rm_so; 116 117 *schemep = calloc(1, scheme_len + 1); 118 if (*schemep == NULL) { 119 int ret = errno; 120 121 errno = 0; 122 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 123 "Invalid URI")); 124 return (ret); 125 } 126 127 (void) memcpy(*schemep, str + pmatch[1].rm_so, scheme_len); 128 *locp = ZFS_KEYLOCATION_URI; 129 return (0); 130 } 131 132 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "Invalid keylocation")); 133 return (EINVAL); 134} 135 136static int 137hex_key_to_raw(char *hex, int hexlen, uint8_t *out) 138{ 139 int ret, i; 140 unsigned int c; 141 142 for (i = 0; i < hexlen; i += 2) { 143 if (!isxdigit(hex[i]) || !isxdigit(hex[i + 1])) { 144 ret = EINVAL; 145 goto error; 146 } 147 148 ret = sscanf(&hex[i], "%02x", &c); 149 if (ret != 1) { 150 ret = EINVAL; 151 goto error; 152 } 153 154 out[i / 2] = c; 155 } 156 157 return (0); 158 159error: 160 return (ret); 161} 162 163 164static void 165catch_signal(int sig) 166{ 167 caught_interrupt = sig; 168} 169 170static const char * 171get_format_prompt_string(zfs_keyformat_t format) 172{ 173 switch (format) { 174 case ZFS_KEYFORMAT_RAW: 175 return ("raw key"); 176 case ZFS_KEYFORMAT_HEX: 177 return ("hex key"); 178 case ZFS_KEYFORMAT_PASSPHRASE: 179 return ("passphrase"); 180 default: 181 /* shouldn't happen */ 182 return (NULL); 183 } 184} 185 186/* do basic validation of the key material */ 187static int 188validate_key(libzfs_handle_t *hdl, zfs_keyformat_t keyformat, 189 const char *key, size_t keylen) 190{ 191 switch (keyformat) { 192 case ZFS_KEYFORMAT_RAW: 193 /* verify the key length is correct */ 194 if (keylen < WRAPPING_KEY_LEN) { 195 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 196 "Raw key too short (expected %u)."), 197 WRAPPING_KEY_LEN); 198 return (EINVAL); 199 } 200 201 if (keylen > WRAPPING_KEY_LEN) { 202 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 203 "Raw key too long (expected %u)."), 204 WRAPPING_KEY_LEN); 205 return (EINVAL); 206 } 207 break; 208 case ZFS_KEYFORMAT_HEX: 209 /* verify the key length is correct */ 210 if (keylen < WRAPPING_KEY_LEN * 2) { 211 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 212 "Hex key too short (expected %u)."), 213 WRAPPING_KEY_LEN * 2); 214 return (EINVAL); 215 } 216 217 if (keylen > WRAPPING_KEY_LEN * 2) { 218 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 219 "Hex key too long (expected %u)."), 220 WRAPPING_KEY_LEN * 2); 221 return (EINVAL); 222 } 223 224 /* check for invalid hex digits */ 225 for (size_t i = 0; i < WRAPPING_KEY_LEN * 2; i++) { 226 if (!isxdigit(key[i])) { 227 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 228 "Invalid hex character detected.")); 229 return (EINVAL); 230 } 231 } 232 break; 233 case ZFS_KEYFORMAT_PASSPHRASE: 234 /* verify the length is within bounds */ 235 if (keylen > MAX_PASSPHRASE_LEN) { 236 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 237 "Passphrase too long (max %u)."), 238 MAX_PASSPHRASE_LEN); 239 return (EINVAL); 240 } 241 242 if (keylen < MIN_PASSPHRASE_LEN) { 243 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 244 "Passphrase too short (min %u)."), 245 MIN_PASSPHRASE_LEN); 246 return (EINVAL); 247 } 248 break; 249 default: 250 /* can't happen, checked above */ 251 break; 252 } 253 254 return (0); 255} 256 257static int 258libzfs_getpassphrase(zfs_keyformat_t keyformat, boolean_t is_reenter, 259 boolean_t new_key, const char *fsname, 260 char **restrict res, size_t *restrict reslen) 261{ 262 FILE *f = stdin; 263 size_t buflen = 0; 264 ssize_t bytes; 265 int ret = 0; 266 struct termios old_term, new_term; 267 struct sigaction act, osigint, osigtstp; 268 269 *res = NULL; 270 *reslen = 0; 271 272 /* 273 * handle SIGINT and ignore SIGSTP. This is necessary to 274 * restore the state of the terminal. 275 */ 276 caught_interrupt = 0; 277 act.sa_flags = 0; 278 (void) sigemptyset(&act.sa_mask); 279 act.sa_handler = catch_signal; 280 281 (void) sigaction(SIGINT, &act, &osigint); 282 act.sa_handler = SIG_IGN; 283 (void) sigaction(SIGTSTP, &act, &osigtstp); 284 285 (void) printf("%s %s%s", 286 is_reenter ? "Re-enter" : "Enter", 287 new_key ? "new " : "", 288 get_format_prompt_string(keyformat)); 289 if (fsname != NULL) 290 (void) printf(" for '%s'", fsname); 291 (void) fputc(':', stdout); 292 (void) fflush(stdout); 293 294 /* disable the terminal echo for key input */ 295 (void) tcgetattr(fileno(f), &old_term); 296 297 new_term = old_term; 298 new_term.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); 299 300 ret = tcsetattr(fileno(f), TCSAFLUSH, &new_term); 301 if (ret != 0) { 302 ret = errno; 303 errno = 0; 304 goto out; 305 } 306 307 bytes = getline(res, &buflen, f); 308 if (bytes < 0) { 309 ret = errno; 310 errno = 0; 311 goto out; 312 } 313 314 /* trim the ending newline if it exists */ 315 if (bytes > 0 && (*res)[bytes - 1] == '\n') { 316 (*res)[bytes - 1] = '\0'; 317 bytes--; 318 } 319 320 *reslen = bytes; 321 322out: 323 /* reset the terminal */ 324 (void) tcsetattr(fileno(f), TCSAFLUSH, &old_term); 325 (void) sigaction(SIGINT, &osigint, NULL); 326 (void) sigaction(SIGTSTP, &osigtstp, NULL); 327 328 /* if we caught a signal, re-throw it now */ 329 if (caught_interrupt != 0) 330 (void) kill(getpid(), caught_interrupt); 331 332 /* print the newline that was not echo'd */ 333 (void) printf("\n"); 334 335 return (ret); 336} 337 338static int 339get_key_interactive(libzfs_handle_t *restrict hdl, const char *fsname, 340 zfs_keyformat_t keyformat, boolean_t confirm_key, boolean_t newkey, 341 uint8_t **restrict outbuf, size_t *restrict len_out) 342{ 343 char *buf = NULL, *buf2 = NULL; 344 size_t buflen = 0, buf2len = 0; 345 int ret = 0; 346 347 ASSERT(isatty(fileno(stdin))); 348 349 /* raw keys cannot be entered on the terminal */ 350 if (keyformat == ZFS_KEYFORMAT_RAW) { 351 ret = EINVAL; 352 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 353 "Cannot enter raw keys on the terminal")); 354 goto out; 355 } 356 357 /* prompt for the key */ 358 if ((ret = libzfs_getpassphrase(keyformat, B_FALSE, newkey, fsname, 359 &buf, &buflen)) != 0) { 360 free(buf); 361 buf = NULL; 362 buflen = 0; 363 goto out; 364 } 365 366 if (!confirm_key) 367 goto out; 368 369 if ((ret = validate_key(hdl, keyformat, buf, buflen)) != 0) { 370 free(buf); 371 return (ret); 372 } 373 374 ret = libzfs_getpassphrase(keyformat, B_TRUE, newkey, fsname, &buf2, 375 &buf2len); 376 if (ret != 0) { 377 free(buf); 378 free(buf2); 379 buf = buf2 = NULL; 380 buflen = buf2len = 0; 381 goto out; 382 } 383 384 if (buflen != buf2len || strcmp(buf, buf2) != 0) { 385 free(buf); 386 buf = NULL; 387 buflen = 0; 388 389 ret = EINVAL; 390 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 391 "Provided keys do not match.")); 392 } 393 394 free(buf2); 395 396out: 397 *outbuf = (uint8_t *)buf; 398 *len_out = buflen; 399 return (ret); 400} 401 402static int 403get_key_material_raw(FILE *fd, zfs_keyformat_t keyformat, 404 uint8_t **buf, size_t *len_out) 405{ 406 int ret = 0; 407 size_t buflen = 0; 408 409 *len_out = 0; 410 411 /* read the key material */ 412 if (keyformat != ZFS_KEYFORMAT_RAW) { 413 ssize_t bytes; 414 415 bytes = getline((char **)buf, &buflen, fd); 416 if (bytes < 0) { 417 ret = errno; 418 errno = 0; 419 goto out; 420 } 421 422 /* trim the ending newline if it exists */ 423 if (bytes > 0 && (*buf)[bytes - 1] == '\n') { 424 (*buf)[bytes - 1] = '\0'; 425 bytes--; 426 } 427 428 *len_out = bytes; 429 } else { 430 size_t n; 431 432 /* 433 * Raw keys may have newline characters in them and so can't 434 * use getline(). Here we attempt to read 33 bytes so that we 435 * can properly check the key length (the file should only have 436 * 32 bytes). 437 */ 438 *buf = malloc((WRAPPING_KEY_LEN + 1) * sizeof (uint8_t)); 439 if (*buf == NULL) { 440 ret = ENOMEM; 441 goto out; 442 } 443 444 n = fread(*buf, 1, WRAPPING_KEY_LEN + 1, fd); 445 if (n == 0 || ferror(fd)) { 446 /* size errors are handled by the calling function */ 447 free(*buf); 448 *buf = NULL; 449 ret = errno; 450 errno = 0; 451 goto out; 452 } 453 454 *len_out = n; 455 } 456out: 457 return (ret); 458} 459 460static int 461get_key_material_file(libzfs_handle_t *hdl, const char *uri, 462 const char *fsname, zfs_keyformat_t keyformat, boolean_t newkey, 463 uint8_t **restrict buf, size_t *restrict len_out) 464{ 465 FILE *f = NULL; 466 int ret = 0; 467 468 if (strlen(uri) < 7) 469 return (EINVAL); 470 471 if ((f = fopen(uri + 7, "re")) == NULL) { 472 ret = errno; 473 errno = 0; 474 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 475 "Failed to open key material file")); 476 return (ret); 477 } 478 479 ret = get_key_material_raw(f, keyformat, buf, len_out); 480 481 (void) fclose(f); 482 483 return (ret); 484} 485 486/* 487 * Attempts to fetch key material, no matter where it might live. The key 488 * material is allocated and returned in km_out. *can_retry_out will be set 489 * to B_TRUE if the user is providing the key material interactively, allowing 490 * for re-entry attempts. 491 */ 492static int 493get_key_material(libzfs_handle_t *hdl, boolean_t do_verify, boolean_t newkey, 494 zfs_keyformat_t keyformat, char *keylocation, const char *fsname, 495 uint8_t **km_out, size_t *kmlen_out, boolean_t *can_retry_out) 496{ 497 int ret; 498 zfs_keylocation_t keyloc = ZFS_KEYLOCATION_NONE; 499 uint8_t *km = NULL; 500 size_t kmlen = 0; 501 char *uri_scheme = NULL; 502 zfs_uri_handler_t *handler = NULL; 503 boolean_t can_retry = B_FALSE; 504 505 /* verify and parse the keylocation */ 506 ret = zfs_prop_parse_keylocation(hdl, keylocation, &keyloc, 507 &uri_scheme); 508 if (ret != 0) 509 goto error; 510 511 /* open the appropriate file descriptor */ 512 switch (keyloc) { 513 case ZFS_KEYLOCATION_PROMPT: 514 if (isatty(fileno(stdin))) { 515 can_retry = keyformat != ZFS_KEYFORMAT_RAW; 516 ret = get_key_interactive(hdl, fsname, keyformat, 517 do_verify, newkey, &km, &kmlen); 518 } else { 519 /* fetch the key material into the buffer */ 520 ret = get_key_material_raw(stdin, keyformat, &km, 521 &kmlen); 522 } 523 524 if (ret != 0) 525 goto error; 526 527 break; 528 case ZFS_KEYLOCATION_URI: 529 ret = ENOTSUP; 530 531 for (handler = uri_handlers; handler->zuh_scheme != NULL; 532 handler++) { 533 if (strcmp(handler->zuh_scheme, uri_scheme) != 0) 534 continue; 535 536 if ((ret = handler->zuh_handler(hdl, keylocation, 537 fsname, keyformat, newkey, &km, &kmlen)) != 0) 538 goto error; 539 540 break; 541 } 542 543 if (ret == ENOTSUP) { 544 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 545 "URI scheme is not supported")); 546 goto error; 547 } 548 549 break; 550 default: 551 ret = EINVAL; 552 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 553 "Invalid keylocation.")); 554 goto error; 555 } 556 557 if ((ret = validate_key(hdl, keyformat, (const char *)km, kmlen)) != 0) 558 goto error; 559 560 *km_out = km; 561 *kmlen_out = kmlen; 562 if (can_retry_out != NULL) 563 *can_retry_out = can_retry; 564 565 free(uri_scheme); 566 return (0); 567 568error: 569 free(km); 570 571 *km_out = NULL; 572 *kmlen_out = 0; 573 574 if (can_retry_out != NULL) 575 *can_retry_out = can_retry; 576 577 free(uri_scheme); 578 return (ret); 579} 580 581static int 582derive_key(libzfs_handle_t *hdl, zfs_keyformat_t format, uint64_t iters, 583 uint8_t *key_material, size_t key_material_len, uint64_t salt, 584 uint8_t **key_out) 585{ 586 int ret; 587 uint8_t *key; 588 589 *key_out = NULL; 590 591 key = zfs_alloc(hdl, WRAPPING_KEY_LEN); 592 if (!key) 593 return (ENOMEM); 594 595 switch (format) { 596 case ZFS_KEYFORMAT_RAW: 597 bcopy(key_material, key, WRAPPING_KEY_LEN); 598 break; 599 case ZFS_KEYFORMAT_HEX: 600 ret = hex_key_to_raw((char *)key_material, 601 WRAPPING_KEY_LEN * 2, key); 602 if (ret != 0) { 603 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 604 "Invalid hex key provided.")); 605 goto error; 606 } 607 break; 608 case ZFS_KEYFORMAT_PASSPHRASE: 609 salt = LE_64(salt); 610 611 ret = PKCS5_PBKDF2_HMAC_SHA1((char *)key_material, 612 strlen((char *)key_material), ((uint8_t *)&salt), 613 sizeof (uint64_t), iters, WRAPPING_KEY_LEN, key); 614 if (ret != 1) { 615 ret = EIO; 616 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 617 "Failed to generate key from passphrase.")); 618 goto error; 619 } 620 break; 621 default: 622 ret = EINVAL; 623 goto error; 624 } 625 626 *key_out = key; 627 return (0); 628 629error: 630 free(key); 631 632 *key_out = NULL; 633 return (ret); 634} 635 636static boolean_t 637encryption_feature_is_enabled(zpool_handle_t *zph) 638{ 639 nvlist_t *features; 640 uint64_t feat_refcount; 641 642 /* check that features can be enabled */ 643 if (zpool_get_prop_int(zph, ZPOOL_PROP_VERSION, NULL) 644 < SPA_VERSION_FEATURES) 645 return (B_FALSE); 646 647 /* check for crypto feature */ 648 features = zpool_get_features(zph); 649 if (!features || nvlist_lookup_uint64(features, 650 spa_feature_table[SPA_FEATURE_ENCRYPTION].fi_guid, 651 &feat_refcount) != 0) 652 return (B_FALSE); 653 654 return (B_TRUE); 655} 656 657static int 658populate_create_encryption_params_nvlists(libzfs_handle_t *hdl, 659 zfs_handle_t *zhp, boolean_t newkey, zfs_keyformat_t keyformat, 660 char *keylocation, nvlist_t *props, uint8_t **wkeydata, uint_t *wkeylen) 661{ 662 int ret; 663 uint64_t iters = 0, salt = 0; 664 uint8_t *key_material = NULL; 665 size_t key_material_len = 0; 666 uint8_t *key_data = NULL; 667 const char *fsname = (zhp) ? zfs_get_name(zhp) : NULL; 668 669 /* get key material from keyformat and keylocation */ 670 ret = get_key_material(hdl, B_TRUE, newkey, keyformat, keylocation, 671 fsname, &key_material, &key_material_len, NULL); 672 if (ret != 0) 673 goto error; 674 675 /* passphrase formats require a salt and pbkdf2 iters property */ 676 if (keyformat == ZFS_KEYFORMAT_PASSPHRASE) { 677 /* always generate a new salt */ 678 ret = pkcs11_get_urandom((uint8_t *)&salt, sizeof (uint64_t)); 679 if (ret != sizeof (uint64_t)) { 680 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 681 "Failed to generate salt.")); 682 goto error; 683 } 684 685 ret = nvlist_add_uint64(props, 686 zfs_prop_to_name(ZFS_PROP_PBKDF2_SALT), salt); 687 if (ret != 0) { 688 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 689 "Failed to add salt to properties.")); 690 goto error; 691 } 692 693 /* 694 * If not otherwise specified, use the default number of 695 * pbkdf2 iterations. If specified, we have already checked 696 * that the given value is greater than MIN_PBKDF2_ITERATIONS 697 * during zfs_valid_proplist(). 698 */ 699 ret = nvlist_lookup_uint64(props, 700 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &iters); 701 if (ret == ENOENT) { 702 iters = DEFAULT_PBKDF2_ITERATIONS; 703 ret = nvlist_add_uint64(props, 704 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), iters); 705 if (ret != 0) 706 goto error; 707 } else if (ret != 0) { 708 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 709 "Failed to get pbkdf2 iterations.")); 710 goto error; 711 } 712 } else { 713 /* check that pbkdf2iters was not specified by the user */ 714 ret = nvlist_lookup_uint64(props, 715 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &iters); 716 if (ret == 0) { 717 ret = EINVAL; 718 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 719 "Cannot specify pbkdf2iters with a non-passphrase " 720 "keyformat.")); 721 goto error; 722 } 723 } 724 725 /* derive a key from the key material */ 726 ret = derive_key(hdl, keyformat, iters, key_material, key_material_len, 727 salt, &key_data); 728 if (ret != 0) 729 goto error; 730 731 free(key_material); 732 733 *wkeydata = key_data; 734 *wkeylen = WRAPPING_KEY_LEN; 735 return (0); 736 737error: 738 if (key_material != NULL) 739 free(key_material); 740 if (key_data != NULL) 741 free(key_data); 742 743 *wkeydata = NULL; 744 *wkeylen = 0; 745 return (ret); 746} 747 748static boolean_t 749proplist_has_encryption_props(nvlist_t *props) 750{ 751 int ret; 752 uint64_t intval; 753 char *strval; 754 755 ret = nvlist_lookup_uint64(props, 756 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), &intval); 757 if (ret == 0 && intval != ZIO_CRYPT_OFF) 758 return (B_TRUE); 759 760 ret = nvlist_lookup_string(props, 761 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &strval); 762 if (ret == 0 && strcmp(strval, "none") != 0) 763 return (B_TRUE); 764 765 ret = nvlist_lookup_uint64(props, 766 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &intval); 767 if (ret == 0) 768 return (B_TRUE); 769 770 ret = nvlist_lookup_uint64(props, 771 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &intval); 772 if (ret == 0) 773 return (B_TRUE); 774 775 return (B_FALSE); 776} 777 778int 779zfs_crypto_get_encryption_root(zfs_handle_t *zhp, boolean_t *is_encroot, 780 char *buf) 781{ 782 int ret; 783 char prop_encroot[MAXNAMELEN]; 784 785 /* if the dataset isn't encrypted, just return */ 786 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) == ZIO_CRYPT_OFF) { 787 *is_encroot = B_FALSE; 788 if (buf != NULL) 789 buf[0] = '\0'; 790 return (0); 791 } 792 793 ret = zfs_prop_get(zhp, ZFS_PROP_ENCRYPTION_ROOT, prop_encroot, 794 sizeof (prop_encroot), NULL, NULL, 0, B_TRUE); 795 if (ret != 0) { 796 *is_encroot = B_FALSE; 797 if (buf != NULL) 798 buf[0] = '\0'; 799 return (ret); 800 } 801 802 *is_encroot = strcmp(prop_encroot, zfs_get_name(zhp)) == 0; 803 if (buf != NULL) 804 strcpy(buf, prop_encroot); 805 806 return (0); 807} 808 809int 810zfs_crypto_create(libzfs_handle_t *hdl, char *parent_name, nvlist_t *props, 811 nvlist_t *pool_props, boolean_t stdin_available, uint8_t **wkeydata_out, 812 uint_t *wkeylen_out) 813{ 814 int ret; 815 char errbuf[1024]; 816 uint64_t crypt = ZIO_CRYPT_INHERIT, pcrypt = ZIO_CRYPT_INHERIT; 817 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 818 char *keylocation = NULL; 819 zfs_handle_t *pzhp = NULL; 820 uint8_t *wkeydata = NULL; 821 uint_t wkeylen = 0; 822 boolean_t local_crypt = B_TRUE; 823 824 (void) snprintf(errbuf, sizeof (errbuf), 825 dgettext(TEXT_DOMAIN, "Encryption create error")); 826 827 /* lookup crypt from props */ 828 ret = nvlist_lookup_uint64(props, 829 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), &crypt); 830 if (ret != 0) 831 local_crypt = B_FALSE; 832 833 /* lookup key location and format from props */ 834 (void) nvlist_lookup_uint64(props, 835 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &keyformat); 836 (void) nvlist_lookup_string(props, 837 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation); 838 839 if (parent_name != NULL) { 840 /* get a reference to parent dataset */ 841 pzhp = make_dataset_handle(hdl, parent_name); 842 if (pzhp == NULL) { 843 ret = ENOENT; 844 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 845 "Failed to lookup parent.")); 846 goto out; 847 } 848 849 /* Lookup parent's crypt */ 850 pcrypt = zfs_prop_get_int(pzhp, ZFS_PROP_ENCRYPTION); 851 852 /* Params require the encryption feature */ 853 if (!encryption_feature_is_enabled(pzhp->zpool_hdl)) { 854 if (proplist_has_encryption_props(props)) { 855 ret = EINVAL; 856 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 857 "Encryption feature not enabled.")); 858 goto out; 859 } 860 861 ret = 0; 862 goto out; 863 } 864 } else { 865 /* 866 * special case for root dataset where encryption feature 867 * feature won't be on disk yet 868 */ 869 if (!nvlist_exists(pool_props, "feature@encryption")) { 870 if (proplist_has_encryption_props(props)) { 871 ret = EINVAL; 872 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 873 "Encryption feature not enabled.")); 874 goto out; 875 } 876 877 ret = 0; 878 goto out; 879 } 880 881 pcrypt = ZIO_CRYPT_OFF; 882 } 883 884 /* Get the inherited encryption property if we don't have it locally */ 885 if (!local_crypt) 886 crypt = pcrypt; 887 888 /* 889 * At this point crypt should be the actual encryption value. If 890 * encryption is off just verify that no encryption properties have 891 * been specified and return. 892 */ 893 if (crypt == ZIO_CRYPT_OFF) { 894 if (proplist_has_encryption_props(props)) { 895 ret = EINVAL; 896 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 897 "Encryption must be turned on to set encryption " 898 "properties.")); 899 goto out; 900 } 901 902 ret = 0; 903 goto out; 904 } 905 906 /* 907 * If we have a parent crypt it is valid to specify encryption alone. 908 * This will result in a child that is encrypted with the chosen 909 * encryption suite that will also inherit the parent's key. If 910 * the parent is not encrypted we need an encryption suite provided. 911 */ 912 if (pcrypt == ZIO_CRYPT_OFF && keylocation == NULL && 913 keyformat == ZFS_KEYFORMAT_NONE) { 914 ret = EINVAL; 915 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 916 "Keyformat required for new encryption root.")); 917 goto out; 918 } 919 920 /* 921 * Specifying a keylocation implies this will be a new encryption root. 922 * Check that a keyformat is also specified. 923 */ 924 if (keylocation != NULL && keyformat == ZFS_KEYFORMAT_NONE) { 925 ret = EINVAL; 926 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 927 "Keyformat required for new encryption root.")); 928 goto out; 929 } 930 931 /* default to prompt if no keylocation is specified */ 932 if (keyformat != ZFS_KEYFORMAT_NONE && keylocation == NULL) { 933 keylocation = "prompt"; 934 ret = nvlist_add_string(props, 935 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), keylocation); 936 if (ret != 0) 937 goto out; 938 } 939 940 /* 941 * If a local key is provided, this dataset will be a new 942 * encryption root. Populate the encryption params. 943 */ 944 if (keylocation != NULL) { 945 /* 946 * 'zfs recv -o keylocation=prompt' won't work because stdin 947 * is being used by the send stream, so we disallow it. 948 */ 949 if (!stdin_available && strcmp(keylocation, "prompt") == 0) { 950 ret = EINVAL; 951 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "Cannot use " 952 "'prompt' keylocation because stdin is in use.")); 953 goto out; 954 } 955 956 ret = populate_create_encryption_params_nvlists(hdl, NULL, 957 B_TRUE, keyformat, keylocation, props, &wkeydata, 958 &wkeylen); 959 if (ret != 0) 960 goto out; 961 } 962 963 if (pzhp != NULL) 964 zfs_close(pzhp); 965 966 *wkeydata_out = wkeydata; 967 *wkeylen_out = wkeylen; 968 return (0); 969 970out: 971 if (pzhp != NULL) 972 zfs_close(pzhp); 973 if (wkeydata != NULL) 974 free(wkeydata); 975 976 *wkeydata_out = NULL; 977 *wkeylen_out = 0; 978 return (ret); 979} 980 981int 982zfs_crypto_clone_check(libzfs_handle_t *hdl, zfs_handle_t *origin_zhp, 983 char *parent_name, nvlist_t *props) 984{ 985 char errbuf[1024]; 986 987 (void) snprintf(errbuf, sizeof (errbuf), 988 dgettext(TEXT_DOMAIN, "Encryption clone error")); 989 990 /* 991 * No encryption properties should be specified. They will all be 992 * inherited from the origin dataset. 993 */ 994 if (nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_KEYFORMAT)) || 995 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_KEYLOCATION)) || 996 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_ENCRYPTION)) || 997 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS))) { 998 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 999 "Encryption properties must inherit from origin dataset.")); 1000 return (EINVAL); 1001 } 1002 1003 return (0); 1004} 1005 1006typedef struct loadkeys_cbdata { 1007 uint64_t cb_numfailed; 1008 uint64_t cb_numattempted; 1009} loadkey_cbdata_t; 1010 1011static int 1012load_keys_cb(zfs_handle_t *zhp, void *arg) 1013{ 1014 int ret; 1015 boolean_t is_encroot; 1016 loadkey_cbdata_t *cb = arg; 1017 uint64_t keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1018 1019 /* only attempt to load keys for encryption roots */ 1020 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL); 1021 if (ret != 0 || !is_encroot) 1022 goto out; 1023 1024 /* don't attempt to load already loaded keys */ 1025 if (keystatus == ZFS_KEYSTATUS_AVAILABLE) 1026 goto out; 1027 1028 /* Attempt to load the key. Record status in cb. */ 1029 cb->cb_numattempted++; 1030 1031 ret = zfs_crypto_load_key(zhp, B_FALSE, NULL); 1032 if (ret) 1033 cb->cb_numfailed++; 1034 1035out: 1036 (void) zfs_iter_filesystems(zhp, load_keys_cb, cb); 1037 zfs_close(zhp); 1038 1039 /* always return 0, since this function is best effort */ 1040 return (0); 1041} 1042 1043/* 1044 * This function is best effort. It attempts to load all the keys for the given 1045 * filesystem and all of its children. 1046 */ 1047int 1048zfs_crypto_attempt_load_keys(libzfs_handle_t *hdl, char *fsname) 1049{ 1050 int ret; 1051 zfs_handle_t *zhp = NULL; 1052 loadkey_cbdata_t cb = { 0 }; 1053 1054 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME); 1055 if (zhp == NULL) { 1056 ret = ENOENT; 1057 goto error; 1058 } 1059 1060 ret = load_keys_cb(zfs_handle_dup(zhp), &cb); 1061 if (ret) 1062 goto error; 1063 1064 (void) printf(gettext("%llu / %llu keys successfully loaded\n"), 1065 (u_longlong_t)(cb.cb_numattempted - cb.cb_numfailed), 1066 (u_longlong_t)cb.cb_numattempted); 1067 1068 if (cb.cb_numfailed != 0) { 1069 ret = -1; 1070 goto error; 1071 } 1072 1073 zfs_close(zhp); 1074 return (0); 1075 1076error: 1077 if (zhp != NULL) 1078 zfs_close(zhp); 1079 return (ret); 1080} 1081 1082int 1083zfs_crypto_load_key(zfs_handle_t *zhp, boolean_t noop, char *alt_keylocation) 1084{ 1085 int ret, attempts = 0; 1086 char errbuf[1024]; 1087 uint64_t keystatus, iters = 0, salt = 0; 1088 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 1089 char prop_keylocation[MAXNAMELEN]; 1090 char prop_encroot[MAXNAMELEN]; 1091 char *keylocation = NULL; 1092 uint8_t *key_material = NULL, *key_data = NULL; 1093 size_t key_material_len; 1094 boolean_t is_encroot, can_retry = B_FALSE, correctible = B_FALSE; 1095 1096 (void) snprintf(errbuf, sizeof (errbuf), 1097 dgettext(TEXT_DOMAIN, "Key load error")); 1098 1099 /* check that encryption is enabled for the pool */ 1100 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1101 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1102 "Encryption feature not enabled.")); 1103 ret = EINVAL; 1104 goto error; 1105 } 1106 1107 /* Fetch the keyformat. Check that the dataset is encrypted. */ 1108 keyformat = zfs_prop_get_int(zhp, ZFS_PROP_KEYFORMAT); 1109 if (keyformat == ZFS_KEYFORMAT_NONE) { 1110 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1111 "'%s' is not encrypted."), zfs_get_name(zhp)); 1112 ret = EINVAL; 1113 goto error; 1114 } 1115 1116 /* 1117 * Fetch the key location. Check that we are working with an 1118 * encryption root. 1119 */ 1120 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, prop_encroot); 1121 if (ret != 0) { 1122 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1123 "Failed to get encryption root for '%s'."), 1124 zfs_get_name(zhp)); 1125 goto error; 1126 } else if (!is_encroot) { 1127 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1128 "Keys must be loaded for encryption root of '%s' (%s)."), 1129 zfs_get_name(zhp), prop_encroot); 1130 ret = EINVAL; 1131 goto error; 1132 } 1133 1134 /* 1135 * if the caller has elected to override the keylocation property 1136 * use that instead 1137 */ 1138 if (alt_keylocation != NULL) { 1139 keylocation = alt_keylocation; 1140 } else { 1141 ret = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION, prop_keylocation, 1142 sizeof (prop_keylocation), NULL, NULL, 0, B_TRUE); 1143 if (ret != 0) { 1144 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1145 "Failed to get keylocation for '%s'."), 1146 zfs_get_name(zhp)); 1147 goto error; 1148 } 1149 1150 keylocation = prop_keylocation; 1151 } 1152 1153 /* check that the key is unloaded unless this is a noop */ 1154 if (!noop) { 1155 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1156 if (keystatus == ZFS_KEYSTATUS_AVAILABLE) { 1157 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1158 "Key already loaded for '%s'."), zfs_get_name(zhp)); 1159 ret = EEXIST; 1160 goto error; 1161 } 1162 } 1163 1164 /* passphrase formats require a salt and pbkdf2_iters property */ 1165 if (keyformat == ZFS_KEYFORMAT_PASSPHRASE) { 1166 salt = zfs_prop_get_int(zhp, ZFS_PROP_PBKDF2_SALT); 1167 iters = zfs_prop_get_int(zhp, ZFS_PROP_PBKDF2_ITERS); 1168 } 1169 1170try_again: 1171 /* fetching and deriving the key are correctable errors. set the flag */ 1172 correctible = B_TRUE; 1173 1174 /* get key material from key format and location */ 1175 ret = get_key_material(zhp->zfs_hdl, B_FALSE, B_FALSE, keyformat, 1176 keylocation, zfs_get_name(zhp), &key_material, &key_material_len, 1177 &can_retry); 1178 if (ret != 0) 1179 goto error; 1180 1181 /* derive a key from the key material */ 1182 ret = derive_key(zhp->zfs_hdl, keyformat, iters, key_material, 1183 key_material_len, salt, &key_data); 1184 if (ret != 0) 1185 goto error; 1186 1187 correctible = B_FALSE; 1188 1189 /* pass the wrapping key and noop flag to the ioctl */ 1190 ret = lzc_load_key(zhp->zfs_name, noop, key_data, WRAPPING_KEY_LEN); 1191 if (ret != 0) { 1192 switch (ret) { 1193 case EPERM: 1194 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1195 "Permission denied.")); 1196 break; 1197 case EINVAL: 1198 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1199 "Invalid parameters provided for dataset %s."), 1200 zfs_get_name(zhp)); 1201 break; 1202 case EEXIST: 1203 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1204 "Key already loaded for '%s'."), zfs_get_name(zhp)); 1205 break; 1206 case EBUSY: 1207 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1208 "'%s' is busy."), zfs_get_name(zhp)); 1209 break; 1210 case EACCES: 1211 correctible = B_TRUE; 1212 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1213 "Incorrect key provided for '%s'."), 1214 zfs_get_name(zhp)); 1215 break; 1216 } 1217 goto error; 1218 } 1219 1220 free(key_material); 1221 free(key_data); 1222 1223 return (0); 1224 1225error: 1226 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1227 if (key_material != NULL) { 1228 free(key_material); 1229 key_material = NULL; 1230 } 1231 if (key_data != NULL) { 1232 free(key_data); 1233 key_data = NULL; 1234 } 1235 1236 /* 1237 * Here we decide if it is ok to allow the user to retry entering their 1238 * key. The can_retry flag will be set if the user is entering their 1239 * key from an interactive prompt. The correctable flag will only be 1240 * set if an error that occurred could be corrected by retrying. Both 1241 * flags are needed to allow the user to attempt key entry again 1242 */ 1243 attempts++; 1244 if (can_retry && correctible && attempts < MAX_KEY_PROMPT_ATTEMPTS) 1245 goto try_again; 1246 1247 return (ret); 1248} 1249 1250int 1251zfs_crypto_unload_key(zfs_handle_t *zhp) 1252{ 1253 int ret; 1254 char errbuf[1024]; 1255 char prop_encroot[MAXNAMELEN]; 1256 uint64_t keystatus, keyformat; 1257 boolean_t is_encroot; 1258 1259 (void) snprintf(errbuf, sizeof (errbuf), 1260 dgettext(TEXT_DOMAIN, "Key unload error")); 1261 1262 /* check that encryption is enabled for the pool */ 1263 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1264 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1265 "Encryption feature not enabled.")); 1266 ret = EINVAL; 1267 goto error; 1268 } 1269 1270 /* Fetch the keyformat. Check that the dataset is encrypted. */ 1271 keyformat = zfs_prop_get_int(zhp, ZFS_PROP_KEYFORMAT); 1272 if (keyformat == ZFS_KEYFORMAT_NONE) { 1273 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1274 "'%s' is not encrypted."), zfs_get_name(zhp)); 1275 ret = EINVAL; 1276 goto error; 1277 } 1278 1279 /* 1280 * Fetch the key location. Check that we are working with an 1281 * encryption root. 1282 */ 1283 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, prop_encroot); 1284 if (ret != 0) { 1285 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1286 "Failed to get encryption root for '%s'."), 1287 zfs_get_name(zhp)); 1288 goto error; 1289 } else if (!is_encroot) { 1290 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1291 "Keys must be unloaded for encryption root of '%s' (%s)."), 1292 zfs_get_name(zhp), prop_encroot); 1293 ret = EINVAL; 1294 goto error; 1295 } 1296 1297 /* check that the key is loaded */ 1298 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1299 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1300 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1301 "Key already unloaded for '%s'."), zfs_get_name(zhp)); 1302 ret = EACCES; 1303 goto error; 1304 } 1305 1306 /* call the ioctl */ 1307 ret = lzc_unload_key(zhp->zfs_name); 1308 1309 if (ret != 0) { 1310 switch (ret) { 1311 case EPERM: 1312 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1313 "Permission denied.")); 1314 break; 1315 case EACCES: 1316 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1317 "Key already unloaded for '%s'."), 1318 zfs_get_name(zhp)); 1319 break; 1320 case EBUSY: 1321 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1322 "'%s' is busy."), zfs_get_name(zhp)); 1323 break; 1324 } 1325 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1326 } 1327 1328 return (ret); 1329 1330error: 1331 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1332 return (ret); 1333} 1334 1335static int 1336zfs_crypto_verify_rewrap_nvlist(zfs_handle_t *zhp, nvlist_t *props, 1337 nvlist_t **props_out, char *errbuf) 1338{ 1339 int ret; 1340 nvpair_t *elem = NULL; 1341 zfs_prop_t prop; 1342 nvlist_t *new_props = NULL; 1343 1344 new_props = fnvlist_alloc(); 1345 1346 /* 1347 * loop through all provided properties, we should only have 1348 * keyformat, keylocation and pbkdf2iters. The actual validation of 1349 * values is done by zfs_valid_proplist(). 1350 */ 1351 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) { 1352 const char *propname = nvpair_name(elem); 1353 prop = zfs_name_to_prop(propname); 1354 1355 switch (prop) { 1356 case ZFS_PROP_PBKDF2_ITERS: 1357 case ZFS_PROP_KEYFORMAT: 1358 case ZFS_PROP_KEYLOCATION: 1359 break; 1360 default: 1361 ret = EINVAL; 1362 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1363 "Only keyformat, keylocation and pbkdf2iters may " 1364 "be set with this command.")); 1365 goto error; 1366 } 1367 } 1368 1369 new_props = zfs_valid_proplist(zhp->zfs_hdl, zhp->zfs_type, props, 1370 zfs_prop_get_int(zhp, ZFS_PROP_ZONED), NULL, zhp->zpool_hdl, 1371 B_TRUE, errbuf); 1372 if (new_props == NULL) { 1373 ret = EINVAL; 1374 goto error; 1375 } 1376 1377 *props_out = new_props; 1378 return (0); 1379 1380error: 1381 nvlist_free(new_props); 1382 *props_out = NULL; 1383 return (ret); 1384} 1385 1386int 1387zfs_crypto_rewrap(zfs_handle_t *zhp, nvlist_t *raw_props, boolean_t inheritkey) 1388{ 1389 int ret; 1390 char errbuf[1024]; 1391 boolean_t is_encroot; 1392 nvlist_t *props = NULL; 1393 uint8_t *wkeydata = NULL; 1394 uint_t wkeylen = 0; 1395 dcp_cmd_t cmd = (inheritkey) ? DCP_CMD_INHERIT : DCP_CMD_NEW_KEY; 1396 uint64_t crypt, pcrypt, keystatus, pkeystatus; 1397 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 1398 zfs_handle_t *pzhp = NULL; 1399 char *keylocation = NULL; 1400 char origin_name[MAXNAMELEN]; 1401 char prop_keylocation[MAXNAMELEN]; 1402 char parent_name[ZFS_MAX_DATASET_NAME_LEN]; 1403 1404 (void) snprintf(errbuf, sizeof (errbuf), 1405 dgettext(TEXT_DOMAIN, "Key change error")); 1406 1407 /* check that encryption is enabled for the pool */ 1408 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1409 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1410 "Encryption feature not enabled.")); 1411 ret = EINVAL; 1412 goto error; 1413 } 1414 1415 /* get crypt from dataset */ 1416 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION); 1417 if (crypt == ZIO_CRYPT_OFF) { 1418 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1419 "Dataset not encrypted.")); 1420 ret = EINVAL; 1421 goto error; 1422 } 1423 1424 /* get the encryption root of the dataset */ 1425 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL); 1426 if (ret != 0) { 1427 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1428 "Failed to get encryption root for '%s'."), 1429 zfs_get_name(zhp)); 1430 goto error; 1431 } 1432 1433 /* Clones use their origin's key and cannot rewrap it */ 1434 ret = zfs_prop_get(zhp, ZFS_PROP_ORIGIN, origin_name, 1435 sizeof (origin_name), NULL, NULL, 0, B_TRUE); 1436 if (ret == 0 && strcmp(origin_name, "") != 0) { 1437 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1438 "Keys cannot be changed on clones.")); 1439 ret = EINVAL; 1440 goto error; 1441 } 1442 1443 /* 1444 * If the user wants to use the inheritkey variant of this function 1445 * we don't need to collect any crypto arguments. 1446 */ 1447 if (!inheritkey) { 1448 /* validate the provided properties */ 1449 ret = zfs_crypto_verify_rewrap_nvlist(zhp, raw_props, &props, 1450 errbuf); 1451 if (ret != 0) 1452 goto error; 1453 1454 /* 1455 * Load keyformat and keylocation from the nvlist. Fetch from 1456 * the dataset properties if not specified. 1457 */ 1458 (void) nvlist_lookup_uint64(props, 1459 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &keyformat); 1460 (void) nvlist_lookup_string(props, 1461 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation); 1462 1463 if (is_encroot) { 1464 /* 1465 * If this is already an encryption root, just keep 1466 * any properties not set by the user. 1467 */ 1468 if (keyformat == ZFS_KEYFORMAT_NONE) { 1469 keyformat = zfs_prop_get_int(zhp, 1470 ZFS_PROP_KEYFORMAT); 1471 ret = nvlist_add_uint64(props, 1472 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), 1473 keyformat); 1474 if (ret != 0) { 1475 zfs_error_aux(zhp->zfs_hdl, 1476 dgettext(TEXT_DOMAIN, "Failed to " 1477 "get existing keyformat " 1478 "property.")); 1479 goto error; 1480 } 1481 } 1482 1483 if (keylocation == NULL) { 1484 ret = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION, 1485 prop_keylocation, sizeof (prop_keylocation), 1486 NULL, NULL, 0, B_TRUE); 1487 if (ret != 0) { 1488 zfs_error_aux(zhp->zfs_hdl, 1489 dgettext(TEXT_DOMAIN, "Failed to " 1490 "get existing keylocation " 1491 "property.")); 1492 goto error; 1493 } 1494 1495 keylocation = prop_keylocation; 1496 } 1497 } else { 1498 /* need a new key for non-encryption roots */ 1499 if (keyformat == ZFS_KEYFORMAT_NONE) { 1500 ret = EINVAL; 1501 zfs_error_aux(zhp->zfs_hdl, 1502 dgettext(TEXT_DOMAIN, "Keyformat required " 1503 "for new encryption root.")); 1504 goto error; 1505 } 1506 1507 /* default to prompt if no keylocation is specified */ 1508 if (keylocation == NULL) { 1509 keylocation = "prompt"; 1510 ret = nvlist_add_string(props, 1511 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), 1512 keylocation); 1513 if (ret != 0) 1514 goto error; 1515 } 1516 } 1517 1518 /* fetch the new wrapping key and associated properties */ 1519 ret = populate_create_encryption_params_nvlists(zhp->zfs_hdl, 1520 zhp, B_TRUE, keyformat, keylocation, props, &wkeydata, 1521 &wkeylen); 1522 if (ret != 0) 1523 goto error; 1524 } else { 1525 /* check that zhp is an encryption root */ 1526 if (!is_encroot) { 1527 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1528 "Key inheritting can only be performed on " 1529 "encryption roots.")); 1530 ret = EINVAL; 1531 goto error; 1532 } 1533 1534 /* get the parent's name */ 1535 ret = zfs_parent_name(zhp, parent_name, sizeof (parent_name)); 1536 if (ret != 0) { 1537 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1538 "Root dataset cannot inherit key.")); 1539 ret = EINVAL; 1540 goto error; 1541 } 1542 1543 /* get a handle to the parent */ 1544 pzhp = make_dataset_handle(zhp->zfs_hdl, parent_name); 1545 if (pzhp == NULL) { 1546 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1547 "Failed to lookup parent.")); 1548 ret = ENOENT; 1549 goto error; 1550 } 1551 1552 /* parent must be encrypted */ 1553 pcrypt = zfs_prop_get_int(pzhp, ZFS_PROP_ENCRYPTION); 1554 if (pcrypt == ZIO_CRYPT_OFF) { 1555 zfs_error_aux(pzhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1556 "Parent must be encrypted.")); 1557 ret = EINVAL; 1558 goto error; 1559 } 1560 1561 /* check that the parent's key is loaded */ 1562 pkeystatus = zfs_prop_get_int(pzhp, ZFS_PROP_KEYSTATUS); 1563 if (pkeystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1564 zfs_error_aux(pzhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1565 "Parent key must be loaded.")); 1566 ret = EACCES; 1567 goto error; 1568 } 1569 } 1570 1571 /* check that the key is loaded */ 1572 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1573 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1574 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1575 "Key must be loaded.")); 1576 ret = EACCES; 1577 goto error; 1578 } 1579 1580 /* call the ioctl */ 1581 ret = lzc_change_key(zhp->zfs_name, cmd, props, wkeydata, wkeylen); 1582 if (ret != 0) { 1583 switch (ret) { 1584 case EPERM: 1585 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1586 "Permission denied.")); 1587 break; 1588 case EINVAL: 1589 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1590 "Invalid properties for key change.")); 1591 break; 1592 case EACCES: 1593 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1594 "Key is not currently loaded.")); 1595 break; 1596 } 1597 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1598 } 1599 1600 if (pzhp != NULL) 1601 zfs_close(pzhp); 1602 if (props != NULL) 1603 nvlist_free(props); 1604 if (wkeydata != NULL) 1605 free(wkeydata); 1606 1607 return (ret); 1608 1609error: 1610 if (pzhp != NULL) 1611 zfs_close(pzhp); 1612 if (props != NULL) 1613 nvlist_free(props); 1614 if (wkeydata != NULL) 1615 free(wkeydata); 1616 1617 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1618 return (ret); 1619} 1620