~tomleb/alpine-mkinitfs

839b554fd005c4931ff3373fdba344e802908cbc — Tom Lebreux 10 months ago 422811d
Store passphrase in linux keyring

Caveats:
- The linux keyring is hardcoded and created in initramfs-init instead
  of by another binary
- The permission set for the keyring are not secure
- The keyring & key are chown'd to a hardcoded uid
- The changes always occur instead of being behind a flag
3 files changed, 29 insertions(+), 6 deletions(-)

M Makefile
M initramfs-init.in
M nlplug-findfs/nlplug-findfs.c
M Makefile => Makefile +4 -2
@@ 107,9 107,11 @@ LIBKMOD_CFLAGS	:= $(shell $(PKGCONF) --cflags libkmod)
LIBKMOD_LIBS	:= $(shell $(PKGCONF) --libs libkmod)
CRYPTSETUP_CFLAGS := $(shell $(PKGCONF) --cflags libcryptsetup)
CRYPTSETUP_LIBS	:= $(shell $(PKGCONF) --libs libcryptsetup)
LIBKEYUTILS_CFLAGS	:= $(shell $(PKGCONF) --cflags libkeyutils)
LIBKEYUTILS_LIBS	:= $(shell $(PKGCONF) --libs libkeyutils)

CFLAGS		+= $(BLKID_CFLAGS) $(LIBKMOD_CFLAGS) $(CRYPTSETUP_CFLAGS)
LIBS		= $(BLKID_LIBS) $(LIBKMOD_LIBS) $(CRYPTSETUP_LIBS)
CFLAGS		+= $(BLKID_CFLAGS) $(LIBKMOD_CFLAGS) $(CRYPTSETUP_CFLAGS) $(LIBKEYUTILS_CFLAGS)
LIBS		= $(BLKID_LIBS) $(LIBKMOD_LIBS) $(CRYPTSETUP_LIBS) $(LIBKEYUTILS_LIBS)

%.o: %.c
	$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ -c $<

M initramfs-init.in => initramfs-init.in +8 -1
@@ 535,9 535,16 @@ ln -s /proc/mounts "$ROOT"/etc/mtab

# check if root=... was set
if [ -n "$KOPT_root" ]; then
	keyctl newring hackweek @u
	keyctl chown %:hackweek 1000
	keyctl setperm %:hackweek 0x3f3f3f3f
	keyid=$(keyctl add user hackweek "the-secret" %:hackweek)
	keyctl chown "$keyid" 1000
	keyctl setperm "$keyid" 0x3f3f3f3f

	# run nlplug-findfs before SINGLEMODE so we load keyboard drivers
	ebegin "Mounting root"
	$MOCK nlplug-findfs $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \
	$MOCK nlplug-findfs -i "$keyid" $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \
		${KOPT_uevent_buf_size:+-U $KOPT_uevent_buf_size} \
		$KOPT_root


M nlplug-findfs/nlplug-findfs.c => nlplug-findfs/nlplug-findfs.c +17 -3
@@ 40,6 40,7 @@
#include <libkmod.h>
#include <blkid.h>
#include <libcryptsetup.h>
#include <keyutils.h>

#define MAX_EVENT_TIMEOUT	5000
#define DEFAULT_EVENT_TIMEOUT	250


@@ 59,6 60,8 @@ static char *default_envp[2];
char *argv0;
static int use_mdadm, use_lvm, use_zpool;

static long keyid;

#if defined(DEBUG)
#include <stdarg.h>
static void dbg(const char *fmt, ...)


@@ 621,10 624,18 @@ static void *cryptsetup_thread(void *data)
						 pass, strlen(pass),
						 c->crypt.flags);
		pthread_mutex_unlock(&c->crypt.mutex);
		memset(pass, 0, sizeof(pass)); /* wipe pass after use */

		if (r >= 0)
		if (r >= 0) {
			printf("The keyid for hackweek is %ld\n", keyid);
			if (keyctl_update(keyid, pass, strlen(pass)) < 0) {
				printf("error updating keyring\n");
			}

			memset(pass, 0, sizeof(pass)); /* wipe pass after use */
			goto free_out;
		}

		memset(pass, 0, sizeof(pass)); /* wipe pass after use */
		printf("No key available with this passphrase.\n");
	}
	printf("Mounting %s failed, amount of tries exhausted.\n", c->crypt.data.devnode);


@@ 1285,7 1296,7 @@ int main(int argc, char *argv[])
			{ "uevent-buffer-size",			required_argument, NULL, 'U'},
		};

		int c = getopt_long(argc, argv, "a:b:c:hH:k:m:no:Ddf:p:t:U:", options, NULL);
		int c = getopt_long(argc, argv, "a:b:c:hH:k:m:no:Ddf:p:t:U:i:", options, NULL);
		if (c == -1)
			break;



@@ 1311,6 1322,9 @@ int main(int argc, char *argv[])
		case 'h':
			usage(0);
			break;
		case 'i':
			keyid = atoi(optarg);
			break;
		case 'k':
			conf.crypt.data.key = optarg;
			break;