1 /* 2 * CDDL HEADER START 3 * 4 * This file and its contents are supplied under the terms of the 5 * Common Development and Distribution License ("CDDL"), version 1.0. 6 * You may only use this file in accordance with the terms of version 7 * 1.0 of the CDDL. 8 * 9 * A full copy of the text of the CDDL should have accompanied this 10 * source. A copy of the CDDL is also available via the Internet at 11 * http://www.illumos.org/license/CDDL. 12 * 13 * CDDL HEADER END 14 */ 15 16 /* 17 * Copyright (c) 2017, Datto, Inc. All rights reserved. 18 * Copyright 2020 Joyent, Inc. 19 */ 20 21 #include <sys/zfs_context.h> 22 #include <sys/fs/zfs.h> 23 #include <sys/dsl_crypt.h> 24 #include <libintl.h> 25 #include <termios.h> 26 #include <signal.h> 27 #include <errno.h> 28 #include <openssl/evp.h> 29 #include <libzfs.h> 30 #include "libzfs_impl.h" 31 #include "zfeature_common.h" 32 33 /* 34 * User keys are used to decrypt the master encryption keys of a dataset. This 35 * indirection allows a user to change his / her access key without having to 36 * re-encrypt the entire dataset. User keys can be provided in one of several 37 * ways. Raw keys are simply given to the kernel as is. Similarly, hex keys 38 * are converted to binary and passed into the kernel. Password based keys are 39 * a bit more complicated. Passwords alone do not provide suitable entropy for 40 * encryption and may be too short or too long to be used. In order to derive 41 * a more appropriate key we use a PBKDF2 function. This function is designed 42 * to take a (relatively) long time to calculate in order to discourage 43 * attackers from guessing from a list of common passwords. PBKDF2 requires 44 * 2 additional parameters. The first is the number of iterations to run, which 45 * will ultimately determine how long it takes to derive the resulting key from 46 * the password. The second parameter is a salt that is randomly generated for 47 * each dataset. The salt is used to "tweak" PBKDF2 such that a group of 48 * attackers cannot reasonably generate a table of commonly known passwords to 49 * their output keys and expect it work for all past and future PBKDF2 users. 50 * We store the salt as a hidden property of the dataset (although it is 51 * technically ok if the salt is known to the attacker). 52 */ 53 54 typedef enum key_locator { 55 KEY_LOCATOR_NONE, 56 KEY_LOCATOR_PROMPT, 57 KEY_LOCATOR_URI 58 } key_locator_t; 59 60 #define MIN_PASSPHRASE_LEN 8 61 #define MAX_PASSPHRASE_LEN 512 62 #define MAX_KEY_PROMPT_ATTEMPTS 3 63 64 static int caught_interrupt; 65 66 static int get_key_material_file(libzfs_handle_t *, const char *, const char *, 67 zfs_keyformat_t, boolean_t, uint8_t **, size_t *); 68 69 static zfs_uri_handler_t uri_handlers[] = { 70 { "file", get_key_material_file }, 71 { NULL, NULL } 72 }; 73 74 static int 75 pkcs11_get_urandom(uint8_t *buf, size_t bytes) 76 { 77 int rand; 78 ssize_t bytes_read = 0; 79 80 rand = open("/dev/urandom", O_RDONLY); 81 82 if (rand < 0) 83 return (rand); 84 85 while (bytes_read < bytes) { 86 ssize_t rc = read(rand, buf + bytes_read, bytes - bytes_read); 87 if (rc < 0) 88 break; 89 bytes_read += rc; 90 } 91 92 (void) close(rand); 93 94 return (bytes_read); 95 } 96 97 static int 98 zfs_prop_parse_keylocation(libzfs_handle_t *restrict hdl, const char *str, 99 zfs_keylocation_t *restrict locp, char **restrict schemep) 100 { 101 *locp = ZFS_KEYLOCATION_NONE; 102 *schemep = NULL; 103 104 if (strcmp("prompt", str) == 0) { 105 *locp = ZFS_KEYLOCATION_PROMPT; 106 return (0); 107 } 108 109 regmatch_t pmatch[2]; 110 111 if (regexec(&hdl->libzfs_urire, str, ARRAY_SIZE(pmatch), 112 pmatch, 0) == 0) { 113 size_t scheme_len; 114 115 if (pmatch[1].rm_so == -1) { 116 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 117 "Invalid URI")); 118 return (EINVAL); 119 } 120 121 scheme_len = pmatch[1].rm_eo - pmatch[1].rm_so; 122 123 *schemep = calloc(1, scheme_len + 1); 124 if (*schemep == NULL) { 125 int ret = errno; 126 127 errno = 0; 128 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 129 "Invalid URI")); 130 return (ret); 131 } 132 133 (void) memcpy(*schemep, str + pmatch[1].rm_so, scheme_len); 134 *locp = ZFS_KEYLOCATION_URI; 135 return (0); 136 } 137 138 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "Invalid keylocation")); 139 return (EINVAL); 140 } 141 142 static int 143 hex_key_to_raw(char *hex, int hexlen, uint8_t *out) 144 { 145 int ret, i; 146 unsigned int c; 147 148 for (i = 0; i < hexlen; i += 2) { 149 if (!isxdigit(hex[i]) || !isxdigit(hex[i + 1])) { 150 ret = EINVAL; 151 goto error; 152 } 153 154 ret = sscanf(&hex[i], "%02x", &c); 155 if (ret != 1) { 156 ret = EINVAL; 157 goto error; 158 } 159 160 out[i / 2] = c; 161 } 162 163 return (0); 164 165 error: 166 return (ret); 167 } 168 169 170 static void 171 catch_signal(int sig) 172 { 173 caught_interrupt = sig; 174 } 175 176 static const char * 177 get_format_prompt_string(zfs_keyformat_t format) 178 { 179 switch (format) { 180 case ZFS_KEYFORMAT_RAW: 181 return ("raw key"); 182 case ZFS_KEYFORMAT_HEX: 183 return ("hex key"); 184 case ZFS_KEYFORMAT_PASSPHRASE: 185 return ("passphrase"); 186 default: 187 /* shouldn't happen */ 188 return (NULL); 189 } 190 } 191 192 /* do basic validation of the key material */ 193 static int 194 validate_key(libzfs_handle_t *hdl, zfs_keyformat_t keyformat, 195 const char *key, size_t keylen) 196 { 197 switch (keyformat) { 198 case ZFS_KEYFORMAT_RAW: 199 /* verify the key length is correct */ 200 if (keylen < WRAPPING_KEY_LEN) { 201 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 202 "Raw key too short (expected %u)."), 203 WRAPPING_KEY_LEN); 204 return (EINVAL); 205 } 206 207 if (keylen > WRAPPING_KEY_LEN) { 208 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 209 "Raw key too long (expected %u)."), 210 WRAPPING_KEY_LEN); 211 return (EINVAL); 212 } 213 break; 214 case ZFS_KEYFORMAT_HEX: 215 /* verify the key length is correct */ 216 if (keylen < WRAPPING_KEY_LEN * 2) { 217 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 218 "Hex key too short (expected %u)."), 219 WRAPPING_KEY_LEN * 2); 220 return (EINVAL); 221 } 222 223 if (keylen > WRAPPING_KEY_LEN * 2) { 224 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 225 "Hex key too long (expected %u)."), 226 WRAPPING_KEY_LEN * 2); 227 return (EINVAL); 228 } 229 230 /* check for invalid hex digits */ 231 for (size_t i = 0; i < WRAPPING_KEY_LEN * 2; i++) { 232 if (!isxdigit(key[i])) { 233 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 234 "Invalid hex character detected.")); 235 return (EINVAL); 236 } 237 } 238 break; 239 case ZFS_KEYFORMAT_PASSPHRASE: 240 /* verify the length is within bounds */ 241 if (keylen > MAX_PASSPHRASE_LEN) { 242 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 243 "Passphrase too long (max %u)."), 244 MAX_PASSPHRASE_LEN); 245 return (EINVAL); 246 } 247 248 if (keylen < MIN_PASSPHRASE_LEN) { 249 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 250 "Passphrase too short (min %u)."), 251 MIN_PASSPHRASE_LEN); 252 return (EINVAL); 253 } 254 break; 255 default: 256 /* can't happen, checked above */ 257 break; 258 } 259 260 return (0); 261 } 262 263 static int 264 libzfs_getpassphrase(zfs_keyformat_t keyformat, boolean_t is_reenter, 265 boolean_t new_key, const char *fsname, 266 char **restrict res, size_t *restrict reslen) 267 { 268 FILE *f = stdin; 269 size_t buflen = 0; 270 ssize_t bytes; 271 int ret = 0; 272 struct termios old_term, new_term; 273 struct sigaction act, osigint, osigtstp; 274 275 *res = NULL; 276 *reslen = 0; 277 278 /* 279 * handle SIGINT and ignore SIGSTP. This is necessary to 280 * restore the state of the terminal. 281 */ 282 caught_interrupt = 0; 283 act.sa_flags = 0; 284 (void) sigemptyset(&act.sa_mask); 285 act.sa_handler = catch_signal; 286 287 (void) sigaction(SIGINT, &act, &osigint); 288 act.sa_handler = SIG_IGN; 289 (void) sigaction(SIGTSTP, &act, &osigtstp); 290 291 (void) printf("%s %s%s", 292 is_reenter ? "Re-enter" : "Enter", 293 new_key ? "new " : "", 294 get_format_prompt_string(keyformat)); 295 if (fsname != NULL) 296 (void) printf(" for '%s'", fsname); 297 (void) fputc(':', stdout); 298 (void) fflush(stdout); 299 300 /* disable the terminal echo for key input */ 301 (void) tcgetattr(fileno(f), &old_term); 302 303 new_term = old_term; 304 new_term.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); 305 306 ret = tcsetattr(fileno(f), TCSAFLUSH, &new_term); 307 if (ret != 0) { 308 ret = errno; 309 errno = 0; 310 goto out; 311 } 312 313 bytes = getline(res, &buflen, f); 314 if (bytes < 0) { 315 ret = errno; 316 errno = 0; 317 goto out; 318 } 319 320 /* trim the ending newline if it exists */ 321 if (bytes > 0 && (*res)[bytes - 1] == '\n') { 322 (*res)[bytes - 1] = '\0'; 323 bytes--; 324 } 325 326 *reslen = bytes; 327 328 out: 329 /* reset the terminal */ 330 (void) tcsetattr(fileno(f), TCSAFLUSH, &old_term); 331 (void) sigaction(SIGINT, &osigint, NULL); 332 (void) sigaction(SIGTSTP, &osigtstp, NULL); 333 334 /* if we caught a signal, re-throw it now */ 335 if (caught_interrupt != 0) 336 (void) kill(getpid(), caught_interrupt); 337 338 /* print the newline that was not echo'd */ 339 (void) printf("\n"); 340 341 return (ret); 342 } 343 344 static int 345 get_key_interactive(libzfs_handle_t *restrict hdl, const char *fsname, 346 zfs_keyformat_t keyformat, boolean_t confirm_key, boolean_t newkey, 347 uint8_t **restrict outbuf, size_t *restrict len_out) 348 { 349 char *buf = NULL, *buf2 = NULL; 350 size_t buflen = 0, buf2len = 0; 351 int ret = 0; 352 353 ASSERT(isatty(fileno(stdin))); 354 355 /* raw keys cannot be entered on the terminal */ 356 if (keyformat == ZFS_KEYFORMAT_RAW) { 357 ret = EINVAL; 358 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 359 "Cannot enter raw keys on the terminal")); 360 goto out; 361 } 362 363 /* prompt for the key */ 364 if ((ret = libzfs_getpassphrase(keyformat, B_FALSE, newkey, fsname, 365 &buf, &buflen)) != 0) { 366 free(buf); 367 buf = NULL; 368 buflen = 0; 369 goto out; 370 } 371 372 if (!confirm_key) 373 goto out; 374 375 if ((ret = validate_key(hdl, keyformat, buf, buflen)) != 0) { 376 free(buf); 377 return (ret); 378 } 379 380 ret = libzfs_getpassphrase(keyformat, B_TRUE, newkey, fsname, &buf2, 381 &buf2len); 382 if (ret != 0) { 383 free(buf); 384 free(buf2); 385 buf = buf2 = NULL; 386 buflen = buf2len = 0; 387 goto out; 388 } 389 390 if (buflen != buf2len || strcmp(buf, buf2) != 0) { 391 free(buf); 392 buf = NULL; 393 buflen = 0; 394 395 ret = EINVAL; 396 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 397 "Provided keys do not match.")); 398 } 399 400 free(buf2); 401 402 out: 403 *outbuf = (uint8_t *)buf; 404 *len_out = buflen; 405 return (ret); 406 } 407 408 static int 409 get_key_material_raw(FILE *fd, zfs_keyformat_t keyformat, 410 uint8_t **buf, size_t *len_out) 411 { 412 int ret = 0; 413 size_t buflen = 0; 414 415 *len_out = 0; 416 417 /* read the key material */ 418 if (keyformat != ZFS_KEYFORMAT_RAW) { 419 ssize_t bytes; 420 421 bytes = getline((char **)buf, &buflen, fd); 422 if (bytes < 0) { 423 ret = errno; 424 errno = 0; 425 goto out; 426 } 427 428 /* trim the ending newline if it exists */ 429 if (bytes > 0 && (*buf)[bytes - 1] == '\n') { 430 (*buf)[bytes - 1] = '\0'; 431 bytes--; 432 } 433 434 *len_out = bytes; 435 } else { 436 size_t n; 437 438 /* 439 * Raw keys may have newline characters in them and so can't 440 * use getline(). Here we attempt to read 33 bytes so that we 441 * can properly check the key length (the file should only have 442 * 32 bytes). 443 */ 444 *buf = malloc((WRAPPING_KEY_LEN + 1) * sizeof (uint8_t)); 445 if (*buf == NULL) { 446 ret = ENOMEM; 447 goto out; 448 } 449 450 n = fread(*buf, 1, WRAPPING_KEY_LEN + 1, fd); 451 if (n == 0 || ferror(fd)) { 452 /* size errors are handled by the calling function */ 453 free(*buf); 454 *buf = NULL; 455 ret = errno; 456 errno = 0; 457 goto out; 458 } 459 460 *len_out = n; 461 } 462 out: 463 return (ret); 464 } 465 466 static int 467 get_key_material_file(libzfs_handle_t *hdl, const char *uri, 468 const char *fsname, zfs_keyformat_t keyformat, boolean_t newkey, 469 uint8_t **restrict buf, size_t *restrict len_out) 470 { 471 FILE *f = NULL; 472 int ret = 0; 473 474 if (strlen(uri) < 7) 475 return (EINVAL); 476 477 if ((f = fopen(uri + 7, "r")) == NULL) { 478 ret = errno; 479 errno = 0; 480 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 481 "Failed to open key material file")); 482 return (ret); 483 } 484 485 ret = get_key_material_raw(f, keyformat, buf, len_out); 486 487 (void) fclose(f); 488 489 return (ret); 490 } 491 492 /* 493 * Attempts to fetch key material, no matter where it might live. The key 494 * material is allocated and returned in km_out. *can_retry_out will be set 495 * to B_TRUE if the user is providing the key material interactively, allowing 496 * for re-entry attempts. 497 */ 498 static int 499 get_key_material(libzfs_handle_t *hdl, boolean_t do_verify, boolean_t newkey, 500 zfs_keyformat_t keyformat, char *keylocation, const char *fsname, 501 uint8_t **km_out, size_t *kmlen_out, boolean_t *can_retry_out) 502 { 503 int ret; 504 zfs_keylocation_t keyloc = ZFS_KEYLOCATION_NONE; 505 uint8_t *km = NULL; 506 size_t kmlen = 0; 507 char *uri_scheme = NULL; 508 zfs_uri_handler_t *handler = NULL; 509 boolean_t can_retry = B_FALSE; 510 511 /* verify and parse the keylocation */ 512 ret = zfs_prop_parse_keylocation(hdl, keylocation, &keyloc, 513 &uri_scheme); 514 if (ret != 0) 515 goto error; 516 517 /* open the appropriate file descriptor */ 518 switch (keyloc) { 519 case ZFS_KEYLOCATION_PROMPT: 520 if (isatty(fileno(stdin))) { 521 can_retry = B_TRUE; 522 ret = get_key_interactive(hdl, fsname, keyformat, 523 do_verify, newkey, &km, &kmlen); 524 } else { 525 /* fetch the key material into the buffer */ 526 ret = get_key_material_raw(stdin, keyformat, &km, 527 &kmlen); 528 } 529 530 if (ret != 0) 531 goto error; 532 533 break; 534 case ZFS_KEYLOCATION_URI: 535 for (handler = uri_handlers; handler->zuh_scheme != NULL; 536 handler++) { 537 if (strcmp(handler->zuh_scheme, uri_scheme) != 0) 538 continue; 539 540 if ((ret = handler->zuh_handler(hdl, keylocation, 541 fsname, keyformat, newkey, &km, &kmlen)) != 0) 542 goto error; 543 544 break; 545 } 546 547 ret = ENOTSUP; 548 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 549 "URI scheme is not supported")); 550 551 break; 552 default: 553 ret = EINVAL; 554 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 555 "Invalid keylocation.")); 556 goto error; 557 } 558 559 if ((ret = validate_key(hdl, keyformat, (const char *)km, kmlen)) != 0) 560 goto error; 561 562 *km_out = km; 563 *kmlen_out = kmlen; 564 if (can_retry_out != NULL) 565 *can_retry_out = can_retry; 566 567 free(uri_scheme); 568 return (0); 569 570 error: 571 free(km); 572 573 *km_out = NULL; 574 *kmlen_out = 0; 575 576 if (can_retry_out != NULL) 577 *can_retry_out = can_retry; 578 579 free(uri_scheme); 580 return (ret); 581 } 582 583 static int 584 derive_key(libzfs_handle_t *hdl, zfs_keyformat_t format, uint64_t iters, 585 uint8_t *key_material, size_t key_material_len, uint64_t salt, 586 uint8_t **key_out) 587 { 588 int ret; 589 uint8_t *key; 590 591 *key_out = NULL; 592 593 key = zfs_alloc(hdl, WRAPPING_KEY_LEN); 594 if (!key) 595 return (ENOMEM); 596 597 switch (format) { 598 case ZFS_KEYFORMAT_RAW: 599 bcopy(key_material, key, WRAPPING_KEY_LEN); 600 break; 601 case ZFS_KEYFORMAT_HEX: 602 ret = hex_key_to_raw((char *)key_material, 603 WRAPPING_KEY_LEN * 2, key); 604 if (ret != 0) { 605 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 606 "Invalid hex key provided.")); 607 goto error; 608 } 609 break; 610 case ZFS_KEYFORMAT_PASSPHRASE: 611 salt = LE_64(salt); 612 613 ret = PKCS5_PBKDF2_HMAC_SHA1((char *)key_material, 614 strlen((char *)key_material), ((uint8_t *)&salt), 615 sizeof (uint64_t), iters, WRAPPING_KEY_LEN, key); 616 if (ret != 1) { 617 ret = EIO; 618 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 619 "Failed to generate key from passphrase.")); 620 goto error; 621 } 622 break; 623 default: 624 ret = EINVAL; 625 goto error; 626 } 627 628 *key_out = key; 629 return (0); 630 631 error: 632 free(key); 633 634 *key_out = NULL; 635 return (ret); 636 } 637 638 static boolean_t 639 encryption_feature_is_enabled(zpool_handle_t *zph) 640 { 641 nvlist_t *features; 642 uint64_t feat_refcount; 643 644 /* check that features can be enabled */ 645 if (zpool_get_prop_int(zph, ZPOOL_PROP_VERSION, NULL) 646 < SPA_VERSION_FEATURES) 647 return (B_FALSE); 648 649 /* check for crypto feature */ 650 features = zpool_get_features(zph); 651 if (!features || nvlist_lookup_uint64(features, 652 spa_feature_table[SPA_FEATURE_ENCRYPTION].fi_guid, 653 &feat_refcount) != 0) 654 return (B_FALSE); 655 656 return (B_TRUE); 657 } 658 659 static int 660 populate_create_encryption_params_nvlists(libzfs_handle_t *hdl, 661 zfs_handle_t *zhp, boolean_t newkey, zfs_keyformat_t keyformat, 662 char *keylocation, nvlist_t *props, uint8_t **wkeydata, uint_t *wkeylen) 663 { 664 int ret; 665 uint64_t iters = 0, salt = 0; 666 uint8_t *key_material = NULL; 667 size_t key_material_len = 0; 668 uint8_t *key_data = NULL; 669 const char *fsname = (zhp) ? zfs_get_name(zhp) : NULL; 670 671 /* get key material from keyformat and keylocation */ 672 ret = get_key_material(hdl, B_TRUE, newkey, keyformat, keylocation, 673 fsname, &key_material, &key_material_len, NULL); 674 if (ret != 0) 675 goto error; 676 677 /* passphrase formats require a salt and pbkdf2 iters property */ 678 if (keyformat == ZFS_KEYFORMAT_PASSPHRASE) { 679 /* always generate a new salt */ 680 ret = pkcs11_get_urandom((uint8_t *)&salt, sizeof (uint64_t)); 681 if (ret != sizeof (uint64_t)) { 682 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 683 "Failed to generate salt.")); 684 goto error; 685 } 686 687 ret = nvlist_add_uint64(props, 688 zfs_prop_to_name(ZFS_PROP_PBKDF2_SALT), salt); 689 if (ret != 0) { 690 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 691 "Failed to add salt to properties.")); 692 goto error; 693 } 694 695 /* 696 * If not otherwise specified, use the default number of 697 * pbkdf2 iterations. If specified, we have already checked 698 * that the given value is greater than MIN_PBKDF2_ITERATIONS 699 * during zfs_valid_proplist(). 700 */ 701 ret = nvlist_lookup_uint64(props, 702 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &iters); 703 if (ret == ENOENT) { 704 iters = DEFAULT_PBKDF2_ITERATIONS; 705 ret = nvlist_add_uint64(props, 706 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), iters); 707 if (ret != 0) 708 goto error; 709 } else if (ret != 0) { 710 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 711 "Failed to get pbkdf2 iterations.")); 712 goto error; 713 } 714 } else { 715 /* check that pbkdf2iters was not specified by the user */ 716 ret = nvlist_lookup_uint64(props, 717 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &iters); 718 if (ret == 0) { 719 ret = EINVAL; 720 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 721 "Cannot specify pbkdf2iters with a non-passphrase " 722 "keyformat.")); 723 goto error; 724 } 725 } 726 727 /* derive a key from the key material */ 728 ret = derive_key(hdl, keyformat, iters, key_material, key_material_len, 729 salt, &key_data); 730 if (ret != 0) 731 goto error; 732 733 free(key_material); 734 735 *wkeydata = key_data; 736 *wkeylen = WRAPPING_KEY_LEN; 737 return (0); 738 739 error: 740 if (key_material != NULL) 741 free(key_material); 742 if (key_data != NULL) 743 free(key_data); 744 745 *wkeydata = NULL; 746 *wkeylen = 0; 747 return (ret); 748 } 749 750 static boolean_t 751 proplist_has_encryption_props(nvlist_t *props) 752 { 753 int ret; 754 uint64_t intval; 755 char *strval; 756 757 ret = nvlist_lookup_uint64(props, 758 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), &intval); 759 if (ret == 0 && intval != ZIO_CRYPT_OFF) 760 return (B_TRUE); 761 762 ret = nvlist_lookup_string(props, 763 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &strval); 764 if (ret == 0 && strcmp(strval, "none") != 0) 765 return (B_TRUE); 766 767 ret = nvlist_lookup_uint64(props, 768 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &intval); 769 if (ret == 0) 770 return (B_TRUE); 771 772 ret = nvlist_lookup_uint64(props, 773 zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS), &intval); 774 if (ret == 0) 775 return (B_TRUE); 776 777 return (B_FALSE); 778 } 779 780 int 781 zfs_crypto_get_encryption_root(zfs_handle_t *zhp, boolean_t *is_encroot, 782 char *buf) 783 { 784 int ret; 785 char prop_encroot[MAXNAMELEN]; 786 787 /* if the dataset isn't encrypted, just return */ 788 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) == ZIO_CRYPT_OFF) { 789 *is_encroot = B_FALSE; 790 if (buf != NULL) 791 buf[0] = '\0'; 792 return (0); 793 } 794 795 ret = zfs_prop_get(zhp, ZFS_PROP_ENCRYPTION_ROOT, prop_encroot, 796 sizeof (prop_encroot), NULL, NULL, 0, B_TRUE); 797 if (ret != 0) { 798 *is_encroot = B_FALSE; 799 if (buf != NULL) 800 buf[0] = '\0'; 801 return (ret); 802 } 803 804 *is_encroot = strcmp(prop_encroot, zfs_get_name(zhp)) == 0; 805 if (buf != NULL) 806 strcpy(buf, prop_encroot); 807 808 return (0); 809 } 810 811 int 812 zfs_crypto_create(libzfs_handle_t *hdl, char *parent_name, nvlist_t *props, 813 nvlist_t *pool_props, boolean_t stdin_available, uint8_t **wkeydata_out, 814 uint_t *wkeylen_out) 815 { 816 int ret; 817 char errbuf[1024]; 818 uint64_t crypt = ZIO_CRYPT_INHERIT, pcrypt = ZIO_CRYPT_INHERIT; 819 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 820 char *keylocation = NULL; 821 zfs_handle_t *pzhp = NULL; 822 uint8_t *wkeydata = NULL; 823 uint_t wkeylen = 0; 824 boolean_t local_crypt = B_TRUE; 825 826 (void) snprintf(errbuf, sizeof (errbuf), 827 dgettext(TEXT_DOMAIN, "Encryption create error")); 828 829 /* lookup crypt from props */ 830 ret = nvlist_lookup_uint64(props, 831 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), &crypt); 832 if (ret != 0) 833 local_crypt = B_FALSE; 834 835 /* lookup key location and format from props */ 836 (void) nvlist_lookup_uint64(props, 837 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &keyformat); 838 (void) nvlist_lookup_string(props, 839 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation); 840 841 if (parent_name != NULL) { 842 /* get a reference to parent dataset */ 843 pzhp = make_dataset_handle(hdl, parent_name); 844 if (pzhp == NULL) { 845 ret = ENOENT; 846 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 847 "Failed to lookup parent.")); 848 goto out; 849 } 850 851 /* Lookup parent's crypt */ 852 pcrypt = zfs_prop_get_int(pzhp, ZFS_PROP_ENCRYPTION); 853 854 /* Params require the encryption feature */ 855 if (!encryption_feature_is_enabled(pzhp->zpool_hdl)) { 856 if (proplist_has_encryption_props(props)) { 857 ret = EINVAL; 858 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 859 "Encryption feature not enabled.")); 860 goto out; 861 } 862 863 ret = 0; 864 goto out; 865 } 866 } else { 867 /* 868 * special case for root dataset where encryption feature 869 * feature won't be on disk yet 870 */ 871 if (!nvlist_exists(pool_props, "feature@encryption")) { 872 if (proplist_has_encryption_props(props)) { 873 ret = EINVAL; 874 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 875 "Encryption feature not enabled.")); 876 goto out; 877 } 878 879 ret = 0; 880 goto out; 881 } 882 883 pcrypt = ZIO_CRYPT_OFF; 884 } 885 886 /* Get the inherited encryption property if we don't have it locally */ 887 if (!local_crypt) 888 crypt = pcrypt; 889 890 /* 891 * At this point crypt should be the actual encryption value. If 892 * encryption is off just verify that no encryption properties have 893 * been specified and return. 894 */ 895 if (crypt == ZIO_CRYPT_OFF) { 896 if (proplist_has_encryption_props(props)) { 897 ret = EINVAL; 898 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 899 "Encryption must be turned on to set encryption " 900 "properties.")); 901 goto out; 902 } 903 904 ret = 0; 905 goto out; 906 } 907 908 /* 909 * If we have a parent crypt it is valid to specify encryption alone. 910 * This will result in a child that is encrypted with the chosen 911 * encryption suite that will also inherit the parent's key. If 912 * the parent is not encrypted we need an encryption suite provided. 913 */ 914 if (pcrypt == ZIO_CRYPT_OFF && keylocation == NULL && 915 keyformat == ZFS_KEYFORMAT_NONE) { 916 ret = EINVAL; 917 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 918 "Keyformat required for new encryption root.")); 919 goto out; 920 } 921 922 /* 923 * Specifying a keylocation implies this will be a new encryption root. 924 * Check that a keyformat is also specified. 925 */ 926 if (keylocation != NULL && keyformat == ZFS_KEYFORMAT_NONE) { 927 ret = EINVAL; 928 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 929 "Keyformat required for new encryption root.")); 930 goto out; 931 } 932 933 /* default to prompt if no keylocation is specified */ 934 if (keyformat != ZFS_KEYFORMAT_NONE && keylocation == NULL) { 935 keylocation = "prompt"; 936 ret = nvlist_add_string(props, 937 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), keylocation); 938 if (ret != 0) 939 goto out; 940 } 941 942 /* 943 * If a local key is provided, this dataset will be a new 944 * encryption root. Populate the encryption params. 945 */ 946 if (keylocation != NULL) { 947 /* 948 * 'zfs recv -o keylocation=prompt' won't work because stdin 949 * is being used by the send stream, so we disallow it. 950 */ 951 if (!stdin_available && strcmp(keylocation, "prompt") == 0) { 952 ret = EINVAL; 953 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "Cannot use " 954 "'prompt' keylocation because stdin is in use.")); 955 goto out; 956 } 957 958 ret = populate_create_encryption_params_nvlists(hdl, NULL, 959 B_FALSE, keyformat, keylocation, props, &wkeydata, 960 &wkeylen); 961 if (ret != 0) 962 goto out; 963 } 964 965 if (pzhp != NULL) 966 zfs_close(pzhp); 967 968 *wkeydata_out = wkeydata; 969 *wkeylen_out = wkeylen; 970 return (0); 971 972 out: 973 if (pzhp != NULL) 974 zfs_close(pzhp); 975 if (wkeydata != NULL) 976 free(wkeydata); 977 978 *wkeydata_out = NULL; 979 *wkeylen_out = 0; 980 return (ret); 981 } 982 983 int 984 zfs_crypto_clone_check(libzfs_handle_t *hdl, zfs_handle_t *origin_zhp, 985 char *parent_name, nvlist_t *props) 986 { 987 char errbuf[1024]; 988 989 (void) snprintf(errbuf, sizeof (errbuf), 990 dgettext(TEXT_DOMAIN, "Encryption clone error")); 991 992 /* 993 * No encryption properties should be specified. They will all be 994 * inherited from the origin dataset. 995 */ 996 if (nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_KEYFORMAT)) || 997 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_KEYLOCATION)) || 998 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_ENCRYPTION)) || 999 nvlist_exists(props, zfs_prop_to_name(ZFS_PROP_PBKDF2_ITERS))) { 1000 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1001 "Encryption properties must inherit from origin dataset.")); 1002 return (EINVAL); 1003 } 1004 1005 return (0); 1006 } 1007 1008 typedef struct loadkeys_cbdata { 1009 uint64_t cb_numfailed; 1010 uint64_t cb_numattempted; 1011 } loadkey_cbdata_t; 1012 1013 static int 1014 load_keys_cb(zfs_handle_t *zhp, void *arg) 1015 { 1016 int ret; 1017 boolean_t is_encroot; 1018 loadkey_cbdata_t *cb = arg; 1019 uint64_t keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1020 1021 /* only attempt to load keys for encryption roots */ 1022 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL); 1023 if (ret != 0 || !is_encroot) 1024 goto out; 1025 1026 /* don't attempt to load already loaded keys */ 1027 if (keystatus == ZFS_KEYSTATUS_AVAILABLE) 1028 goto out; 1029 1030 /* Attempt to load the key. Record status in cb. */ 1031 cb->cb_numattempted++; 1032 1033 ret = zfs_crypto_load_key(zhp, B_FALSE, NULL); 1034 if (ret) 1035 cb->cb_numfailed++; 1036 1037 out: 1038 (void) zfs_iter_filesystems(zhp, load_keys_cb, cb); 1039 zfs_close(zhp); 1040 1041 /* always return 0, since this function is best effort */ 1042 return (0); 1043 } 1044 1045 /* 1046 * This function is best effort. It attempts to load all the keys for the given 1047 * filesystem and all of its children. 1048 */ 1049 int 1050 zfs_crypto_attempt_load_keys(libzfs_handle_t *hdl, char *fsname) 1051 { 1052 int ret; 1053 zfs_handle_t *zhp = NULL; 1054 loadkey_cbdata_t cb = { 0 }; 1055 1056 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME); 1057 if (zhp == NULL) { 1058 ret = ENOENT; 1059 goto error; 1060 } 1061 1062 ret = load_keys_cb(zfs_handle_dup(zhp), &cb); 1063 if (ret) 1064 goto error; 1065 1066 (void) printf(gettext("%llu / %llu keys successfully loaded\n"), 1067 (u_longlong_t)(cb.cb_numattempted - cb.cb_numfailed), 1068 (u_longlong_t)cb.cb_numattempted); 1069 1070 if (cb.cb_numfailed != 0) { 1071 ret = -1; 1072 goto error; 1073 } 1074 1075 zfs_close(zhp); 1076 return (0); 1077 1078 error: 1079 if (zhp != NULL) 1080 zfs_close(zhp); 1081 return (ret); 1082 } 1083 1084 int 1085 zfs_crypto_load_key(zfs_handle_t *zhp, boolean_t noop, char *alt_keylocation) 1086 { 1087 int ret, attempts = 0; 1088 char errbuf[1024]; 1089 uint64_t keystatus, iters = 0, salt = 0; 1090 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 1091 char prop_keylocation[MAXNAMELEN]; 1092 char prop_encroot[MAXNAMELEN]; 1093 char *keylocation = NULL; 1094 uint8_t *key_material = NULL, *key_data = NULL; 1095 size_t key_material_len; 1096 boolean_t is_encroot, can_retry = B_FALSE, correctible = B_FALSE; 1097 1098 (void) snprintf(errbuf, sizeof (errbuf), 1099 dgettext(TEXT_DOMAIN, "Key load error")); 1100 1101 /* check that encryption is enabled for the pool */ 1102 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1103 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1104 "Encryption feature not enabled.")); 1105 ret = EINVAL; 1106 goto error; 1107 } 1108 1109 /* Fetch the keyformat. Check that the dataset is encrypted. */ 1110 keyformat = zfs_prop_get_int(zhp, ZFS_PROP_KEYFORMAT); 1111 if (keyformat == ZFS_KEYFORMAT_NONE) { 1112 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1113 "'%s' is not encrypted."), zfs_get_name(zhp)); 1114 ret = EINVAL; 1115 goto error; 1116 } 1117 1118 /* 1119 * Fetch the key location. Check that we are working with an 1120 * encryption root. 1121 */ 1122 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, prop_encroot); 1123 if (ret != 0) { 1124 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1125 "Failed to get encryption root for '%s'."), 1126 zfs_get_name(zhp)); 1127 goto error; 1128 } else if (!is_encroot) { 1129 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1130 "Keys must be loaded for encryption root of '%s' (%s)."), 1131 zfs_get_name(zhp), prop_encroot); 1132 ret = EINVAL; 1133 goto error; 1134 } 1135 1136 /* 1137 * if the caller has elected to override the keylocation property 1138 * use that instead 1139 */ 1140 if (alt_keylocation != NULL) { 1141 keylocation = alt_keylocation; 1142 } else { 1143 ret = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION, prop_keylocation, 1144 sizeof (prop_keylocation), NULL, NULL, 0, B_TRUE); 1145 if (ret != 0) { 1146 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1147 "Failed to get keylocation for '%s'."), 1148 zfs_get_name(zhp)); 1149 goto error; 1150 } 1151 1152 keylocation = prop_keylocation; 1153 } 1154 1155 /* check that the key is unloaded unless this is a noop */ 1156 if (!noop) { 1157 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1158 if (keystatus == ZFS_KEYSTATUS_AVAILABLE) { 1159 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1160 "Key already loaded for '%s'."), zfs_get_name(zhp)); 1161 ret = EEXIST; 1162 goto error; 1163 } 1164 } 1165 1166 /* passphrase formats require a salt and pbkdf2_iters property */ 1167 if (keyformat == ZFS_KEYFORMAT_PASSPHRASE) { 1168 salt = zfs_prop_get_int(zhp, ZFS_PROP_PBKDF2_SALT); 1169 iters = zfs_prop_get_int(zhp, ZFS_PROP_PBKDF2_ITERS); 1170 } 1171 1172 try_again: 1173 /* fetching and deriving the key are correctable errors. set the flag */ 1174 correctible = B_TRUE; 1175 1176 /* get key material from key format and location */ 1177 ret = get_key_material(zhp->zfs_hdl, B_FALSE, B_FALSE, keyformat, 1178 keylocation, zfs_get_name(zhp), &key_material, &key_material_len, 1179 &can_retry); 1180 if (ret != 0) 1181 goto error; 1182 1183 /* derive a key from the key material */ 1184 ret = derive_key(zhp->zfs_hdl, keyformat, iters, key_material, 1185 key_material_len, salt, &key_data); 1186 if (ret != 0) 1187 goto error; 1188 1189 correctible = B_FALSE; 1190 1191 /* pass the wrapping key and noop flag to the ioctl */ 1192 ret = lzc_load_key(zhp->zfs_name, noop, key_data, WRAPPING_KEY_LEN); 1193 if (ret != 0) { 1194 switch (ret) { 1195 case EPERM: 1196 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1197 "Permission denied.")); 1198 break; 1199 case EINVAL: 1200 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1201 "Invalid parameters provided for dataset %s."), 1202 zfs_get_name(zhp)); 1203 break; 1204 case EEXIST: 1205 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1206 "Key already loaded for '%s'."), zfs_get_name(zhp)); 1207 break; 1208 case EBUSY: 1209 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1210 "'%s' is busy."), zfs_get_name(zhp)); 1211 break; 1212 case EACCES: 1213 correctible = B_TRUE; 1214 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1215 "Incorrect key provided for '%s'."), 1216 zfs_get_name(zhp)); 1217 break; 1218 } 1219 goto error; 1220 } 1221 1222 free(key_material); 1223 free(key_data); 1224 1225 return (0); 1226 1227 error: 1228 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1229 if (key_material != NULL) { 1230 free(key_material); 1231 key_material = NULL; 1232 } 1233 if (key_data != NULL) { 1234 free(key_data); 1235 key_data = NULL; 1236 } 1237 1238 /* 1239 * Here we decide if it is ok to allow the user to retry entering their 1240 * key. The can_retry flag will be set if the user is entering their 1241 * key from an interactive prompt. The correctable flag will only be 1242 * set if an error that occurred could be corrected by retrying. Both 1243 * flags are needed to allow the user to attempt key entry again 1244 */ 1245 attempts++; 1246 if (can_retry && correctible && attempts < MAX_KEY_PROMPT_ATTEMPTS) 1247 goto try_again; 1248 1249 return (ret); 1250 } 1251 1252 int 1253 zfs_crypto_unload_key(zfs_handle_t *zhp) 1254 { 1255 int ret; 1256 char errbuf[1024]; 1257 char prop_encroot[MAXNAMELEN]; 1258 uint64_t keystatus, keyformat; 1259 boolean_t is_encroot; 1260 1261 (void) snprintf(errbuf, sizeof (errbuf), 1262 dgettext(TEXT_DOMAIN, "Key unload error")); 1263 1264 /* check that encryption is enabled for the pool */ 1265 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1266 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1267 "Encryption feature not enabled.")); 1268 ret = EINVAL; 1269 goto error; 1270 } 1271 1272 /* Fetch the keyformat. Check that the dataset is encrypted. */ 1273 keyformat = zfs_prop_get_int(zhp, ZFS_PROP_KEYFORMAT); 1274 if (keyformat == ZFS_KEYFORMAT_NONE) { 1275 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1276 "'%s' is not encrypted."), zfs_get_name(zhp)); 1277 ret = EINVAL; 1278 goto error; 1279 } 1280 1281 /* 1282 * Fetch the key location. Check that we are working with an 1283 * encryption root. 1284 */ 1285 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, prop_encroot); 1286 if (ret != 0) { 1287 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1288 "Failed to get encryption root for '%s'."), 1289 zfs_get_name(zhp)); 1290 goto error; 1291 } else if (!is_encroot) { 1292 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1293 "Keys must be unloaded for encryption root of '%s' (%s)."), 1294 zfs_get_name(zhp), prop_encroot); 1295 ret = EINVAL; 1296 goto error; 1297 } 1298 1299 /* check that the key is loaded */ 1300 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1301 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1302 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1303 "Key already unloaded for '%s'."), zfs_get_name(zhp)); 1304 ret = EACCES; 1305 goto error; 1306 } 1307 1308 /* call the ioctl */ 1309 ret = lzc_unload_key(zhp->zfs_name); 1310 1311 if (ret != 0) { 1312 switch (ret) { 1313 case EPERM: 1314 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1315 "Permission denied.")); 1316 break; 1317 case EACCES: 1318 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1319 "Key already unloaded for '%s'."), 1320 zfs_get_name(zhp)); 1321 break; 1322 case EBUSY: 1323 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1324 "'%s' is busy."), zfs_get_name(zhp)); 1325 break; 1326 } 1327 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1328 } 1329 1330 return (ret); 1331 1332 error: 1333 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1334 return (ret); 1335 } 1336 1337 static int 1338 zfs_crypto_verify_rewrap_nvlist(zfs_handle_t *zhp, nvlist_t *props, 1339 nvlist_t **props_out, char *errbuf) 1340 { 1341 int ret; 1342 nvpair_t *elem = NULL; 1343 zfs_prop_t prop; 1344 nvlist_t *new_props = NULL; 1345 1346 new_props = fnvlist_alloc(); 1347 1348 /* 1349 * loop through all provided properties, we should only have 1350 * keyformat, keylocation and pbkdf2iters. The actual validation of 1351 * values is done by zfs_valid_proplist(). 1352 */ 1353 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) { 1354 const char *propname = nvpair_name(elem); 1355 prop = zfs_name_to_prop(propname); 1356 1357 switch (prop) { 1358 case ZFS_PROP_PBKDF2_ITERS: 1359 case ZFS_PROP_KEYFORMAT: 1360 case ZFS_PROP_KEYLOCATION: 1361 break; 1362 default: 1363 ret = EINVAL; 1364 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1365 "Only keyformat, keylocation and pbkdf2iters may " 1366 "be set with this command.")); 1367 goto error; 1368 } 1369 } 1370 1371 new_props = zfs_valid_proplist(zhp->zfs_hdl, zhp->zfs_type, props, 1372 zfs_prop_get_int(zhp, ZFS_PROP_ZONED), NULL, zhp->zpool_hdl, 1373 B_TRUE, errbuf); 1374 if (new_props == NULL) { 1375 ret = EINVAL; 1376 goto error; 1377 } 1378 1379 *props_out = new_props; 1380 return (0); 1381 1382 error: 1383 nvlist_free(new_props); 1384 *props_out = NULL; 1385 return (ret); 1386 } 1387 1388 int 1389 zfs_crypto_rewrap(zfs_handle_t *zhp, nvlist_t *raw_props, boolean_t inheritkey) 1390 { 1391 int ret; 1392 char errbuf[1024]; 1393 boolean_t is_encroot; 1394 nvlist_t *props = NULL; 1395 uint8_t *wkeydata = NULL; 1396 uint_t wkeylen = 0; 1397 dcp_cmd_t cmd = (inheritkey) ? DCP_CMD_INHERIT : DCP_CMD_NEW_KEY; 1398 uint64_t crypt, pcrypt, keystatus, pkeystatus; 1399 uint64_t keyformat = ZFS_KEYFORMAT_NONE; 1400 zfs_handle_t *pzhp = NULL; 1401 char *keylocation = NULL; 1402 char origin_name[MAXNAMELEN]; 1403 char prop_keylocation[MAXNAMELEN]; 1404 char parent_name[ZFS_MAX_DATASET_NAME_LEN]; 1405 1406 (void) snprintf(errbuf, sizeof (errbuf), 1407 dgettext(TEXT_DOMAIN, "Key change error")); 1408 1409 /* check that encryption is enabled for the pool */ 1410 if (!encryption_feature_is_enabled(zhp->zpool_hdl)) { 1411 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1412 "Encryption feature not enabled.")); 1413 ret = EINVAL; 1414 goto error; 1415 } 1416 1417 /* get crypt from dataset */ 1418 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION); 1419 if (crypt == ZIO_CRYPT_OFF) { 1420 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1421 "Dataset not encrypted.")); 1422 ret = EINVAL; 1423 goto error; 1424 } 1425 1426 /* get the encryption root of the dataset */ 1427 ret = zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL); 1428 if (ret != 0) { 1429 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1430 "Failed to get encryption root for '%s'."), 1431 zfs_get_name(zhp)); 1432 goto error; 1433 } 1434 1435 /* Clones use their origin's key and cannot rewrap it */ 1436 ret = zfs_prop_get(zhp, ZFS_PROP_ORIGIN, origin_name, 1437 sizeof (origin_name), NULL, NULL, 0, B_TRUE); 1438 if (ret == 0 && strcmp(origin_name, "") != 0) { 1439 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1440 "Keys cannot be changed on clones.")); 1441 ret = EINVAL; 1442 goto error; 1443 } 1444 1445 /* 1446 * If the user wants to use the inheritkey variant of this function 1447 * we don't need to collect any crypto arguments. 1448 */ 1449 if (!inheritkey) { 1450 /* validate the provided properties */ 1451 ret = zfs_crypto_verify_rewrap_nvlist(zhp, raw_props, &props, 1452 errbuf); 1453 if (ret != 0) 1454 goto error; 1455 1456 /* 1457 * Load keyformat and keylocation from the nvlist. Fetch from 1458 * the dataset properties if not specified. 1459 */ 1460 (void) nvlist_lookup_uint64(props, 1461 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), &keyformat); 1462 (void) nvlist_lookup_string(props, 1463 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation); 1464 1465 if (is_encroot) { 1466 /* 1467 * If this is already an encryption root, just keep 1468 * any properties not set by the user. 1469 */ 1470 if (keyformat == ZFS_KEYFORMAT_NONE) { 1471 keyformat = zfs_prop_get_int(zhp, 1472 ZFS_PROP_KEYFORMAT); 1473 ret = nvlist_add_uint64(props, 1474 zfs_prop_to_name(ZFS_PROP_KEYFORMAT), 1475 keyformat); 1476 if (ret != 0) { 1477 zfs_error_aux(zhp->zfs_hdl, 1478 dgettext(TEXT_DOMAIN, "Failed to " 1479 "get existing keyformat " 1480 "property.")); 1481 goto error; 1482 } 1483 } 1484 1485 if (keylocation == NULL) { 1486 ret = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION, 1487 prop_keylocation, sizeof (prop_keylocation), 1488 NULL, NULL, 0, B_TRUE); 1489 if (ret != 0) { 1490 zfs_error_aux(zhp->zfs_hdl, 1491 dgettext(TEXT_DOMAIN, "Failed to " 1492 "get existing keylocation " 1493 "property.")); 1494 goto error; 1495 } 1496 1497 keylocation = prop_keylocation; 1498 } 1499 } else { 1500 /* need a new key for non-encryption roots */ 1501 if (keyformat == ZFS_KEYFORMAT_NONE) { 1502 ret = EINVAL; 1503 zfs_error_aux(zhp->zfs_hdl, 1504 dgettext(TEXT_DOMAIN, "Keyformat required " 1505 "for new encryption root.")); 1506 goto error; 1507 } 1508 1509 /* default to prompt if no keylocation is specified */ 1510 if (keylocation == NULL) { 1511 keylocation = "prompt"; 1512 ret = nvlist_add_string(props, 1513 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), 1514 keylocation); 1515 if (ret != 0) 1516 goto error; 1517 } 1518 } 1519 1520 /* fetch the new wrapping key and associated properties */ 1521 ret = populate_create_encryption_params_nvlists(zhp->zfs_hdl, 1522 zhp, B_TRUE, keyformat, keylocation, props, &wkeydata, 1523 &wkeylen); 1524 if (ret != 0) 1525 goto error; 1526 } else { 1527 /* check that zhp is an encryption root */ 1528 if (!is_encroot) { 1529 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1530 "Key inheritting can only be performed on " 1531 "encryption roots.")); 1532 ret = EINVAL; 1533 goto error; 1534 } 1535 1536 /* get the parent's name */ 1537 ret = zfs_parent_name(zhp, parent_name, sizeof (parent_name)); 1538 if (ret != 0) { 1539 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1540 "Root dataset cannot inherit key.")); 1541 ret = EINVAL; 1542 goto error; 1543 } 1544 1545 /* get a handle to the parent */ 1546 pzhp = make_dataset_handle(zhp->zfs_hdl, parent_name); 1547 if (pzhp == NULL) { 1548 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1549 "Failed to lookup parent.")); 1550 ret = ENOENT; 1551 goto error; 1552 } 1553 1554 /* parent must be encrypted */ 1555 pcrypt = zfs_prop_get_int(pzhp, ZFS_PROP_ENCRYPTION); 1556 if (pcrypt == ZIO_CRYPT_OFF) { 1557 zfs_error_aux(pzhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1558 "Parent must be encrypted.")); 1559 ret = EINVAL; 1560 goto error; 1561 } 1562 1563 /* check that the parent's key is loaded */ 1564 pkeystatus = zfs_prop_get_int(pzhp, ZFS_PROP_KEYSTATUS); 1565 if (pkeystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1566 zfs_error_aux(pzhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1567 "Parent key must be loaded.")); 1568 ret = EACCES; 1569 goto error; 1570 } 1571 } 1572 1573 /* check that the key is loaded */ 1574 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 1575 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 1576 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1577 "Key must be loaded.")); 1578 ret = EACCES; 1579 goto error; 1580 } 1581 1582 /* call the ioctl */ 1583 ret = lzc_change_key(zhp->zfs_name, cmd, props, wkeydata, wkeylen); 1584 if (ret != 0) { 1585 switch (ret) { 1586 case EPERM: 1587 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1588 "Permission denied.")); 1589 break; 1590 case EINVAL: 1591 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1592 "Invalid properties for key change.")); 1593 break; 1594 case EACCES: 1595 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1596 "Key is not currently loaded.")); 1597 break; 1598 } 1599 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1600 } 1601 1602 if (pzhp != NULL) 1603 zfs_close(pzhp); 1604 if (props != NULL) 1605 nvlist_free(props); 1606 if (wkeydata != NULL) 1607 free(wkeydata); 1608 1609 return (ret); 1610 1611 error: 1612 if (pzhp != NULL) 1613 zfs_close(pzhp); 1614 if (props != NULL) 1615 nvlist_free(props); 1616 if (wkeydata != NULL) 1617 free(wkeydata); 1618 1619 zfs_error(zhp->zfs_hdl, EZFS_CRYPTOFAILED, errbuf); 1620 return (ret); 1621 } 1622