Extend libdm_rust to build dm-crypt device
Add crypt module which supports building DmCryptTarget based dm table
entry. Also expose this via create_crypt_device()
Also, add unit test that use loopdevice as the backing device.
Test: atest libdm_rust.test
Bug: 250880499
Change-Id: Ibf09ca267cbcc7a2dc00dd835f2d8b781040f130
diff --git a/libs/devicemapper/Android.bp b/libs/devicemapper/Android.bp
index 088b320..783fa79 100644
--- a/libs/devicemapper/Android.bp
+++ b/libs/devicemapper/Android.bp
@@ -36,5 +36,5 @@
"libscopeguard",
"libtempfile",
],
- data: ["tests/data/*"],
+ data: ["testdata/*"],
}
diff --git a/libs/devicemapper/src/crypt.rs b/libs/devicemapper/src/crypt.rs
new file mode 100644
index 0000000..9b715a5
--- /dev/null
+++ b/libs/devicemapper/src/crypt.rs
@@ -0,0 +1,153 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/// `crypt` module implements the "crypt" target in the device mapper framework. Specifically,
+/// it provides `DmCryptTargetBuilder` struct which is used to construct a `DmCryptTarget` struct
+/// which is then given to `DeviceMapper` to create a mapper device.
+use crate::util::*;
+use crate::DmTargetSpec;
+
+use anyhow::{bail, Context, Result};
+use data_model::DataInit;
+use std::io::Write;
+use std::mem::size_of;
+use std::path::Path;
+
+const SECTOR_SIZE: u64 = 512;
+
+// The UAPI for the crypt target is at:
+// Documentation/admin-guide/device-mapper/dm-crypt.rst
+
+/// Supported ciphers
+pub enum CipherType {
+ // TODO(b/253394457) Include ciphers with authenticated modes as well
+ AES256XTS,
+}
+
+pub struct DmCryptTarget(Box<[u8]>);
+
+impl DmCryptTarget {
+ /// Flatten into slice
+ pub fn as_slice(&self) -> &[u8] {
+ self.0.as_ref()
+ }
+}
+
+pub struct DmCryptTargetBuilder<'a> {
+ cipher: CipherType,
+ key: Option<&'a [u8]>,
+ iv_offset: u64,
+ device_path: Option<&'a Path>,
+ offset: u64,
+ device_size: u64,
+ // TODO(b/238179332) Extend this to include opt_params, in particular 'integrity'
+}
+
+impl<'a> Default for DmCryptTargetBuilder<'a> {
+ fn default() -> Self {
+ DmCryptTargetBuilder {
+ cipher: CipherType::AES256XTS,
+ key: None,
+ iv_offset: 0,
+ device_path: None,
+ offset: 0,
+ device_size: 0,
+ }
+ }
+}
+
+impl<'a> DmCryptTargetBuilder<'a> {
+ /// Sets the device that will be used as the data device (i.e. providing actual data).
+ pub fn data_device(&mut self, p: &'a Path, size: u64) -> &mut Self {
+ self.device_path = Some(p);
+ self.device_size = size;
+ self
+ }
+
+ /// Sets the encryption cipher.
+ pub fn cipher(&mut self, cipher: CipherType) -> &mut Self {
+ self.cipher = cipher;
+ self
+ }
+
+ /// Sets the key used for encryption. Input is byte array.
+ pub fn key(&mut self, key: &'a [u8]) -> &mut Self {
+ self.key = Some(key);
+ self
+ }
+
+ /// The IV offset is a sector count that is added to the sector number before creating the IV.
+ pub fn iv_offset(&mut self, iv_offset: u64) -> &mut Self {
+ self.iv_offset = iv_offset;
+ self
+ }
+
+ /// Starting sector within the device where the encrypted data begins
+ pub fn offset(&mut self, offset: u64) -> &mut Self {
+ self.offset = offset;
+ self
+ }
+
+ /// Constructs a `DmCryptTarget`.
+ pub fn build(&self) -> Result<DmCryptTarget> {
+ // The `DmCryptTarget` struct actually is a flattened data consisting of a header and
+ // body. The format of the header is `dm_target_spec` as defined in
+ // include/uapi/linux/dm-ioctl.h.
+ let device_path = self
+ .device_path
+ .context("data device is not set")?
+ .to_str()
+ .context("data device path is not encoded in utf8")?;
+
+ let key =
+ if let Some(key) = self.key { hexstring_from(key) } else { bail!("key is not set") };
+
+ // Step2: serialize the information according to the spec, which is ...
+ // DmTargetSpec{...}
+ // <cipher> <key> <iv_offset> <device path> \
+ // <offset> [<#opt_params> <opt_params>]
+ let mut body = String::new();
+ use std::fmt::Write;
+ write!(&mut body, "{} ", get_kernel_crypto_name(&self.cipher))?;
+ write!(&mut body, "{} ", key)?;
+ write!(&mut body, "{} ", self.iv_offset)?;
+ write!(&mut body, "{} ", device_path)?;
+ write!(&mut body, "{} ", self.offset)?;
+ write!(&mut body, "\0")?; // null terminator
+
+ let size = size_of::<DmTargetSpec>() + body.len();
+ let aligned_size = (size + 7) & !7; // align to 8 byte boundaries
+ let padding = aligned_size - size;
+
+ let mut header = DmTargetSpec::new("crypt")?;
+ header.sector_start = 0;
+ header.length = self.device_size / SECTOR_SIZE; // number of 512-byte sectors
+ header.next = aligned_size as u32;
+
+ let mut buf = Vec::with_capacity(aligned_size);
+ buf.write_all(header.as_slice())?;
+ buf.write_all(body.as_bytes())?;
+ buf.write_all(vec![0; padding].as_slice())?;
+
+ Ok(DmCryptTarget(buf.into_boxed_slice()))
+ }
+}
+
+fn get_kernel_crypto_name(cipher: &CipherType) -> &str {
+ match cipher {
+ CipherType::AES256XTS => "aes-xts-plain64",
+ }
+}
diff --git a/libs/devicemapper/src/lib.rs b/libs/devicemapper/src/lib.rs
index 938ca0f..b9fb5c3 100644
--- a/libs/devicemapper/src/lib.rs
+++ b/libs/devicemapper/src/lib.rs
@@ -38,6 +38,8 @@
use std::os::unix::io::AsRawFd;
use std::path::{Path, PathBuf};
+/// Exposes DmCryptTarget & related builder
+pub mod crypt;
/// Expose util functions
pub mod util;
/// Exposes the DmVerityTarget & related builder
@@ -46,9 +48,10 @@
pub mod loopdevice;
mod sys;
+use crypt::DmCryptTarget;
use sys::*;
use util::*;
-use verity::*;
+use verity::DmVerityTarget;
nix::ioctl_readwrite!(_dm_dev_create, DM_IOCTL, Cmd::DM_DEV_CREATE, DmIoctl);
nix::ioctl_readwrite!(_dm_dev_suspend, DM_IOCTL, Cmd::DM_DEV_SUSPEND, DmIoctl);
@@ -151,27 +154,55 @@
Ok(DeviceMapper(f))
}
- /// Creates a device mapper device and configure it according to the `target` specification.
+ /// Creates a (crypt) device and configure it according to the `target` specification.
+ /// The path to the generated device is "/dev/mapper/<name>".
+ pub fn create_crypt_device(&self, name: &str, target: &DmCryptTarget) -> Result<PathBuf> {
+ self.create_device(name, target.as_slice(), uuid("crypto".as_bytes())?, true)
+ }
+
+ /// Creates a (verity) device and configure it according to the `target` specification.
/// The path to the generated device is "/dev/mapper/<name>".
pub fn create_verity_device(&self, name: &str, target: &DmVerityTarget) -> Result<PathBuf> {
+ self.create_device(name, target.as_slice(), uuid("apkver".as_bytes())?, false)
+ }
+
+ /// Removes a mapper device.
+ pub fn delete_device_deferred(&self, name: &str) -> Result<()> {
+ let mut data = DmIoctl::new(name)?;
+ data.flags |= Flag::DM_DEFERRED_REMOVE;
+ dm_dev_remove(self, &mut data)
+ .context(format!("failed to remove device with name {}", &name))?;
+ Ok(())
+ }
+
+ fn create_device(
+ &self,
+ name: &str,
+ target: &[u8],
+ uid: String,
+ writable: bool,
+ ) -> Result<PathBuf> {
// Step 1: create an empty device
let mut data = DmIoctl::new(name)?;
- data.set_uuid(&uuid("apkver".as_bytes())?)?;
+ data.set_uuid(&uid)?;
dm_dev_create(self, &mut data)
.context(format!("failed to create an empty device with name {}", &name))?;
// Step 2: load table onto the device
- let payload_size = size_of::<DmIoctl>() + target.as_slice().len();
+ let payload_size = size_of::<DmIoctl>() + target.len();
let mut data = DmIoctl::new(name)?;
data.data_size = payload_size as u32;
data.data_start = size_of::<DmIoctl>() as u32;
data.target_count = 1;
- data.flags |= Flag::DM_READONLY_FLAG;
+
+ if !writable {
+ data.flags |= Flag::DM_READONLY_FLAG;
+ }
let mut payload = Vec::with_capacity(payload_size);
payload.extend_from_slice(data.as_slice());
- payload.extend_from_slice(target.as_slice());
+ payload.extend_from_slice(target);
dm_table_load(self, payload.as_mut_ptr() as *mut DmIoctl)
.context("failed to load table")?;
@@ -185,15 +216,6 @@
wait_for_path(&path)?;
Ok(path)
}
-
- /// Removes a mapper device
- pub fn delete_device_deferred(&self, name: &str) -> Result<()> {
- let mut data = DmIoctl::new(name)?;
- data.flags |= Flag::DM_DEFERRED_REMOVE;
- dm_dev_remove(self, &mut data)
- .context(format!("failed to remove device with name {}", &name))?;
- Ok(())
- }
}
/// Used to derive a UUID that uniquely identifies a device mapper device when creating it.
@@ -208,3 +230,113 @@
let uuid = Uuid::new_v1(ts, node_id)?;
Ok(String::from(uuid.to_hyphenated().encode_lower(&mut Uuid::encode_buffer())))
}
+
+#[cfg(test)]
+mod tests {
+ use super::*;
+ use crypt::DmCryptTargetBuilder;
+ use std::fs::{read, File, OpenOptions};
+ use std::io::Write;
+
+ const KEY: &[u8; 32] = b"thirtytwobyteslongreallylongword";
+ const DIFFERENT_KEY: &[u8; 32] = b"drowgnolyllaergnolsetybowtytriht";
+
+ // Create a file in given temp directory with given size
+ fn prepare_tmpfile(test_dir: &Path, filename: &str, sz: u64) -> PathBuf {
+ let filepath = test_dir.join(filename);
+ let f = File::create(&filepath).unwrap();
+ f.set_len(sz).unwrap();
+ filepath
+ }
+
+ fn write_to_dev(path: &Path, data: &[u8]) {
+ let mut f = OpenOptions::new().read(true).write(true).open(&path).unwrap();
+ f.write_all(data).unwrap();
+ }
+
+ fn delete_device(dm: &DeviceMapper, name: &str) -> Result<()> {
+ dm.delete_device_deferred(name)?;
+ wait_for_path_disappears(Path::new(MAPPER_DEV_ROOT).join(&name))?;
+ Ok(())
+ }
+
+ #[test]
+ fn mapping_again_keeps_data() {
+ // This test creates 2 different crypt devices using same key backed by same data_device
+ // -> Write data on dev1 -> Check the data is visible & same on dev2
+ let dm = DeviceMapper::new().unwrap();
+ let inputimg = include_bytes!("../testdata/rand8k");
+ let sz = inputimg.len() as u64;
+
+ let test_dir = tempfile::TempDir::new().unwrap();
+ let backing_file = prepare_tmpfile(test_dir.path(), "storage", sz);
+ let data_device = loopdevice::attach(
+ backing_file,
+ 0,
+ sz,
+ /*direct_io*/ true,
+ /*writable*/ true,
+ )
+ .unwrap();
+ scopeguard::defer! {
+ loopdevice::detach(&data_device).unwrap();
+ _ = delete_device(&dm, "crypt1");
+ _ = delete_device(&dm, "crypt2");
+ }
+
+ let target =
+ DmCryptTargetBuilder::default().data_device(&data_device, sz).key(KEY).build().unwrap();
+
+ let mut crypt_device = dm.create_crypt_device("crypt1", &target).unwrap();
+ write_to_dev(&crypt_device, inputimg);
+
+ // Recreate another device using same target spec & check if the content is the same
+ crypt_device = dm.create_crypt_device("crypt2", &target).unwrap();
+
+ let crypt = read(crypt_device).unwrap();
+ assert_eq!(inputimg.len(), crypt.len()); // fail early if the size doesn't match
+ assert_eq!(inputimg, crypt.as_slice());
+ }
+
+ #[test]
+ fn data_inaccessible_with_diff_key() {
+ // This test creates 2 different crypt devices using different keys backed
+ // by same data_device -> Write data on dev1 -> Check the data is visible but not the same on dev2
+ let dm = DeviceMapper::new().unwrap();
+ let inputimg = include_bytes!("../testdata/rand8k");
+ let sz = inputimg.len() as u64;
+
+ let test_dir = tempfile::TempDir::new().unwrap();
+ let backing_file = prepare_tmpfile(test_dir.path(), "storage", sz);
+ let data_device = loopdevice::attach(
+ backing_file,
+ 0,
+ sz,
+ /*direct_io*/ true,
+ /*writable*/ true,
+ )
+ .unwrap();
+ scopeguard::defer! {
+ loopdevice::detach(&data_device).unwrap();
+ _ = delete_device(&dm, "crypt3");
+ _ = delete_device(&dm, "crypt4");
+ }
+
+ let target =
+ DmCryptTargetBuilder::default().data_device(&data_device, sz).key(KEY).build().unwrap();
+ let target2 = DmCryptTargetBuilder::default()
+ .data_device(&data_device, sz)
+ .key(DIFFERENT_KEY)
+ .build()
+ .unwrap();
+
+ let mut crypt_device = dm.create_crypt_device("crypt3", &target).unwrap();
+
+ write_to_dev(&crypt_device, inputimg);
+
+ // Recreate the crypt device again diff key & check if the content is changed
+ crypt_device = dm.create_crypt_device("crypt4", &target2).unwrap();
+ let crypt = read(crypt_device).unwrap();
+ assert_ne!(inputimg, crypt.as_slice());
+ }
+}
diff --git a/libs/devicemapper/src/util.rs b/libs/devicemapper/src/util.rs
index 913f827..e8df424 100644
--- a/libs/devicemapper/src/util.rs
+++ b/libs/devicemapper/src/util.rs
@@ -37,6 +37,21 @@
Ok(())
}
+/// Wait for the path to disappear
+#[cfg(test)]
+pub fn wait_for_path_disappears<P: AsRef<Path>>(path: P) -> Result<()> {
+ const TIMEOUT: Duration = Duration::from_secs(1);
+ const INTERVAL: Duration = Duration::from_millis(10);
+ let begin = Instant::now();
+ while !path.as_ref().exists() {
+ if begin.elapsed() > TIMEOUT {
+ bail!("{:?} not disappearing. TIMEOUT.", path.as_ref());
+ }
+ thread::sleep(INTERVAL);
+ }
+ Ok(())
+}
+
/// Returns hexadecimal reprentation of a given byte array.
pub fn hexstring_from(s: &[u8]) -> String {
s.iter().map(|byte| format!("{:02x}", byte)).reduce(|i, j| i + &j).unwrap_or_default()
diff --git a/libs/devicemapper/testdata/rand8k b/libs/devicemapper/testdata/rand8k
new file mode 100644
index 0000000..4172e33
--- /dev/null
+++ b/libs/devicemapper/testdata/rand8k
Binary files differ