From 8d5e53b88aaafe7c01fc369e52dbd1fc8955a77d Mon Sep 17 00:00:00 2001 From: Colin Gillespie Date: Fri, 8 Sep 2023 17:27:51 +1000 Subject: [PATCH] cmd_set_passphrase: revoke the invalidated key After setting a new passphrase, the previous key is left untouched. This revokes the old key, preventing future actions from using it in error. Signed-off-by: Colin Gillespie --- cmd_key.c | 1 + libbcachefs/checksum.c | 18 ++++++++++++++++++ libbcachefs/checksum.h | 1 + 3 files changed, 20 insertions(+) diff --git a/cmd_key.c b/cmd_key.c index e8c3eea..d3e5d7b 100644 --- a/cmd_key.c +++ b/cmd_key.c @@ -111,6 +111,7 @@ int cmd_set_passphrase(int argc, char *argv[]) die("error encrypting key"); crypt->key = new_key; + bch2_revoke_key(c->disk_sb.sb); bch2_write_super(c); bch2_fs_stop(c); return 0; diff --git a/libbcachefs/checksum.c b/libbcachefs/checksum.c index 3693902..4c87c59 100644 --- a/libbcachefs/checksum.c +++ b/libbcachefs/checksum.c @@ -558,6 +558,24 @@ int bch2_request_key(struct bch_sb *sb, struct bch_key *key) return ret; } +int bch2_revoke_key(struct bch_sb *sb) +{ + key_serial_t key_id; + struct printbuf key_description = PRINTBUF; + + prt_printf(&key_description, "bcachefs:"); + pr_uuid(&key_description, sb->user_uuid.b); + + key_id = request_key("user", key_description.buf, NULL, KEY_SPEC_USER_KEYRING); + printbuf_exit(&key_description); + if (key_id < 0) + return errno; + + keyctl_revoke(key_id); + + return 0; +} + int bch2_decrypt_sb_key(struct bch_fs *c, struct bch_sb_field_crypt *crypt, struct bch_key *key) diff --git a/libbcachefs/checksum.h b/libbcachefs/checksum.h index c7b1a8f..9a4898d 100644 --- a/libbcachefs/checksum.h +++ b/libbcachefs/checksum.h @@ -48,6 +48,7 @@ struct bch_csum bch2_checksum(struct bch_fs *, unsigned, struct nonce, int bch2_chacha_encrypt_key(struct bch_key *, struct nonce, void *, size_t); int bch2_request_key(struct bch_sb *, struct bch_key *); +int bch2_revoke_key(struct bch_sb *); int bch2_encrypt(struct bch_fs *, unsigned, struct nonce, void *data, size_t); -- 2.39.2