CBE key encryption

Josef Söntgen josef.soentgen at genode-labs.com
Fri Nov 26 14:45:57 CET 2021

Hello Stefan,

> But then the vfs_cbe requests to have a all zero key encrypted which due
> to the ICV added by hardware black key handling fails. We cannot seam to
> find out where the request originates or why vfs_cbe would ever encrypt
> any key, let alone a key of all zeros.

Whenever the CBE writes the current superblock back to the block device
it first has to encrypt the current and the previous(!) key as both are
stored within the superblock on the block-device. This is necessary
because you may stop the CBE during rekeying and it needs the previous
key to complete the operation as there are still blocks encypted with
the old key around.

So I assume in your case the previous key was not yet used and therefor
is initialized to a default value that, as it happens, is all zeros and
the CBE wants to write the superblock back (it does so on every 'sync'
request), which is why you encounter this unexpected request.


Josef Söntgen
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.genode.org/pipermail/users/attachments/20211126/f864f8dd/attachment.sig>

More information about the users mailing list