linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jason Gunthorpe <jgg@ziepe.ca>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	"Jason A. Donenfeld" <Jason@zx2c4.com>,
	Pankaj Gupta <pankaj.gupta@nxp.com>,
	"jarkko@kernel.org" <jarkko@kernel.org>,
	"a.fatoum@pengutronix.de" <a.fatoum@pengutronix.de>,
	"gilad@benyossef.com" <gilad@benyossef.com>,
	"jejb@linux.ibm.com" <jejb@linux.ibm.com>,
	"zohar@linux.ibm.com" <zohar@linux.ibm.com>,
	"dhowells@redhat.com" <dhowells@redhat.com>,
	"sumit.garg@linaro.org" <sumit.garg@linaro.org>,
	"david@sigma-star.at" <david@sigma-star.at>,
	"michael@walle.cc" <michael@walle.cc>,
	"john.ernberg@actia.se" <john.ernberg@actia.se>,
	"jmorris@namei.org" <jmorris@namei.org>,
	"serge@hallyn.com" <serge@hallyn.com>,
	"davem@davemloft.net" <davem@davemloft.net>,
	"j.luebbe@pengutronix.de" <j.luebbe@pengutronix.de>,
	"richard@nod.at" <richard@nod.at>,
	"keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
	"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
	"linux-integrity@vger.kernel.org"
	<linux-integrity@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-security-module@vger.kernel.org" 
	<linux-security-module@vger.kernel.org>,
	Sahil Malhotra <sahil.malhotra@nxp.com>,
	Kshitiz Varshney <kshitiz.varshney@nxp.com>,
	Horia Geanta <horia.geanta@nxp.com>,
	Varun Sethi <V.Sethi@nxp.com>
Subject: Re: [EXT] Re: [PATCH v0 3/8] crypto: hbk flags & info added to the tfm
Date: Thu, 20 Oct 2022 20:42:58 -0300	[thread overview]
Message-ID: <Y1HdAmy6ZfN8f5hJ@ziepe.ca> (raw)
In-Reply-To: <Y1G9hKPT1MNQQxcG@sol.localdomain>

On Thu, Oct 20, 2022 at 02:28:36PM -0700, Eric Biggers wrote:
> On Thu, Oct 20, 2022 at 04:23:53PM -0300, Jason Gunthorpe wrote:
> > On Wed, Oct 19, 2022 at 09:26:05PM -0700, Eric Biggers wrote:
> > 
> > > Are you referring to the support for hardware-wrapped inline crypto keys?  It
> > > isn't upstream yet, but my latest patchset is at
> > > https://lore.kernel.org/linux-fscrypt/20220927014718.125308-2-ebiggers@kernel.org/T/#u.
> > > There's also a version of it used by some Android devices already.  Out of
> > > curiosity, are you using it in an Android device, or have you adopted it in some
> > > other downstream?
> > 
> > Unrelated to Android, similar functionality, but slightly different
> > ultimate purpose. We are going to be sending a fscrypt patch series
> > for mlx5 and nvme soonish.
> 
> That's interesting, though also slightly scary in that it sounds like you've
> already shipped some major fscrypt changes without review!

Heh, says the Android guy :)

Fortunately nothing major, we are enterprise focused, we need stuff in
real distros - we know know how to do it.

> > That sounds disappointing that we are now having parallel ways for the
> > admin to manipulate kernel owned keys.
> 
> Well, the keyrings subsystem never worked properly for fscrypt anyway.  At most,
> it's only useful for providing the key to the filesystem initially (by passing a
> key ID to FS_IOC_ADD_ENCRYPTION_KEY, instead of the key bytes), similar to what
> dm-crypt allows.  After that, the keyrings subsystem plays no role.

Sure, but loading the key into the keyring should allow many different
options, including things like TPM PCR secured keys (eg like
bitlocker) - we shouldn't allow user space the ability to see the key
data at all.

Duplicating this in every subsystem makes no sense, there is a
reasonable role for the keyring to play in solving these kinds of
problems for everything.

Jason

  reply	other threads:[~2022-10-20 23:43 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-06 13:08 [PATCH v0 0/8] Hardware Bound key added to Trusted Key-Ring Pankaj Gupta
2022-10-06 13:08 ` [PATCH v0 1/8] hw-bound-key: introducing the generic structure Pankaj Gupta
2022-10-12  8:52   ` Jarkko Sakkinen
2022-10-12  8:53   ` Jarkko Sakkinen
2022-10-06 13:08 ` [PATCH v0 2/8] keys-trusted: new cmd line option added Pankaj Gupta
2022-10-06 12:37   ` Ben Boeckel
2022-10-06 13:08 ` [PATCH v0 3/8] crypto: hbk flags & info added to the tfm Pankaj Gupta
2022-10-07  6:58   ` Herbert Xu
2022-10-10 11:15     ` [EXT] " Pankaj Gupta
2022-10-10 15:15       ` Jason A. Donenfeld
2022-10-10 21:35         ` [EXT] " David Gstir
2022-10-11  9:03         ` [EXT] " Herbert Xu
2022-10-11 11:32           ` Pankaj Gupta
2022-10-11 20:01           ` Jason A. Donenfeld
2022-10-12  9:06             ` Herbert Xu
2022-10-14 19:19               ` Jason Gunthorpe
2022-10-20  4:26                 ` Eric Biggers
2022-10-20 19:23                   ` Jason Gunthorpe
2022-10-20 21:28                     ` Eric Biggers
2022-10-20 23:42                       ` Jason Gunthorpe [this message]
2022-10-11 11:05         ` Pankaj Gupta
2022-10-12  8:57   ` Jarkko Sakkinen
2022-10-06 13:08 ` [PATCH v0 4/8] sk_cipher: checking for hw bound operation Pankaj Gupta
2022-10-12  8:59   ` Jarkko Sakkinen
2022-10-06 13:08 ` [PATCH v0 5/8] keys-trusted: re-factored caam based trusted key Pankaj Gupta
2022-10-06 13:08 ` [PATCH v0 6/8] KEYS: trusted: caam based black key Pankaj Gupta
2022-10-06 12:42   ` Ben Boeckel
2022-10-06 12:52     ` James Bottomley
2022-10-06 13:08 ` [PATCH v0 7/8] caam alg: symmetric key ciphers are updated Pankaj Gupta
2022-10-12  9:01   ` Jarkko Sakkinen
2022-10-06 13:08 ` [PATCH v0 8/8] dm-crypt: consumer-app setting the flag-is_hbk Pankaj Gupta

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y1HdAmy6ZfN8f5hJ@ziepe.ca \
    --to=jgg@ziepe.ca \
    --cc=Jason@zx2c4.com \
    --cc=V.Sethi@nxp.com \
    --cc=a.fatoum@pengutronix.de \
    --cc=davem@davemloft.net \
    --cc=david@sigma-star.at \
    --cc=dhowells@redhat.com \
    --cc=ebiggers@kernel.org \
    --cc=gilad@benyossef.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=horia.geanta@nxp.com \
    --cc=j.luebbe@pengutronix.de \
    --cc=jarkko@kernel.org \
    --cc=jejb@linux.ibm.com \
    --cc=jmorris@namei.org \
    --cc=john.ernberg@actia.se \
    --cc=keyrings@vger.kernel.org \
    --cc=kshitiz.varshney@nxp.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=michael@walle.cc \
    --cc=pankaj.gupta@nxp.com \
    --cc=richard@nod.at \
    --cc=sahil.malhotra@nxp.com \
    --cc=serge@hallyn.com \
    --cc=sumit.garg@linaro.org \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).