Re: [PATCH v10 2/7] KEYS: trusted: allow use of kernel RNG for key material

[Mimi Zohar <zohar@linux.ibm.com>]

On Tue, 2022-05-17 at 20:30 +0200, Jason A. Donenfeld wrote:
> Hi Mimi,
> 
> On Tue, May 17, 2022 at 02:21:08PM -0400, Mimi Zohar wrote:
> > On Tue, 2022-05-17 at 19:38 +0200, Jason A. Donenfeld wrote:
> > > On Tue, May 17, 2022 at 11:52:55AM -0400, Mimi Zohar wrote:
> > > > On Fri, 2022-05-13 at 16:57 +0200, Ahmad Fatoum wrote:
> > > > >  static int __init init_trusted(void)
> > > > >  {
> > > > > +       int (*get_random)(unsigned char *key, size_t key_len);
> > > > >         int i, ret = 0;
> > > > >  
> > > > >         for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) {
> > > > > @@ -322,6 +333,28 @@ static int __init init_trusted(void)
> > > > >                             strlen(trusted_key_sources[i].name)))
> > > > >                         continue;
> > > > >  
> > > > > +               /*
> > > > > +                * We always support trusted.rng="kernel" and "default" as
> > > > > +                * well as trusted.rng=$trusted.source if the trust source
> > > > > +                * defines its own get_random callback.
> > > > > +                */
> > > >  
> > > > While TEE trusted keys support was upstreamed, there was a lot of
> > > > discussion about using kernel RNG.  One of the concerns was lack of or
> > > > insuffiencent entropy during early boot on embedded devices.  This
> > > > concern needs to be clearly documented in both Documentation/admin-
> > > > guide/kernel-parameters.txt and Documentation/security/keys/trusted-
> > > > encrypted.rst.
> > > 
> > > Sounds like FUD. Use `get_random_bytes_wait()`, and you'll be fine.
> > 
> > As per the original discussion, there's also certification requirements
> > [1].
> 
> As per countless conversations on this mailing list -- which I really
> really really hope you will not attempt to drown me in again -- I'm not
> too keen on the certification requirements. Let's just leave that
> conversation there.
> 
> There *is* a cryptographic design reason why you might want certain keys
> generated on a TPM rather than in the kernel though: so that the keys
> can be marked as unexportable and never leave the hardware. In that case
> -- I assume -- the kernel just operates on a handle to the key, rather
> than possessing the key material itself. And this is probably a good
> thing. (On the other hand, people who think the TPM might be backdoored
> may prefer the kernel's open source RNG, which in theory is in a
> position to aggregate entropy from many sources, so that one being
> backdoored isn't a problem. So maybe that's the purpose of having this
> switch?)
> 
> So to the extent that this driver (I haven't looked deeply at it) is
> doing the thing where a TPM generates the key and just returns a
> handle to it, that sounds good. But if actually you're implementing some
> wrapper around a hardware rng, it'd be convenient if there was instead a
> hw_random driver for this, so it can be one of the many sources that the
> kernel rng aggregates.
> 
> Apologies in advance if I've missed the mark here; I'm not very familiar
> with this thread or what it's driving at. If the simple question was
> just "is get_random_bytes_wait() good to use?" the answer is just "yes"
> and I can disappear and stop confusing things. :)

My apologies for your having been brought into this discussion without
having properly reviewed and summarized the previous thread.   As you
saw there is a long history.

Jarrko, Ahmad,  "Trusted" keys, by definition, are based on the TPM
RNG.  If CAAM trusted key support wants to use kernel RNG by default,
that's fine.  However defining and allowing a boot command line option
to use kernel RNG instead of the TPM RNG, needs to be configurable.

thanks,

Mimi