From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
Andy Lutomirski <luto@kernel.org>,
Greg KH <gregkh@linuxfoundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
kernel-hardening@lists.openwall.com,
Eric Biggers <ebiggers@google.com>
Subject: Re: [PATCH v3] security/keys: rewrite big_key crypto to use library interface
Date: Tue, 12 May 2020 20:33:11 -0600 [thread overview]
Message-ID: <CAHmME9r4Pag4ML-GVaKHFTZ_T_unhWg1LxVuEk6wKp006ZAFXg@mail.gmail.com> (raw)
In-Reply-To: <2858489.1589321003@warthog.procyon.org.uk>
On Tue, May 12, 2020 at 4:03 PM David Howells <dhowells@redhat.com> wrote:
>
> Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> > So long as that ->update function:
> > 1. Deletes the old on-disk data.
> > 2. Deletes the old key from the inode.
> > 3. Generates a new key using get_random_bytes.
> > 4. Stores that new key in the inode.
> > 5. Encrypts the updated data afresh with the new key.
> > 6. Puts the updated data onto disk,
> >
> > then this is fine with me, and feel free to have my Acked-by if you
> > want. But if it doesn't do that -- i.e. if it tries to reuse the old
> > key or similar -- then this isn't fine. But it sounds like from what
> > you've described that things are actually fine, in which case, I guess
> > it makes sense to apply your patch ontop of mine and commit these.
>
> Yep. It calls big_key_destroy(), which clears away the old stuff just as when
> a key is being destroyed, then generic_key_instantiate() just as when a key is
> being set up.
>
> The key ID and the key metadata (ownership, perms, expiry) are maintained, but
> the payload is just completely replaced.
Okay, in that case, take my:
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
And then perhaps you can take both my patch and your addendum into keys-next.
Jason
prev parent reply other threads:[~2020-05-13 2:33 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAHmME9oXiTmVuOYmG=K3ijWK+zP2yB9a2CFjbLx_5fkDiH30Tg@mail.gmail.com>
2020-05-11 21:51 ` [PATCH v3] security/keys: rewrite big_key crypto to use library interface Jason A. Donenfeld
2020-05-12 13:17 ` David Howells
2020-05-12 21:38 ` Jason A. Donenfeld
2020-05-12 22:03 ` David Howells
2020-05-13 2:33 ` Jason A. Donenfeld [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHmME9r4Pag4ML-GVaKHFTZ_T_unhWg1LxVuEk6wKp006ZAFXg@mail.gmail.com \
--to=jason@zx2c4.com \
--cc=dhowells@redhat.com \
--cc=ebiggers@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).