lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1c6a5ce2564c29a06eca255072a379351a5fc026.camel@linux.ibm.com>
Date:   Tue, 17 May 2022 11:52:55 -0400
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Ahmad Fatoum <a.fatoum@...gutronix.de>,
        James Bottomley <jejb@...ux.ibm.com>,
        Jarkko Sakkinen <jarkko@...nel.org>,
        David Howells <dhowells@...hat.com>
Cc:     kernel@...gutronix.de, Sumit Garg <sumit.garg@...aro.org>,
        Pankaj Gupta <pankaj.gupta@....com>,
        David Gstir <david@...ma-star.at>,
        Michael Walle <michael@...le.cc>,
        John Ernberg <john.ernberg@...ia.se>,
        James Morris <jmorris@...ei.org>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Horia Geantă <horia.geanta@....com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        Jan Luebbe <j.luebbe@...gutronix.de>,
        Eric Biggers <ebiggers@...nel.org>,
        Richard Weinberger <richard@....at>,
        Franck LENORMAND <franck.lenormand@....com>,
        Matthias Schiffer <matthias.schiffer@...tq-group.com>,
        keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
        linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH v10 2/7] KEYS: trusted: allow use of kernel RNG for key
 material

On Fri, 2022-05-13 at 16:57 +0200, Ahmad Fatoum wrote:
>  static int __init init_trusted(void)
>  {
> +       int (*get_random)(unsigned char *key, size_t key_len);
>         int i, ret = 0;
>  
>         for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) {
> @@ -322,6 +333,28 @@ static int __init init_trusted(void)
>                             strlen(trusted_key_sources[i].name)))
>                         continue;
>  
> +               /*
> +                * We always support trusted.rng="kernel" and "default" as
> +                * well as trusted.rng=$trusted.source if the trust source
> +                * defines its own get_random callback.
> +                */
 
While TEE trusted keys support was upstreamed, there was a lot of
discussion about using kernel RNG.  One of the concerns was lack of or
insuffiencent entropy during early boot on embedded devices.  This
concern needs to be clearly documented in both Documentation/admin-
guide/kernel-parameters.txt and Documentation/security/keys/trusted-
encrypted.rst.

thanks,

Mimi

> +               get_random = trusted_key_sources[i].ops->get_random;
> +               if (trusted_rng && strcmp(trusted_rng, "default")) {
> +                       if (!strcmp(trusted_rng, "kernel")) {
> +                               get_random = kernel_get_random;
> +                       } else if (strcmp(trusted_rng, trusted_key_sources[i].name) ||
> +                                  !get_random) {
> +                               pr_warn("Unsupported RNG. Supported: kernel");
> +                               if (get_random)
> +                                       pr_cont(", %s", trusted_key_sources[i].name);
> +                               pr_cont(", default\n");
> +                               return -EINVAL;
> +                       }
> +               }
> +
> +               if (!get_random)
> +                       get_random = kernel_get_random;
> +
>                 static_call_update(trusted_key_init,
>                                    trusted_key_sources[i].ops->init);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ