| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 May 2022 11:52:55 -0400
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Ahmad Fatoum <a.fatoum@...gutronix.de>,
James Bottomley <jejb@...ux.ibm.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
David Howells <dhowells@...hat.com>
Cc: kernel@...gutronix.de, Sumit Garg <sumit.garg@...aro.org>,
Pankaj Gupta <pankaj.gupta@....com>,
David Gstir <david@...ma-star.at>,
Michael Walle <michael@...le.cc>,
John Ernberg <john.ernberg@...ia.se>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
Horia Geantă <horia.geanta@....com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Jan Luebbe <j.luebbe@...gutronix.de>,
Eric Biggers <ebiggers@...nel.org>,
Richard Weinberger <richard@....at>,
Franck LENORMAND <franck.lenormand@....com>,
Matthias Schiffer <matthias.schiffer@...tq-group.com>,
keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org
Subject: Re: [PATCH v10 2/7] KEYS: trusted: allow use of kernel RNG for key
material
On Fri, 2022-05-13 at 16:57 +0200, Ahmad Fatoum wrote:
> static int __init init_trusted(void)
> {
> + int (*get_random)(unsigned char *key, size_t key_len);
> int i, ret = 0;
>
> for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) {
> @@ -322,6 +333,28 @@ static int __init init_trusted(void)
> strlen(trusted_key_sources[i].name)))
> continue;
>
> + /*
> + * We always support trusted.rng="kernel" and "default" as
> + * well as trusted.rng=$trusted.source if the trust source
> + * defines its own get_random callback.
> + */
While TEE trusted keys support was upstreamed, there was a lot of
discussion about using kernel RNG. One of the concerns was lack of or
insuffiencent entropy during early boot on embedded devices. This
concern needs to be clearly documented in both Documentation/admin-
guide/kernel-parameters.txt and Documentation/security/keys/trusted-
encrypted.rst.
thanks,
Mimi
> + get_random = trusted_key_sources[i].ops->get_random;
> + if (trusted_rng && strcmp(trusted_rng, "default")) {
> + if (!strcmp(trusted_rng, "kernel")) {
> + get_random = kernel_get_random;
> + } else if (strcmp(trusted_rng, trusted_key_sources[i].name) ||
> + !get_random) {
> + pr_warn("Unsupported RNG. Supported: kernel");
> + if (get_random)
> + pr_cont(", %s", trusted_key_sources[i].name);
> + pr_cont(", default\n");
> + return -EINVAL;
> + }
> + }
> +
> + if (!get_random)
> + get_random = kernel_get_random;
> +
> static_call_update(trusted_key_init,
> trusted_key_sources[i].ops->init);
Powered by blists - more mailing lists