Re: [PATCH] RFC: user-mode extensible trusted key support

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: janne.karhunen@gmail.com
Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
	dhowells@redhat.com
Subject: Re: [PATCH] RFC: user-mode extensible trusted key support
Date: Wed, 27 Feb 2019 13:07:30 +0000	[thread overview]
Message-ID: <20190227130730.GA12394@linux.intel.com> (raw)
In-Reply-To: <20190211173033.2493-1-Janne.Karhunen@gmail.com>

On Mon, Feb 11, 2019 at 07:30:33PM +0200, janne.karhunen@gmail.com wrote:
> From: Janne Karhunen <Janne.Karhunen@gmail.com>
> 
> Current kernel key subsystem only supports tpm to implement
> trusted keys. This is fine, but the tpm is poorly supported
> in the embedded world that primarily use custom trust roots,
> TEEs or even white box crypto. Problem with these setups is
> that they are extremely diverse, complex, proprietary and
> in some cases for valid reasons (white box).
> 
> This patch provides trial plumbing to enable declaration
> of new trust sources via tiny user mode helpers baked as
> part of the kernel image. If the hardware based trust source
> is available, the provided um helper can read the given
> device node and act as a translator for the kernel key
> requests and the actual device node can be kept out of the
> 'regular' userland. In the case of white box crypto, the
> um helper is free to perform any sort of software magic
> required to mangle the keys within the kernel keyring.
> 
> The kernel built-in usermode helper key operations are made
> available via new key type named 'ext-trusted' that is
> compatible with the existing userland utilities:
> keyctl add ext-trusted foo "new_umh 32" @u
> keyctl pipe `keyctl search @u ext-trusted foo` > foo.key
> keyctl add ext-trusted bar "load `cat foo.key`" @u
> ...
> 
> Signed-off-by: Janne Karhunen <Janne.Karhunen@gmail.com>
> Reviewed-by: Pekka Honkanen <Pekka.Honkanen@aalto.fi>

I guess this misses an actual workload to look at.

/Jarkko

WARNING: multiple messages have this Message-ID (diff)

From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: janne.karhunen@gmail.com
Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
	dhowells@redhat.com
Subject: Re: [PATCH] RFC: user-mode extensible trusted key support
Date: Wed, 27 Feb 2019 15:07:30 +0200	[thread overview]
Message-ID: <20190227130730.GA12394@linux.intel.com> (raw)
In-Reply-To: <20190211173033.2493-1-Janne.Karhunen@gmail.com>

On Mon, Feb 11, 2019 at 07:30:33PM +0200, janne.karhunen@gmail.com wrote:
> From: Janne Karhunen <Janne.Karhunen@gmail.com>
> 
> Current kernel key subsystem only supports tpm to implement
> trusted keys. This is fine, but the tpm is poorly supported
> in the embedded world that primarily use custom trust roots,
> TEEs or even white box crypto. Problem with these setups is
> that they are extremely diverse, complex, proprietary and
> in some cases for valid reasons (white box).
> 
> This patch provides trial plumbing to enable declaration
> of new trust sources via tiny user mode helpers baked as
> part of the kernel image. If the hardware based trust source
> is available, the provided um helper can read the given
> device node and act as a translator for the kernel key
> requests and the actual device node can be kept out of the
> 'regular' userland. In the case of white box crypto, the
> um helper is free to perform any sort of software magic
> required to mangle the keys within the kernel keyring.
> 
> The kernel built-in usermode helper key operations are made
> available via new key type named 'ext-trusted' that is
> compatible with the existing userland utilities:
> keyctl add ext-trusted foo "new_umh 32" @u
> keyctl pipe `keyctl search @u ext-trusted foo` > foo.key
> keyctl add ext-trusted bar "load `cat foo.key`" @u
> ...
> 
> Signed-off-by: Janne Karhunen <Janne.Karhunen@gmail.com>
> Reviewed-by: Pekka Honkanen <Pekka.Honkanen@aalto.fi>

I guess this misses an actual workload to look at.

/Jarkko

next prev parent reply	other threads:[~2019-02-27 13:07 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-11 17:30 [PATCH] RFC: user-mode extensible trusted key support janne.karhunen
2019-02-11 17:30 ` janne.karhunen
2019-02-27 13:07 ` Jarkko Sakkinen [this message]
2019-02-27 13:07   ` Jarkko Sakkinen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190227130730.GA12394@linux.intel.com \
    --to=jarkko.sakkinen@linux.intel.com \
    --cc=dhowells@redhat.com \
    --cc=janne.karhunen@gmail.com \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.