From: Eric Biggers <ebiggers@kernel.org>
To: Tyler Hicks <code@tyhicks.com>
Cc: Brian Kubisiak <brian.kubisiak@gmail.com>, ecryptfs@vger.kernel.org
Subject: Re: [PATCH] ecryptfs: add mount option for specifying cipher driver.
Date: Wed, 19 Feb 2020 09:49:53 -0800 [thread overview]
Message-ID: <20200219174953.GA2312@sol.localdomain> (raw)
In-Reply-To: <20200219163050.GA354535@elm>
On Wed, Feb 19, 2020 at 10:30:50AM -0600, Tyler Hicks wrote:
> On 2020-02-18 17:42:18, Brian Kubisiak wrote:
> > Hi Tyler,
> >
> > > Can you elaborate some on the use case you have?
> >
> > On many modern embedded SoCs, there are multiple implementations of the same
> > crypto algorithm---usually a CPU-based implementation using ISA extensions and a
> > "security engine" implementation that implements crypto primitives on dedicated
> > silicon. There are a few tradeoffs involved (performance, CPU overhead,
> > resistance to side-channels attacks, etc), so it is not always clear which
> > implementation is best.
> >
> > An SoC that I've been working on has both the CPU implementation and the
> > security engine implementation of the cbc(aes) algorithm at the same priority,
> > so the one picked to perform the encryption for a given ecryptfs mount is
> > somewhat random.
>
> Have you looked into the possibility of increasing the priority of the
> implementation that you prefer on your SoC?
>
> If that's not feasible, have you considered blacklisting the module
> providing the implementation that you don't prefer?
>
> > My intention with this patch is to be able to select which
> > implementation gets used for the mount using the
> > ecryptfs_cipher_driver option instead of having the kernel pick.
>
> I don't think allowing users to specify a cipher driver is a good idea.
> eCryptfs has always assumed that the crypto subsystem knows best about
> the ideal implementation of "cbc(aes)" and I believe that this is how
> the crypto subsystem expects eCryptfs to make use of their API.
>
> In addition to the design objection above, I'm worried about users
> shooting themselves in the foot with this mount option. For example,
> "ecryptfs_cipher_driver=ecb_aes_aesni" and
> "ecryptfs_cipher_driver=xts_aes_aesni" are accepted. eCryptfs is only
> implemented to operated in a (modified) CBC mode and letting users force
> their way into using anything else is dangerous/insecure.
>
> Lets see if we can address your problem in the crypto subsystem (or with
> the module blacklist) rather than creating this amount of flexibility in
> eCryptfs.
>
> Tyler
CRYPTO_MSG_UPDATEALG in the crypto_user configuration API can be used to change
the priority of a crypto algorithm at runtime. It would need to be done before
mounting eCryptfs.
- Eric
next prev parent reply other threads:[~2020-02-19 17:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-10 15:39 [PATCH] ecryptfs: add mount option for specifying cipher driver Brian Kubisiak
2020-02-16 1:07 ` Tyler Hicks
2020-02-19 1:42 ` Brian Kubisiak
2020-02-19 16:30 ` Tyler Hicks
2020-02-19 17:49 ` Eric Biggers [this message]
2020-02-20 18:44 ` Brian Kubisiak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200219174953.GA2312@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=brian.kubisiak@gmail.com \
--cc=code@tyhicks.com \
--cc=ecryptfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.