All of lore.kernel.org
 help / color / mirror / Atom feed
From: Richard Weinberger <richard@nod.at>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-ext4@vger.kernel.org,
	"open list:ABI/API" <linux-api@vger.kernel.org>,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fscrypt@vger.kernel.org, keyrings@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-crypto@vger.kernel.org,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	Satya Tangirala <satyat@google.com>,
	Paul Crowley <paulcrowley@google.com>
Subject: Re: [RFC PATCH v3 07/18] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Date: Fri, 22 Mar 2019 22:02:49 +0000	[thread overview]
Message-ID: <4190811.5ckf3pJJgb@blindfold> (raw)
In-Reply-To: <20190318230830.GA40545@gmail.com>

Ericm

Am Dienstag, 19. März 2019, 00:08:31 CET schrieb Eric Biggers:
> I tried using sb->s_bdi->name, but it's still "ubifs" for all UBIFS filesystems.

hmpf.
 
> Perhaps there's a way you can make ->s_id for UBIFS unique?  There are already
> existing places that log ->s_id, so perhaps you should do it anyway regardless
> of this patchset?

Yes, let me implement that.
ubifs does:
super_setup_bdi_name(sb, "ubifs_%d_%d", c->vi.ubi_num, c->vi.vol_id);

So, I try to set ->s_id also to ubifs_%d_%d.

> > > 
> > > > Note that the keyring name isn't particularly important, since the ioctls will
> > > > work regardless.  But we might as well choose something logical, since the
> > > > keyring name will still show up in /proc/keys.
> > > 
> > > I'm not done with reviewing your patches, but will it be possible to use keyctl?
> > > For the a unique name is helpful. :)
> > > 
> > 
> > Not for adding keys, removing keys, or getting a key's status -- those are what
> > the ioctls are for.
> > 
> > See e.g. the discussion in patch 7 ("fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY
> > ioctl") for why the keyrings syscalls are a poor fit for fscrypt.
> > 
> 
> Anyway, perhaps I should reconsider whether fscrypt should even use the keyrings
> subsystem at all, even just "internally", as its quirks still leak out a bit.
> I'd prefer a nice clean API without any quirks like having to name the keyrings
> and assign SELinux labels to the keys just to make the keyrings subsystem happy.

IMHO the keys subsytem is a good fit. For example for stuff like this one:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1945778.html

We use UBIFS on many embedded systems with crypto hardware.

Thanks,
//richard

WARNING: multiple messages have this Message-ID (diff)
From: Richard Weinberger <richard@nod.at>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-ext4@vger.kernel.org,
	"open list:ABI/API" <linux-api@vger.kernel.org>,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fscrypt@vger.kernel.org, keyrings@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-crypto@vger.kernel.org,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	Satya Tangirala <satyat@google.com>,
	Paul Crowley <paulcrowley@google.com>
Subject: Re: [RFC PATCH v3 07/18] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Date: Fri, 22 Mar 2019 23:02:49 +0100	[thread overview]
Message-ID: <4190811.5ckf3pJJgb@blindfold> (raw)
In-Reply-To: <20190318230830.GA40545@gmail.com>

Ericm

Am Dienstag, 19. März 2019, 00:08:31 CET schrieb Eric Biggers:
> I tried using sb->s_bdi->name, but it's still "ubifs" for all UBIFS filesystems.

hmpf.
 
> Perhaps there's a way you can make ->s_id for UBIFS unique?  There are already
> existing places that log ->s_id, so perhaps you should do it anyway regardless
> of this patchset?

Yes, let me implement that.
ubifs does:
super_setup_bdi_name(sb, "ubifs_%d_%d", c->vi.ubi_num, c->vi.vol_id);

So, I try to set ->s_id also to ubifs_%d_%d.

> > > 
> > > > Note that the keyring name isn't particularly important, since the ioctls will
> > > > work regardless.  But we might as well choose something logical, since the
> > > > keyring name will still show up in /proc/keys.
> > > 
> > > I'm not done with reviewing your patches, but will it be possible to use keyctl?
> > > For the a unique name is helpful. :)
> > > 
> > 
> > Not for adding keys, removing keys, or getting a key's status -- those are what
> > the ioctls are for.
> > 
> > See e.g. the discussion in patch 7 ("fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY
> > ioctl") for why the keyrings syscalls are a poor fit for fscrypt.
> > 
> 
> Anyway, perhaps I should reconsider whether fscrypt should even use the keyrings
> subsystem at all, even just "internally", as its quirks still leak out a bit.
> I'd prefer a nice clean API without any quirks like having to name the keyrings
> and assign SELinux labels to the keys just to make the keyrings subsystem happy.

IMHO the keys subsytem is a good fit. For example for stuff like this one:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1945778.html

We use UBIFS on many embedded systems with crypto hardware.

Thanks,
//richard

WARNING: multiple messages have this Message-ID (diff)
From: Richard Weinberger <richard@nod.at>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-fscrypt@vger.kernel.org,
	Satya Tangirala <satyat@google.com>,
	"open list:ABI/API" <linux-api@vger.kernel.org>,
	linux-f2fs-devel@lists.sourceforge.net, keyrings@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-crypto@vger.kernel.org,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	linux-ext4@vger.kernel.org, Paul Crowley <paulcrowley@google.com>
Subject: Re: [RFC PATCH v3 07/18] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Date: Fri, 22 Mar 2019 23:02:49 +0100	[thread overview]
Message-ID: <4190811.5ckf3pJJgb@blindfold> (raw)
In-Reply-To: <20190318230830.GA40545@gmail.com>

Ericm

Am Dienstag, 19. März 2019, 00:08:31 CET schrieb Eric Biggers:
> I tried using sb->s_bdi->name, but it's still "ubifs" for all UBIFS filesystems.

hmpf.
 
> Perhaps there's a way you can make ->s_id for UBIFS unique?  There are already
> existing places that log ->s_id, so perhaps you should do it anyway regardless
> of this patchset?

Yes, let me implement that.
ubifs does:
super_setup_bdi_name(sb, "ubifs_%d_%d", c->vi.ubi_num, c->vi.vol_id);

So, I try to set ->s_id also to ubifs_%d_%d.

> > > 
> > > > Note that the keyring name isn't particularly important, since the ioctls will
> > > > work regardless.  But we might as well choose something logical, since the
> > > > keyring name will still show up in /proc/keys.
> > > 
> > > I'm not done with reviewing your patches, but will it be possible to use keyctl?
> > > For the a unique name is helpful. :)
> > > 
> > 
> > Not for adding keys, removing keys, or getting a key's status -- those are what
> > the ioctls are for.
> > 
> > See e.g. the discussion in patch 7 ("fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY
> > ioctl") for why the keyrings syscalls are a poor fit for fscrypt.
> > 
> 
> Anyway, perhaps I should reconsider whether fscrypt should even use the keyrings
> subsystem at all, even just "internally", as its quirks still leak out a bit.
> I'd prefer a nice clean API without any quirks like having to name the keyrings
> and assign SELinux labels to the keys just to make the keyrings subsystem happy.

IMHO the keys subsytem is a good fit. For example for stuff like this one:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1945778.html

We use UBIFS on many embedded systems with crypto hardware.

Thanks,
//richard



WARNING: multiple messages have this Message-ID (diff)
From: Richard Weinberger <richard@nod.at>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-ext4@vger.kernel.org,
	"open list:ABI/API" <linux-api@vger.kernel.org>,
	linux-f2fs-devel@lists.sourceforge.net,
	linux-fscrypt@vger.kernel.org, keyrings@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-crypto@vger.kernel.org,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	Satya Tangirala <satyat@google.com>,
	Paul Crowley <paulcrowley@google.com>
Subject: Re: [RFC PATCH v3 07/18] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
Date: Fri, 22 Mar 2019 23:02:49 +0100	[thread overview]
Message-ID: <4190811.5ckf3pJJgb@blindfold> (raw)
In-Reply-To: <20190318230830.GA40545@gmail.com>

Ericm

Am Dienstag, 19. März 2019, 00:08:31 CET schrieb Eric Biggers:
> I tried using sb->s_bdi->name, but it's still "ubifs" for all UBIFS filesystems.

hmpf.
 
> Perhaps there's a way you can make ->s_id for UBIFS unique?  There are already
> existing places that log ->s_id, so perhaps you should do it anyway regardless
> of this patchset?

Yes, let me implement that.
ubifs does:
super_setup_bdi_name(sb, "ubifs_%d_%d", c->vi.ubi_num, c->vi.vol_id);

So, I try to set ->s_id also to ubifs_%d_%d.

> > > 
> > > > Note that the keyring name isn't particularly important, since the ioctls will
> > > > work regardless.  But we might as well choose something logical, since the
> > > > keyring name will still show up in /proc/keys.
> > > 
> > > I'm not done with reviewing your patches, but will it be possible to use keyctl?
> > > For the a unique name is helpful. :)
> > > 
> > 
> > Not for adding keys, removing keys, or getting a key's status -- those are what
> > the ioctls are for.
> > 
> > See e.g. the discussion in patch 7 ("fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY
> > ioctl") for why the keyrings syscalls are a poor fit for fscrypt.
> > 
> 
> Anyway, perhaps I should reconsider whether fscrypt should even use the keyrings
> subsystem at all, even just "internally", as its quirks still leak out a bit.
> I'd prefer a nice clean API without any quirks like having to name the keyrings
> and assign SELinux labels to the keys just to make the keyrings subsystem happy.

IMHO the keys subsytem is a good fit. For example for stuff like this one:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1945778.html

We use UBIFS on many embedded systems with crypto hardware.

Thanks,
//richard



______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

  reply	other threads:[~2019-03-22 22:02 UTC|newest]

Thread overview: 126+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-20  6:52 [RFC PATCH v3 00/18] fscrypt: key management improvements Eric Biggers
2019-02-20  6:52 ` Eric Biggers
2019-02-20  6:52 ` Eric Biggers
2019-02-20  6:52 ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 01/18] fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h> Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 02/18] fscrypt: use FSCRYPT_ prefix for uapi constants Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 03/18] fscrypt: use FSCRYPT_* definitions, not FS_* Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 04/18] fs: add ->s_master_keys to struct super_block Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20 23:19   ` Richard Weinberger
2019-02-20 23:19     ` Richard Weinberger
2019-02-20 23:19     ` Richard Weinberger
2019-02-20 23:19     ` Richard Weinberger
2019-02-20  6:52 ` [RFC PATCH v3 05/18] fscrypt: add ->ci_inode to fscrypt_info Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 06/18] fscrypt: refactor v1 policy key setup into keysetup_legacy.c Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 07/18] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20 23:52   ` Richard Weinberger
2019-02-20 23:52     ` Richard Weinberger
2019-02-20 23:52     ` Richard Weinberger
2019-02-20 23:52     ` Richard Weinberger
2019-02-21  5:49     ` Eric Biggers
2019-02-21  5:49       ` Eric Biggers
2019-02-21  5:49       ` Eric Biggers
2019-02-21  9:33       ` Richard Weinberger
2019-02-21  9:33         ` Richard Weinberger
2019-02-21  9:33         ` Richard Weinberger
2019-02-21 18:42         ` Eric Biggers
2019-02-21 18:42           ` Eric Biggers
2019-02-21 18:42           ` Eric Biggers
2019-02-21 18:42           ` Eric Biggers
2019-03-18 23:08           ` Eric Biggers
2019-03-18 23:08             ` Eric Biggers
2019-03-18 23:08             ` [f2fs-dev] " Eric Biggers
2019-03-18 23:08             ` Eric Biggers
2019-03-18 23:08             ` Eric Biggers
2019-03-22 22:02             ` Richard Weinberger [this message]
2019-03-22 22:02               ` Richard Weinberger
2019-03-22 22:02               ` Richard Weinberger
2019-03-22 22:02               ` Richard Weinberger
2019-02-20  6:52 ` [RFC PATCH v3 08/18] fs/dcache.c: add shrink_dcache_inode() Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 09/18] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 10/18] fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 11/18] fscrypt: add an HKDF-SHA512 implementation Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 12/18] fscrypt: v2 encryption policy support Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 13/18] fscrypt: allow unprivileged users to add/remove keys for v2 policies Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 14/18] fscrypt: require that key be added when setting a v2 encryption policy Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 15/18] ext4: wire up new fscrypt ioctls Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` [f2fs-dev] " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 16/18] f2fs: " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 17/18] ubifs: " Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52 ` [RFC PATCH v3 18/18] fscrypt: document the new ioctls and policy version Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  6:52   ` Eric Biggers
2019-02-20  7:18 ` [RFC PATCH v3 00/18] fscrypt: key management improvements Andreas Dilger
2019-02-20  7:18   ` Andreas Dilger
2019-02-20  7:18   ` Andreas Dilger
2019-02-20  7:54   ` Eric Biggers
2019-02-20  7:54     ` [f2fs-dev] " Eric Biggers
2019-02-20  7:54     ` Eric Biggers
2019-02-20  7:54     ` Eric Biggers
2019-02-20 18:07 ` David Howells
2019-02-20 18:07   ` David Howells
2019-02-20 18:07   ` David Howells
2019-02-20 18:07   ` David Howells
2019-02-20 18:36   ` Eric Biggers
2019-02-20 18:36     ` Eric Biggers
2019-02-20 18:36     ` Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4190811.5ckf3pJJgb@blindfold \
    --to=richard@nod.at \
    --cc=ebiggers@kernel.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-f2fs-devel@lists.sourceforge.net \
    --cc=linux-fscrypt@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-mtd@lists.infradead.org \
    --cc=paulcrowley@google.com \
    --cc=satyat@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.