Re: [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption

linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: joeyli <jlee@suse.com>
To: Yu Chen <yu.c.chen@intel.com>
Cc: Oliver Neukum <oneukum@suse.com>, Pavel Machek <pavel@ucw.cz>,
	"Rafael J . Wysocki" <rafael.j.wysocki@intel.com>,
	Eric Biggers <ebiggers@google.com>, Theodore Ts o <tytso@mit.edu>,
	Stephan Mueller <smueller@chronox.de>,
	Denis Kenzior <denkenz@gmail.com>,
	linux-pm@vger.kernel.org, linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org, "Gu, Kookoo" <kookoo.gu@intel.com>,
	"Zhang, Rui" <rui.zhang@intel.com>
Subject: Re: [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption
Date: Fri, 3 Aug 2018 13:34:45 +0800	[thread overview]
Message-ID: <20180803053445.GC4244@linux-l9pv.suse> (raw)
In-Reply-To: <20180803033702.GB416@sandybridge-desktop>

On Fri, Aug 03, 2018 at 11:37:02AM +0800, Yu Chen wrote:
> Hi Joey,
> On Tue, Jul 31, 2018 at 01:04:15AM +0800, joeyli wrote:
> > Hi all,
> > 
> > On Thu, Jul 26, 2018 at 04:14:04PM +0800, joeyli wrote:
> > > On Thu, Jul 26, 2018 at 09:30:46AM +0200, Oliver Neukum wrote:
> > > > On Di, 2018-07-24 at 00:23 +0800, Yu Chen wrote:
> > > > > 
> > > > > Good point, we once tried to generate key in kernel, but people
> > > > > suggest to generate key in userspace and provide it to the
> > > > > kernel, which is what ecryptfs do currently, so it seems this
> > > > > should also be safe for encryption in kernel.
> > > > > https://www.spinics.net/lists/linux-crypto/msg33145.html
> > > > > Thus Chun-Yi's signature can use EFI key and both the key from
> > > > > user space.
> > > > 
> > > > Hi,
> > > > 
> > > > ecryptfs can trust user space. It is supposed to keep data
> > > > safe while the system is inoperative. The whole point of Secure
> > > > Boot is a cryptographic system of trust that does not include
> > > > user space.
> > > > 
> > > > I seriously doubt we want to use trusted computing here. So the
> > > > key needs to be generated in kernel space and stored in a safe
> > > > manner. As we have a saolution doing that, can we come to ausable
> > > > synthesis?
> > > > 
> > > > 	Regards
> > > > 		Oliver
> > > 
> > > Crurently there have two solutions, they are trusted key and EFI key.
> > > Both of them are generated in kernel and are not visible in user space.
> > > 
> > > The trusted key is generated by kernel then sealed by the TPM's
> > > SRK. So the trusted key can be stored in anywhere then be enrolled
> > > to kernel when we need it. EVM already uses it.
> > > 
> > > The EFI key is Jiri Kosina's idea. It is stored in boot services
> > > variable, which means that it can only be access by signed EFI binary
> > > (e.g. signed EFI boot stub) when secure boot be enabled. SLE applied
> > > this solution a couple of years.
> > > 
> > > I am working on put the EFI key to key retention service. Then
> > > EFI key can be a master key of encrypted key. EVM can also use
> > > it: 
> > > https://github.com/joeyli/linux-s4sign/commit/bae39460393ada4c0226dd07cd5e3afcef86b71f
> > > https://github.com/joeyli/linux-s4sign/commit/f552f97cc3cca5acd84f424b7f946ffb5fe8e9ec
> > > 
> > > That's why I want to use key retention service in hibernation
> > > encryption/authentication. Which means that we can use key
> > > API to access trusted key and EFI key.  
> > >
> > 
> > Here is a proof of concept for using the key retention service
> > to encrypt/sign snapshot image. It's using EFI key now, I will
> > add encrypted key support in the key handler later:
> >     https://github.com/joeyli/linux-s4sign/commit/6311e97038974bc5de8121769fb4d34470009566 
> > 
> Thanks for the work, I have two questions here:

My EFI key patch set is almost done. I will send it soon.

> 1. Could you please describe a little more about the scenario on
>    how the user could use the secret key for hibernation encryption?
>    A requirement is that, the user should provide a passphrase(for key derivation, i.e.)
>    during resume. I was thinking how user could interact with
>    the security key mechanism here.
>

User space doesn't need to involve. The EFI root key is generated by
EFI boot stub and be transfer to kernel. It's stored in EFI boot service
variable that it can only be accessed by trusted EFI binary when
secure boot is enabled.

> 2. The generation of secret key in EFI boot environment is
>    using a non standard derivation method in generate_secret_key(),
>    I'm not sure if this is safe enough. This is why we tried to put
>    PBKDF2 into kernel at first and leave it to the user space then.
> 

Thank you for point out. 

The generate_secret_key() reuse the logic in kaslr_get_random_long()
that it produces random seed by RDRAND, RDTSC and i8254. It doesn't
standard like PBKDF2, but we do not have too many choices in the
early boot stage. At least KASLR is using the same logic.

We can relay on user space helper. But the helper must be authenticated
by kernel. Currently we do not have kernel mechanism to verity user
space process.

Regards
Joey Lee

next prev parent reply	other threads:[~2018-08-03  5:34 UTC|newest]

Thread overview: 53+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-18 16:38 [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption Chen Yu
2018-07-18 16:39 ` [PATCH 1/4][RFC v2] PM / Hibernate: Add helper functions for " Chen Yu
2018-07-18 16:39 ` [PATCH 2/4][RFC v2] PM / hibernate: Install crypto hooks " Chen Yu
2018-07-18 16:40 ` [PATCH 4/4][RFC v2] tools: create power/crypto utility Chen Yu
2018-07-18 20:22 ` [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption Pavel Machek
2018-07-18 23:58   ` Yu Chen
2018-07-19 11:01     ` Pavel Machek
2018-07-19 13:20       ` Yu Chen
2018-07-20 10:25         ` Pavel Machek
2018-07-23 11:42           ` Oliver Neukum
2018-07-23 12:22             ` Pavel Machek
2018-07-23 16:38               ` Yu Chen
2018-07-24 12:05                 ` Pavel Machek
2018-07-24 11:49               ` Oliver Neukum
2018-07-24 13:04                 ` Pavel Machek
2018-07-23 16:23             ` Yu Chen
2018-07-24 11:40               ` Oliver Neukum
2018-07-24 12:01               ` Pavel Machek
2018-07-24 12:47                 ` Oliver Neukum
2018-07-24 13:03                   ` Pavel Machek
2018-07-24 13:01                     ` Oliver Neukum
2018-07-26  7:30               ` Oliver Neukum
2018-07-26  8:14                 ` joeyli
2018-07-30 17:04                   ` joeyli
2018-08-03  3:37                     ` Yu Chen
2018-08-03  5:34                       ` joeyli [this message]
2018-08-03 13:14                         ` Ryan Chen
2018-08-03 14:05                           ` joeyli
2018-08-03 16:09                             ` Ryan Chen
2018-08-03 18:06                               ` joeyli
2018-08-05 10:02                           ` Pavel Machek
2018-08-06  8:45                             ` Yu Chen
2018-08-06 10:39                               ` joeyli
2018-08-07  7:43                                 ` Yu Chen
2018-08-07 16:27                                   ` joeyli
2018-08-08 17:58                                 ` Pavel Machek
2018-08-09  3:43                                   ` Yu Chen
2018-08-09  8:12                                     ` joeyli
2018-08-08 17:50                               ` Pavel Machek
2018-08-09  3:01                                 ` Yu Chen
2018-08-09  6:53                                   ` Pavel Machek
2018-08-09  9:03                                   ` Oliver Neukum
2018-08-09 15:55                                   ` joeyli
2018-08-06  7:57                 ` Yu Chen
2018-08-06  9:48                   ` joeyli
2018-08-06 10:07                     ` Yu Chen
2018-08-06 10:20                   ` Oliver Neukum
2018-08-07  7:38                     ` Yu Chen
2018-08-07  7:49                       ` Ryan Chen
2018-08-07 10:04                       ` Oliver Neukum
2018-07-24 14:47             ` joeyli
2018-07-19 14:58       ` joeyli
     [not found] ` <edf92acf665b928f02104bb1835fd50723ab9980.1531924968.git.yu.c.chen@intel.com>
2018-07-19  5:32   ` [PATCH 3/4][RFC v2] PM / Hibernate: Encrypt the snapshot pages before submitted to the block device Yu Chen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180803053445.GC4244@linux-l9pv.suse \
    --to=jlee@suse.com \
    --cc=denkenz@gmail.com \
    --cc=ebiggers@google.com \
    --cc=kookoo.gu@intel.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pm@vger.kernel.org \
    --cc=oneukum@suse.com \
    --cc=pavel@ucw.cz \
    --cc=rafael.j.wysocki@intel.com \
    --cc=rui.zhang@intel.com \
    --cc=smueller@chronox.de \
    --cc=tytso@mit.edu \
    --cc=yu.c.chen@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).