Re: [RFC][PATCH 00/10] KEYS: Introduce user asymmetric keys and signatures

[Roberto Sassu <roberto.sassu@huaweicloud.com>]

On Thu, 2023-07-06 at 16:27 -0700, Alexei Starovoitov wrote:
> On Thu, Jul 06, 2023 at 04:42:13PM +0200, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@huawei.com>
> > 
> > Define a new TLV-based format for keys and signatures, aiming to store and
> > use in the kernel the crypto material from other unsupported formats
> > (e.g. PGP).
> > 
> > TLV fields have been defined to fill the corresponding kernel structures
> > public_key, public_key_signature and key_preparsed_payload.
> > 
> > Keys:
> >                 struct public_key {     struct key_preparsed_payload {
> > KEY_PUB       -->  void *key;
> >                    u32 keylen;         --> prep->payload.data[asym_crypto]
> > KEY_ALGO      -->  const char *pkey_algo;
> > KEY_KID0
> > KEY_KID1                               --> prep->payload.data[asym_key_ids]
> > KEY_KID2  
> > KEY_DESC                               --> prep->description
> > 
> > 
> > Signatures:
> >                 struct public_key_signature {
> > SIG_S         -->  u8 *s;
> >                    u32 s_size;
> > SIG_KEY_ALGO  -->  const char *pkey_algo;
> > SIG_HASH_ALGO -->  const char *hash_algo;
> >                    u32 digest_size;
> > SIG_ENC       -->  const char *encoding;   
> > SIG_KID0
> > SIG_KID1      -->  struct asymmetric_key_id *auth_ids[3];
> > SIG_KID2  
> > 
> > 
> > For keys, since the format conversion has to be done in user space, user
> > space is assumed to be trusted, in this proposal. Without this assumption,
> > a malicious conversion tool could make a user load to the kernel a
> > different key than the one expected.
> > 
> > That should not be a particular problem for keys that are embedded in the
> > kernel image and loaded at boot, since the conversion happens in a trusted
> > environment such as the building infrastructure of the Linux distribution
> > vendor.
> > 
> > In the other cases, such as enrolling a key through the Machine Owner Key
> > (MOK) mechanism, the user is responsible to ensure that the crypto material
> > carried in the original format remains the same after the conversion.
> > 
> > For signatures, assuming the strength of the crypto algorithms, altering
> > the crypto material is simply a Denial-of-Service (DoS), as data can be
> > validated only with the right signature.
> > 
> > 
> > This patch set also offers the following contributions:
> > 
> > - An API similar to the PKCS#7 one, to verify the authenticity of system
> >   data through user asymmetric keys and signatures
> > 
> > - A mechanism to store a keyring blob in the kernel image and to extract
> >   and load the keys at system boot
> >   
> > - eBPF binding, so that data authenticity verification with user asymmetric
> >   keys and signatures can be carried out also with eBPF programs
> 
> Nack to bpf bits.

Sure, no problem. Will remove them in the next iteration.

> You've convinced us that bpf_verify_pkcs7_signature() is what you need.
> Yet, 9 month later there are no users of it and you came back with this new
> bpf_verify_uasym_signature() helper that practically not much different.
> 
> Instead of brand new "public key info" format sign your rpms via
> existing pkcs7 mechanism and verify with bpf_verify_pkcs7_signature().

Asking Linux distribution vendors to execute gpg in their kernel build,
or asking them to revisit their PKI, rebuild all their packages, and
adapting all their tools dealing with the current mechanism?

Which solution do you think it is better?

Thanks

Roberto