Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751638AbbESUEp (ORCPT ); Tue, 19 May 2015 16:04:45 -0400 Received: from bombadil.infradead.org ([198.137.202.9]:58099 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751136AbbESUEo (ORCPT ); Tue, 19 May 2015 16:04:44 -0400 Message-ID: <1432065873.3277.84.camel@infradead.org> Subject: Re: [PATCH 10/8] modsign: Allow password to be specified for signing key From: David Woodhouse To: Mimi Zohar Cc: David Howells , rusty@rustcorp.com.au, mmarek@suse.cz, mjg59@srcf.ucam.org, keyrings@linux-nfs.org, dmitry.kasatkin@gmail.com, mcgrof@suse.com, linux-kernel@vger.kernel.org, seth.forshee@canonical.com, linux-security-module@vger.kernel.org Date: Tue, 19 May 2015 21:04:33 +0100 In-Reply-To: <1432062843.4510.159.camel@linux.vnet.ibm.com> References: <1432060749.4510.155.camel@linux.vnet.ibm.com> <20150515123513.16723.96340.stgit@warthog.procyon.org.uk> <1432046758.3277.36.camel@infradead.org> <5444.1432061302@warthog.procyon.org.uk> <1432062843.4510.159.camel@linux.vnet.ibm.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.12.11 (3.12.11-1.fc21) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1331 Lines: 31 On Tue, 2015-05-19 at 15:14 -0400, Mimi Zohar wrote: > On Tue, 2015-05-19 at 19:48 +0100, David Howells wrote: > > Mimi Zohar wrote: > > > > > Definitely better. (FYI, Dmitry's modsig patches from 2012 used the > > > keyring for safely storing a password. ) > > Without the environment variable set, there's a pop up prompt to enter > the pin. A pain to have to enter for each and every kernel module, but > definitely a nice option. Right. In fact now that sign-file is written in C and not having to call out to /usr/bin/openssl for each signature, we *could* authenticate to the PKCS#11 token (or load the private key from the file) just once and sign all the modules in a *single* invocation. So you'd only be asked for the password *once*. The make rules to achieve that are somewhat non-trivial, but it was an idea we had in our minds when we settled on doing it in C rather than scripting it. -- David Woodhouse Open Source Technology Centre David.Woodhouse@intel.com Intel Corporation -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/