Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp3330169imm; Mon, 6 Aug 2018 02:50:25 -0700 (PDT) X-Google-Smtp-Source: AAOMgpf4nOehk8sD6tFZApqW1eyNs55n67D0A2E1OksOAcqSI7oOEI8lPxXWWzZr7fLTxynIkTs9 X-Received: by 2002:a63:35c3:: with SMTP id c186-v6mr13798386pga.217.1533549025577; Mon, 06 Aug 2018 02:50:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533549025; cv=none; d=google.com; s=arc-20160816; b=xYH7vucAd95q4HzXgMHyMQo1q5pjeKZsWvDfTf6G7/ve0vIqLRr5Hu9+rol0boX+Vl uF9TNzPeU8/FG6tHIIR8ovMipmgnUT8pSGUQ8H5p/0tb5U6ys68Zcv0Paf/6xYGgU6eF rS4vnyU46mrEwgOhqxxJgbpa01ExSMF4aThhWDh0JZlKqFExTl9uQVrpR8ay6KVt7tQJ 4jPCzfO9Ht1w2Kmt5CedL8AAI+4+tyN2lryMFNrhOcu0hRJhyLUUqMH4nZP5ML4VqUQU hhsXNtcxL4+MNKhQ88ULxr4SCs1ROPxp+b8Kd13WlzH0144eVyzOcrJrkYaa1etcjXwv rn7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=NNPjNeKP02quvEIGwBTGjH8D008e3IJE6EW5Oeyfr/Q=; b=P1PDZKs0y7vwfuqJTdhzCwGzGr6sMjldhTyivGk9GWMFQrdJMxQ1Fw2elSVNsgTyF/ KabAcyfLl2U9n4vJTlEvBvTvfPGarusye4N6FaBy51vkC1IInWhLxy6Aw/j1Wj/48xLj mkxouYU/V6QMklTb2zOYjXuOxdCbF6hVeJ+D6DvyyUer8TQ3mZMBchxJddc0OFSoNlFR +/KJ08OeSubt3TBkPoI4xrhS31CL50yL5WnCWPFuTDnVWbxki4G1puxU6Ir3Xhpdc8pE 0cFIZ/sJrB9xiRvRDHtLQBcMz2wQhop5fq9YhgSbIFJlmROMYkysbZyfVb6zHxfhdoXb hd+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n64-v6si13460976pgn.247.2018.08.06.02.50.10; Mon, 06 Aug 2018 02:50:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727492AbeHFL4d (ORCPT + 99 others); Mon, 6 Aug 2018 07:56:33 -0400 Received: from smtp.nue.novell.com ([195.135.221.5]:33426 "EHLO smtp.nue.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726572AbeHFL4c (ORCPT ); Mon, 6 Aug 2018 07:56:32 -0400 Received: from linux-l9pv.suse (unknown.telstraglobal.net [134.159.103.118]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Mon, 06 Aug 2018 11:48:10 +0200 Date: Mon, 6 Aug 2018 17:48:04 +0800 From: joeyli To: Yu Chen Cc: Oliver Neukum , Pavel Machek , "Rafael J . Wysocki" , Eric Biggers , Theodore Ts o , Stephan Mueller , Denis Kenzior , linux-pm@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, "Gu, Kookoo" , "Zhang, Rui" Subject: Re: [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption Message-ID: <20180806094752.GH27062@linux-l9pv.suse> References: <20180718202235.GA4132@amd> <20180718235851.GA22170@sandybridge-desktop> <20180719110149.GA4679@amd> <20180719132003.GA30981@sandybridge-desktop> <20180720102532.GA20284@amd> <1532346156.3057.11.camel@suse.com> <20180723162302.GA4503@sandybridge-desktop> <1532590246.7411.3.camel@suse.com> <20180806075754.GA12124@chenyu-desktop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180806075754.GA12124@chenyu-desktop> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 06, 2018 at 03:57:54PM +0800, Yu Chen wrote: > Hi Oliver, > On Thu, Jul 26, 2018 at 09:30:46AM +0200, Oliver Neukum wrote: > > On Di, 2018-07-24 at 00:23 +0800, Yu Chen wrote: > > > > > > Good point, we once tried to generate key in kernel, but people > > > suggest to generate key in userspace and provide it to the > > > kernel, which is what ecryptfs do currently, so it seems this > > > should also be safe for encryption in kernel. > > > https://www.spinics.net/lists/linux-crypto/msg33145.html > > > Thus Chun-Yi's signature can use EFI key and both the key from > > > user space. As Ard and James's comments, the EFI key can not be accepted: https://lkml.org/lkml/2018/8/5/135 The lower entropy problem can be covered by RDRAND or EFI random protocol. But the key point is that we can not fully trust manufacturer. And, the secure boot relies on Microsoft's business interests. It's not designed for confidentiality. So I will move to TPM trusted key + encrypted key. > > > > Hi, > > > > ecryptfs can trust user space. It is supposed to keep data > > safe while the system is inoperative. > Humm, I did not quite get the point here, let's take fscrypt > for example, the kernel gets user generated key from user space, > and uses per-inode nonce(random bytes) as the master key to > do a KDF(key derivation function) on user provided key, and uses > that key for encryption. We can also added similar mechanism > to generate the key in kernel space but the key should be > original from user's provided key(password derived), because > the security boot/signature mechanism could not cover the case > that, two different users could resume to each other's context > because there isn't any certification during resume if it is > on the same physical hardware. > Sounds there have two different purposes. One is to prevent that the secret in snapshop image be detected/changed outside the machine. Another one try to prevent that B user resumes to A user's context on the same machine. In the case of B resumes A's context, I still think that the attacker must physical accesses the machine. Which means that it's out of EFI secure boot's design. Could you please explan the detail for the attack? So I think that the password from user space is for user authentication, and the TPM trusted key is for snapshot image encryption/verification. Thanks Joey Lee