Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp379121imu; Tue, 8 Jan 2019 22:29:38 -0800 (PST) X-Google-Smtp-Source: ALg8bN4T3NSKWlU4RBHkl3HW7bB1H0q2aPh0YfzDhquQlmkuOMxxNCyBQ177Od76WrC32eQiTX1l X-Received: by 2002:a62:2702:: with SMTP id n2mr4859480pfn.29.1547015378729; Tue, 08 Jan 2019 22:29:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547015378; cv=none; d=google.com; s=arc-20160816; b=hopIU7XjFGKjECPrewePbIVuhVaBuC6qeFDcJcMp718hMKCdxhx0MkLQnRIT/j/ixe xy9/Xb8DfaSMMLLp3rNUpPzo0b3xld+5O4Opy8M8kT369QNXZP4edj2o0fF6Bu/vgczE 2hP/tuJNIzwvpHYa/IsrLgF2W28eeZ7HYycgSpZzph0EBWuJ6f/xqTyeyKnLtW1c3vEE j5SIv9VBcx/zQTwGWLYDdQ7LIsFAjc/zGPLqDgSud23z+33PZ5RHRpTo6V/9zJKoXGh/ bAdVTwWKkjcRveaHmzXHbBwG0YwbF0Pc+luFfN4D/UOS2tK5rxYt3I4YawX7ikEes9Ej tk2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1OdEB3EtEnRSly1kcr4nRjkcZPexvXmqwXWNB1dtNIw=; b=PXt89+J/FPpBs9u+pLZq3hIHSzqYih1cXQqIaTIT0AhS2BQOoHENH7LaB06GyCQ2T3 V881ckNOLewwxjY1qEIldSFr26xgXL+kw1pY/eD1Ir9sAiSLkD+wwCxZLWFpkfckbN3o JilZKrLX9f6Hk4gjQ0OBjJa3JTQk+812s1fK5vNLpkV2DK7GD4+QjKqTJK4GmptD3IOY AbZIgZwRtPhURGY1NEuG7uDikFFVWJ4mN92k0NeGmpC2yFCQxR5tcIfd12mOKbh5k3pU pFWr32hA6zpF5QE8FYs20UxeWxZt+69uxSwtN2yzkJ6QTkJBPVtwBfHijNDqcdcZNc4f dRDw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=Nq6lxBmT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d39si26453599pla.278.2019.01.08.22.29.22; Tue, 08 Jan 2019 22:29:38 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=Nq6lxBmT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729779AbfAIG2R (ORCPT + 99 others); Wed, 9 Jan 2019 01:28:17 -0500 Received: from mo4-p01-ob.smtp.rzone.de ([81.169.146.165]:34435 "EHLO mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729679AbfAIG2R (ORCPT ); Wed, 9 Jan 2019 01:28:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1547015294; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=1OdEB3EtEnRSly1kcr4nRjkcZPexvXmqwXWNB1dtNIw=; b=Nq6lxBmT0RGNAuTm2Vg69dW6ibk1byKrZfXW97jbnt15/eXzm6cuSiQrcHafDHFpLv gIy2o5kGLsDqxuLqDIwyHvzTH5PfB5H9NkYCoY96mxeCvzBrjAFtfyDXiUa5Cs/8MLMx bA/hAeu+ZKxvEbVshYQleyXpr6Xil2rujYZGBZ49zj0C9z+omCvzzgjn7cA4/fy1+aGU VnlAPL7oPn+uCx3eOmLMpyhZtT8qardUHeaH6Lqx+ZyFXj+sLL4B8wAypkfWH9I/bsbN +Hq6iiMIiw9FKJnuc4gF5zML7OSMrlYZYzhr49zu/OPRhQuFsXgBR7+JfakxC9WpCsxT EbKA== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPaLvSbdkg=" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 44.9 DYNA|AUTH) with ESMTPSA id 309bcfv096RSNnh (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Wed, 9 Jan 2019 07:27:28 +0100 (CET) From: Stephan Mueller To: Andy Lutomirski Cc: Herbert Xu , "Lee, Chun-Yi" , "Rafael J . Wysocki" , Pavel Machek , linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, keyrings@vger.kernel.org, "Rafael J. Wysocki" , Chen Yu , Oliver Neukum , Ryan Chen , David Howells , Giovanni Gherdovich , Randy Dunlap , Jann Horn , Andy Lutomirski Subject: Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler Date: Wed, 09 Jan 2019 07:27:28 +0100 Message-ID: <3239276.QO2kezntxR@tauon.chronox.de> In-Reply-To: References: <20190103143227.9138-1-jlee@suse.com> <1565399.7ulKdI1fm5@tauon.chronox.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am Mittwoch, 9. Januar 2019, 00:54:22 CET schrieb Andy Lutomirski: Hi Andy, >=20 > I think that, if the crypto API is going to grow a KDF facility, it should > be done right. Have a key type or flag or whatever that says =E2=80=9Cthi= s key may > *only* be used to derive keys using such-and-such algorithm=E2=80=9D, and= have a > helper to derive a key. That helper should take some useful parameters a= nd > mix them in: >=20 > - What type of key is being derived? ECDSA signing key? HMAC key? AES > key? >=20 > - Can user code access the derived key? >=20 > - What is the key=E2=80=99s purpose? =E2=80=9CEncrypt and authenticate a= hibernation image=E2=80=9D > would be a purpose. >=20 > - Number of bytes. >=20 > All of these parameters should be mixed in to the key derivation. >=20 > Also, an AE key, even for AES+HMAC, should be just one derived key. If y= ou > need 512 bits, ask for a 512-bit key, not two 256-bit keys. I concur with your requirements. However, is the kernel crypto API the righ= t=20 place to enforce such policies? To me, the kernel crypto API is a tinker-to= y=20 set of ciphers. The real policy enforcer would or should be the keyring facility. Thus, may= I=20 propose to: =2D implement the cryptographic primitive of the KDF in the kernel crypto A= PI =2D implement the policy system how to use the KDF in the keyring facility Ciao Stephan