Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2666931pxb; Sat, 30 Jan 2021 09:56:49 -0800 (PST) X-Google-Smtp-Source: ABdhPJz118LLfK0KyXY6DqOPnphZF/Zvgc+YRzustQn4B/MDn+kUGA3ra2OmHkSQSKZy+xr0n1FM X-Received: by 2002:a17:906:3b92:: with SMTP id u18mr10144240ejf.7.1612029409729; Sat, 30 Jan 2021 09:56:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612029409; cv=none; d=google.com; s=arc-20160816; b=VJhyCZ7XwJNHmEppYWW9VJzUMo1RlOeXW32B0W0zp6ZBQC4/KezLMHZvXTj7vifN7E vrXxfAEV79tyiguH5PS/Wy8rjVyPBWz6hVrDne1yjn+caqUqkKWegZpIXyomlqfyIteq OxFGCTbZOowhJOPYHa3Biu+weIZAbB3FbHeKb/KU8+yur6M7nRTJ10yzj/FMfXcAIRU0 IQC2ZKaz6aHx2bv2/QWcbmnGEUJUH0Lsf1wEjDO94zfo/179qIwcKltfxnlmN6vTMuRa 4EXYLBlaW0GYdOr5LwDlQBdw72zMAbUV2MWxfGfpKHUh+qEWBq4p3gMPOBh7eIMwjh+u Vc/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent :content-transfer-encoding:references:in-reply-to:date:cc:to:from :subject:message-id:dkim-signature; bh=iRRM+HJpYQMwLzUB8+x+chQVrDmWtErSPyj328qlQt8=; b=W3ZltRyOD9++3YnEZF6HHlwelBGv89jOlvYihUlcWShmSA0xCGDt9YFQ9ZNGUjsdPD PQuqv9qzzmZf3GZ4fJhV0N2+qZHAklwL7pwOp5DD7aJgqlD9WlnzlIr9Q3JhEZh7v776 ijmDLUtRX2evNIwj+PKe6i34jSo/cZEct8EF05P6WOAx4320ACfLwrTCsWzR0s44TseO YQGj2rLr2Lya9ovkmjGQVk3WQCDi8kMHQGPrg7WlbyiO3Ovh2vxAxCGfBtlBAHltC2Dg ev+Cbl8qSbQLhvSISAQ5csIWDYJSEiivtalmZSHBHC3jZS08gfe90hRjvv/YgvPFm6eP fz/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BPtuCB0k; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id zh18si7089047ejb.182.2021.01.30.09.56.25; Sat, 30 Jan 2021 09:56:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BPtuCB0k; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231820AbhA3Ry0 (ORCPT + 99 others); Sat, 30 Jan 2021 12:54:26 -0500 Received: from mail.kernel.org ([198.145.29.99]:60026 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230045AbhA3RyZ (ORCPT ); Sat, 30 Jan 2021 12:54:25 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 2E9DA64E05; Sat, 30 Jan 2021 17:53:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1612029224; bh=iRRM+HJpYQMwLzUB8+x+chQVrDmWtErSPyj328qlQt8=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=BPtuCB0kGYgXTfr7fp8pOyyts9TaDlbdU312RhLoUvUdE6Pu81uKg4jTEtMsasgA4 PZ3/lT3SuRauIjPP1L4n/rFLtWj+ly/KFBVv1OQ9hYpUIBZkcVCFT1mUIIJpdYQKVq hyGZfrelmDFw5GO3FCNa3CAqZfKD4NVue4o+X2ePuyI+L1DHRkhT6dR5Ayt7cnoWK4 kEYwk9el/PvvM/gWK+Qx6Lvr7IORRILr/9/RxTUlxKegG+DNEy5RMbfu9RGtrYvc25 hidevukhux/GkTtM2flJSycKJ6pfpTQdIdUW7PZfRoPOfa2DF4OlRGIYQvfhKHXQdI VFLx/ptfAJkSg== Message-ID: <6dc99fd9ffbc5f405c5f64d0802d1399fc6428e4.camel@kernel.org> Subject: Re: Migration to trusted keys: sealing user-provided key? From: Jarkko Sakkinen To: Ahmad Fatoum , James Bottomley , Mimi Zohar , David Howells , keyrings@vger.kernel.org Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, kernel@pengutronix.de, jlu@pengutronix.de Date: Sat, 30 Jan 2021 19:53:39 +0200 In-Reply-To: <74830d4f-5a76-8ba8-aad0-0d79f7c01af9@pengutronix.de> References: <74830d4f-5a76-8ba8-aad0-0d79f7c01af9@pengutronix.de> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.38.3 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2021-01-28 at 18:31 +0100, Ahmad Fatoum wrote: > Hello, >=20 > I've been looking into how a migration to using trusted/encrypted keys > would look like (particularly with dm-crypt). >=20 > Currently, it seems the the only way is to re-encrypt the partitions > because trusted/encrypted keys always generate their payloads from > RNG. >=20 > If instead there was a key command to initialize a new trusted/encrypted > key with a user provided value, users could use whatever mechanism they > used beforehand to get a plaintext key and use that to initialize a new > trusted/encrypted key. From there on, the key will be like any other > trusted/encrypted key and not be disclosed again to userspace. >=20 > What are your thoughts on this? Would an API like >=20 > =C2=A0 keyctl add trusted dmcrypt-key 'set ' # user-supplied con= tent >=20 > be acceptable? Maybe it's the lack of knowledge with dm-crypt, but why this would be useful? Just want to understand the bottleneck, that's all. > Cheers, > Ahmad /Jarkko=20