Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp285593pxb; Thu, 20 Jan 2022 13:31:14 -0800 (PST) X-Google-Smtp-Source: ABdhPJxlaXQXmNEiDjazMRb6FEuXCq57VM2LHILz/8q45HhOomoc/uvpfr7PLhyrQE/X+07Z7Ltn X-Received: by 2002:a17:90b:1e07:: with SMTP id pg7mr13110075pjb.94.1642714274517; Thu, 20 Jan 2022 13:31:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642714274; cv=none; d=google.com; s=arc-20160816; b=plJEFtw4Ibpnx7rnfEJRllX0nmUE3dpZEiGUIosYhmjlgLu5X3nbUQvHBcUqzGqkS6 KfK/j8/1Xhjux+gMOwwT4IuudDCUCLi8TnbqP58fwNb1sMtXuCl47AK0GLhZnxNDa/rj KAG6v9T79OnsE08XMlSRroxZQ6u5YrbiXYC3ITZ4W5cvFZ0TPTHevEWmYnG16Rd0H7r2 cK1fy8sDs0ATdGQ8Y/PtX40MTsJbWOJtzG2LLMjP/zIhTj2fNQ3XC+QSzi7MNRDcv8Uo K06LgE0U/G/bAWq+Llqurds7eQAWeHrmc6O3aKbLXCs0DEbNwpB7vPPXt7qFtHMjEPNZ K8Xg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:mime-version; bh=nNs5o4VvLJblkKkIVcPmYPx10yy3hUKHbFmbQiq0e2c=; b=E/9dK0ZLAtWT0lntm4EA1Zy+PZUy2PwKf/9q1xUB/UrkNFJG6JQS3Uxxtb+Z7TO50k Bjwxgw8R52+QFZO3kIg8lFhhBWYmUDfuWWsJVJT3TpK9PvaUB1glyl/ZuqCHh2WdP8fx te+vRKO63FgSWN3sAGZUJ6f6T0P05AKQwW0rBilvSliLNSTDoEulxi6sGEcahk5/noGW HfpI3A/msE5hbMcBB7UBK+DFBBLW7eX+3JH3SIBW+YfpfCDHgJLI50YZeRSFHbMqgkdR W9jpe9X6wEhS/W4sYiGzwVQz+DTFRksfZc4x1lqM9if+hr96wmdPJelnN89pyIoXtp/9 ql8A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=pobox.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b7si4641244plz.249.2022.01.20.13.31.02; Thu, 20 Jan 2022 13:31:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=pobox.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347817AbiARS0T (ORCPT + 99 others); Tue, 18 Jan 2022 13:26:19 -0500 Received: from mail-yb1-f177.google.com ([209.85.219.177]:43617 "EHLO mail-yb1-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244408AbiARS0S (ORCPT ); Tue, 18 Jan 2022 13:26:18 -0500 Received: by mail-yb1-f177.google.com with SMTP id g81so58653558ybg.10 for ; Tue, 18 Jan 2022 10:26:18 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=nNs5o4VvLJblkKkIVcPmYPx10yy3hUKHbFmbQiq0e2c=; b=i5vAqzK4lB1qMbz7GnDBb+Wl7M2dwbIgChJ9tIXhUUqSTrTxfbv90echFlDcrbbPOh w8psv195l6I7O1xBObA8YPlMlCnL1wQIE+ZR94weqU2t+8pvBieupP7bjg6RpyIP/Fnc 65LnDDpNUm0usWSoEsXF7E5FrY9fIHQIcBh6Adzn9UqUOjRm6o7bxnvd2eoJ4Q5gpVjf udr+2clp5l/2zbE5l/JquvZ+LDNhRfBhy70WTK519fOFp3ezZ9FtKs0nu1w5QBjTL8C+ VBNKnk2d85XsOY35yeFtO1gUArWyhJdnMeTSrWF4zmj3bJlHKORyGR0M3AgRCIsB/u0g aVwA== X-Gm-Message-State: AOAM532dtM7XLKtmLXcayuQF3m+GA0UE+r+Jghid2mqNMnbjK75sByiW ywqfQMvQs8KFYPOFS57L28UgOmL6Wj4CK9JGoHGopw== X-Received: by 2002:a25:1388:: with SMTP id 130mr35201366ybt.321.1642530376588; Tue, 18 Jan 2022 10:26:16 -0800 (PST) MIME-Version: 1.0 From: Martin Ross Date: Tue, 18 Jan 2022 13:26:05 -0500 Message-ID: Subject: Re: [PATCH v4] KEYS: encrypted: Instantiate key with user-provided decrypted data To: jarkko@kernel.org Cc: corbet@lwn.net, dhowells@redhat.com, jejb@linux.ibm.com, jmorris@namei.org, keyrings@vger.kernel.org, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, serge@hallyn.com, Yael Tiomkin , Mimi Zohar Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Jarkko, I have been working with Yael on this project so I thought I might add a bit of background here around the use case that this series of patches is trying to address. At a high level we are trying to provide users of encryption that have key management hierarchies a better tradeoff between security and availability. For available and performance reasons master keys often need to be released (or derived/wrapped keys created) outside of a KMS to clients (which may in turn further wrap those keys in a series of levels). What we are trying to do is provide a mechanism where the wrapping/unwrapping of these keys is not dependent on a remote call at runtime. e.g. To unwrap a key if you are using AWS KMS or Google Service you need to make an RPC. In practice to defend against availability or performance issues, designers end up building their own kms and effectively encrypting everything with a DEK. The DEK encrypts same set as the master key thereby eliminating the security benefit of keeping the master key segregated in the first place. We are building a mechanism to create a security boundary in the kernel that allows these master keys to be stored in the kernel and used to wrap/unwrap keys via less trusted user processes. The other goal here is to eliminate the complexity and statefulness required to do this today which would be to create a trusted daemon or process on the machine. Concretely this means that since the user process will not have the master key the system designer has better options. One obvious advantage is that any core dumps or code injection attacks won't be able to trivially grab the master key from the process or the linux keyring. Once in the kernel this functionality can be transparently integrated into user space crypto libraries that have existing key management functionality. Hope this helps and happy to answer any further questions! M