Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp1323948rdb; Fri, 16 Feb 2024 11:55:01 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVgqveGy0HlFnDcJtdeqSfT8AfrQjd3yd++4/QsZjy6O92zcjmbOxPOGkEtKyvT4/nurI/f5w9amfqM2+AeWNtIld+A8gXoUVd2FM3OAA== X-Google-Smtp-Source: AGHT+IFoZw1StK7NqMZLxVe6jHaya0QCUZi8WT28kLU3xJSWhy9a6n8TqM/g1inWKK4UAmLYJPkn X-Received: by 2002:a17:906:4544:b0:a3d:abd1:7035 with SMTP id s4-20020a170906454400b00a3dabd17035mr3511819ejq.9.1708113301604; Fri, 16 Feb 2024 11:55:01 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708113301; cv=pass; d=google.com; s=arc-20160816; b=wscAAnGN9NE3bs1DbhtJDtiS/4XKN0XI5PEXYG+r0gGrVk86iyOcxCpI+q707ptpEU 8LjN1XQf7yZFLtOW0MxfGWjEhCl9AH/uVnt3cwH0nxIuYMkVJ5PnuzqnA8SnwFe2lOpn YB9usIlTx0z2RoPGzVMazDFSqV+9/FfukcjS4R4F951Jr4FFdBGPgdeaS8RTXvPZnDXp rmlmRZKkZUkCQbxN3HqsaztxNEdYvd6aJfy1hUchHA21J8ANDh7n1n/8CtvHFFN2d5Gq 1IoY9KM2PMH2T134zMOnXCZkvKqvsl0kv/jkY04LvDnMoqtqgFziYurU+pIz71vv+UKv q7vw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=2Q8Qv8460+7KaeMVKfgNZZJbh2l3qzQK/kta7xT3VIU=; fh=JBohOeSa7I2n+IJGZ5K8gxNCHtbfm50Q6W0Lwde8824=; b=eMShknmn98lhhkfSK4BEBHbGetYLoC6S4LjosKKESSne/2jVya1l9sNY9T0Itr2T3+ vlJAIsYabbUQdjCwjLmRP86fidCkCW5JSOieY1nTIHUgELm2oZIK+ZwuiuTwsNIV7NIz dW8+eIqtKJKw6RcdKCgL8O1bzLWxYZkTy7W67GG374b8gMKnSsCiiOXZst8hlAbUz32h YQg950mIaQJJY5MH9teQ7j3HjGt+F8HL4H8/8E62JoS1xvNuRf1tLeLuODEgx2V2Xwkm vWBNXUvNDUfL6pbOxzr148/v0HLI5G7qnEQeH0nhlWU4L58w6z5CZ3+K9tntG+t2hgOU an5A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=huaweicloud.com); spf=pass (google.com: domain of linux-kernel+bounces-69268-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69268-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id va10-20020a17090711ca00b00a3df668de07si212421ejb.140.2024.02.16.11.55.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 11:55:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-69268-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=huaweicloud.com); spf=pass (google.com: domain of linux-kernel+bounces-69268-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-69268-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id BE7881F244A2 for ; Fri, 16 Feb 2024 19:55:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 46BD9137C4B; Fri, 16 Feb 2024 19:54:53 +0000 (UTC) Received: from frasgout11.his.huawei.com (frasgout11.his.huawei.com [14.137.139.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD46712A158; Fri, 16 Feb 2024 19:54:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=14.137.139.23 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708113292; cv=none; b=EiZWTRnuUiOre6QhFC66QV0LSbYrbZnsTvoaWNh/TT6PuLB6Pp/H+cxW9EKx0p+uzJ4JDOw7ASODHihPZZQffk2L/hrHxggbTpUU3RiSFSppZ2EOtgVKWnIpQLujy+xW4h3XYvt2r4mAOQoDluJcuCdi2Gk/0fT953C+SgejbgY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708113292; c=relaxed/simple; bh=B4jAjw1DiDA/xtjvyDVRYyJzCcc0H7WBMUUgQrnUfT4=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=NqUucYg6fmKZImx+hfg49cvR9PKfJHCpNnCqoJdKL7nbSDpig1GGMmfmcga/Nt8TbZ0+8fzepzNl43trPyt38VNhe1/Z5pUOEYGGdH8TufNoa8ehxfNWPhY0DYLx89UHau8VVaoP7pM/T05Jmozb8I8p+iZypFfqE55C7BajOaM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com; spf=pass smtp.mailfrom=huaweicloud.com; arc=none smtp.client-ip=14.137.139.23 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=huaweicloud.com Received: from mail.maildlp.com (unknown [172.18.186.29]) by frasgout11.his.huawei.com (SkyGuard) with ESMTP id 4Tc2Ll2C7Jz9y4gk; Sat, 17 Feb 2024 03:39:27 +0800 (CST) Received: from mail02.huawei.com (unknown [7.182.16.47]) by mail.maildlp.com (Postfix) with ESMTP id 845EE140153; Sat, 17 Feb 2024 03:54:46 +0800 (CST) Received: from [10.81.208.49] (unknown [10.81.208.49]) by APP1 (Coremail) with SMTP id LxC2BwD37xhzvc9lL4ujAg--.27938S2; Fri, 16 Feb 2024 20:54:45 +0100 (CET) Message-ID: <5b0ce7ef-3f4e-4c1b-a0b7-bf48e8169c4e@huaweicloud.com> Date: Fri, 16 Feb 2024 20:54:25 +0100 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC 6/8] KEYS: PGP data parser Content-Language: en-US To: Matthew Wilcox Cc: Petr Tesarik , Dave Hansen , =?UTF-8?B?UGV0ciBUZXNhxZnDrWs=?= , Jonathan Corbet , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , Andy Lutomirski , Oleg Nesterov , Peter Zijlstra , Xin Li , Arnd Bergmann , Andrew Morton , Rick Edgecombe , Kees Cook , "Masami Hiramatsu (Google)" , Pengfei Xu , Josh Poimboeuf , Ze Gao , "Kirill A. Shutemov" , Kai Huang , David Woodhouse , Brian Gerst , Jason Gunthorpe , Joerg Roedel , "Mike Rapoport (IBM)" , Tina Zhang , Jacob Pan , "open list:DOCUMENTATION" , open list , David Howells , Petr Tesarik References: <20240216152435.1575-1-petrtesarik@huaweicloud.com> <20240216152435.1575-7-petrtesarik@huaweicloud.com> <5916fa3ac3d0ce2ade71e7ed1c9eb6923e374c1f.camel@huaweicloud.com> From: Roberto Sassu In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-CM-TRANSID:LxC2BwD37xhzvc9lL4ujAg--.27938S2 X-Coremail-Antispam: 1UD129KBjvJXoWxGr4DJw1kJry3try7CF1UGFg_yoWrGF1kpF WfKas0kF4ktr4fCr1qyw4xWryFvrs3tFy5Gr9YyryrAFn0gr12krySka1YgF9rKr4kGa1j qr4YvF9xCa4DAaDanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUv014x267AKxVWrJVCq3wAFc2x0x2IEx4CE42xK8VAvwI8IcIk0 rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2ocxC64kIII0Yj41l84x0c7CEw4AK67xGY2AK02 1l84ACjcxK6xIIjxv20xvE14v26r1j6r1xM28EF7xvwVC0I7IYx2IY6xkF7I0E14v26r4j 6F4UM28EF7xvwVC2z280aVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVCY1x0267AKxVWxJr 0_GcWle2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2WlYx0E 2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJV W8JwACjcxG0xvEwIxGrwACjI8F5VA0II8E6IAqYI8I648v4I1lFIxGxcIEc7CjxVA2Y2ka 0xkIwI1l42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67 AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v26rWY6r4UJwCI c40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY1x0267 AKxVW8JVWxJwCI42IY6xAIw20EY4v20xvaj40_WFyUJVCq3wCI42IY6I8E87Iv67AKxVWU JVW8JwCI42IY6I8E87Iv6xkF7I0E14v26r4UJVWxJrUvcSsGvfC2KfnxnUUI43ZEXa7VUb J73DUUUUU== X-CM-SenderInfo: purev21wro2thvvxqx5xdzvxpfor3voofrz/1tbiAQAPBF1jj5pusAABs+ On 2/16/2024 7:44 PM, Matthew Wilcox wrote: > On Fri, Feb 16, 2024 at 05:53:01PM +0100, Roberto Sassu wrote: >> On Fri, 2024-02-16 at 16:44 +0000, Matthew Wilcox wrote: >>> On Fri, Feb 16, 2024 at 04:24:33PM +0100, Petr Tesarik wrote: >>>> From: David Howells >>>> >>>> Implement a PGP data parser for the crypto key type to use when >>>> instantiating a key. >>>> >>>> This parser attempts to parse the instantiation data as a PGP packet >>>> sequence (RFC 4880) and if it parses okay, attempts to extract a public-key >>>> algorithm key or subkey from it. >>> >>> I don't understand why we want to do this in-kernel instead of in >>> userspace and then pass in the actual key. >> >> Sigh, this is a long discussion. > > Well, yes. When you don't lay out why this is of value, it turns into a > long discussion. This isn't fun for me either. > >> PGP keys would be used as a system-wide trust anchor to verify RPM >> package headers, which already contain file digests that can be used as >> reference values for kernel-enforced integrity appraisal. > > The one example we have of usage comes in patch 7 of this series and is: > > gpg --dearmor < | keyctl padd asymmetric "" @u > > And you're already using two userspace programs there. Why not a third? I think this is very easy to answer. Why not extracting the public key from an x509 certificate in user space, sending it to the kernel, and using it for kernel module verification? > gpg --dearmor < | ./scripts/parse-pgp-packets | keyctl padd asymmetric "" @u > >> With the assumptions that: >> >> - In a locked-down system the kernel has more privileges than root >> - The kernel cannot offload this task to an user space process due to >> insufficient isolation >> >> the only available option is to do it in the kernel (that is what I got >> as suggestion). > > This sounds like there's some other way of getting the key into the > kernel which doesn't rely on userspace. Or are you assuming that nobody > bothered to trojan 'cat'? Apologies for not providing the full information at once. I'm worried that would be too long, and pieces can be lost in the way. If it is not a problem, I'm going to clarify on request. Ok, so, I'm not going to use cat to upload the PGP keys. These will be embedded in the kernel image, when the Linux distribution vendors build their kernel. This works for both secure boot and trusted boot, since the kernel image can be measured/verified by the boot loader. Another source for keys is the MOK database, since users might want the ability to verify their own software, which does not come from the Linux distribution. I briefly anticipated the full picture, but I will tell it more explicitly. The kernel, with the embedded PGP keys, will be able to verify the signature of the RPM package headers. A component that I recently developed, the digest_cache LSM, has the ability to extract file digests from RPM headers and provide a simple interface for IMA, IPE, BPF LSM and any other component to query the calculated digest of files being accessed, and allow/deny access to them depending on whether the query is successful or not. I already anticipate the question, if you have the problem parsing PGP keys, why don't you have the problem parsing RPM package headers? I started finding a solution before this became available, and the only alternative I found was to formally verify my code. So, I took Frama-C, wrote the assertions, and verified that not only the code is functionally correct for correct sequences of bytes, but that there is no illegal memory access for any arbitrary sequence (unfortunately, I can prove for a small buffer size). So, I'm probably going to do the same for the PGP parser, if this does not fly. But, we were very optimistic that this could be a valid alternative! Roberto