Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp865581lqd; Wed, 24 Apr 2024 21:37:35 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXBBwaA94pL+S96oBwdj13CLvgFN/oWfk3lCxgaAlFFwmoBwk7/V3FWYppKZdN5/5XuaLrTsZU8CE80wl7CnvBxNYIoCLJRufnSukSS8Q== X-Google-Smtp-Source: AGHT+IHrcmoaJb5dcJGrQrgRawgKkDeiqKBp9Q3RqtxIt02KLyPL6WHS34XK/S2wbN7VoIjTLT4C X-Received: by 2002:a05:690c:7301:b0:61b:111b:f0ba with SMTP id jp1-20020a05690c730100b0061b111bf0bamr4948762ywb.36.1714019855299; Wed, 24 Apr 2024 21:37:35 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714019855; cv=pass; d=google.com; s=arc-20160816; b=a3Xopwy+Execke1fd7CZSjKHZ6X4ikJ/YgaoaaduY/SIvNSaG/FJxsmTy+oRRxr5fz L+VeXH+JROnIBV0EljE2TAwILZfspZZ3RwDVE4pjOVX7f0wI/4Leg23r6kZei0GJKvpU aHJN8J1jAs3vbBBi+aL1gxw8yaXswARy1CLJobotuOETl9i8if+le//SkoWKhxPqb0OB qNi9m4/aifiweH9Luh30uzm+EGCjxXgOorITCmXfaAgkeZPGSe34iXf+O963Xl+YkMHz sa4OvOrd5A1XNzHsTjjHqHxgSVHpy9nhLO9p1zxdmFlwzUg/lv9ieQN8v8qADM3Cr8Mx yF2g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=4tSTOXQpZTPpNzhZ3LYpXUeA32pPZmu8Gs1D7Xjqpy8=; fh=tBL3q0tIRR0gzVsb9JkPDpuT1fOoR1ERDu7WXJYo2as=; b=CbhmvNYTNpAdy1QYjq++YewRa1n3Jmq7V6ZxZjdVpMG4LdcwkfGuY3n0qcWH9+7ONx QKllUHrpg4dwl8wo3hOzdMrEb29qWsWrxyG3+Ix4sRGI//0PhCxAl4RNF6DdDIam9fSM qmBMZoLmClBmIbdHb1wmYfl4QF0OBCxYjgXeW6CIDYM3ni8Xe/8HEs5yUKCMawlV+LyO AmduZFQWKyRMh9/HMd1T936/ANOfSx7WAzCNt1vh9MlajmWgLFoyI/pEo7dwFkiYsyg9 O0cIrJQcyECzEQnNG6yfM4MgFZvSDbryoV8/Rm2MAFYk8kd8GGiWM07BY5sZt/Xvdcad cw+Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZAHevjKb; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-157995-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157995-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id q187-20020a632ac4000000b006029cb27c1csi4699659pgq.537.2024.04.24.21.37.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Apr 2024 21:37:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-157995-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZAHevjKb; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-157995-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157995-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8C293285D67 for ; Thu, 25 Apr 2024 04:36:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 80B6C39FF3; Thu, 25 Apr 2024 04:36:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ZAHevjKb" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 825642C1A0; Thu, 25 Apr 2024 04:36:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714019789; cv=none; b=mbTtP6Aq+5zq384BaGjrF+8ADW4/w6xkPLKgl8cOV/EBFigNxsY+kPy3xFnpc9bEEQlqaCPlzLQrOKeul4qd9gMNdP79poNFJNcy/lujZgn7GFF4bp+x46Xd2lkjb6VbQ7ZA/+BURzIKACE5WIhRRZVOCheb2sTPqf7qSYlIScs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714019789; c=relaxed/simple; bh=fXdQuGCBF2mrkoHKGOX0W2cFyTyXQUKOpwOkndJhb9I=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=F424teixsyS52t3aP78ZBGek+k0MgXcmitcn87SgXezcb8w69p7FO5eM1v1ybzRsIJLRRNjWOIBDi/bBu48gbi1m5TUC8YyDl7thC5AnlorEZfWEWlXNnNVp19TEWvXMKrAB7UXgSaen1yLGbYUVk/zhpowUrQfWaSvUJY+vvhI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ZAHevjKb; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 696C9C113CC; Thu, 25 Apr 2024 04:36:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1714019789; bh=fXdQuGCBF2mrkoHKGOX0W2cFyTyXQUKOpwOkndJhb9I=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ZAHevjKbXf2UfwyP5tbjwKQr2sMEGEL1/GHCAUbca7NqRDYJ8u+UNDDd2XdiLsE8I 8uHW4A002O2jP4evNpdbiRR/lQDw55yZtoth0hDStGE2v3mECyRtiRDj34tCCLDoRW FpDXvvumIOolvmVxBOzmJko5cSSSqkD4TJE9Gejg8Cz+jHsuRBWoDmO6bDcRNAvad0 YoAv3eU2AOOoMzQvkVJ4do2XL/iovdMGPtZBzca0RgzCdwH/dvT0yMKAluA1rxAu0N a+PvW7ZLeMCkAxiiHJFCBF4YcgTIdvONco7ruTJ5NaSIwkFPJbTth7Ag1fOAtqphRl cUt5V7XTyoUvA== Date: Wed, 24 Apr 2024 21:36:26 -0700 From: Eric Biggers To: Fan Wu Cc: corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, axboe@kernel.dk, agk@redhat.com, snitzer@kernel.org, eparis@redhat.com, paul@paul-moore.com, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, fsverity@lists.linux.dev, linux-block@vger.kernel.org, dm-devel@lists.linux.dev, audit@vger.kernel.org, linux-kernel@vger.kernel.org, Deven Bowers Subject: Re: [PATCH v17 20/21] Documentation: add ipe documentation Message-ID: <20240425043626.GF1401@sol.localdomain> References: <1712969764-31039-1-git-send-email-wufan@linux.microsoft.com> <1712969764-31039-21-git-send-email-wufan@linux.microsoft.com> <20240425041351.GD1401@sol.localdomain> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240425041351.GD1401@sol.localdomain> On Wed, Apr 24, 2024 at 09:13:51PM -0700, Eric Biggers wrote: > > +.. [#dmveritydigests] These hash algorithms are based on values accepted by dm-verity, > > + specifically ``crypto_alloc_ahash`` in ``verity_ctr``; ``veritysetup`` > > + does support more algorithms than the list above. IPE does not impose > > + any restrictions on the digest algorithm itself; thus, this list > > + may be out of date. > > References to specific functions and locations in the code tend to get out of > date. I think you mean something like: any hash algorithm that's supported by > the Linux crypto API is supported. > Also, this scheme looks buggy because it's directly reusing the crypto API's algorithm name string as the digest name. The crypto API lets you specify the name of an algorithm, like "sha256", but it also lets you specify the name of a particular *implementation* of an algorithm, like "sha256-ni" for the SHA-NI accelerated implementation of sha256. It looks like dm-verity just passes through the name directly to the crypto API, and as a result it accepts names like sha256-ni. Since you're directly passing the same name into the security_bdev_setintegrity() LSM hook, that would result in IPE being told that the hash is "sha256-ni". That doesn't make sense. I think you want to be passing in crypto_ahash_alg_name(v->tfm), not v->alg_name. - Eric