Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp838341ybm; Tue, 21 May 2019 04:32:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqxqo8YPA6fWDPpBeTlL9g+95f8dV1S3NpHzDLxAZhF6TnnA4JnFgkbEVucDdIosQTAhEYrb X-Received: by 2002:a17:902:298a:: with SMTP id h10mr55779525plb.6.1558438370441; Tue, 21 May 2019 04:32:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558438370; cv=none; d=google.com; s=arc-20160816; b=YX9+j4tJwzTyf8baFanX9gmQ76Ly6aEMOVv2gvaSjNoZRtiVsKHimuN0zIcCXQ6F+e rv3nsADyw0hG4YiMcNYyqjkWPF9PMW1vrWc8HO5Rc/6HonfjmIuN/m9YL/RJDiAVoH6h Fp7BBwagBNqbPkL8OHE5N9xKt86AWWQbQwnzCNJiCvMCUS8FPVdOSaZK2cWZ0VVL83nK rlOPeI+Xceid+JZK3n1bj6fbpVeJZHGenHV8EQ70TY3qnvlNlXF26kJ8w5xfyXN6rc7s cWPW770Z45CJ4lW5ZjCKMvEwfEZbxw9bdMhzZItTY/WOAcEe4CRkoEJtUqz7vzGP1wkd 2eZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=+hw9ciVuHHY0W8Va15M0HySzCjrALr+XgKhwWi5y1cQ=; b=krGwPqfvoAxUKcELQ2/8iECYu6aOy9TJn17cl5HA1lj9cYNHlR9XUnrNxZ4/3JUa+h Ygu9fIHiZu8iGXbP3+o77jSA/qMLsXKL/VdTfX9WpugsmqrA03IY69KjIMjMxJL3fpy2 hvThRbs0FCU9YOzJTkH/dV3DRSs45jPMcBDz7vq5ABMRSHt4Q8agj7wjfX7cEUedwjwX JlwOX+OlEdc6BsRuLFN9z9cz/38uZwwDcjUEDYVFRIWgNscO+fImW2SYiY1f2AzxH+LB I8K1dBRr/+eF8Cv0uzMbQZTs1Y0UGFLxTN4an8nkbrDyLMf3gxykxON7BSL3apSVGMqk JTng== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d3si11821140pln.272.2019.05.21.04.32.31; Tue, 21 May 2019 04:32:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727883AbfEULar (ORCPT + 99 others); Tue, 21 May 2019 07:30:47 -0400 Received: from mx1.redhat.com ([209.132.183.28]:2593 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726296AbfEULao (ORCPT ); Tue, 21 May 2019 07:30:44 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 399FB3082200; Tue, 21 May 2019 11:30:39 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.17.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id EC4F9176D4; Tue, 21 May 2019 11:30:35 +0000 (UTC) Subject: Re: [PATCH] crypto: af_alg - implement keyring support To: Ondrej Mosnacek , Marcel Holtmann Cc: linux-crypto@vger.kernel.org, Herbert Xu , keyrings@vger.kernel.org, David Howells , Stephan Mueller , Milan Broz , Daniel Zatovic References: <20190521100034.9651-1-omosnace@redhat.com> From: Ondrej Kozina Message-ID: <265b6c1b-3ea9-15f6-29d4-3e5988248db1@redhat.com> Date: Tue, 21 May 2019 13:30:34 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-MW Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 21 May 2019 11:30:44 +0000 (UTC) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 5/21/19 1:02 PM, Ondrej Mosnacek wrote: > Hi Marcel, > > On Tue, May 21, 2019 at 12:48 PM Marcel Holtmann wrote: >> Hi Ondrej, >> >>> This patch adds new socket options to AF_ALG that allow setting key from >>> kernel keyring. For simplicity, each keyring key type (logon, user, >>> trusted, encrypted) has its own socket option name and the value is just >>> the key description string that identifies the key to be used. The key >>> description doesn't need to be NULL-terminated, but bytes after the >>> first zero byte are ignored. >> >> why use the description instead the actual key id? I wonder if a single socket option and a struct providing the key type and key id might be more useful. > > I was basing this on the approach taken by dm-crypt/cryptsetup, which > is actually the main target consumer for this feature (cryptsetup > needs to be able to encrypt/decrypt data using a keyring key (possibly > unreadable by userspace) without having to create a temporary dm-crypt > mapping, which requires CAP_SYSADMIN). I'm not sure why they didn't > just use key IDs there... @Milan/Ondrej, what was you motivation for > using key descriptions rather than key IDs? > We decided to use key descriptions so that we could identify more clearly devices managed by cryptsetup (thus 'cryptsetup:' prefix in our descriptions put in dm-crypt table). I understood numeric ids were too generic for this purpose. Also cryptsetup uses by default thread keyring to upload keys in kernel. Such keys are obsolete the moment cryptsetup process finishes. I don't think it's any problem to go with IDs for your patch. IIUC, as long as process has permission to access key metadata it can obtain also current key id so it's not a big problem for as to adapt when we use kcapi. Regards O.