Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp1761483pxb; Fri, 20 Aug 2021 13:21:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwgqT87Y+e7HoW5j9Eesf8uC9u3ovWughkmTKMdgbW/YOXgO0EqDS5FitApcUpTsz7s8m+D X-Received: by 2002:a6b:7712:: with SMTP id n18mr17461131iom.34.1629490882611; Fri, 20 Aug 2021 13:21:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629490882; cv=none; d=google.com; s=arc-20160816; b=ApTMnIVyfYfNz3ZFfcJ4LwgepFU8odgdVra3HiRlMs7omO7ZwjEzi3rzqgOjZwsi9/ eTJA5RYtUSt0scPS82z1gPRbehL0A7qdLeIAobjd06FvLZSMUi0uTHQH2hoCwm6Ak+i9 yxVnFs+toHGgTLE+KQoLrpbT1rU+GimE9v6smKPyNItLzwm0WZbLI875QvMl/9B+CvPS Mhp7f90s7nsyEw5dW4qKyrwxOOEGhsr0toIUAHNGYpyeaDr4UXkopb4NxyCJDHCL8v68 ZjqBoVVYfpRQhyUEPYiv+ypu9+/+xgrppRf7V+3U4RCM217OHXjdfeGagCDONUGEhkGx 2eRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=90zs5aa37P7zEnS7CuHQxNNBqQQ4S3sRRs1VkdFPZqM=; b=dO+dpKcpi1ScZa7/hlB7A4lFnwY+SX6J9GLdRnZndlPcnpv9vLjbJdAz7a9SgpecuK VL6tQeaYxr9/9cJmIZOsr5kqvrkl8E9DYlfU8vWeY3w9Jd4kKm/p0XQPG8g7e4fReKkl xY2lxvf6HbtsJe2vvOtAsDFYIlCLm+5kbMacDXhkMa7NQBQrPZSwOqQ2tk4+Ze7Ycv91 pifzMU7L/ANgKBdrMNwAYgi6+rIx0Mgrt2Each/Gj9ot39jyl/Ma7mLFzf3fWomZuYAp krm+JU+O12Go4JhTRezT8O0ePaJNob07dEdt3ItdaT8jE5uREHuAMKPY5hS/s5SW0clE CtBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gateworks-com.20150623.gappssmtp.com header.s=20150623 header.b=zA8Qvkux; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t7si7388444jah.88.2021.08.20.13.20.53; Fri, 20 Aug 2021 13:21:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gateworks-com.20150623.gappssmtp.com header.s=20150623 header.b=zA8Qvkux; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238891AbhHTUV3 (ORCPT + 99 others); Fri, 20 Aug 2021 16:21:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60344 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238862AbhHTUV2 (ORCPT ); Fri, 20 Aug 2021 16:21:28 -0400 Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31052C061757 for ; Fri, 20 Aug 2021 13:20:50 -0700 (PDT) Received: by mail-pf1-x42f.google.com with SMTP id g14so9574793pfm.1 for ; Fri, 20 Aug 2021 13:20:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gateworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=90zs5aa37P7zEnS7CuHQxNNBqQQ4S3sRRs1VkdFPZqM=; b=zA8Qvkux1azGsd3++zo4/iy/OVuHoTkPMngPmM4VtfmoWcdeHaC3B+hDR+nAmrcGJm qmyXVTfQtxAXxAr3Aegoe0ZTVz3dDmGoybUfPP1D0Byc0X+uYAe8VS7WDZazdbIVtzKO y6CnX2jyn0djdSrmSgRryoanDJcvOM88gQqTKuUWb2jFE6hEpftcrE/gUD1/Db7BkJno S7M6oVetKv77Cs6TKECdUK/YJb3dNjWpiUgjZiFMtcrsA40edieVsb/GFnvZE2AjvbjQ PvB5OQvgq0x0pqBoTIxjazVOB5wM/AHeMNfH7YNn5t8hy6p8mBlF67H75YCh62PB2WpP nikQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=90zs5aa37P7zEnS7CuHQxNNBqQQ4S3sRRs1VkdFPZqM=; b=Q7gSFjdTJhvwclO2nYuyZNbda/d9jA0j45H8CMEaFDiY2HoMmXpxEFyomtDSuaTLjL RxBqRO99I5G1rsWDdXYtFvhotw6VIKd4tx+Td+Giw2ch2FfqK3yCFVOmhqd/ydvqYcgW Z2LOp2rrcJ33I2zg2dUDcrwTLLRLhbyeUuI28Ap0lWKRTyTw7Sx8692wyy9pihHx3asT KjsxFZapUGgwBEeaYtbFtnw9l7Z5xvaBv/+79K/c0G7FGPmY5EMvOZ3M3Y5y2RU92FU9 u82x4FQXuU9EPj+GBqiMkd8P3cjA12oswOMdgtPNU2QcXGJLA+jIVBaGxBnj5A0BEbpe qDuQ== X-Gm-Message-State: AOAM532oW1pJW2pTYF/rw66jASZoRJ6OWmlkVZvxjxS9ERM8vKeu0rkQ T7YXF08ZdB6sEDNWiYxwIJtPEkD6lkQyebG3ipn1yg== X-Received: by 2002:a63:db4a:: with SMTP id x10mr6433163pgi.30.1629490849582; Fri, 20 Aug 2021 13:20:49 -0700 (PDT) MIME-Version: 1.0 References: <2b48a848-d70b-9c43-5ca0-9ab72622ed12@pengutronix.de> In-Reply-To: <2b48a848-d70b-9c43-5ca0-9ab72622ed12@pengutronix.de> From: Tim Harvey Date: Fri, 20 Aug 2021 13:20:38 -0700 Message-ID: Subject: Re: [PATCH 0/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys To: Ahmad Fatoum Cc: David Gstir , Aymen Sghaier , Mimi Zohar , Jan Luebbe , keyrings@vger.kernel.org, Steffen Trumtrar , linux-security-module@vger.kernel.org, Udit Agarwal , Herbert Xu , =?UTF-8?Q?Horia_Geant=C4=83?= , Richard Weinberger , James Morris , Eric Biggers , "Serge E. Hallyn" , Sumit Garg , James Bottomley , Franck LENORMAND , David Howells , open list , Jarkko Sakkinen , linux-crypto@vger.kernel.org, Sascha Hauer , linux-integrity@vger.kernel.org, "David S. Miller" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Aug 20, 2021 at 9:20 AM Ahmad Fatoum wrot= e: > > Hello Tim, > > On 20.08.21 17:39, Tim Harvey wrote: > > On Wed, Jul 21, 2021 at 9:49 AM Ahmad Fatoum = wrote: > >> > >> Series applies on top of > >> https://lore.kernel.org/linux-integrity/20210721160258.7024-1-a.fatoum= @pengutronix.de/T/#u > >> > >> v2 -> v3: > >> - Split off first Kconfig preparation patch. It fixes a regression, > >> so sent that out, so it can be applied separately (Sumit) > >> - Split off second key import patch. I'll send that out separately > >> as it's a development aid and not required within the CAAM series > >> - add MAINTAINERS entry > >> > >> v1 -> v2: > >> - Added new commit to make trusted key Kconfig option independent > >> of TPM and added new Kconfig file for trusted keys > >> - Add new commit for importing existing key material > >> - Allow users to force use of kernel RNG (Jarkko) > >> - Enforce maximum keymod size (Horia) > >> - Use append_seq_(in|out)_ptr_intlen instead of append_seq_(in|out)_p= tr > >> (Horia) > >> - Make blobifier handle private to CAAM glue code file (Horia) > >> - Extend trusted keys documentation for CAAM > >> - Rebased and updated original cover letter: > >> > >> The Cryptographic Acceleration and Assurance Module (CAAM) is an IP co= re > >> built into many newer i.MX and QorIQ SoCs by NXP. > >> > >> Its blob mechanism can AES encrypt/decrypt user data using a unique > >> never-disclosed device-specific key. > >> > >> There has been multiple discussions on how to represent this within th= e kernel: > >> > >> The Cryptographic Acceleration and Assurance Module (CAAM) is an IP co= re > >> built into many newer i.MX and QorIQ SoCs by NXP. > >> > >> Its blob mechanism can AES encrypt/decrypt user data using a unique > >> never-disclosed device-specific key. There has been multiple > >> discussions on how to represent this within the kernel: > >> > >> - [RFC] crypto: caam - add red blobifier > >> Steffen implemented[1] a PoC sysfs driver to start a discussion on = how to > >> best integrate the blob mechanism. > >> Mimi suggested that it could be used to implement trusted keys. > >> Trusted keys back then were a TPM-only feature. > >> > >> - security/keys/secure_key: Adds the secure key support based on CAAM= . > >> Udit added[2] a new "secure" key type with the CAAM as backend. The= key > >> material stays within the kernel only. > >> Mimi and James agreed that this needs a generic interface, not spec= ific > >> to CAAM. Mimi suggested trusted keys. Jan noted that this could ser= ve as > >> basis for TEE-backed keys. > >> > >> - [RFC] drivers: crypto: caam: key: Add caam_tk key type > >> Franck added[3] a new "caam_tk" key type based on Udit's work. This= time > >> it uses CAAM "black blobs" instead of "red blobs", so key material = stays > >> within the CAAM and isn't exposed to kernel in plaintext. > >> James voiced the opinion that there should be just one user-facing = generic > >> wrap/unwrap key type with multiple possible handlers. > >> David suggested trusted keys. > >> > >> - Introduce TEE based Trusted Keys support > >> Sumit reworked[4] trusted keys to support multiple possible backend= s with > >> one chosen at boot time and added a new TEE backend along with TPM. > >> This now sits in Jarkko's master branch to be sent out for v5.13 > >> > >> This patch series builds on top of Sumit's rework to have the CAAM as = yet another > >> trusted key backend. > >> > >> The CAAM bits are based on Steffen's initial patch from 2015. His work= had been > >> used in the field for some years now, so I preferred not to deviate to= o much from it. > >> > >> This series has been tested with dmcrypt[5] on an i.MX6DL. > >> > >> Looking forward to your feedback. > >> > >> Cheers, > >> Ahmad > >> > >> [1]: https://lore.kernel.org/linux-crypto/1447082306-19946-2-git-send= -email-s.trumtrar@pengutronix.de/ > >> [2]: https://lore.kernel.org/linux-integrity/20180723111432.26830-1-u= dit.agarwal@nxp.com/ > >> [3]: https://lore.kernel.org/lkml/1551456599-10603-2-git-send-email-f= ranck.lenormand@nxp.com/ > >> [4]: https://lore.kernel.org/lkml/1604419306-26105-1-git-send-email-s= umit.garg@linaro.org/ > >> [5]: https://lore.kernel.org/linux-integrity/20210122084321.24012-2-a= .fatoum@pengutronix.de/ > >> > >> --- > >> To: Jarkko Sakkinen > >> To: "Horia Geant=C4=83" > >> To: Mimi Zohar > >> To: Aymen Sghaier > >> To: Herbert Xu > >> To: "David S. Miller" > >> To: James Bottomley > >> Cc: David Howells > >> Cc: James Morris > >> Cc: "Serge E. Hallyn" > >> Cc: Steffen Trumtrar > >> Cc: Udit Agarwal > >> Cc: Jan Luebbe > >> Cc: David Gstir > >> Cc: Eric Biggers > >> Cc: Richard Weinberger > >> Cc: Franck LENORMAND > >> Cc: Sumit Garg > >> Cc: linux-integrity@vger.kernel.org > >> Cc: keyrings@vger.kernel.org > >> Cc: linux-crypto@vger.kernel.org > >> Cc: linux-kernel@vger.kernel.org > >> Cc: linux-security-module@vger.kernel.org > >> > >> Ahmad Fatoum (4): > >> KEYS: trusted: allow users to use kernel RNG for key material > >> KEYS: trusted: allow trust sources to use kernel RNG for key materia= l > >> crypto: caam - add in-kernel interface for blob generator > >> KEYS: trusted: Introduce support for NXP CAAM-based trusted keys > >> > >> Documentation/admin-guide/kernel-parameters.txt | 8 +- > >> Documentation/security/keys/trusted-encrypted.rst | 60 +++- > >> MAINTAINERS | 9 +- > >> drivers/crypto/caam/Kconfig | 3 +- > >> drivers/crypto/caam/Makefile | 1 +- > >> drivers/crypto/caam/blob_gen.c | 230 +++++++++++++= ++- > >> include/keys/trusted-type.h | 2 +- > >> include/keys/trusted_caam.h | 11 +- > >> include/soc/fsl/caam-blob.h | 56 ++++- > >> security/keys/trusted-keys/Kconfig | 11 +- > >> security/keys/trusted-keys/Makefile | 2 +- > >> security/keys/trusted-keys/trusted_caam.c | 74 +++++- > >> security/keys/trusted-keys/trusted_core.c | 23 +- > >> 13 files changed, 477 insertions(+), 13 deletions(-) > >> create mode 100644 drivers/crypto/caam/blob_gen.c > >> create mode 100644 include/keys/trusted_caam.h > >> create mode 100644 include/soc/fsl/caam-blob.h > >> create mode 100644 security/keys/trusted-keys/trusted_caam.c > >> > >> base-commit: 97408d81ed533b953326c580ff2c3f1948b3fcee > >> -- > >> git-series 0.9.1 > > > > Ahmad, > > > > Thanks for your work! > > > > I've been asked to integrate the capability of using CAAM to > > blob/deblob data to an older 5.4 kernel such as NXP's downstream > > vendor kernel does [1] and I'm trying to understand how your series > > works. I'm not at all familiar with the Linux Key Management API's or > > trusted keys. Can you provide an example of how this can be used for > > such a thing? > > Here's an example with dm-crypt: > > https://lore.kernel.org/linux-integrity/5d44e50e-4309-830b-79f6-f5d888b= 1ef69@pengutronix.de/ > > dm-crypt is a bit special at the moment, because it has direct support fo= r > trusted keys. For interfacing with other parts of the kernel like ecryptf= s > or EVM, you have to create encrypted keys rooted to the trusted keys and = use > those. The kernel documentation has an example: > > https://www.kernel.org/doc/html/v5.13/security/keys/trusted-encrypted.h= tml > > If you backport this series, you can include the typo fix spotted by Davi= d. > > I'll send out a revised series, but given that a regression fix I want to > rebase on hasn't been picked up for 3 weeks now, I am not in a hurry. > Ahmad, Thanks for the reference. I'm still trying to understand the keyctl integration with caam. For the 'data' param to keyctl you are using tings like 'new ' and 'load '. Where are these 'commands' identified? I may still be missing something. I'm using 4.14-rc6 with your series and seeing the following: # cat /proc/cmdline trusted.source=3Dcaam # keyctl add trusted mykey 'new 32' @s)# create new trusted key named 'mykey' of 32 bytes in the session keyring 480104283 # keyctl print 480104283 # dump the key keyctl_read_alloc: Unknown error 126 ^^^ not clear what this is Best regards, Tim