Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp1015600pxm; Wed, 23 Feb 2022 16:00:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJzdb9obCcS8fbOEkShM0hHHzIrE25M2Of9wK+9RhEigxJkhJhTIBf4gDQENpnX4YEBbLDWz X-Received: by 2002:a17:906:2695:b0:6ce:f9c:b476 with SMTP id t21-20020a170906269500b006ce0f9cb476mr108973ejc.235.1645660850521; Wed, 23 Feb 2022 16:00:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645660850; cv=none; d=google.com; s=arc-20160816; b=IyOzfXVlg96TdNJWYA6wFJe5VoqD07mI3RtWNBecli6JKY7ZesyoYRUxeulrUfg8Dz CL03809Lbgb/fdkzkbjOVhlZ4VK8dLUcL+/ztF9xKk7D1SiuEB1atM0ocUNWrO+msbbt 9KaaeRJZroDoC4nOZPA8uOTp64bW71kjHjqIyH6/WapdfUj7krnLGnJT7KdFMqYHX25D hM26mQIMV5ZUKjseAxrqTKdabkx6wLOO48QyUnqYgKMzkqnqcoTHqRDH748KlQybzuA4 McVmgMmGCo6SpR+QUt4c0bqfQ9+Ld4CU2VoyynxQkwm4KagjGspThvN/7ynyyQa1mEdG jQlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id; bh=FYF/DNKz40hD1QOK2GELudtm4WuMr7eyGW4Z7btAGVc=; b=oNVld0uOqUDVY/R4zn1CIXAksBiTYAttrH6k7rFTZikfQaCpBR6HwzSsWtFtMcaSTX 8QnRhR4nXmULZhj8uDAs8FQmPQTrbN2ziZx0DIPXjzWgDfAI0ymc2yhaZjA2Rxdmo3JT taE6N2sdzbvXBNB03whQ27TlkZgxr07E7InWm0xjRVx1NMG21fL9hbCVFCU8A5f2Ieu5 nlgvwMexojoEth6RWzJvvaf70VtbeykZbGlKSneHjZZIpewH2ICw7ljhLBQK3SZC9kFf uKAXWyOBUV84pi2vDJRq8rRv6sAYSXzFlxlXV/U0hl5GnBwu//3XYuhXb6VmWc9aNh3B K5uw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d16si613115ejd.131.2022.02.23.16.00.14; Wed, 23 Feb 2022 16:00:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240218AbiBWQXv (ORCPT + 99 others); Wed, 23 Feb 2022 11:23:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35030 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235059AbiBWQXu (ORCPT ); Wed, 23 Feb 2022 11:23:50 -0500 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3902FC5D9B for ; Wed, 23 Feb 2022 08:23:23 -0800 (PST) Received: from gallifrey.ext.pengutronix.de ([2001:67c:670:201:5054:ff:fe8d:eefb] helo=[127.0.0.1]) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nMuPy-00008w-Vg; Wed, 23 Feb 2022 17:23:06 +0100 Message-ID: <994a4d49-b1d3-a7ab-d7b3-33405b13c125@pengutronix.de> Date: Wed, 23 Feb 2022 17:23:06 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH v5 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material Content-Language: en-US To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Sumit Garg , David Gstir , Tim Harvey , James Morris , "Serge E. Hallyn" , =?UTF-8?Q?Horia_Geant=c4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Eric Biggers , Jan Luebbe , Richard Weinberger , Franck LENORMAND , Matthias Schiffer , Pankaj Gupta , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org References: <20220222195819.2313913-1-a.fatoum@pengutronix.de> <20220222195819.2313913-4-a.fatoum@pengutronix.de> From: Ahmad Fatoum In-Reply-To: <20220222195819.2313913-4-a.fatoum@pengutronix.de> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SA-Exim-Connect-IP: 2001:67c:670:201:5054:ff:fe8d:eefb X-SA-Exim-Mail-From: a.fatoum@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 22.02.22 20:58, Ahmad Fatoum wrote: > The two existing trusted key sources don't make use of the kernel RNG, > but instead let the hardware that does the sealing/unsealing also > generate the random key material. While a previous change offers users > the choice to use the kernel RNG instead for both, new trust sources > may want to unconditionally use the kernel RNG for generating key > material, like it's done elsewhere in the kernel. > > This is especially prudent for hardware that has proven-in-production > HWRNG drivers implemented, as otherwise code would have to be duplicated > only to arrive at a possibly worse result. > > Make this possible by turning struct trusted_key_ops::get_random > into an optional member. If a driver leaves it NULL, kernel RNG > will be used instead. The rebase on the change in scope of the previous commit made this one here quite small. I would squash it into the previous commit for v6, unless there are objections. > > Acked-by: Sumit Garg > Reviewed-by: David Gstir > Tested-By: Tim Harvey > Signed-off-by: Ahmad Fatoum > --- > To: James Bottomley > To: Jarkko Sakkinen > To: Mimi Zohar > To: David Howells > Cc: James Morris > Cc: "Serge E. Hallyn" > Cc: "Horia Geantă" > Cc: Aymen Sghaier > Cc: Herbert Xu > Cc: "David S. Miller" > Cc: Eric Biggers > Cc: Jan Luebbe > Cc: David Gstir > Cc: Richard Weinberger > Cc: Franck LENORMAND > Cc: Sumit Garg > Cc: Tim Harvey > Cc: Matthias Schiffer > Cc: Pankaj Gupta > Cc: keyrings@vger.kernel.org > Cc: linux-crypto@vger.kernel.org > Cc: linux-integrity@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Cc: linux-security-module@vger.kernel.org > --- > include/keys/trusted-type.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h > index d89fa2579ac0..4eb64548a74f 100644 > --- a/include/keys/trusted-type.h > +++ b/include/keys/trusted-type.h > @@ -64,7 +64,7 @@ struct trusted_key_ops { > /* Unseal a key. */ > int (*unseal)(struct trusted_key_payload *p, char *datablob); > > - /* Get a randomized key. */ > + /* Optional: Get a randomized key. */ > int (*get_random)(unsigned char *key, size_t key_len); > > /* Exit key interface. */ -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |