Received: by 2002:a05:7412:518d:b0:e2:908c:2ebd with SMTP id fn13csp396049rdb; Thu, 5 Oct 2023 08:58:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGVIY8s1nPnmHUCwsRjA1y2Qc7ss6pH+kGz1IZXVLr/oIFkMsrBXq64J70eOX9q0pjLuYRS X-Received: by 2002:a17:902:a40f:b0:1c8:7800:a241 with SMTP id p15-20020a170902a40f00b001c87800a241mr4386159plq.0.1696521519491; Thu, 05 Oct 2023 08:58:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696521519; cv=none; d=google.com; s=arc-20160816; b=CxHLmjt4r7X3cuH+/TVo5z/QLUsTKs3e7xp1oZpOQ4J5M8NqPKPE6wNh2uo7rcKOe+ oo4ioqIDwLunKupVYg7jF3n7NQ/aHbQkKy9as+QEBjMsI5l//MMHGY1vmqvSvLzvAJpM 9Ge2bzedB5POYCdEoM8f7ziOVQpqtoEPA1hYGiGXJoqvW2d2bVF2UQeE9mc4bqT5ICMH 3zF6g8vWlm11+Fj0tqrHPPy+MRIAHKN5H2cEmFq5RxJUtPgoHeg29SJJAeA+xU6CviEj BZjlQ1ZEgwGmP3dZeCeALh/oC+nGEpJ7aQrLe2Ir66tCmcrpPVNk9lNpKcUt0Lfx1Kt3 30mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=gNhTqcg9MamP3MkFs5WblquKGgZk5VBwGbsPbMcjgg4=; fh=3E1ryY0Z73P1xmNxFM2as7GbRYY5Pw0oMgz0KIC0kQE=; b=zYZpZacPLeQRKUJpQE/rIU8AMuapFvUHfoT3duDc4hVSMAdG983+rtfgujY7Xbfo80 9goWfSIsG9+KzdEIBMLlivzEyNeLszqm5fAn0/1Cdut2PU/GjLrbn6F5AJmvdRsRdwUd 9OZNHEg/wcVihWd9g/e1jnj1TN2TgUblme8Q1EdFdbmQ7vITGnKm5LcavEsY288H+tya hK/FVIot+s+2+wt7Wq7s8OgIrw49eyeR8ouCGCAg6OiWXi3LGLELunVupZ3IsKY1tENV ugHdEpuYGW11M8PYWUck7Yt7uPmjcgK43ZPlGDyfWXSA373q5yDgar41aYlAeWYDdtos CkrA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id kp8-20020a170903280800b001c73f364120si1637435plb.407.2023.10.05.08.58.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 05 Oct 2023 08:58:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 8E3DB88D514F; Thu, 5 Oct 2023 08:58:36 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236198AbjJEP6C (ORCPT + 99 others); Thu, 5 Oct 2023 11:58:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54500 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234417AbjJEP4q (ORCPT ); Thu, 5 Oct 2023 11:56:46 -0400 Received: from bmailout2.hostsharing.net (bmailout2.hostsharing.net [83.223.78.240]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5782E9ED4; Thu, 5 Oct 2023 07:04:49 -0700 (PDT) Received: from h08.hostsharing.net (h08.hostsharing.net [83.223.95.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by bmailout2.hostsharing.net (Postfix) with ESMTPS id 7B1A62800BBF3; Thu, 5 Oct 2023 16:04:47 +0200 (CEST) Received: by h08.hostsharing.net (Postfix, from userid 100393) id 662DD4DD3BE; Thu, 5 Oct 2023 16:04:47 +0200 (CEST) Date: Thu, 5 Oct 2023 16:04:47 +0200 From: Lukas Wunner To: Jonathan Cameron Cc: Bjorn Helgaas , David Howells , David Woodhouse , Herbert Xu , "David S. Miller" , Alex Williamson , linux-pci@vger.kernel.org, linux-cxl@vger.kernel.org, linux-coco@lists.linux.dev, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, kvm@vger.kernel.org, linuxarm@huawei.com, David Box , Dan Williams , Dave Jiang , "Li, Ming" , Zhi Wang , Alistair Francis , Wilfred Mallawa , Alexey Kardashevskiy , Tom Lendacky , Sean Christopherson , Alexander Graf Subject: Re: [PATCH 09/12] PCI/CMA: Validate Subject Alternative Name in certificates Message-ID: <20231005140447.GA23472@wunner.de> References: <20231003160455.00001a4f@Huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231003160455.00001a4f@Huawei.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Thu, 05 Oct 2023 08:58:37 -0700 (PDT) On Tue, Oct 03, 2023 at 04:04:55PM +0100, Jonathan Cameron wrote: > On Thu, 28 Sep 2023 19:32:39 +0200 Lukas Wunner wrote: > > PCIe r6.1 sec 6.31.3 stipulates requirements for X.509 Leaf Certificates > > presented by devices, in particular the presence of a Subject Alternative > > Name extension with a name that encodes the Vendor ID, Device ID, Device > > Serial Number, etc. > > Lets you do any of > * What you have here > * Reference Integrity Manifest, e.g. see Trusted Computing Group > * A pointer to a location where such a Reference Integrity Manifest can be > obtained. > > So this text feels a little strong though I'm fine with only support the > Subject Alternative Name bit for now. Whoever has one of the other options > can add that support :) I intend to amend the commit message as follows. If anyone believes this is inaccurate, please let me know: Side note: Instead of a Subject Alternative Name, Leaf Certificates may include "a Reference Integrity Manifest, e.g., see Trusted Computing Group" or "a pointer to a location where such a Reference Integrity Manifest can be obtained" (PCIe r6.1 sec 6.31.3). A Reference Integrity Manifest contains "golden" measurements which can be compared to actual measurements retrieved from a device. It serves a different purpose than the Subject Alternative Name, hence it is unclear why the spec says only either of them is necessary. It is also unclear how a Reference Integrity Manifest shall be encoded into a certificate. Ignore the Reference Integrity Manifest requirement until this confusion is resolved by a spec update. > I haven't looked asn.1 recently enough to have any confidence on > a review of that bit... > So, for everything except the asn.1 > Reviewed-by: Jonathan Cameron In case it raises the confidence in that portion of the patch, I have tested it successfully not just with certificates containing a single CMA otherName, but also: - a single otherName with a different OID - multiple otherNames with a mix of CMA and other OIDs - multiple otherNames plus additional unrelated dNSNames - no Subject Alternative Name Getting the IMPLICIT annotations right was a bit nontrivial. It turned out that the existing crypto/asymmetric_keys/x509_akid.asn1 got that wrong as well, so I fixed it up as a byproduct of this series: https://git.kernel.org/herbert/cryptodev-2.6/c/a1e452026e6d The debug experience made me appreciate the kernel's ASN.1 compiler and parser though: Their code is surprisingly small, the generated output of the compiler is quite readable and the split architecture with a compiler+parser feels much safer than what openssl does. Thanks, Lukas