Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp931457lqz; Sun, 31 Mar 2024 06:01:48 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXCo6f4S8QcWBtx4Ui3Lt/Tjr6GFCtt9ai3plriad6vkCGaiai8JnudRKJv8drI3BBmtUtJhArYOLQSe24RVhiNL+tljRBiMStJAgqBZg== X-Google-Smtp-Source: AGHT+IHg1tQymNGkNOhNRmgd3xzAMlRlAabOZsc/Zxl+BZRmPNyj3F7dd2l4OSFqpt3UocxkUvwt X-Received: by 2002:a05:6102:460b:b0:478:4d5f:71f1 with SMTP id js11-20020a056102460b00b004784d5f71f1mr4134060vsb.11.1711890108518; Sun, 31 Mar 2024 06:01:48 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711890108; cv=pass; d=google.com; s=arc-20160816; b=uXycAR7AO/VvP39Bz5vMpoIrDAKsOrnEIHXv6M62QezyFHqHFOSZsKpTjlN4qmj03Q WA6mYYloRwMzDrmnv5H6PAZpvZu+kBvuu/FDpSXjKFpEgk4sY0vqYSktxERrvX8TIAWU qd4gUSo5zpjt3tkqRNzH2cPsU7UsF7CqgqkvP3/JSCA7zvrn/O9AtfzPUclESAZ3tCcZ up61X3S4DOnPI9lwxtjN/HzzATQnYcHNRk41VKFB+wIJmsgzrES7T6ziFM1cmPeshgHU v5R5CtGf96PuLNWepKSOKCpFfGJzWWXOrT6PmNPc0pxVFClp0RFF7pY+Sazcn5Q0B3rf e1Ww== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:user-agent:references:in-reply-to :date:cc:to:from:subject:message-id:dkim-signature:dkim-signature; bh=YcTE82GI0NJaL+N+HgRLlm73lrhVsQLq8GM/3tgLmfQ=; fh=IpS5+dVh3wRGMA8GJFjGukWqvQ6H17UfWPLiHcnogDc=; b=ocFE/Zyi5/qIXFQkxBkw4R5wZRA6vWBtNNu7ECxbGyo2g19XMbiHMvPJAH4VHy+Ale qmBTY8SINYA2+31Sf9Ky7O7VBqI+ua9ZVBPsWk96pgZRC0vsR4A1U7gNQzumG9GtRREj fxbNaZ5BWChdwme/k8QS3dgsZXG4xhM410OT03AF5FxhIGBI27qMIKBtuQEGblgriC9B xUPTYGDv3azNbcpelqpM2UBFz8PG3nej2WUGXdXQ+BbKiD1LHmDgB42w37/nlDk/iKIp dUWPt33pupvcq1t64pWWBf/Wh12k7SfpWZJfJhGGPEXtoQRRjRGs3j60vmzCWcNpx/6A 5azA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@hansenpartnership.com header.s=20151216 header.b=La0soKW7; dkim=pass header.i=@hansenpartnership.com header.s=20151216 header.b=LIaNafrJ; arc=pass (i=1 spf=pass spfdomain=hansenpartnership.com dkim=pass dkdomain=hansenpartnership.com dkim=pass dkdomain=hansenpartnership.com dmarc=pass fromdomain=hansenpartnership.com); spf=pass (google.com: domain of linux-crypto+bounces-3168-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3168-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id ia23-20020a0561024b1700b00476e654d130si1032408vsb.280.2024.03.31.06.01.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Mar 2024 06:01:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-3168-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@hansenpartnership.com header.s=20151216 header.b=La0soKW7; dkim=pass header.i=@hansenpartnership.com header.s=20151216 header.b=LIaNafrJ; arc=pass (i=1 spf=pass spfdomain=hansenpartnership.com dkim=pass dkdomain=hansenpartnership.com dkim=pass dkdomain=hansenpartnership.com dmarc=pass fromdomain=hansenpartnership.com); spf=pass (google.com: domain of linux-crypto+bounces-3168-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3168-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 3BB731C2116D for ; Sun, 31 Mar 2024 13:01:48 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5F9E6144D2A; Sun, 31 Mar 2024 13:01:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b="La0soKW7"; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b="LIaNafrJ" X-Original-To: linux-crypto@vger.kernel.org Received: from bedivere.hansenpartnership.com (bedivere.hansenpartnership.com [96.44.175.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4EB92144D13; Sun, 31 Mar 2024 13:01:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=96.44.175.130 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711890091; cv=none; b=WvPUzngRrOueRnV2Pefx7mhU0th7omOAAc1MJxjuJSUf32+EJx8TepY8Fc8CQsxJGE2OazLxCc6eKXZRETcm9d9izt7jpXVnayY8hFQrEQ3zeo4znXKJXTe3Qmt7XkNH2cjMZsu66ouqeZT54uGco7AYaN50ebJJGlVK2yF84SQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711890091; c=relaxed/simple; bh=sDzCySBGc78kD08nnzcKeQyX2gLEvAv/rzqBNe7+CzE=; h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References: Content-Type:MIME-Version; b=JAUKzYw/ASKD64KJvM7Xd0b5VY226JCVMy8cTgvY5DPDVHki8JuJuIpSDniIMzQ2nQnyZYPGtMx6sQnr7lGP9wUa0gWccOerz7z5lCeiK5Vp/mosWK7T9MjxDT0fH5qF3xlyYNm9U3xgFtHlYW17DPut+uMZyi2Syu4nOL6ZmLg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com; spf=pass smtp.mailfrom=HansenPartnership.com; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b=La0soKW7; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b=LIaNafrJ; arc=none smtp.client-ip=96.44.175.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=HansenPartnership.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1711890086; bh=sDzCySBGc78kD08nnzcKeQyX2gLEvAv/rzqBNe7+CzE=; h=Message-ID:Subject:From:To:Date:In-Reply-To:References:From; b=La0soKW7NsRuUh/rimdDOLzAak0a7z/Qw3VmW2h3qshwBezBO5N3vU/HF9TuASSWc 0qt0SsBU/ZTMqwKWrILa0XyIzUDlKvvMNKcysxp8NWXhobpVolWbTiYflaiOrH0m0C 47Tzc2C90RKkz2eV4O1rxIxzuAkw2yv48odeT06E= Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 73D90128681D; Sun, 31 Mar 2024 09:01:26 -0400 (EDT) Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavis, port 10024) with ESMTP id AfUzaoxOPFxH; Sun, 31 Mar 2024 09:01:26 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1711890085; bh=sDzCySBGc78kD08nnzcKeQyX2gLEvAv/rzqBNe7+CzE=; h=Message-ID:Subject:From:To:Date:In-Reply-To:References:From; b=LIaNafrJKwQC0PlYtqfoiToK8eAAYjZpQpkUkk1ND3I5lmO3goivsbWpHTLCHbvPX w7fy0842lTmLlXDwWGLvY5ZQRMnkraJJcVByghLoNujPf+1fHAuB5xXh6FTMV4STZD 1XLB/XMN63MHZOyGAlVmsFDA4kzSgKOx1V4MjlpY= Received: from lingrow.int.hansenpartnership.com (unknown [IPv6:2601:5c4:4302:c21::a774]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id 1659512867AB; Sun, 31 Mar 2024 09:01:25 -0400 (EDT) Message-ID: Subject: Re: [PATCH] KEYS: Add ECDH support From: James Bottomley To: Eric Biggers Cc: Zhang Yiqun , dhowells@redhat.com, jarkko@kernel.org, corbet@lwn.net, keyrings@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org Date: Sun, 31 Mar 2024 09:01:22 -0400 In-Reply-To: <20240331004844.GA104623@sol.localdomain> References: <20240330065506.3146-1-zhangyiqun@phytium.com.cn> <20240330070436.GA2116@sol.localdomain> <087bbfcf95c9014ee8f87d482773244f0833b892.camel@HansenPartnership.com> <20240331004844.GA104623@sol.localdomain> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.4 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit On Sat, 2024-03-30 at 17:48 -0700, Eric Biggers wrote: > On Sat, Mar 30, 2024 at 09:09:51AM -0400, James Bottomley wrote: [...] > > For instance there are people who use the kernel keyring to replace > > ssh-agent and thus *reduce* the attack surface they have for > > storing > > ssh keys: > > > > https://blog.cloudflare.com/the-linux-kernel-key-retention-service-and-why-you-should-use-it-in-your-next-application/ > > > > The same thing could be done with gpg keys or the gnome keyring. > > First, that blog post never actually said that the "replace ssh-agent > with kernel keyrings" idea was deployed.  It sounds like a proof of > concept idea that someone thought was interesting and decided to blog > about.  Upstream OpenSSH has no support for Linux keyrings. The openssh community is incredibly resistant to out of house innovation. It has no support for engine or provider keys, for TPM keys, or for that systemd start patch xz just exploited ... >   It seems unlikely it would get added, especially given the OpenSSH > developers' healthy skepticism of using broken Linux-isms. > You're welcome to bring it up on openssh-unix-dev and get their buy- > in first. I also didn't say just openssh. You picked the one you apparently know hardly ever accepts anyone else's ideas. I don't disagree that finding implementors is reasonable ... I just wouldn't pick openssh as the first upstream target. > Second, as mentioned by the blog post, the kernel also does not > support private keys in the default OpenSSH format.  That sort of > thing is an example of the fundamental problem with trying to make > the kernel support every cryptographic protocol and format in > existence.  Userspace simply has much more flexibility to implement > whatever it happens to need. That's a complete red herring. You don't need the kernel keyrings to support every format, you just need a user space converter to import to the kernel keyring format. Every device or token that can replace key handling has their own internal format and they all come with importers that do conversion. > Third, ssh-agent is already a separate process, and like any other > process the kernel enforces isolation of its address space.  The > potential loopholes are ptrace and coredumps, which ssh-agent already > disables, except for ptrace by root which it can't do alone, but the > system administrator can do that by setting the ptrace_scope sysctl > to 3 or by using SELinux. Well, a) this doesn't survive privilege escalation and b) I don't think many people would buy into the notion that we should remove security functions from the kernel and give them to userspace daemons because it's safer. James