Received: by 2002:a05:6500:1b41:b0:1fb:d597:ff75 with SMTP id cz1csp296469lqb; Tue, 4 Jun 2024 11:34:16 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXGG0YYFCf42XSyF83DfIbDwN/A4z6jRy936wqd2SvRche39nzdCOvDbfsiXBSlTnTWTo+3rBjItiLYbMfMBQYDu+i27klRDZGNkByU/w== X-Google-Smtp-Source: AGHT+IGioSvtHuHAv29J3BKBWw7nHhNOBo0pP8bZ9UOnUKLzk99Gr36DkXvaTPOJBE+6Lcbj+eWx X-Received: by 2002:a17:90a:fe01:b0:2bd:f4ba:fc3 with SMTP id 98e67ed59e1d1-2c27cbd151emr612009a91.7.1717526056318; Tue, 04 Jun 2024 11:34:16 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717526056; cv=pass; d=google.com; s=arc-20160816; b=oZQg1NJzp8t1vqGe1vkCYLuiRFeyG/732rCNLnzmju/apJpOgJEXUK3MD2rDZOFkgG HJSYd2LrpgLJSAIs7muTPCXFB78Ueo3M1UJDx+/TZv+e89+1gvaufN2AqI2miYOEMIMw EEpuoIcydhemKzRSZIv3sgOnfQUGNKqUiXupxFEpYjbuXnogvMHbem8Bs7eBgsUvSdix buEc8eDTUjhs73/fcaKpjfcyJIaBmsBRBVQU0RHi+FEUlcs0w7j4UQGiTW9MX9VlQI0F cT/iy46Ew+Fwd5ckOOt3jzMgeJX6i3Kc5hCRu69zy7dPXjgczPgwAaNVdqdlKuav98gX uOmg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:cc:to:from:subject:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=aS/37T6wzvPOWQtCJ8Qe4GJumgeszWMqVZtW82pFSMI=; fh=CHHrQno2pKhM7Z98a+kN7KZZerb7j3eOd3zi61PHnlQ=; b=DCz1ChwOSH67tMcu53MDPgXG4B0J0wSTdr+wCc8eQ8r/FknZq8mu+245UKVoMtUgEH UXQ/QSVGxUGD/6UApkbE/LORN86OWH7/PzSqXZ44VxGZW+oCOUxWD5jxYouwW4BEEwVH 7RocscIUzxriDEnB6l6Wm9nYkD1OU1kx2n5qtYT99AjtYliw1WKo/5Sfu72wzOf7MiHx TnOxGYLspl9xt037yg3PqgNy25PnFYoFpSoKSXhMduX4ifeeugkDqqpCg330xFkx/ecy rm1wxkTcEgDwWjpl7az8CtkqwqJnk6gIqzjbugiG7zqC+VaoYDaQKvF8hUcflqG6TGhq I5qg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=WrMIn52w; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4701-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4701-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2c1a77b71afsi2416933a91.94.2024.06.04.11.34.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jun 2024 11:34:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4701-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=WrMIn52w; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4701-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4701-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 68EE7B22812 for ; Tue, 4 Jun 2024 18:08:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2267014A4D1; Tue, 4 Jun 2024 18:08:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="WrMIn52w" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BFEF5179BC; Tue, 4 Jun 2024 18:08:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717524487; cv=none; b=Xxp/H2XBSY8gZpFwRQKOyY93lgAOZVRHqYXtE6PdfrMb+N8pFWTCO/LMZ+w4YylvRsyVQYD55mp+Tfnkz2iZG7tBpKLv7tMGzXA1VE9/ue9D6Q6KxF8bI8Cwgfscz0gcfKuBWNaBAs4KttZXKHUrLx1GZlMpljmD/lIjkSZ1QRA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717524487; c=relaxed/simple; bh=NSPTMuwx9KcCNJAhfWh9J5IIW23EBXou0acUEEypYOw=; h=Mime-Version:Content-Type:Date:Message-Id:Subject:From:To:Cc: References:In-Reply-To; b=jVbbZt7cGsI91qHmzNVGBOUIe/WdF32P+oIX7UXBQKot1Mr3DF2/6Z1SF+LcEkdA6NJQ4JG2p3x1oEtPEbuIQo0BeVyMM3u1u4VqG56OVZeckhHpCl1j7kFTm4sYAGTdLd663rIOtKj8hqdClH1K1rM7mGhPLM6Bjf+ZmbyYh78= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=WrMIn52w; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 06C2AC2BBFC; Tue, 4 Jun 2024 18:08:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717524487; bh=NSPTMuwx9KcCNJAhfWh9J5IIW23EBXou0acUEEypYOw=; h=Date:Subject:From:To:Cc:References:In-Reply-To:From; b=WrMIn52wdfKfEhHzGwaV1Pr93jMN7MkSqau/TchUVXcoY0bNU77+AfhtzpdY2MCOJ bprVAdu8kHTBbRtZKz0EXEr3Z445Gl8lpu9FrZURcmOZweOnMRhYDYluxlhIeDEWEi IgdX2duN3nbCrxA2aTbj29W6FZCo76WpqvtqWdYSAHJo2XgUFKQlOpf/onoGHRZx8M rSxdo6JZcLR+S7i89QvM7ip0cnzIDx9XbFnzAsRMzQ+Zr8OMTq/0dwUrrvriCqQJv/ nX7kXvZyY0AxVULvlb3Rdp3roE0QB19lXelv9CHABPKSWO55soQUCypRBbM+l791T1 0O7A76W1ZNf/g== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 04 Jun 2024 21:08:00 +0300 Message-Id: Subject: Re: [RFC PATCH v2 1/8] certs: Introduce ability to link to a system key From: "Jarkko Sakkinen" To: "Eric Snowberg" , Cc: , , , , , , , , , , , , , , , , , , , , X-Mailer: aerc 0.17.0 References: <20240531003945.44594-1-eric.snowberg@oracle.com> <20240531003945.44594-2-eric.snowberg@oracle.com> In-Reply-To: <20240531003945.44594-2-eric.snowberg@oracle.com> On Fri May 31, 2024 at 3:39 AM EEST, Eric Snowberg wrote: > Introduce a new function to allow a keyring to link to a key contained > within one of the system keyrings (builtin, secondary, or platform). "Introduce system_key_link(), a new function..." I hate when the exact thing added is not immediately transparent from the commit message ;-) Helps a lot when bisecting for instance. > Depending on how the kernel is built, if the machine keyring is > available, it will be checked as well, since it is linked to the secondar= y > keyring. If the asymmetric key id matches a key within one of these > system keyrings, the matching key is linked into the passed in > keyring. > > Signed-off-by: Eric Snowberg > --- > certs/system_keyring.c | 31 +++++++++++++++++++++++++++++++ > include/keys/system_keyring.h | 7 ++++++- > 2 files changed, 37 insertions(+), 1 deletion(-) > > diff --git a/certs/system_keyring.c b/certs/system_keyring.c > index 9de610bf1f4b..94e47b6b3333 100644 > --- a/certs/system_keyring.c > +++ b/certs/system_keyring.c > @@ -426,3 +426,34 @@ void __init set_platform_trusted_keys(struct key *ke= yring) > platform_trusted_keys =3D keyring; > } > #endif > + > +/** > + * system_key_link - Link to a system key "system_key_link() - Link to a system key" > + * @keyring: The keyring to link into > + * @id: The asymmetric key id to look for in the system keyring > + */ Really could use some overview keyrings traversed just as a reminder. > +int system_key_link(struct key *keyring, struct asymmetric_key_id *id) > +{ > + struct key *system_keyring; > + struct key *key; > + > +#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING > + system_keyring =3D secondary_trusted_keys; > +#else > + system_keyring =3D builtin_trusted_keys; > +#endif Why not simply make secondary_trusted_keys in the first place be alias to builtin_trusted_keys when it is not enabled? > + > + key =3D find_asymmetric_key(system_keyring, id, NULL, NULL, false); > + if (!IS_ERR(key)) > + goto found; > + > + key =3D find_asymmetric_key(platform_trusted_keys, id, NULL, NULL, fals= e); > + if (!IS_ERR(key)) > + goto found; > + > + return -ENOKEY; > + > +found: "link:"? Then you could see already from goto statement what will happen next (your call anyway). > + key_link(keyring, key); > + return 0; > +} > diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.= h > index 8365adf842ef..b47ac8e2001a 100644 > --- a/include/keys/system_keyring.h > +++ b/include/keys/system_keyring.h > @@ -9,6 +9,7 @@ > #define _KEYS_SYSTEM_KEYRING_H > =20 > #include > +struct asymmetric_key_id; > =20 > enum blacklist_hash_type { > /* TBSCertificate hash */ > @@ -28,7 +29,7 @@ int restrict_link_by_digsig_builtin(struct key *dest_ke= yring, > const union key_payload *payload, > struct key *restriction_key); > extern __init int load_module_cert(struct key *keyring); > - > +extern int system_key_link(struct key *keyring, struct asymmetric_key_id= *id); > #else > #define restrict_link_by_builtin_trusted restrict_link_reject > #define restrict_link_by_digsig_builtin restrict_link_reject > @@ -38,6 +39,10 @@ static inline __init int load_module_cert(struct key *= keyring) > return 0; > } > =20 > +static inline int system_key_link(struct key *keyring, struct asymmetric= _key_id *id) > +{ > + return 0; > +} > #endif > =20 > #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING BR, Jarkko