On Mon, Oct 17, 2022 at 02:25:00PM -0500, Frederick Lawler wrote: > We want to leverage keyring to store sensitive keys, and then use those > keys for symmetric encryption via the crypto API. Among the key types we > wish to support are: user, logon, encrypted, and trusted. > > User key types are already able to have their data copied to user space, > but logon does not support this. Further, trusted and encrypted keys will > return their encrypted data back to user space on read, which does not > make them ideal for symmetric encryption. > > To support symmetric encryption for these key types, add a new > ALG_SET_KEY_BY_KEY_SERIAL setsockopt() option to the crypto API. This > allows users to pass a key_serial_t to the crypto API to perform > symmetric encryption. The behavior is the same as ALG_SET_KEY, but > the crypto key data is copied in kernel space from a keyring key, > which allows for the support of logon, encrypted, and trusted key types. > > Keyring keys must have the KEY_(POS|USR|GRP|OTH)_SEARCH permission set > to leverage this feature. This follows the asymmetric_key type where key > lookup calls eventually lead to keyring_search_rcu() without the > KEYRING_SEARCH_NO_CHECK_PERM flag set. > > Signed-off-by: Frederick Lawler <fred@xxxxxxxxxxxxxx> > --- > RFC: https://lore.kernel.org/all/20221004212927.1539105-1-fred@xxxxxxxxxxxxxx/ > > We have an idea for handling the case of leaking key data with bad > algorithms, but asymmetric keys currently have the same problem if any were > added as a akcipher type. If KEY_*_SEARCH is not good enough, we thought > of possibly implementing a KConfig such that we disable leaky algorithms > when selected, or possibly the inverse where if a leaky algorithm is > enabled, we don't allow to enable this. The problem there is now there's > a list to maintain. > --- > Documentation/crypto/userspace-if.rst | 15 ++- > crypto/af_alg.c | 135 +++++++++++++++++++++++++- > include/uapi/linux/if_alg.h | 1 + > 3 files changed, 147 insertions(+), 4 deletions(-) Patch applied. Thanks. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt