[PATCH v10 2/7] KEYS: trusted: allow use of kernel RNG for key material
Ahmad Fatoum
a.fatoum at pengutronix.de
Tue May 17 16:25:08 UTC 2022
Hello Mimi,
[Cc'ing RNG maintainers in case they want to chime in]
On 17.05.22 17:52, Mimi Zohar wrote:
> On Fri, 2022-05-13 at 16:57 +0200, Ahmad Fatoum wrote:
>> static int __init init_trusted(void)
>> {
>> + int (*get_random)(unsigned char *key, size_t key_len);
>> int i, ret = 0;
>>
>> for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) {
>> @@ -322,6 +333,28 @@ static int __init init_trusted(void)
>> strlen(trusted_key_sources[i].name)))
>> continue;
>>
>> + /*
>> + * We always support trusted.rng="kernel" and "default" as
>> + * well as trusted.rng=$trusted.source if the trust source
>> + * defines its own get_random callback.
>> + */
>
> While TEE trusted keys support was upstreamed, there was a lot of
> discussion about using kernel RNG. One of the concerns was lack of or
> insuffiencent entropy during early boot on embedded devices. This
> concern needs to be clearly documented in both Documentation/admin-
> guide/kernel-parameters.txt and Documentation/security/keys/trusted-
> encrypted.rst.
If a user decides to use kernel RNG for trusted keys, wait_for_random_bytes()
called first thing in the used get_random_bytes_wait() will (quoting
documentation) "wait for the input pool to be seeded and thus [is] guaranteed
to supply cryptographically secure random numbers."
Does this address your concerns about Kernel RNG use?
Thanks,
Ahmad
>
> thanks,
>
> Mimi
>
>> + get_random = trusted_key_sources[i].ops->get_random;
>> + if (trusted_rng && strcmp(trusted_rng, "default")) {
>> + if (!strcmp(trusted_rng, "kernel")) {
>> + get_random = kernel_get_random;
>> + } else if (strcmp(trusted_rng, trusted_key_sources[i].name) ||
>> + !get_random) {
>> + pr_warn("Unsupported RNG. Supported: kernel");
>> + if (get_random)
>> + pr_cont(", %s", trusted_key_sources[i].name);
>> + pr_cont(", default\n");
>> + return -EINVAL;
>> + }
>> + }
>> +
>> + if (!get_random)
>> + get_random = kernel_get_random;
>> +
>> static_call_update(trusted_key_init,
>> trusted_key_sources[i].ops->init);
>
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the Linux-security-module-archive
mailing list