From patchwork Tue Feb 22 19:58:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12755915 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A13DBC4332F for ; Tue, 22 Feb 2022 19:59:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235374AbiBVT7q (ORCPT ); Tue, 22 Feb 2022 14:59:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38666 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235364AbiBVT7o (ORCPT ); Tue, 22 Feb 2022 14:59:44 -0500 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5ECE5E98F4 for ; Tue, 22 Feb 2022 11:59:18 -0800 (PST) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nMbJF-00050W-2Y; Tue, 22 Feb 2022 20:58:53 +0100 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1nMbJC-009hyS-Dw; Tue, 22 Feb 2022 20:58:50 +0100 From: Ahmad Fatoum To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Sumit Garg , David Gstir , Tim Harvey , Ahmad Fatoum , James Morris , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Eric Biggers , Jan Luebbe , Richard Weinberger , Franck LENORMAND , Matthias Schiffer , Pankaj Gupta , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v5 3/5] KEYS: trusted: allow trust sources to use kernel RNG for key material Date: Tue, 22 Feb 2022 20:58:17 +0100 Message-Id: <20220222195819.2313913-4-a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220222195819.2313913-1-a.fatoum@pengutronix.de> References: <20220222195819.2313913-1-a.fatoum@pengutronix.de> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-security-module@vger.kernel.org Precedence: bulk List-ID: The two existing trusted key sources don't make use of the kernel RNG, but instead let the hardware that does the sealing/unsealing also generate the random key material. While a previous change offers users the choice to use the kernel RNG instead for both, new trust sources may want to unconditionally use the kernel RNG for generating key material, like it's done elsewhere in the kernel. This is especially prudent for hardware that has proven-in-production HWRNG drivers implemented, as otherwise code would have to be duplicated only to arrive at a possibly worse result. Make this possible by turning struct trusted_key_ops::get_random into an optional member. If a driver leaves it NULL, kernel RNG will be used instead. Acked-by: Sumit Garg Reviewed-by: David Gstir Tested-By: Tim Harvey Signed-off-by: Ahmad Fatoum Reviewed-by: Pankaj Gupta Acked-by: Pankaj Gupta --- To: James Bottomley To: Jarkko Sakkinen To: Mimi Zohar To: David Howells Cc: James Morris Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Herbert Xu Cc: "David S. Miller" Cc: Eric Biggers Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: Tim Harvey Cc: Matthias Schiffer Cc: Pankaj Gupta Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- include/keys/trusted-type.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h index d89fa2579ac0..4eb64548a74f 100644 --- a/include/keys/trusted-type.h +++ b/include/keys/trusted-type.h @@ -64,7 +64,7 @@ struct trusted_key_ops { /* Unseal a key. */ int (*unseal)(struct trusted_key_payload *p, char *datablob); - /* Get a randomized key. */ + /* Optional: Get a randomized key. */ int (*get_random)(unsigned char *key, size_t key_len); /* Exit key interface. */