security/keys: make BIG_KEYS dependent on stdrng.

Message ID	32083.1473167516@warthog.procyon.org.uk (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-security-module-owner@kernel.org> Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells <dhowells@redhat.com> In-Reply-To: <20160906130618.GA9055@shodan.usersys.redhat.com> References: <20160906130618.GA9055@shodan.usersys.redhat.com> <1473079079-22465-1-git-send-email-asavkov@redhat.com> <25084.1473166729@warthog.procyon.org.uk> To: Artem Savkov <asavkov@redhat.com>, Kirill Marinushkin <k.marinushkin@gmail.com> Cc: dhowells@redhat.com, paul.gortmaker@windriver.com, james.l.morris@oracle.com, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] security/keys: make BIG_KEYS dependent on stdrng. MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <32082.1473167516.1@warthog.procyon.org.uk> Date: Tue, 06 Sep 2016 14:11:56 +0100 Message-ID: <32083.1473167516@warthog.procyon.org.uk> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk

Message ID

32083.1473167516@warthog.procyon.org.uk (mailing list archive)

State

New, archived

Headers

Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley
	Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United
	Kingdom.
	Registered in England and Wales under Company Registration No.
	3798903
From: David Howells <dhowells@redhat.com>
In-Reply-To: <20160906130618.GA9055@shodan.usersys.redhat.com>
References: <20160906130618.GA9055@shodan.usersys.redhat.com>
	<1473079079-22465-1-git-send-email-asavkov@redhat.com>
	<25084.1473166729@warthog.procyon.org.uk>
To: Artem Savkov <asavkov@redhat.com>,
	Kirill Marinushkin <k.marinushkin@gmail.com>
Cc: dhowells@redhat.com, paul.gortmaker@windriver.com,
	james.l.morris@oracle.com, keyrings@vger.kernel.org,
	linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] security/keys: make BIG_KEYS dependent on stdrng.
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <32082.1473167516.1@warthog.procyon.org.uk>
Date: Tue, 06 Sep 2016 14:11:56 +0100
Message-ID: <32083.1473167516@warthog.procyon.org.uk>
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk

Commit Message

David Howells Sept. 6, 2016, 1:11 p.m. UTC

Artem Savkov <asavkov@redhat.com> wrote:

> > > -	select CRYPTO
> > > +	depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y)
> > 
> > Should those be "==" not "="?
> 
> Accodring to Documentation/kbuild/kconfig-language.txt (line 173) it is
> "=" and I can only see "=" being used in existing Kconfigs.

Okay.  The other thing is that I have been given a conflicting patch (see
below).  Is your fix preferable?

David
---
commit 69ed34b303f87a1a53470dd37149ac1573d79da2
Author: Kirill Marinushkin <k.marinushkin@gmail.com>
Date: Mon, 8 Aug 2016 23:19:32 +0200

KEYS: fix big_key dependency

Signed-off-by: Kirill Marinushkin <k.marinushkin@gmail.com>
cc: David Howells <dhowells@redhat.com>
cc: Peter Hlavaty <zer0mem@yahoo.com>
cc: Greg KH <gregkh@linuxfoundation.org>
cc: stable@vger.kernel.org
---
 security/keys/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Stephan Mueller Sept. 6, 2016, 1:16 p.m. UTC | #1

Am Dienstag, 6. September 2016, 14:11:56 CEST schrieb David Howells:

Hi David,

> Artem Savkov <asavkov@redhat.com> wrote:
> > > > -	select CRYPTO
> > > > +	depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y)
> > > 
> > > Should those be "==" not "="?
> > 
> > Accodring to Documentation/kbuild/kconfig-language.txt (line 173) it is
> > "=" and I can only see "=" being used in existing Kconfigs.
> 
> Okay.  The other thing is that I have been given a conflicting patch (see
> below).  Is your fix preferable?

The listed patch only selects the ANSI X9.31 DRNG and thus conflicts with FIPS 
mode and the current default stdrng which is the DRBG.

Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Artem Savkov Sept. 6, 2016, 1:25 p.m. UTC | #2

On Tue, Sep 06, 2016 at 02:11:56PM +0100, David Howells wrote:
> Artem Savkov <asavkov@redhat.com> wrote:
> 
> > > > -	select CRYPTO
> > > > +	depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y)
> > > 
> > > Should those be "==" not "="?
> > 
> > Accodring to Documentation/kbuild/kconfig-language.txt (line 173) it is
> > "=" and I can only see "=" being used in existing Kconfigs.
> 
> Okay.  The other thing is that I have been given a conflicting patch (see
> below).  Is your fix preferable?
> 
> David
> ---
> commit 69ed34b303f87a1a53470dd37149ac1573d79da2
> Author: Kirill Marinushkin <k.marinushkin@gmail.com>
> Date: Mon, 8 Aug 2016 23:19:32 +0200
> 
> KEYS: fix big_key dependency
> 
> Signed-off-by: Kirill Marinushkin <k.marinushkin@gmail.com>
> cc: David Howells <dhowells@redhat.com>
> cc: Peter Hlavaty <zer0mem@yahoo.com>
> cc: Greg KH <gregkh@linuxfoundation.org>
> cc: stable@vger.kernel.org
> ---
>  security/keys/Kconfig | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index f826e87..8213221 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -44,7 +44,7 @@ config BIG_KEYS
>  	select CRYPTO
>  	select CRYPTO_AES
>  	select CRYPTO_ECB
> -	select CRYPTO_RNG
> +	select CRYPTO_ANSI_CPRNG
>  	help
>  	  This option provides support for holding large keys within the kernel
>  	  (for example Kerberos ticket caches).  The data may be stored out to

I would argue that locking a user into a specific stdrng implementation
is not something that should be done when there are options available.

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index f826e87..8213221 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -44,7 +44,7 @@  config BIG_KEYS
 	select CRYPTO
 	select CRYPTO_AES
 	select CRYPTO_ECB
-	select CRYPTO_RNG
+	select CRYPTO_ANSI_CPRNG
 	help
 	  This option provides support for holding large keys within the kernel
 	  (for example Kerberos ticket caches).  The data may be stored out to

security/keys: make BIG_KEYS dependent on stdrng.

Commit Message

Comments

Patch