From patchwork Tue Jun 22 12:37:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337243 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7EE8C49EA6 for ; Tue, 22 Jun 2021 12:38:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B0EA36135A for ; Tue, 22 Jun 2021 12:38:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231293AbhFVMlF (ORCPT ); Tue, 22 Jun 2021 08:41:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230377AbhFVMlB (ORCPT ); Tue, 22 Jun 2021 08:41:01 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F20A8C061787 for ; Tue, 22 Jun 2021 05:38:44 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvffV-0001dk-Sp; Tue, 22 Jun 2021 14:38:17 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvffS-0002Py-KA; Tue, 22 Jun 2021 14:38:14 +0200 From: Ahmad Fatoum To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Ahmad Fatoum , James Morris , Eric Biggers , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Udit Agarwal , Jan Luebbe , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 1/6] KEYS: trusted: allow use of TEE as backend without TCG_TPM support Date: Tue, 22 Jun 2021 14:37:47 +0200 Message-Id: X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org With recent rework, trusted keys are no longer limited to TPM as trust source. The Kconfig symbol is unchanged however leading to a few issues: - TCG_TPM is required, even if only TEE is to be used - Enabling TCG_TPM, but excluding it from available trusted sources is not possible - TEE=m && TRUSTED_KEYS=y will lead to TEE support being silently dropped, which is not the best user experience Remedy these issues by introducing two new Kconfig symbols: TRUSTED_KEYS_TPM and TRUSTED_KEYS_TEE with the appropriate dependencies. Signed-off-by: Ahmad Fatoum --- To: James Bottomley To: Jarkko Sakkinen To: Mimi Zohar To: David Howells Cc: James Morris Cc: Eric Biggers Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Udit Agarwal Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- security/keys/Kconfig | 14 ++++++------- security/keys/trusted-keys/Kconfig | 25 ++++++++++++++++++++++++- security/keys/trusted-keys/Makefile | 8 +++++--- security/keys/trusted-keys/trusted_core.c | 4 ++-- 4 files changed, 39 insertions(+), 12 deletions(-) create mode 100644 security/keys/trusted-keys/Kconfig diff --git a/security/keys/Kconfig b/security/keys/Kconfig index 64b81abd087e..6fdb953b319f 100644 --- a/security/keys/Kconfig +++ b/security/keys/Kconfig @@ -70,23 +70,23 @@ config BIG_KEYS config TRUSTED_KEYS tristate "TRUSTED KEYS" - depends on KEYS && TCG_TPM + depends on KEYS select CRYPTO select CRYPTO_HMAC select CRYPTO_SHA1 select CRYPTO_HASH_INFO - select ASN1_ENCODER - select OID_REGISTRY - select ASN1 help This option provides support for creating, sealing, and unsealing keys in the kernel. Trusted keys are random number symmetric keys, - generated and RSA-sealed by the TPM. The TPM only unseals the keys, - if the boot PCRs and other criteria match. Userspace will only ever - see encrypted blobs. + generated and sealed by a trust source selected at kernel boot-time. + Userspace will only ever see encrypted blobs. If you are unsure as to whether this is required, answer N. +if TRUSTED_KEYS +source "security/keys/trusted-keys/Kconfig" +endif + config ENCRYPTED_KEYS tristate "ENCRYPTED KEYS" depends on KEYS diff --git a/security/keys/trusted-keys/Kconfig b/security/keys/trusted-keys/Kconfig new file mode 100644 index 000000000000..24af4aaceebf --- /dev/null +++ b/security/keys/trusted-keys/Kconfig @@ -0,0 +1,25 @@ +config TRUSTED_KEYS_TPM + bool "TPM-based trusted keys" + depends on TCG_TPM >= TRUSTED_KEYS + default y + select ASN1_ENCODER + select OID_REGISTRY + select ASN1 + help + Enable use of the Trusted Platform Module (TPM) as trusted key + backend. Trusted keys are are random number symmetric keys, + which will be generated and RSA-sealed by the TPM. + The TPM only unseals the keys, if the boot PCRs and other + criteria match. + +config TRUSTED_KEYS_TEE + bool "TEE-based trusted keys" + depends on TEE >= TRUSTED_KEYS + default y + help + Enable use of the Trusted Execution Environment (TEE) as trusted + key backend. + +if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE +comment "No trust source selected!" +endif diff --git a/security/keys/trusted-keys/Makefile b/security/keys/trusted-keys/Makefile index feb8b6c3cc79..96fc6c377398 100644 --- a/security/keys/trusted-keys/Makefile +++ b/security/keys/trusted-keys/Makefile @@ -5,10 +5,12 @@ obj-$(CONFIG_TRUSTED_KEYS) += trusted.o trusted-y += trusted_core.o -trusted-y += trusted_tpm1.o +trusted-$(CONFIG_TRUSTED_KEYS_TPM) += trusted_tpm1.o $(obj)/trusted_tpm2.o: $(obj)/tpm2key.asn1.h -trusted-y += trusted_tpm2.o -trusted-y += tpm2key.asn1.o +trusted-$(CONFIG_TRUSTED_KEYS_TPM) += trusted_tpm2.o +trusted-$(CONFIG_TRUSTED_KEYS_TPM) += tpm2key.asn1.o + +trusted-$(CONFIG_TRUSTED_KEYS_TEE) += trusted_tee.o trusted-$(CONFIG_TEE) += trusted_tee.o diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index d5c891d8d353..8cab69e5d0da 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -27,10 +27,10 @@ module_param_named(source, trusted_key_source, charp, 0); MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)"); static const struct trusted_key_source trusted_key_sources[] = { -#if defined(CONFIG_TCG_TPM) +#if defined(CONFIG_TRUSTED_KEYS_TPM) { "tpm", &trusted_key_tpm_ops }, #endif -#if defined(CONFIG_TEE) +#if defined(CONFIG_TRUSTED_KEYS_TEE) { "tee", &trusted_key_tee_ops }, #endif }; From patchwork Tue Jun 22 12:45:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337301 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 818E8C49EA2 for ; Tue, 22 Jun 2021 12:45:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 64A3A6109E for ; Tue, 22 Jun 2021 12:45:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231717AbhFVMsH (ORCPT ); Tue, 22 Jun 2021 08:48:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50010 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231734AbhFVMsG (ORCPT ); Tue, 22 Jun 2021 08:48:06 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45394C061574 for ; Tue, 22 Jun 2021 05:45:51 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvfma-0002yw-65; Tue, 22 Jun 2021 14:45:36 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvfmY-0000ic-Hs; Tue, 22 Jun 2021 14:45:34 +0200 From: Ahmad Fatoum To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Jan Luebbe , Ahmad Fatoum , James Morris , Eric Biggers , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Udit Agarwal , Jan Luebbe , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 2/6] KEYS: trusted: Allow import from existing key material for development Date: Tue, 22 Jun 2021 14:45:19 +0200 Message-Id: <342fe12286b5582b11e8c899bd9a63db2d4bf61c.1624365751.git-series.a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org A key aspect of trusted keys is that they are never disclosed to userspace in plain text. For development and debugging, it can be still useful to be able to supply a key in plain text from userspace. Implement an optional knob to support this according to the semantics Jan and Mimi had agreed on here[1]. [1] https://lore.kernel.org/linux-integrity/e8f149cddce55a4e4615396108e4c900cbec75a8.camel@pengutronix.de/ Suggested-by: Jan Luebbe Cc: Mimi Zohar Signed-off-by: Ahmad Fatoum --- Manual resend. To: James Bottomley To: Jarkko Sakkinen To: Mimi Zohar To: David Howells Cc: James Morris Cc: Eric Biggers Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Udit Agarwal Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- Documentation/security/keys/trusted-encrypted.rst | 14 +++++++++++- security/keys/trusted-keys/Kconfig | 15 +++++++++++- security/keys/trusted-keys/trusted_core.c | 21 ++++++++++++++-- 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst index 80d5a5af62a1..cc2e677b3bb6 100644 --- a/Documentation/security/keys/trusted-encrypted.rst +++ b/Documentation/security/keys/trusted-encrypted.rst @@ -188,6 +188,20 @@ Usage:: specific to TEE device implementation. The key length for new keys is always in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits). +Trusted Keys: import plain-text key for development +--------------------------------------------------- + +Usage:: + + keyctl add trusted name "import hex_key_material" ring + +For kernels built with ``CONFIG_TRUSTED_KEYS_DEVELOPMENT_IMPORT=y``, new +trusted keys can be created from existing key material supplied by userspace, +instead of using random numbers. Once defined, as with random trusted keys, +userspace cannot extract the plain-text key material again and will only +ever see encrypted blobs. This option should *not* be enabled for production +kernels. + Encrypted Keys usage -------------------- diff --git a/security/keys/trusted-keys/Kconfig b/security/keys/trusted-keys/Kconfig index 24af4aaceebf..8bd69b252bf9 100644 --- a/security/keys/trusted-keys/Kconfig +++ b/security/keys/trusted-keys/Kconfig @@ -23,3 +23,18 @@ config TRUSTED_KEYS_TEE if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE comment "No trust source selected!" endif + +config TRUSTED_KEYS_DEVELOPMENT_IMPORT + bool "Allow creating TRUSTED KEYS from existing key material for development" + help + This option adds support for creating new trusted keys from + existing key material supplied by userspace, instead of using + random numbers. Once defined, as with random trusted keys, + userspace cannot extract the plain-text key material again + and will only ever see encrypted blobs. + + This option should *only* be enabled for debugging/development. + Also, consider using 'keyctl padd' instead of 'keyctl add' to + avoid exposing the plain-text key on the process command line. + + If you are unsure as to whether this is required, answer N. diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index 8cab69e5d0da..2223e11c8bb5 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -46,12 +46,13 @@ static unsigned char migratable; enum { Opt_err, - Opt_new, Opt_load, Opt_update, + Opt_new, Opt_load, Opt_import, Opt_update, }; static const match_table_t key_tokens = { {Opt_new, "new"}, {Opt_load, "load"}, + {Opt_import, "import"}, {Opt_update, "update"}, {Opt_err, NULL} }; @@ -100,6 +101,21 @@ static int datablob_parse(char **datablob, struct trusted_key_payload *p) return -EINVAL; ret = Opt_load; break; + case Opt_import: + if (!IS_ENABLED(CONFIG_TRUSTED_KEYS_DEVELOPMENT_IMPORT)) + return -EINVAL; + /* first argument is unsealed blob */ + c = strsep(datablob, " \t"); + if (!c) + return -EINVAL; + p->key_len = strlen(c) / 2; + if (p->key_len < MIN_KEY_SIZE || p->key_len > MAX_KEY_SIZE) + return -EINVAL; + ret = hex2bin(p->key, c, p->key_len); + if (ret < 0) + return -EINVAL; + ret = Opt_import; + break; case Opt_update: ret = Opt_update; break; @@ -187,7 +203,8 @@ static int trusted_instantiate(struct key *key, ret = -EIO; goto out; } - + fallthrough; + case Opt_import: ret = static_call(trusted_key_seal)(payload, datablob); if (ret < 0) pr_info("key_seal failed (%d)\n", ret); From patchwork Tue Jun 22 12:37:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337247 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 328B4C2B9F4 for ; Tue, 22 Jun 2021 12:38:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 203D56135D for ; Tue, 22 Jun 2021 12:38:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231474AbhFVMlL (ORCPT ); Tue, 22 Jun 2021 08:41:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48254 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231153AbhFVMlD (ORCPT ); Tue, 22 Jun 2021 08:41:03 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D4B9C0617AE for ; Tue, 22 Jun 2021 05:38:46 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvffW-0001dm-6Z; Tue, 22 Jun 2021 14:38:18 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvffS-0002Q8-M3; Tue, 22 Jun 2021 14:38:14 +0200 From: Ahmad Fatoum To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Ahmad Fatoum , James Morris , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Udit Agarwal , Jan Luebbe , Eric Biggers , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 3/6] KEYS: trusted: allow users to use kernel RNG for key material Date: Tue, 22 Jun 2021 14:37:49 +0200 Message-Id: <0119a7ef4c9b5420dffcc885338ac06979491cef.1624364386.git-series.a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The two existing trusted key sources don't make use of the kernel RNG, but instead let the hardware doing the sealing/unsealing also generate the random key material. However, Users may want to place less trust into the quality of the trust source's random number generator and instead use the kernel entropy pool, which can be seeded from multiple entropy sources. Make this possible by adding a new trusted.kernel_rng parameter, that will force use of the kernel RNG. In its absence, it's up to the trust source to decide, which random numbers to use, maintaining the existing behavior. Suggested-by: Jarkko Sakkinen Signed-off-by: Ahmad Fatoum --- To: James Bottomley To: Jarkko Sakkinen To: Mimi Zohar To: David Howells Cc: James Morris Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Herbert Xu Cc: "David S. Miller" Cc: Udit Agarwal Cc: Jan Luebbe Cc: Eric Biggers Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- Documentation/admin-guide/kernel-parameters.txt | 7 ++++++- Documentation/security/keys/trusted-encrypted.rst | 20 +++++++++------- security/keys/trusted-keys/trusted_core.c | 17 +++++++++++++- 3 files changed, 35 insertions(+), 9 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index cb89dbdedc46..f8bdc898c354 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5644,6 +5644,13 @@ first trust source as a backend which is initialized successfully during iteration. + trusted.kernel_rng = [KEYS] + Format: + When set to true (1), the kernel random number pool + is used to generate key material for trusted keys. + The default is to leave the RNG's choice to each + individual trust source. + tsc= Disable clocksource stability checks for TSC. Format: [x86] reliable: mark tsc clocksource as reliable, this diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst index cc2e677b3bb6..3fb5562ee937 100644 --- a/Documentation/security/keys/trusted-encrypted.rst +++ b/Documentation/security/keys/trusted-encrypted.rst @@ -87,22 +87,26 @@ Key Generation Trusted Keys ------------ -New keys are created from random numbers generated in the trust source. They -are encrypted/decrypted using a child key in the storage key hierarchy. -Encryption and decryption of the child key must be protected by a strong -access control policy within the trust source. +New keys are created from random numbers. They are encrypted/decrypted using +a child key in the storage key hierarchy. Encryption and decryption of the +child key must be protected by a strong access control policy within the +trust source. The random number generator in use differs according to the +selected trust source: - * TPM (hardware device) based RNG + * TPM: hardware device based RNG - Strength of random numbers may vary from one device manufacturer to - another. + Keys are generated within the TPM. Strength of random numbers may vary + from one device manufacturer to another. - * TEE (OP-TEE based on Arm TrustZone) based RNG + * TEE: OP-TEE based on Arm TrustZone based RNG RNG is customizable as per platform needs. It can either be direct output from platform specific hardware RNG or a software based Fortuna CSPRNG which can be seeded via multiple entropy sources. +Optionally, users may specify ``trusted.kernel_rng=1`` on the kernel +command-line to override the used RNG with the kernel's random number pool. + Encrypted Keys -------------- diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index 2223e11c8bb5..2eeb7117e86b 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -16,12 +16,17 @@ #include #include #include +#include #include #include #include #include #include +static bool trusted_kernel_rng; +module_param_named(kernel_rng, trusted_kernel_rng, bool, 0); +MODULE_PARM_DESC(kernel_rng, "Generate key material from kernel RNG"); + static char *trusted_key_source; module_param_named(source, trusted_key_source, charp, 0); MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)"); @@ -329,8 +334,14 @@ struct key_type key_type_trusted = { }; EXPORT_SYMBOL_GPL(key_type_trusted); +static int kernel_get_random(unsigned char *key, size_t key_len) +{ + return get_random_bytes_wait(key, key_len) ?: key_len; +} + static int __init init_trusted(void) { + int (*get_random)(unsigned char *key, size_t key_len); int i, ret = 0; for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) { @@ -339,6 +350,10 @@ static int __init init_trusted(void) strlen(trusted_key_sources[i].name))) continue; + get_random = trusted_key_sources[i].ops->get_random; + if (trusted_kernel_rng) + get_random = kernel_get_random; + static_call_update(trusted_key_init, trusted_key_sources[i].ops->init); static_call_update(trusted_key_seal, @@ -346,7 +361,7 @@ static int __init init_trusted(void) static_call_update(trusted_key_unseal, trusted_key_sources[i].ops->unseal); static_call_update(trusted_key_get_random, - trusted_key_sources[i].ops->get_random); + get_random); static_call_update(trusted_key_exit, trusted_key_sources[i].ops->exit); migratable = trusted_key_sources[i].ops->migratable; From patchwork Tue Jun 22 12:37:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337245 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11003C49EA2 for ; Tue, 22 Jun 2021 12:38:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F1C8D60FF2 for ; Tue, 22 Jun 2021 12:38:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231386AbhFVMlI (ORCPT ); Tue, 22 Jun 2021 08:41:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48248 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231151AbhFVMlC (ORCPT ); Tue, 22 Jun 2021 08:41:02 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5B6E5C0617AD for ; Tue, 22 Jun 2021 05:38:46 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvffW-0001dn-6X; Tue, 22 Jun 2021 14:38:18 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvffS-0002QD-NB; Tue, 22 Jun 2021 14:38:14 +0200 From: Ahmad Fatoum To: James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells Cc: kernel@pengutronix.de, Ahmad Fatoum , James Morris , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Udit Agarwal , Eric Biggers , Jan Luebbe , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 4/6] KEYS: trusted: allow trust sources to use kernel RNG for key material Date: Tue, 22 Jun 2021 14:37:50 +0200 Message-Id: <77c472a8b373f4a9de646c91214db546bbbe1e81.1624364386.git-series.a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The two existing trusted key sources don't make use of the kernel RNG, but instead let the hardware that does the sealing/unsealing also generate the random key material. While a previous change offers users the choice to use the kernel RNG instead for both, new trust sources may want to unconditionally use the kernel RNG for generating key material, like it's done elsewhere in the kernel. This is especially prudent for hardware that has proven-in-production HWRNG drivers implemented, as otherwise code would have to be duplicated only to arrive at a possibly worse result. Make this possible by turning struct trusted_key_ops::get_random into an optional member. If a driver leaves it NULL, kernel RNG will be used instead. Signed-off-by: Ahmad Fatoum --- To: James Bottomley To: Jarkko Sakkinen To: Mimi Zohar To: David Howells Cc: James Morris Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Herbert Xu Cc: "David S. Miller" Cc: Udit Agarwal Cc: Eric Biggers Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- include/keys/trusted-type.h | 2 +- security/keys/trusted-keys/trusted_core.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h index d89fa2579ac0..4eb64548a74f 100644 --- a/include/keys/trusted-type.h +++ b/include/keys/trusted-type.h @@ -64,7 +64,7 @@ struct trusted_key_ops { /* Unseal a key. */ int (*unseal)(struct trusted_key_payload *p, char *datablob); - /* Get a randomized key. */ + /* Optional: Get a randomized key. */ int (*get_random)(unsigned char *key, size_t key_len); /* Exit key interface. */ diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index 2eeb7117e86b..8d829e6866ca 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -351,7 +351,7 @@ static int __init init_trusted(void) continue; get_random = trusted_key_sources[i].ops->get_random; - if (trusted_kernel_rng) + if (trusted_kernel_rng || !get_random) get_random = kernel_get_random; static_call_update(trusted_key_init, From patchwork Tue Jun 22 12:37:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337239 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4CEBEC48BE5 for ; Tue, 22 Jun 2021 12:38:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 32E296135A for ; Tue, 22 Jun 2021 12:38:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229801AbhFVMlC (ORCPT ); Tue, 22 Jun 2021 08:41:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48226 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229844AbhFVMlA (ORCPT ); Tue, 22 Jun 2021 08:41:00 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 771A0C061766 for ; Tue, 22 Jun 2021 05:38:44 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvffW-0001do-6Z; Tue, 22 Jun 2021 14:38:18 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvffS-0002QI-OM; Tue, 22 Jun 2021 14:38:14 +0200 From: Ahmad Fatoum To: =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" Cc: kernel@pengutronix.de, Ahmad Fatoum , James Bottomley , Jarkko Sakkinen , Mimi Zohar , David Howells , James Morris , Eric Biggers , "Serge E. Hallyn" , Udit Agarwal , Jan Luebbe , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 5/6] crypto: caam - add in-kernel interface for blob generator Date: Tue, 22 Jun 2021 14:37:51 +0200 Message-Id: X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The CAAM can be used to protect user-defined data across system reboot: - When the system is fused and boots into secure state, the master key is a unique never-disclosed device-specific key - random key is encrypted by key derived from master key - data is encrypted using the random key - encrypted data and its encrypted random key are stored alongside - This blob can now be safely stored in non-volatile memory On next power-on: - blob is loaded into CAAM - CAAM writes decrypted data either into memory or key register Add functions to realize encrypting and decrypting into memory alongside the CAAM driver. They will be used in a later commit as a source for the trusted key seal/unseal mechanism. Signed-off-by: Steffen Trumtrar Signed-off-by: Ahmad Fatoum --- To: "Horia Geantă" To: Aymen Sghaier To: Herbert Xu To: "David S. Miller" Cc: James Bottomley Cc: Jarkko Sakkinen Cc: Mimi Zohar Cc: David Howells Cc: James Morris Cc: Eric Biggers Cc: "Serge E. Hallyn" Cc: Udit Agarwal Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: linux-integrity@vger.kernel.org Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- drivers/crypto/caam/Kconfig | 3 +- drivers/crypto/caam/Makefile | 1 +- drivers/crypto/caam/blob_gen.c | 230 ++++++++++++++++++++++++++++++++++- include/soc/fsl/caam-blob.h | 56 ++++++++- 4 files changed, 290 insertions(+) create mode 100644 drivers/crypto/caam/blob_gen.c create mode 100644 include/soc/fsl/caam-blob.h diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 84ea7cba5ee5..ea9f8b1ae981 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -151,6 +151,9 @@ config CRYPTO_DEV_FSL_CAAM_RNG_API Selecting this will register the SEC4 hardware rng to the hw_random API for supplying the kernel entropy pool. +config CRYPTO_DEV_FSL_CAAM_BLOB_GEN + bool + endif # CRYPTO_DEV_FSL_CAAM_JR endif # CRYPTO_DEV_FSL_CAAM diff --git a/drivers/crypto/caam/Makefile b/drivers/crypto/caam/Makefile index 3570286eb9ce..25f7ae5a4642 100644 --- a/drivers/crypto/caam/Makefile +++ b/drivers/crypto/caam/Makefile @@ -21,6 +21,7 @@ caam_jr-$(CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI) += caamalg_qi.o caam_jr-$(CONFIG_CRYPTO_DEV_FSL_CAAM_AHASH_API) += caamhash.o caam_jr-$(CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_API) += caamrng.o caam_jr-$(CONFIG_CRYPTO_DEV_FSL_CAAM_PKC_API) += caampkc.o pkc_desc.o +caam_jr-$(CONFIG_CRYPTO_DEV_FSL_CAAM_BLOB_GEN) += blob_gen.o caam-$(CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI) += qi.o ifneq ($(CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI),) diff --git a/drivers/crypto/caam/blob_gen.c b/drivers/crypto/caam/blob_gen.c new file mode 100644 index 000000000000..513d3f90e438 --- /dev/null +++ b/drivers/crypto/caam/blob_gen.c @@ -0,0 +1,230 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2015 Pengutronix, Steffen Trumtrar + * Copyright (C) 2021 Pengutronix, Ahmad Fatoum + */ + +#include +#include + +#include "compat.h" +#include "desc_constr.h" +#include "desc.h" +#include "error.h" +#include "intern.h" +#include "jr.h" +#include "regs.h" + +struct caam_blob_priv { + struct device jrdev; +}; + +struct caam_blob_job_result { + int err; + struct completion completion; +}; + +static void caam_blob_job_done(struct device *dev, u32 *desc, u32 err, void *context) +{ + struct caam_blob_job_result *res = context; + int ecode = 0; + + dev_dbg(dev, "%s %d: err 0x%x\n", __func__, __LINE__, err); + + if (err) + ecode = caam_jr_strstatus(dev, err); + + res->err = ecode; + + /* + * Upon completion, desc points to a buffer containing a CAAM job + * descriptor which encapsulates data into an externally-storable + * blob. + */ + complete(&res->completion); +} + +static u32 *caam_blob_alloc_desc(size_t keymod_len) +{ + size_t len; + + /* header + (key mod immediate) + 2x pointers + op */ + len = 4 + (4 + ALIGN(keymod_len, 4)) + 2*(4 + 4 + CAAM_PTR_SZ_MAX) + 4; + + if (len > CAAM_DESC_BYTES_MAX) + return NULL; + + return kzalloc(len, GFP_KERNEL | GFP_DMA); +} + +int caam_encap_blob(struct caam_blob_priv *priv, const char *keymod, + void *input, void *output, size_t length) +{ + u32 *desc; + struct device *jrdev = &priv->jrdev; + dma_addr_t dma_in, dma_out; + struct caam_blob_job_result testres; + size_t keymod_len = strlen(keymod); + int ret; + + if (length <= CAAM_BLOB_OVERHEAD || keymod_len > CAAM_BLOB_KEYMOD_LENGTH) + return -EINVAL; + + desc = caam_blob_alloc_desc(keymod_len); + if (!desc) { + dev_err(jrdev, "unable to allocate desc\n"); + return -ENOMEM; + } + + dma_in = dma_map_single(jrdev, input, length - CAAM_BLOB_OVERHEAD, DMA_TO_DEVICE); + if (dma_mapping_error(jrdev, dma_in)) { + dev_err(jrdev, "unable to map input DMA buffer\n"); + ret = -ENOMEM; + goto out_free; + } + + dma_out = dma_map_single(jrdev, output, length, DMA_FROM_DEVICE); + if (dma_mapping_error(jrdev, dma_out)) { + dev_err(jrdev, "unable to map output DMA buffer\n"); + ret = -ENOMEM; + goto out_unmap_in; + } + + /* + * A data blob is encrypted using a blob key (BK); a random number. + * The BK is used as an AES-CCM key. The initial block (B0) and the + * initial counter (Ctr0) are generated automatically and stored in + * Class 1 Context DWords 0+1+2+3. The random BK is stored in the + * Class 1 Key Register. Operation Mode is set to AES-CCM. + */ + + init_job_desc(desc, 0); + append_key_as_imm(desc, keymod, keymod_len, keymod_len, + CLASS_2 | KEY_DEST_CLASS_REG); + append_seq_in_ptr_intlen(desc, dma_in, length - CAAM_BLOB_OVERHEAD, 0); + append_seq_out_ptr_intlen(desc, dma_out, length, 0); + append_operation(desc, OP_TYPE_ENCAP_PROTOCOL | OP_PCLID_BLOB); + + print_hex_dump_debug("data@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, input, + length - CAAM_BLOB_OVERHEAD, false); + print_hex_dump_debug("jobdesc@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, desc, + desc_bytes(desc), false); + + testres.err = 0; + init_completion(&testres.completion); + + ret = caam_jr_enqueue(jrdev, desc, caam_blob_job_done, &testres); + if (ret == -EINPROGRESS) { + wait_for_completion(&testres.completion); + ret = testres.err; + print_hex_dump_debug("output@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, output, + length, false); + } + + dma_unmap_single(jrdev, dma_out, length, DMA_FROM_DEVICE); +out_unmap_in: + dma_unmap_single(jrdev, dma_in, length - CAAM_BLOB_OVERHEAD, DMA_TO_DEVICE); +out_free: + kfree(desc); + + return ret; +} +EXPORT_SYMBOL(caam_encap_blob); + +int caam_decap_blob(struct caam_blob_priv *priv, const char *keymod, + void *input, void *output, size_t length) +{ + u32 *desc; + struct device *jrdev = &priv->jrdev; + dma_addr_t dma_in, dma_out; + struct caam_blob_job_result testres; + size_t keymod_len = strlen(keymod); + int ret; + + if (length <= CAAM_BLOB_OVERHEAD || keymod_len > CAAM_BLOB_KEYMOD_LENGTH) + return -EINVAL; + + desc = caam_blob_alloc_desc(keymod_len); + if (!desc) { + dev_err(jrdev, "unable to allocate desc\n"); + return -ENOMEM; + } + + dma_in = dma_map_single(jrdev, input, length, DMA_TO_DEVICE); + if (dma_mapping_error(jrdev, dma_in)) { + dev_err(jrdev, "unable to map input DMA buffer\n"); + ret = -ENOMEM; + goto out_free; + } + + dma_out = dma_map_single(jrdev, output, length - CAAM_BLOB_OVERHEAD, DMA_FROM_DEVICE); + if (dma_mapping_error(jrdev, dma_out)) { + dev_err(jrdev, "unable to map output DMA buffer\n"); + ret = -ENOMEM; + goto out_unmap_in; + } + + /* + * A data blob is encrypted using a blob key (BK); a random number. + * The BK is used as an AES-CCM key. The initial block (B0) and the + * initial counter (Ctr0) are generated automatically and stored in + * Class 1 Context DWords 0+1+2+3. The random BK is stored in the + * Class 1 Key Register. Operation Mode is set to AES-CCM. + */ + + init_job_desc(desc, 0); + append_key_as_imm(desc, keymod, keymod_len, keymod_len, + CLASS_2 | KEY_DEST_CLASS_REG); + append_seq_in_ptr(desc, dma_in, length, 0); + append_seq_out_ptr(desc, dma_out, length - CAAM_BLOB_OVERHEAD, 0); + append_operation(desc, OP_TYPE_DECAP_PROTOCOL | OP_PCLID_BLOB); + + print_hex_dump_debug("data@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, input, + length, false); + print_hex_dump_debug("jobdesc@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, desc, + desc_bytes(desc), false); + + testres.err = 0; + init_completion(&testres.completion); + + ret = caam_jr_enqueue(jrdev, desc, caam_blob_job_done, &testres); + if (ret == -EINPROGRESS) { + wait_for_completion(&testres.completion); + ret = testres.err; + print_hex_dump_debug("output@"__stringify(__LINE__)": ", + DUMP_PREFIX_ADDRESS, 16, 1, output, + length - CAAM_BLOB_OVERHEAD, false); + } + + dma_unmap_single(jrdev, dma_out, length - CAAM_BLOB_OVERHEAD, DMA_FROM_DEVICE); +out_unmap_in: + dma_unmap_single(jrdev, dma_in, length, DMA_TO_DEVICE); +out_free: + kfree(desc); + + return ret; +} +EXPORT_SYMBOL(caam_decap_blob); + +struct caam_blob_priv *caam_blob_gen_init(void) +{ + struct device *jrdev; + + jrdev = caam_jr_alloc(); + if (IS_ERR(jrdev)) + return ERR_CAST(jrdev); + + return container_of(jrdev, struct caam_blob_priv, jrdev); +} +EXPORT_SYMBOL(caam_blob_gen_init); + +void caam_blob_gen_exit(struct caam_blob_priv *priv) +{ + caam_jr_free(&priv->jrdev); +} +EXPORT_SYMBOL(caam_blob_gen_exit); diff --git a/include/soc/fsl/caam-blob.h b/include/soc/fsl/caam-blob.h new file mode 100644 index 000000000000..aebbc9335f64 --- /dev/null +++ b/include/soc/fsl/caam-blob.h @@ -0,0 +1,56 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2020 Pengutronix, Ahmad Fatoum + */ + +#ifndef __CAAM_BLOB_GEN +#define __CAAM_BLOB_GEN + +#include + +#define CAAM_BLOB_KEYMOD_LENGTH 16 +#define CAAM_BLOB_OVERHEAD (32 + 16) +#define CAAM_BLOB_MAX_LEN 4096 + +struct caam_blob_priv; + +/** caam_blob_gen_init - initialize blob generation + * + * returns either pointer to new caam_blob_priv instance + * or error pointer + */ +struct caam_blob_priv *caam_blob_gen_init(void); + +/** caam_blob_gen_init - free blob generation resources + * + * @priv: instance returned by caam_blob_gen_init + */ +void caam_blob_gen_exit(struct caam_blob_priv *priv); + +/** caam_encap_blob - encapsulate blob + * + * @priv: instance returned by caam_blob_gen_init + * @keymod: string to use as key modifier for blob encapsulation + * can't be longer than CAAM_BLOB_KEYMOD_LENGTH + * @input: buffer which CAAM will DMA from + * @output: buffer which CAAM will DMA to + * @length: buffer length including blob overhead + * CAAM_BLOB_OVERHEAD < length <= CAAM_BLOB_MAX_LEN + */ +int caam_encap_blob(struct caam_blob_priv *priv, const char *keymod, + void *input, void *output, size_t length); + +/** caam_decap_blob - decapsulate blob + * + * @priv: instance returned by caam_blob_gen_init + * @keymod: string to use as key modifier for blob decapsulation + * can't be longer than CAAM_BLOB_KEYMOD_LENGTH + * @input: buffer which CAAM will DMA from + * @output: buffer which CAAM will DMA to + * @length: buffer length including blob overhead + * CAAM_BLOB_OVERHEAD < length <= CAAM_BLOB_MAX_LEN + */ +int caam_decap_blob(struct caam_blob_priv *priv, const char *keymod, + void *input, void *output, size_t length); + +#endif From patchwork Tue Jun 22 12:37:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ahmad Fatoum X-Patchwork-Id: 12337249 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D796BC48BE5 for ; Tue, 22 Jun 2021 12:39:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C0E5360FF2 for ; Tue, 22 Jun 2021 12:39:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231800AbhFVMl7 (ORCPT ); Tue, 22 Jun 2021 08:41:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48248 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231370AbhFVMlH (ORCPT ); Tue, 22 Jun 2021 08:41:07 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7B4FC061768 for ; Tue, 22 Jun 2021 05:38:49 -0700 (PDT) Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvffW-0001dp-6e; Tue, 22 Jun 2021 14:38:18 +0200 Received: from afa by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lvffS-0002QN-PX; Tue, 22 Jun 2021 14:38:14 +0200 From: Ahmad Fatoum To: Jonathan Corbet , David Howells , Jarkko Sakkinen , James Bottomley , Mimi Zohar Cc: kernel@pengutronix.de, Ahmad Fatoum , James Morris , "Serge E. Hallyn" , =?utf-8?q?Horia_Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Udit Agarwal , Eric Biggers , Jan Luebbe , David Gstir , Richard Weinberger , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 6/6] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Date: Tue, 22 Jun 2021 14:37:52 +0200 Message-Id: <39e6d65ca5d2a0a35fb71d6c1f85add8ee489a19.1624364386.git-series.a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:67c:670:100:1d::7 X-SA-Exim-Mail-From: afa@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-integrity@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The Cryptographic Acceleration and Assurance Module (CAAM) is an IP core built into many newer i.MX and QorIQ SoCs by NXP. The CAAM does crypto acceleration, hardware number generation and has a blob mechanism for encapsulation/decapsulation of sensitive material. This blob mechanism depends on a device specific random 256-bit One Time Programmable Master Key that is fused in each SoC at manufacturing time. This key is unreadable and can only be used by the CAAM for AES encryption/decryption of user data. This makes it a suitable backend (source) for kernel trusted keys. Previous commits generalized trusted keys to support multiple backends and added an API to access the CAAM blob mechanism. Based on these, provide the necessary glue to use the CAAM for trusted keys. Signed-off-by: Ahmad Fatoum --- To: Jonathan Corbet To: David Howells To: Jarkko Sakkinen To: James Bottomley To: Mimi Zohar Cc: James Morris Cc: "Serge E. Hallyn" Cc: "Horia Geantă" Cc: Aymen Sghaier Cc: Herbert Xu Cc: "David S. Miller" Cc: Udit Agarwal Cc: Eric Biggers Cc: Jan Luebbe Cc: David Gstir Cc: Richard Weinberger Cc: Franck LENORMAND Cc: Sumit Garg Cc: keyrings@vger.kernel.org Cc: linux-crypto@vger.kernel.org Cc: linux-doc@vger.kernel.org Cc: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux-security-module@vger.kernel.org --- Documentation/admin-guide/kernel-parameters.txt | 1 +- Documentation/security/keys/trusted-encrypted.rst | 42 ++++++++- include/keys/trusted_caam.h | 11 ++- security/keys/trusted-keys/Kconfig | 11 +- security/keys/trusted-keys/Makefile | 2 +- security/keys/trusted-keys/trusted_caam.c | 74 ++++++++++++++++- security/keys/trusted-keys/trusted_core.c | 6 +- 7 files changed, 143 insertions(+), 4 deletions(-) create mode 100644 include/keys/trusted_caam.h create mode 100644 security/keys/trusted-keys/trusted_caam.c diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index f8bdc898c354..4a95369c2bc7 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5639,6 +5639,7 @@ sources: - "tpm" - "tee" + - "caam" If not specified then it defaults to iterating through the trust source list starting with TPM and assigns the first trust source as a backend which is initialized diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst index 3fb5562ee937..3461746b1fbd 100644 --- a/Documentation/security/keys/trusted-encrypted.rst +++ b/Documentation/security/keys/trusted-encrypted.rst @@ -35,6 +35,13 @@ safe. Rooted to Hardware Unique Key (HUK) which is generally burnt in on-chip fuses and is accessible to TEE only. + (3) CAAM (Cryptographic Acceleration and Assurance Module: IP on NXP SoCs) + + When High Assurance Boot (HAB) is enabled and the CAAM is in secure + mode, trust is rooted to the OTPMK, a never-disclosed 256-bit key + randomly generated and fused into each SoC at manufacturing time. + Otherwise, a common fixed test key is used instead. + * Execution isolation (1) TPM @@ -46,6 +53,10 @@ safe. Customizable set of operations running in isolated execution environment verified via Secure/Trusted boot process. + (3) CAAM + + Fixed set of operations running in isolated execution environment. + * Optional binding to platform integrity state (1) TPM @@ -63,6 +74,11 @@ safe. Relies on Secure/Trusted boot process for platform integrity. It can be extended with TEE based measured boot process. + (3) CAAM + + Relies on the High Assurance Boot (HAB) mechanism of NXP SoCs + for platform integrity. + * Interfaces and APIs (1) TPM @@ -74,10 +90,13 @@ safe. TEEs have well-documented, standardized client interface and APIs. For more details refer to ``Documentation/staging/tee.rst``. + (3) CAAM + + Interface is specific to silicon vendor. * Threat model - The strength and appropriateness of a particular TPM or TEE for a given + The strength and appropriateness of a particular trust source for a given purpose must be assessed when using them to protect security-relevant data. @@ -104,8 +123,14 @@ selected trust source: from platform specific hardware RNG or a software based Fortuna CSPRNG which can be seeded via multiple entropy sources. + * CAAM: Kernel RNG + + The normal kernel random number generator is used. To seed it from the + CAAM HWRNG, enable CRYPTO_DEV_FSL_CAAM_RNG_API and ensure the device + can be probed. + Optionally, users may specify ``trusted.kernel_rng=1`` on the kernel -command-line to override the used RNG with the kernel's random number pool. +command-line to force use of the kernel's random number pool. Encrypted Keys -------------- @@ -192,6 +217,19 @@ Usage:: specific to TEE device implementation. The key length for new keys is always in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits). +Trusted Keys usage: CAAM +------------------------ + +Usage:: + + keyctl add trusted name "new keylen" ring + keyctl add trusted name "load hex_blob" ring + keyctl print keyid + +"keyctl print" returns an ASCII hex copy of the sealed key, which is in format +specific to CAAM device implementation. The key length for new keys is always +in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits). + Trusted Keys: import plain-text key for development --------------------------------------------------- diff --git a/include/keys/trusted_caam.h b/include/keys/trusted_caam.h new file mode 100644 index 000000000000..2fba0996b0b0 --- /dev/null +++ b/include/keys/trusted_caam.h @@ -0,0 +1,11 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (C) 2021 Pengutronix, Ahmad Fatoum + */ + +#ifndef __CAAM_TRUSTED_KEY_H +#define __CAAM_TRUSTED_KEY_H + +extern struct trusted_key_ops caam_trusted_key_ops; + +#endif diff --git a/security/keys/trusted-keys/Kconfig b/security/keys/trusted-keys/Kconfig index 8bd69b252bf9..641bed8923ec 100644 --- a/security/keys/trusted-keys/Kconfig +++ b/security/keys/trusted-keys/Kconfig @@ -20,7 +20,16 @@ config TRUSTED_KEYS_TEE Enable use of the Trusted Execution Environment (TEE) as trusted key backend. -if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE +config TRUSTED_KEYS_CAAM + bool "CAAM-based trusted keys" + depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS + select CRYPTO_DEV_FSL_CAAM_BLOB_GEN + default y + help + Enable use of NXP's Cryptographic Accelerator and Assurance Module + (CAAM) as trusted key backend. + +if !TRUSTED_KEYS_TPM && !TRUSTED_KEYS_TEE && !TRUSTED_KEYS_CAAM comment "No trust source selected!" endif diff --git a/security/keys/trusted-keys/Makefile b/security/keys/trusted-keys/Makefile index 96fc6c377398..5788bc07a2ab 100644 --- a/security/keys/trusted-keys/Makefile +++ b/security/keys/trusted-keys/Makefile @@ -14,3 +14,5 @@ trusted-$(CONFIG_TRUSTED_KEYS_TPM) += tpm2key.asn1.o trusted-$(CONFIG_TRUSTED_KEYS_TEE) += trusted_tee.o trusted-$(CONFIG_TEE) += trusted_tee.o + +trusted-$(CONFIG_TRUSTED_KEYS_CAAM) += trusted_caam.o diff --git a/security/keys/trusted-keys/trusted_caam.c b/security/keys/trusted-keys/trusted_caam.c new file mode 100644 index 000000000000..01adfd18adda --- /dev/null +++ b/security/keys/trusted-keys/trusted_caam.c @@ -0,0 +1,74 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2021 Pengutronix, Ahmad Fatoum + */ + +#include +#include +#include +#include +#include + +static struct caam_blob_priv *blobifier; + +#define KEYMOD "kernel:trusted" + +static_assert(MAX_KEY_SIZE + CAAM_BLOB_OVERHEAD <= CAAM_BLOB_MAX_LEN); +static_assert(MAX_BLOB_SIZE <= CAAM_BLOB_MAX_LEN); + +static int trusted_caam_seal(struct trusted_key_payload *p, char *datablob) +{ + int length = p->key_len + CAAM_BLOB_OVERHEAD; + int ret; + + ret = caam_encap_blob(blobifier, KEYMOD, p->key, p->blob, length); + if (ret) + return ret; + + p->blob_len = length; + return 0; +} + +static int trusted_caam_unseal(struct trusted_key_payload *p, char *datablob) +{ + int length = p->blob_len; + int ret; + + ret = caam_decap_blob(blobifier, KEYMOD, p->blob, p->key, length); + if (ret) + return ret; + + p->key_len = length - CAAM_BLOB_OVERHEAD; + return 0; +} + +static int trusted_caam_init(void) +{ + int ret; + + blobifier = caam_blob_gen_init(); + if (IS_ERR(blobifier)) { + pr_err("Job Ring Device allocation for transform failed\n"); + return PTR_ERR(blobifier); + } + + ret = register_key_type(&key_type_trusted); + if (ret) + caam_blob_gen_exit(blobifier); + + return ret; +} + +static void trusted_caam_exit(void) +{ + unregister_key_type(&key_type_trusted); + caam_blob_gen_exit(blobifier); +} + +struct trusted_key_ops caam_trusted_key_ops = { + .migratable = 0, /* non-migratable */ + .init = trusted_caam_init, + .seal = trusted_caam_seal, + .unseal = trusted_caam_unseal, + .exit = trusted_caam_exit, +}; diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c index 8d829e6866ca..21997a5debde 100644 --- a/security/keys/trusted-keys/trusted_core.c +++ b/security/keys/trusted-keys/trusted_core.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -29,7 +30,7 @@ MODULE_PARM_DESC(kernel_rng, "Generate key material from kernel RNG"); static char *trusted_key_source; module_param_named(source, trusted_key_source, charp, 0); -MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)"); +MODULE_PARM_DESC(source, "Select trusted keys source (tpm, tee or caam)"); static const struct trusted_key_source trusted_key_sources[] = { #if defined(CONFIG_TRUSTED_KEYS_TPM) @@ -38,6 +39,9 @@ static const struct trusted_key_source trusted_key_sources[] = { #if defined(CONFIG_TRUSTED_KEYS_TEE) { "tee", &trusted_key_tee_ops }, #endif +#if defined(CONFIG_TRUSTED_KEYS_CAAM) + { "caam", &caam_trusted_key_ops }, +#endif }; DEFINE_STATIC_CALL_NULL(trusted_key_init, *trusted_key_sources[0].ops->init);