diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2010-11-23 18:55:35 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-11-29 08:55:29 +1100 |
commit | 7e70cb4978507cf31d76b90e4cfb4c28cad87f0c (patch) | |
tree | c5df493eef8d30dcb40d647b0528970eb4a391c6 /security/Kconfig | |
parent | d00a1c72f7f4661212299e6cb132dfa58030bcdb (diff) | |
download | lwn-7e70cb4978507cf31d76b90e4cfb4c28cad87f0c.tar.gz lwn-7e70cb4978507cf31d76b90e4cfb4c28cad87f0c.zip |
keys: add new key-type encrypted
Define a new kernel key-type called 'encrypted'. Encrypted keys are kernel
generated random numbers, which are encrypted/decrypted with a 'trusted'
symmetric key. Encrypted keys are created/encrypted/decrypted in the kernel.
Userspace only ever sees/stores encrypted blobs.
Changelog:
- bug fix: replaced master-key rcu based locking with semaphore
(reported by David Howells)
- Removed memset of crypto_shash_digest() digest output
- Replaced verification of 'key-type:key-desc' using strcspn(), with
one based on string constants.
- Moved documentation to Documentation/keys-trusted-encrypted.txt
- Replace hash with shash (based on comments by David Howells)
- Make lengths/counts size_t where possible (based on comments by David Howells)
Could not convert most lengths, as crypto expects 'unsigned int'
(size_t: on 32 bit is defined as unsigned int, but on 64 bit is unsigned long)
- Add 'const' where possible (based on comments by David Howells)
- allocate derived_buf dynamically to support arbitrary length master key
(fixed by Roberto Sassu)
- wait until late_initcall for crypto libraries to be registered
- cleanup security/Kconfig
- Add missing 'update' keyword (reported/fixed by Roberto Sassu)
- Free epayload on failure to create key (reported/fixed by Roberto Sassu)
- Increase the data size limit (requested by Roberto Sassu)
- Crypto return codes are always 0 on success and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: David Safford <safford@watson.ibm.com>
Reviewed-by: Roberto Sassu <roberto.sassu@polito.it>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/Kconfig')
-rw-r--r-- | security/Kconfig | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 24b8f9b491b8..95accd442d55 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -36,6 +36,22 @@ config TRUSTED_KEYS If you are unsure as to whether this is required, answer N. +config ENCRYPTED_KEYS + tristate "ENCRYPTED KEYS" + depends on KEYS && TRUSTED_KEYS + select CRYPTO_AES + select CRYPTO_CBC + select CRYPTO_SHA256 + select CRYPTO_RNG + help + This option provides support for create/encrypting/decrypting keys + in the kernel. Encrypted keys are kernel generated random numbers, + which are encrypted/decrypted with a 'master' symmetric key. The + 'master' key can be either a trusted-key or user-key type. + Userspace only ever sees/stores encrypted blobs. + + If you are unsure as to whether this is required, answer N. + config KEYS_DEBUG_PROC_KEYS bool "Enable the /proc/keys file by which keys may be viewed" depends on KEYS |