Re: [RFC 6/8] KEYS: PGP data parser

From: Roberto Sassu
Date: Fri Feb 16 2024 - 11:54:25 EST

Next message: Manivannan Sadhasivam: "Re: [PATCH 02/10] dt-bindings: PCI: qcom: Do not require 'msi-map-mask'"
Previous message: David Hildenbrand: "Re: [PATCH v3] mm/swap: fix race when skipping swapcache"
In reply to: Matthew Wilcox: "Re: [RFC 6/8] KEYS: PGP data parser"
Next in thread: H. Peter Anvin: "Re: [RFC 6/8] KEYS: PGP data parser"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2024-02-16 at 16:44 +0000, Matthew Wilcox wrote:
> On Fri, Feb 16, 2024 at 04:24:33PM +0100, Petr Tesarik wrote:
> > From: David Howells <dhowells@xxxxxxxxxx>
> >
> > Implement a PGP data parser for the crypto key type to use when
> > instantiating a key.
> >
> > This parser attempts to parse the instantiation data as a PGP packet
> > sequence (RFC 4880) and if it parses okay, attempts to extract a public-key
> > algorithm key or subkey from it.
>
> I don't understand why we want to do this in-kernel instead of in
> userspace and then pass in the actual key.

Sigh, this is a long discussion.

PGP keys would be used as a system-wide trust anchor to verify RPM
package headers, which already contain file digests that can be used as
reference values for kernel-enforced integrity appraisal.

With the assumptions that:

- In a locked-down system the kernel has more privileges than root
- The kernel cannot offload this task to an user space process due to
insufficient isolation

the only available option is to do it in the kernel (that is what I got
as suggestion).

Roberto

Next message: Manivannan Sadhasivam: "Re: [PATCH 02/10] dt-bindings: PCI: qcom: Do not require 'msi-map-mask'"
Previous message: David Hildenbrand: "Re: [PATCH v3] mm/swap: fix race when skipping swapcache"
In reply to: Matthew Wilcox: "Re: [RFC 6/8] KEYS: PGP data parser"
Next in thread: H. Peter Anvin: "Re: [RFC 6/8] KEYS: PGP data parser"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]