Re: [RFC 0/8] PGP key parser using SandBox Mode

From: Jonathan Corbet
Date: Fri Feb 16 2024 - 12:21:57 EST

Next message: Cabiddu, Giovanni: "Re: [PATCH] crypto: qat - uninitialized variable in adf_hb_error_inject_write()"
Previous message: Cristian Marussi: "Re: [PATCH] firmware: arm_scmi: avoid returning uninialized data"
In reply to: Petr Tesařík: "Re: [RFC 0/8] PGP key parser using SandBox Mode"
Next in thread: Roberto Sassu: "Re: [RFC 0/8] PGP key parser using SandBox Mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Petr Tesařík <petr@xxxxxxxxxxx> writes:

> On Fri, 16 Feb 2024 07:38:30 -0800
> Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>> I'm confused by this. The kernel doesn't (appear to) have a PGP parser
>> today. So are you saying that it *should* have one and it's only
>> feasible if its confined in a sandbox?
>
> I'm sorry if this is confusing. Yes, your understanding is correct.
> This patch series demonstrates that SBM (even in the initial version
> that was submitted) allows to write a PGP parser which can survive
> memory safety bugs withoug compromising the rest of the kernel.

So I have a different question: some years ago we added the "usermode
blob" feature for just this kind of use case - parsing firewall rules at
the time. It has never been used for that, but it's still there in
kernel/usermode_driver.c. Is there a reason why this existing
functionality can't be used for tasks like PGP parsing as well?

Thanks,

jon

Next message: Cabiddu, Giovanni: "Re: [PATCH] crypto: qat - uninitialized variable in adf_hb_error_inject_write()"
Previous message: Cristian Marussi: "Re: [PATCH] firmware: arm_scmi: avoid returning uninialized data"
In reply to: Petr Tesařík: "Re: [RFC 0/8] PGP key parser using SandBox Mode"
Next in thread: Roberto Sassu: "Re: [RFC 0/8] PGP key parser using SandBox Mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]