• Mimi Zohar's avatar
    keys: add new key-type encrypted · 7e70cb49
    Mimi Zohar authored
    Define a new kernel key-type called 'encrypted'. Encrypted keys are kernel
    generated random numbers, which are encrypted/decrypted with a 'trusted'
    symmetric key. Encrypted keys are created/encrypted/decrypted in the kernel.
    Userspace only ever sees/stores encrypted blobs.
    
    Changelog:
    - bug fix: replaced master-key rcu based locking with semaphore
      (reported by David Howells)
    - Removed memset of crypto_shash_digest() digest output
    - Replaced verification of 'key-type:key-desc' using strcspn(), with
      one based on string constants.
    - Moved documentation to Documentation/keys-trusted-encrypted.txt
    - Replace hash with shash (based on comments by David Howells)
    - Make lengths/counts size_t where possible (based on comments by David Howells)
      Could not convert most lengths, as crypto expects 'unsigned int'
      (size_t: on 32 bit is defined as unsigned int, but on 64 bit is unsigned long)
    - Add 'const' where possible (based on comments by David Howells)
    - allocate derived_buf dynamically to support arbitrary length master key
      (fixed by Roberto Sassu)
    - wait until late_initcall for crypto libraries to be registered
    - cleanup security/Kconfig
    - Add missing 'update' keyword (reported/fixed by Roberto Sassu)
    - Free epayload on failure to create key (reported/fixed by Roberto Sassu)
    - Increase the data size limit (requested by Roberto Sassu)
    - Crypto return codes are always 0 on success and negative on failure,
      remove unnecessary tests.
    - Replaced kzalloc() with kmalloc()
    Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
    Signed-off-by: default avatarDavid Safford <safford@watson.ibm.com>
    Reviewed-by: default avatarRoberto Sassu <roberto.sassu@polito.it>
    Signed-off-by: default avatarJames Morris <jmorris@namei.org>
    7e70cb49
Kconfig 7.82 KB