Re: [PATCH 0/4][RFC v2] Introduce the in-kernel hibernation encryption
From: Yu Chen
Date: Mon Aug 06 2018 - 06:01:24 EST
On Mon, Aug 06, 2018 at 05:48:04PM +0800, joeyli wrote:
> On Mon, Aug 06, 2018 at 03:57:54PM +0800, Yu Chen wrote:
> > Hi Oliver,
> > On Thu, Jul 26, 2018 at 09:30:46AM +0200, Oliver Neukum wrote:
> > > On Di, 2018-07-24 at 00:23 +0800, Yu Chen wrote:
> > > >
> > > > Good point, we once tried to generate key in kernel, but people
> > > > suggest to generate key in userspace and provide it to the
> > > > kernel, which is what ecryptfs do currently, so it seems this
> > > > should also be safe for encryption in kernel.
> > > > https://www.spinics.net/lists/linux-crypto/msg33145.html
> > > > Thus Chun-Yi's signature can use EFI key and both the key from
> > > > user space.
>
> As Ard and James's comments, the EFI key can not be accepted:
> https://lkml.org/lkml/2018/8/5/135
>
> The lower entropy problem can be covered by RDRAND or EFI random
> protocol. But the key point is that we can not fully trust manufacturer.
> And, the secure boot relies on Microsoft's business interests. It's
> not designed for confidentiality.
>
> So I will move to TPM trusted key + encrypted key.
>
OK.
> > >
> > > Hi,
> > >
> > > ecryptfs can trust user space. It is supposed to keep data
> > > safe while the system is inoperative.
> > Humm, I did not quite get the point here, let's take fscrypt
> > for example, the kernel gets user generated key from user space,
> > and uses per-inode nonce(random bytes) as the master key to
> > do a KDF(key derivation function) on user provided key, and uses
> > that key for encryption. We can also added similar mechanism
> > to generate the key in kernel space but the key should be
> > original from user's provided key(password derived), because
> > the security boot/signature mechanism could not cover the case
> > that, two different users could resume to each other's context
> > because there isn't any certification during resume if it is
> > on the same physical hardware.
> >
>
> Sounds there have two different purposes. One is to prevent that
> the secret in snapshop image be detected/changed outside the machine.
> Another one try to prevent that B user resumes to A user's context
> on the same machine.
>
Yes, it aims to prevent B from resuming to A's context no matter
whether it is on the same hardware or not, and prevents others
from getting the plain content on the disk.
> In the case of B resumes A's context, I still think that the attacker
> must physical accesses the machine. Which means that it's out of EFI
> secure boot's design. Could you please explan the detail for the attack?
>
May I know what attack does it refer to? please refer to another mail I sent to Pavel,
a simple use case has been described.
> So I think that the password from user space is for user authentication,
> and the TPM trusted key is for snapshot image encryption/verification.
>
password generated key could also be used as encryption.
Best,
Yu
> Thanks
> Joey Lee