Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <82c20fa9-8989-4f57-2221-c5fc22972a0f@infradead.org>
Date: Sat, 30 Dec 2017 12:39:17 -0800
From: Randy Dunlap <rdunlap@...radead.org>
To: Dan Aloni <dan@...nelim.com>, linux-kernel@...r.kernel.org,
 kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH 3/5] kernel/printk: allow kmsg to be encrypted using
 public key encryption

On 12/30/2017 09:58 AM, Dan Aloni wrote:
> From: Dan Aloni <dan@...nelim.com>
> 
> This commit enables the kernel to encrypt the free-form text that
> is generated by printk() before it is brought up to `dmesg` in
> userspace.
> 
> The encryption is made using one of the trusted public keys which
> are kept built-in inside the kernel. These keys are presently
> also used for verifying kernel modules and userspace-supplied
> firmwares.
> 
> Signed-off-by: Dan Aloni <dan@...nelim.com>
> ---
>  include/uapi/linux/kmsg.h |  18 ++
>  init/Kconfig              |  10 ++
>  kernel/printk/printk.c    | 422 ++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 450 insertions(+)
>  create mode 100644 include/uapi/linux/kmsg.h
> 
> diff --git a/include/uapi/linux/kmsg.h b/include/uapi/linux/kmsg.h
> new file mode 100644
> index 000000000000..ae74f026d727
> --- /dev/null
> +++ b/include/uapi/linux/kmsg.h
> @@ -0,0 +1,18 @@
> +#ifndef _LINUX_UAPI_KMSG_H
> +#define _LINUX_UAPI_KMSG_H
> +
> +#include <linux/ioctl.h>
> +#include <linux/types.h>
> +
> +struct kmsg_ioctl_get_encrypted_key {
> +	void __user *output_buffer;
> +	__u64 buffer_size;
> +	__u64 key_size;
> +};
> +
> +#define KMSG_IOCTL_BASE 0x42
> +
> +#define KMSG_IOCTL__GET_ENCRYPTED_KEY  _IOWR(KMSG_IOCTL_BASE, 0xe1, \
> +	    struct kmsg_ioctl_get_encrypted_key)
> +

The ioctl info needs to be added to Documentation/ioctl/ioctl-number.txt.
BTW, 0x42 == 'B', with number 0xe1, conflicts with advanced bbus, whatever
that is.  But at least it should be added to the doc file.

> +#endif /* _LINUX_DN_H */

> diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
> index b9006617710f..c50b9cb60b82 100644
> --- a/kernel/printk/printk.c
> +++ b/kernel/printk/printk.c

> @@ -744,12 +755,33 @@ static ssize_t msg_print_ext_body(char *buf, size_t size,
>  	return p - buf;
>  }
>  
> +#ifdef CONFIG_KMSG_ENCRYPTION
> +static int __ro_after_init kmsg_encrypt = 1;
> +static int __init control_kmsg_encrypt(char *str)
> +{
> +	get_option(&str, &kmsg_encrypt);
> +	return 0;
> +}
> +__setup("kmsg.encrypt=", control_kmsg_encrypt);

See comment in the documentation patch:  please change the parameter name (no dot).


-- 
~Randy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.