1
0
Fork 0
remarkable-linux/include
Mimi Zohar d00a1c72f7 keys: add new trusted key-type
Define a new kernel key-type called 'trusted'.  Trusted keys are random
number symmetric keys, generated and RSA-sealed by the TPM.  The TPM
only unseals the keys, if the boot PCRs and other criteria match.
Userspace can only ever see encrypted blobs.

Based on suggestions by Jason Gunthorpe, several new options have been
added to support additional usages.

The new options are:
migratable=  designates that the key may/may not ever be updated
             (resealed under a new key, new pcrinfo or new auth.)

pcrlock=n    extends the designated PCR 'n' with a random value,
             so that a key sealed to that PCR may not be unsealed
             again until after a reboot.

keyhandle=   specifies the sealing/unsealing key handle.

keyauth=     specifies the sealing/unsealing key auth.

blobauth=    specifies the sealed data auth.

Implementation of a kernel reserved locality for trusted keys will be
investigated for a possible future extension.

Changelog:
- Updated and added examples to Documentation/keys-trusted-encrypted.txt
- Moved generic TPM constants to include/linux/tpm_command.h
  (David Howell's suggestion.)
- trusted_defined.c: replaced kzalloc with kmalloc, added pcrlock failure
  error handling, added const qualifiers where appropriate.
- moved to late_initcall
- updated from hash to shash (suggestion by David Howells)
- reduced worst stack usage (tpm_seal) from 530 to 312 bytes
- moved documentation to Documentation directory (suggestion by David Howells)
- all the other code cleanups suggested by David Howells
- Add pcrlock CAP_SYS_ADMIN dependency (based on comment by Jason Gunthorpe)
- New options: migratable, pcrlock, keyhandle, keyauth, blobauth (based on
  discussions with Jason Gunthorpe)
- Free payload on failure to create key(reported/fixed by Roberto Sassu)
- Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion)
- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)

Signed-off-by: David Safford <safford@watson.ibm.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-29 08:55:25 +11:00
..
acpi Merge branch 'misc' into release 2010-10-26 14:51:00 -04:00
asm-generic asm-generic/stat.h: support 64-bit file time_t for stat() 2010-11-01 15:31:29 -04:00
crypto Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-10-24 13:41:39 -07:00
drm drm/nouveau: Expose some BO usage flags to userspace. 2010-11-18 14:38:29 +10:00
keys keys: add new trusted key-type 2010-11-29 08:55:25 +11:00
linux keys: add new trusted key-type 2010-11-29 08:55:25 +11:00
math-emu
media Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6 2010-10-28 09:35:11 -07:00
mtd mtd: Define MLC Flash as a different flash type 2010-10-25 00:50:20 +01:00
net Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2010-11-18 11:56:09 -08:00
pcmcia pcmcia: IOCARD is also required for using IRQs 2010-10-22 08:46:36 +02:00
rdma IB/core: Add VLAN support for IBoE 2010-10-25 10:20:39 -07:00
rxrpc
scsi SCSI host lock push-down 2010-11-16 13:33:23 -08:00
sound ARM: mach-shmobile: ap4evb: FSI clock use proper process for HDMI 2010-11-24 15:29:56 +09:00
trace ext4: Add new ext4 inode tracepoints 2010-11-08 13:51:33 -05:00
video fbdev: da8xx: punt duplicated FBIO_WAITFORVSYNC define 2010-11-16 10:14:22 +09:00
xen Merge branches 'upstream/core', 'upstream/xenfs' and 'upstream/evtchn' into upstream/for-linus 2010-11-22 12:22:42 -08:00
Kbuild