OpenCloudOS-Kernel/Documentation
Frederick Lawler 7984ceb134 crypto: af_alg - Support symmetric encryption via keyring keys
We want to leverage keyring to store sensitive keys, and then use those
keys for symmetric encryption via the crypto API. Among the key types we
wish to support are: user, logon, encrypted, and trusted.

User key types are already able to have their data copied to user space,
but logon does not support this. Further, trusted and encrypted keys will
return their encrypted data back to user space on read, which does not
make them ideal for symmetric encryption.

To support symmetric encryption for these key types, add a new
ALG_SET_KEY_BY_KEY_SERIAL setsockopt() option to the crypto API. This
allows users to pass a key_serial_t to the crypto API to perform
symmetric encryption. The behavior is the same as ALG_SET_KEY, but
the crypto key data is copied in kernel space from a keyring key,
which allows for the support of logon, encrypted, and trusted key types.

Keyring keys must have the KEY_(POS|USR|GRP|OTH)_SEARCH permission set
to leverage this feature. This follows the asymmetric_key type where key
lookup calls eventually lead to keyring_search_rcu() without the
KEYRING_SEARCH_NO_CHECK_PERM flag set.

Signed-off-by: Frederick Lawler <fred@cloudflare.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2022-10-28 12:36:34 +08:00
..
ABI VFIO updates for v6.1-rc1 2022-10-12 14:46:48 -07:00
PCI Fix of heap data and clang warnings, support for a new Intel NTB device, 2022-08-13 14:00:45 -07:00
RCU There's not a huge amount of activity in the docs tree this time around, 2022-10-03 10:23:32 -07:00
accounting filemap: make the accounting of thrashing more consistent 2022-09-26 19:46:06 -07:00
admin-guide PSI updates for v6.1: 2022-10-14 13:03:00 -07:00
arc
arm EFI updates for v6.1 2022-10-09 08:56:54 -07:00
arm64 arm64: errata: Add Cortex-A55 to the repeat tlbi list 2022-10-07 14:42:20 +01:00
block Documentation: document ublk 2022-09-02 09:31:15 -06:00
bpf Networking changes for 6.1. 2022-10-04 13:38:03 -07:00
cdrom
core-api - Yu Zhao's Multi-Gen LRU patches are here. They've been under test in 2022-10-10 17:53:04 -07:00
cpu-freq
crypto crypto: af_alg - Support symmetric encryption via keyring keys 2022-10-28 12:36:34 +08:00
dev-tools linux-kselftest-kunit-6.1-rc1-2 2022-10-12 15:01:58 -07:00
devicetree dt-bindings: crypto: rockchip: add new compatible 2022-10-28 12:36:33 +08:00
doc-guide Rust introduction for v6.1-rc1 2022-10-03 16:39:37 -07:00
driver-api VFIO updates for v6.1-rc1 2022-10-12 14:46:48 -07:00
fault-injection docs: notifier-error-inject: Correct test's name 2022-10-07 10:32:16 -06:00
fb Documentation: fb: udlfb: clean up text and formatting 2022-09-27 13:21:44 -06:00
features
filesystems A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
firmware-guide Merge branches 'acpi-misc', 'acpi-tools' and 'acpi-docs' 2022-10-03 20:03:49 +02:00
firmware_class
fpga
gpu Immutable backlight-detect-refactor branch between acpi, drm-* and pdx86 2022-09-14 12:27:10 +01:00
hid
hwmon hwmon: (corsair-psu) add USB id of new revision of the HX1000i psu 2022-10-02 14:38:55 -07:00
i2c docs: i2c: slave-interface: return errno when handle I2C_SLAVE_WRITE_REQUESTED 2022-09-28 21:41:59 +02:00
ia64
iio docs: iio: add documentation for BNO055 driver 2022-09-21 18:42:56 +01:00
images
infiniband
input Merge branch 'next' into for-linus 2022-10-09 22:30:23 -07:00
isdn
kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
kernel-hacking
leds
litmus-tests
livepatch
locking Remove duplicate words inside documentation 2022-09-27 13:21:43 -06:00
loongarch
m68k
maintainer
mhi
mips
misc-devices
mm A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
netlabel
networking Random number generator fixes for Linux 6.1-rc1. 2022-10-16 15:27:07 -07:00
nios2
nvdimm
openrisc
parisc
pcmcia
peci
power
powerpc powerpc/64s: update cpu selection options 2022-09-28 19:22:10 +10:00
process A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
riscv doc: RISC-V: Document that misaligned accesses are supported 2022-10-12 08:58:10 -07:00
rust x86: enable initial Rust support 2022-09-28 09:02:45 +02:00
s390 vfio/mdev: embedd struct mdev_parent in the parent data structure 2022-10-04 12:06:58 -06:00
scheduler docs: scheduler: Update new path for the sysctl knobs 2022-09-27 13:21:42 -06:00
scsi scsi: docs: Fix a typo 2022-09-01 00:33:34 -04:00
security landlock: Fix documentation style 2022-09-29 18:43:04 +02:00
sh
sound ALSA: doc: Drop snd_dma_continuous_data() usages 2022-08-24 08:00:26 +02:00
sparc
sphinx docs: kerneldoc-preamble: Test xeCJK.sty before loading 2022-08-18 11:27:55 -06:00
sphinx-static
spi
staging docs: put atomic*.txt and memory-barriers.txt into the core-api book 2022-09-29 12:55:06 -06:00
target
timers
tools A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
trace A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
translations A handful of relatively simple documentation fixes, plus a set of patches 2022-10-13 10:58:32 -07:00
usb usbip: add USBIP_URB_* URB transfer flags 2022-08-31 09:07:53 +02:00
userspace-api media updates for v6.1-rc1 2022-10-07 11:04:35 -07:00
virt ARM: 2022-10-11 20:07:44 -07:00
w1 Documentation: W1: minor typo corrections 2022-09-27 13:21:44 -06:00
watchdog
x86 - Get rid of a single ksize() usage 2022-10-04 10:12:08 -07:00
xtensa
.gitignore
Changes
CodingStyle
Kconfig
Makefile
SubmittingPatches
arch.rst
atomic_bitops.txt wait_on_bit: add an acquire memory barrier 2022-08-26 09:30:25 -07:00
atomic_t.txt
conf.py There's not a huge amount of activity in the docs tree this time around, 2022-10-03 10:23:32 -07:00
docutils.conf
dontdiff
index.rst Rust introduction for v6.1-rc1 2022-10-03 16:39:37 -07:00
memory-barriers.txt docs/memory-barriers.txt: Fixup long lines 2022-08-31 05:15:31 -07:00
subsystem-apis.rst docs: Rewrite the front page 2022-09-29 12:55:06 -06:00