Boot crypto framework patch, need testers

Eric McCorkle eric at metricspace.net
Sun Apr 3 00:04:35 UTC 2016


Hello,

I've put together the following patch as part of a larger body of work I'm pursuing: https://github.com/emc2/freebsd/tree/boot_crypto

This isn't a big patch, but it's aiming to be a central hub for boot-time crypto, so it needs due consideration.  This patch basically pulls all the crypto bits out of the recent geliboot work and moves them into a separate module, called "boot_crypto".  This is supposed to be a behavior-neutral patch, so it should be possible to drop it in to existing systems and have it Just Work.  I'm not aware of other areas in the boot ecosystem that use crypto, but if there are, they should probably be moved onto this framework as well.

After studying the kernel crypto framework, GELI, and others, I have elected NOT to try to design an interface for asking for passwords securely, storing keys, and other functionality I had previously contemplated.  The existing frameworks just don't support that kind of thing.

I'm ok with this being reviewed to go in as-is, or it can be done as part of my (very nearly finished) GELI EFI work.  Whatever the decision, though, this is probably the best point to test that it doesn't break the existing geliboot functionality.

The rationale for doing this code reorganization follows:
* It helps avoid duplication and extra work for things like the EFI work
* It makes it easier to add support for more ciphers (camellia and blowfish are unsupported in the current boot GELI implementation, for example, and activity in the crypto world suggests new ciphers/modes will be arriving)
* It lowers the overhead of implementing other crypto-based functionality at boot time (gbde, ZFS encryption, secure boot, etc)
* Boot crypto functionality has different enough needs (simplicity, small code size, etc) to warrant a boot-specific interface.
* It's much easier to install an interface like this one when there are few consumers than to rip out 5-6 random ad-hoc crypto implementations at some point in the future. *Especially* in a boot loader.

Please review, test, and provide feedback.

Thanks,
Eric


More information about the freebsd-hackers mailing list