1*4882a593Smuzhiyun# SPDX-License-Identifier: GPL-2.0-only 2*4882a593Smuzhiyun# 3*4882a593Smuzhiyun# Key management configuration 4*4882a593Smuzhiyun# 5*4882a593Smuzhiyun 6*4882a593Smuzhiyunconfig KEYS 7*4882a593Smuzhiyun bool "Enable access key retention support" 8*4882a593Smuzhiyun select ASSOCIATIVE_ARRAY 9*4882a593Smuzhiyun help 10*4882a593Smuzhiyun This option provides support for retaining authentication tokens and 11*4882a593Smuzhiyun access keys in the kernel. 12*4882a593Smuzhiyun 13*4882a593Smuzhiyun It also includes provision of methods by which such keys might be 14*4882a593Smuzhiyun associated with a process so that network filesystems, encryption 15*4882a593Smuzhiyun support and the like can find them. 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun Furthermore, a special type of key is available that acts as keyring: 18*4882a593Smuzhiyun a searchable sequence of keys. Each process is equipped with access 19*4882a593Smuzhiyun to five standard keyrings: UID-specific, GID-specific, session, 20*4882a593Smuzhiyun process and thread. 21*4882a593Smuzhiyun 22*4882a593Smuzhiyun If you are unsure as to whether this is required, answer N. 23*4882a593Smuzhiyun 24*4882a593Smuzhiyunconfig KEYS_REQUEST_CACHE 25*4882a593Smuzhiyun bool "Enable temporary caching of the last request_key() result" 26*4882a593Smuzhiyun depends on KEYS 27*4882a593Smuzhiyun help 28*4882a593Smuzhiyun This option causes the result of the last successful request_key() 29*4882a593Smuzhiyun call that didn't upcall to the kernel to be cached temporarily in the 30*4882a593Smuzhiyun task_struct. The cache is cleared by exit and just prior to the 31*4882a593Smuzhiyun resumption of userspace. 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun This allows the key used for multiple step processes where each step 34*4882a593Smuzhiyun wants to request a key that is likely the same as the one requested 35*4882a593Smuzhiyun by the last step to save on the searching. 36*4882a593Smuzhiyun 37*4882a593Smuzhiyun An example of such a process is a pathwalk through a network 38*4882a593Smuzhiyun filesystem in which each method needs to request an authentication 39*4882a593Smuzhiyun key. Pathwalk will call multiple methods for each dentry traversed 40*4882a593Smuzhiyun (permission, d_revalidate, lookup, getxattr, getacl, ...). 41*4882a593Smuzhiyun 42*4882a593Smuzhiyunconfig PERSISTENT_KEYRINGS 43*4882a593Smuzhiyun bool "Enable register of persistent per-UID keyrings" 44*4882a593Smuzhiyun depends on KEYS 45*4882a593Smuzhiyun help 46*4882a593Smuzhiyun This option provides a register of persistent per-UID keyrings, 47*4882a593Smuzhiyun primarily aimed at Kerberos key storage. The keyrings are persistent 48*4882a593Smuzhiyun in the sense that they stay around after all processes of that UID 49*4882a593Smuzhiyun have exited, not that they survive the machine being rebooted. 50*4882a593Smuzhiyun 51*4882a593Smuzhiyun A particular keyring may be accessed by either the user whose keyring 52*4882a593Smuzhiyun it is or by a process with administrative privileges. The active 53*4882a593Smuzhiyun LSMs gets to rule on which admin-level processes get to access the 54*4882a593Smuzhiyun cache. 55*4882a593Smuzhiyun 56*4882a593Smuzhiyun Keyrings are created and added into the register upon demand and get 57*4882a593Smuzhiyun removed if they expire (a default timeout is set upon creation). 58*4882a593Smuzhiyun 59*4882a593Smuzhiyunconfig BIG_KEYS 60*4882a593Smuzhiyun bool "Large payload keys" 61*4882a593Smuzhiyun depends on KEYS 62*4882a593Smuzhiyun depends on TMPFS 63*4882a593Smuzhiyun depends on CRYPTO_LIB_CHACHA20POLY1305 = y 64*4882a593Smuzhiyun help 65*4882a593Smuzhiyun This option provides support for holding large keys within the kernel 66*4882a593Smuzhiyun (for example Kerberos ticket caches). The data may be stored out to 67*4882a593Smuzhiyun swapspace by tmpfs. 68*4882a593Smuzhiyun 69*4882a593Smuzhiyun If you are unsure as to whether this is required, answer N. 70*4882a593Smuzhiyun 71*4882a593Smuzhiyunconfig TRUSTED_KEYS 72*4882a593Smuzhiyun tristate "TRUSTED KEYS" 73*4882a593Smuzhiyun depends on KEYS && TCG_TPM 74*4882a593Smuzhiyun select CRYPTO 75*4882a593Smuzhiyun select CRYPTO_HMAC 76*4882a593Smuzhiyun select CRYPTO_SHA1 77*4882a593Smuzhiyun select CRYPTO_HASH_INFO 78*4882a593Smuzhiyun help 79*4882a593Smuzhiyun This option provides support for creating, sealing, and unsealing 80*4882a593Smuzhiyun keys in the kernel. Trusted keys are random number symmetric keys, 81*4882a593Smuzhiyun generated and RSA-sealed by the TPM. The TPM only unseals the keys, 82*4882a593Smuzhiyun if the boot PCRs and other criteria match. Userspace will only ever 83*4882a593Smuzhiyun see encrypted blobs. 84*4882a593Smuzhiyun 85*4882a593Smuzhiyun If you are unsure as to whether this is required, answer N. 86*4882a593Smuzhiyun 87*4882a593Smuzhiyunconfig ENCRYPTED_KEYS 88*4882a593Smuzhiyun tristate "ENCRYPTED KEYS" 89*4882a593Smuzhiyun depends on KEYS 90*4882a593Smuzhiyun select CRYPTO 91*4882a593Smuzhiyun select CRYPTO_HMAC 92*4882a593Smuzhiyun select CRYPTO_AES 93*4882a593Smuzhiyun select CRYPTO_CBC 94*4882a593Smuzhiyun select CRYPTO_SHA256 95*4882a593Smuzhiyun select CRYPTO_RNG 96*4882a593Smuzhiyun help 97*4882a593Smuzhiyun This option provides support for create/encrypting/decrypting keys 98*4882a593Smuzhiyun in the kernel. Encrypted keys are kernel generated random numbers, 99*4882a593Smuzhiyun which are encrypted/decrypted with a 'master' symmetric key. The 100*4882a593Smuzhiyun 'master' key can be either a trusted-key or user-key type. 101*4882a593Smuzhiyun Userspace only ever sees/stores encrypted blobs. 102*4882a593Smuzhiyun 103*4882a593Smuzhiyun If you are unsure as to whether this is required, answer N. 104*4882a593Smuzhiyun 105*4882a593Smuzhiyunconfig KEY_DH_OPERATIONS 106*4882a593Smuzhiyun bool "Diffie-Hellman operations on retained keys" 107*4882a593Smuzhiyun depends on KEYS 108*4882a593Smuzhiyun select CRYPTO 109*4882a593Smuzhiyun select CRYPTO_HASH 110*4882a593Smuzhiyun select CRYPTO_DH 111*4882a593Smuzhiyun help 112*4882a593Smuzhiyun This option provides support for calculating Diffie-Hellman 113*4882a593Smuzhiyun public keys and shared secrets using values stored as keys 114*4882a593Smuzhiyun in the kernel. 115*4882a593Smuzhiyun 116*4882a593Smuzhiyun If you are unsure as to whether this is required, answer N. 117*4882a593Smuzhiyun 118*4882a593Smuzhiyunconfig KEY_NOTIFICATIONS 119*4882a593Smuzhiyun bool "Provide key/keyring change notifications" 120*4882a593Smuzhiyun depends on KEYS && WATCH_QUEUE 121*4882a593Smuzhiyun help 122*4882a593Smuzhiyun This option provides support for getting change notifications 123*4882a593Smuzhiyun on keys and keyrings on which the caller has View permission. 124*4882a593Smuzhiyun This makes use of pipes to handle the notification buffer and 125*4882a593Smuzhiyun provides KEYCTL_WATCH_KEY to enable/disable watches. 126