LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

An API for user-space access to kernel cryptography

An API for user-space access to kernel cryptography

Posted Aug 30, 2010 10:33 UTC (Mon) by dd9jn (subscriber, #4459)
Parent article: An API for user-space access to kernel cryptography

There is another reason why some people think that pushing crypto into the kernel is the right thing: It makes it easier to get a FIPS 140 validation.

One important topic there is to separate the code to handle the keys from the application. Using a validated library is not a real option because a process using a validated library still has full access to the code and data of that library. Thus it seems to them easier to define the crypto module boundary as the kernel mode - code and data living there is natuarally protected from any user process.

From a software engineering POV and also for easier auditing it would be far better to move the crypto code into a daemon which may then be validated. This will give a very nice and enforceable crypto module boundary. The claimed drawback is a performace penalty.

Of course this does not solve the general problem that the kernel has access to everything. But it offers a better migration path to some future (capability based) microkernel.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds