| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jun 2019 11:13:38 +0530
From: Sumit Garg <sumit.garg@...aro.org>
To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc: keyrings@...r.kernel.org, linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org,
Jens Wiklander <jens.wiklander@...aro.org>, corbet@....net,
dhowells@...hat.com, jejb@...ux.ibm.com, zohar@...ux.ibm.com,
jmorris@...ei.org, serge@...lyn.com,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Daniel Thompson <daniel.thompson@...aro.org>,
linux-doc@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
tee-dev@...ts.linaro.org
Subject: Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys
On Thu, 13 Jun 2019 at 21:02, Jarkko Sakkinen
<jarkko.sakkinen@...ux.intel.com> wrote:
>
> On Thu, Jun 13, 2019 at 04:00:30PM +0530, Sumit Garg wrote:
> > Add support for TEE based trusted keys where TEE provides the functionality
> > to seal and unseal trusted keys using hardware unique key.
> >
> > Refer to Documentation/tee.txt for detailed information about TEE.
> >
> > Approach taken in this patch acts as an alternative to a TPM device in case
> > platform doesn't possess one.
> >
> > Signed-off-by: Sumit Garg <sumit.garg@...aro.org>
>
> How does this interact with the trusted module? Why there is no update
> to security/keys/trusted-encrypted.txt?
>
You already found documentation patch [1].
> Somehow the existing trusted module needs to be re-architected to work
> with either. Otherwise, this will turn out to be a mess.
>
See my reply on this patch [1].
[1] [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys
-Sumit
> /Jarkko
Powered by blists - more mailing lists