[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <DU2PR04MB8630BED11334D94A25731F3695239@DU2PR04MB8630.eurprd04.prod.outlook.com>
Date: Tue, 11 Oct 2022 11:32:43 +0000
From: Pankaj Gupta <pankaj.gupta@....com>
To: 'Herbert Xu' <herbert@...dor.apana.org.au>,
"Jason A. Donenfeld" <Jason@...c4.com>
CC: "jarkko@...nel.org" <jarkko@...nel.org>,
"a.fatoum@...gutronix.de" <a.fatoum@...gutronix.de>,
"gilad@...yossef.com" <gilad@...yossef.com>,
"jejb@...ux.ibm.com" <jejb@...ux.ibm.com>,
"zohar@...ux.ibm.com" <zohar@...ux.ibm.com>,
"dhowells@...hat.com" <dhowells@...hat.com>,
"sumit.garg@...aro.org" <sumit.garg@...aro.org>,
"david@...ma-star.at" <david@...ma-star.at>,
"michael@...le.cc" <michael@...le.cc>,
"john.ernberg@...ia.se" <john.ernberg@...ia.se>,
"jmorris@...ei.org" <jmorris@...ei.org>,
"serge@...lyn.com" <serge@...lyn.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"j.luebbe@...gutronix.de" <j.luebbe@...gutronix.de>,
"ebiggers@...nel.org" <ebiggers@...nel.org>,
"richard@....at" <richard@....at>,
"keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-security-module@...r.kernel.org"
<linux-security-module@...r.kernel.org>,
Sahil Malhotra <sahil.malhotra@....com>,
Kshitiz Varshney <kshitiz.varshney@....com>,
Horia Geanta <horia.geanta@....com>,
Varun Sethi <V.Sethi@....com>
Subject: RE: [EXT] Re: [PATCH v0 3/8] crypto: hbk flags & info added to the
tfm
> -----Original Message-----
> From: Herbert Xu <herbert@...dor.apana.org.au>
> Sent: Tuesday, October 11, 2022 2:34 PM
> To: Jason A. Donenfeld <Jason@...c4.com>
> Cc: Pankaj Gupta <pankaj.gupta@....com>; jarkko@...nel.org;
> a.fatoum@...gutronix.de; gilad@...yossef.com; jejb@...ux.ibm.com;
> zohar@...ux.ibm.com; dhowells@...hat.com; sumit.garg@...aro.org;
> david@...ma-star.at; michael@...le.cc; john.ernberg@...ia.se;
> jmorris@...ei.org; serge@...lyn.com; davem@...emloft.net;
> j.luebbe@...gutronix.de; ebiggers@...nel.org; richard@....at;
> keyrings@...r.kernel.org; linux-crypto@...r.kernel.org; linux-
> integrity@...r.kernel.org; linux-kernel@...r.kernel.org; linux-security-
> module@...r.kernel.org; Sahil Malhotra <sahil.malhotra@....com>; Kshitiz
> Varshney <kshitiz.varshney@....com>; Horia Geanta
> <horia.geanta@....com>; Varun Sethi <V.Sethi@....com>
> Subject: Re: [EXT] Re: [PATCH v0 3/8] crypto: hbk flags & info added to the
> tfm
>
> Caution: EXT Email
>
> On Mon, Oct 10, 2022 at 09:15:48AM -0600, Jason A. Donenfeld wrote:
> >
> > Do you mean to say that other drivers that use hardware-backed keys do
> > so by setting "cra_name" to something particular? Like instead of "aes"
> > it'd be "aes-but-special-for-this-driver"? If so, that would seem to
> > break the design of the crypto API. Which driver did you see that does
> > this? Or perhaps, more generally, what are the drivers that Herbert is
> > talking about when he mentions the "plenty of existing drivers" that
> > already do this?
>
> Grep for paes for the existing drivers that support this. I don't have anything
> against this feature per se, but the last thing we want is a proliferation of
> different ways of doing the same thing.
Our goal is to have a generic solution, which can be extended to any driver dealing with:
- Generating HBK and adding to trusted keyring.
- Using the trusted keyring's HBK for crypto operation.
With this framework in place, driver specific custom changes can be avoided, bridging the interface-gap of:
kernel-keyring <-> kernel-crypto-layer.
Thanks.
>
> Cheers,
> --
> Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondo
> r.apana.org.au%2F~herbert%2F&data=05%7C01%7Cpankaj.gupta%40nx
> p.com%7C4ef27fc922d04350ca9f08daab67a1a3%7C686ea1d3bc2b4c6fa92cd9
> 9c5c301635%7C0%7C0%7C638010758832054902%7CUnknown%7CTWFpbGZs
> b3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn
> 0%3D%7C3000%7C%7C%7C&sdata=SOguJ9LGhSCDmspbjDIEzkQLk9Bz%
> 2FsS0B%2BLNc4gzRo8%3D&reserved=0
> PGP Key:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondo
> r.apana.org.au%2F~herbert%2Fpubkey.txt&data=05%7C01%7Cpankaj.g
> upta%40nxp.com%7C4ef27fc922d04350ca9f08daab67a1a3%7C686ea1d3bc2b
> 4c6fa92cd99c5c301635%7C0%7C0%7C638010758832054902%7CUnknown%7C
> TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiL
> CJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hCzT2fPfJ%2BBNVqN6JR
> wMx9zNJkqvdRSLrR68ubhCvN4%3D&reserved=0
Powered by blists - more mailing lists