lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <DB6PR04MB3190EB5F5C037A742138BE118F062@DB6PR04MB3190.eurprd04.prod.outlook.com>
Date: Wed, 10 Apr 2024 07:13:35 +0000
From: Kshitiz Varshney <kshitiz.varshney@....com>
To: Ahmad Fatoum <a.fatoum@...gutronix.de>, David Gstir <david@...ma-star.at>,
	Mimi Zohar <zohar@...ux.ibm.com>, James Bottomley <jejb@...ux.ibm.com>,
	Jarkko Sakkinen <jarkko@...nel.org>, Herbert Xu
	<herbert@...dor.apana.org.au>, "David S. Miller" <davem@...emloft.net>
CC: "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>, Gaurav Jain
	<gaurav.jain@....com>, Catalin Marinas <catalin.marinas@....com>, David
 Howells <dhowells@...hat.com>, "keyrings@...r.kernel.org"
	<keyrings@...r.kernel.org>, Fabio Estevam <festevam@...il.com>, Paul Moore
	<paul@...l-moore.com>, Jonathan Corbet <corbet@....net>, Richard Weinberger
	<richard@....at>, "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>, James
 Morris <jmorris@...ei.org>, dl-linux-imx <linux-imx@....com>, "Serge E.
 Hallyn" <serge@...lyn.com>, "Paul E. McKenney" <paulmck@...nel.org>, Sascha
 Hauer <s.hauer@...gutronix.de>, Pankaj Gupta <pankaj.gupta@....com>, sigma
 star Kernel Team <upstream+dcp@...ma-star.at>, "Steven Rostedt (Google)"
	<rostedt@...dmis.org>, David Oberhollenzer
	<david.oberhollenzer@...ma-star.at>, "linux-arm-kernel@...ts.infradead.org"
	<linux-arm-kernel@...ts.infradead.org>, "linuxppc-dev@...ts.ozlabs.org"
	<linuxppc-dev@...ts.ozlabs.org>, Randy Dunlap <rdunlap@...radead.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Li Yang
	<leoyang.li@....com>, "linux-security-module@...r.kernel.org"
	<linux-security-module@...r.kernel.org>, "linux-crypto@...r.kernel.org"
	<linux-crypto@...r.kernel.org>, Pengutronix Kernel Team
	<kernel@...gutronix.de>, Tejun Heo <tj@...nel.org>,
	"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>, Shawn
 Guo <shawnguo@...nel.org>, Varun Sethi <V.Sethi@....com>
Subject: RE: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed
 trusted keys

Hi Ahmad,

> -----Original Message-----
> From: Ahmad Fatoum <a.fatoum@...gutronix.de>
> Sent: Tuesday, April 9, 2024 10:58 PM
> To: Kshitiz Varshney <kshitiz.varshney@....com>; David Gstir
> <david@...ma-star.at>; Mimi Zohar <zohar@...ux.ibm.com>; James
> Bottomley <jejb@...ux.ibm.com>; Jarkko Sakkinen <jarkko@...nel.org>;
> Herbert Xu <herbert@...dor.apana.org.au>; David S. Miller
> <davem@...emloft.net>
> Cc: linux-doc@...r.kernel.org; Gaurav Jain <gaurav.jain@....com>; Catalin
> Marinas <catalin.marinas@....com>; David Howells
> <dhowells@...hat.com>; keyrings@...r.kernel.org; Fabio Estevam
> <festevam@...il.com>; Paul Moore <paul@...l-moore.com>; Jonathan
> Corbet <corbet@....net>; Richard Weinberger <richard@....at>; Rafael J.
> Wysocki <rafael.j.wysocki@...el.com>; James Morris <jmorris@...ei.org>;
> dl-linux-imx <linux-imx@....com>; Serge E. Hallyn <serge@...lyn.com>;
> Paul E. McKenney <paulmck@...nel.org>; Sascha Hauer
> <s.hauer@...gutronix.de>; Pankaj Gupta <pankaj.gupta@....com>; sigma
> star Kernel Team <upstream+dcp@...ma-star.at>; Steven Rostedt (Google)
> <rostedt@...dmis.org>; David Oberhollenzer <david.oberhollenzer@...ma-
> star.at>; linux-arm-kernel@...ts.infradead.org; linuxppc-dev@...ts.ozlabsorg;
> Randy Dunlap <rdunlap@...radead.org>; linux-kernel@...r.kernel.org; Li
> Yang <leoyang.li@....com>; linux-security-module@...r.kernel.org; linux-
> crypto@...r.kernel.org; Pengutronix Kernel Team <kernel@...gutronix.de>;
> Tejun Heo <tj@...nel.org>; linux-integrity@...r.kernel.org; Shawn Guo
> <shawnguo@...nel.org>; Varun Sethi <V.Sethi@....com>
> Subject: Re: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed
> trusted keys
> 
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
> 
> 
> Hello Kshitiz,
> 
> On 09.04.24 12:54, Kshitiz Varshney wrote:
> > Hi David,
> >> +       b->fmt_version = DCP_BLOB_VERSION;
> >> +       get_random_bytes(b->nonce, AES_KEYSIZE_128);
> >> +       get_random_bytes(b->blob_key, AES_KEYSIZE_128);
> >
> > We can use HWRNG instead of using kernel RNG. Please refer
> > drivers/char/hw_random/imx-rngc.c
> 
> imx-rngc can be enabled and used to seed the kernel entropy pool. Adding
> direct calls into imx-rngc here only introduces duplicated code at no extra
> benefit.
> 
> Cheers,
> Ahmad
> 
> --
> Pengutronix e.K.                           |                             |
> Steuerwalder Str. 21                       |
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.
> pengutronix.de%2F&data=05%7C02%7Ckshitiz.varshney%40nxp.com%7Ce9
> 97f259d34548ad1a9808dc58ba63a8%7C686ea1d3bc2b4c6fa92cd99c5c30
> 1635%7C0%7C0%7C638482804763047266%7CUnknown%7CTWFpbGZsb3
> d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0
> %3D%7C0%7C%7C%7C&sdata=UZgE9MXqAqCwqVnWty67YLh8QnIwpuq%2
> F7%2BQeDLQhF8I%3D&reserved=0  |
> 31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
> Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Understood.

Regards,
Kshitiz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ