lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b0f52816-8a9e-4f6a-8b48-18e77ed5dfaf@linaro.org>
Date: Tue, 18 Jun 2024 08:30:36 +0200
From: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
To: "Gaurav Kashyap (QUIC)" <quic_gaurkash@...cinc.com>,
 "linux-arm-msm@...r.kernel.org" <linux-arm-msm@...r.kernel.org>,
 "linux-scsi@...r.kernel.org" <linux-scsi@...r.kernel.org>,
 "andersson@...nel.org" <andersson@...nel.org>,
 "ebiggers@...gle.com" <ebiggers@...gle.com>,
 "neil.armstrong@...aro.org" <neil.armstrong@...aro.org>,
 "srinivas.kandagatla" <srinivas.kandagatla@...aro.org>,
 "krzysztof.kozlowski+dt@...aro.org" <krzysztof.kozlowski+dt@...aro.org>,
 "conor+dt@...nel.org" <conor+dt@...nel.org>,
 "robh+dt@...nel.org" <robh+dt@...nel.org>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org>,
 kernel <kernel@...cinc.com>,
 "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
 "devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
 "Om Prakash Singh (QUIC)" <quic_omprsing@...cinc.com>,
 "Bao D. Nguyen (QUIC)" <quic_nguyenb@...cinc.com>,
 "bartosz.golaszewski" <bartosz.golaszewski@...aro.org>,
 "konrad.dybcio@...aro.org" <konrad.dybcio@...aro.org>,
 "ulf.hansson@...aro.org" <ulf.hansson@...aro.org>,
 "jejb@...ux.ibm.com" <jejb@...ux.ibm.com>,
 "martin.petersen@...cle.com" <martin.petersen@...cle.com>,
 "mani@...nel.org" <mani@...nel.org>,
 "davem@...emloft.net" <davem@...emloft.net>,
 "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>,
 Prasad Sodagudi <psodagud@...cinc.com>, Sonal Gupta <sonalg@...cinc.com>
Subject: Re: [PATCH v5 13/15] dt-bindings: crypto: ice: document the hwkm
 property

On 18/06/2024 02:35, Gaurav Kashyap (QUIC) wrote:
> Hello Krzysztof
> 
> On   06/17/2024 12:17 AM PDT, Krzysztof Kozlowski wrote:
>> On 17/06/2024 02:51, Gaurav Kashyap wrote:
>>> +  qcom,ice-use-hwkm:
>>> +    type: boolean
>>> +    description:
>>> +      Use the supported Hardware Key Manager (HWKM) in Qualcomm ICE
>>> +      to support wrapped keys. Having this entry helps scenarios where
>>> +      the ICE hardware supports HWKM, but the Trustzone firmware does
>>> +      not have the full capability to use this HWKM and support wrapped
>>> +      keys. Not having this entry enabled would make ICE function in
>>> +      non-HWKM mode supporting standard keys.
>>
>> No changelog, previous comments and discussion ignored.
>>
>> NAK
> 
> Apologies for not addressing the previous comments.
> https://lore.kernel.org/all/9892c541ba4e4b5d975faaa4b49c92ba@quicinc.com/
> 
> Maybe we can continue our discussion here;
> " SM8450 and SM8350 QCOM ICE both support HWKM in their ICE hardware.
> However, wrapped keys can not be enabled on those targets due to certain
> missing trustzone support. If we solely rely on hardware version to decide
> if ICE has to use wrapped keys for data encryption, then it becomes untestable
> on those chipsets. 

That does not make any sense to me. You enable it for SM8550 and SM8650
not SM8450 and SM8350.

> 
> So, we want another way to distinguish this scenario, and hence I chose a DT vendor property

What scenario? Show it in your patches.

> to explicitly mention if we have to use the supported HWKM.
> If there is another way, I am open to exploring that as well."

That property is just entirely redundant. If you claim otherwise, show
it through patches.

To be clear, so you will not resend the same ignoring comments: NAK.

Best regards,
Krzysztof


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ