lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 18 Jun 2024 00:35:55 +0000
From: "Gaurav Kashyap (QUIC)" <quic_gaurkash@...cinc.com>
To: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>,
        "Gaurav Kashyap
 (QUIC)" <quic_gaurkash@...cinc.com>,
        "linux-arm-msm@...r.kernel.org"
	<linux-arm-msm@...r.kernel.org>,
        "linux-scsi@...r.kernel.org"
	<linux-scsi@...r.kernel.org>,
        "andersson@...nel.org" <andersson@...nel.org>,
        "ebiggers@...gle.com" <ebiggers@...gle.com>,
        "neil.armstrong@...aro.org"
	<neil.armstrong@...aro.org>,
        srinivas.kandagatla
	<srinivas.kandagatla@...aro.org>,
        "krzysztof.kozlowski+dt@...aro.org"
	<krzysztof.kozlowski+dt@...aro.org>,
        "conor+dt@...nel.org"
	<conor+dt@...nel.org>,
        "robh+dt@...nel.org" <robh+dt@...nel.org>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org>,
        kernel
	<kernel@...cinc.com>,
        "linux-crypto@...r.kernel.org"
	<linux-crypto@...r.kernel.org>,
        "devicetree@...r.kernel.org"
	<devicetree@...r.kernel.org>,
        "Om Prakash Singh (QUIC)"
	<quic_omprsing@...cinc.com>,
        "Bao D. Nguyen (QUIC)"
	<quic_nguyenb@...cinc.com>,
        bartosz.golaszewski
	<bartosz.golaszewski@...aro.org>,
        "konrad.dybcio@...aro.org"
	<konrad.dybcio@...aro.org>,
        "ulf.hansson@...aro.org"
	<ulf.hansson@...aro.org>,
        "jejb@...ux.ibm.com" <jejb@...ux.ibm.com>,
        "martin.petersen@...cle.com" <martin.petersen@...cle.com>,
        "mani@...nel.org"
	<mani@...nel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>,
        Prasad Sodagudi
	<psodagud@...cinc.com>,
        Sonal Gupta <sonalg@...cinc.com>
Subject: RE: [PATCH v5 13/15] dt-bindings: crypto: ice: document the hwkm
 property

Hello Krzysztof

On   06/17/2024 12:17 AM PDT, Krzysztof Kozlowski wrote:
> On 17/06/2024 02:51, Gaurav Kashyap wrote:
> > +  qcom,ice-use-hwkm:
> > +    type: boolean
> > +    description:
> > +      Use the supported Hardware Key Manager (HWKM) in Qualcomm ICE
> > +      to support wrapped keys. Having this entry helps scenarios where
> > +      the ICE hardware supports HWKM, but the Trustzone firmware does
> > +      not have the full capability to use this HWKM and support wrapped
> > +      keys. Not having this entry enabled would make ICE function in
> > +      non-HWKM mode supporting standard keys.
> 
> No changelog, previous comments and discussion ignored.
> 
> NAK

Apologies for not addressing the previous comments.
https://lore.kernel.org/all/9892c541ba4e4b5d975faaa4b49c92ba@quicinc.com/

Maybe we can continue our discussion here;
" SM8450 and SM8350 QCOM ICE both support HWKM in their ICE hardware.
However, wrapped keys can not be enabled on those targets due to certain
missing trustzone support. If we solely rely on hardware version to decide
if ICE has to use wrapped keys for data encryption, then it becomes untestable
on those chipsets. 

So, we want another way to distinguish this scenario, and hence I chose a DT vendor property
to explicitly mention if we have to use the supported HWKM.
If there is another way, I am open to exploring that as well."

> 
> Best regards,
> Krzysztof

Regards, 
Gaurav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ