lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <PH7PR12MB8178B92B6ED11B891AAFCE0BC0CB2@PH7PR12MB8178.namprd12.prod.outlook.com>
Date: Wed, 5 Mar 2025 07:05:25 +0000
From: Akhil R <akhilrajeev@...dia.com>
To: "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>,
	"davem@...emloft.net" <davem@...emloft.net>, "thierry.reding@...il.com"
	<thierry.reding@...il.com>, Jon Hunter <jonathanh@...dia.com>,
	"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
	"linux-tegra@...r.kernel.org" <linux-tegra@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v3 09/10] crypto: tegra: Reserve keyslots to allocate
 dynamically

> Subject: [PATCH v3 09/10] crypto: tegra: Reserve keyslots to allocate dynamically
> 
> The HW supports only storing 15 keys at a time. This limits the number
> of tfms that can work without failutes. Reserve keyslots to solve this
> and use the reserved ones during the encryption/decryption operation.
> This allow users to have the capability of hardware protected keys
> and faster operations if there are limited number of tfms while not
> halting the operation if there are more tfms.
> 
> Fixes: 0880bb3b00c8 ("crypto: tegra - Add Tegra Security Engine driver")
> Signed-off-by: Akhil R <akhilrajeev@...dia.com>
> ---
>  drivers/crypto/tegra/tegra-se-aes.c | 139 +++++++++++++++++++++++-----
>  drivers/crypto/tegra/tegra-se-key.c |  17 ++++
>  drivers/crypto/tegra/tegra-se.h     |  28 ++++++
>  3 files changed, 163 insertions(+), 21 deletions(-)
> 

I noticed that we need the below additional change to this patch. Not getting a
keyslot will not cause a failure. We can skip this print unless for debug.

diff --git a/drivers/crypto/tegra/tegra-se-key.c b/drivers/crypto/tegra/tegra-se-key.c
index bf265514b04c..956fa9b4e9b1 100644
--- a/drivers/crypto/tegra/tegra-se-key.c
+++ b/drivers/crypto/tegra/tegra-se-key.c
@@ -166,7 +166,7 @@ int tegra_key_submit(struct tegra_se *se, const u8 *key, u32 keylen, u32 alg, u3
        if (!tegra_key_in_kslt(*keyid)) {
                *keyid = tegra_keyslot_alloc();
                if (!(*keyid)) {
-                       dev_err(se->dev, "failed to allocate key slot\n");
+                       dev_dbg(se->dev, "failed to allocate key slot\n");
                        return -ENOMEM;
                }
        }



Hi Herbert,

Do we have any other concerns with the patches in this series.
If all those look good, I can push a new version with this change included.

Thanks & regards,
Akhil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ