From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "David Gstir" <david@sigma-star.at>
Cc: "Mimi Zohar" <zohar@linux.ibm.com>,
"James Bottomley" <jejb@linux.ibm.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
"Shawn Guo" <shawnguo@kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Sascha Hauer" <s.hauer@pengutronix.de>,
"kernel@pengutronix.de" <kernel@pengutronix.de>,
"Fabio Estevam" <festevam@gmail.com>,
"NXP Linux Team" <linux-imx@nxp.com>,
"Ahmad Fatoum" <a.fatoum@pengutronix.de>,
"sigma star Kernel Team" <upstream+dcp@sigma-star.at>,
"David Howells" <dhowells@redhat.com>,
"Li Yang" <leoyang.li@nxp.com>,
"Paul Moore" <paul@paul-moore.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
"Randy Dunlap" <rdunlap@infradead.org>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
"Tejun Heo" <tj@kernel.org>,
"Steven Rostedt (Google)" <rostedt@goodmis.org>,
<linux-doc@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>,
<linuxppc-dev@lists.ozlabs.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"Richard Weinberger" <richard@nod.at>,
"David Oberhollenzer" <david.oberhollenzer@sigma-star.at>
Subject: Re: [PATCH v3 1/3] crypto: mxs-dcp: Add support for hardware provided keys
Date: Tue, 03 Oct 2023 01:50:43 +0300 [thread overview]
Message-ID: <CVYBKLX6LJR4.22G72LXAHW77W@seitikki> (raw)
In-Reply-To: <88FFAB6B-10A8-4732-A901-50859E22352D@sigma-star.at>
On Wed Sep 27, 2023 at 9:25 AM EEST, David Gstir wrote:
> Jarkko,
>
> > On 25.09.2023, at 17:22, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> >
> > On Mon Sep 18, 2023 at 5:18 PM EEST, David Gstir wrote:
> >> DCP is capable to performing AES with hardware-bound keys.
> >> These keys are not stored in main memory and are therefore not directly
> >> accessible by the operating system.
> >>
> >> So instead of feeding the key into DCP, we need to place a
> >> reference to such a key before initiating the crypto operation.
> >> Keys are referenced by a one byte identifiers.
> >
> > Not sure what the action of feeding key into DCP even means if such
> > action does not exists.
> >
> > What you probably would want to describe here is how keys get created
> > and how they are referenced by the kernel.
> >
> > For the "use" part please try to avoid academic paper style long
> > expression starting with "we" pronomine.
> >
> > So the above paragraph would normalize into "The keys inside DCP
> > are referenced by one byte identifier". Here of course would be
> > for the context nice to know what is this set of DCP keys. E.g.
> > are total 256 keys or some subset?
> >
> > When using too much prose there can be surprsingly little digestable
> > information, thus this nitpicking.
>
> Thanks for reviewing that in detail! I’ll rephrase the commit
> messages on all patches to get rid of the academic paper style.
>
>
> >
> >> DCP supports 6 different keys: 4 slots in the secure memory area,
> >> a one time programmable key which can be burnt via on-chip fuses
> >> and an unique device key.
> >>
> >> Using these keys is restricted to in-kernel users that use them as building
> >> block for other crypto tools such as trusted keys. Allowing userspace
> >> (e.g. via AF_ALG) to use these keys to crypt or decrypt data is a security
> >> risk, because there is no access control mechanism.
> >
> > Unless this patch has anything else than trusted keys this should not
> > be an open-ended sentence. You want to say roughly that DCP hardware
> > keys are implemented for the sake to implement trusted keys support,
> > and exactly and only that.
> >
> > This description also lacks actions taken by the code changes below,
> > which is really the beef of any commit description.
>
> You’re right. I’ll add that.
Yup, I'm just doing my part of the job, as I'm expected to do it :-)
Thanks for understanding.
> Thanks,
> - David
BR, Jarkko
next prev parent reply other threads:[~2023-10-02 22:51 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-18 14:18 [PATCH v3 0/3] DCP as trusted keys backend David Gstir
2023-09-18 14:18 ` [PATCH v3 1/3] crypto: mxs-dcp: Add support for hardware provided keys David Gstir
2023-09-25 15:22 ` Jarkko Sakkinen
2023-09-27 6:25 ` David Gstir
2023-10-02 22:50 ` Jarkko Sakkinen [this message]
2023-09-18 14:18 ` [PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys David Gstir
2023-09-25 15:34 ` Jarkko Sakkinen
2023-09-27 6:33 ` David Gstir
2023-09-18 14:18 ` [PATCH v3 3/3] doc: trusted-encrypted: add DCP as new trust source David Gstir
2023-09-25 15:36 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CVYBKLX6LJR4.22G72LXAHW77W@seitikki \
--to=jarkko@kernel.org \
--cc=a.fatoum@pengutronix.de \
--cc=catalin.marinas@arm.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=david.oberhollenzer@sigma-star.at \
--cc=david@sigma-star.at \
--cc=dhowells@redhat.com \
--cc=festevam@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=kernel@pengutronix.de \
--cc=keyrings@vger.kernel.org \
--cc=leoyang.li@nxp.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-imx@nxp.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paul@paul-moore.com \
--cc=paulmck@kernel.org \
--cc=rafael.j.wysocki@intel.com \
--cc=rdunlap@infradead.org \
--cc=richard@nod.at \
--cc=rostedt@goodmis.org \
--cc=s.hauer@pengutronix.de \
--cc=serge@hallyn.com \
--cc=shawnguo@kernel.org \
--cc=tj@kernel.org \
--cc=upstream+dcp@sigma-star.at \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).