Received: by 10.213.65.68 with SMTP id h4csp814728imn; Sat, 31 Mar 2018 10:32:12 -0700 (PDT) X-Google-Smtp-Source: AIpwx483K4yk8Jr0jQarpK9Bpyj9xKC8I/KCRjxrDj1XROHbramEhdTBscF9IgiLinApa5OYwwsJ X-Received: by 10.101.96.141 with SMTP id t13mr2369990pgu.222.1522517532301; Sat, 31 Mar 2018 10:32:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522517532; cv=none; d=google.com; s=arc-20160816; b=M3lKlrn38aiMB/UbC1iwJeOs/2jOMwaG/nqiLAe7XPLv5aFt4iSSmcQ9fUkXN1SbR1 ub9Npx0B//EeekG5Ifvu+1JsrZ4fcoxm5mesU+6o4GxLZwwfudXqT3PMU5JQesmnisPB Y7fv7F8RvzCnXLv5TpSGjztwcHCCtlk0O3TMXeL5Z/xMg0Ap25cycIv851su/b/RBeHZ M18sEghKSqA1la2EBqLtAoiIL8EdjSzPdbe+f2FNFJCbxaHvUEWmeR/dbKse4Hi1GcPJ 0VrfKtWQKK9hTYdQnh0gOM9ih9SYxmeaHq7f3yfVAxFSm0ULbr0eRRPW+nh3UY6rr0yj YIbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=Lnf+/9/2RDtrz5ptd3aGSbDzSP/yOJWo3Th+shSj9qs=; b=QBvt1LyO0TRYa3lmg7ScY5FfN3zZI28QvQHtFTw3HpNO7EgLjpVDMSqxzORkB8vedp YRHfYsuf97qLc0YOAhP5ctT8xYl7EGUIVLb5DByJA59bBWKrq9KATaPJN2dtObCI2kfa kgWuAimVMg+KfS9HKNoEHl5YdAUF5d7P4LSqpRpTXCnHYmwCHTc4JtzhqY/3k9SAQxkw XcbPjVnh7rv+MrEHnrJvz/tvyWQUqolq/fZNf+l0hC1XZeOhj2m4aJTF4+MJaxUkh00G oTgqrrgLcqQKIMEGw1sIjgWfhi5iZFJxjwTo6Ucx28JY00xgsxnKBR8XbYArl65DPdE5 bq4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=s/BU3UM9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i75si7263579pgd.399.2018.03.31.10.31.57; Sat, 31 Mar 2018 10:32:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=s/BU3UM9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753035AbeCaRau (ORCPT + 99 others); Sat, 31 Mar 2018 13:30:50 -0400 Received: from mail-ua0-f170.google.com ([209.85.217.170]:44001 "EHLO mail-ua0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752873AbeCaRas (ORCPT ); Sat, 31 Mar 2018 13:30:48 -0400 Received: by mail-ua0-f170.google.com with SMTP id u4so6906266uaf.10 for ; Sat, 31 Mar 2018 10:30:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benyossef-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Lnf+/9/2RDtrz5ptd3aGSbDzSP/yOJWo3Th+shSj9qs=; b=s/BU3UM9lV4OsMZn0Ti0qZmB/frYN5uSV20y3JlXltSH7KcoE9OkG3oesJLB2KtgTH qv5E+wJCEJVs+p1Jv7iSfMikRbjpB4rEayC+BhzEBH799XpQa9EJGFfVaijbAnPPOGh1 EAoPpbXGfUCKWLMMACXzyrmegE62saXNC2Mub/xhKi1w4WML7UjnpotRuYZ/LCjk3km4 ryYK+yLj8uTre/h3OEMRzJN4/XsPJ0heQqdD8o/2zp4Tl23kscgRfpD5oz7sDSToHLp6 WffQ8BIHYeriEjFpjOLQhhor/0JOSkDX3T9QpxMCcYVSNf2sm4Y4CbCE49SpQRpGx8WZ +1eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Lnf+/9/2RDtrz5ptd3aGSbDzSP/yOJWo3Th+shSj9qs=; b=Wa9xXUh7bLbJV6zrGNihAOc/PR266bUwXAFCbQcPUyXUXh3NT3bXESW+QN9I3Z5zxa vMzh8t3IDZcV4OhbHKvJZ3vvZ+saRYFssJauCKBIdW2TWH/G3DT8a27rHlVh4GD6xj97 M6W5XyAVJPEGCMsnsyG8umn/Rtc84jWx5d2g+VaGejaq++ZUT5rk8oAn/CglkFLS38fI YQqOyfghShaZmCkBmdrXn7Dq6RI9tBhUFalbb+V4lBlBA0XGeZvje3wpvF4CD/4362RM a1WI1VY3xRDXZzfwRzUuob25lXdOirgji9fvw86WDGWC3ac4+jWxXkKupXEaIU+BxZIU vbuw== X-Gm-Message-State: ALQs6tBNAYkk2zjDj2DqwOwrWhuXmVkMSUVQHh82CXgtKtPgNoFF9Rzt fvJ0sPbzjcpaOXe18FDQC0CaWAEgemdwnMYj+ut8ng== X-Received: by 10.176.97.217 with SMTP id m25mr2149360uan.58.1522517447512; Sat, 31 Mar 2018 10:30:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.176.28.3 with HTTP; Sat, 31 Mar 2018 10:30:46 -0700 (PDT) X-Originating-IP: [62.219.136.235] In-Reply-To: <20180330172616.GB28120@gondor.apana.org.au> References: <1522049540-10042-1-git-send-email-gilad@benyossef.com> <1522049540-10042-3-git-send-email-gilad@benyossef.com> <20180330172616.GB28120@gondor.apana.org.au> From: Gilad Ben-Yossef Date: Sat, 31 Mar 2018 20:30:46 +0300 Message-ID: Subject: Re: [PATCH 2/2] crypto: ccree: enable support for hardware keys To: Herbert Xu Cc: "David S. Miller" , Ofir Drang , Linux Crypto Mailing List , Linux kernel mailing list Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 30, 2018 at 8:26 PM, Herbert Xu wrote: > On Mon, Mar 26, 2018 at 08:32:19AM +0100, Gilad Ben-Yossef wrote: >> Enable CryptoCell support for hardware keys. >> >> Hardware keys are regular AES keys loaded into CryptoCell internal memory >> via firmware, often from secure boot ROM or hardware fuses at boot time. >> >> As such, they can be used for enc/dec purposes like any other key but >> cannot (read: extremely hard to) be extracted since since they are not >> available anywhere in RAM during runtime. >> >> The mechanism has some similarities to s390 secure keys although the keys >> are not wrapped or sealed, but simply loaded offline. The interface was >> therefore modeled based on the s390 secure keys support. >> >> Signed-off-by: Gilad Ben-Yossef > > ... > >> static const struct cc_alg_template skcipher_algs[] = { >> { >> + .name = "xts(haes)", >> + .driver_name = "xts-haes-ccree", >> + .blocksize = AES_BLOCK_SIZE, >> + .template_skcipher = { >> + .setkey = cc_cipher_sethkey, >> + .encrypt = cc_cipher_encrypt, >> + .decrypt = cc_cipher_decrypt, >> + .min_keysize = CC_HW_KEY_SIZE, >> + .max_keysize = CC_HW_KEY_SIZE, >> + .ivsize = AES_BLOCK_SIZE, >> + }, >> + .cipher_mode = DRV_CIPHER_XTS, >> + .flow_mode = S_DIN_to_AES, >> + .min_hw_rev = CC_HW_REV_630, >> + }, > > How can this possibly pass the self-test? Indeed, I could not figure a way to test the mechanism directly. However, as it uses the exact same mechanism of the regular xts-aes-ccree but takes the key from another source, I've marked it with a test of alg_test_null() on the premise that if the xts-aes-ccree works, so must this. > > If we want to add hardware keys we will need to figure out how > to deal with it in the top-level API first. > > Are there other crypto drivers doing this? I thought the exact same thing until I ran into a presentation about the s390 secure keys implementation. I basically imitated their use (or abuse?) of the Crypto API assuming it is the way to go. Take a look at arch/s390/crypto/paes_s390.c The slide for the presentation describing this is here: http://schd.ws/hosted_files/ossna2017/89/LC2017SecKeyDmCryptV5.pdf And they seem to even have support for it in the DM-Crypt tools, which at the time they claimed to be in the process of getting it up-streamed. Anyway, if this is not the way to go I'd be more than happy to do whatever work is needed to create the right interface. PS. I'd be out of the office and away from email access to the coming week, so kindly excuse any delay in response. Thanks! Gilad -- Gilad Ben-Yossef Chief Coffee Drinker "If you take a class in large-scale robotics, can you end up in a situation where the homework eats your dog?" -- Jean-Baptiste Queru