Received: by 10.213.65.68 with SMTP id h4csp2368793imn; Mon, 9 Apr 2018 02:16:31 -0700 (PDT) X-Google-Smtp-Source: AIpwx49Fm/dN7vvsEGW9iq0ktSFyxxw7+z1WozPUK8CvQr1hFW672ikj+vIXaZe9tlvomdGd2hNh X-Received: by 10.98.156.91 with SMTP id f88mr13650482pfe.128.1523265391294; Mon, 09 Apr 2018 02:16:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523265391; cv=none; d=google.com; s=arc-20160816; b=h38dmrPL68ZHKC+OrpywC97NpmaKPk5dtY68okSrdQ0VSjdjhAOd9Ne1LApAkfwLVN oYfdWmDvPXSQhHP9MZGMIiQeK8dD3Z1D8zMsKmV5ONgmfg24Ewrs6mNCBx/zqjkWpjsB hc+kHaIz9vsbCVpmJR3txsiIZb3za1gM801zq60hmdOZlaCnevT9Nf3TPdyzSp3+uqWo XF11y++Sl9gFVvvaWk2kN09Gqe36W8bfRn74gH/rEwjZPwOnWeoQz0PJUrlNHz62ljSs dT+QuMdLU2PXgDnilxxjdN+WcPzrVN/wRb9ssPKBoTsEA5akVhLTy0fA9CSg7Lb1hSFr yuFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :from:references:cc:to:subject:arc-authentication-results; bh=BQ7OAP+jFOkkEiMmj4HJcU5hXs87XQYugoRZQ4jfERc=; b=NlgCybj+iwjs6uFu5CvekHnhiD6gLQ55034ojS9iH6HQNZxEEtgYRRnXsyDq4MOF6V 3Sr/oDLdfDvEP2p4KLjBkeW5mHEaHxb6E6Asd9vyc7dytAglq734WPpJW+iyZKpMVRmU SSoTY+w9DYmVBvCOfc+JeBtmoAr21Si7mnXBdQR+2HkvyfmhjroNUOwoa+3RwKI96kvr XhsL56Qf3NhQ5f4q21I7Z0uns1F3N0kMMHes9blIx/khUFWfCciwEiV8lhEv0bKgTLM2 SnNX0LXEAhssfPOls7kRx1dbrYx7lvtewQDLYEfY/LOVnqLMDgo2JiYMUFC32TvZ9ZAT PApQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x74si12329337pfi.371.2018.04.09.02.15.54; Mon, 09 Apr 2018 02:16:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752489AbeDIJM2 (ORCPT + 99 others); Mon, 9 Apr 2018 05:12:28 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:39130 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751970AbeDIJMZ (ORCPT ); Mon, 9 Apr 2018 05:12:25 -0400 Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w3998q2k120530 for ; Mon, 9 Apr 2018 05:12:25 -0400 Received: from e06smtp10.uk.ibm.com (e06smtp10.uk.ibm.com [195.75.94.106]) by mx0b-001b2d01.pphosted.com with ESMTP id 2h80ddbgfm-1 (version=TLSv1.2 cipher=AES256-SHA256 bits=256 verify=NOT) for ; Mon, 09 Apr 2018 05:12:24 -0400 Received: from localhost by e06smtp10.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 9 Apr 2018 10:12:22 +0100 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp10.uk.ibm.com (192.168.101.140) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Mon, 9 Apr 2018 10:12:20 +0100 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w399CJvE36503656; Mon, 9 Apr 2018 09:12:20 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 61978A4051; Mon, 9 Apr 2018 10:04:40 +0100 (BST) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 06F36A4053; Mon, 9 Apr 2018 10:04:40 +0100 (BST) Received: from [10.0.2.15] (unknown [9.152.224.33]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 9 Apr 2018 10:04:39 +0100 (BST) Subject: Re: [PATCH 2/2] crypto: ccree: enable support for hardware keys To: Herbert Xu , Gilad Ben-Yossef Cc: "David S. Miller" , Ofir Drang , Linux Crypto Mailing List , Linux kernel mailing list References: <1522049540-10042-1-git-send-email-gilad@benyossef.com> <1522049540-10042-3-git-send-email-gilad@benyossef.com> <20180330172616.GB28120@gondor.apana.org.au> <20180403101905.GA4245@gondor.apana.org.au> From: Harald Freudenberger Date: Mon, 9 Apr 2018 11:12:19 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180403101905.GA4245@gondor.apana.org.au> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 18040909-0040-0000-0000-0000042C09D6 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18040909-0041-0000-0000-000026301364 Message-Id: <45fa8c6c-a518-92de-0ad2-f1fbe470282e@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-04-09_03:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1804090101 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/03/2018 12:19 PM, Herbert Xu wrote: > On Sat, Mar 31, 2018 at 08:30:46PM +0300, Gilad Ben-Yossef wrote: >> However, as it uses the exact same mechanism of the regular xts-aes-ccree >> but takes the key from another source, I've marked it with a test of >> alg_test_null() on the premise that if the xts-aes-ccree works, so must this. > Well it appears to be stubbed out as cc_is_hw_key always returns > false. > >>> Are there other crypto drivers doing this? >> I thought the exact same thing until I ran into a presentation about the s390 >> secure keys implementation. I basically imitated their use (or abuse?) >> of the Crypto API >> assuming it is the way to go. >> >> Take a look at arch/s390/crypto/paes_s390.c > It's always nice to discover code that was never reviewed. > > The general approach seems sane though. > >> Anyway, if this is not the way to go I'd be more than happy to do whatever >> work is needed to create the right interface. >> >> PS. I'd be out of the office and away from email access to the coming week, so >> kindly excuse any delay in response. > I think it's fine. However, I don't really like the idea of everyone > coming up with their own "paes", i.e., your patch's use of "haes". > It should be OK to just use paes for everyone, no? > > As to your patch specifically, there is one issue where you're > directly dereferencing the key as a struct. This is a no-no because > the key may have come from user-space. You must treat it as a > binary blob. The s390 code seems to do this correctly. > > Cheers, I would be happy to have a generic kernel interface for some kind of key token as a binary blob. I am also open to use the kernel key ring for future extensions. But please understand we needed a way to support our hardware keys and I think the chosen design isn't so bad. regards Harald Freudenberger using the kernel key ring in future extensions.