Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp94280ybi;
        Fri, 24 May 2019 00:22:10 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxQrkZ9HLCM273PKMK95cUbIf2pMj3Mn871vGK6b0tZuo7AK8W3NMEaRtNClipP7zqjYWHc
X-Received: by 2002:a17:902:8c8f:: with SMTP id t15mr48164684plo.87.1558682530178;
        Fri, 24 May 2019 00:22:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558682530; cv=none;
        d=google.com; s=arc-20160816;
        b=PrLmqbK8zjydf9HVCdw498XpNvWy1p1BeS0relxKUg43ytw/gMxUZFF7JM/7IIziPb
         CZ+lsbMPk8jY43tf4HLFRZ+unV6FxiWlMIDQ/DqP5fCy/vRikj6yZ/SNq7EA3cx/hjIY
         Xum3fTxhmRWIKJ6tKIvb/IM2BH8BH/TgP/yOhnuPpjQJiID6wbkN7gLUFAH649nKLSOs
         SIlSOZ8Q3BSrhgNtT91wQ32g8+ll+68HLXYbOlnbe03SGLioKI1UHS2ceJdyZqcg19r2
         t3BNpEcD4hunTrjvx2xiCJf9j3UH51RikxEqzKmK6tTcW1i9ZCdbiCYix+qcTxVE4oWB
         6OtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=pwDJiBeaj+t4RmLWFQQ2ZThZEzCnUpWhfbbPnBxxLRE=;
        b=Zyh5yfpBqob7xEEMX+8XTn7tHfY3zx74CTlub91H4Jb2sl1LSPZLmXDxmZCoLsncgh
         zbJCTEQfU5b+dG1o2KCXIP3XF+G96N9sqTSj+7c12dcTymtR1j6KSa+JbV6Ok3QRHMXd
         hWTeR/+67tl+i9vfSoYWps6xT9CYpF2EPsSodI+Xuj3AR/imxC5c2Fb7JJJftk3vtOi7
         N6ysQyoMvCZi3SOHdBkEaSJYjqmUR4oRTY0fvySevaaSCqzSCUfVETpmR384CghMN7mS
         KYPHLksRx+n+6d/NCpgVNN9wDywIWVqHt2f0Nb9knGeX8n29GqPAXPd+CNC/8EG+ob+g
         KDXQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b="qCk/j1xz";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b13si2675867plz.194.2019.05.24.00.21.50;
        Fri, 24 May 2019 00:22:10 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b="qCk/j1xz";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389039AbfEXHUZ (ORCPT <rfc822;daisukeokaopensource@gmail.com>
        + 99 others); Fri, 24 May 2019 03:20:25 -0400
Received: from mo4-p01-ob.smtp.rzone.de ([85.215.255.54]:10079 "EHLO
        mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2388979AbfEXHUZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 24 May 2019 03:20:25 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1558682420;
        s=strato-dkim-0002; d=chronox.de;
        h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:
        X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender;
        bh=pwDJiBeaj+t4RmLWFQQ2ZThZEzCnUpWhfbbPnBxxLRE=;
        b=qCk/j1xzUVorKPPvQeWe/EcJJkbLkrIkV7a5qINiv8+v9/fUE0izVTVFt6Y+lqXC1n
        VXhmOIK/t5BJeMma+eiZu5NwK2uL67ZZu5866HOsGkHlOy3yytnKuS16/FfeZcAJCEJa
        laxScPccz9RFL9iPmn0hJb/XkBx63NWyKm06cxrOiUIskdGX07nf07D4ebRYGaWEkKQN
        zXfIu02mm2pRcP/ViIoJxtxJDyPbTzsqcwgGK9MEvEKpAtAd8J8mQvU+02khu5Nm5AdV
        sFKfkkK/aRG8Eu2kLn2JME2v6LvbUU56Bnotf3OgVgHMPPIya4e5rv5sLE0yh02u+NPi
        /NHQ==
X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPbL/Sf94Hg"
X-RZG-CLASS-ID: mo00
Received: from tauon.chronox.de
        by smtp.strato.de (RZmta 44.18 DYNA|AUTH)
        with ESMTPSA id R0373fv4O7JvSyw
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA))
        (Client did not present a certificate);
        Fri, 24 May 2019 09:19:57 +0200 (CEST)
From:   Stephan Mueller <smueller@chronox.de>
To:     Kalyani Akula <kalyania@xilinx.com>, keyrings@vger.kernel.org
Cc:     "herbert@gondor.apana.org.au" <herbert@gondor.apana.org.au>,
        "davem@davemloft.net" <davem@davemloft.net>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Sarat Chand Savitala <saratcha@xilinx.com>
Subject: Re: [RFC PATCH 4/5] crypto: Adds user space interface for ALG_SET_KEY_TYPE
Date:   Fri, 24 May 2019 09:19:56 +0200
Message-ID: <2554415.t45IJDmies@tauon.chronox.de>
In-Reply-To: <SN6PR02MB5135CE53C3E3FB34CA5E6BA8AF320@SN6PR02MB5135.namprd02.prod.outlook.com>
References: <1547708541-23730-1-git-send-email-kalyani.akula@xilinx.com> <18759853.IUaQuE38eh@tauon.chronox.de> <SN6PR02MB5135CE53C3E3FB34CA5E6BA8AF320@SN6PR02MB5135.namprd02.prod.outlook.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Am Mittwoch, 8. Mai 2019, 11:31:08 CEST schrieb Kalyani Akula:

Hi Kalyani,

> Hi Stephan,
> 
> Keyrings is in-kernel key-management and retention facility. User can use it
> to manage keys used for applications.
> 
> Xilinx cryptographic hardware has a mechanism to store keys in its internal
> hardware and do not have mechanism to read it back due to security reasons.
> It stores key internally in different forms like simple key, key encrypted
> with unique hardware DNA, key encrypted with hardware family key, key
> stored in eFUSEs/BBRAM etc.
> Based on security level expected, user can select one of the key for AES
> operation. Since AES hardware internally has access to these keys, user do
> not require to provide key to hardware, but need to tell which internal
> hardware key user application like to use for AES operation.
> 
> Basic need is to pass information to AES hardware about which internal
> hardware key to be used for AES operation.
> 
> I agree that from general use case perspective we are not selecting key type
> but selecting internal hardware keys provided by user. How about providing
> option to select custom hardware keys provided by hardware
> (AES_SEL_HW_KEY)?

I am not intimately familiary with the keyring facility. Thus, let us ask the 
experts at the keyring mailing list :-)

> 
> Thanks
> kalyani
> 
> > -----Original Message-----
> > From: Stephan Mueller <smueller@chronox.de>
> > Sent: Thursday, April 25, 2019 12:01 AM
> > To: Kalyani Akula <kalyania@xilinx.com>
> > Cc: herbert@gondor.apana.org.au; davem@davemloft.net; linux-
> > crypto@vger.kernel.org; linux-kernel@vger.kernel.org
> > Subject: Re: [RFC PATCH 4/5] crypto: Adds user space interface for
> > ALG_SET_KEY_TYPE
> > 
> > Am Montag, 22. April 2019, 11:17:55 CEST schrieb Kalyani Akula:
> > 
> > Hi Kalyani,
> > 
> > > > Besides, seem to be more a key handling issue. Wouldn't it make
> > > > sense to rather have such issue solved with key rings than in the
> > > > kernel crypto API?
> > > 
> > > [kalyani] Can you please elaborate on this further ?
> > 
> > The kernel has a keyring support in security/keys which has a user space
> > interface with keyutils. That interface is commonly used for any sort of
> > key manipulation.
> > 
> > Ciao
> > Stephan



Ciao
Stephan