Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp374806pxf; Thu, 1 Apr 2021 03:34:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz7j+VuHH2cCNIcNLFxjNRRLpBSGv5Q0mI8XadAwG6JB5pAU4Zpo7rPSTPhUXENfguy0rQe X-Received: by 2002:a17:906:1c13:: with SMTP id k19mr8330874ejg.457.1617273288420; Thu, 01 Apr 2021 03:34:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617273288; cv=none; d=google.com; s=arc-20160816; b=lkvU43EAEpXqzT5pVCznxA8hjuGSePuxunE6Mf6cIGmr5RcHDd2LK2jYmYXdnCSaEk QFap/yLJj//R/c0sgwzk5TNO5aoNohKveeUVAW3SJFV94+1cwNpRpRqeQenhRsfzGe8n kOmpZes9nDi6PM25YbSklsjAjURG41XPNd4ym/DtujK4UG6wwdsHucVTSUQ+hXTEUhB2 gEK9Vykibskxkw9RDxfFCdGdbBNh15VM7OSleH1zsm5Cj8FrbKftqTfYHeGrI6jBk9+5 f6D60N5+uBNZN2r1KShfhHMb3F7pBkOOTLHztSsjlVDmQUwRr3X4hpHb3n+Ktk+sBMGd gF5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:thread-index:thread-topic :content-transfer-encoding:mime-version:subject:references :in-reply-to:message-id:cc:to:from:date; bh=kbi6UXwTo9s4lg+17lRHcb8Qe4tCkzNbElt4fnNbXzQ=; b=1HsrTveJ9eMs/tRdjFM38LIZ8M1AIBpaTzG6HoO/eMPnxZ0qRlOo6U1bAx9zs1XQRK Tjw1D5+5mXMsbn2mRwIwTr8jgIiRpJTgMDZZZaZEVNEPOhRGNljewmAFmlCKDdt77a9o yczS9qGLbRRDb6kf09AYaPue6b4bQdoWgMKCx8bzJzzx4Tw8CgtA54mw2Q8+lxcdufxI pMcHFAWAarJEAe7HwlnrXCjzfDHa/pRFYrSXy49waaOjz2ajXY1USmGnC7EH90FwbccD 8wPds4U/9O19cpk2gc40YlxrgPtmaFyrU5IhB/wglmSu7tK4pKaor3vlVnumJl2Whmr5 56AQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u10si3518965ejb.59.2021.04.01.03.34.26; Thu, 01 Apr 2021 03:34:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234407AbhDAK2S convert rfc822-to-8bit (ORCPT + 99 others); Thu, 1 Apr 2021 06:28:18 -0400 Received: from lithops.sigma-star.at ([195.201.40.130]:60260 "EHLO lithops.sigma-star.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234170AbhDAK1z (ORCPT ); Thu, 1 Apr 2021 06:27:55 -0400 Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id 6CAB4606BA27; Thu, 1 Apr 2021 12:23:58 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id XWsDeVM0dlYR; Thu, 1 Apr 2021 12:23:58 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id E6125606BA2C; Thu, 1 Apr 2021 12:23:57 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id AXT7SBVIcz0n; Thu, 1 Apr 2021 12:23:57 +0200 (CEST) Received: from lithops.sigma-star.at (lithops.sigma-star.at [195.201.40.130]) by lithops.sigma-star.at (Postfix) with ESMTP id AF33B606BA27; Thu, 1 Apr 2021 12:23:57 +0200 (CEST) Date: Thu, 1 Apr 2021 12:23:57 +0200 (CEST) From: Richard Weinberger To: Ahmad Fatoum Cc: Jonathan Corbet , David Howells , Jarkko Sakkinen , James Bottomley , Mimi Zohar , kernel , James Morris , "Serge E. Hallyn" , horia geanta , aymen sghaier , Herbert Xu , davem , Udit Agarwal , Jan Luebbe , david , Franck Lenormand , Sumit Garg , "open list, ASYMMETRIC KEYS" , Linux Crypto Mailing List , Linux Doc Mailing List , linux-integrity , linux-kernel , LSM Message-ID: <628222835.139597.1617272637645.JavaMail.zimbra@nod.at> In-Reply-To: References: <319e558e1bd19b80ad6447c167a2c3942bdafea2.1615914058.git-series.a.fatoum@pengutronix.de> Subject: Re: [PATCH v1 3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT X-Originating-IP: [195.201.40.130] X-Mailer: Zimbra 8.8.12_GA_3807 (ZimbraWebClient - FF78 (Linux)/8.8.12_GA_3809) Thread-Topic: KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Thread-Index: bRpCX2JQ5lnT2KZCBTYRFn2CLxkWdw== Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Ahmad, ----- Ursprüngliche Mail ----- > Von: "Ahmad Fatoum" >> That way existing blobs can also be used with this implementation. >> IIRC the NXP vendor tree uses "SECURE_KEY" as default modifier. > > Being binary compatible with other implementations is not an objective > for this patch set. If you need to migrate I'd suggest to get out a > clear text password and side-load it into the trusted key framework. Compatibility is only one argument, IMHO the much stronger argument is that there are people out there that want to salt the CAAM blob with a key modifier of their own choice. Thanks, //richard