Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3273118pxk; Tue, 15 Sep 2020 14:59:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyOGKFOhmEBq44xvUDi513t25F5P0rAZWj9NEQfmIOgKewxmNBSMxnwBjGCSvYFSjHlyt49 X-Received: by 2002:a17:906:9416:: with SMTP id q22mr14810260ejx.82.1600207157043; Tue, 15 Sep 2020 14:59:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600207157; cv=none; d=google.com; s=arc-20160816; b=r04du44SLLWAxSZlGd3yifatS8lKw1M0GgYv/P9gBXe6uDGkKrwMOEq8vlYtTYrhkE I40qQz2XJabkM+wqabOrFv5T26OUz3m6yLmrZEGQP6V4diFVQCdpiEbpDi/LhfrXMoZB e7Tirt1EhDswksWAMvXgqKrs5qUolWdZhlVY8NnkLQXz1dz8r36WHwmhFEWx+bVaT0tR hRAegM3L8d70gU4aOkgNj4Ng1nWa4A7ppGEbvxUr05RBzRJ8d+LLVKjleLJX8dCLZ/JY j/cwJBBBTaw/nBelMcADnLZcBsF7ATSIaA6u/4qehfhkCGmuXicVvrHGV+32Dh2NtNub XKgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:thread-index:thread-topic :content-transfer-encoding:mime-version:subject:references :in-reply-to:message-id:cc:to:from:date; bh=pmLjGCQArC0nLDPU8oJJahRd4YGngCqEkdLLYn0YT04=; b=wNrTE0BdZ/RpddwYoI0rS4veJBd51SUqMtrvffnqOoVeAA4+shHdLG3P1+B7vXPNyO yEl+xZGcgkmPFTVBOBHDqtYAm43JJlIs6xHH7CappSdftDI370UQG6YjWs9Xwla8Hh8z t11BFfvSm0RJOKRPmIfiIljOgwl09UE4oQ6Q37q1s8UXB7oE1ct6SfzfjpMRtIQVLC3Q lNHfL9sInk5c8WIi9biv7hDD32HK2FkPJLA3nnr5pLqJhogI2RS0jDJkECpEtj1GGW7o 2cZJNZmQkM/lQ4S3Oe18Ad7X88hIskP9Kkz0gpgoOncI8a5y6cdwy8FkyhC3RRV3rv80 9eZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o12si10708795edq.190.2020.09.15.14.58.43; Tue, 15 Sep 2020 14:59:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728037AbgIOV56 convert rfc822-to-8bit (ORCPT + 99 others); Tue, 15 Sep 2020 17:57:58 -0400 Received: from lithops.sigma-star.at ([195.201.40.130]:47330 "EHLO lithops.sigma-star.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728108AbgIOV5q (ORCPT ); Tue, 15 Sep 2020 17:57:46 -0400 X-Greylist: delayed 383 seconds by postgrey-1.27 at vger.kernel.org; Tue, 15 Sep 2020 17:57:42 EDT Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id 37A1D6074029; Tue, 15 Sep 2020 23:50:54 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id FJeDlkGzqKO8; Tue, 15 Sep 2020 23:50:53 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id C0322607403C; Tue, 15 Sep 2020 23:50:53 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 173xIe-uMIop; Tue, 15 Sep 2020 23:50:53 +0200 (CEST) Received: from lithops.sigma-star.at (lithops.sigma-star.at [195.201.40.130]) by lithops.sigma-star.at (Postfix) with ESMTP id 93E5F6074029; Tue, 15 Sep 2020 23:50:53 +0200 (CEST) Date: Tue, 15 Sep 2020 23:50:53 +0200 (CEST) From: Richard Weinberger To: horia geanta Cc: Iuliana Prodan , Herbert Xu , aymen sghaier , davem , Silvano Di Ninno , Franck Lenormand , Linux Crypto Mailing List , linux-kernel , linux-imx , david Message-ID: <881550786.93213.1600206653402.JavaMail.zimbra@nod.at> In-Reply-To: References: <1594591536-531-1-git-send-email-iuliana.prodan@nxp.com> <1594591536-531-3-git-send-email-iuliana.prodan@nxp.com> Subject: Re: [PATCH 2/2] crypto: caam - support tagged keys for skcipher algorithms MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT X-Originating-IP: [195.201.40.130] X-Mailer: Zimbra 8.8.12_GA_3807 (ZimbraWebClient - FF78 (Linux)/8.8.12_GA_3809) Thread-Topic: crypto: caam - support tagged keys for skcipher algorithms Thread-Index: SwVP6sBZjOv2Q9WeUVK81sHWwzKQnQ== Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org ----- Ursprüngliche Mail ----- > Von: "horia geanta" >>> How to use it with cryptsetup? >>> I'm asking because it is not clear to me why you are not implementing >>> a new kernel key type (KEYS subsystem) >>> to utilize tagged keys. >>> Many tools already support the keyctl userspace interface (cryptsetup, >>> fscrypt, ...). >> >> *friendly ping* >> > We didn't include the key management part in this series, > just the crypto API support for algorithms with protected keys, > to get early feedback. > > Wrt. key management: > The NXP vendor / downstream kernel (to be included in i.MX BSP Q3 release) > will have support for protected keys generation. > Besides this, a dedicated ioctl-based interface will allow userspace to > generate and export these keys. After this, user can use standard keyctl > to add a key (as user / logon type) in the keyring, such that it would be > available to dm-crypt. > > We know that adding new ioctls is frowned upon, so before trying to upstream > the ioctl-based solution the plan is checking the feasibility of > extending keyctl as David Howells suggested: > https://lore.kernel.org/lkml/8060.1533226481@warthog.procyon.org.uk > (Note the difference b/w adding new key type - which was rejected - > and a key "subtype extension".) We have also a keyctl based patch series which should go upstream. Since we also added a new keytype, it got rejected so far. Do you have git repo with the WIP patches available? Not that we do the work twice. :-) Our patch series also supports DCP beside of CAAM. Thanks, //richard