Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp98329pxf; Wed, 24 Mar 2021 22:29:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzcrRBsQ4uxqeT0j41ab7H6yGDwZtbprIC8Lq6yP7c20dDq4ZYCadyhDnRikm3MFAiG1Njy X-Received: by 2002:a17:906:33d9:: with SMTP id w25mr7774073eja.413.1616650169530; Wed, 24 Mar 2021 22:29:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616650169; cv=none; d=google.com; s=arc-20160816; b=fbEhsZzU7OPihTzr4azAeFlNR0q7QQPqPVjQY7HTJL6uK0Az7u2znd5QN7WRF+iyBf JqL/rAe4C1Jlb8TuYbECII2fQsAHLkWwKWVCYxAzzGTcZ3M/2iKRL+bFtNAWkzwmUgcq U1E8Awzw5rN5mF6jucO53kJ71exJtKIHhftK3CvC1ycP7aci17AbzB7csWFBVrmZTMPz H7QAJ9nIjXXZk3Rq1W/O4+qU6j8Chgpr87lma74T7Mp2UxCcye8SfixBPaOXd1Cgprpd Mpqpl7Po78GgQ6iIXXomtWhl9xFDAKmxeL+2lquhdVnBBgYN7kYQGCVxIdiqbWI4iBoI 3MMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=gFsXQtNcZc/jzBbc3KmHaNr8LuwlVaIo4tkNpXAhMCs=; b=GK08q8yu2kNml4CwKYe15rfVhJ3wa8sWV3P9SebrIHC7iXj8vudqWG7Pl5R1xdRDz3 BtGivCsCnR2QrYPmNVkUL5DxWTvi4Si3EkJa2xfOjk9MpurvlhdERyjeTJM3ZJ3nMS9c HPS5VMCNf7gFuHaF0r/lMyPBbTPZDkS4gJ9wxeHhnzoTOS4VKvtGc2Bszj4iAbfp0dVf QtZPafMlTR3b9bckPtz+oAEg0E5HoNECQsjvUcd9sqRXw7Tkb4KE1sUgPLEZYOVanWqG Q261bHRrRNZgIZC9MbGk5KTYP01uukE45Yrv8ak0V+fnZd9D9TSHcYL4CliWnhnJc3ZF ckMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=szUldggy; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u6si3246157ejx.73.2021.03.24.22.28.57; Wed, 24 Mar 2021 22:29:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=szUldggy; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229592AbhCYF0g (ORCPT + 99 others); Thu, 25 Mar 2021 01:26:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46292 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229861AbhCYF0W (ORCPT ); Thu, 25 Mar 2021 01:26:22 -0400 Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7A1CC061760 for ; Wed, 24 Mar 2021 22:26:20 -0700 (PDT) Received: by mail-lj1-x236.google.com with SMTP id z25so1577763lja.3 for ; Wed, 24 Mar 2021 22:26:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=gFsXQtNcZc/jzBbc3KmHaNr8LuwlVaIo4tkNpXAhMCs=; b=szUldggyNmVjxsrrTtlWnMRQPOMVT8cZCe5n98DB5e4AYjxCy/yawxRJYDhyjY6/HE 1zdQ2jBG3uJUxf4XjRDqgsZIjI/Zywasn9xRPTjryeG8OKkMdPujkQO4GFwQN4oyDFi6 o57TGNrEaoTRteOJ6W5ldogRM9nWPaTOxIpCyMiGsYB8nmVZ958quD6y0y3tWN2xtN0c Ge2a1/y1yT3tD/qpV4vaIPTb089AVGdNEmBZ+xYZbA6zlapEXrvicmkhwUq7rM2dV1Vk WnJ0YkTAlZVUzS3v5UkNOVRB6pTUtTAfpkqRIU76j8laN1/2CsRpNb8bW/Wr7tYlHzBj l/xg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=gFsXQtNcZc/jzBbc3KmHaNr8LuwlVaIo4tkNpXAhMCs=; b=uA8+KfXQe5xoNpGYgGVfb0kJKulFP8sxkcIoUuxV2cNgjRneMbI/nebOu8bGcolqjy ClQjzbJSho31BDLRrq/4IX7a62TJ6p4kgKVaRq07l7GaFYZ0c24J11R9cL1ASCTnyT2o QkqWDIExJEdBSlAak3fiMgw67HYU/7wzgVX7Vkt/iBy6J9Uad5YGRAdgWwVEyqx6I8fU aJOGj2fstZUNRarUGgVRivZAz/3pcQDQkL9ZAkElxHgHMy4nrb1piIZGcUK9adbSL0vL wqEtu6MdoHr8E0qlzUwsOc+xMMeLtODiR7XC/GZ54nebv6ZRnygy5EHTm8+N3b/VYUKc BrLg== X-Gm-Message-State: AOAM533m12BYthW1eGovay10hsm4SHdNMSHRb/aNAk4X+HmPv1ikSTNZ PKl7vu1hcpAuVaXkZ7+Sa8kzem+0qSaqKQ99sdM8Og== X-Received: by 2002:a05:651c:481:: with SMTP id s1mr4183162ljc.152.1616649979216; Wed, 24 Mar 2021 22:26:19 -0700 (PDT) MIME-Version: 1.0 References: <319e558e1bd19b80ad6447c167a2c3942bdafea2.1615914058.git-series.a.fatoum@pengutronix.de> <01e6e13d-2968-0aa5-c4c8-7458b7bde462@nxp.com> <45a9e159-2dcb-85bf-02bd-2993d50b5748@pengutronix.de> <63dd7d4b-4729-9e03-cd8f-956b94eab0d9@pengutronix.de> <557b92d2-f3b8-d136-7431-419429f0e059@pengutronix.de> In-Reply-To: <557b92d2-f3b8-d136-7431-419429f0e059@pengutronix.de> From: Sumit Garg Date: Thu, 25 Mar 2021 10:56:07 +0530 Message-ID: Subject: Re: [PATCH v1 3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys To: Ahmad Fatoum Cc: Mimi Zohar , =?UTF-8?Q?Horia_Geant=C4=83?= , Jonathan Corbet , David Howells , Jarkko Sakkinen , James Bottomley , "kernel@pengutronix.de" , James Morris , "Serge E. Hallyn" , Aymen Sghaier , Herbert Xu , "David S. Miller" , Udit Agarwal , Jan Luebbe , David Gstir , Franck Lenormand , "keyrings@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "linux-doc@vger.kernel.org" , "linux-integrity@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-security-module@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, 24 Mar 2021 at 19:37, Ahmad Fatoum wrote: > > Hello Sumit, > > On 24.03.21 11:47, Sumit Garg wrote: > > On Wed, 24 Mar 2021 at 14:56, Ahmad Fatoum wr= ote: > >> > >> Hello Mimi, > >> > >> On 23.03.21 19:07, Mimi Zohar wrote: > >>> On Tue, 2021-03-23 at 17:35 +0100, Ahmad Fatoum wrote: > >>>> On 21.03.21 21:48, Horia Geant=C4=83 wrote: > >>>>> caam has random number generation capabilities, so it's worth using= that > >>>>> by implementing .get_random. > >>>> > >>>> If the CAAM HWRNG is already seeding the kernel RNG, why not use the= kernel's? > >>>> > >>>> Makes for less code duplication IMO. > >>> > >>> Using kernel RNG, in general, for trusted keys has been discussed > >>> before. Please refer to Dave Safford's detailed explanation for not > >>> using it [1]. > >> > >> The argument seems to boil down to: > >> > >> - TPM RNG are known to be of good quality > >> - Trusted keys always used it so far > >> > >> Both are fine by me for TPMs, but the CAAM backend is new code and nei= ther point > >> really applies. > >> > >> get_random_bytes_wait is already used for generating key material else= where. > >> Why shouldn't new trusted key backends be able to do the same thing? > >> > > > > Please refer to documented trusted keys behaviour here [1]. New > > trusted key backends should align to this behaviour and in your case > > CAAM offers HWRNG so we should be better using that. > > Why is it better? > > Can you explain what benefit a CAAM user would have if the trusted key > randomness comes directly out of the CAAM instead of indirectly from > the kernel entropy pool that is seeded by it? IMO, user trust in case of trusted keys comes from trusted keys backend which is CAAM here. If a user doesn't trust that CAAM would act as a reliable source for RNG then CAAM shouldn't be used as a trust source in the first place. And I think building user's trust for kernel RNG implementation with multiple entropy contributions is pretty difficult when compared with CAAM HWRNG implementation. -Sumit > > > Also, do update documentation corresponding to CAAM as a trusted keys b= ackend. > > Yes. The documentation should be updated for CAAM and it should describe > how the key material is derived. Will do so for v2. > > Cheers, > Ahmad > > > > > [1] https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.= git/tree/Documentation/security/keys/trusted-encrypted.rst#n87 > > > > -Sumit > > > >> Cheers, > >> Ahmad > >> > >>> > >>> thanks, > >>> > >>> Mimi > >>> > >>> [1] > >>> https://lore.kernel.org/linux-integrity/BCA04D5D9A3B764C9B7405BBA4D4A= 3C035F2A38B@ALPMBAPA12.e2k.ad.ge.com/ > >>> > >>> > >>> > >> > >> -- > >> Pengutronix e.K. | = | > >> Steuerwalder Str. 21 | http://www.pengutronix.de= / | > >> 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 = | > >> Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-55= 55 | > > > > -- > Pengutronix e.K. | = | > Steuerwalder Str. 21 | http://www.pengutronix.de/ = | > 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 = | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 = |