Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp4689555pxf;
        Tue, 30 Mar 2021 14:31:32 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxtQFNlsM4it6Fc7xdAfZS3f19qO8NrL7GzfREBBliBWLR68AaWJWjoZm7Ag06WOM5gp+f2
X-Received: by 2002:a17:906:1a44:: with SMTP id j4mr121435ejf.401.1617139892034;
        Tue, 30 Mar 2021 14:31:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1617139892; cv=none;
        d=google.com; s=arc-20160816;
        b=YonHSzSiRx2UK8MplSaHev04HQ2WS9swhlk/TOVTGgryv7rzo2i28814o49hPwn8tu
         Ovx5loVBKJEGZm+g0PWLvPxmhavlCtiLJBYIcEEbvNL0GBt318PmWmKLE9GXtrcOWZSg
         DEJU6Mud17m9O4AoPBCK7rfBE8b9EsZyYu3EGk6GcpAw7g+dLxcBtwo9yIW1712dTY8l
         JRmjWvt+2gmv/FJlqOsuJjogWyZrY0WI/tnbRpLNYJ/Hqv0ngikn2CuxP2lZz7VIXVaC
         JsSDZpB2dTVPa0lvn81/1YZRd5QRN3n+MVm6RSCPNcA12+lrTgU5CqhaKAXBSDxlobRQ
         ZgKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=ijyhfQ+fdBvGo4/9WEvg+2IXq75NDRW57Oedihv3mO4=;
        b=g0ZHdnV1L4MWAE+1rSSq/qK0Eome+ehWTI5bulaFdFlKB4wwhGFd+D/Ye79OsvLdLi
         1FZjFa9Ghd6u+Nd8dmTS0odWsLiiqRpUCIZi6uRQSYdjdfqt4skuRcEXKfjwt1mZdMd5
         ISNLEAuOHP+rHbW8/k5mwh3Wr0mwDEHHUVGzDDJtu4DIe75pRrSYjefk++elJFz2r0pu
         4O9Jcaomi2xC4WK0sjvReISMdFLVW9Hak8QQ9qiIKVWiC9r8gubLD69VOhNB+utZeIGE
         Q8EVtkBw1C0scGcUpC3E0jtjfVDFNZFo8lHW+XjqrrWkjYOVuEJo5GPhFrVPzHNUNGuV
         iSSA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=f9RyZpyp;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id dr9si28801ejc.436.2021.03.30.14.30.55;
        Tue, 30 Mar 2021 14:31:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=f9RyZpyp;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233413AbhC3V3k (ORCPT <rfc822;dave.gstir+lkml@gmail.com>
        + 99 others); Tue, 30 Mar 2021 17:29:40 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51796 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233288AbhC3V2n (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 30 Mar 2021 17:28:43 -0400
Received: from mail-qv1-xf31.google.com (mail-qv1-xf31.google.com [IPv6:2607:f8b0:4864:20::f31])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD342C061574;
        Tue, 30 Mar 2021 14:28:42 -0700 (PDT)
Received: by mail-qv1-xf31.google.com with SMTP id 30so8926783qva.9;
        Tue, 30 Mar 2021 14:28:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=ijyhfQ+fdBvGo4/9WEvg+2IXq75NDRW57Oedihv3mO4=;
        b=f9RyZpypffvWmRYdkEcjEkX2s4R4L944gJMfUKX0CN++k1SIfk70wFF/gDxYVi0h4T
         Lsl0f5g5IahBSh9rt22YOw0bB3z4IG2B0T4kCejmxzwUfe6QXE4oT9NMYKrqphGOTV7J
         X6bfKR6Auz7dR2iN+FJ4b3jSZqwkazZcr7SICayUCgbXqfFfId4rVEU/3iaZrX72iUCA
         nQKEyQSVHKAUrV0t/y112eyVhB+KCwgl0NpFuTaxk+seJgVBKtMxGZLlyaNSRXyhUu6F
         3fLvazzscIjhFvfml8YpHbE6uxC0uN2idxGjoEIFNkB/+pOSu8MY1ZXHwHH4U4Wv8kF6
         O+sA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=ijyhfQ+fdBvGo4/9WEvg+2IXq75NDRW57Oedihv3mO4=;
        b=bi0PFpR+0JcoEORmjdZch+Zh4EtG+TNtl7gNQ7eeDLReMGN1PGe0b9fYU6wXuMgOWh
         Ug0qmzxRgwzQaxKiaBYkR8mDul/c+YsvewWM0rDA1iTQZCu5t5mkZHqn2TOIx4uQ/pLI
         s7yzwcQdR0ext1kBq+3EYh+vXka42S64lCPoxb/W4fVgEJA2GQnlnOj0DRTCN00DGosA
         EfELSrRPXiBOWk6LC8oYAZACy/d0lWC3B6KVH5BXvsCWYDbz/4h3M+D0Uw6NbWGwFgYF
         lHxyFby2yrCthFtJKACZj8+AoAJK8ZKqt2OaUk5+qEw1KbjfKduwr6lNrO3k69eyFdUZ
         2NYw==
X-Gm-Message-State: AOAM532oixT7TM2p9YqGh77WHMopIO4MgXsh6JicNZFgmZRAxjXjCieW
        mSH8WGkziJhCHtivFjxNiU3jk3NV7tr8eDjN+qY=
X-Received: by 2002:a05:6214:9c9:: with SMTP id dp9mr190591qvb.34.1617139721882;
 Tue, 30 Mar 2021 14:28:41 -0700 (PDT)
MIME-Version: 1.0
References: <cover.56fff82362af6228372ea82e6bd7e586e23f0966.1615914058.git-series.a.fatoum@pengutronix.de>
 <319e558e1bd19b80ad6447c167a2c3942bdafea2.1615914058.git-series.a.fatoum@pengutronix.de>
 <CAFLxGvxmRcvkweGSRSLGEm5MJDM4M7nzkp9FwOwmhZ+h2RE0vA@mail.gmail.com> <91b01387-1814-0719-8a21-2beb150dfcd6@pengutronix.de>
In-Reply-To: <91b01387-1814-0719-8a21-2beb150dfcd6@pengutronix.de>
From:   Richard Weinberger <richard.weinberger@gmail.com>
Date:   Tue, 30 Mar 2021 23:28:30 +0200
Message-ID: <CAFLxGvz9efpWS29f3vabbyDA46KVZ8kb2NNkJvLeafAb-rcXVg@mail.gmail.com>
Subject: Re: [PATCH v1 3/3] KEYS: trusted: Introduce support for NXP
 CAAM-based trusted keys
To:     Ahmad Fatoum <a.fatoum@pengutronix.de>
Cc:     Jonathan Corbet <corbet@lwn.net>,
        David Howells <dhowells@redhat.com>,
        Jarkko Sakkinen <jarkko@kernel.org>,
        James Bottomley <jejb@linux.ibm.com>,
        Mimi Zohar <zohar@linux.ibm.com>, kernel@pengutronix.de,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        =?UTF-8?Q?Horia_Geant=C4=83?= <horia.geanta@nxp.com>,
        Aymen Sghaier <aymen.sghaier@nxp.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "David S. Miller" <davem@davemloft.net>,
        Udit Agarwal <udit.agarwal@nxp.com>,
        Jan Luebbe <j.luebbe@pengutronix.de>,
        David Gstir <david@sigma-star.at>,
        Franck LENORMAND <franck.lenormand@nxp.com>,
        Sumit Garg <sumit.garg@linaro.org>, keyrings@vger.kernel.org,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org,
        LKML <linux-kernel@vger.kernel.org>,
        LSM <linux-security-module@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Ahmad,

On Wed, Mar 17, 2021 at 3:03 PM Ahmad Fatoum <a.fatoum@pengutronix.de> wrote:

> > I didn't closely follow the previous discussions, but is a module
> > parameter really the right approach?
> > Is there also a way to set it via something like device tree?
>
> Compiled-on sources are considered in the order: tpm, tee then caam.
> Module parameters are the only override currently available.

Okay. So in the ideal case only one of these backends is compiled in,
but the list can get long.

I'm asking because David and I currently port another caam-like
mechanism to the most recent
kernel which will also hook in there.
Out driver adds trusted keys support (with caam alike blobs) for i.mx
SoCs that come with DCP
instead of CAAM.
Patches will hopefully materialize soon.

-- 
Thanks,
//richard