Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp386467pxf; Thu, 1 Apr 2021 03:56:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzNUJmw4U5ROb7H4FCTtgjIDtU0ruNMzMQd+Lubk5ZmBk0CwBJMjHNBrB/jE98U7p+Ex76G X-Received: by 2002:a17:906:f9cc:: with SMTP id lj12mr8265082ejb.544.1617274595263; Thu, 01 Apr 2021 03:56:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617274595; cv=none; d=google.com; s=arc-20160816; b=fg41c8ua05/1Gw1QIp9ibfMD1wlu8ejZGs2TtHSdfvNofXEHCg1gLORjuFUhojV6IB IoeGBCmJ5dn4UiyyPbxTsLkLiGA1hfUIfcZAL+a4Osb+0IosW5Ov+RLU2T+hJTRW1M9R Iu/9sUqQqONOs/eDludLezqVkBJVks2pS/1th8Yerw6tmiCqP4Q09oPfbGHUEj17MH7U D57PpQZwMlVvMERZzG8W/yISdza+UiQoB4QfH4Nb3w+9z6sDdDKExsVfarwuLZhjf8W5 LMDcTgf0q+FOxvdKjrgRMex2mDqP5AebKCfI2jABk7CmAKGuEOhI5tW+HorYG2eqZ9u4 QA7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:thread-index:thread-topic :content-transfer-encoding:mime-version:subject:references :in-reply-to:message-id:cc:to:from:date; bh=3xc00IMOSTzRcuDPNRLSgmZNFhLeaKNqYwv/rf1BpLU=; b=sNEurqPZDTbxoNpaTyn8tkB/c9ZVs5/4YUscu5YEF4LWHKPIMXU4uRU0uTPLpxz/X5 f6THShgkjYJyH18CalON27zvvvAXf/WpqRJuyybd6WK6IumOZ4Ot1H2GjLDOVzwov0oM w2NI+E7GzR0406rQPUao1xMgUyHOZfVM0W8pKpv81xK37whvWT3FBSPAAa5xhgeRr15J cvPtn/uEodjK7WOYzCRiv66zcguVWXlL1y5vkKM1ETM6C0+AsAv7d0BZUI1VH42/+I4V R1ZyzgbL1iBrLkrAPgYM2gbDF1bY0gGcwi47PWxAKs+IGNje/KQwn74urFBeU3B2dwq2 GtEg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dm20si4141541edb.28.2021.04.01.03.56.07; Thu, 01 Apr 2021 03:56:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233858AbhDAKz2 convert rfc822-to-8bit (ORCPT + 99 others); Thu, 1 Apr 2021 06:55:28 -0400 Received: from lithops.sigma-star.at ([195.201.40.130]:60844 "EHLO lithops.sigma-star.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234057AbhDAKy5 (ORCPT ); Thu, 1 Apr 2021 06:54:57 -0400 Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id E55D960FB28C; Thu, 1 Apr 2021 12:53:38 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id kHf6bXNSWmLt; Thu, 1 Apr 2021 12:53:38 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by lithops.sigma-star.at (Postfix) with ESMTP id 76B666071A7C; Thu, 1 Apr 2021 12:53:38 +0200 (CEST) Received: from lithops.sigma-star.at ([127.0.0.1]) by localhost (lithops.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Q_FICC5ApzVQ; Thu, 1 Apr 2021 12:53:38 +0200 (CEST) Received: from lithops.sigma-star.at (lithops.sigma-star.at [195.201.40.130]) by lithops.sigma-star.at (Postfix) with ESMTP id 3928660FB28C; Thu, 1 Apr 2021 12:53:38 +0200 (CEST) Date: Thu, 1 Apr 2021 12:53:38 +0200 (CEST) From: Richard Weinberger To: Ahmad Fatoum Cc: Jarkko Sakkinen , horia geanta , Mimi Zohar , aymen sghaier , Herbert Xu , davem , James Bottomley , kernel , David Howells , James Morris , "Serge E. Hallyn" , Steffen Trumtrar , Udit Agarwal , Jan Luebbe , david , Franck Lenormand , Sumit Garg , linux-integrity , "open list, ASYMMETRIC KEYS" , Linux Crypto Mailing List , linux-kernel , LSM Message-ID: <717795270.139671.1617274418087.JavaMail.zimbra@nod.at> In-Reply-To: <27d7d3fa-5df8-1880-df21-200de31cc629@pengutronix.de> References: <897df7dd-83a1-3e3e-1d9f-5a1adfd5b2fb@pengutronix.de> <1263763932.139584.1617272457698.JavaMail.zimbra@nod.at> <27d7d3fa-5df8-1880-df21-200de31cc629@pengutronix.de> Subject: Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT X-Originating-IP: [195.201.40.130] X-Mailer: Zimbra 8.8.12_GA_3807 (ZimbraWebClient - FF78 (Linux)/8.8.12_GA_3809) Thread-Topic: KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Thread-Index: DfD/q4ZvfJZf2mMkmIDHHYWuBGwS1g== Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Ahmad, ----- Ursprüngliche Mail ----- > Do you mean systemd-cryptsetup? It looks to me like it's just a way to supply > the keyphrase. With trusted keys and a keyphrase unknown to userspace, this > won't work. Nah, I meant existing scripts/service Files. > I don't (yet) see the utility of it without LUKS. Perhaps a command dump on how > to do the same I did with dmsetup, but with cryptsetup plain instead could > help me to see the benefits? My reasoning is simple, why do I need a different tool when there is already one that could do the task too? Usually the systems I get my hands on use already dm-crypt with cryptsetup in some way. So I have the tooling already in my initramfs, etc.. and need to adopt the callers of cryptsetup a little. If I need all of a sudden different/additional tooling, it means more work, more docs to write, more hassle with crypto/system reviewers, etc... I don't want you to force to use cryptsetup. The only goal was pointing out that it can be done with cryptsetup and that there is already code such that no work is done twice. One the kernel side it does not matter. Thanks, //richard