Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1580583rwi; Thu, 20 Oct 2022 14:30:24 -0700 (PDT) X-Google-Smtp-Source: AMsMyM48wBcSRimgQn8MaTXVDrtKtJDiGDHaxH9ydBin3SQNi5I070cE9b7bovBZBA6+uBqD9IxE X-Received: by 2002:a17:906:5a44:b0:78d:4c17:9856 with SMTP id my4-20020a1709065a4400b0078d4c179856mr12762625ejc.477.1666301423802; Thu, 20 Oct 2022 14:30:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666301423; cv=none; d=google.com; s=arc-20160816; b=SOckFO/cY8POO5PH4XFxg9M4iMdUwheHH5+fTqJ2dqkYe+IjDieAXLsVaPJ1kFI8Fq heC/fgGg1kLdELztPQvDA2QQ7kPFVQ+XygaNQZu8E/KAvNRrPo6xZfhW72Way8735gyT fND9gTXMY2dIetdu3Gf4C4R2X9K+pUCSbiGJ9LL+k+8e/vBSA6Z2kxeDSQ5U8nEDNNh6 iJuxwtRakfpoQVRoUvoWj0XM7/NQUrA/OfbH+eewhEjGqqkAVwHFw2UMrhH1iM2Ne9a6 QHmekLOg1AjeDA8VfRBL34RexP+zNzbKP/pIv10HjzFv0D816hLNNX7+GQLOnmqFsPG4 qBfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ae8wzha8pDjf7KoqwWiEi3WIIhNyOceSCPzcU1Rr0dU=; b=y13+cQ96cFD5+yUD02mpTWtmKBCPYQDJyqOxapjK9EuiT2WBNaEaT1hmG9Ai+oeuUl pY3KGaG5WINlvS4pCmqFQm6bCKthW2sZQzKEXcD2MNGc0E/pyPzTVZ3GKPMUXLgumUs1 W8iqUa54Vh+Rmtx5MAraON3MqiSrcDINxbEoYozzo613+Sapg3XM6QWAdiuxVhONaPwZ 5xNwwzbWeCN0A8T+UPe/bSZ9vB1PqQdbcI2VPYWsCzDqPBUNlAyJlA/faNwHjalu6yQx xR8chGe4jA9nSLzE2L6UyhzxmBV5sCPYJf7kIDazkmjFcNv08awcJ1IVbfS6gt9ot7wx ScHg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ETkFoNIw; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hq10-20020a1709073f0a00b0078a9cbab78asi20122225ejc.738.2022.10.20.14.29.52; Thu, 20 Oct 2022 14:30:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ETkFoNIw; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229802AbiJTV25 (ORCPT + 99 others); Thu, 20 Oct 2022 17:28:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45232 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229509AbiJTV24 (ORCPT ); Thu, 20 Oct 2022 17:28:56 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A26E41D0D51; Thu, 20 Oct 2022 14:28:50 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 5CE85B8295E; Thu, 20 Oct 2022 21:28:48 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3AF24C433C1; Thu, 20 Oct 2022 21:28:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1666301327; bh=rWfQzP6/H9EAAjSIpr3p+kEno6vt0QBXq32WDxAfruU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ETkFoNIwV/rtQAkC6D0iTcGP48Lv+lCWAEfot85DN9OQs9Tnc4XCjUH5pFR4ztre3 nZG3MyrrlnpUwkuUnr8qqsNqMuBZLyf3vg2OnfSLc6jwAG2RU3bUAT3bCYrl0AB8hU vQCBfUbT4Oumto+b5K8TtrWcQcS8zVuk03inW/pg54jeZ4LIRRbIFljLOIshOzyEkK hwdxurKtatrsk+N9iliJjkw2fSpEIAyydd60T7KEQuXbYs69SJ++9ed0+eCzxZLbXt 7OpqMh3jh+wdkBlBIgy2DSpm9HBuBMrAarmBV2qy7MEl/1f/KGnvP/KZZvy58CION1 li7bd6SYatLqA== Date: Thu, 20 Oct 2022 14:28:36 -0700 From: Eric Biggers To: Jason Gunthorpe Cc: Herbert Xu , "Jason A. Donenfeld" , Pankaj Gupta , "jarkko@kernel.org" , "a.fatoum@pengutronix.de" , "gilad@benyossef.com" , "jejb@linux.ibm.com" , "zohar@linux.ibm.com" , "dhowells@redhat.com" , "sumit.garg@linaro.org" , "david@sigma-star.at" , "michael@walle.cc" , "john.ernberg@actia.se" , "jmorris@namei.org" , "serge@hallyn.com" , "davem@davemloft.net" , "j.luebbe@pengutronix.de" , "richard@nod.at" , "keyrings@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "linux-integrity@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-security-module@vger.kernel.org" , Sahil Malhotra , Kshitiz Varshney , Horia Geanta , Varun Sethi Subject: Re: [EXT] Re: [PATCH v0 3/8] crypto: hbk flags & info added to the tfm Message-ID: References: <20221006130837.17587-4-pankaj.gupta@nxp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Oct 20, 2022 at 04:23:53PM -0300, Jason Gunthorpe wrote: > On Wed, Oct 19, 2022 at 09:26:05PM -0700, Eric Biggers wrote: > > > Are you referring to the support for hardware-wrapped inline crypto keys? It > > isn't upstream yet, but my latest patchset is at > > https://lore.kernel.org/linux-fscrypt/20220927014718.125308-2-ebiggers@kernel.org/T/#u. > > There's also a version of it used by some Android devices already. Out of > > curiosity, are you using it in an Android device, or have you adopted it in some > > other downstream? > > Unrelated to Android, similar functionality, but slightly different > ultimate purpose. We are going to be sending a fscrypt patch series > for mlx5 and nvme soonish. That's interesting, though also slightly scary in that it sounds like you've already shipped some major fscrypt changes without review! > > > Yes, it would be nice to see a comprehensive understand on how HW > > > resident keys can be modeled in the keyring. > > > > Note that the keyrings subsystem is not as useful as it might seem. It sounds > > like something you want (you have keys, and there is a subsystem called > > "keyrings", so it should be used, right?), but often it isn't. fscrypt has > > mostly moved away from using it, as it caused lots of problems. I would caution > > against assuming that it needs to be part of any solution. > > That sounds disappointing that we are now having parallel ways for the > admin to manipulate kernel owned keys. Well, the keyrings subsystem never worked properly for fscrypt anyway. At most, it's only useful for providing the key to the filesystem initially (by passing a key ID to FS_IOC_ADD_ENCRYPTION_KEY, instead of the key bytes), similar to what dm-crypt allows. After that, the keyrings subsystem plays no role. I'm open to making FS_IOC_ADD_ENCRYPTION_KEY accept other 'struct key' types, like "trusted" which has been discussed before and which dm-crypt supports. Just don't assume that just because you have a key, that you automatically *need* the keyrings subsystem. Normally just passing the key bytes in the ioctl works just as well and is much simpler. Same for dm-crypt, which normally takes the key bytes in the device-mapper table parameters... - Eric