Received: by 2002:a05:7412:da14:b0:e2:908c:2ebd with SMTP id fe20csp2365238rdb;
        Tue, 10 Oct 2023 01:27:28 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEnJKhmQK29q2wdhVcknlVqPEidBhmjd+tTF6AY9g4wO+ilKvZM0FK8Vzsh9GnI5PHI7Ezg
X-Received: by 2002:a17:902:e743:b0:1c8:a132:a00f with SMTP id p3-20020a170902e74300b001c8a132a00fmr7018247plf.12.1696926448388;
        Tue, 10 Oct 2023 01:27:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1696926448; cv=none;
        d=google.com; s=arc-20160816;
        b=ZFyQouw0MjdaLj0u7kdmD4kHC/9k1dSENlkwE3qqtS1CyirCfqsSWgciF269pPrNf/
         214j1fOK9l2RUIPt4u0cqXSRVCn1rTQdHPwOGMWNC0f2IVLWLS/dgqMi/a9ecnT6HVK2
         MjQDfkZRx650+/0JJ5mXzLH8+9MiB3dzmmTlf49Zj6mYlRB6XFyq1QL3WkopNc2FTDaC
         oYCYnBsFEYuIpLUMW6s22KtN6yCvq6/k/wLLCyezfX8XEk3tL2xURY8mIk0Q/0L5zFJ3
         auZD9guO4tisCBl6r6xf84kLpQypxTSCL+XNUV1b/yRcPkzvnHmHHv5ObUu5Ahu3piiq
         xr4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=MMezTI3QpMy3DY25vpSNall6v74pJfkbFQngzP2jUBQ=;
        fh=Y/sH7eaPgmC0dvaLhdG6/LuQjxDmgyimI828czjlWwc=;
        b=ARy7fR3lcxKNEYESPScHBAzivbCSohPwx1NTUgq61mGpyEivMRWhFLb4f+SFJMidek
         +h7ORf6L5lT/tfhZW8OUyyaQCgBe32aebz1ZAlnwc0HurGOKt7Ol1jufyAZzFm+dGM+F
         ZoGBdmOGXylnwOjvV4kOeOUazxty6gwQin4s2U9jHPBIiJFajPKxPCa6BBiTKAMAd3Px
         mDTjDmJUTPEaeyMbn9Na5l9NDvbyZnBo3qdxgXUI49ucZ5ZMr7Y9t9CbecfxwCOQ+7EN
         pjnl4yHu3PaM+yyE9DtQBcmQxenMpOVL5CMUVoFRJ2bNbVdV/fYuVh/NT8xcnSHjmOss
         9RFw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=dlsVzCFG;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from snail.vger.email (snail.vger.email. [23.128.96.37])
        by mx.google.com with ESMTPS id x11-20020a170902a38b00b001c71eb782b0si11011037pla.94.2023.10.10.01.27.23
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 10 Oct 2023 01:27:28 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=dlsVzCFG;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id A6AB4812D218;
	Tue, 10 Oct 2023 01:27:22 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1442868AbjJJI1U (ORCPT <rfc822;sbozturk97@gmail.com>
        + 99 others); Tue, 10 Oct 2023 04:27:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59196 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1442875AbjJJI1P (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 10 Oct 2023 04:27:15 -0400
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30B11ED;
        Tue, 10 Oct 2023 01:27:13 -0700 (PDT)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 272FFC433C9;
        Tue, 10 Oct 2023 08:27:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1696926432;
        bh=IsEPIRqztj/gpHEaupHz40fvwhnyENE4HA0MBVHyF6Y=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=dlsVzCFGq7uR0uj6Kew58xuH6g26clrrWJwJB6t9itWIufmYLQ3avQd8H3In3eN+6
         pSq0L8cRtw+u37RyNZGOAM/zd7YW3RIzYgd8N6w0Cj9dAYnQpPUXW449yzYO0JXTd9
         Cv9FVLnsMoDdIahr2iXnaDfLGzictWZdZtpV0aRE=
Date:   Tue, 10 Oct 2023 10:27:11 +0200
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     Alexander Graf <graf@amazon.com>
Cc:     linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
        Arnd Bergmann <arnd@arndb.de>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Olivia Mackall <olivia@selenic.com>,
        Petre Eftime <petre.eftime@gmail.com>,
        Erdem Meydanlli <meydanli@amazon.nl>,
        Benjamin Herrenschmidt <benh@kernel.crashing.org>,
        David Woodhouse <dwmw@amazon.co.uk>,
        "Michael S . Tsirkin" <mst@redhat.com>,
        Jason Wang <jasowang@redhat.com>,
        Xuan Zhuo <xuanzhuo@linux.alibaba.com>,
        Kyunghwan Kwon <k@mononn.com>
Subject: Re: [PATCH v4 1/2] Import CBOR library
Message-ID: <2023101001-ocelot-veteran-10db@gregkh>
References: <20231009212053.2007-1-graf@amazon.com>
 <20231009212053.2007-2-graf@amazon.com>
 <2023101010-overwrite-parakeet-91d5@gregkh>
 <0ee221bc-ea99-4724-9ebd-436e91417e4b@amazon.com>
 <2023101009-accustom-manifesto-8bdb@gregkh>
 <b3a8c722-c0e2-4c8c-aef0-29af0a93572d@amazon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <b3a8c722-c0e2-4c8c-aef0-29af0a93572d@amazon.com>
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 10 Oct 2023 01:27:22 -0700 (PDT)

On Tue, Oct 10, 2023 at 10:08:43AM +0200, Alexander Graf wrote:
> 
> On 10.10.23 10:03, Greg Kroah-Hartman wrote:
> > 
> > On Tue, Oct 10, 2023 at 09:55:25AM +0200, Alexander Graf wrote:
> > > Hey Greg,
> > > 
> > > On 10.10.23 08:13, Greg Kroah-Hartman wrote:
> > > > On Mon, Oct 09, 2023 at 09:20:52PM +0000, Alexander Graf wrote:
> > > > > To fully support the Nitro Secure Module communication protocol, we need
> > > > > to encode and decode CBOR binary data. Import an MIT licensed library
> > > > > from https://github.com/libmcu/cbor (commit f3d1696f886) so that we can
> > > > > easily consume CBOR data.
> > > > What is "CBOR"?  I don't see a description of it here.
> > > 
> > > CBOR is the "Concise Binary Object Representation"
> > > (https://en.wikipedia.org/wiki/CBOR) binary format.
> > > 
> > > 
> > > > And I guess you are going to keep this in sync with upstream?  Or do you
> > > > really need the full library here (you #ifdef the float stuff out), does
> > > > your module really need all of the functionality and complexity of this
> > > > library, or can it use just a much smaller one instead?
> > > 
> > > CBOR knows a total of 9 data types:
> > > 
> > >    - Unsigned integers
> > >    - Signed integers
> > >    - Binary string
> > >    - UTF-8 string
> > >    - Arrays
> > >    - Maps (like a python dictionary)
> > >    - Semantic tag
> > >    - Bools
> > >    - Floats
> > > 
> > > Out of these, the NSM communication protocol uses all except Semantic tags
> > > and Floats. The CBOR library that this patch imports does not have special
> > > handling for Semantic tags, which leaves only floats which are already
> > > #ifdef'ed out. That means there is not much to trim.
> > > 
> > > What you see here is what's needed to parse CBOR in kernel - if that's what
> > > we want to do. I'm happy to rip it out again and make it a pure user space
> > > problem to do CBOR :).
> > Yes, why are we parsing this in the kernel?  What could go wrong with
> > adding yet-another-parser in privileged context?  :)
> > 
> > Why does this have to be in the kernel, the data sent/recieved is over
> > virtio, so why does the kernel have to parse it?  I couldn't figure that
> > out from the driver, yet the driver seems to have a lot of hard-coded
> > parsing logic in it to assume specific message formats?
> 
> 
> The parsing doesn't have to be in kernel and it probably shouldn't be
> either. V3 of the patch was punting all the parsing to user space, at which
> point you and Arnd said I should give it a try to do the protocol parsing in
> kernel space instead. That's why the parser is here.

Arnd said that, not me :)

> If we conclude that all this in-kernel parsing is not worth it, I'm very
> happy to just go back to the the v3 ioctl interface and post v5 with hwrng
> merged into misc, but remove all CBOR logic again :)

I think the less parsers we have in the kernel, the safer we are for
obvious reasons.  Unless you have a parser for this in rust?  :)

I don't really know, having a generic interface is good, but at the
expense of this api is probably not good.  individual ioctls might be
better if there are not going to be any other drivers for this type of
thing?

it's a tough call, let's see what a unified driver, no parser, looks
like, that should be pretty simple and small so maybe stick with that?

thanks,

greg k-h