Received: by 2002:ab2:3350:0:b0:1f4:6588:b3a7 with SMTP id o16csp2137735lqe;
        Tue, 9 Apr 2024 10:28:52 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCUhGQYhn1E4hVNZaSVT2dV8kNvb8QpvsWZnjANm9ts8BybTTBM1lxL/aMMn4Cx2f3it0pYeaf2+hbdXg3koeY6QoBnKU7rknstGcWD1QQ==
X-Google-Smtp-Source: AGHT+IGB80vIn4IHSgEUDb/fjthellcHHIJ53JdZNAkqpvKxZW5jhsjVgGz4fXk2D4/okj26nHy8
X-Received: by 2002:a05:620a:1258:b0:789:e28c:d73 with SMTP id a24-20020a05620a125800b00789e28c0d73mr278013qkl.49.1712683731976;
        Tue, 09 Apr 2024 10:28:51 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1712683731; cv=pass;
        d=google.com; s=arc-20160816;
        b=D1e+HstVfhPczkVsjW8jeDcxSJZrkd2544W7JyaxUaz4jF8xx+C+PGxZiaXfG+IEWC
         GvIg457VTzne1X9ZTFzuDWxmg4thJZRVwbW9ZadoQwOAhiWpwDjdk+nivhty7oSRDeOA
         0KTOsaAR2PiB629VYpPSOpyswPw/5+1Z1QZ6m/YWojVPfflQL1AxNdEFuEKKkK+xZ4yN
         ewIasHSUvi3iyTUievUpnUWEJ32M+mWdIP/91xqqUsUxEE8ns6nHl3Ln56eSYJQPF9gB
         +5UAC8/zWT3uDsVWbaUR5VbFYA3BBReEPdjhUfeTAtRp0VwrnpSd04Cy/zBd7smZ0InW
         viCg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:in-reply-to:from:references:cc:to
         :content-language:subject:user-agent:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:date:message-id;
        bh=UBye21GSataCZwdAQD/VvMiEAaKSCh+5k1t6L9WkbVE=;
        fh=exKPy94Xffe94veNaqpB4SI2OoOU+dk6iZuiUiSMzF8=;
        b=E/osA4BXP5YnQHvzh7YK0M3kGHPcrXwoqFbUwwlX8xoB93E4ErvbCsSMB3bju5NCQZ
         0AC7vQBP2Zm0xO3fTuI5EeCoRpbSFsAaYTeQRWskE63jbsoa/rlYvsE8rSOPP1t/I3M3
         UUtAzu5dqHjxeO2nWvrqdulAw3zzrq+I0jbHvZv8pqpTO7hk2VXBV0I2Kp9B3r9ZDi4Z
         bxLZvjzl1LfYPmwS5iHIPl/YXz4Ykd/zLo8s/BB09otmygdCR58lN0fVUIK14g9n1t61
         9kXvZGESNcvEZCWfadS4S2vHL/ntERxPrX3flFGJyeioR2T1dY2BDvEnw71P48j4Rujp
         2NcQ==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=pengutronix.de);
       spf=pass (google.com: domain of linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id g6-20020a05620a40c600b0078bc2fa71eesi12387591qko.43.2024.04.09.10.28.51
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 09 Apr 2024 10:28:51 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=pengutronix.de);
       spf=pass (google.com: domain of linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3430-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id AE8B51C22F87
	for <linux.lists.archive@gmail.com>; Tue,  9 Apr 2024 17:28:51 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 368DB156897;
	Tue,  9 Apr 2024 17:28:41 +0000 (UTC)
X-Original-To: linux-crypto@vger.kernel.org
Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [185.203.201.7])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 94645156888
	for <linux-crypto@vger.kernel.org>; Tue,  9 Apr 2024 17:28:39 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.203.201.7
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1712683721; cv=none; b=KCueXDfnTtcPTIkAAlKkeW+lxSnXqhnNZ9xCmYl5IFF61J267dX8e9bc37GGxcEUOvZbpguC6ADJloE4umKvAc87C0XJvx0iqok7zPsBGIU5W6/VPr+DFywrW4jS8LCGLLZIdzlWm7d6DfDdpRYY1NsfMjXxtlcxBZ6fEKGQReo=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1712683721; c=relaxed/simple;
	bh=eHo/igXZcq8HeXdyeAD2kiUayElbdwtoFad+ENVCRhc=;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:
	 In-Reply-To:Content-Type; b=PR5kPhxxSn7e/ufZjdrFCMkRo78qEAkmM3VB7Dcq0xN33imcNYfx7OyuqpRm4N/i86gZmYbZGz52N4T4UblmvPP+WxTWJOFN1J45NNEpDyXQj859SfS30ORArjfvgL9OFM0c2CskvIvQJmCr0an3rkxFx8nV1/WE6Aa1rHP0dBs=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pengutronix.de; spf=pass smtp.mailfrom=pengutronix.de; arc=none smtp.client-ip=185.203.201.7
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=pengutronix.de
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=pengutronix.de
Received: from ptz.office.stw.pengutronix.de ([2a0a:edc0:0:900:1d::77] helo=[127.0.0.1])
	by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <a.fatoum@pengutronix.de>)
	id 1ruFGD-0001dT-16; Tue, 09 Apr 2024 19:27:53 +0200
Message-ID: <4c6164e5-bcfd-4172-a76e-db989f729a8a@pengutronix.de>
Date: Tue, 9 Apr 2024 19:27:44 +0200
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [EXT] [PATCH v8 3/6] KEYS: trusted: Introduce NXP DCP-backed
 trusted keys
Content-Language: en-US
To: Kshitiz Varshney <kshitiz.varshney@nxp.com>,
 David Gstir <david@sigma-star.at>, Mimi Zohar <zohar@linux.ibm.com>,
 James Bottomley <jejb@linux.ibm.com>, Jarkko Sakkinen <jarkko@kernel.org>,
 Herbert Xu <herbert@gondor.apana.org.au>,
 "David S. Miller" <davem@davemloft.net>
Cc: "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
 Gaurav Jain <gaurav.jain@nxp.com>, Catalin Marinas
 <catalin.marinas@arm.com>, David Howells <dhowells@redhat.com>,
 "keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
 Fabio Estevam <festevam@gmail.com>, Paul Moore <paul@paul-moore.com>,
 Jonathan Corbet <corbet@lwn.net>, Richard Weinberger <richard@nod.at>,
 "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
 James Morris <jmorris@namei.org>, dl-linux-imx <linux-imx@nxp.com>,
 "Serge E. Hallyn" <serge@hallyn.com>, "Paul E. McKenney"
 <paulmck@kernel.org>, Sascha Hauer <s.hauer@pengutronix.de>,
 Pankaj Gupta <pankaj.gupta@nxp.com>,
 sigma star Kernel Team <upstream+dcp@sigma-star.at>,
 "Steven Rostedt (Google)" <rostedt@goodmis.org>,
 David Oberhollenzer <david.oberhollenzer@sigma-star.at>,
 "linux-arm-kernel@lists.infradead.org"
 <linux-arm-kernel@lists.infradead.org>,
 "linuxppc-dev@lists.ozlabs.org" <linuxppc-dev@lists.ozlabs.org>,
 Randy Dunlap <rdunlap@infradead.org>,
 "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
 Li Yang <leoyang.li@nxp.com>,
 "linux-security-module@vger.kernel.org"
 <linux-security-module@vger.kernel.org>,
 "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
 Pengutronix Kernel Team <kernel@pengutronix.de>, Tejun Heo <tj@kernel.org>,
 "linux-integrity@vger.kernel.org" <linux-integrity@vger.kernel.org>,
 Shawn Guo <shawnguo@kernel.org>, Varun Sethi <V.Sethi@nxp.com>
References: <20240403072131.54935-1-david@sigma-star.at>
 <20240403072131.54935-4-david@sigma-star.at>
 <DB6PR04MB31904A8EB8B481A530C90CBB8F072@DB6PR04MB3190.eurprd04.prod.outlook.com>
From: Ahmad Fatoum <a.fatoum@pengutronix.de>
In-Reply-To: <DB6PR04MB31904A8EB8B481A530C90CBB8F072@DB6PR04MB3190.eurprd04.prod.outlook.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 2a0a:edc0:0:900:1d::77
X-SA-Exim-Mail-From: a.fatoum@pengutronix.de
X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false
X-PTX-Original-Recipient: linux-crypto@vger.kernel.org

Hello Kshitiz,

On 09.04.24 12:54, Kshitiz Varshney wrote:
> Hi David,
>> +       b->fmt_version = DCP_BLOB_VERSION;
>> +       get_random_bytes(b->nonce, AES_KEYSIZE_128);
>> +       get_random_bytes(b->blob_key, AES_KEYSIZE_128);
> 
> We can use HWRNG instead of using kernel RNG. Please refer drivers/char/hw_random/imx-rngc.c 

imx-rngc can be enabled and used to seed the kernel entropy pool. Adding
direct calls into imx-rngc here only introduces duplicated code at no extra
benefit.

Cheers,
Ahmad

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |