[PATCH v1 3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys

Ahmad Fatoum a.fatoum at pengutronix.de
Thu Apr 1 07:41:19 UTC 2021

Hello Jarkko,

On 01.04.21 01:30, Jarkko Sakkinen wrote:
>> Option (C) sounds reasonable to me but I would rather prefer an info
>> message rather than warning as otherwise it would reflect that we are
>> enforcing kernel RNG choice for a user to trust upon.
> I gave some though on this.
> I take TEE as it is but I'd expect the CAAM patch set sort out this option
> with some patch.

Is it ok to warn if a user requests vendor RNG with CAAM and default
to the kernel RNG? 


Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

More information about the Linux-security-module-archive mailing list