[EXT] Re: [RFC PATCH HBK: 2/8] hw-bound-key: flag-is_hbk added to the tfm

Wed Sep 21 11:07:07 UTC 2022

Hi Herbert,
Please find comments inline.

Regards
Varun

> -----Original Message-----
> From: Herbert Xu <herbert at gondor.apana.org.au>
> Sent: Tuesday, September 13, 2022 3:59 PM
> To: Varun Sethi <V.Sethi at nxp.com>
> Cc: Pankaj Gupta <pankaj.gupta at nxp.com>; jarkko at kernel.org;
> a.fatoum at pengutronix.de; Jason at zx2c4.com; jejb at linux.ibm.com;
> zohar at linux.ibm.com; dhowells at redhat.com; sumit.garg at linaro.org;
> david at sigma-star.at; michael at walle.cc; john.ernberg at actia.se;
> jmorris at namei.org; serge at hallyn.com; davem at davemloft.net;
> j.luebbe at pengutronix.de; ebiggers at kernel.org; richard at nod.at;
> keyrings at vger.kernel.org; linux-crypto at vger.kernel.org; linux-
> integrity at vger.kernel.org; linux-kernel at vger.kernel.org; linux-security-
> module at vger.kernel.org; Sahil Malhotra <sahil.malhotra at nxp.com>; Kshitiz
> Varshney <kshitiz.varshney at nxp.com>; Horia Geanta <horia.geanta at nxp.com>
> Subject: Re: [EXT] Re: [RFC PATCH HBK: 2/8] hw-bound-key: flag-is_hbk added
> to the tfm
> 
> Caution: EXT Email
> 
> On Tue, Sep 13, 2022 at 10:01:13AM +0000, Varun Sethi wrote:
> >
> > [Varun] The proposed patchset makes things more scalable. With the
> hardware backed key flag, there's no need for the security co-processor driver
> to register separate set of algorithms. This makes things simpler and more
> scalable for the consumers (OpenSSL, AF_ALG, KTLS etc), as they can continue to
> use standard set of algorithms and leave the key specific complexity to the
> driver.
> 
> Users already need to specify which driver they are going to use in order to
> actually access the hardware keys instead of getting a software implementation
> of the same algorithm.
> 
> So I don't see what extra burdens are placed on them by the current regime.
[Varun] Problem with the current approach is that it's completely disconnected from the kernel keyrings. We are using the trusted key rings for storing the hardware backed keys. Now, for the hardware backed keys we can still continue to use the existing generic algorithms exposed by the crypto drivers. With our approach the driver can distinguish between a hardware backed key and a plain key, thus perform the relevant operation. 

As a part of our patchset we are also proposing modifications to the trusted keys, in order to store additional meta data associated with the key.  

> 
> Cheers,
> --
> Email: Herbert Xu <herbert at gondor.apana.org.au> Home Page:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondor.ap
> ana.org.au%2F~herbert%2F&data=05%7C01%7CV.Sethi%40nxp.com%7C9
> df35ead51ad4143067e08da9572d5d5%7C686ea1d3bc2b4c6fa92cd99c5c301635
> %7C0%7C0%7C637986617695149505%7CUnknown%7CTWFpbGZsb3d8eyJWIjoi
> MC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000
> %7C%7C%7C&sdata=t5RXelrFDZZ7GdMyZeLcSR2hRN6O0Hs8uI2MpIwhCms
> %3D&reserved=0
> PGP Key:
> https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondor.ap
> ana.org.au%2F~herbert%2Fpubkey.txt&data=05%7C01%7CV.Sethi%40nxp.
> com%7C9df35ead51ad4143067e08da9572d5d5%7C686ea1d3bc2b4c6fa92cd99
> c5c301635%7C0%7C0%7C637986617695149505%7CUnknown%7CTWFpbGZsb3
> d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3
> D%7C3000%7C%7C%7C&sdata=V7NXYx5pYPjte6jlw1gpYCBPftJBZGpHBN44
> e3pD0ps%3D&reserved=0