RE: [PATCH 0/4] Adds wrapped key support for inline storage encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Warm Regards,
Gaurav Kashyap

-----Original Message-----
From: Eric Biggers <ebiggers@xxxxxxxxxx> 
Sent: Tuesday, December 7, 2021 4:23 PM
To: Gaurav Kashyap <gaurkash@xxxxxxxxxxxxxxxx>
Cc: Gaurav Kashyap (QUIC) <quic_gaurkash@xxxxxxxxxxx>; linux-scsi@xxxxxxxxxxxxxxx; linux-arm-msm@xxxxxxxxxxxxxxx; linux-mmc@xxxxxxxxxxxxxxx; linux-block@xxxxxxxxxxxxxxx; linux-fscrypt@xxxxxxxxxxxxxxx; thara.gopinath@xxxxxxxxxx; asutoshd@xxxxxxxxxxxxxx
Subject: Re: [PATCH 0/4] Adds wrapped key support for inline storage encryption

WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.

On Wed, Dec 08, 2021 at 12:09:03AM +0000, Gaurav Kashyap wrote:
> Hey Eric, here are the answers to some of the questions across all the 
> patches
>
> > Also, at runtime, does any of the Qualcomm hardware support multiple 
> > key types, and if so can they be used at the same time?
>
> Currently, with hardware key manager data path, there is no support 
> for standard keys. So, when HWKM is being used, only wrapped keys are supported.
> If standard keys need to be supported, it can be, but modifications 
> are required within trustzone.

> Do the SoCs support both key types though, just not at the same time?  E.g. when the ufs_qcom driver loads on SM8350, could it choose to expose either standard key support or wrapped key support, or is it predetermined by the hardware and/or firmware?  If the driver has a choice, > then there should be a kernel module parameter (module_param()) that controls it, so that the user can choose which key type they want when they boot their kernel.
	
As of now, it is predetermined in TZ firmware. As in, if TZ has booted up with HWKM support, only wrapped keys are supported. But it is not impossible for HWKM to support standard keys as well, it is just that currently there is no path in TZ for standard keys when HWKM is being used.
	

- Eric




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux