On Fri, May 29, 2015 at 02:40:54AM +0200, Marek Vasut wrote: > On Friday, May 29, 2015 at 02:37:00 AM, Herbert Xu wrote: > > On Thu, May 28, 2015 at 11:01:56AM -0500, Jay Monkman wrote: > > > Marek, > > > > > > I have a question about the proper way to implement a feature. The > > > DCP has the ability to read a key for encryption/decryption from on > > > chip fuses. The current driver doesn't support this and as far as I > > > can tell, there's no clean way to do that within the Linux crypto > > > API. > > > > > > Do you have any suggestions on how to handle that? > > > > > > My best idea so far is to modify the driver so that if setkey is > > > passed a key with a length of 1 byte, the driver uses the on chip > > > key. I'm not sure if that would make it into the official kernel. > > > > What is this key and who is supposed to have access to it? > > It's an AES128 key stored in the CPU's OTP registers, so noone ought > to be able to read it out. No I mean who is supposed to have access to it? Everyone? Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html