> -----Original Message----- > From: Jan Lübbe <jlu@xxxxxxxxxxxxxx> > Sent: Wednesday, September 7, 2022 1:41 PM > To: Pankaj Gupta <pankaj.gupta@xxxxxxx>; Jarkko Sakkinen > <jarkko@xxxxxxxxxx> > Cc: a.fatoum@xxxxxxxxxxxxxx; Jason@xxxxxxxxx; jejb@xxxxxxxxxxxxx; > zohar@xxxxxxxxxxxxx; dhowells@xxxxxxxxxx; sumit.garg@xxxxxxxxxx; > david@xxxxxxxxxxxxx; michael@xxxxxxxx; john.ernberg@xxxxxxxx; > jmorris@xxxxxxxxx; serge@xxxxxxxxxx; herbert@xxxxxxxxxxxxxxxxxxx; > davem@xxxxxxxxxxxxx; j.luebbe@xxxxxxxxxxxxxx; ebiggers@xxxxxxxxxx; > richard@xxxxxx; keyrings@xxxxxxxxxxxxxxx; linux-crypto@xxxxxxxxxxxxxxx; > linux-integrity@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; linux- > security-module@xxxxxxxxxxxxxxx; Sahil Malhotra > <sahil.malhotra@xxxxxxx>; Kshitiz Varshney <kshitiz.varshney@xxxxxxx>; > Horia Geanta <horia.geanta@xxxxxxx>; Varun Sethi <V.Sethi@xxxxxxx> > Subject: Re: [EXT] Re: [RFC PATCH HBK: 0/8] HW BOUND KEY as TRUSTED KEY > > Caution: EXT Email > > On Wed, 2022-09-07 at 07:22 +0000, Pankaj Gupta wrote: > > Even if somehow the key is retrieved from the keyring, the retrieved > > key would be an encrypted key. > > This encrypted key can only be decrypted by Hardware, which generated it. > > > > Hence, the retrieved key is unusable outside of the hardware. > > NXP's CAAM unit (i.e. on i.MX6) supports several modes of sealed/encrypted > keys. > The (un)sealing process uses a key that is normally derived from a per-device > key in eFUSES. One aspect of these modes is whether the plaintext key > material is accessible to the kernel or not. > > Ahmad's patch set added support for a mode where the CAAM is used to > seal plaintext known to the kernel to a "blob" (in CAAM terminology) on > export to userspace and the reverse on import. This mode allows the kernel > to use the plaintext for dm-crypt, to encrypt other keyrings and similar. > > The CAAM has another sealing mode, where it will not allow writing of the > plaintext key to memory. Instead, it is kept in one of the CAAM-internal key > registers. There, it can be used for cryptographic operations (i.e. AES). This > way, the plaintext key is protected even from the kernel. The kernel could > keep a copy of in sealed form, so it can reload the CAAM's key register when > needed. > > > Pankaj, is that the mode you intend to support with this series? Yes, this is what is called as "black key", in CAAM terminology. Black key is nothing but a HBK key. This is what I am trying to achieve with this patch-set. > > Could you describe the high-level use-cases this would be need for, > compared to the existing mode where plaintext keys are accessible to the > kernel? In which cases would you use each mode? > High-level Use-case is to ensure runtime security. By runtime security, I mean, key that is added to keyring after blob-decapsulation, - if get stolen, then being plain key, security can be compromised. - After this patch-set, if key get stolen, then being HBK(encrypted by H/W), will not be of any use without HW. Security is not compromised. > Regards, > Jan > -- > Pengutronix e.K. | | > Industrial Linux Solutions | > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww. > pengutronix.de%2F&data=05%7C01%7Cpankaj.gupta%40nxp.com%7Cb > 1335df185404e02df1108da90a8886c%7C686ea1d3bc2b4c6fa92cd99c5c301635 > %7C0%7C0%7C637981350763081319%7CUnknown%7CTWFpbGZsb3d8eyJWIj > oiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3 > 000%7C%7C%7C&sdata=aNxEETFYLc74F%2BOq9IK3p63tniVfczpgslG3LYe > ZzAo%3D&reserved=0 | > Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
