> -----Original Message----- > From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Sent: Wednesday, September 7, 2022 12:56 PM > To: Pankaj Gupta <pankaj.gupta@xxxxxxx> > Cc: jarkko@xxxxxxxxxx; a.fatoum@xxxxxxxxxxxxxx; Jason@xxxxxxxxx; > jejb@xxxxxxxxxxxxx; zohar@xxxxxxxxxxxxx; dhowells@xxxxxxxxxx; > sumit.garg@xxxxxxxxxx; david@xxxxxxxxxxxxx; michael@xxxxxxxx; > john.ernberg@xxxxxxxx; jmorris@xxxxxxxxx; serge@xxxxxxxxxx; > davem@xxxxxxxxxxxxx; j.luebbe@xxxxxxxxxxxxxx; ebiggers@xxxxxxxxxx; > richard@xxxxxx; keyrings@xxxxxxxxxxxxxxx; linux-crypto@xxxxxxxxxxxxxxx; > linux-integrity@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; linux- > security-module@xxxxxxxxxxxxxxx; Sahil Malhotra > <sahil.malhotra@xxxxxxx>; Kshitiz Varshney <kshitiz.varshney@xxxxxxx>; > Horia Geanta <horia.geanta@xxxxxxx>; Varun Sethi <V.Sethi@xxxxxxx> > Subject: Re: [EXT] Re: [RFC PATCH HBK: 2/8] hw-bound-key: flag-is_hbk > added to the tfm > > Caution: EXT Email > > On Wed, Sep 07, 2022 at 07:22:42AM +0000, Pankaj Gupta wrote: > > > > Current support, does not permit the hardware to support both types of > keys: HBK & Plain Key, at the same time. > > > > This change is generic and permit any driver that supports both- HBK and > plain-key, to differentiate and use the keys accordingly. > > Existing drivers simply register hardware keys under a different algorithm > name, there is no reason why they can't coexist with a plain key. > Thanks for the comments. Intention is to only secure the key buffer, at run-time. Not to change the working of the crypto algorithm. Algorithm would be working exactly same for plain and HBK. There are 3rd party IP(s), which uses kernel for crypto-algorithm's operations. Modifying the algorithm name in these IP(s), is not always allowed or easy to maintain. While, this patch-set allows to use the same algorithm name, and hence prevents any changes required to the user(3rd Party IPs) of kernel crypto layer. Regards, > Cheers, > -- > Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondo > r.apana.org.au%2F~herbert%2F&data=05%7C01%7Cpankaj.gupta%40nx > p.com%7C9bc412605fa243702f3a08da90a2602c%7C686ea1d3bc2b4c6fa92cd9 > 9c5c301635%7C0%7C0%7C637981324324251974%7CUnknown%7CTWFpbGZs > b3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn > 0%3D%7C3000%7C%7C%7C&sdata=b1ImbcEMa9jticFU7yrpwHXuuQEog > KLrjuiE%2FFpcYyA%3D&reserved=0 > PGP Key: > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgondo > r.apana.org.au%2F~herbert%2Fpubkey.txt&data=05%7C01%7Cpankaj.g > upta%40nxp.com%7C9bc412605fa243702f3a08da90a2602c%7C686ea1d3bc2b > 4c6fa92cd99c5c301635%7C0%7C0%7C637981324324251974%7CUnknown%7C > TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiL > CJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=cP4js5Q0QPBJfvlrYDi0j6R > IGFpqHtJOSa9C7YC2IXM%3D&reserved=0
