2011/3/18 John Calixto <john.calixto@xxxxxxxxxxxxxx>: >> -----Original Message----- >> From: Arnd Bergmann [mailto:arnd@xxxxxxxx] >> Sent: Thursday, March 17, 2011 2:56 PM >> To: John Calixto >> Cc: linux-mmc@xxxxxxxxxxxxxxx; cjb@xxxxxxxxxx >> Subject: Re: [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs >> >> On Thursday 17 March 2011 19:28:55 John Calixto wrote: >> > Part 3 of the SD Specification (SD Card Association; www.sdcard.org) describes >> > how to use the security function of an SD card using application specific >> > commands in conjunction with CPRM algorithms and keys licensed from the 4C >> > Entity (www.4centity.com). This allows userspace applications to access this >> > security feature. >> >> Having the ability to send commands from user space sounds useful, >> a number of other block drivers can do this, too. >> >> However, for the specific example you mention, I think it would be >> nicer to implement it in kernel space, and have a high-level >> interface. > > I started down that route, but part of the problem with putting any more > than a simple passthrough in kernel space is that the CPRM algorithms > live in the next highest logic layer, and 4C licensees are not allowed > to reveal those algorithms. If you have access to the SD Specification, > you will see that it documents all of the individual security commands. > However, the sequence of commands is documented in the 4C CPRM > Specification. > > Installing this passthrough also has the added benefit of allowing > other, non-security-related, application specific commands to be sent. If that's going to be used by possibly unprivileged userspace process, then this passthrough should filter and validate all commands it passes to hardware. If there is a possibility of some command sequence to generate undefined or otherwise unwanted results, then you need state tracker that will disallow that sequence to be generated by unprivileged process. Best Regards, Michał Mirosław -- To unsubscribe from this list: send the line "unsubscribe linux-mmc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
