From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: Pankaj Gupta <pankaj.gupta@nxp.com>,
Horia Geanta <horia.geanta@nxp.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: Sumit Garg <sumit.garg@linaro.org>,
David Gstir <david@sigma-star.at>,
Matthias Schiffer <matthias.schiffer@ew.tq-group.com>,
"kernel@pengutronix.de" <kernel@pengutronix.de>,
Franck Lenormand <franck.lenormand@nxp.com>,
Richard Weinberger <richard@nod.at>,
Jan Luebbe <j.luebbe@pengutronix.de>,
James Morris <jmorris@namei.org>,
Mimi Zohar <zohar@linux.ibm.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Eric Biggers <ebiggers@kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
James Bottomley <jejb@linux.ibm.com>,
"tharvey@gateworks.com" <tharvey@gateworks.com>,
"Serge E. Hallyn" <serge@hallyn.com>
Subject: Re: [EXT] [PATCH v6 3/4] crypto: caam - add in-kernel interface for blob generator
Date: Tue, 22 Mar 2022 10:37:02 +0100 [thread overview]
Message-ID: <828a8d00-ab9a-a7eb-4ad0-f95a63c7fb39@pengutronix.de> (raw)
In-Reply-To: <23cd140f-1046-7059-c9bd-ca4aac1d5183@pengutronix.de>
Hello Pankaj,
On 22.03.22 08:32, Ahmad Fatoum wrote:
> Hello Pankaj,
>
> On 22.03.22 07:25, Pankaj Gupta wrote:
>> Hi Ahmad,
>>
>> Suggested to define macro with more details.
>> Please find comments in-line.
>>
>
>> len = 4 + (4 + ALIGN(keymod_len, 4)) + 2*(4 + 4 +
>>>>>> + CAAM_PTR_SZ_MAX) + 4;
>>
>>> +/* header + (key mod immediate) + 2x seq_intlen pointers + op */
>>> +#define CAAM_BLOB_DESC_BYTES_MAX \
>>> + (CAAM_CMD_SZ + \
>>> + CAAM_CMD_SZ + CAAM_BLOB_KEYMOD_LENGTH + \
>>> + 2 * (CAAM_CMD_SZ + CAAM_PTR_SZ_MAX) + \
>>> + CAAM_CMD_SZ)
>>> +
>>
>> Suggested to replace the above macro like below:
>>
>> +#define CAAM_BLOB_DESC_BYTES_MAX \
>> + (CAAM_CMD_SZ + \ /* Command to initialize & stating length of descriptor */
>> + CAAM_CMD_SZ + CAAM_BLOB_KEYMOD_LENGTH + \ /* Command to append the key-modifier + followed by the key-modifier data */
>> + (CAAM_CMD_SZ + CAAM_PTR_SZ_MAX) + \ /* Command to include input plain key and pointer to the input key */
>> + (CAAM_CMD_SZ + CAAM_PTR_SZ_MAX) + \ /* Command to include output-key blob and pointer to the output-key blob */
>> + CAAM_CMD_SZ) /* Command describing the Operation to perform */
>
>
> Sure thing, will do for v7. Otherwise, if all looks good to you,
> can I have your Reviewed-by?
This doesn't compile as-is and it leads to quite long lines.
The description isn't accurate also, because what's plain and what's blob
changes depending on whether we encapsulate or decapsulate.
Here's my revised macro version:
#define CAAM_BLOB_DESC_BYTES_MAX \
/* Command to initialize & stating length of descriptor */ \
(CAAM_CMD_SZ + \
/* Command to append the key-modifier + key-modifier data */ \
CAAM_CMD_SZ + CAAM_BLOB_KEYMOD_LENGTH + \
/* Command to include input key + pointer to the input key */ \
CAAM_CMD_SZ + CAAM_PTR_SZ_MAX + \
/* Command to include output key + pointer to the output key */ \
CAAM_CMD_SZ + CAAM_PTR_SZ_MAX + \
/* Command describing the Operation to perform */ \
CAAM_CMD_SZ)
Alternatively, I can change it back into a function:
static inline u32 *caam_blob_desc_alloc(void)
{
size_t size = 0;
/* Command to initialize & stating length of descriptor */
size += CAAM_CMD_SZ;
/* Command to append the key-modifier + key-modifier data */
size += CAAM_CMD_SZ + CAAM_BLOB_KEYMOD_LENGTH;
/* Command to include input plain key + pointer to the input key */
size += CAAM_CMD_SZ + CAAM_PTR_SZ_MAX;
/* Command to include output-key blob + pointer to the output key */
size += CAAM_CMD_SZ + CAAM_PTR_SZ_MAX;
/* Command describing the Operation to perform */
size += CAAM_CMD_SZ;
return kzalloc(size, GFP_KERNEL | GFP_DMA);
}
Let me know what works better for you.
Cheers,
Ahmad
>
> Thanks,
> Ahmad
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
next prev parent reply other threads:[~2022-03-22 9:37 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-16 16:43 [PATCH v6 0/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 1/4] KEYS: trusted: allow use of TEE as backend without TCG_TPM support Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 2/4] KEYS: trusted: allow use of kernel RNG for key material Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 3/4] crypto: caam - add in-kernel interface for blob generator Ahmad Fatoum
2022-03-22 6:25 ` [EXT] " Pankaj Gupta
2022-03-22 7:32 ` Ahmad Fatoum
2022-03-22 9:37 ` Ahmad Fatoum [this message]
2022-03-24 9:55 ` Pankaj Gupta
2022-03-24 10:10 ` Ahmad Fatoum
2022-03-28 9:29 ` Pankaj Gupta
2022-04-15 20:07 ` Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 4/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Ahmad Fatoum
2022-03-20 21:02 ` Jarkko Sakkinen
2022-03-22 7:33 ` Ahmad Fatoum
2022-03-22 8:17 ` Jarkko Sakkinen
2022-03-28 10:46 ` [EXT] " Pankaj Gupta
2022-04-15 20:02 ` Ahmad Fatoum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=828a8d00-ab9a-a7eb-4ad0-f95a63c7fb39@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=davem@davemloft.net \
--cc=david@sigma-star.at \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=franck.lenormand@nxp.com \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=j.luebbe@pengutronix.de \
--cc=jarkko@kernel.org \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=kernel@pengutronix.de \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthias.schiffer@ew.tq-group.com \
--cc=pankaj.gupta@nxp.com \
--cc=richard@nod.at \
--cc=serge@hallyn.com \
--cc=sumit.garg@linaro.org \
--cc=tharvey@gateworks.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.