From mboxrd@z Thu Jan 1 00:00:00 1970 From: Loic pallardy Subject: Re: [PATCH v3 5/5] mmc: card: Add RPMB support in IOCTL interface Date: Wed, 22 Aug 2012 09:43:26 +0200 Message-ID: References: <1344265951-22437-1-git-send-email-loic.pallardy-ext@stericsson.com> <1344265951-22437-6-git-send-email-loic.pallardy-ext@stericsson.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Return-path: Received: from mail-ob0-f174.google.com ([209.85.214.174]:58699 "EHLO mail-ob0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752195Ab2HVHn1 (ORCPT ); Wed, 22 Aug 2012 03:43:27 -0400 Received: by obbuo13 with SMTP id uo13so1036842obb.19 for ; Wed, 22 Aug 2012 00:43:27 -0700 (PDT) In-Reply-To: Sender: linux-mmc-owner@vger.kernel.org List-Id: linux-mmc@vger.kernel.org To: shashidhar hiremath Cc: Loic Pallardy , linux-mmc@vger.kernel.org, Chris Ball , Linus Walleij , STEricsson_nomadik_linux , Ulf Hansson , Loic Pallardy > > > Hi, > Any specific reason why the RPMB support is implemented using the > IOCTL interface. Can this be done by the Kernel itself instead of > being initiated by a user space application ? > > -- > regards, > Shashidhar Hiremath > -- Hi, There are several reasons for that: - RPMB partition supports only few commands, it is not a "standard" partition - RPMB data access requests a dedicated data frame which contains MAC, write counter, address... - Only trusted/secured applications owns authentification key to calculate MAC (message authentification code) for each data frame. So implementing RPMB access in kernel will complexify the driver (link with security, data frame management...) and create vulnerability from security point of view. With this solution, kernel driver provides just a pipe between secured application and eMMC. Regards, Loic