From: David Howells <dhowells@redhat.com>
To: Franck LENORMAND <franck.lenormand@nxp.com>
Cc: dhowells@redhat.com, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
horia.geanta@nxp.com, silvano.dininno@nxp.com, agk@redhat.com,
snitzer@redhat.com, dm-devel@redhat.com, jmorris@namei.org,
serge@hallyn.com
Subject: Re: [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt
Date: Wed, 06 Mar 2019 17:29:55 +0000 [thread overview]
Message-ID: <11177.1551893395@warthog.procyon.org.uk> (raw)
In-Reply-To: <1551456599-10603-1-git-send-email-franck.lenormand@nxp.com>
Franck LENORMAND <franck.lenormand@nxp.com> wrote:
> The capacity to generate or load keys already available in the Linux key
> retention service does not allows to exploit CAAM capabilities hence we
> need to create a new key_type. The new key type "caam_tk" allows to:
> - Create a black key from random
> - Create a black key from a red key
> - Load a black blob to retrieve the black key
Is it possible that this could be done through an existing key type, such as
the asymmetric, trusted or encrypted key typed?
David
next prev parent reply other threads:[~2019-03-06 17:30 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-01 16:09 [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt Franck LENORMAND
2019-03-01 16:09 ` [RFC PATCH 1/2] drivers: crypto: caam: key: Add caam_tk key type Franck LENORMAND
2019-03-01 16:09 ` [RFC PATCH 2/2] dm-crypt: Use any key type which is registered Franck LENORMAND
2020-01-18 17:55 ` James Bottomley
2019-03-06 16:47 ` [RFC PATCH 0/2] Create CAAM HW key in linux keyring and use in dmcrypt Jan Lübbe
2019-03-07 13:02 ` Franck Lenormand
2019-03-06 17:29 ` David Howells [this message]
2019-03-07 13:17 ` Franck Lenormand
2020-01-18 17:51 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11177.1551893395@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=agk@redhat.com \
--cc=dm-devel@redhat.com \
--cc=franck.lenormand@nxp.com \
--cc=horia.geanta@nxp.com \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=silvano.dininno@nxp.com \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).