linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Pavel Machek <pavel@ucw.cz>
To: Tomas Winkler <tomas.winkler@intel.com>
Cc: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
	"Ulf Hansson" <ulf.hansson@linaro.org>,
	"Adrian Hunter" <adrian.hunter@intel.com>,
	"James Bottomley" <James.Bottomley@HansenPartnership.com>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	"Vinayak Holikatti" <vinholikatti@gmail.com>,
	"Andy Lutomirski" <luto@kernel.org>,
	"Arve Hjønnevåg" <arve@android.com>,
	"Michael Ryleev" <gmar@google.com>,
	"Joao Pinto" <Joao.Pinto@synopsys.com>,
	"Christoph Hellwig" <hch@lst.de>,
	"Yaniv Gardi" <ygardi@codeaurora.org>,
	linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org,
	linux-scsi@vger.kernel.org
Subject: Re: [PATCH v5 0/8] Replay Protected Memory Block (RPMB) subsystem
Date: Fri, 5 Aug 2016 22:06:01 +0200	[thread overview]
Message-ID: <20160805200601.GA7999@amd> (raw)
In-Reply-To: <1468873673-21776-1-git-send-email-tomas.winkler@intel.com>

Hi!

> Few storage technologies such is EMMC, UFS, and NVMe support RPMB
> hardware partition with common protocol and frame layout.
> The RPMB partition cannot be accessed via standard block layer, but by a
> set of specific commands: WRITE, READ, GET_WRITE_COUNTER, and
> PROGRAM_KEY.
> Such a partition provides authenticated and replay protected access,
> hence suitable as a secure storage.

...and that is suitable from locking devices from their owners, as
Nokia N9 (aka brick, because Microsoft turned off support servers)
teached me recently.

So I have to ask -- what are non-evil uses for this?

There were "secure extensions" mentioned before, but my understanding
is that it currently has severe limitations making it unsuitable for
mainline kernel. (IOW you can't event test the functionality if you
are not Intel).
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

      parent reply	other threads:[~2016-08-05 20:06 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-18 20:27 [PATCH v5 0/8] Replay Protected Memory Block (RPMB) subsystem Tomas Winkler
2016-07-18 20:27 ` [PATCH v5 1/8] rpmb: add " Tomas Winkler
2016-07-18 20:27 ` [PATCH v5 2/8] char: rpmb: add sysfs-class ABI documentation Tomas Winkler
2016-08-31 10:53   ` Greg Kroah-Hartman
2016-07-18 20:27 ` [PATCH v5 3/8] char: rpmb: add device attributes Tomas Winkler
2016-08-31 10:56   ` Greg Kroah-Hartman
2016-09-01 20:21     ` Winkler, Tomas
2016-07-18 20:27 ` [PATCH v5 4/8] char: rpmb: provide a user space interface Tomas Winkler
2016-07-18 22:15   ` Paul Gortmaker
2016-07-20  9:02     ` Winkler, Tomas
2016-07-20 14:21       ` Paul Gortmaker
2016-08-05 20:08   ` Pavel Machek
2016-08-07  9:44     ` Winkler, Tomas
2016-08-31 10:49       ` Greg Kroah-Hartman
2016-09-01 20:05         ` Winkler, Tomas
2016-09-01 20:46           ` Greg Kroah-Hartman
2016-09-04 11:35             ` Winkler, Tomas
2016-09-04 20:20               ` Pavel Machek
2016-09-04 20:56                 ` Winkler, Tomas
2016-07-18 20:27 ` [PATCH v5 5/8] char: rpmb: add RPMB simulation device Tomas Winkler
2016-08-31 10:57   ` Greg Kroah-Hartman
2016-08-31 10:58   ` Greg Kroah-Hartman
2016-09-01 20:25     ` Winkler, Tomas
2016-09-01 20:45       ` Greg Kroah-Hartman
2016-07-18 20:27 ` [PATCH v5 6/8] tools rpmb: add RPBM access tool Tomas Winkler
2016-07-18 20:27 ` [PATCH v5 7/8] mmc: block: register RPMB partition with the RPMB subsystem Tomas Winkler
2016-07-18 20:27 ` [PATCH v5 8/8] scsi: ufs: connect to " Tomas Winkler
2016-07-23  7:44 ` [PATCH v5 0/8] Replay Protected Memory Block (RPMB) subsystem Winkler, Tomas
2016-08-05 20:06 ` Pavel Machek [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160805200601.GA7999@amd \
    --to=pavel@ucw.cz \
    --cc=James.Bottomley@HansenPartnership.com \
    --cc=Joao.Pinto@synopsys.com \
    --cc=adrian.hunter@intel.com \
    --cc=arve@android.com \
    --cc=gmar@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=hch@lst.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mmc@vger.kernel.org \
    --cc=linux-scsi@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=martin.petersen@oracle.com \
    --cc=tomas.winkler@intel.com \
    --cc=ulf.hansson@linaro.org \
    --cc=vinholikatti@gmail.com \
    --cc=ygardi@codeaurora.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).