From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: "Jonathan Corbet" <corbet@lwn.net>,
"David Howells" <dhowells@redhat.com>,
"James Bottomley" <jejb@linux.ibm.com>,
"Mimi Zohar" <zohar@linux.ibm.com>,
kernel@pengutronix.de, "David Gstir" <david@sigma-star.at>,
"Pankaj Gupta" <pankaj.gupta@nxp.com>,
"Tim Harvey" <tharvey@gateworks.com>,
"Matthias Schiffer" <matthias.schiffer@ew.tq-group.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Horia Geantă" <horia.geanta@nxp.com>,
"Aymen Sghaier" <aymen.sghaier@nxp.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
"Eric Biggers" <ebiggers@kernel.org>,
"Jan Luebbe" <j.luebbe@pengutronix.de>,
"Richard Weinberger" <richard@nod.at>,
"Franck LENORMAND" <franck.lenormand@nxp.com>,
"Sumit Garg" <sumit.garg@linaro.org>,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH v6 4/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Date: Tue, 22 Mar 2022 08:33:34 +0100 [thread overview]
Message-ID: <c946cce8-674a-43d2-1000-b57eba4bc45c@pengutronix.de> (raw)
In-Reply-To: <YjeWSx84ev7u/YAi@iki.fi>
Hello Jarkko,
On 20.03.22 22:02, Jarkko Sakkinen wrote:
> On Wed, Mar 16, 2022 at 05:43:35PM +0100, Ahmad Fatoum wrote:
>> @@ -192,6 +217,19 @@ Usage::
>> specific to TEE device implementation. The key length for new keys is always
>> in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits).
>>
>> +Trusted Keys usage: CAAM
>> +------------------------
>> +
>> +Usage::
>> +
>> + keyctl add trusted name "new keylen" ring
>> + keyctl add trusted name "load hex_blob" ring
>> + keyctl print keyid
>> +
>> +"keyctl print" returns an ASCII hex copy of the sealed key, which is in format
>> +specific to CAAM device implementation. The key length for new keys is always
>> +in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits).
>> +
>> Encrypted Keys usage
>> --------------------
>>
>> diff --git a/MAINTAINERS b/MAINTAINERS
>> index 05fd080b82f3..f13382a14967 100644
>> --- a/MAINTAINERS
>> +++ b/MAINTAINERS
>> @@ -10647,6 +10647,15 @@ S: Supported
>> F: include/keys/trusted_tee.h
>> F: security/keys/trusted-keys/trusted_tee.c
>>
>> +KEYS-TRUSTED-CAAM
>> +M: Ahmad Fatoum <a.fatoum@pengutronix.de>
>> +R: Pengutronix Kernel Team <kernel@pengutronix.de>
>> +L: linux-integrity@vger.kernel.org
>> +L: keyrings@vger.kernel.org
>> +S: Maintained
>> +F: include/keys/trusted_caam.h
>> +F: security/keys/trusted-keys/trusted_caam.c
>> +
>> KEYS/KEYRINGS
>> M: David Howells <dhowells@redhat.com>
>> M: Jarkko Sakkinen <jarkko@kernel.org>
>
> Documentation and MAINTAINERS updates must be separate patches.
I will do so for v7. Does this patch look otherwise ok to you?
Thanks,
Ahmad
>
> BR, Jarkko
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
next prev parent reply other threads:[~2022-03-22 7:34 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-16 16:43 [PATCH v6 0/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 1/4] KEYS: trusted: allow use of TEE as backend without TCG_TPM support Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 2/4] KEYS: trusted: allow use of kernel RNG for key material Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 3/4] crypto: caam - add in-kernel interface for blob generator Ahmad Fatoum
2022-03-22 6:25 ` [EXT] " Pankaj Gupta
2022-03-22 7:32 ` Ahmad Fatoum
2022-03-22 9:37 ` Ahmad Fatoum
2022-03-24 9:55 ` Pankaj Gupta
2022-03-24 10:10 ` Ahmad Fatoum
2022-03-28 9:29 ` Pankaj Gupta
2022-04-15 20:07 ` Ahmad Fatoum
2022-03-16 16:43 ` [PATCH v6 4/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Ahmad Fatoum
2022-03-20 21:02 ` Jarkko Sakkinen
2022-03-22 7:33 ` Ahmad Fatoum [this message]
2022-03-22 8:17 ` Jarkko Sakkinen
2022-03-28 10:46 ` [EXT] " Pankaj Gupta
2022-04-15 20:02 ` Ahmad Fatoum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c946cce8-674a-43d2-1000-b57eba4bc45c@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=aymen.sghaier@nxp.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=david@sigma-star.at \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=franck.lenormand@nxp.com \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=j.luebbe@pengutronix.de \
--cc=jarkko@kernel.org \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=kernel@pengutronix.de \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthias.schiffer@ew.tq-group.com \
--cc=pankaj.gupta@nxp.com \
--cc=richard@nod.at \
--cc=serge@hallyn.com \
--cc=sumit.garg@linaro.org \
--cc=tharvey@gateworks.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).