Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys

From: Sumit Garg
Date: Fri Jun 14 2019 - 01:48:36 EST

Next message: Christoph Hellwig: "Re: switch nios2 and microblaze to use the generic uncached segement support"
Previous message: Sumit Garg: "Re: [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys"
In reply to: Jarkko Sakkinen: "Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Next in thread: Sumit Garg: "[RFC 3/7] tee: add private login method for kernel clients"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 13 Jun 2019 at 21:02, Jarkko Sakkinen
<jarkko.sakkinen@xxxxxxxxxxxxxxx> wrote:
>
> On Thu, Jun 13, 2019 at 04:00:30PM +0530, Sumit Garg wrote:
> > Add support for TEE based trusted keys where TEE provides the functionality
> > to seal and unseal trusted keys using hardware unique key.
> >
> > Refer to Documentation/tee.txt for detailed information about TEE.
> >
> > Approach taken in this patch acts as an alternative to a TPM device in case
> > platform doesn't possess one.
> >
> > Signed-off-by: Sumit Garg <sumit.garg@xxxxxxxxxx>
>
> How does this interact with the trusted module? Why there is no update
> to security/keys/trusted-encrypted.txt?
>

You already found documentation patch [1].

> Somehow the existing trusted module needs to be re-architected to work
> with either. Otherwise, this will turn out to be a mess.
>

See my reply on this patch [1].

[1] [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys

-Sumit

> /Jarkko

Next message: Christoph Hellwig: "Re: switch nios2 and microblaze to use the generic uncached segement support"
Previous message: Sumit Garg: "Re: [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys"
In reply to: Jarkko Sakkinen: "Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Next in thread: Sumit Garg: "[RFC 3/7] tee: add private login method for kernel clients"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]