Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys

From: Richard Weinberger
Date: Thu Apr 01 2021 - 14:31:48 EST

Next message: Thierry Reding: "Re: [PATCH v6 4/7] pwm: pca9685: Support staggered output ON times"
Previous message: Jason Gunthorpe: "Re: [PATCH V4 05/18] iommu/ioasid: Redefine IOASID set and allocation APIs"
In reply to: Sumit Garg: "Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys"
Next in thread: Ahmad Fatoum: "Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sumit,

----- Ursprüngliche Mail -----
> Von: "Sumit Garg" <sumit.garg@xxxxxxxxxx>
> IIUC, this would require support for multiple trusted keys backends at
> runtime but currently the trusted keys subsystem only supports a
> single backend which is selected via kernel module parameter during
> boot.
>
> So the trusted keys framework needs to evolve to support multiple
> trust sources at runtime but I would like to understand the use-cases
> first. IMO, selecting the best trust source available on a platform
> for trusted keys should be a one time operation, so why do we need to
> have other backends available at runtime as well?

I thought about devices with a TPM-Chip and CAAM.
IMHO allowing only one backend at the same time is a little over simplified.

Thanks,
//richard

Next message: Thierry Reding: "Re: [PATCH v6 4/7] pwm: pca9685: Support staggered output ON times"
Previous message: Jason Gunthorpe: "Re: [PATCH V4 05/18] iommu/ioasid: Redefine IOASID set and allocation APIs"
In reply to: Sumit Garg: "Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys"
Next in thread: Ahmad Fatoum: "Re: [PATCH v1 0/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]