Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys

From: Jarkko Sakkinen
Date: Thu Jun 13 2019 - 11:36:50 EST

Next message: Andrey Ryabinin: "Re: [PATCH v3 1/3] lib/test_kasan: Add bitops tests"
Previous message: Andrey Ryabinin: "Re: [PATCH v3 3/3] asm-generic, x86: Add bitops instrumentation for KASAN"
In reply to: Sumit Garg: "[RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Next in thread: Sumit Garg: "Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 13, 2019 at 04:00:30PM +0530, Sumit Garg wrote:
> Add support for TEE based trusted keys where TEE provides the functionality
> to seal and unseal trusted keys using hardware unique key.
>
> Refer to Documentation/tee.txt for detailed information about TEE.
>
> Approach taken in this patch acts as an alternative to a TPM device in case
> platform doesn't possess one.
>
> Signed-off-by: Sumit Garg <sumit.garg@xxxxxxxxxx>

How does this interact with the trusted module? Why there is no update
to security/keys/trusted-encrypted.txt?

Somehow the existing trusted module needs to be re-architected to work
with either. Otherwise, this will turn out to be a mess.

/Jarkko

Next message: Andrey Ryabinin: "Re: [PATCH v3 1/3] lib/test_kasan: Add bitops tests"
Previous message: Andrey Ryabinin: "Re: [PATCH v3 3/3] asm-generic, x86: Add bitops instrumentation for KASAN"
In reply to: Sumit Garg: "[RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Next in thread: Sumit Garg: "Re: [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]