Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem

From: Sumit Garg
Date: Tue Mar 09 2021 - 23:55:41 EST

Next message: Sergei Shtepa: "Re: [PATCH v6 2/4] block: add blk_interposer"
Previous message: Jiri Slaby: "Re: [PATCH] kbuild: dummy-tools: adjust to scripts/cc-version.sh"
In reply to: David Howells: "Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem"
Next in thread: Linus Walleij: "Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi David,

On Tue, 9 Mar 2021 at 22:43, David Howells <dhowells@xxxxxxxxxx> wrote:
>
> Linus Walleij <linus.walleij@xxxxxxxxxx> wrote:
>
> > As it seems neither Microsoft nor Apple is paying it much attention
> > (+/- new facts) it will be up to the community to define use cases
> > for RPMB. I don't know what would make most sense, but the
> > kernel keyring seems to make a bit of sense as it is a well maintained
> > keyring project.
>
> I'm afraid I don't know a whole lot about the RPMB. I've just been and read
> https://lwn.net/Articles/682276/ about it.
>
> What is it you envision the keyring API doing with regard to this? Being used
> to represent the key needed to access the RPMB or being used to represent an
> RPMB entry (does it have entries?)?
>

I think it's the former one to represent the RPMB key and it looks
like the trusted and encrypted keys subsystem should be useful here to
prevent any user-space exposures of the RPMB key.

-Sumit

> David
>

Next message: Sergei Shtepa: "Re: [PATCH v6 2/4] block: add blk_interposer"
Previous message: Jiri Slaby: "Re: [PATCH] kbuild: dummy-tools: adjust to scripts/cc-version.sh"
In reply to: David Howells: "Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem"
Next in thread: Linus Walleij: "Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]