From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82183C4361A for ; Fri, 4 Dec 2020 15:32:09 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 27DAD22B40 for ; Fri, 4 Dec 2020 15:32:09 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 27DAD22B40 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Oor4nE5b0DuwPRdIhGtBP86PW4KWe53Af0Q8YQ3xt1M=; b=TbK/OJdN+6BerzhgvMNhSPJ23 RLnHjL0hIr5wS/pHUAPn8h7S1LB9rTqTLGAQx0Gz2xP9eVg/2O0ExEHjK9jjEUiUJ8ybRq0ZQRgCB L9QoLvMR9tEAcm5odvgfreh1lawYngcR/mrgOCtYoJ2V+QD1IftCwUoLnRRTr1iabhfj66eIzx/+H FTYgMHmkOW2VMGI4EFSWD+mixhUq7olnmVat4kndu+Fc72FUkQjObei9PI6cBv7KDKzdN1XvsxGSV c+cZYZzvDumBViKrc8cB2D8df1BICf0hj9zbyvu/qtZWtULP78FsysRlzYYNQTbxVcNkfJH3yTOgc yZQ2aEJ4A==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1klD2n-0007Cs-IN; Fri, 04 Dec 2020 15:30:49 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1klD2l-0007CQ-3K for linux-arm-kernel@lists.infradead.org; Fri, 04 Dec 2020 15:30:47 +0000 Date: Fri, 4 Dec 2020 17:30:37 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1607095846; bh=NHKkkiVjcEytL4TWZgxQrssmxGcP3N0tIxymDLc440g=; h=From:To:Cc:Subject:References:In-Reply-To:From; b=qBI1LL+o1KhplcvIkiunZUov3Mg8GnpFsgg7rJ/ut5AHZOEsNV4OUKeAFdFG2Oa0W mYkMXl5jIgoqDfpjRIBbIgHXQ1vGWbb0OJFqvLLg+/XuL+lBJh7xa0Q/BiAj3ikEL8 hFI1078z6KQxlbDqHQLWcwwhNDknoAl1RP1j3k/GDVli6LOaHaOgW7IGuTTAWPD+b3 SIOWgpOoZsKoIaw8zdMRVVevSi2HKOvRJq245q2Vh0NLbYcDJYJ++WCfiaQonzWDoC iQExKMaT6wKrDsc7Kf/xO0p6HpdWfM32hCMFmYWeBE/i7pedyt6CyIQgLp2+OMK7WD yYC7QSsicJNyw== From: Jarkko Sakkinen To: gmail Elaine Palmer Subject: Re: [PATCH v8 3/4] doc: trusted-encrypted: updates with TEE as a new trust source Message-ID: <20201204153037.GC4922@kernel.org> References: <1604419306-26105-1-git-send-email-sumit.garg@linaro.org> <1604419306-26105-4-git-send-email-sumit.garg@linaro.org> <81A6B61D-3811-4957-B270-52AE5FA6DE4F@gmail.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <81A6B61D-3811-4957-B270-52AE5FA6DE4F@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201204_103047_218759_B67D2904 X-CRM114-Status: GOOD ( 14.71 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-doc@vger.kernel.org, NAYNA JAIN1 , zohar@linux.ibm.com, dhowells@redhat.com, Kenneth Goldman , gcwilson@linux.ibm.com, daniel.thompson@linaro.org, corbet@lwn.net, jmorris@namei.org, Markus.Wamser@mixed-mode.de, serge@hallyn.com, zgu@us.ibm.com, jejb@linux.ibm.com, lhinds@redhat.com, op-tee@lists.trustedfirmware.org, jarkko.sakkinen@linux.intel.com, linux-arm-kernel@lists.infradead.org, Sumit Garg , stefanb@us.ibm.com, janne.karhunen@gmail.com, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, casey@schaufler-ca.com, linux-integrity@vger.kernel.org, jens.wiklander@linaro.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Wed, Dec 02, 2020 at 02:34:07PM -0500, gmail Elaine Palmer wrote: > Hi Sumit, > > Thank you for the detailed descriptions and examples of trust sources > for Trusted Keys. A group of us in IBM (Stefan Berger, Ken Goldman, > Zhongshu Gu, Nayna Jain, Elaine Palmer, George Wilson, Mimi Zohar) > have been doing related work for quite some time, and we have one > primary concern and some suggested changes to the document. > > Our primary concern is that describing a TEE as a Trust Source needs > to be more specific. For example, "ARM TrustZone" is not sufficient, > but "wolfSSL embedded SSL/TLS library with ARM TrustZone > CryptoCell-310" is. Just because a key is protected by software > running in a TEE is not enough to establish trust. Just like > cryptographic modules, a Trust Source should be defined as a specific > implementation on specific hardware with well-documented environmental > assumptions, dependencies, and threats. > > In addition to the above concern, our suggested changes are inline > below. In order to give a decent review comment it should have two ingredients: - Where the existing line of code / text / whatever goes wrong. - How it should modified and why that makes sense. And use as plain English and non-academic terms as possible, if it is documentation. Further, scope is only the kernel implementation, no more or no less. "do this" is not unfortunately an argument. Feedback is welcome when it is supported by something common sensse. Some meta suggestion of related to email: Please also use a proper email client and split your paragraphs into at most 80 character lines with new line characters when writing email. I prefer to use 72 character line length so that there's some space for longer email threads. /Jarkko _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel