public inbox for linux-crypto@vger.kernel.org
 help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Alexander Graf <graf@amazon.com>
Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
	Arnd Bergmann <arnd@arndb.de>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Olivia Mackall <olivia@selenic.com>,
	Petre Eftime <petre.eftime@gmail.com>,
	Erdem Meydanlli <meydanli@amazon.nl>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	David Woodhouse <dwmw@amazon.co.uk>,
	"Michael S . Tsirkin" <mst@redhat.com>,
	Jason Wang <jasowang@redhat.com>,
	Xuan Zhuo <xuanzhuo@linux.alibaba.com>,
	Kyunghwan Kwon <k@mononn.com>
Subject: Re: [PATCH v4 1/2] Import CBOR library
Date: Tue, 10 Oct 2023 10:03:24 +0200	[thread overview]
Message-ID: <2023101009-accustom-manifesto-8bdb@gregkh> (raw)
In-Reply-To: <0ee221bc-ea99-4724-9ebd-436e91417e4b@amazon.com>

On Tue, Oct 10, 2023 at 09:55:25AM +0200, Alexander Graf wrote:
> Hey Greg,
> 
> On 10.10.23 08:13, Greg Kroah-Hartman wrote:
> > On Mon, Oct 09, 2023 at 09:20:52PM +0000, Alexander Graf wrote:
> > > To fully support the Nitro Secure Module communication protocol, we need
> > > to encode and decode CBOR binary data. Import an MIT licensed library
> > > from https://github.com/libmcu/cbor (commit f3d1696f886) so that we can
> > > easily consume CBOR data.
> > What is "CBOR"?  I don't see a description of it here.
> 
> 
> CBOR is the "Concise Binary Object Representation"
> (https://en.wikipedia.org/wiki/CBOR) binary format.
> 
> 
> > 
> > And I guess you are going to keep this in sync with upstream?  Or do you
> > really need the full library here (you #ifdef the float stuff out), does
> > your module really need all of the functionality and complexity of this
> > library, or can it use just a much smaller one instead?
> 
> 
> CBOR knows a total of 9 data types:
> 
>   - Unsigned integers
>   - Signed integers
>   - Binary string
>   - UTF-8 string
>   - Arrays
>   - Maps (like a python dictionary)
>   - Semantic tag
>   - Bools
>   - Floats
> 
> Out of these, the NSM communication protocol uses all except Semantic tags
> and Floats. The CBOR library that this patch imports does not have special
> handling for Semantic tags, which leaves only floats which are already
> #ifdef'ed out. That means there is not much to trim.
> 
> What you see here is what's needed to parse CBOR in kernel - if that's what
> we want to do. I'm happy to rip it out again and make it a pure user space
> problem to do CBOR :).

Yes, why are we parsing this in the kernel?  What could go wrong with
adding yet-another-parser in privileged context?  :)

Why does this have to be in the kernel, the data sent/recieved is over
virtio, so why does the kernel have to parse it?  I couldn't figure that
out from the driver, yet the driver seems to have a lot of hard-coded
parsing logic in it to assume specific message formats?

thanks,

greg k-h

  reply	other threads:[~2023-10-10  8:03 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-09 21:20 [PATCH v4 0/2] Add Nitro Secure Module support Alexander Graf
2023-10-09 21:20 ` [PATCH v4 1/2] Import CBOR library Alexander Graf
2023-10-10  6:13   ` Greg Kroah-Hartman
2023-10-10  7:55     ` Alexander Graf
2023-10-10  8:03       ` Greg Kroah-Hartman [this message]
2023-10-10  8:08         ` Alexander Graf
2023-10-10  8:27           ` Greg Kroah-Hartman
2023-10-11 12:24             ` Arnd Bergmann
2023-10-11 17:46               ` Greg Kroah-Hartman
2023-10-11 19:01                 ` Alexander Graf
2023-10-11 20:48                 ` Petre Eftime
2023-10-11 20:56                   ` Greg Kroah-Hartman
2023-10-09 21:20 ` [PATCH v4 2/2] misc: Add Nitro Secure Module driver Alexander Graf
2023-10-10  6:15   ` Greg Kroah-Hartman
2023-10-13 15:43   ` kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2023101009-accustom-manifesto-8bdb@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=arnd@arndb.de \
    --cc=benh@kernel.crashing.org \
    --cc=dwmw@amazon.co.uk \
    --cc=graf@amazon.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=jasowang@redhat.com \
    --cc=k@mononn.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=meydanli@amazon.nl \
    --cc=mst@redhat.com \
    --cc=olivia@selenic.com \
    --cc=petre.eftime@gmail.com \
    --cc=xuanzhuo@linux.alibaba.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox