| Message ID | 20231215110639.45522-1-david@sigma-star.at (mailing list archive) |
|---|---|
| Headers | show |
| Series | DCP as trusted keys backend | expand |
On Fri, Dec 15, 2023 at 6:07 AM David Gstir <david@sigma-star.at> wrote: > > This is a revival of the previous patch set submitted by Richard Weinberger: > https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ > > v4 is here: > https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ > > v4 -> v5: > - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen > - Add Acked-By from Herbert Xu to patch #1 - thanks! > v3 -> v4: > - Split changes on MAINTAINERS and documentation into dedicated patches > - Use more concise wording in commit messages as suggested by Jarkko Sakkinen > v2 -> v3: > - Addressed review comments from Jarkko Sakkinen > v1 -> v2: > - Revive and rebase to latest version > - Include review comments from Ahmad Fatoum > > The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such > as i.mx6ull. > > Similar to the CAAM engine used in more powerful SoCs, DCP can AES- > encrypt/decrypt user data using a unique, never-disclosed, > device-specific key. Unlike CAAM though, it cannot directly wrap and > unwrap blobs in hardware. As DCP offers only the bare minimum feature > set and a blob mechanism needs aid from software. A blob in this case > is a piece of sensitive data (e.g. a key) that is encrypted and > authenticated using the device-specific key so that unwrapping can only > be done on the hardware where the blob was wrapped. > > This patch series adds a DCP based, trusted-key backend and is similar > in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. > It is of interest for similar use cases as the CAAM patch set, but for > lower end devices, where CAAM is not available. > > Because constructing and parsing the blob has to happen in software, > we needed to decide on a blob format and chose the following: > > struct dcp_blob_fmt { > __u8 fmt_version; > __u8 blob_key[AES_KEYSIZE_128]; > __u8 nonce[AES_KEYSIZE_128]; > __le32 payload_len; > __u8 payload[]; > } __packed; > > The `fmt_version` is currently 1. > > The encrypted key is stored in the payload area. It is AES-128-GCM > encrypted using `blob_key` and `nonce`, GCM auth tag is attached at > the end of the payload (`payload_len` does not include the size of > the auth tag). > > The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using > the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated > randomly, when sealing/exporting the DCP blob. > > This patchset was tested with dm-crypt on an i.MX6ULL board. > > [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ > > David Gstir (6): > crypto: mxs-dcp: Add support for hardware-bound keys > KEYS: trusted: improve scalability of trust source config > KEYS: trusted: Introduce NXP DCP-backed trusted keys > MAINTAINERS: add entry for DCP-based trusted keys > docs: document DCP-backed trusted keys kernel params > docs: trusted-encrypted: add DCP as new trust source > > .../admin-guide/kernel-parameters.txt | 13 + > .../security/keys/trusted-encrypted.rst | 85 +++++ > MAINTAINERS | 9 + > drivers/crypto/mxs-dcp.c | 104 +++++- > include/keys/trusted_dcp.h | 11 + > include/soc/fsl/dcp.h | 17 + > security/keys/trusted-keys/Kconfig | 18 +- > security/keys/trusted-keys/Makefile | 2 + > security/keys/trusted-keys/trusted_core.c | 6 +- > security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ > 10 files changed, 562 insertions(+), 14 deletions(-) > create mode 100644 include/keys/trusted_dcp.h > create mode 100644 include/soc/fsl/dcp.h > create mode 100644 security/keys/trusted-keys/trusted_dcp.c Jarkko, Mimi, David - if this patchset isn't already in your review queue, can you take a look at it from a security/keys perspective? Thanks.
Hi, > On 15.12.2023, at 12:06, David Gstir <david@sigma-star.at> wrote: > > This is a revival of the previous patch set submitted by Richard Weinberger: > https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ > > v4 is here: > https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ > > v4 -> v5: > - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen > - Add Acked-By from Herbert Xu to patch #1 - thanks! > v3 -> v4: > - Split changes on MAINTAINERS and documentation into dedicated patches > - Use more concise wording in commit messages as suggested by Jarkko Sakkinen > v2 -> v3: > - Addressed review comments from Jarkko Sakkinen > v1 -> v2: > - Revive and rebase to latest version > - Include review comments from Ahmad Fatoum > > The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such > as i.mx6ull. > > Similar to the CAAM engine used in more powerful SoCs, DCP can AES- > encrypt/decrypt user data using a unique, never-disclosed, > device-specific key. Unlike CAAM though, it cannot directly wrap and > unwrap blobs in hardware. As DCP offers only the bare minimum feature > set and a blob mechanism needs aid from software. A blob in this case > is a piece of sensitive data (e.g. a key) that is encrypted and > authenticated using the device-specific key so that unwrapping can only > be done on the hardware where the blob was wrapped. > > This patch series adds a DCP based, trusted-key backend and is similar > in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. > It is of interest for similar use cases as the CAAM patch set, but for > lower end devices, where CAAM is not available. > > Because constructing and parsing the blob has to happen in software, > we needed to decide on a blob format and chose the following: > > struct dcp_blob_fmt { > __u8 fmt_version; > __u8 blob_key[AES_KEYSIZE_128]; > __u8 nonce[AES_KEYSIZE_128]; > __le32 payload_len; > __u8 payload[]; > } __packed; > > The `fmt_version` is currently 1. > > The encrypted key is stored in the payload area. It is AES-128-GCM > encrypted using `blob_key` and `nonce`, GCM auth tag is attached at > the end of the payload (`payload_len` does not include the size of > the auth tag). > > The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using > the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated > randomly, when sealing/exporting the DCP blob. > > This patchset was tested with dm-crypt on an i.MX6ULL board. > > [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ > > David Gstir (6): > crypto: mxs-dcp: Add support for hardware-bound keys > KEYS: trusted: improve scalability of trust source config > KEYS: trusted: Introduce NXP DCP-backed trusted keys > MAINTAINERS: add entry for DCP-based trusted keys > docs: document DCP-backed trusted keys kernel params > docs: trusted-encrypted: add DCP as new trust source > > .../admin-guide/kernel-parameters.txt | 13 + > .../security/keys/trusted-encrypted.rst | 85 +++++ > MAINTAINERS | 9 + > drivers/crypto/mxs-dcp.c | 104 +++++- > include/keys/trusted_dcp.h | 11 + > include/soc/fsl/dcp.h | 17 + > security/keys/trusted-keys/Kconfig | 18 +- > security/keys/trusted-keys/Makefile | 2 + > security/keys/trusted-keys/trusted_core.c | 6 +- > security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ > 10 files changed, 562 insertions(+), 14 deletions(-) > create mode 100644 include/keys/trusted_dcp.h > create mode 100644 include/soc/fsl/dcp.h > create mode 100644 security/keys/trusted-keys/trusted_dcp.c Jarkko, Mimi, David do you need anything from my side for these patches to get them merged? Thanks, - David
Am Montag, 5. Februar 2024, 09:39:07 CET schrieb David Gstir: > Hi, > > > On 15.12.2023, at 12:06, David Gstir <david@sigma-star.at> wrote: > > > > This is a revival of the previous patch set submitted by Richard Weinberger: > > https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ > > > > v4 is here: > > https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ > > > > v4 -> v5: > > - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen > > - Add Acked-By from Herbert Xu to patch #1 - thanks! > > v3 -> v4: > > - Split changes on MAINTAINERS and documentation into dedicated patches > > - Use more concise wording in commit messages as suggested by Jarkko Sakkinen > > v2 -> v3: > > - Addressed review comments from Jarkko Sakkinen > > v1 -> v2: > > - Revive and rebase to latest version > > - Include review comments from Ahmad Fatoum > > > > The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such > > as i.mx6ull. > > > > Similar to the CAAM engine used in more powerful SoCs, DCP can AES- > > encrypt/decrypt user data using a unique, never-disclosed, > > device-specific key. Unlike CAAM though, it cannot directly wrap and > > unwrap blobs in hardware. As DCP offers only the bare minimum feature > > set and a blob mechanism needs aid from software. A blob in this case > > is a piece of sensitive data (e.g. a key) that is encrypted and > > authenticated using the device-specific key so that unwrapping can only > > be done on the hardware where the blob was wrapped. > > > > This patch series adds a DCP based, trusted-key backend and is similar > > in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. > > It is of interest for similar use cases as the CAAM patch set, but for > > lower end devices, where CAAM is not available. > > > > Because constructing and parsing the blob has to happen in software, > > we needed to decide on a blob format and chose the following: > > > > struct dcp_blob_fmt { > > __u8 fmt_version; > > __u8 blob_key[AES_KEYSIZE_128]; > > __u8 nonce[AES_KEYSIZE_128]; > > __le32 payload_len; > > __u8 payload[]; > > } __packed; > > > > The `fmt_version` is currently 1. > > > > The encrypted key is stored in the payload area. It is AES-128-GCM > > encrypted using `blob_key` and `nonce`, GCM auth tag is attached at > > the end of the payload (`payload_len` does not include the size of > > the auth tag). > > > > The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using > > the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated > > randomly, when sealing/exporting the DCP blob. > > > > This patchset was tested with dm-crypt on an i.MX6ULL board. > > > > [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ > > > > David Gstir (6): > > crypto: mxs-dcp: Add support for hardware-bound keys > > KEYS: trusted: improve scalability of trust source config > > KEYS: trusted: Introduce NXP DCP-backed trusted keys > > MAINTAINERS: add entry for DCP-based trusted keys > > docs: document DCP-backed trusted keys kernel params > > docs: trusted-encrypted: add DCP as new trust source > > > > .../admin-guide/kernel-parameters.txt | 13 + > > .../security/keys/trusted-encrypted.rst | 85 +++++ > > MAINTAINERS | 9 + > > drivers/crypto/mxs-dcp.c | 104 +++++- > > include/keys/trusted_dcp.h | 11 + > > include/soc/fsl/dcp.h | 17 + > > security/keys/trusted-keys/Kconfig | 18 +- > > security/keys/trusted-keys/Makefile | 2 + > > security/keys/trusted-keys/trusted_core.c | 6 +- > > security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ > > 10 files changed, 562 insertions(+), 14 deletions(-) > > create mode 100644 include/keys/trusted_dcp.h > > create mode 100644 include/soc/fsl/dcp.h > > create mode 100644 security/keys/trusted-keys/trusted_dcp.c > > Jarkko, Mimi, David do you need anything from my side for these patches to get them merged? Friendly ping also from my side. :-) Thanks, //richard
Mimi, James, Jarkko, David, you remained silent for a whole release cycle. Is there anything we can do to get this forward? Thanks, //richard Am Dienstag, 13. Februar 2024, 10:59:56 CET schrieb Richard Weinberger: > Am Montag, 5. Februar 2024, 09:39:07 CET schrieb David Gstir: > > Hi, > > > > > On 15.12.2023, at 12:06, David Gstir <david@sigma-star.at> wrote: > > > > > > This is a revival of the previous patch set submitted by Richard Weinberger: > > > https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ > > > > > > v4 is here: > > > https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ > > > > > > v4 -> v5: > > > - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen > > > - Add Acked-By from Herbert Xu to patch #1 - thanks! > > > v3 -> v4: > > > - Split changes on MAINTAINERS and documentation into dedicated patches > > > - Use more concise wording in commit messages as suggested by Jarkko Sakkinen > > > v2 -> v3: > > > - Addressed review comments from Jarkko Sakkinen > > > v1 -> v2: > > > - Revive and rebase to latest version > > > - Include review comments from Ahmad Fatoum > > > > > > The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such > > > as i.mx6ull. > > > > > > Similar to the CAAM engine used in more powerful SoCs, DCP can AES- > > > encrypt/decrypt user data using a unique, never-disclosed, > > > device-specific key. Unlike CAAM though, it cannot directly wrap and > > > unwrap blobs in hardware. As DCP offers only the bare minimum feature > > > set and a blob mechanism needs aid from software. A blob in this case > > > is a piece of sensitive data (e.g. a key) that is encrypted and > > > authenticated using the device-specific key so that unwrapping can only > > > be done on the hardware where the blob was wrapped. > > > > > > This patch series adds a DCP based, trusted-key backend and is similar > > > in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. > > > It is of interest for similar use cases as the CAAM patch set, but for > > > lower end devices, where CAAM is not available. > > > > > > Because constructing and parsing the blob has to happen in software, > > > we needed to decide on a blob format and chose the following: > > > > > > struct dcp_blob_fmt { > > > __u8 fmt_version; > > > __u8 blob_key[AES_KEYSIZE_128]; > > > __u8 nonce[AES_KEYSIZE_128]; > > > __le32 payload_len; > > > __u8 payload[]; > > > } __packed; > > > > > > The `fmt_version` is currently 1. > > > > > > The encrypted key is stored in the payload area. It is AES-128-GCM > > > encrypted using `blob_key` and `nonce`, GCM auth tag is attached at > > > the end of the payload (`payload_len` does not include the size of > > > the auth tag). > > > > > > The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using > > > the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated > > > randomly, when sealing/exporting the DCP blob. > > > > > > This patchset was tested with dm-crypt on an i.MX6ULL board. > > > > > > [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ > > > > > > David Gstir (6): > > > crypto: mxs-dcp: Add support for hardware-bound keys > > > KEYS: trusted: improve scalability of trust source config > > > KEYS: trusted: Introduce NXP DCP-backed trusted keys > > > MAINTAINERS: add entry for DCP-based trusted keys > > > docs: document DCP-backed trusted keys kernel params > > > docs: trusted-encrypted: add DCP as new trust source > > > > > > .../admin-guide/kernel-parameters.txt | 13 + > > > .../security/keys/trusted-encrypted.rst | 85 +++++ > > > MAINTAINERS | 9 + > > > drivers/crypto/mxs-dcp.c | 104 +++++- > > > include/keys/trusted_dcp.h | 11 + > > > include/soc/fsl/dcp.h | 17 + > > > security/keys/trusted-keys/Kconfig | 18 +- > > > security/keys/trusted-keys/Makefile | 2 + > > > security/keys/trusted-keys/trusted_core.c | 6 +- > > > security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ > > > 10 files changed, 562 insertions(+), 14 deletions(-) > > > create mode 100644 include/keys/trusted_dcp.h > > > create mode 100644 include/soc/fsl/dcp.h > > > create mode 100644 security/keys/trusted-keys/trusted_dcp.c > > > > Jarkko, Mimi, David do you need anything from my side for these patches to get them merged? > > Friendly ping also from my side. :-) > > Thanks, > //richard > > -- > sigma star gmbh | Eduard-Bodem-Gasse 6, 6020 Innsbruck, AUT > UID/VAT Nr: ATU 66964118 | FN: 374287y >
On Mon Feb 26, 2024 at 12:20 AM EET, Richard Weinberger wrote: > Mimi, James, Jarkko, David, > > you remained silent for a whole release cycle. > Is there anything we can do to get this forward? > > Thanks, > //richard Thanks for reminding. From my side, I've had pretty busy month as I've adapted to a new work project: https://sochub.fi/ I exported the thread [1] and will look into it within this or next week in detail (thus the large'ish time window). [1] https://lore.kernel.org/linux-integrity/1733761.uacIGzncQW@somecomputer/t.mbox.gz BR, Jarkko
On Tue Dec 19, 2023 at 2:45 AM EET, Paul Moore wrote: > On Fri, Dec 15, 2023 at 6:07 AM David Gstir <david@sigma-star.at> wrote: > > > > This is a revival of the previous patch set submitted by Richard Weinberger: > > https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ > > > > v4 is here: > > https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ > > > > v4 -> v5: > > - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen > > - Add Acked-By from Herbert Xu to patch #1 - thanks! > > v3 -> v4: > > - Split changes on MAINTAINERS and documentation into dedicated patches > > - Use more concise wording in commit messages as suggested by Jarkko Sakkinen > > v2 -> v3: > > - Addressed review comments from Jarkko Sakkinen > > v1 -> v2: > > - Revive and rebase to latest version > > - Include review comments from Ahmad Fatoum > > > > The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such > > as i.mx6ull. > > > > Similar to the CAAM engine used in more powerful SoCs, DCP can AES- > > encrypt/decrypt user data using a unique, never-disclosed, > > device-specific key. Unlike CAAM though, it cannot directly wrap and > > unwrap blobs in hardware. As DCP offers only the bare minimum feature > > set and a blob mechanism needs aid from software. A blob in this case > > is a piece of sensitive data (e.g. a key) that is encrypted and > > authenticated using the device-specific key so that unwrapping can only > > be done on the hardware where the blob was wrapped. > > > > This patch series adds a DCP based, trusted-key backend and is similar > > in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. > > It is of interest for similar use cases as the CAAM patch set, but for > > lower end devices, where CAAM is not available. > > > > Because constructing and parsing the blob has to happen in software, > > we needed to decide on a blob format and chose the following: > > > > struct dcp_blob_fmt { > > __u8 fmt_version; > > __u8 blob_key[AES_KEYSIZE_128]; > > __u8 nonce[AES_KEYSIZE_128]; > > __le32 payload_len; > > __u8 payload[]; > > } __packed; > > > > The `fmt_version` is currently 1. > > > > The encrypted key is stored in the payload area. It is AES-128-GCM > > encrypted using `blob_key` and `nonce`, GCM auth tag is attached at > > the end of the payload (`payload_len` does not include the size of > > the auth tag). > > > > The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using > > the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated > > randomly, when sealing/exporting the DCP blob. > > > > This patchset was tested with dm-crypt on an i.MX6ULL board. > > > > [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ > > > > David Gstir (6): > > crypto: mxs-dcp: Add support for hardware-bound keys > > KEYS: trusted: improve scalability of trust source config > > KEYS: trusted: Introduce NXP DCP-backed trusted keys > > MAINTAINERS: add entry for DCP-based trusted keys > > docs: document DCP-backed trusted keys kernel params > > docs: trusted-encrypted: add DCP as new trust source > > > > .../admin-guide/kernel-parameters.txt | 13 + > > .../security/keys/trusted-encrypted.rst | 85 +++++ > > MAINTAINERS | 9 + > > drivers/crypto/mxs-dcp.c | 104 +++++- > > include/keys/trusted_dcp.h | 11 + > > include/soc/fsl/dcp.h | 17 + > > security/keys/trusted-keys/Kconfig | 18 +- > > security/keys/trusted-keys/Makefile | 2 + > > security/keys/trusted-keys/trusted_core.c | 6 +- > > security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ > > 10 files changed, 562 insertions(+), 14 deletions(-) > > create mode 100644 include/keys/trusted_dcp.h > > create mode 100644 include/soc/fsl/dcp.h > > create mode 100644 security/keys/trusted-keys/trusted_dcp.c > > Jarkko, Mimi, David - if this patchset isn't already in your review > queue, can you take a look at it from a security/keys perspective? > > Thanks. I gave my 5 cents. I had no intention not to review it, somehow just slipped. I try to do my best but sometimes this still does happen :-) So please ping me if there is radio silence. BR, Jarkko
This is a revival of the previous patch set submitted by Richard Weinberger: https://lore.kernel.org/linux-integrity/20210614201620.30451-1-richard@nod.at/ v4 is here: https://lore.kernel.org/keyrings/20231024162024.51260-1-david@sigma-star.at/ v4 -> v5: - Make Kconfig for trust source check scalable as suggested by Jarkko Sakkinen - Add Acked-By from Herbert Xu to patch #1 - thanks! v3 -> v4: - Split changes on MAINTAINERS and documentation into dedicated patches - Use more concise wording in commit messages as suggested by Jarkko Sakkinen v2 -> v3: - Addressed review comments from Jarkko Sakkinen v1 -> v2: - Revive and rebase to latest version - Include review comments from Ahmad Fatoum The Data CoProcessor (DCP) is an IP core built into many NXP SoCs such as i.mx6ull. Similar to the CAAM engine used in more powerful SoCs, DCP can AES- encrypt/decrypt user data using a unique, never-disclosed, device-specific key. Unlike CAAM though, it cannot directly wrap and unwrap blobs in hardware. As DCP offers only the bare minimum feature set and a blob mechanism needs aid from software. A blob in this case is a piece of sensitive data (e.g. a key) that is encrypted and authenticated using the device-specific key so that unwrapping can only be done on the hardware where the blob was wrapped. This patch series adds a DCP based, trusted-key backend and is similar in spirit to the one by Ahmad Fatoum [0] that does the same for CAAM. It is of interest for similar use cases as the CAAM patch set, but for lower end devices, where CAAM is not available. Because constructing and parsing the blob has to happen in software, we needed to decide on a blob format and chose the following: struct dcp_blob_fmt { __u8 fmt_version; __u8 blob_key[AES_KEYSIZE_128]; __u8 nonce[AES_KEYSIZE_128]; __le32 payload_len; __u8 payload[]; } __packed; The `fmt_version` is currently 1. The encrypted key is stored in the payload area. It is AES-128-GCM encrypted using `blob_key` and `nonce`, GCM auth tag is attached at the end of the payload (`payload_len` does not include the size of the auth tag). The `blob_key` itself is encrypted in AES-128-ECB mode by DCP using the OTP or UNIQUE device key. A new `blob_key` and `nonce` are generated randomly, when sealing/exporting the DCP blob. This patchset was tested with dm-crypt on an i.MX6ULL board. [0] https://lore.kernel.org/keyrings/20220513145705.2080323-1-a.fatoum@pengutronix.de/ David Gstir (6): crypto: mxs-dcp: Add support for hardware-bound keys KEYS: trusted: improve scalability of trust source config KEYS: trusted: Introduce NXP DCP-backed trusted keys MAINTAINERS: add entry for DCP-based trusted keys docs: document DCP-backed trusted keys kernel params docs: trusted-encrypted: add DCP as new trust source .../admin-guide/kernel-parameters.txt | 13 + .../security/keys/trusted-encrypted.rst | 85 +++++ MAINTAINERS | 9 + drivers/crypto/mxs-dcp.c | 104 +++++- include/keys/trusted_dcp.h | 11 + include/soc/fsl/dcp.h | 17 + security/keys/trusted-keys/Kconfig | 18 +- security/keys/trusted-keys/Makefile | 2 + security/keys/trusted-keys/trusted_core.c | 6 +- security/keys/trusted-keys/trusted_dcp.c | 311 ++++++++++++++++++ 10 files changed, 562 insertions(+), 14 deletions(-) create mode 100644 include/keys/trusted_dcp.h create mode 100644 include/soc/fsl/dcp.h create mode 100644 security/keys/trusted-keys/trusted_dcp.c