Aw: Re: CBE crypt interface

Uwe geno.de at public-files.de
Wed Oct 13 22:28:14 CEST 2021



> Gesendet: Mittwoch, 13. Oktober 2021 um 11:46 Uhr
> Von: "Stefan Thöni" <stefan.thoeni at gapfruit.com>
> An: users at lists.genode.org
> Betreff: Re: CBE crypt interface
>
> Hi Martin, hi Norman
> 
> Thanks for your answers, which work great for our hardware crypto backend.
> 
> However, I had to make a few changes to the CBE crypto interface to
> enable asynchronous backends:
> https://github.com/throwException/genode/commit/52245b9df53d289e66b10b7fa56412fb4e649ca1
I have some issue with giving the env() to the library. For me it's akin to
giving suid to an executable. As long as the complexity of the driver is low, there
is no problem. But you want to define that at *interface* level so every driver gets that
access, even one with high complexity. And, for my taste, that is too much access.
Is there some interface with less access that would work instead? Platform for instance?
> 
> Do you think this is a useful direction for our purpose? Do you have any
> suggestions to keep this as closely aligned with your implementation as
> possible?
> 
> Kind regards
> Stefan
> 
> 




More information about the users mailing list