[PATCH v3 3/3] doc: trusted-encrypted: add DCP as new trust source

Update the documentation for trusted and encrypted KEYS with DCP as new trust source: - Describe security properties of DCP trust source - Describe key usage - Document blob format Co-developed-by: Richard Weinberger Signed-off-by: Richard Weinberger Co-developed-by: David Oberhollenzer Signed

[PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys

DCP (Data Co-Processor) is the little brother of NXP's CAAM IP. Beside of accelerated crypto operations, it also offers support for hardware-bound keys. Using this feature it is possible to implement a blob mechanism just like CAAM offers. Unlike on CAAM, constructing and parsing the blob has to h

[PATCH v3 0/3] DCP as trusted keys backend

This is a revival of the previous patch set submitted by Richard Weinberger: https://lore.kernel.org/linux-integrity/20210614201620.30451-1-rich...@nod.at/ v2 is here: https://lore.kernel.org/keyrings/2023091215.24274-1-da...@sigma-star.at/ v2 -> v3: - Addressed review comments from Jarkko Sa

[PATCH v3 1/3] crypto: mxs-dcp: Add support for hardware provided keys

DCP is capable to performing AES with hardware-bound keys. These keys are not stored in main memory and are therefore not directly accessible by the operating system. So instead of feeding the key into DCP, we need to place a reference to such a key before initiating the crypto operation. Keys are