The output ring needs to be invalidated before enqueuing the job to SEC.
While allocation of space to output ring, it should be taken care that the
size is cacheline size aligned inorder to prevent invalidating valid data.
The patch also correct the method of aligning end of structs while flushing caches
Since start = align(start_of_struct), it is incorrect to assign
end = align(start + struct_size). It should instead be,
end = align(start_of_struct + struct_size).
Signed-off-by: Saksham Jain <saksham@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Refactored data structure for CAAM's job ring and Secure Memory
to support i.MX7.
The new memory map use macros to resolve SM's offset by version.
This will solve the versioning issue caused by the new version of
secure memory of i.MX7
Signed-off-by: Ulises Cardenas <raul.casas@nxp.com>
Reviewed-by: Stefano Babic <sbabic@denx.de>
For Setting and clearing the bits in SEC Block registers
sec_clrbits32() and sec_setbits32() are used which work as
per endianness of CAAM block.
So these must be used with SEC register address as argument.
If the value is read in a local variable, then the functions
will not behave correctly where endianness of CAAM and core is
different.
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
CC: Alex Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The SEC driver code has been cleaned up to work for 64 bit
physical addresses and systems where endianess of SEC block
is different from the Core.
Changes:
1. Descriptor created on Core is modified as per SEC block
endianness before the job is submitted.
2. The read/write of physical addresses to Job Rings will
be depend on endianness of SEC block as 32 bit low and
high part of the 64 bit address will vary.
3. The 32 bit low and high part of the 64 bit address in
descriptor will vary depending on endianness of SEC.
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
gpio.h - Added missing copyright in few files.
rsa-mod-exp.h - Corrected copyright in the file.
fsl_sec.h - Added missing license in files
drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
The menuconfig for drivers are getting more and more cluttered
and unreadable because too many entries are displayed in a single
flat menu. Use hierarchic menu for each category.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Update to apply again in a few places, drop USB hunk]
Signed-off-by: Tom Rini <trini@konsulko.com>
HW coherency won't work properly for CAAM write transactions
if AWCACHE is left to default (POR) value - 4'b0001.
It has to be programmed to 4'b0010.
For platforms that have HW coherency support:
-PPC-based: the update has no effect; CAAM coherency already works
due to the IOMMU (PAMU) driver setting the correct memory coherency
attributes
-ARM-based: the update fixes cache coherency issues,
since IOMMU (SMMU) driver is not programmed to behave similar to PAMU
Fixes: b9eebfade9 ("fsl_sec: Add hardware accelerated SHA256 and SHA1")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Use fdt_setprop_u32() instead of fdt_setprop().
Fixes: 0181937fa3 ("crypto/fsl: Add fixup for crypto node")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The sampling of the oscillator can be done in multiple modes for
generating the entropy value. By default, this is set to von
Neumann. This patch changes the sampling to raw data, since it
has been discovered that the generated entropy has a better
'quality'.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the
oscillator, when SEC runs at its maximum frequency. For certain platforms
(f.i. T2080), the oscillator is very fast and thus if the SEC runs at
a lower than normal frequency, the ring oscillator is incorrectly detected
as being out of bounds.
This patch effectively disables the maximum frequency check, by setting a
high enough maximum allowable frequency for the oscillator. The reasoning
behind this is that usually a broken oscillator will run too slow
(i.e. not run at all) rather than run too fast.
Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE.
As rsa modular exponentiation is an independent module
and can be invoked independently.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Acked-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.
During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process, is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.
Commands added
--------------
dek_blob - encapsulating DEK as a cryptgraphic blob
Commands Syntax
---------------
dek_blob src dst len
Encapsulate and create blob of a len-bits DEK at
address src and store the result at address dst.
Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Nitin Garg <nitin.garg@freescale.com>
Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com>
Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
This patch does the following:
1. The function names for encapsulation and decapsulation
were inconsitent in freescale's implementation and cmd_blob file.
This patch corrects the issues.
2. The function protopye is also modified to change the length parameter
from u8 to u32 to allow encapsulation and decapsulation of larger images.
3. Modified the description of km paramter in the command usage for better
readability.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Add a new rsa uclass for performing modular exponentiation and implement
the software driver basing on this uclass.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Era property is added in the crypto node in device tree.
Move the code to do so from arch/powerpc/mpc8xxx/fdt.c to
drivers/sec/sec.c so that it can be used across arm and
powerpc platforms having crypto node.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
[York Sun: Fix commit message indentation]
Reviewed-by: York Sun <yorksun@freescale.com>
Corrected the order of arguments in memset in run_descriptor
function. Wrong order of argumnets led to improper initialization
of members of struct type result. This resulted in RNG instantiation
error.
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.
Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.
During decapsulation, the reverse process is performed to get back
the original data.
Commands added
--------------
blob enc - encapsulating data as a cryptgraphic blob
blob dec - decapsulating cryptgraphic blob to get the data
Commands Syntax
---------------
blob enc src dst len km
Encapsulate and create blob of data $len bytes long
at address $src and store the result at address $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
blob dec src dst len km
Decapsulate the blob of data at address $src and
store result of $len byte at addr $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to
enable initialization of this hardware IP.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
This would be useful to start moving various config options.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.
cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
This patch adds implementation of rand library based on hardware random
number generator of security subsystem in Exynos SOC.
This library includes:
- srand() - used for seed hardware block
- rand() - returns random number
- rand_r() - the same as above with given seed
which depends on CONFIG_EXYNOS_ACE_SHA and CONFIG_LIB_HW_RAND.
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
cc: Akshay Saraswat <akshay.s@samsung.com>
cc: ARUN MANKUZHI <arun.m@samsung.com>
cc: Minkyu Kang <mk7.kang@samsung.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Tom Rini <trini@ti.com>
Cc: Masahiro Yamada <yamada.m@jp.panasonic.com>