Hello Michael,
-----Original Message----- From: Michael Walle michael@walle.cc Sent: Tuesday, November 16, 2021 4:16 PM To: Gaurav Jain gaurav.jain@nxp.com Cc: Shengzhou Liu shengzhou.liu@nxp.com; Varun Sethi V.Sethi@nxp.com; Adrian Alonso adrian.alonso@nxp.com; Alison Wang alison.wang@nxp.com; Andy Tang andy.tang@nxp.com; festevam@gmail.com; Franck Lenormand franck.lenormand@nxp.com; Horia Geanta horia.geanta@nxp.com; Ji Luo ji.luo@nxp.com; Meenakshi Aggarwal meenakshi.aggarwal@nxp.com; Mingkai Hu mingkai.hu@nxp.com; olteanv@gmail.com; Pankaj Gupta pankaj.gupta@nxp.com; Peng Fan peng.fan@nxp.com; Pramod Kumar pramod.kumar_1@nxp.com; Priyanka Jain priyanka.jain@nxp.com; Rajesh Bhagat rajesh.bhagat@nxp.com; Sahil Malhotra sahil.malhotra@nxp.com; sbabic@denx.de; Silvano Di Ninno silvano.dininno@nxp.com; sjg@chromium.org; u-boot@lists.denx.de; dl- uboot-imx uboot-imx@nxp.com; Wasim Khan wasim.khan@nxp.com; Ye Li ye.li@nxp.com; Michael Walle michael@walle.cc Subject: [EXT] Re: [PATCH v5 02/16] crypto/fsl: Add CAAM support for bkek, random number generation
Caution: EXT Email
Hi,
--- a/drivers/crypto/fsl/fsl_blob.c +++ b/drivers/crypto/fsl/fsl_blob.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0+ /*
- Copyright 2014 Freescale Semiconductor, Inc.
*/
- Copyright 2021 NXP
@@ -152,6 +153,87 @@ int blob_encap(u8 *key_mod, u8 *src, u8 *dst,
u32 len)
return ret;}
+int derive_blob_kek(u8 *bkek_buf, u8 *key_mod, u32 key_sz)
where is this function actually used? looks like dead code to me.
I was thinking to add the command for this function later. But will remove this patch from this series and send this later with derive blob kek cmd implementation.
Regards Gaurav Jain
+{
int ret, size;u32 *desc;if (!IS_ALIGNED((uintptr_t)bkek_buf, ARCH_DMA_MINALIGN) ||!IS_ALIGNED((uintptr_t)key_mod, ARCH_DMA_MINALIGN)) {puts("Error: derive_bkek: Address arguments are not aligned!\n");return -EINVAL;}printf("\nBlob key encryption key(bkek)\n");desc = malloc_cache_aligned(sizeof(int) * MAX_CAAM_DESCSIZE);if (!desc) {printf("Not enough memory for descriptor allocation\n");return -ENOMEM;}size = ALIGN(key_sz, ARCH_DMA_MINALIGN);flush_dcache_range((unsigned long)key_mod, (unsigned- long)key_mod + size);
/* construct blob key encryption key(bkek) derive descriptor */inline_cnstr_jobdesc_derive_bkek(desc, bkek_buf, key_mod,- key_sz);
size = ALIGN(sizeof(int) * MAX_CAAM_DESCSIZE,ARCH_DMA_MINALIGN);
flush_dcache_range((unsigned long)desc, (unsigned long)desc + size);size = ALIGN(BKEK_SIZE, ARCH_DMA_MINALIGN);invalidate_dcache_range((unsigned long)bkek_buf,(unsigned long)bkek_buf + size);/* run descriptor */ret = run_descriptor_jr(desc);if (ret < 0) {printf("Error: %s failed 0x%x\n", __func__, ret);} else {invalidate_dcache_range((unsigned long)bkek_buf,(unsigned long)bkek_buf + size);puts("derive bkek successful.\n");}free(desc);return ret;+}
+int hwrng_generate(u8 *dst, u32 len)
likewise. But more important what is the difference to drivers/crypto/fsl/rng.c? Why do you need a new function here?
+{
int ret, size;u32 *desc;if (!IS_ALIGNED((uintptr_t)dst, ARCH_DMA_MINALIGN)) {puts("Error: caam_hwrng_test: Address arguments are notaligned!\n");
return -EINVAL;}printf("\nRNG generate\n");desc = malloc_cache_aligned(sizeof(int) * MAX_CAAM_DESCSIZE);if (!desc) {printf("Not enough memory for descriptor allocation\n");return -ENOMEM;}inline_cnstr_jobdesc_rng(desc, dst, len);size = ALIGN(sizeof(int) * MAX_CAAM_DESCSIZE,ARCH_DMA_MINALIGN);
flush_dcache_range((unsigned long)desc, (unsigned long)desc + size);size = ALIGN(len, ARCH_DMA_MINALIGN);invalidate_dcache_range((unsigned long)dst, (unsigned long)dst +- size);
ret = run_descriptor_jr(desc);if (ret < 0) {printf("Error: RNG generate failed 0x%x\n", ret);} else {invalidate_dcache_range((unsigned long)dst,(unsigned long)dst + size);puts("RNG generation successful.\n");}free(desc);return ret;+}
#ifdef CONFIG_CMD_DEKBLOB int blob_dek(const u8 *src, u8 *dst, u8 len) {
-michael