Hi
-----Original Message----- From: Michael Walle michael@walle.cc Sent: Tuesday, November 16, 2021 4:53 PM To: Gaurav Jain gaurav.jain@nxp.com Cc: Shengzhou Liu shengzhou.liu@nxp.com; Varun Sethi V.Sethi@nxp.com; Adrian Alonso adrian.alonso@nxp.com; Alison Wang alison.wang@nxp.com; Andy Tang andy.tang@nxp.com; festevam@gmail.com; Franck Lenormand franck.lenormand@nxp.com; Horia Geanta horia.geanta@nxp.com; Ji Luo ji.luo@nxp.com; Meenakshi Aggarwal meenakshi.aggarwal@nxp.com; Mingkai Hu mingkai.hu@nxp.com; olteanv@gmail.com; Pankaj Gupta pankaj.gupta@nxp.com; Peng Fan peng.fan@nxp.com; Pramod Kumar pramod.kumar_1@nxp.com; Priyanka Jain priyanka.jain@nxp.com; Rajesh Bhagat rajesh.bhagat@nxp.com; Sahil Malhotra sahil.malhotra@nxp.com; sbabic@denx.de; Silvano Di Ninno silvano.dininno@nxp.com; sjg@chromium.org; u-boot@lists.denx.de; dl- uboot-imx uboot-imx@nxp.com; Wasim Khan wasim.khan@nxp.com; Ye Li ye.li@nxp.com Subject: Re: [EXT] Re: [PATCH v5 02/16] crypto/fsl: Add CAAM support for bkek, random number generation
Caution: EXT Email
Hi,
Am 2021-11-16 12:09, schrieb Gaurav Jain:
--- a/drivers/crypto/fsl/fsl_blob.c +++ b/drivers/crypto/fsl/fsl_blob.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0+ /*
- Copyright 2014 Freescale Semiconductor, Inc.
*/
- Copyright 2021 NXP
@@ -152,6 +153,87 @@ int blob_encap(u8 *key_mod, u8 *src, u8 *dst,
u32 len)
return ret;}
+int derive_blob_kek(u8 *bkek_buf, u8 *key_mod, u32 key_sz)
where is this function actually used? looks like dead code to me.
I was thinking to add the command for this function later. But will remove this patch from this series and send this later with derive blob kek cmd implementation.
ok, but you've missed the question below.
+{
int ret, size;u32 *desc;if (!IS_ALIGNED((uintptr_t)bkek_buf, ARCH_DMA_MINALIGN) ||!IS_ALIGNED((uintptr_t)key_mod, ARCH_DMA_MINALIGN)) {puts("Error: derive_bkek: Address arguments are notaligned!\n");
return -EINVAL;}printf("\nBlob key encryption key(bkek)\n");desc = malloc_cache_aligned(sizeof(int) * MAX_CAAM_DESCSIZE);if (!desc) {printf("Not enough memory for descriptor allocation\n");return -ENOMEM;}size = ALIGN(key_sz, ARCH_DMA_MINALIGN);flush_dcache_range((unsigned long)key_mod, (unsigned- long)key_mod + size);
/* construct blob key encryption key(bkek) derive descriptor */inline_cnstr_jobdesc_derive_bkek(desc, bkek_buf, key_mod,- key_sz);
size = ALIGN(sizeof(int) * MAX_CAAM_DESCSIZE,ARCH_DMA_MINALIGN);
flush_dcache_range((unsigned long)desc, (unsigned long)desc +size);
size = ALIGN(BKEK_SIZE, ARCH_DMA_MINALIGN);invalidate_dcache_range((unsigned long)bkek_buf,(unsigned long)bkek_buf + size);/* run descriptor */ret = run_descriptor_jr(desc);if (ret < 0) {printf("Error: %s failed 0x%x\n", __func__, ret);} else {invalidate_dcache_range((unsigned long)bkek_buf,(unsigned long)bkek_buf + size);puts("derive bkek successful.\n");}free(desc);return ret;+}
+int hwrng_generate(u8 *dst, u32 len)
likewise. But more important what is the difference to drivers/crypto/fsl/rng.c? Why do you need a new function here?
This one. Why can't you reuse the code which is already there?
I might have missed to update this. dm_rng_read() can be used. Will remove hwrng_generate().
Regards Gaurav Jain
-michael