diff options
| author | Lukas Auer <lukas.auer@aisec.fraunhofer.de> | 2018-01-25 14:11:17 +0100 |
|---|---|---|
| committer | York Sun <york.sun@nxp.com> | 2018-02-09 08:34:34 -0800 |
| commit | dfaec76029f27ae6831babc0cdcf2816ee491f74 (patch) | |
| tree | aef79e6d053863156d99b82d2efeacaab7f7bace /drivers/crypto/fsl/jobdesc.c | |
| parent | c883f351e61f425f72d110375eaa80d5ecb5ee64 (diff) | |
crypto/fsl: instantiate all rng state handles
Extend the instantiate_rng() function and the corresponding CAAM job
descriptor to instantiate all RNG state handles. This moves the RNG
instantiation code in line with the CAAM kernel driver.
Previously, only the first state handle was instantiated. The second
one was instantiated by the CAAM kernel driver. This works if the
kernel runs in secure mode, but fails in non-secure mode since the
kernel driver uses DEC0 directly instead of over the job ring
interface. Instantiating all RNG state handles in u-boot removes the
need for using DEC0 in the kernel driver, making it possible to use
the CAAM in non-secure mode.
Signed-off-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Tested-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: York Sun <york.sun@nxp.com>
Diffstat (limited to 'drivers/crypto/fsl/jobdesc.c')
| -rw-r--r-- | drivers/crypto/fsl/jobdesc.c | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/drivers/crypto/fsl/jobdesc.c b/drivers/crypto/fsl/jobdesc.c index 375ff9d0e3..aadf851101 100644 --- a/drivers/crypto/fsl/jobdesc.c +++ b/drivers/crypto/fsl/jobdesc.c @@ -257,7 +257,7 @@ void inline_cnstr_jobdesc_blob_decap(uint32_t *desc, uint8_t *key_idnfr, * Descriptor to instantiate RNG State Handle 0 in normal mode and * load the JDKEK, TDKEK and TDSK registers */ -void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc) +void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc, int handle) { u32 *jump_cmd; @@ -265,21 +265,24 @@ void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc) /* INIT RNG in non-test mode */ append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG | - OP_ALG_AS_INIT); - - /* wait for done */ - jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1); - set_jump_tgt_here(desc, jump_cmd); - - /* - * load 1 to clear written reg: - * resets the done interrrupt and returns the RNG to idle. - */ - append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW); - - /* generate secure keys (non-test) */ - append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG | - OP_ALG_RNG4_SK); + (handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INIT); + + /* For SH0, Secure Keys must be generated as well */ + if (handle == 0) { + /* wait for done */ + jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1); + set_jump_tgt_here(desc, jump_cmd); + + /* + * load 1 to clear written reg: + * resets the done interrupt and returns the RNG to idle. + */ + append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW); + + /* generate secure keys (non-test) */ + append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG | + OP_ALG_RNG4_SK); + } } /* Change key size to bytes form bits in calling function*/ |