21 Mar, 2019
4 commits
-
Add support for suspend and resume operation for PM in CAAM driver.
When the CAAM goes in suspend, the hardware is considered to do nothing.
On some platforms, the power of the CAAM is not turned off so it keeps
its configuration.On other platforms, it doesn't so it is necessary to save the state of
the CAAM:
- JRs MID
- Address of input and output ringsLimitation:
When the CAAM is powered OFF, it is resetted so the JDKEK and TDKEK
changes. This impacts crypto transforms using MDHA split-keys
which are kept over suspend as they are encrypted with the JDKEK:
- hmac(*) from caamhash.c
- authenc(hmac(*),*) from caamalg.c
- echainiv(authenc(hmac(*),*)) from caamalg.c
The issue was already present in current code so this patch does not
add a regression in this regard.Reviewed-by: Horia Geantă
Signed-off-by: Franck LENORMAND
(cherry picked from commit b90e25f285a65ee8c8433aba7fe8b19b2cdf70b9) -
The structure partid is not suitable to represent the DECO MID register.
This patch replace partid by masterid which is more appropriate.
Reviewed-by: Horia Geantă
Signed-off-by: Franck LENORMAND
(cherry picked from commit 49d6d90809cb04ae3a63e7e87f670014ab5da0a1) -
The previous patch create a DMA issue detected with
DMA debug as the size unmapped is not always the size
mapped.Signed-off-by: Franck LENORMAND
(cherry picked from commit 00bd0d58f4d339d0488c4eb102e34e70edd017ee) -
Roland reports the following issue and provides a root cause analysis:
"On a v4.19 i.MX6 system with IMA and CONFIG_DMA_API_DEBUG enabled, a
warning is generated when accessing files on a filesystem for which IMA
measurement is enabled:------------[ cut here ]------------
WARNING: CPU: 0 PID: 1 at kernel/dma/debug.c:1181 check_for_stack.part.9+0xd0/0x120
caam_jr 2101000.jr0: DMA-API: device driver maps memory from stack [addr=b668049e]
Modules linked in:
CPU: 0 PID: 1 Comm: switch_root Not tainted 4.19.0-20181214-1 #2
Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
Backtrace:
[] (dump_backtrace) from [] (show_stack+0x20/0x24)
[] (show_stack) from [] (dump_stack+0xa0/0xcc)
[] (dump_stack) from [] (__warn+0xf0/0x108)
[] (__warn) from [] (warn_slowpath_fmt+0x58/0x74)
[] (warn_slowpath_fmt) from [] (check_for_stack.part.9+0xd0/0x120)
[] (check_for_stack.part.9) from [] (debug_dma_map_page+0x144/0x174)
[] (debug_dma_map_page) from [] (ahash_final_ctx+0x5b4/0xcf0)
[] (ahash_final_ctx) from [] (ahash_final+0x1c/0x20)
[] (ahash_final) from [] (crypto_ahash_op+0x38/0x80)
[] (crypto_ahash_op) from [] (crypto_ahash_final+0x20/0x24)
[] (crypto_ahash_final) from [] (ima_calc_file_hash+0x29c/0xa40)
[] (ima_calc_file_hash) from [] (ima_collect_measurement+0x1dc/0x240)
[] (ima_collect_measurement) from [] (process_measurement+0x4c4/0x6b8)
[] (process_measurement) from [] (ima_file_check+0x88/0xa4)
[] (ima_file_check) from [] (path_openat+0x5d8/0x1364)
[] (path_openat) from [] (do_filp_open+0x84/0xf0)
[] (do_filp_open) from [] (do_open_execat+0x84/0x1b0)
[] (do_open_execat) from [] (__do_execve_file+0x43c/0x890)
[] (__do_execve_file) from [] (sys_execve+0x44/0x4c)
[] (sys_execve) from [] (ret_fast_syscall+0x0/0x28)
---[ end trace 3455789a10e3aefd ]---The cause is that the struct ahash_request *req is created as a
stack-local variable up in the stack (presumably somewhere in the IMA
implementation), then passed down into the CAAM driver, which tries to
dma_single_map the req->result (indirectly via map_seq_out_ptr_result)
in order to make that buffer available for the CAAM to store the result
of the following hash operation.The calling code doesn't know how req will be used by the CAAM driver,
and there could be other such occurrences where stack memory is passed
down to the CAAM driver. Therefore we should rather fix this issue in
the CAAM driver where the requirements are known."Fix this problem by:
-instructing the crypto engine to write the final hash in state->caam_ctx
-subsequently memcpy-ing the final hash into req->resultReported-by: Roland Hieber
Signed-off-by: Horia Geantă
Signed-off-by: Franck LENORMAND
(cherry picked from commit d8e87d0a42ce7ff9d96c4197c8df4b22e181c780)
12 Feb, 2019
36 commits
-
This reverts 91c6ddde3f3f168c3e3db49c1f71a25c12cd0869.
This commit is no longer needed, it is a rebase artifact
since it duplicates upstream commit
944c3d4dca34 ("crypto: caam - fix state buffer DMA (un)mapping")Signed-off-by: Horia Geantă
-
This reverts commit 398a13e5e39aa85b2967f6dd5b332e1f801a34ed.
state->buf_dma should not be != 0 if length is 0, this indicates a
previous illegal mapping.
This illegal mapping should be fixed instead.
Analyzing the use of buf_dma, the only illegal mapping possible is in
ahash_final_no_ctx(); this is alread fixed in BSP commit
fa63232224f4 ("MLK-17304-3: crypto: caam: Avoid dma_map call with empty buffer")Signed-off-by: Horia Geantă
-
When creating the job descriptor, it uses the size of the structure which
is composed of dma_addr_t. On IMX8, this structrue is 64bit like the DMA
however the CAAM only receives 32 bit addresses. It result in a job
descriptor and more precisely the start index to point to invalid
location when it should point to the "command operation".This patch changes the dma_addr_t to caam_dma_addr_t which is the correct
one for the rsa_priv_f2_pdb and rsa_priv_f3_pdb types as rsa_pub_pdb and
rsa_priv_f1_pdb already had this change.Signed-off-by: Franck LENORMAND
-
If the input scatter gather table is wrongly built (no entries), the
code will try to copy memory which is not allowed.Coverity Explanation:
drivers/crypto/mxs-dcp.c:388: CID 5233058 (#1 of 1):
Type: Out-of-bounds access (OVERRUN)
Classification: Unclassified
Severity: Unspecified
Action: Modeling Required
Owner: nxa21133
First detected on 2018-10-16.
drivers/crypto/mxs-dcp.c:297:
1. alias: Assigning: "out_buf" = "sdcp->coh->aes_out_buf". "out_buf"
now points to byte 0 of "sdcp->coh->aes_out_buf" (which consists of
4096 bytes).
drivers/crypto/mxs-dcp.c:301:
2. assignment: Assigning: "last_out_len" = "0U".
drivers/crypto/mxs-dcp.c:316:
3. path: Condition "!rctx->ecb", taking true branch.
drivers/crypto/mxs-dcp.c:321:
4. path: Falling through to end of if statement.
drivers/crypto/mxs-dcp.c:325:
5. path: Condition "i < nents", taking false branch.
drivers/crypto/mxs-dcp.c:386:
6. path: Condition "!rctx->ecb", taking true branch.
drivers/crypto/mxs-dcp.c:387:
7. path: Condition "rctx->enc", taking true branch.
drivers/crypto/mxs-dcp.c:388:
8. overrun-buffer-arg: Overrunning buffer pointed to by "out_buf +
(last_out_len - 16U)" of 4096 bytes by passing it to a function which
accesses it at byte offset 4294967295 using argument "16U".Signed-off-by: Franck LENORMAND
-
When building on a platform with a 32bit DMA address, taking the
upper 32 bits makes no sense.Signed-off-by: Franck LENORMAND
-
Some keyslot values were used during deallocation
but were not initiliazed nor set properly.drivers/crypto/caam/sm_test.c:446: CID 3901091 (#1 of 1):
Type: Uninitialized scalar variable (UNINIT)
Classification: Unclassified
Severity: Unspecified
Action: Modeling Required
Owner: nxa21133
Defect only exists locally.
drivers/crypto/caam/sm_test.c:98:
1. var_decl: Declaring variable "keyslot24" without initializer.
drivers/crypto/caam/sm_test.c:113:
2. path: Condition "!ctrlpriv", taking false branch.
drivers/crypto/caam/sm_test.c:118:
3. path: Condition "kspriv == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:123:
4. path: Condition "!units", taking false branch.
drivers/crypto/caam/sm_test.c:130:
5. path: Condition "units < 2", taking false branch.
drivers/crypto/caam/sm_test.c:150:
6. path: Condition "blob8 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
7. path: Condition "blob16 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
8. path: Condition "blob24 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
9. path: Condition "blob32 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:178:
10. path: Condition "sm_keystore_slot_alloc(ksdev, unit,
(16U /* (8 % 16) ? (8 >> 4) + 1 << 4 : 8 */), &keyslot8)", taking true
branch.
drivers/crypto/caam/sm_test.c:179:
11. path: Jumping to label "dealloc".
drivers/crypto/caam/sm_test.c:446:
12. uninit_use_in_call: Using uninitialized value "keyslot24" when
calling "sm_keystore_slot_dealloc".
drivers/crypto/caam/sm_store.c:771:
12.1. path: Condition "smpriv->slot_alloc == NULL", taking false branch.
drivers/crypto/caam/sm_store.c:771:
12.2. path: Condition "smpriv->pagedesc[unit].ksdata == NULL", taking
false branch.
drivers/crypto/caam/sm_store.c:775:
12.3. read_parm: Reading a parameter value.drivers/crypto/caam/sm_test.c:445: CID 3901093 (#1 of 1):
Type: Uninitialized scalar variable (UNINIT)
Classification: Unclassified
Severity: Unspecified
Action: Modeling Required
Owner: nxa21133
Defect only exists locally.
drivers/crypto/caam/sm_test.c:98:
1. var_decl: Declaring variable "keyslot16" without initializer.
drivers/crypto/caam/sm_test.c:113:
2. path: Condition "!ctrlpriv", taking false branch.
drivers/crypto/caam/sm_test.c:118:
3. path: Condition "kspriv == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:123:
4. path: Condition "!units", taking false branch.
drivers/crypto/caam/sm_test.c:130:
5. path: Condition "units < 2", taking false branch.
drivers/crypto/caam/sm_test.c:150:
6. path: Condition "blob8 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
7. path: Condition "blob16 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
8. path: Condition "blob24 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:150:
9. path: Condition "blob32 == NULL", taking false branch.
drivers/crypto/caam/sm_test.c:178:
10. path: Condition "sm_keystore_slot_alloc(ksdev, unit,
(16U /* (8 % 16) ? (8 >> 4) + 1 << 4 : 8 */), &keyslot8)", taking true
branch.
drivers/crypto/caam/sm_test.c:179:
11. path: Jumping to label "dealloc".
drivers/crypto/caam/sm_test.c:445:
12. uninit_use_in_call: Using uninitialized value "keyslot16" when
calling "sm_keystore_slot_dealloc".
drivers/crypto/caam/sm_store.c:771:
12.1. path: Condition "smpriv->slot_alloc == NULL", taking false branch.
drivers/crypto/caam/sm_store.c:771:
12.2. path: Condition "smpriv->pagedesc[unit].ksdata == NULL", taking
false branch.
drivers/crypto/caam/sm_store.c:775:
12.3. read_parm: Reading a parameter value.Signed-off-by: Franck LENORMAND
Reviewed-by: Horia Geantă -
There was some code to free the keystore but the current
state of the function make this code unreachable so
remove it.Coverity explanation:
drivers/crypto/caam/sm_store.c:654: CID 17839 (#1 of 1):
Type: Logically dead code (DEADCODE)
Classification: Bug
Severity: Major
Action: Fix Required
Owner: nxa21133
Defect only exists locally.
drivers/crypto/caam/sm_store.c:625:
cond_null: Condition "keystore_data == NULL", taking true branch. Now
the value of "keystore_data" is "NULL".
drivers/crypto/caam/sm_store.c:653:
null: At condition "keystore_data != NULL", the value of "keystore_data"
must be "NULL".
drivers/crypto/caam/sm_store.c:653:
dead_error_condition: The condition "keystore_data != NULL" cannot be
true.
drivers/crypto/caam/sm_store.c:654:
dead_error_line: Execution cannot reach this statement:
"kfree(keystore_data);".Signed-off-by: Franck LENORMAND
-
The iMX6 platform does not support fardware GCM, more
recent iMX does so we enable it.Signed-off-by: Franck LENORMAND
-
A tagged key is a key which has been tagged with metadata
using tag_object.h API.We add the support for these keys to caamalg.
For each algo of caamalg which supports tagged keys , it is done by:
- Creating a modified version of the algo
- Registering the modified version
- When the modified transform is used, it gets
the load parameter of the key.Signed-off-by: Franck LENORMAND
-
Add functions to tag an object with metadata(configuration).
It is possible to:
- create metadata:
- init_tag_object_header
- init_blackey_conf
- set_tag_object_conf
- retrieve metadata:
- get_tag_object_conf
- get_blackey_confThe API expects an object to be a space a memory
with an address and a size.The implementation of the tag is currently exposed
but users shouldn't access it directly, they should
use the functions provided.Signed-off-by: Franck LENORMAND
-
The alogrithm ecb(arc4) was registered by the CAAM for all
the platforms however the hardware capability for this algo
is no more present (No CHA).
So we skip its registration.Signed-off-by: Franck LENORMAND
-
Properly copy the IV for external chaining if we
are performing a CBC operation.Signed-off-by: Franck LENORMAND
-
The crypto template lrw(crypto/lrw.c) and xts(crypto/xts.c) require
an ecb(aes) algo as base which ivsize must be zero as ecb(aes)
doesn't need an IV.The patch 84f5e22194 "MA-9807: Fix ecb(aes) use without an IV"
add support in caamalg for ecb(aes) without iv.The ecb(aes) implementation of the CAAM declare an ivsize which is
against specification. So remove it to be usable with cryto templates.Signed-off-by: Franck LENORMAND
-
The TRNG as used in RNG4, used in CAAM has a documentation issue. The
effect is that it is possible that the entropy used to instantiate the
DRBG may be old entropy, rather than newly generated entropy. There is
proper programming guidance, but it is not in the documentation.Signed-off-by: Aymen Sghaier
-
The driver is currently built because ARCH_LAYERSCAPE is defined however
this config should not be set for other platforms such as iMX8 family.This patch add the built of the driver if ARCH_MXC_ARM64 is selected.
Signed-off-by: Franck LENORMAND
-
Signed-off-by: Franck LENORMAND
-
Signed-off-by: Franck LENORMAND
-
Signed-off-by: Franck LENORMAND
-
Signed-off-by: Franck LENORMAND
-
In case of error when runnign descriptor, there was no indication
of the root cause with the appropriate existing function.Signed-off-by: Franck LENORMAND
-
Explicit the use of the ring device to manage the operations related
to DMA.Some values from DMA functions were not tested hence the issues
were making the descriptor to fail later and make it harder to debug.Signed-off-by: Franck LENORMAND
-
On i.MX8 platforms with SECO/SCU the RNG is not anymore instantiated
by the Kernel driver but by SECO. This is true for B0 revision and
later. A0 revision is not supported.Signed-off-by: Aymen Sghaier
-
This patch adds a check for the buffer size that is not empty before
the dma_unmap function call.Signed-off-by: Aymen Sghaier
-
Move to debug level rather than error level the RNG init traces while
increasing entropy delays.Signed-off-by: Aymen Sghaier
-
In case index == 00001000, the resulting index used to access
ctrlpriv->jr[] was 15 instead of the expected value of 0.Signed-off-by: Franck LENORMAND
-
While crypto manager tests some descriptors are malformed due to
pointer size not coherent with CAAM specific dma address sizeSigned-off-by: Aymen Sghaier
-
During caamhash tests the error "swiotlb buffer is full" occurred.
This was due to dma mapping without unmapping later.
This patch adds the unmap call to avoid the loss of dma memory.Signed-off-by: Aymen Sghaier
Signed-off-by: Franck LENORMAND -
This patch perform following modifications:
- Send and receive SM command regrouped in 1 function
- Verify that the JR device to use is valid
- Modification of the error handling in the probeSigned-off-by: Franck LENORMAND
-
Signed-off-by: Silvano di Ninno
Reviewed-by: Franck Lenormand -
- For i.MX 6 and 7 check if the Secure Firmware (OPTEE) is present.
If present don't do the RNG instantation in the CAAM driverReviewed-by: Silvano Di Ninno
Signed-off-by: Cedric Neveux -
Fix the following warnings in CAAM SM:
drivers/crypto/caam/sm_store.c: In function 'blacken_key_jobdesc':
drivers/crypto/caam/sm_store.c:141:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c:153:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c: In function 'blob_encap_jobdesc':
drivers/crypto/caam/sm_store.c:274:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)secretbuf;
^
drivers/crypto/caam/sm_store.c: In function 'blob_decap_jobdesc':
drivers/crypto/caam/sm_store.c:390:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)outbuf;
^
drivers/crypto/caam/sm_store.c: In function 'slot_get_base':
drivers/crypto/caam/sm_store.c:569:9: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
return (u32)(ksdata->base_address);
^
drivers/crypto/caam/sm_store.c: In function 'sm_keystore_slot_load':
drivers/crypto/caam/sm_store.c:789:6:
warning: unused variable 'i' [-Wunused-variable]
u32 i;Signed-off-by: Franck LENORMAND
-
Remove hard coded value for base physical address.
Use device tree to get this value.i.MX8 with seco is still not address since CAAM uses a private bus
to access secure memorySigned-off-by: Silvano di Ninno
-
I.MX linux only works with device tree support
No need to keep code without CONFIG_OFSigned-off-by: Silvano di Ninno
-
The iMX8 QX and QM have SECO/SCU enabled and the access
to SM registers is different as long as the addresses of
the pages.Signed-off-by: Franck LENORMAND
-
The Secure Memory is a hardware memory whose address was retrieved using
of_iomap, hence the memory manipulation shall use the set of functions:
memset_io/memcpy_fromio/memcpy_toio in order to works correctly.Not using these functions can result in kernel panic.
Signed-off-by: Franck LENORMAND
-
The computation of the base address of the physical and virtual
need to be the same depending on the architecture.The addresses are computed using a pointer on u8 so the additions
always works as expected.Signed-off-by: Franck LENORMAND