Commit 0532229cea2df862b807831ca3bcacab4104b853
1 parent
bb4943caec
Exists in
smarc_8mq-imx_v2020.04_5.4.24_2.1.0
and in
1 other branch
MA-15017 Add new command to generate bkek from trusty
Add new command to generate bkek from trusty. Test: generate and dump bkek. Change-Id: I6b2a30b87c755eecd00ced7c53cfb86e432040de Signed-off-by: Ji Luo <ji.luo@nxp.com> (cherry picked from commit 6c1087c030de491a12b7f1be9d332f30ba27d183)
Showing 3 changed files with 40 additions and 0 deletions Side-by-side Diff
include/interface/hwcrypto/hwcrypto.h
| ... | ... | @@ -39,6 +39,7 @@ |
| 39 | 39 | HWCRYPTO_HASH = (1 << HWCRYPTO_REQ_SHIFT), |
| 40 | 40 | HWCRYPTO_ENCAP_BLOB = (2 << HWCRYPTO_REQ_SHIFT), |
| 41 | 41 | HWCRYPTO_GEN_RNG = (3 << HWCRYPTO_REQ_SHIFT), |
| 42 | + HWCRYPTO_GEN_BKEK = (4 << HWCRYPTO_REQ_SHIFT), | |
| 42 | 43 | }; |
| 43 | 44 | |
| 44 | 45 | /** |
| ... | ... | @@ -105,5 +106,14 @@ |
| 105 | 106 | uint32_t buf; |
| 106 | 107 | uint32_t len; |
| 107 | 108 | }hwcrypto_rng_msg; |
| 109 | + | |
| 110 | +/** | |
| 111 | + * @buf: physical start address of the output bkek buf. | |
| 112 | + * @len: size of required rng. | |
| 113 | + */ | |
| 114 | +typedef struct hwcrypto_bkek_msg { | |
| 115 | + uint32_t buf; | |
| 116 | + uint32_t len; | |
| 117 | +}hwcrypto_bkek_msg; | |
| 108 | 118 | #endif /* TRUSTY_INTERFACE_HWCRYPTO_H_ */ |
include/trusty/hwcrypto.h
| ... | ... | @@ -74,5 +74,13 @@ |
| 74 | 74 | * @len: size of required rng. |
| 75 | 75 | * */ |
| 76 | 76 | int hwcrypto_gen_rng(uint32_t buf, uint32_t len); |
| 77 | + | |
| 78 | +/* Send request to secure side to generate bkek with caam. | |
| 79 | + * Returns one of trusty_err. | |
| 80 | + * | |
| 81 | + * @buf: physical start address of the output rng buf. | |
| 82 | + * @len: size of required rng. | |
| 83 | + * */ | |
| 84 | +int hwcrypto_gen_bkek(uint32_t buf, uint32_t len); | |
| 77 | 85 | #endif /* TRUSTY_HWCRYPTO_H_ */ |
lib/trusty/ql-tipc/hwcrypto.c
| ... | ... | @@ -240,4 +240,26 @@ |
| 240 | 240 | sizeof(req), NULL, 0, false); |
| 241 | 241 | return rc; |
| 242 | 242 | } |
| 243 | + | |
| 244 | +int hwcrypto_gen_bkek(uint32_t buf, uint32_t len) | |
| 245 | +{ | |
| 246 | + hwcrypto_bkek_msg req; | |
| 247 | + unsigned long start, end; | |
| 248 | + | |
| 249 | + /* check the address */ | |
| 250 | + if (buf == 0) | |
| 251 | + return TRUSTY_ERR_INVALID_ARGS; | |
| 252 | + /* fill the request buffer */ | |
| 253 | + req.buf = buf; | |
| 254 | + req.len = len; | |
| 255 | + | |
| 256 | + /* invalidate dcache for output buffer */ | |
| 257 | + start = (unsigned long)buf & ~(ARCH_DMA_MINALIGN - 1); | |
| 258 | + end = ALIGN((unsigned long)buf + len, ARCH_DMA_MINALIGN); | |
| 259 | + invalidate_dcache_range(start, end); | |
| 260 | + | |
| 261 | + int rc = hwcrypto_do_tipc(HWCRYPTO_GEN_BKEK, (void*)&req, | |
| 262 | + sizeof(req), NULL, 0, false); | |
| 263 | + return rc; | |
| 264 | +} |