Eric Lee / smarc-uboot

Download as
Browse Code ยป

Commit de975d8500dc9423d10faf8c8290f6463662144c

Authored by Ji Luo
1 parent 68261e4ca3
Exists in smarc-imx_v2018.03_4.14.78_1.0.0_ga

MA-13831-3 [trusty] Add command to generate rng with CAAM 

Add new hwcrypto command to support rng generation with CAAM.

Test: rng generated on imx8qxp_mek.

Change-Id: I756f3e99423f0f9dfc2bcd30117a3f96e9f5f2f7
Signed-off-by: Ji Luo <ji.luo@nxp.com>

Showing 3 changed files with 39 additions and 0 deletions Inline Diff

include/interface/hwcrypto/hwcrypto.h
Diff comments   View file @ de975d8
1 /* 1 /*
2 * Copyright (C) 2016 The Android Open Source Project 2 * Copyright (C) 2016 The Android Open Source Project
3 * Copyright NXP 2018 3 * Copyright NXP 2018
4 * 4 *
5 * Permission is hereby granted, free of charge, to any person 5 * Permission is hereby granted, free of charge, to any person
6 * obtaining a copy of this software and associated documentation 6 * obtaining a copy of this software and associated documentation
7 * files (the "Software"), to deal in the Software without 7 * files (the "Software"), to deal in the Software without
8 * restriction, including without limitation the rights to use, copy, 8 * restriction, including without limitation the rights to use, copy,
9 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * modify, merge, publish, distribute, sublicense, and/or sell copies
10 * of the Software, and to permit persons to whom the Software is 10 * of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions: 11 * furnished to do so, subject to the following conditions:
12 * 12 *
13 * The above copyright notice and this permission notice shall be 13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software. 14 * included in all copies or substantial portions of the Software.
15 * 15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. 23 * SOFTWARE.
24 * 24 *
25 */ 25 */
26 26
27 #ifndef TRUSTY_INTERFACE_HWCRYPTO_H_ 27 #ifndef TRUSTY_INTERFACE_HWCRYPTO_H_
28 #define TRUSTY_INTERFACE_HWCRYPTO_H_ 28 #define TRUSTY_INTERFACE_HWCRYPTO_H_
29 29
30 #include <trusty/sysdeps.h> 30 #include <trusty/sysdeps.h>
31 31
32 #define HWCRYPTO_PORT "com.android.trusty.hwcrypto" 32 #define HWCRYPTO_PORT "com.android.trusty.hwcrypto"
33 #define HWCRYPTO_MAX_BUFFER_LENGTH 2048 33 #define HWCRYPTO_MAX_BUFFER_LENGTH 2048
34 34
35 enum hwcrypto_command { 35 enum hwcrypto_command {
36 HWCRYPTO_REQ_SHIFT = 1, 36 HWCRYPTO_REQ_SHIFT = 1,
37 HWCRYPTO_RESP_BIT = 1, 37 HWCRYPTO_RESP_BIT = 1,
38 38
39 HWCRYPTO_HASH = (1 << HWCRYPTO_REQ_SHIFT), 39 HWCRYPTO_HASH = (1 << HWCRYPTO_REQ_SHIFT),
40 HWCRYPTO_ENCAP_BLOB = (2 << HWCRYPTO_REQ_SHIFT), 40 HWCRYPTO_ENCAP_BLOB = (2 << HWCRYPTO_REQ_SHIFT),
41 HWCRYPTO_GEN_RNG = (3 << HWCRYPTO_REQ_SHIFT),
41 }; 42 };
42 43
43 /** 44 /**
44 * enum hwcrypto_error - error codes for HWCRYPTO protocol 45 * enum hwcrypto_error - error codes for HWCRYPTO protocol
45 * @HWCRYPTO_ERROR_NONE: All OK 46 * @HWCRYPTO_ERROR_NONE: All OK
46 * @HWCRYPTO_ERROR_INVALID: Invalid input 47 * @HWCRYPTO_ERROR_INVALID: Invalid input
47 * @HWCRYPTO_ERROR_INTERNAL: Error occurred during an operation in Trusty 48 * @HWCRYPTO_ERROR_INTERNAL: Error occurred during an operation in Trusty
48 */ 49 */
49 enum hwcrypto_error { 50 enum hwcrypto_error {
50 HWCRYPTO_ERROR_NONE = 0, 51 HWCRYPTO_ERROR_NONE = 0,
51 HWCRYPTO_ERROR_INVALID = 1, 52 HWCRYPTO_ERROR_INVALID = 1,
52 HWCRYPTO_ERROR_INTERNAL = 2, 53 HWCRYPTO_ERROR_INTERNAL = 2,
53 }; 54 };
54 55
55 enum hwcrypto_hash_algo { 56 enum hwcrypto_hash_algo {
56 SHA1 = 0, 57 SHA1 = 0,
57 SHA256 58 SHA256
58 }; 59 };
59 /** 60 /**
60 * hwcrypto_message - Serial header for communicating with hwcrypto server 61 * hwcrypto_message - Serial header for communicating with hwcrypto server
61 * @cmd: the command. Payload must be a serialized buffer of the 62 * @cmd: the command. Payload must be a serialized buffer of the
62 * corresponding request object. 63 * corresponding request object.
63 * @result: resulting error code for message, one of hwcrypto_error. 64 * @result: resulting error code for message, one of hwcrypto_error.
64 * @payload: start of the serialized command specific payload 65 * @payload: start of the serialized command specific payload
65 */ 66 */
66 struct hwcrypto_message { 67 struct hwcrypto_message {
67 uint32_t cmd; 68 uint32_t cmd;
68 uint32_t result; 69 uint32_t result;
69 uint8_t payload[0]; 70 uint8_t payload[0];
70 }; 71 };
71 72
72 /** 73 /**
73 * hwcrypto_hash_msg - Serial header for communicating with hwcrypto server 74 * hwcrypto_hash_msg - Serial header for communicating with hwcrypto server
74 * @in_addr: start address of the input buf. 75 * @in_addr: start address of the input buf.
75 * @in_len: size of the input buf. 76 * @in_len: size of the input buf.
76 * @out_addr: start addrss of the output buf. 77 * @out_addr: start addrss of the output buf.
77 * @out_len: size of the output buf. 78 * @out_len: size of the output buf.
78 * @algo: hash algorithm expect to use. 79 * @algo: hash algorithm expect to use.
79 */ 80 */
80 typedef struct hwcrypto_hash_msg { 81 typedef struct hwcrypto_hash_msg {
81 uint32_t in_addr; 82 uint32_t in_addr;
82 uint32_t in_len; 83 uint32_t in_len;
83 uint32_t out_addr; 84 uint32_t out_addr;
84 uint32_t out_len; 85 uint32_t out_len;
85 enum hwcrypto_hash_algo algo; 86 enum hwcrypto_hash_algo algo;
86 } hwcrypto_hash_msg; 87 } hwcrypto_hash_msg;
87 88
88 /** 89 /**
89 * @plain_pa: physical start address of the plain blob buf. 90 * @plain_pa: physical start address of the plain blob buf.
90 * @plain_size: size of the plain blob. 91 * @plain_size: size of the plain blob.
91 * @blob: physical start addrss of the output buf. 92 * @blob: physical start addrss of the output buf.
92 */ 93 */
93 typedef struct hwcrypto_blob_msg { 94 typedef struct hwcrypto_blob_msg {
94 uint32_t plain_pa; 95 uint32_t plain_pa;
95 uint32_t plain_size; 96 uint32_t plain_size;
96 uint32_t blob_pa; 97 uint32_t blob_pa;
97 }hwcrypto_blob_msg; 98 }hwcrypto_blob_msg;
98 99
100 /**
101 * @buf: physical start address of the output rng buf.
102 * @len: size of required rng.
103 */
104 typedef struct hwcrypto_rng_msg {
105 uint32_t buf;
106 uint32_t len;
107 }hwcrypto_rng_msg;
99 #endif /* TRUSTY_INTERFACE_HWCRYPTO_H_ */ 108 #endif /* TRUSTY_INTERFACE_HWCRYPTO_H_ */
100 109
include/trusty/hwcrypto.h
Diff comments   View file @ de975d8
1 /* 1 /*
2 * Copyright (C) 2016 The Android Open Source Project 2 * Copyright (C) 2016 The Android Open Source Project
3 * Copyright NXP 2018 3 * Copyright NXP 2018
4 * 4 *
5 * Permission is hereby granted, free of charge, to any person 5 * Permission is hereby granted, free of charge, to any person
6 * obtaining a copy of this software and associated documentation 6 * obtaining a copy of this software and associated documentation
7 * files (the "Software"), to deal in the Software without 7 * files (the "Software"), to deal in the Software without
8 * restriction, including without limitation the rights to use, copy, 8 * restriction, including without limitation the rights to use, copy,
9 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * modify, merge, publish, distribute, sublicense, and/or sell copies
10 * of the Software, and to permit persons to whom the Software is 10 * of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions: 11 * furnished to do so, subject to the following conditions:
12 * 12 *
13 * The above copyright notice and this permission notice shall be 13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software. 14 * included in all copies or substantial portions of the Software.
15 * 15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. 23 * SOFTWARE.
24 * 24 *
25 */ 25 */
26 26
27 #ifndef TRUSTY_HWCRYPTO_H_ 27 #ifndef TRUSTY_HWCRYPTO_H_
28 #define TRUSTY_HWCRYPTO_H_ 28 #define TRUSTY_HWCRYPTO_H_
29 29
30 #include <trusty/sysdeps.h> 30 #include <trusty/sysdeps.h>
31 #include <trusty/trusty_ipc.h> 31 #include <trusty/trusty_ipc.h>
32 #include <interface/hwcrypto/hwcrypto.h> 32 #include <interface/hwcrypto/hwcrypto.h>
33 33
34 /* 34 /*
35 * Initialize HWCRYPTO TIPC client. Returns one of trusty_err. 35 * Initialize HWCRYPTO TIPC client. Returns one of trusty_err.
36 * 36 *
37 * @dev: initialized with trusty_ipc_dev_create 37 * @dev: initialized with trusty_ipc_dev_create
38 */ 38 */
39 int hwcrypto_tipc_init(struct trusty_ipc_dev *dev); 39 int hwcrypto_tipc_init(struct trusty_ipc_dev *dev);
40 /* 40 /*
41 * Shutdown HWCRYPTO TIPC client. 41 * Shutdown HWCRYPTO TIPC client.
42 * 42 *
43 * @dev: initialized with trusty_ipc_dev_create 43 * @dev: initialized with trusty_ipc_dev_create
44 */ 44 */
45 void hwcrypto_tipc_shutdown(struct trusty_ipc_dev *dev); 45 void hwcrypto_tipc_shutdown(struct trusty_ipc_dev *dev);
46 /* 46 /*
47 * Send request to secure side to calculate sha256 hash with caam. 47 * Send request to secure side to calculate sha256 hash with caam.
48 * Returns one of trusty_err. 48 * Returns one of trusty_err.
49 * 49 *
50 * @in_addr: start address of the input buf 50 * @in_addr: start address of the input buf
51 * @in_len: size of the input buf 51 * @in_len: size of the input buf
52 * @out_addr: start address of the output buf 52 * @out_addr: start address of the output buf
53 * @out_len: size of the output buf 53 * @out_len: size of the output buf
54 * @algo: hash algorithm type expect to use 54 * @algo: hash algorithm type expect to use
55 */ 55 */
56 int hwcrypto_hash(uint32_t in_addr, uint32_t in_len, uint32_t out_addr, 56 int hwcrypto_hash(uint32_t in_addr, uint32_t in_len, uint32_t out_addr,
57 uint32_t out_len, enum hwcrypto_hash_algo algo); 57 uint32_t out_len, enum hwcrypto_hash_algo algo);
58 58
59 /* 59 /*
60 * Send request to secure side to generate blob with caam. 60 * Send request to secure side to generate blob with caam.
61 * Returns one of trusty_err. 61 * Returns one of trusty_err.
62 * 62 *
63 * @plain_pa: physical start address of the plain blob buffer. 63 * @plain_pa: physical start address of the plain blob buffer.
64 * @plain_size: size of the plain blob buffer. 64 * @plain_size: size of the plain blob buffer.
65 * @blob_pa: physical start address of the generated blob buffer. 65 * @blob_pa: physical start address of the generated blob buffer.
66 */ 66 */
67 int hwcrypto_gen_blob(uint32_t plain_pa, 67 int hwcrypto_gen_blob(uint32_t plain_pa,
68 uint32_t plain_size, uint32_t blob_pa); 68 uint32_t plain_size, uint32_t blob_pa);
69
70 /* Send request to secure side to generate rng with caam.
71 * Returns one of trusty_err.
72 *
73 * @buf: physical start address of the output rng buf.
74 * @len: size of required rng.
75 * */
76 int hwcrypto_gen_rng(uint32_t buf, uint32_t len);
69 #endif /* TRUSTY_HWCRYPTO_H_ */ 77 #endif /* TRUSTY_HWCRYPTO_H_ */
70 78
lib/trusty/ql-tipc/hwcrypto.c
Diff comments   View file @ de975d8
1 /* 1 /*
2 * Copyright (C) 2016 The Android Open Source Project 2 * Copyright (C) 2016 The Android Open Source Project
3 * Copyright NXP 2018 3 * Copyright NXP 2018
4 * 4 *
5 * Permission is hereby granted, free of charge, to any person 5 * Permission is hereby granted, free of charge, to any person
6 * obtaining a copy of this software and associated documentation 6 * obtaining a copy of this software and associated documentation
7 * files (the "Software"), to deal in the Software without 7 * files (the "Software"), to deal in the Software without
8 * restriction, including without limitation the rights to use, copy, 8 * restriction, including without limitation the rights to use, copy,
9 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * modify, merge, publish, distribute, sublicense, and/or sell copies
10 * of the Software, and to permit persons to whom the Software is 10 * of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions: 11 * furnished to do so, subject to the following conditions:
12 * 12 *
13 * The above copyright notice and this permission notice shall be 13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software. 14 * included in all copies or substantial portions of the Software.
15 * 15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. 23 * SOFTWARE.
24 */ 24 */
25 25
26 #include <trusty/hwcrypto.h> 26 #include <trusty/hwcrypto.h>
27 #include <trusty/rpmb.h> 27 #include <trusty/rpmb.h>
28 #include <trusty/trusty_ipc.h> 28 #include <trusty/trusty_ipc.h>
29 #include <trusty/util.h> 29 #include <trusty/util.h>
30 #include "common.h" 30 #include "common.h"
31 31
32 #define LOCAL_LOG 0 32 #define LOCAL_LOG 0
33 #define CAAM_KB_HEADER_LEN 48 33 #define CAAM_KB_HEADER_LEN 48
34 34
35 static bool initialized; 35 static bool initialized;
36 static struct trusty_ipc_chan hwcrypto_chan; 36 static struct trusty_ipc_chan hwcrypto_chan;
37 37
38 static int hwcrypto_send_request(struct hwcrypto_message *msg, void *req, size_t req_len) 38 static int hwcrypto_send_request(struct hwcrypto_message *msg, void *req, size_t req_len)
39 { 39 {
40 struct trusty_ipc_iovec req_iovs[2] = { 40 struct trusty_ipc_iovec req_iovs[2] = {
41 { .base = msg, .len = sizeof(*msg) }, 41 { .base = msg, .len = sizeof(*msg) },
42 { .base = req, .len = req_len }, 42 { .base = req, .len = req_len },
43 }; 43 };
44 44
45 return trusty_ipc_send(&hwcrypto_chan, req_iovs, req ? 2 : 1, true); 45 return trusty_ipc_send(&hwcrypto_chan, req_iovs, req ? 2 : 1, true);
46 } 46 }
47 47
48 static int hwcrypto_read_response(struct hwcrypto_message *msg, uint32_t cmd, void *resp, 48 static int hwcrypto_read_response(struct hwcrypto_message *msg, uint32_t cmd, void *resp,
49 size_t resp_len) 49 size_t resp_len)
50 { 50 {
51 int rc; 51 int rc;
52 struct trusty_ipc_iovec resp_iovs[2] = { 52 struct trusty_ipc_iovec resp_iovs[2] = {
53 { .base = msg, .len = sizeof(*msg) }, 53 { .base = msg, .len = sizeof(*msg) },
54 { .base = resp, .len = resp_len }, 54 { .base = resp, .len = resp_len },
55 }; 55 };
56 56
57 rc = trusty_ipc_recv(&hwcrypto_chan, resp_iovs, resp ? 2 : 1, true); 57 rc = trusty_ipc_recv(&hwcrypto_chan, resp_iovs, resp ? 2 : 1, true);
58 if (rc < 0) { 58 if (rc < 0) {
59 trusty_error("failed (%d) to recv response\n", rc); 59 trusty_error("failed (%d) to recv response\n", rc);
60 return rc; 60 return rc;
61 } 61 }
62 if (msg->cmd != (cmd | HWCRYPTO_RESP_BIT)) { 62 if (msg->cmd != (cmd | HWCRYPTO_RESP_BIT)) {
63 trusty_error("malformed response\n"); 63 trusty_error("malformed response\n");
64 return TRUSTY_ERR_GENERIC; 64 return TRUSTY_ERR_GENERIC;
65 } 65 }
66 /* return payload size */ 66 /* return payload size */
67 return rc - sizeof(*msg); 67 return rc - sizeof(*msg);
68 } 68 }
69 69
70 /* 70 /*
71 * Convenience function to send a request to the hwcrypto service and read the 71 * Convenience function to send a request to the hwcrypto service and read the
72 * response. 72 * response.
73 * 73 *
74 * @cmd: the command 74 * @cmd: the command
75 * @req: the request buffer 75 * @req: the request buffer
76 * @req_size: size of the request buffer 76 * @req_size: size of the request buffer
77 * @resp: the response buffer 77 * @resp: the response buffer
78 * @resp_size_p: pointer to the size of the response buffer. changed to the 78 * @resp_size_p: pointer to the size of the response buffer. changed to the
79 actual size of the response read from the secure side 79 actual size of the response read from the secure side
80 * @handle_rpmb: true if the request is expected to invoke RPMB callbacks 80 * @handle_rpmb: true if the request is expected to invoke RPMB callbacks
81 */ 81 */
82 static int hwcrypto_do_tipc(uint32_t cmd, void *req, uint32_t req_size, void *resp, 82 static int hwcrypto_do_tipc(uint32_t cmd, void *req, uint32_t req_size, void *resp,
83 uint32_t *resp_size_p, bool handle_rpmb) 83 uint32_t *resp_size_p, bool handle_rpmb)
84 { 84 {
85 int rc; 85 int rc;
86 struct hwcrypto_message msg = { .cmd = cmd }; 86 struct hwcrypto_message msg = { .cmd = cmd };
87 87
88 if (!initialized) { 88 if (!initialized) {
89 trusty_error("%s: HWCRYPTO TIPC client not initialized\n", __func__); 89 trusty_error("%s: HWCRYPTO TIPC client not initialized\n", __func__);
90 return TRUSTY_ERR_GENERIC; 90 return TRUSTY_ERR_GENERIC;
91 } 91 }
92 92
93 rc = hwcrypto_send_request(&msg, req, req_size); 93 rc = hwcrypto_send_request(&msg, req, req_size);
94 if (rc < 0) { 94 if (rc < 0) {
95 trusty_error("%s: failed (%d) to send hwcrypto request\n", __func__, rc); 95 trusty_error("%s: failed (%d) to send hwcrypto request\n", __func__, rc);
96 return rc; 96 return rc;
97 } 97 }
98 98
99 if (handle_rpmb) { 99 if (handle_rpmb) {
100 /* handle any incoming RPMB requests */ 100 /* handle any incoming RPMB requests */
101 rc = rpmb_storage_proxy_poll(); 101 rc = rpmb_storage_proxy_poll();
102 if (rc < 0) { 102 if (rc < 0) {
103 trusty_error("%s: failed (%d) to get RPMB requests\n", __func__, 103 trusty_error("%s: failed (%d) to get RPMB requests\n", __func__,
104 rc); 104 rc);
105 return rc; 105 return rc;
106 } 106 }
107 } 107 }
108 108
109 uint32_t resp_size = resp_size_p ? *resp_size_p : 0; 109 uint32_t resp_size = resp_size_p ? *resp_size_p : 0;
110 rc = hwcrypto_read_response(&msg, cmd, resp, resp_size); 110 rc = hwcrypto_read_response(&msg, cmd, resp, resp_size);
111 if (rc < 0) { 111 if (rc < 0) {
112 trusty_error("%s: failed (%d) to read HWCRYPTO response\n", __func__, rc); 112 trusty_error("%s: failed (%d) to read HWCRYPTO response\n", __func__, rc);
113 return rc; 113 return rc;
114 } 114 }
115 /* change response size to actual response size */ 115 /* change response size to actual response size */
116 if (resp_size_p && rc != *resp_size_p) { 116 if (resp_size_p && rc != *resp_size_p) {
117 *resp_size_p = rc; 117 *resp_size_p = rc;
118 } 118 }
119 if (msg.result != HWCRYPTO_ERROR_NONE) { 119 if (msg.result != HWCRYPTO_ERROR_NONE) {
120 trusty_error("%s: HWCRYPTO service returned error (%d)\n", __func__, 120 trusty_error("%s: HWCRYPTO service returned error (%d)\n", __func__,
121 msg.result); 121 msg.result);
122 return TRUSTY_ERR_GENERIC; 122 return TRUSTY_ERR_GENERIC;
123 } 123 }
124 return TRUSTY_ERR_NONE; 124 return TRUSTY_ERR_NONE;
125 } 125 }
126 126
127 int hwcrypto_tipc_init(struct trusty_ipc_dev *dev) 127 int hwcrypto_tipc_init(struct trusty_ipc_dev *dev)
128 { 128 {
129 int rc; 129 int rc;
130 130
131 trusty_assert(dev); 131 trusty_assert(dev);
132 trusty_assert(!initialized); 132 trusty_assert(!initialized);
133 133
134 trusty_ipc_chan_init(&hwcrypto_chan, dev); 134 trusty_ipc_chan_init(&hwcrypto_chan, dev);
135 trusty_debug("Connecting to hwcrypto service\n"); 135 trusty_debug("Connecting to hwcrypto service\n");
136 136
137 /* connect to hwcrypto service and wait for connect to complete */ 137 /* connect to hwcrypto service and wait for connect to complete */
138 rc = trusty_ipc_connect(&hwcrypto_chan, HWCRYPTO_PORT, true); 138 rc = trusty_ipc_connect(&hwcrypto_chan, HWCRYPTO_PORT, true);
139 if (rc < 0) { 139 if (rc < 0) {
140 trusty_error("failed (%d) to connect to '%s'\n", rc, HWCRYPTO_PORT); 140 trusty_error("failed (%d) to connect to '%s'\n", rc, HWCRYPTO_PORT);
141 return rc; 141 return rc;
142 } 142 }
143 143
144 /* mark as initialized */ 144 /* mark as initialized */
145 initialized = true; 145 initialized = true;
146 146
147 return TRUSTY_ERR_NONE; 147 return TRUSTY_ERR_NONE;
148 } 148 }
149 149
150 void hwcrypto_tipc_shutdown(struct trusty_ipc_dev *dev) 150 void hwcrypto_tipc_shutdown(struct trusty_ipc_dev *dev)
151 { 151 {
152 if (!initialized) 152 if (!initialized)
153 return; /* nothing to do */ 153 return; /* nothing to do */
154 154
155 /* close channel */ 155 /* close channel */
156 trusty_ipc_close(&hwcrypto_chan); 156 trusty_ipc_close(&hwcrypto_chan);
157 157
158 initialized = false; 158 initialized = false;
159 } 159 }
160 160
161 int hwcrypto_hash(uint32_t in_addr, uint32_t in_len, uint32_t out_addr, 161 int hwcrypto_hash(uint32_t in_addr, uint32_t in_len, uint32_t out_addr,
162 uint32_t out_len, enum hwcrypto_hash_algo algo) 162 uint32_t out_len, enum hwcrypto_hash_algo algo)
163 { 163 {
164 hwcrypto_hash_msg req; 164 hwcrypto_hash_msg req;
165 unsigned long start, end; 165 unsigned long start, end;
166 166
167 /* check the address */ 167 /* check the address */
168 if (in_addr == 0 || out_addr == 0) 168 if (in_addr == 0 || out_addr == 0)
169 return TRUSTY_ERR_INVALID_ARGS; 169 return TRUSTY_ERR_INVALID_ARGS;
170 /* fill the request buffer */ 170 /* fill the request buffer */
171 req.in_addr = in_addr; 171 req.in_addr = in_addr;
172 req.out_addr = out_addr; 172 req.out_addr = out_addr;
173 req.in_len = in_len; 173 req.in_len = in_len;
174 req.out_len = out_len; 174 req.out_len = out_len;
175 req.algo = algo; 175 req.algo = algo;
176 176
177 /* flush dcache for input buffer */ 177 /* flush dcache for input buffer */
178 start = (unsigned long)in_addr & ~(ARCH_DMA_MINALIGN - 1); 178 start = (unsigned long)in_addr & ~(ARCH_DMA_MINALIGN - 1);
179 end = ALIGN((unsigned long)in_addr + in_len, ARCH_DMA_MINALIGN); 179 end = ALIGN((unsigned long)in_addr + in_len, ARCH_DMA_MINALIGN);
180 flush_dcache_range(start, end); 180 flush_dcache_range(start, end);
181 181
182 /* invalidate dcache for output buffer */ 182 /* invalidate dcache for output buffer */
183 start = (unsigned long)out_addr & ~(ARCH_DMA_MINALIGN - 1); 183 start = (unsigned long)out_addr & ~(ARCH_DMA_MINALIGN - 1);
184 end = ALIGN((unsigned long)out_addr + out_len, ARCH_DMA_MINALIGN); 184 end = ALIGN((unsigned long)out_addr + out_len, ARCH_DMA_MINALIGN);
185 invalidate_dcache_range(start, end); 185 invalidate_dcache_range(start, end);
186 186
187 int rc = hwcrypto_do_tipc(HWCRYPTO_HASH, (void*)&req, 187 int rc = hwcrypto_do_tipc(HWCRYPTO_HASH, (void*)&req,
188 sizeof(req), NULL, 0, false); 188 sizeof(req), NULL, 0, false);
189 return rc; 189 return rc;
190 } 190 }
191 191
192 int hwcrypto_gen_blob(uint32_t plain_pa, 192 int hwcrypto_gen_blob(uint32_t plain_pa,
193 uint32_t plain_size, uint32_t blob_pa) 193 uint32_t plain_size, uint32_t blob_pa)
194 { 194 {
195 hwcrypto_blob_msg req; 195 hwcrypto_blob_msg req;
196 unsigned long start, end; 196 unsigned long start, end;
197 197
198 /* check the address */ 198 /* check the address */
199 if (plain_pa == 0 || blob_pa == 0) 199 if (plain_pa == 0 || blob_pa == 0)
200 return TRUSTY_ERR_INVALID_ARGS; 200 return TRUSTY_ERR_INVALID_ARGS;
201 /* fill the request buffer */ 201 /* fill the request buffer */
202 req.plain_pa = plain_pa; 202 req.plain_pa = plain_pa;
203 req.plain_size = plain_size; 203 req.plain_size = plain_size;
204 req.blob_pa = blob_pa; 204 req.blob_pa = blob_pa;
205 205
206 /* flush dcache for input buffer */ 206 /* flush dcache for input buffer */
207 start = (unsigned long)plain_pa & ~(ARCH_DMA_MINALIGN - 1); 207 start = (unsigned long)plain_pa & ~(ARCH_DMA_MINALIGN - 1);
208 end = ALIGN((unsigned long)plain_pa + plain_size, ARCH_DMA_MINALIGN); 208 end = ALIGN((unsigned long)plain_pa + plain_size, ARCH_DMA_MINALIGN);
209 flush_dcache_range(start, end); 209 flush_dcache_range(start, end);
210 210
211 /* invalidate dcache for output buffer */ 211 /* invalidate dcache for output buffer */
212 start = (unsigned long)blob_pa & ~(ARCH_DMA_MINALIGN - 1); 212 start = (unsigned long)blob_pa & ~(ARCH_DMA_MINALIGN - 1);
213 end = ALIGN((unsigned long)blob_pa + plain_size + 213 end = ALIGN((unsigned long)blob_pa + plain_size +
214 CAAM_KB_HEADER_LEN, ARCH_DMA_MINALIGN); 214 CAAM_KB_HEADER_LEN, ARCH_DMA_MINALIGN);
215 invalidate_dcache_range(start, end); 215 invalidate_dcache_range(start, end);
216 216
217 int rc = hwcrypto_do_tipc(HWCRYPTO_ENCAP_BLOB, (void*)&req, 217 int rc = hwcrypto_do_tipc(HWCRYPTO_ENCAP_BLOB, (void*)&req,
218 sizeof(req), NULL, 0, false); 218 sizeof(req), NULL, 0, false);
219 return rc; 219 return rc;
220 } 220 }
221
222 int hwcrypto_gen_rng(uint32_t buf, uint32_t len)
223 {
224 hwcrypto_rng_msg req;
225 unsigned long start, end;
226
227 /* check the address */
228 if (buf == 0)
229 return TRUSTY_ERR_INVALID_ARGS;
230 /* fill the request buffer */
231 req.buf = buf;
232 req.len = len;
233
234 /* invalidate dcache for output buffer */
235 start = (unsigned long)buf & ~(ARCH_DMA_MINALIGN - 1);
236 end = ALIGN((unsigned long)buf + len, ARCH_DMA_MINALIGN);
237 invalidate_dcache_range(start, end);
238
239 int rc = hwcrypto_do_tipc(HWCRYPTO_GEN_RNG, (void*)&req,
240 sizeof(req), NULL, 0, false);
241 return rc;
242 }
221 243