06 May, 2020
8 commits
-
Add DEK blob encapsulation support for IMX8M through "dek_blob" command.
On ARMv8, u-boot runs in non-secure, thus cannot encapsulate a DEK blob
for encrypted boot.
The DEK blob is encapsulated by OP-TEE through a trusted application call.
U-boot sends and receives the DEK and the DEK blob binaries through OP-TEE
dynamic shared memory.To enable the DEK blob encapsulation, add to the defconfig:
CONFIG_SECURE_BOOT=y
CONFIG_FAT_WRITE=y
CONFIG_CMD_DEKBLOB=ySigned-off-by: Clement Faure
Reviewed-by: Ye Li
(cherry picked from commit 7ffd25bddc89db30612f4e805d103c7d8dde5d95) -
The sec_in32 preprocessor is defined as follows in include/fsl_sec.h file:
When address "a" is calculated using math for ex: addition of base address and an offset, then casting is applied only to the first address which in this example is base address.caam_ccbvid_reg = sec_in32(CONFIG_SYS_FSL_SEC_ADDR + CAAM_CCBVID_OFFSET)
resolves to:
caam_ccbvid_reg = in_le32((ulong *)(ulong)CONFIG_SYS_FSL_SEC_ADDR + CAAM_CCBVID_OFFSET)
instead it should resolve to:
caam_ccbvid_reg = in_le32((ulong *)(ulong)(CONFIG_SYS_FSL_SEC_ADDR + CAAM_CCBVID_OFFSET))Thus add parenthesis around the address "a" so that however the address is calculated, the casting is applied to the final calculated address.
Bug introduced by commit 79e90af14af3 ("MLK-18044-2: crypto: caam: Fix build warnings pointer casting").
Signed-off-by: Utkarsh Gupta
Reviewed-by: Horia Geanta
Reviewed-by: Ye Li
(cherry picked from commit 5d10d1cab052f8af4fd00640e09642aa0a596922) -
In i.MX8M platforms the secure memory block has a newer version
than those used in i.MX6/7 platforms, this patch update the driver
to use the correct registers offsets.Signed-off-by: Aymen Sghaier
(cherry picked from commit 0daa9c142a1809b473d101f6db9700574ce3d522)
(cherry picked from commit 7184ec3307c4347a7a7765ba72415580cd65c341)
(cherry picked from commit 020649dd642899665dce8655c395f785f5d243e0) -
Enabling CAAM driver for i.MX8M platforms, a 64 bits architecture,
lead to casting warnings: from/to pointer to/from integer with
different size. This patch fix these warningsSigned-off-by: Aymen Sghaier
(cherry picked from commit d02fbc7d2957f4788ced017ccf17fd35ab968121)
(cherry picked from commit 79e90af14af32e86fd7efd3c84e09a0bd572ab5b)
(cherry picked from commit 338786e6c79c2392dfe44c44e94c59fb18d684fd) -
This patch enable CAAM support for i.MX8M platforms.
Signed-off-by: Aymen Sghaier
(cherry picked from commit 1fc92e6e34b06bdee81240ce06326aca1d9c02d8)
(cherry picked from commit b0f889b77b367b69aa0778b1d03a2ec30fdee243)
(cherry picked from commit f5c28e63f19ef99e0fe4d01b176789aacc507d79) -
Signed-off-by: Franck LENORMAND
(cherry picked from commit 5f429339ab5a5f0d1f00a2880ce05cf479f11ba5)
(cherry picked from commit c26db25a130ef1f0abd43a3133877f74431eb217)
(cherry picked from commit 62ca8b07d4906ea11380f2638cc4b9d55beae9f6) -
U-Boot can instantiate CAAM RNG if needed by crypto operations.
Call sec_init() prior running a blob operation to ensure
RNG is correctly instantiated.Make sure CAAM clock is enabled and check if a job ring is
available for that operation.Signed-off-by: Breno Lima
Reviewed-by: Ye Li
(cherry picked from commit b2b745515d06f05ea288524e26cf2389d6924ff2)
(cherry picked from commit fe33f7296336b7364fb24ad21b0be32eb5810262)
(cherry picked from commit 1339300cba26dc32289633c3a8c2cc86a1180949) -
This code was originally developed by Raul Cardenas
and modified to be applied in U-Boot imx_v2017.03.More information about the initial submission can be seen
in the link below:
https://lists.denx.de/pipermail/u-boot/2016-February/245273.htmli.MX7D has an a protection feature for Manufacturing process.
This feature uses asymmetric encryption to sign and verify
authenticated software handled between parties. This command
enables the use of such feature.The private key is unique and generated once per device.
And it is stored in secure memory and only accessible by CAAM.
Therefore, the public key generation and signature functions
are the only functions available for the user.The manufacturing-protection authentication process can be used to
authenticate the chip to the OEM's server.Command usage:
Print the public key for the device.
- mfgprot pubkGenerates Signature over given data.
- mfgprot signSigned-off-by: Raul Ulises Cardenas
Signed-off-by: Breno Lima
Reviewed-by: Fabio Estevam
Reviewed-by: Ye Li
(cherry picked from commit db2dbf622d3c711b2fbd85e6814992e023479dad)
(cherry picked from commit 554b7cdcf47a49097cc5417cc6130e469d7ccc20)
08 Nov, 2019
1 commit
-
Add ICID setup for the platform devices contained on this chip: usb,
sata, sdhc, sec.Signed-off-by: Laurentiu Tudor
Reviewed-by: Horia Geanta
Reviewed-by: Priyanka Jain
04 Mar, 2019
1 commit
-
On Layerscape architectures the SEC memory map is 1MB and the
register blocks contained in it are 64KB aligned, not 4KB as
the ccsr_sec structure currently assumes. Fix the layout of
the structure for these architectures.Signed-off-by: Laurentiu Tudor
Reviewed-by: Horia Geanta
Reviewed-by: Bharat Bhushan
Reviewed-by: Prabhakar Kushwaha
07 May, 2018
1 commit
-
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.Signed-off-by: Tom Rini
10 Feb, 2018
1 commit
-
Extend the instantiate_rng() function and the corresponding CAAM job
descriptor to instantiate all RNG state handles. This moves the RNG
instantiation code in line with the CAAM kernel driver.Previously, only the first state handle was instantiated. The second
one was instantiated by the CAAM kernel driver. This works if the
kernel runs in secure mode, but fails in non-secure mode since the
kernel driver uses DEC0 directly instead of over the job ring
interface. Instantiating all RNG state handles in u-boot removes the
need for using DEC0 in the kernel driver, making it possible to use
the CAAM in non-secure mode.Signed-off-by: Lukas Auer
Tested-by: Bryan O'Donoghue
Reviewed-by: York Sun
08 Jan, 2018
1 commit
-
The blob_encap and blob_decap functions were not flushing the dcache
before passing data to CAAM/DMA and not invalidating the dcache when
getting data back.
Therefore, blob encapsulation and decapsulation failed with errors like
the following due to data cache incoherency:
"40000006: DECO: desc idx 0: Invalid KEY command"To ensure coherency, we require the key_mod, src and dst buffers to be
aligned to the cache line size and flush/invalidate the memory regions.
The same requirements apply to the job descriptor.Tested on an i.MX6Q board.
Reviewed-by: Sumit Garg
Signed-off-by: Clemens Gruber
05 Jan, 2017
1 commit
-
Use Kconfig option to set little- or big-endian access to secure
boot and trust architecture.Signed-off-by: York Sun
24 Nov, 2016
1 commit
-
Replace CONFIG_PPC_C29X with ARCH_C29X in Kconfig and clean up existing
macros.Signed-off-by: York Sun
18 May, 2016
1 commit
-
For SoCs that contain multiple SEC engines, each of them needs
to be initialized (by means of initializing among others the
random number generator).Signed-off-by: Alex Porosanu
Reviewed-by: York Sun
21 Feb, 2016
1 commit
-
Refactored data structure for CAAM's job ring and Secure Memory
to support i.MX7.The new memory map use macros to resolve SM's offset by version.
This will solve the versioning issue caused by the new version of
secure memory of i.MX7Signed-off-by: Ulises Cardenas
Reviewed-by: Stefano Babic
30 Oct, 2015
1 commit
-
The SEC driver code has been cleaned up to work for 64 bit
physical addresses and systems where endianess of SEC block
is different from the Core.
Changes:
1. Descriptor created on Core is modified as per SEC block
endianness before the job is submitted.
2. The read/write of physical addresses to Job Rings will
be depend on endianness of SEC block as 32 bit low and
high part of the 64 bit address will vary.
3. The 32 bit low and high part of the 64 bit address in
descriptor will vary depending on endianness of SEC.Signed-off-by: Aneesh Bansal
Reviewed-by: York Sun
13 Aug, 2015
1 commit
-
gpio.h - Added missing copyright in few files.
rsa-mod-exp.h - Corrected copyright in the file.
fsl_sec.h - Added missing license in files
drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ licenseSigned-off-by: Ruchika Gupta
04 Aug, 2015
3 commits
-
The sampling of the oscillator can be done in multiple modes for
generating the entropy value. By default, this is set to von
Neumann. This patch changes the sampling to raw data, since it
has been discovered that the generated entropy has a better
'quality'.Signed-off-by: Alex Porosanu
Acked-by: Ruchika Gupta
Reviewed-by: York Sun -
The entropy delay (the length in system clocks of each
entropy sample) for the RNG4 block of CAAM is dependent
on the frequency of the SoC. By elaborate methods, it
has been determined that a good starting value for all
platforms integrating the CAAM IP is 3200. Using a
higher value has additional benefit of speeding up
the process of instantiating the RNG, since the entropy
delay will be increased and instantiation of the RNG
state handles will be reattempted by the driver. If the
starting value is low, for certain platforms, this can
lead to a quite lengthy process.
This patch changes the starting value of the length of
the entropy sample to 3200 system clocks.
In addition to this change, the attempted entropy delay
values are now printed on the console upon initialization
of the RNG block.Signed-off-by: Alex Porosanu
Acked-by: Ruchika Gupta
Reviewed-by: York Sun -
The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the
oscillator, when SEC runs at its maximum frequency. For certain platforms
(f.i. T2080), the oscillator is very fast and thus if the SEC runs at
a lower than normal frequency, the ring oscillator is incorrectly detected
as being out of bounds.This patch effectively disables the maximum frequency check, by setting a
high enough maximum allowable frequency for the oscillator. The reasoning
behind this is that usually a broken oscillator will run too slow
(i.e. not run at all) rather than run too fast.Signed-off-by: Alex Porosanu
Acked-by: Ruchika Gupta
Reviewed-by: York Sun
05 Mar, 2015
1 commit
-
In 0200020 we added a number of tests for 'if
defined(CONFIG_SYS_FSL_SEC_LE) && !defined(CONFIG_MX6)' and
accidentally did one as 'ifdef defined...'Signed-off-by: Tom Rini
02 Mar, 2015
1 commit
-
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process, is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.Commands added
--------------
dek_blob - encapsulating DEK as a cryptgraphic blobCommands Syntax
---------------
dek_blob src dst lenEncapsulate and create blob of a len-bits DEK at
address src and store the result at address dst.Signed-off-by: Raul Cardenas
Signed-off-by: Nitin GargSigned-off-by: Ulises Cardenas
Signed-off-by: Ulises Cardenas-B45798
26 Feb, 2015
1 commit
-
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
Reviewed-by: Simon Glass
Reviewed-by: York Sun
17 Oct, 2014
4 commits
-
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.During decapsulation, the reverse process is performed to get back
the original data.Commands added
--------------
blob enc - encapsulating data as a cryptgraphic blob
blob dec - decapsulating cryptgraphic blob to get the dataCommands Syntax
---------------
blob enc src dst len kmEncapsulate and create blob of data $len bytes long
at address $src and store the result at address $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.blob dec src dst len km
Decapsulate the blob of data at address $src and
store result of $len byte at addr $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.Signed-off-by: Ruchika Gupta
Reviewed-by: York Sun -
SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to
enable initialization of this hardware IP.Signed-off-by: Ruchika Gupta
Reviewed-by: York Sun -
SEC registers can be of type Little Endian or big Endian depending upon
Freescale SoC. Here SoC defines the register type of SEC IP.So update acessor functions with common SEC acessor functions to take care
both type of endianness.Signed-off-by: Ruchika Gupta
Reviewed-by: York Sun -
Freescale SEC controller has been used for mpc8xxx. It will be used
for ARM-based SoC as well. This patch moves the CCSR defintion of
SEC to common includeSigned-off-by: Ruchika Gupta
Reviewed-by: York Sun