lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <047bd869-675c-33de-d454-7773a711266d@amd.com>
Date:   Wed, 28 Jun 2017 12:47:07 -0500
From:   Tom Lendacky <thomas.lendacky@....com>
To:     Brijesh Singh <brijesh.singh@....com>,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     gary.hook@....com, herbert@...dor.apana.org.au, davem@...emloft.net
Subject: Re: [PATCH v2 2/3] crypto: ccp - Introduce the AMD Secure Processor
 device

On 6/23/2017 11:06 AM, Brijesh Singh wrote:
> The CCP device is part of the AMD Secure Processor. In order to expand
> the usage of the AMD Secure Processor, create a framework that allows
> functional components of the AMD Secure Processor to be initialized and
> handled appropriately.
> 
> Signed-off-by: Brijesh Singh <brijesh.singh@....com>
> ---
>   drivers/crypto/Kconfig            |  10 +--
>   drivers/crypto/ccp/Kconfig        |  43 +++++----
>   drivers/crypto/ccp/Makefile       |   6 +-
>   drivers/crypto/ccp/ccp-dev-v3.c   |   5 +-
>   drivers/crypto/ccp/ccp-dev-v5.c   |   5 +-
>   drivers/crypto/ccp/ccp-dev.c      | 106 +++++++++-------------
>   drivers/crypto/ccp/ccp-dev.h      |  21 +----
>   drivers/crypto/ccp/ccp-pci.c      |  81 +++++++++++------
>   drivers/crypto/ccp/ccp-platform.c |  70 ++++++++-------
>   drivers/crypto/ccp/sp-dev.c       | 180 ++++++++++++++++++++++++++++++++++++++
>   drivers/crypto/ccp/sp-dev.h       | 120 +++++++++++++++++++++++++
>   include/linux/ccp.h               |   3 +-
>   12 files changed, 475 insertions(+), 175 deletions(-)
>   create mode 100644 drivers/crypto/ccp/sp-dev.c
>   create mode 100644 drivers/crypto/ccp/sp-dev.h
> 
> diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
> index 0528a62..418f991 100644
> --- a/drivers/crypto/Kconfig
> +++ b/drivers/crypto/Kconfig
> @@ -512,14 +512,14 @@ config CRYPTO_DEV_ATMEL_SHA
>   	  To compile this driver as a module, choose M here: the module
>   	  will be called atmel-sha.
>   
> -config CRYPTO_DEV_CCP
> -	bool "Support for AMD Cryptographic Coprocessor"
> +config CRYPTO_DEV_SP
> +	bool "Support for AMD Secure Processor"
>   	depends on ((X86 && PCI) || (ARM64 && (OF_ADDRESS || ACPI))) && HAS_IOMEM
>   	help
> -	  The AMD Cryptographic Coprocessor provides hardware offload support
> -	  for encryption, hashing and related operations.
> +	  The AMD Secure Processor provides hardware offload support for memory
> +	  encryption in virtualization and cryptographic hashing and related operations.
>   
> -if CRYPTO_DEV_CCP
> +if CRYPTO_DEV_SP
>   	source "drivers/crypto/ccp/Kconfig"
>   endif
>   
> diff --git a/drivers/crypto/ccp/Kconfig b/drivers/crypto/ccp/Kconfig
> index 2238f77..bc08f03 100644
> --- a/drivers/crypto/ccp/Kconfig
> +++ b/drivers/crypto/ccp/Kconfig
> @@ -1,26 +1,37 @@
> -config CRYPTO_DEV_CCP_DD
> -	tristate "Cryptographic Coprocessor device driver"
> -	depends on CRYPTO_DEV_CCP
> -	default m
> -	select HW_RANDOM
> -	select DMA_ENGINE
> -	select DMADEVICES
> -	select CRYPTO_SHA1
> -	select CRYPTO_SHA256
> -	help
> -	  Provides the interface to use the AMD Cryptographic Coprocessor
> -	  which can be used to offload encryption operations such as SHA,
> -	  AES and more. If you choose 'M' here, this module will be called
> -	  ccp.
> -
>   config CRYPTO_DEV_CCP_CRYPTO
>   	tristate "Encryption and hashing offload support"
> -	depends on CRYPTO_DEV_CCP_DD
> +	depends on CRYPTO_DEV_SP_DD
>   	default m
>   	select CRYPTO_HASH
>   	select CRYPTO_BLKCIPHER
>   	select CRYPTO_AUTHENC
> +	select CRYPTO_DEV_CCP
>   	help
>   	  Support for using the cryptographic API with the AMD Cryptographic
>   	  Coprocessor. This module supports offload of SHA and AES algorithms.
>   	  If you choose 'M' here, this module will be called ccp_crypto.
> +
> +config CRYPTO_DEV_SP_DD
> +	tristate "Secure Processor device driver"
> +	depends on CRYPTO_DEV_SP
> +	default m
> +	help
> +	  Provides the interface to use the AMD Secure Processor. The
> +	  AMD Secure Processor support the Platform Security Processor (PSP)
> +	  and Cryptographic Coprocessor (CCP). If you choose 'M' here, this
> +	  module will be called ccp.
> +
> +if CRYPTO_DEV_SP_DD
> +config CRYPTO_DEV_CCP
> +	bool "Cryptographic Coprocessor interface"
> +	default y
> +	select HW_RANDOM
> +	select DMA_ENGINE
> +	select DMADEVICES
> +	select CRYPTO_SHA1
> +	select CRYPTO_SHA256
> +	help
> +	  Provides the interface to use the AMD Cryptographic Coprocessor
> +	  which can be used to offload encryption operations such as SHA,
> +	  AES and more.
> +endif

I think the Kconfig changes need to be looked at a bit closer. The
hierarchy of original version is changed and the number of entries
might be able to be reduced.

Thanks,
Tom

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ