| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 21 Mar 2021 22:46:31 +0200
From: Horia Geantă <horia.geanta@....com>
To: Ahmad Fatoum <a.fatoum@...gutronix.de>,
Aymen Sghaier <aymen.sghaier@....com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
Cc: "kernel@...gutronix.de" <kernel@...gutronix.de>,
James Bottomley <jejb@...ux.ibm.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
David Howells <dhowells@...hat.com>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
Udit Agarwal <udit.agarwal@....com>,
Jan Luebbe <j.luebbe@...gutronix.de>,
David Gstir <david@...ma-star.at>,
Franck Lenormand <franck.lenormand@....com>,
Sumit Garg <sumit.garg@...aro.org>,
"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-security-module@...r.kernel.org"
<linux-security-module@...r.kernel.org>
Subject: Re: [PATCH v1 1/3] crypto: caam - add in-kernel interface for blob
generator
On 3/16/2021 7:01 PM, Ahmad Fatoum wrote:
> +int caam_encap_blob(struct caam_blob_priv *priv, const char *keymod,
> + void *input, void *output, size_t length)
> +{
> + u32 *desc;
> + struct device *jrdev = &priv->jrdev;
> + dma_addr_t dma_in, dma_out;
> + struct caam_blob_job_result testres;
> + size_t keymod_len = strlen(keymod);
> + int ret;
> +
> + if (length <= CAAM_BLOB_OVERHEAD)
> + return -EINVAL;
> +
> + desc = caam_blob_alloc_desc(keymod_len);
> + if (!desc) {
> + dev_err(jrdev, "unable to allocate desc\n");
> + return -ENOMEM;
> + }
> +
> + dma_in = dma_map_single(jrdev, input, length - CAAM_BLOB_OVERHEAD, DMA_TO_DEVICE);
> + if (dma_mapping_error(jrdev, dma_in)) {
> + dev_err(jrdev, "unable to map input DMA buffer\n");
> + ret = -ENOMEM;
> + goto out_free;
> + }
> +
> + dma_out = dma_map_single(jrdev, output, length, DMA_FROM_DEVICE);
> + if (dma_mapping_error(jrdev, dma_out)) {
> + dev_err(jrdev, "unable to map output DMA buffer\n");
> + ret = -ENOMEM;
> + goto out_unmap_in;
> + }
> +
> + /*
> + * A data blob is encrypted using a blob key (BK); a random number.
> + * The BK is used as an AES-CCM key. The initial block (B0) and the
> + * initial counter (Ctr0) are generated automatically and stored in
> + * Class 1 Context DWords 0+1+2+3. The random BK is stored in the
> + * Class 1 Key Register. Operation Mode is set to AES-CCM.
> + */
> +
> + init_job_desc(desc, 0);
> + append_key_as_imm(desc, keymod, keymod_len, keymod_len,
> + CLASS_2 | KEY_DEST_CLASS_REG);
> + append_seq_in_ptr(desc, dma_in, length - CAAM_BLOB_OVERHEAD, 0);
> + append_seq_out_ptr(desc, dma_out, length, 0);
In case length is known to be < 2^16, it's recommended to use instead
append_seq_in_ptr_intlen, append_seq_out_ptr_intlen.
> + append_operation(desc, OP_TYPE_ENCAP_PROTOCOL | OP_PCLID_BLOB);
> +
> + print_hex_dump_debug("data@"__stringify(__LINE__)": ",
> + DUMP_PREFIX_ADDRESS, 16, 1, input,
> + length - CAAM_BLOB_OVERHEAD, false);
> + print_hex_dump_debug("jobdesc@"__stringify(__LINE__)": ",
> + DUMP_PREFIX_ADDRESS, 16, 1, desc,
> + desc_bytes(desc), false);
> +
> + testres.err = 0;
> + init_completion(&testres.completion);
> +
> + ret = caam_jr_enqueue(jrdev, desc, caam_blob_job_done, &testres);
> + if (ret == -EINPROGRESS) {
> + wait_for_completion(&testres.completion);
> + ret = testres.err;
> + print_hex_dump_debug("output@"__stringify(__LINE__)": ",
> + DUMP_PREFIX_ADDRESS, 16, 1, output,
> + length, false);
> + }
> +
> + dma_unmap_single(jrdev, dma_out, length, DMA_FROM_DEVICE);
> +out_unmap_in:
> + dma_unmap_single(jrdev, dma_in, length - CAAM_BLOB_OVERHEAD, DMA_TO_DEVICE);
> +out_free:
> + kfree(desc);
> +
> + return ret;
> +}
> +EXPORT_SYMBOL(caam_encap_blob);
> +
[...]
> diff --git a/include/soc/fsl/caam-blob.h b/include/soc/fsl/caam-blob.h
> new file mode 100644
> index 000000000000..7eea0f543832
> --- /dev/null
> +++ b/include/soc/fsl/caam-blob.h
> @@ -0,0 +1,54 @@
> +/* SPDX-License-Identifier: GPL-2.0-only */
> +/*
> + * Copyright (C) 2020 Pengutronix, Ahmad Fatoum <kernel@...gutronix.de>
> + */
> +
> +#ifndef __CAAM_BLOB_GEN
> +#define __CAAM_BLOB_GEN
> +
> +#include <linux/types.h>
> +
> +#define CAAM_BLOB_KEYMOD_LENGTH 16
The define isn't used here or on patch 3/3.
> +#define CAAM_BLOB_OVERHEAD (32 + 16)
> +#define CAAM_BLOB_MAX_LEN 4096
> +
> +struct caam_blob_priv;
> +
> +/** caam_blob_gen_init - initialize blob generation
> + *
> + * returns either pointer to new caam_blob_priv instance
> + * or error pointer
> + */
> +struct caam_blob_priv *caam_blob_gen_init(void);
> +
> +/** caam_blob_gen_init - free blob generation resources
> + *
> + * @priv: instance returned by caam_blob_gen_init
> + */
> +void caam_blob_gen_exit(struct caam_blob_priv *priv);
> +
> +/** caam_encap_blob - encapsulate blob
> + *
> + * @priv: instance returned by caam_blob_gen_init
> + * @keymod: string to use as key modifier for blob encapsulation
> + * @input: buffer which CAAM will DMA from
> + * @output: buffer which CAAM will DMA to
Is it guaranteed that input, output can be DMA-mapped?
Horia
Powered by blists - more mailing lists