lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d08447fd-cac5-3082-9eb7-22e32a9dbea5@pengutronix.de>
Date:   Thu, 1 Dec 2022 09:18:55 +0100
From:   Ahmad Fatoum <a.fatoum@...gutronix.de>
To:     Nikolaus Voss <nikolaus.voss@...g-streit.com>,
        Horia Geanta <horia.geanta@....com>,
        Pankaj Gupta <pankaj.gupta@....com>,
        Gaurav Jain <gaurav.jain@....com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        David Gstir <david@...ma-star.at>,
        Steffen Trumtrar <s.trumtrar@...gutronix.de>,
        Nikolaus Voss <nv@...n.de>
Cc:     linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        Pengutronix Kernel Team <kernel@...gutronix.de>
Subject: Re: [PATCH v3] crypto: caam: blob_gen.c: warn if key is insecure

On 21.11.22 15:12, Nikolaus Voss wrote:
> If CAAM is not in "trusted" or "secure" state, a fixed non-volatile key
> is used instead of the unique device key. This is the default mode of
> operation without secure boot (HAB). In this scenario, CAAM encrypted
> blobs should be used only for testing but not in a production
> environment, so issue a warning.
> 
> Signed-off-by: Nikolaus Voss <nikolaus.voss@...g-streit.com>

Reviewed-by: Ahmad Fatoum <a.fatoum@...gutronix.de>

> 
> ---
> CHANGES
> =======
> v2: make warning more verbose, correct register, style fixes
> v3: fix sparse warning "dereference of noderef expression"
>     by using ioread32() to dereference iomem pointer
> 
>  drivers/crypto/caam/blob_gen.c | 9 +++++++++
>  drivers/crypto/caam/regs.h     | 3 +++
>  2 files changed, 12 insertions(+)
> 
> diff --git a/drivers/crypto/caam/blob_gen.c b/drivers/crypto/caam/blob_gen.c
> index 6345c7269eb03..1f65df4898478 100644
> --- a/drivers/crypto/caam/blob_gen.c
> +++ b/drivers/crypto/caam/blob_gen.c
> @@ -6,6 +6,7 @@
>  
>  #define pr_fmt(fmt) "caam blob_gen: " fmt
>  
> +#include <linux/bitfield.h>
>  #include <linux/device.h>
>  #include <soc/fsl/caam-blob.h>
>  
> @@ -61,12 +62,14 @@ static void caam_blob_job_done(struct device *dev, u32 *desc, u32 err, void *con
>  int caam_process_blob(struct caam_blob_priv *priv,
>  		      struct caam_blob_info *info, bool encap)
>  {
> +	const struct caam_drv_private *ctrlpriv;
>  	struct caam_blob_job_result testres;
>  	struct device *jrdev = &priv->jrdev;
>  	dma_addr_t dma_in, dma_out;
>  	int op = OP_PCLID_BLOB;
>  	size_t output_len;
>  	u32 *desc;
> +	u32 moo;
>  	int ret;
>  
>  	if (info->key_mod_len > CAAM_BLOB_KEYMOD_LENGTH)
> @@ -100,6 +103,12 @@ int caam_process_blob(struct caam_blob_priv *priv,
>  		goto out_unmap_in;
>  	}
>  
> +	ctrlpriv = dev_get_drvdata(jrdev->parent);
> +	moo = FIELD_GET(CSTA_MOO, ioread32(&ctrlpriv->ctrl->perfmon.status));
> +	if (moo != CSTA_MOO_SECURE && moo != CSTA_MOO_TRUSTED)
> +		dev_warn(jrdev,
> +			 "using insecure test key, enable HAB to use unique device key!\n");
> +
>  	/*
>  	 * A data blob is encrypted using a blob key (BK); a random number.
>  	 * The BK is used as an AES-CCM key. The initial block (B0) and the
> diff --git a/drivers/crypto/caam/regs.h b/drivers/crypto/caam/regs.h
> index 66d6dad841bb2..66928f8a0c4b1 100644
> --- a/drivers/crypto/caam/regs.h
> +++ b/drivers/crypto/caam/regs.h
> @@ -426,6 +426,9 @@ struct caam_perfmon {
>  	u32 rsvd2;
>  #define CSTA_PLEND		BIT(10)
>  #define CSTA_ALT_PLEND		BIT(18)
> +#define CSTA_MOO		GENMASK(9, 8)
> +#define CSTA_MOO_SECURE	1
> +#define CSTA_MOO_TRUSTED	2
>  	u32 status;		/* CSTA - CAAM Status */
>  	u64 rsvd3;
>  

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ