lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <ebe0c847-dd72-4145-b32e-774ea30ba183@pengutronix.de>
Date: Tue, 26 Nov 2024 07:48:06 +0100
From: Ahmad Fatoum <a.fatoum@...gutronix.de>
To: Gaurav Jain <gaurav.jain@....com>, Horia Geanta <horia.geanta@....com>,
 Pankaj Gupta <pankaj.gupta@....com>, Herbert Xu
 <herbert@...dor.apana.org.au>, "David S . Miller" <davem@...emloft.net>,
 Silvano Di Ninno <silvano.dininno@....com>, Varun Sethi <V.Sethi@....com>,
 Meenakshi Aggarwal <meenakshi.aggarwal@....com>,
 Sahil Malhotra <sahil.malhotra@....com>,
 Nikolaus Voss <nikolaus.voss@...g-streit.com>
Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
 Pengutronix Kernel Team <kernel@...gutronix.de>
Subject: Re: [PATCH v2] crypto: caam - use JobR's space to access page 0 regs

On 26.11.24 07:46, Gaurav Jain wrote:
> On iMX8DXL/QM/QXP(SECO) & iMX8ULP(ELE) SoCs, access to controller
> region(CAAM page 0) is not permitted from non secure world.
> use JobR's register space to access page 0 registers.
> 
> Fixes: 6a83830f649a ("crypto: caam - warn if blob_gen key is insecure")
> Signed-off-by: Gaurav Jain <gaurav.jain@....com>

Reviewed-by: Ahmad Fatoum <a.fatoum@...gutronix.de>

> ---
> 
> changes in v2
> Updated commit message with SoCs details on which CAAM page 0 is not
> accessible from non secure world.
> 
>  drivers/crypto/caam/blob_gen.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/caam/blob_gen.c b/drivers/crypto/caam/blob_gen.c
> index 87781c1534ee..079a22cc9f02 100644
> --- a/drivers/crypto/caam/blob_gen.c
> +++ b/drivers/crypto/caam/blob_gen.c
> @@ -2,6 +2,7 @@
>  /*
>   * Copyright (C) 2015 Pengutronix, Steffen Trumtrar <kernel@...gutronix.de>
>   * Copyright (C) 2021 Pengutronix, Ahmad Fatoum <kernel@...gutronix.de>
> + * Copyright 2024 NXP
>   */
>  
>  #define pr_fmt(fmt) "caam blob_gen: " fmt
> @@ -104,7 +105,7 @@ int caam_process_blob(struct caam_blob_priv *priv,
>  	}
>  
>  	ctrlpriv = dev_get_drvdata(jrdev->parent);
> -	moo = FIELD_GET(CSTA_MOO, rd_reg32(&ctrlpriv->ctrl->perfmon.status));
> +	moo = FIELD_GET(CSTA_MOO, rd_reg32(&ctrlpriv->jr[0]->perfmon.status));
>  	if (moo != CSTA_MOO_SECURE && moo != CSTA_MOO_TRUSTED)
>  		dev_warn(jrdev,
>  			 "using insecure test key, enable HAB to use unique device key!\n");


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ