Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / dfaec76029f27ae6831babc0cdcf2816ee491f74^! / . / drivers / crypto / fsl / jobdesc.c
commitdfaec76029f27ae6831babc0cdcf2816ee491f74[log] [tgz]
authorLukas Auer <lukas.auer@aisec.fraunhofer.de>Thu Jan 25 14:11:17 2018 +0100
committerYork Sun <york.sun@nxp.com>Fri Feb 09 08:34:34 2018 -0800
treeaef79e6d053863156d99b82d2efeacaab7f7bace
parentc883f351e61f425f72d110375eaa80d5ecb5ee64 [diff] [blame]
crypto/fsl: instantiate all rng state handles

Extend the instantiate_rng() function and the corresponding CAAM job
descriptor to instantiate all RNG state handles. This moves the RNG
instantiation code in line with the CAAM kernel driver.

Previously, only the first state handle was instantiated. The second
one was instantiated by the CAAM kernel driver. This works if the
kernel runs in secure mode, but fails in non-secure mode since the
kernel driver uses DEC0 directly instead of over the job ring
interface. Instantiating all RNG state handles in u-boot removes the
need for using DEC0 in the kernel driver, making it possible to use
the CAAM in non-secure mode.

Signed-off-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Tested-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: York Sun <york.sun@nxp.com>

diff --git a/drivers/crypto/fsl/jobdesc.c b/drivers/crypto/fsl/jobdesc.c
index 375ff9d..aadf851 100644
--- a/drivers/crypto/fsl/jobdesc.c
+++ b/drivers/crypto/fsl/jobdesc.c

@@ -257,7 +257,7 @@
  * Descriptor to instantiate RNG State Handle 0 in normal mode and
  * load the JDKEK, TDKEK and TDSK registers
  */
-void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc)
+void inline_cnstr_jobdesc_rng_instantiation(uint32_t *desc, int handle)
 {
 	u32 *jump_cmd;
 
@@ -265,21 +265,24 @@
 
 	/* INIT RNG in non-test mode */
 	append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
-			 OP_ALG_AS_INIT);
+			(handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INIT);
 
-	/* wait for done */
-	jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
-	set_jump_tgt_here(desc, jump_cmd);
+	/* For SH0, Secure Keys must be generated as well */
+	if (handle == 0) {
+		/* wait for done */
+		jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
+		set_jump_tgt_here(desc, jump_cmd);
 
-	/*
-	 * load 1 to clear written reg:
-	 * resets the done interrrupt and returns the RNG to idle.
-	 */
-	append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
+		/*
+		 * load 1 to clear written reg:
+		 * resets the done interrupt and returns the RNG to idle.
+		 */
+		append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
 
-	/* generate secure keys (non-test) */
-	append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
-			 OP_ALG_RNG4_SK);
+		/* generate secure keys (non-test) */
+		append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
+				OP_ALG_RNG4_SK);
+	}
 }
 
 /* Change key size to bytes form bits in calling function*/