1. 21 Feb, 2016 1 commit
  2. 29 Oct, 2015 1 commit
    • Aneesh Bansal's avatar
      crypto/fsl: SEC driver cleanup for 64 bit and endianness · f59e69cb
      Aneesh Bansal authored
      The SEC driver code has been cleaned up to work for 64 bit
      physical addresses and systems where endianess of SEC block
      is different from the Core.
      Changes:
      1. Descriptor created on Core is modified as per SEC block
         endianness before the job is submitted.
      2. The read/write of physical addresses to Job Rings will
         be depend on endianness of SEC block as 32 bit low and
         high part of the 64 bit address will vary.
      3. The 32 bit low and high part of the 64 bit address in
         descriptor will vary depending on endianness of SEC.
      Signed-off-by: default avatarAneesh Bansal <aneesh.bansal@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      f59e69cb
  3. 13 Aug, 2015 1 commit
  4. 03 Aug, 2015 3 commits
    • Alex Porosanu's avatar
      drivers/crypto/fsl: enable raw data instead of von Neumann data · c4065517
      Alex Porosanu authored
      The sampling of the oscillator can be done in multiple modes for
      generating the entropy value. By default, this is set to von
      Neumann. This patch changes the sampling to raw data, since it
      has been discovered that the generated entropy has a better
      'quality'.
      Signed-off-by: default avatarAlex Porosanu <alexandru.porosanu@freescale.com>
      Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      c4065517
    • Alex Porosanu's avatar
      drivers/crypto/fsl: change starting entropy delay value · 17649e1b
      Alex Porosanu authored
      The entropy delay (the length in system clocks of each
      entropy sample) for the RNG4 block of CAAM is dependent
      on the frequency of the SoC. By elaborate methods, it
      has been determined that a good starting value for all
      platforms integrating the CAAM IP is 3200. Using a
      higher value has additional benefit of  speeding up
      the process of instantiating the RNG, since the entropy
      delay will be increased and instantiation of the RNG
      state handles will be reattempted by the driver. If the
      starting value is low, for certain platforms, this can
      lead to a quite lengthy process.
      This patch changes the starting value of the length of
      the entropy sample to 3200 system clocks.
      In addition to this change, the attempted entropy delay
      values are now printed on the console upon initialization
      of the RNG block.
      Signed-off-by: default avatarAlex Porosanu <alexandru.porosanu@freescale.com>
      Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      17649e1b
    • Alex Porosanu's avatar
      drivers/crypto/fsl: disable RNG oscillator maximum frequency check · 026a3f1b
      Alex Porosanu authored
      The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the
      oscillator, when SEC runs at its maximum frequency. For certain platforms
      (f.i. T2080), the oscillator is very fast and thus if the SEC runs at
      a lower than normal frequency, the ring oscillator is incorrectly detected
      as being out of bounds.
      
      This patch effectively disables the maximum frequency check, by setting a
      high enough maximum allowable frequency for the oscillator. The reasoning
      behind this is that usually a broken oscillator will run too slow
      (i.e. not run at all) rather than run too fast.
      Signed-off-by: default avatarAlex Porosanu <alexandru.porosanu@freescale.com>
      Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      026a3f1b
  5. 05 Mar, 2015 1 commit
  6. 02 Mar, 2015 1 commit
    • Raul Cardenas's avatar
      imx6: Added DEK blob generator command · 0200020b
      Raul Cardenas authored
      Freescale's SEC block has built-in Data Encryption
      Key(DEK) Blob Protocol which provides a method for
      protecting a DEK for non-secure memory storage.
      SEC block protects data in a data structure called
      a Secret Key Blob, which provides both confidentiality
      and integrity protection.
      Every time the blob encapsulation is executed,
      a AES-256 key is randomly generated to encrypt the DEK.
      This key is encrypted with the OTP Secret key
      from SoC. The resulting blob consists of the encrypted
      AES-256 key, the encrypted DEK, and a 16-bit MAC.
      
      During decapsulation, the reverse process is performed
      to get back the original DEK. A caveat to the blob
      decapsulation process,  is that the DEK is decrypted
      in secure-memory and can only be read by FSL SEC HW.
      The DEK is used to decrypt data during encrypted boot.
      
      Commands added
      --------------
        dek_blob - encapsulating DEK as a cryptgraphic blob
      
      Commands Syntax
      ---------------
        dek_blob src dst len
      
          Encapsulate and create blob of a len-bits DEK at
          address src and store the result at address dst.
      Signed-off-by: default avatarRaul Cardenas <Ulises.Cardenas@freescale.com>
      Signed-off-by: default avatarNitin Garg <nitin.garg@freescale.com>
      Signed-off-by: default avatarUlises Cardenas <ulises.cardenas@freescale.com>
      Signed-off-by: default avatarUlises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
      0200020b
  7. 25 Feb, 2015 1 commit
  8. 16 Oct, 2014 4 commits
    • Ruchika Gupta's avatar
      crypto/fsl: Add command for encapsulating/decapsulating blobs · c5de15cb
      Ruchika Gupta authored
      Freescale's SEC block has built-in Blob Protocol which provides
      a method for protecting user-defined data across system power
      cycles. SEC block protects data in a data structure called a Blob,
      which provides both confidentiality and integrity protection.
      
      Encapsulating data as a blob
      Each time that the Blob Protocol is used to protect data, a
      different randomly generated key is used to encrypt the data.
      This random key is itself encrypted using a key which is derived
      from SoC's non volatile secret key and a 16 bit Key identifier.
      The resulting encrypted key along with encrypted data is called a blob.
      The non volatile secure key is available for use only during secure boot.
      
      During decapsulation, the reverse process is performed to get back
      the original data.
      
      Commands added
      --------------
          blob enc - encapsulating data as a cryptgraphic blob
          blob dec - decapsulating cryptgraphic blob to get the data
      
      Commands Syntax
      ---------------
      	blob enc src dst len km
      
      	Encapsulate and create blob of data $len bytes long
      	at address $src and store the result at address $dst.
      	$km is the 16 byte key modifier is also required for
      	generation/use as key for cryptographic operation. Key
      	modifier should be 16 byte long.
      
      	blob dec src dst len km
      
      	Decapsulate the  blob of data at address $src and
      	store result of $len byte at addr $dst.
      	$km is the 16 byte key modifier is also required for
      	generation/use as key for cryptographic operation. Key
      	modifier should be 16 byte long.
      Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      c5de15cb
    • Ruchika Gupta's avatar
      fsl_sec: Add hardware accelerated SHA256 and SHA1 · b9eebfad
      Ruchika Gupta authored
      SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
      The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
      The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to
      enable initialization of this hardware IP.
      Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      b9eebfad
    • Ruchika Gupta's avatar
      fsl_sec : Change accessor function to take care of endianness · 028dbb8d
      Ruchika Gupta authored
      SEC registers can be of type Little Endian or big Endian depending upon
      Freescale SoC. Here SoC defines the register type of SEC IP.
      
      So update acessor functions with common SEC acessor functions to take care
      both type of endianness.
      Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      028dbb8d
    • Ruchika Gupta's avatar
      fsl_sec : Move SEC CCSR definition to common include · 48ef0d2a
      Ruchika Gupta authored
      Freescale SEC controller has been used for mpc8xxx. It will be used
      for ARM-based SoC as well. This patch moves the CCSR defintion of
      SEC to common include
      Signed-off-by: default avatarRuchika Gupta <ruchika.gupta@freescale.com>
      Reviewed-by: default avatarYork Sun <yorksun@freescale.com>
      48ef0d2a