nv-tegra-mirror/linux-nv-oot
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nv-oot.git synced 2025-12-22 17:25:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

vse: sha: implement new sha_update API

Browse Source 
- Initialize lock per device node and take lock at the
  start of processing of each ioctl command. This is needed
  because there is only one set of IOVA buffers allocated
  during init per device node. Without lock it leads to
  race conditions when more than one app uses the same
  device node.
- Release tfm after each API call for both sha and hmac-sha
- Validate rng buffer size provided by user
- Support buf size up to HW supported limit for GCM-Dec req
  if tag verify is supported by HW.

Jira ESSS-1517
Bug 4881474

Change-Id: I338558656ac00b91750e74990bb47c5a35f31e08
Signed-off-by: Nagaraj P N <nagarajp@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3233377
Reviewed-by: Leo Chiu <lchiu@nvidia.com>
GVS: buildbot_gerritrpt <buildbot_gerritrpt@nvidia.com>
Reviewed-by: Sandeep Trasi <strasi@nvidia.com>
This commit is contained in:
Nagaraj P N
2024-10-16 21:24:21 +05:30
committed by Jon Hunter
parent 80c3e3003f
commit 74e8b62f72
4 changed files with 698 additions and 1259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1115
drivers/crypto/tegra-hv-vse-safety.c
View File

File diff suppressed because it is too large Load Diff

19
drivers/crypto/tegra-hv-vse.h
View File

@@ -166,13 +166,16 @@ struct tegra_virtual_se_sha_context {
/* Security Engine device */ /* Security Engine device */
struct tegra_virtual_se_dev *se_dev; struct tegra_virtual_se_dev *se_dev;
/* SHA operation mode */ /* SHA operation mode */
u32 op_mode; uint32_t mode;
u32 blk_size;
unsigned int digest_size; unsigned int digest_size;
u8 mode; uint8_t *intermediate_digest;
unsigned int intermediate_digest_size;
u64 total_count; /* Total bytes in all the requests */
bool is_first;
/*Crypto dev instance*/ /*Crypto dev instance*/
uint32_t node_id; uint32_t node_id;
const struct tegra_vse_dma_buf *plaintext; const struct tegra_vse_dma_buf *plaintext;
const struct tegra_vse_dma_buf *residual_plaintext;
const struct tegra_vse_dma_buf *hash_result; const struct tegra_vse_dma_buf *hash_result;
}; };
@@ -185,6 +188,8 @@ struct tegra_virtual_se_hmac_sha_context {
unsigned int digest_size; unsigned int digest_size;
/* Total bytes in all the requests */ /* Total bytes in all the requests */
u64 total_count; u64 total_count;
/* Represents first block */
bool is_first;
bool is_key_slot_allocated; bool is_key_slot_allocated;
/* Keyslot for HMAC-SHA request */ /* Keyslot for HMAC-SHA request */
u8 aes_keyslot[KEYSLOT_SIZE_BYTES]; u8 aes_keyslot[KEYSLOT_SIZE_BYTES];
@@ -199,15 +204,7 @@ struct tegra_virtual_se_hmac_sha_context {
struct tegra_virtual_se_req_context { struct tegra_virtual_se_req_context {
/* Security Engine device */ /* Security Engine device */
struct tegra_virtual_se_dev *se_dev; struct tegra_virtual_se_dev *se_dev;
unsigned int digest_size;
unsigned int intermediate_digest_size;
u8 mode; /* SHA operation mode */
u64 total_count; /* Total bytes in all the requests */
u32 residual_bytes; /* Residual byte count */
u32 blk_size; /* SHA block size */
bool is_first; /* Represents first block */
bool req_context_initialized; /* Mark initialization status */ bool req_context_initialized; /* Mark initialization status */
bool force_align; /* Enforce buffer alignment */
/*Crypto dev instance*/ /*Crypto dev instance*/
uint32_t node_id; uint32_t node_id;
}; };

774
drivers/crypto/tegra-nvvse-cryptodev.c
View File

File diff suppressed because it is too large Load Diff

49
include/uapi/misc/tegra-nvvse-cryptodev.h
View File

@@ -121,44 +121,31 @@ enum tegra_nvvse_cmac_type {
}; };
/** /**
* \brief Holds SHA Init Header Params * \brief Holds SHA Update Header Params
*/ */
struct tegra_nvvse_sha_init_ctl {
enum tegra_nvvse_sha_type sha_type;
uint32_t digest_size;
uint64_t total_msg_size;
};
#define NVVSE_IOCTL_CMDID_INIT_SHA _IOW(TEGRA_NVVSE_IOC_MAGIC, TEGRA_NVVSE_CMDID_INIT_SHA, \
struct tegra_nvvse_sha_init_ctl)
/**
* \brief Holds SHA Update Header Params
*/
struct tegra_nvvse_sha_update_ctl { struct tegra_nvvse_sha_update_ctl {
/** Holds the SHA request type */
enum tegra_nvvse_sha_type sha_type;
/** Specifies first request */
uint8_t is_first;
/** Specifies last request */
uint8_t is_last;
/** Specifies if only init is to be performed */
uint8_t init_only;
/** Specifies if context is to be reinitialized */
uint8_t do_reset;
/** Holds the pointer of the input buffer */ /** Holds the pointer of the input buffer */
char *in_buff; uint8_t *in_buff;
/** Holds the size of the input buffer */ /** Holds the size of the input buffer */
uint32_t input_buffer_size; uint32_t input_buffer_size;
/** Indicates the last chunk of the input message. 1 means last buffer /** Holds the pointer of the digest buffer */
* else not the last buffer uint8_t *digest_buffer;
*/ /** Holds the size of the digest buffer */
uint8_t last_buffer; uint32_t digest_size;
}; };
#define NVVSE_IOCTL_CMDID_UPDATE_SHA _IOW(TEGRA_NVVSE_IOC_MAGIC, TEGRA_NVVSE_CMDID_UPDATE_SHA, \ #define NVVSE_IOCTL_CMDID_UPDATE_SHA _IOW(TEGRA_NVVSE_IOC_MAGIC, TEGRA_NVVSE_CMDID_UPDATE_SHA, \
struct tegra_nvvse_sha_update_ctl) struct tegra_nvvse_sha_update_ctl)
/**
* \brief Holds SHA Final Header Params
*/
struct tegra_nvvse_sha_final_ctl {
/** Holds the pointer of the digest buffer */
uint8_t *digest_buffer;
/** Holds the size of the digest buffer */
uint32_t digest_size;
};
#define NVVSE_IOCTL_CMDID_FINAL_SHA _IOWR(TEGRA_NVVSE_IOC_MAGIC, TEGRA_NVVSE_CMDID_FINAL_SHA, \
struct tegra_nvvse_sha_final_ctl)
struct tegra_nvvse_hmac_sha_sv_ctl { struct tegra_nvvse_hmac_sha_sv_ctl {
/** [in] Holds the enum which indicates SHA mode */ /** [in] Holds the enum which indicates SHA mode */
enum tegra_nvvse_sha_type hmac_sha_mode; enum tegra_nvvse_sha_type hmac_sha_mode;