mirror of
git://nv-tegra.nvidia.com/linux-nv-oot.git
synced 2025-12-22 17:25:35 +03:00
nvidia-oot: Increase keyslot size to 16 bytes
syncing changes b/w nvidia and nvidia-oot repo Bug 3697677 Signed-off-by: Manish Bhardwaj <mbhardwaj@nvidia.com> Change-Id: I0faa4d3107de5d9430ca91b407903990254e3b49 Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/2872402 Reviewed-by: Suresh Venkatachalam <skathirampat@nvidia.com> Reviewed-by: Sandeep Trasi <strasi@nvidia.com> GVS: Gerrit_Virtual_Submit <buildbot_gerritrpt@nvidia.com>
This commit is contained in:
Manish Bhardwaj
committed by
mobile promotions
mobile promotions
parent
dd88969020
commit
a8830def61
@@ -249,7 +249,7 @@ struct tegra_virtual_se_addr {
|
||||
|
||||
union tegra_virtual_se_aes_args {
|
||||
struct keyiv {
|
||||
u32 slot;
|
||||
u8 slot[KEYSLOT_SIZE_BYTES];
|
||||
u32 length;
|
||||
u32 type;
|
||||
u8 data[32];
|
||||
@@ -257,7 +257,7 @@ union tegra_virtual_se_aes_args {
|
||||
u8 uiv[TEGRA_VIRTUAL_SE_AES_IV_SIZE];
|
||||
} key;
|
||||
struct aes_encdec {
|
||||
u32 keyslot;
|
||||
u8 keyslot[KEYSLOT_SIZE_BYTES];
|
||||
u32 mode;
|
||||
u32 ivsel;
|
||||
u8 lctr[TEGRA_VIRTUAL_SE_AES_LCTR_SIZE];
|
||||
@@ -267,7 +267,7 @@ union tegra_virtual_se_aes_args {
|
||||
u32 key_length;
|
||||
} op;
|
||||
struct aes_cmac_subkey_s {
|
||||
u32 keyslot;
|
||||
u8 keyslot[KEYSLOT_SIZE_BYTES];
|
||||
u32 key_length;
|
||||
} op_cmac_subkey_s;
|
||||
struct aes_gcm {
|
||||
@@ -276,7 +276,7 @@ union tegra_virtual_se_aes_args {
|
||||
* keyslot handle returned by TOS as part of load key operation.
|
||||
* It must be the first variable in the structure.
|
||||
*/
|
||||
uint32_t keyslot;
|
||||
uint8_t keyslot[KEYSLOT_SIZE_BYTES];
|
||||
|
||||
uint32_t dst_addr_lo;
|
||||
uint32_t dst_addr_hi;
|
||||
@@ -302,7 +302,7 @@ union tegra_virtual_se_aes_args {
|
||||
u8 expected_tag[TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE];
|
||||
} op_gcm;
|
||||
struct aes_cmac_s {
|
||||
u32 keyslot;
|
||||
u8 keyslot[KEYSLOT_SIZE_BYTES];
|
||||
u32 ivsel;
|
||||
u32 config;
|
||||
u32 lastblock_len;
|
||||
@@ -313,7 +313,7 @@ union tegra_virtual_se_aes_args {
|
||||
u32 key_length;
|
||||
} op_cmac_s;
|
||||
struct aes_cmac_sv {
|
||||
u32 keyslot;
|
||||
u8 keyslot[KEYSLOT_SIZE_BYTES];
|
||||
u32 config;
|
||||
u32 lastblock_len;
|
||||
u8 lastblock[TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE];
|
||||
@@ -342,7 +342,7 @@ struct tegra_virtual_tsec_args {
|
||||
/**
|
||||
* Keyslot index for keyslot containing TSEC key
|
||||
*/
|
||||
uint32_t keyslot;
|
||||
uint8_t keyslot[KEYSLOT_SIZE_BYTES];
|
||||
|
||||
/**
|
||||
* Size of input buffer in bytes.
|
||||
@@ -1529,7 +1529,7 @@ static void tegra_hv_vse_safety_prepare_cmd(struct tegra_virtual_se_dev *se_dev,
|
||||
else
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_DECRYPT;
|
||||
|
||||
aes->op.keyslot = aes_ctx->aes_keyslot;
|
||||
memcpy(aes->op.keyslot, aes_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
aes->op.key_length = aes_ctx->keylen;
|
||||
aes->op.mode = req_ctx->op_mode;
|
||||
aes->op.ivsel = AES_ORIGINAL_IV;
|
||||
@@ -1579,7 +1579,7 @@ static int tegra_hv_vse_safety_aes_gen_random_iv(
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_ENCRYPT_INIT;
|
||||
priv->cmd = VIRTUAL_SE_PROCESS;
|
||||
aes_ctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(req));
|
||||
aes->op.keyslot = aes_ctx->aes_keyslot;
|
||||
memcpy(aes->op.keyslot, aes_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
aes->op.key_length = aes_ctx->keylen;
|
||||
pivck = g_crypto_to_ivc_map[aes_ctx->node_id].ivck;
|
||||
|
||||
@@ -2037,7 +2037,7 @@ static int tegra_hv_vse_safety_cmac_op(struct ahash_request *req, bool is_last)
|
||||
ivc_hdr->engine = g_crypto_to_ivc_map[cmac_ctx->node_id].se_engine;
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_CMAC;
|
||||
|
||||
ivc_tx->aes.op_cmac_s.keyslot = cmac_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_cmac_s.keyslot, cmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_cmac_s.key_length = cmac_ctx->keylen;
|
||||
ivc_tx->aes.op_cmac_s.src_addr.hi = blocks_to_process * TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE;
|
||||
if (is_last == true)
|
||||
@@ -2150,7 +2150,7 @@ static int tegra_hv_vse_safety_tsec_sv_op(struct ahash_request *req)
|
||||
|
||||
ivc_tx->tsec.src_addr = src_buf_addr;
|
||||
ivc_tx->tsec.src_buf_size = req->nbytes;
|
||||
ivc_tx->tsec.keyslot = cmac_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->tsec.keyslot, cmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
|
||||
if (cmac_req_data->request_type == CMAC_SIGN) {
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_TSEC_SIGN;
|
||||
@@ -2329,7 +2329,7 @@ static int tegra_hv_vse_safety_cmac_sv_op(struct ahash_request *req, bool is_las
|
||||
else
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_CMAC_VERIFY;
|
||||
|
||||
ivc_tx->aes.op_cmac_sv.keyslot = cmac_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_cmac_sv.keyslot, cmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_cmac_sv.key_length = cmac_ctx->keylen;
|
||||
ivc_tx->aes.op_cmac_sv.src_addr.hi = blocks_to_process * TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE;
|
||||
ivc_tx->aes.op_cmac_sv.config = 0;
|
||||
@@ -2722,7 +2722,6 @@ static int tegra_hv_vse_safety_cmac_setkey(struct crypto_ahash *tfm, const u8 *k
|
||||
struct tegra_vse_tag *priv_data_ptr;
|
||||
int err = 0;
|
||||
s8 label[TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE];
|
||||
u32 slot;
|
||||
bool is_keyslot_label;
|
||||
|
||||
if (!ctx)
|
||||
@@ -2737,13 +2736,12 @@ static int tegra_hv_vse_safety_cmac_setkey(struct crypto_ahash *tfm, const u8 *k
|
||||
}
|
||||
|
||||
/* format: 'NVSEAES 1234567\0' */
|
||||
is_keyslot_label = strnlen(key, keylen) <= keylen &&
|
||||
sscanf(key, "%s %x", label, &slot) == 2 &&
|
||||
is_keyslot_label = sscanf(key, "%s", label) == 1 &&
|
||||
!strcmp(label, TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL);
|
||||
|
||||
if (is_keyslot_label) {
|
||||
ctx->keylen = keylen;
|
||||
ctx->aes_keyslot = (u32)slot;
|
||||
memcpy(ctx->aes_keyslot, key + KEYSLOT_OFFSET_BYTES, KEYSLOT_SIZE_BYTES);
|
||||
ctx->is_key_slot_allocated = true;
|
||||
} else {
|
||||
dev_err(se_dev->dev, "%s: Invalid keyslot label %s\n", __func__, key);
|
||||
@@ -2775,7 +2773,7 @@ static int tegra_hv_vse_safety_cmac_setkey(struct crypto_ahash *tfm, const u8 *k
|
||||
|
||||
ivc_hdr->engine = g_crypto_to_ivc_map[ctx->node_id].se_engine;
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_CMAC_GEN_SUBKEY;
|
||||
ivc_tx->aes.op_cmac_subkey_s.keyslot = ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_cmac_subkey_s.keyslot, ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_cmac_subkey_s.key_length = ctx->keylen;
|
||||
priv_data_ptr =
|
||||
(struct tegra_vse_tag *)ivc_req_msg->ivc_hdr.tag;
|
||||
@@ -2818,7 +2816,6 @@ static int tegra_hv_vse_safety_aes_setkey(struct crypto_skcipher *tfm,
|
||||
struct tegra_virtual_se_aes_context *ctx = crypto_skcipher_ctx(tfm);
|
||||
struct tegra_virtual_se_dev *se_dev;
|
||||
s8 label[TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE];
|
||||
u32 slot;
|
||||
int err = 0;
|
||||
bool is_keyslot_label;
|
||||
|
||||
@@ -2833,13 +2830,12 @@ static int tegra_hv_vse_safety_aes_setkey(struct crypto_skcipher *tfm,
|
||||
}
|
||||
|
||||
/* format: 'NVSEAES 1234567\0' */
|
||||
is_keyslot_label = strnlen(key, keylen) <= keylen &&
|
||||
sscanf(key, "%s %x", label, &slot) == 2 &&
|
||||
is_keyslot_label = sscanf(key, "%s", label) == 1 &&
|
||||
!strcmp(label, TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL);
|
||||
|
||||
if (is_keyslot_label) {
|
||||
ctx->keylen = keylen;
|
||||
ctx->aes_keyslot = (u32)slot;
|
||||
memcpy(ctx->aes_keyslot, key + KEYSLOT_OFFSET_BYTES, KEYSLOT_SIZE_BYTES);
|
||||
ctx->is_key_slot_allocated = true;
|
||||
} else {
|
||||
dev_err(se_dev->dev, "%s: Invalid keyslot label %s", __func__, key);
|
||||
@@ -2983,7 +2979,6 @@ static int tegra_vse_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
|
||||
struct tegra_virtual_se_aes_context *ctx = crypto_aead_ctx(tfm);
|
||||
struct tegra_virtual_se_dev *se_dev;
|
||||
s8 label[TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE];
|
||||
u32 slot;
|
||||
int err = 0;
|
||||
bool is_keyslot_label;
|
||||
|
||||
@@ -2998,13 +2993,12 @@ static int tegra_vse_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
|
||||
}
|
||||
|
||||
/* format: 'NVSEAES 1234567\0' */
|
||||
is_keyslot_label = strnlen(key, keylen) <= keylen &&
|
||||
sscanf(key, "%s %x", label, &slot) == 2 &&
|
||||
is_keyslot_label = sscanf(key, "%s", label) == 1 &&
|
||||
!strcmp(label, TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL);
|
||||
|
||||
if (is_keyslot_label) {
|
||||
ctx->keylen = keylen;
|
||||
ctx->aes_keyslot = (u32)slot;
|
||||
memcpy(ctx->aes_keyslot, key + KEYSLOT_OFFSET_BYTES, KEYSLOT_SIZE_BYTES);
|
||||
ctx->is_key_slot_allocated = true;
|
||||
} else {
|
||||
dev_err(se_dev->dev, "%s: Invalid keyslot label %s\n", __func__, key);
|
||||
@@ -3208,7 +3202,7 @@ static int tegra_vse_aes_gcm_enc_dec(struct aead_request *req, bool encrypt)
|
||||
|
||||
g_crypto_to_ivc_map[aes_ctx->node_id].vse_thread_start = true;
|
||||
|
||||
ivc_tx->aes.op_gcm.keyslot = aes_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_gcm.keyslot, aes_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_gcm.key_length = aes_ctx->keylen;
|
||||
|
||||
if (encrypt) {
|
||||
@@ -3434,7 +3428,6 @@ static int tegra_hv_vse_aes_gmac_setkey(struct crypto_ahash *tfm, const u8 *key,
|
||||
struct tegra_virtual_se_aes_gmac_context *ctx = crypto_ahash_ctx(tfm);
|
||||
struct tegra_virtual_se_dev *se_dev;
|
||||
s8 label[TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL_SIZE];
|
||||
u32 slot;
|
||||
int err = 0;
|
||||
bool is_keyslot_label;
|
||||
|
||||
@@ -3453,15 +3446,12 @@ static int tegra_hv_vse_aes_gmac_setkey(struct crypto_ahash *tfm, const u8 *key,
|
||||
}
|
||||
|
||||
/* format: 'NVSEAES 1234567\0' */
|
||||
is_keyslot_label =
|
||||
(strnlen(key, TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL_SIZE)
|
||||
<= TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL_SIZE) &&
|
||||
(sscanf(key, "%s %x", label, &slot) == 2) &&
|
||||
is_keyslot_label = sscanf(key, "%s", label) == 1 &&
|
||||
(!strcmp(label, TEGRA_VIRTUAL_SE_AES_KEYSLOT_LABEL));
|
||||
|
||||
if (is_keyslot_label) {
|
||||
ctx->keylen = keylen;
|
||||
ctx->aes_keyslot = (u32)slot;
|
||||
memcpy(ctx->aes_keyslot, key + KEYSLOT_OFFSET_BYTES, KEYSLOT_SIZE_BYTES);
|
||||
ctx->is_key_slot_allocated = true;
|
||||
} else {
|
||||
dev_err(se_dev->dev,
|
||||
@@ -3560,7 +3550,7 @@ static int tegra_hv_vse_aes_gmac_sv_init(struct ahash_request *req)
|
||||
priv->se_dev = se_dev;
|
||||
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_GMAC_CMD_INIT;
|
||||
ivc_tx->aes.op_gcm.keyslot = gmac_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_gcm.keyslot, gmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_gcm.key_length = gmac_ctx->keylen;
|
||||
|
||||
g_crypto_to_ivc_map[gmac_ctx->node_id].vse_thread_start = true;
|
||||
@@ -3720,7 +3710,7 @@ static int tegra_hv_vse_aes_gmac_sv_op(struct ahash_request *req, bool is_last)
|
||||
else
|
||||
ivc_tx->cmd = TEGRA_VIRTUAL_SE_CMD_AES_GMAC_CMD_VERIFY;
|
||||
|
||||
ivc_tx->aes.op_gcm.keyslot = gmac_ctx->aes_keyslot;
|
||||
memcpy(ivc_tx->aes.op_gcm.keyslot, gmac_ctx->aes_keyslot, KEYSLOT_SIZE_BYTES);
|
||||
ivc_tx->aes.op_gcm.key_length = gmac_ctx->keylen;
|
||||
ivc_tx->aes.op_gcm.aad_addr_hi = req->nbytes;
|
||||
ivc_tx->aes.op_gcm.aad_addr_lo = (u32)(aad_buf_addr & U32_MAX);
|
||||
|
||||
@@ -6,6 +6,9 @@
|
||||
#ifndef __TEGRA_HV_VSE_H
|
||||
#define __TEGRA_HV_VSE_H
|
||||
|
||||
#define KEYSLOT_SIZE_BYTES 16
|
||||
#define KEYSLOT_OFFSET_BYTES 8
|
||||
|
||||
struct tegra_vse_soc_info {
|
||||
bool cmac_hw_padding_supported;
|
||||
bool gcm_decrypt_supported;
|
||||
@@ -66,7 +69,7 @@ struct tegra_virtual_se_aes_context {
|
||||
struct tegra_virtual_se_dev *se_dev;
|
||||
struct skcipher_request *req;
|
||||
/* Security Engine key slot */
|
||||
u32 aes_keyslot;
|
||||
u8 aes_keyslot[KEYSLOT_SIZE_BYTES];
|
||||
/* key length in bytes */
|
||||
u32 keylen;
|
||||
/* AES operation mode */
|
||||
@@ -88,7 +91,7 @@ struct tegra_virtual_se_aes_cmac_context {
|
||||
dma_addr_t hash_result_addr; /* Intermediate hash result dma addr */
|
||||
bool is_first; /* Represents first block */
|
||||
bool req_context_initialized; /* Mark initialization status */
|
||||
u32 aes_keyslot;
|
||||
u8 aes_keyslot[KEYSLOT_SIZE_BYTES];
|
||||
/* key length in bits */
|
||||
u32 keylen;
|
||||
bool is_key_slot_allocated;
|
||||
@@ -102,7 +105,7 @@ struct tegra_virtual_se_aes_gmac_context {
|
||||
u32 authsize;
|
||||
/* Mark initialization status */
|
||||
bool req_context_initialized;
|
||||
u32 aes_keyslot;
|
||||
u8 aes_keyslot[KEYSLOT_SIZE_BYTES];
|
||||
/* key length in bits */
|
||||
u32 keylen;
|
||||
bool is_key_slot_allocated;
|
||||
|
||||
@@ -480,14 +480,9 @@ static int tnvvtsec_crypto_aes_cmac_sign_verify(struct tnvvse_crypto_ctx *ctx,
|
||||
priv_data.request_type = CMAC_SIGN;
|
||||
else
|
||||
priv_data.request_type = CMAC_VERIFY;
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x",
|
||||
aes_cmac_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while setting key for cmac-tsec(aes): %d\n",
|
||||
__func__, ret);
|
||||
ret = -EINVAL;
|
||||
goto free_req;
|
||||
}
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, aes_cmac_ctl->key_slot, KEYSLOT_SIZE_BYTES);
|
||||
|
||||
req->priv = &priv_data;
|
||||
priv_data.result = 0;
|
||||
@@ -629,14 +624,9 @@ static int tnvvse_crypto_aes_cmac_sign_verify(struct tnvvse_crypto_ctx *ctx,
|
||||
priv_data.request_type = CMAC_SIGN;
|
||||
else
|
||||
priv_data.request_type = CMAC_VERIFY;
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x",
|
||||
aes_cmac_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while setting key for cmac-vse(aes): %d\n",
|
||||
__func__, ret);
|
||||
ret = -EINVAL;
|
||||
goto free_xbuf;
|
||||
}
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, aes_cmac_ctl->key_slot, KEYSLOT_SIZE_BYTES);
|
||||
|
||||
req->priv = &priv_data;
|
||||
priv_data.result = 0;
|
||||
@@ -761,13 +751,8 @@ static int tnvvse_crypto_aes_gmac_init(struct tnvvse_crypto_ctx *ctx,
|
||||
init_completion(&sha_state->sha_complete.restart);
|
||||
sha_state->sha_complete.req_err = 0;
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x", gmac_init_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while setting key for gmac-vse(aes): %d\n",
|
||||
__func__, ret);
|
||||
ret = -EINVAL;
|
||||
goto free_req;
|
||||
}
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, gmac_init_ctl->key_slot, KEYSLOT_SIZE_BYTES);
|
||||
|
||||
klen = gmac_init_ctl->key_length;
|
||||
ret = crypto_ahash_setkey(tfm, key_as_keyslot, klen);
|
||||
@@ -845,14 +830,9 @@ static int tnvvse_crypto_aes_gmac_sign_verify_init(struct tnvvse_crypto_ctx *ctx
|
||||
init_completion(&sha_state->sha_complete.restart);
|
||||
sha_state->sha_complete.req_err = 0;
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x",
|
||||
gmac_sign_verify_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while setting key for gmac-vse(aes): %d\n",
|
||||
__func__, ret);
|
||||
ret = -EINVAL;
|
||||
goto free_xbuf;
|
||||
}
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, gmac_sign_verify_ctl->key_slot,
|
||||
KEYSLOT_SIZE_BYTES);
|
||||
|
||||
klen = gmac_sign_verify_ctl->key_length;
|
||||
ret = crypto_ahash_setkey(tfm, key_as_keyslot, klen);
|
||||
@@ -1040,7 +1020,6 @@ static int tnvvse_crypto_aes_enc_dec(struct tnvvse_crypto_ctx *ctx,
|
||||
char aes_algo[5][15] = {"cbc-vse(aes)", "ecb-vse(aes)", "ctr-vse(aes)"};
|
||||
const char *driver_name;
|
||||
char key_as_keyslot[AES_KEYSLOT_NAME_SIZE] = {0,};
|
||||
int klen;
|
||||
char *pbuf;
|
||||
uint8_t next_block_iv[TEGRA_NVVSE_AES_IV_LEN];
|
||||
bool first_loop = true;
|
||||
@@ -1093,22 +1072,10 @@ static int tnvvse_crypto_aes_enc_dec(struct tnvvse_crypto_ctx *ctx,
|
||||
|
||||
crypto_skcipher_clear_flags(tfm, ~0);
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x",
|
||||
aes_enc_dec_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while preparing key for %s: %d\n",
|
||||
__func__, aes_algo[aes_enc_dec_ctl->aes_mode], ret);
|
||||
ret = -EINVAL;
|
||||
goto free_req;
|
||||
}
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, aes_enc_dec_ctl->key_slot,
|
||||
KEYSLOT_SIZE_BYTES);
|
||||
|
||||
klen = strlen(key_as_keyslot);
|
||||
if (klen != 16) {
|
||||
pr_err("%s(): key length is invalid, length %d, key %s\n", __func__, klen,
|
||||
key_as_keyslot);
|
||||
ret = -EINVAL;
|
||||
goto free_req;
|
||||
}
|
||||
/* Null key is only allowed in SE driver */
|
||||
if (!strstr(driver_name, "tegra")) {
|
||||
ret = -EINVAL;
|
||||
@@ -1373,14 +1340,9 @@ static int tnvvse_crypto_aes_enc_dec_gcm(struct tnvvse_crypto_ctx *ctx,
|
||||
|
||||
crypto_aead_clear_flags(tfm, ~0);
|
||||
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES %x",
|
||||
aes_enc_dec_ctl->key_slot);
|
||||
if (ret >= AES_KEYSLOT_NAME_SIZE) {
|
||||
pr_err("%s(): Buffer overflow while preparing key for gcm(aes): %d\n",
|
||||
__func__, ret);
|
||||
ret = -EINVAL;
|
||||
goto free_req;
|
||||
}
|
||||
ret = snprintf(key_as_keyslot, AES_KEYSLOT_NAME_SIZE, "NVSEAES ");
|
||||
memcpy(key_as_keyslot + KEYSLOT_OFFSET_BYTES, aes_enc_dec_ctl->key_slot,
|
||||
KEYSLOT_SIZE_BYTES);
|
||||
|
||||
ret = crypto_aead_setkey(tfm, key_as_keyslot, aes_enc_dec_ctl->key_length);
|
||||
if (ret < 0) {
|
||||
|
||||
@@ -9,6 +9,7 @@
|
||||
|
||||
#include <asm-generic/ioctl.h>
|
||||
|
||||
#define KEYSLOT_SIZE_BYTES 16
|
||||
#define TEGRA_NVVSE_IOC_MAGIC 0x98
|
||||
#define MAX_NUMBER_MISC_DEVICES 46U
|
||||
|
||||
@@ -151,7 +152,7 @@ struct tegra_nvvse_aes_enc_dec_ctl {
|
||||
* '0' value indicates First call and Non zero value indicates it is not the first call */
|
||||
uint8_t is_non_first_call;
|
||||
/** [in] Holds a keyslot number */
|
||||
uint32_t key_slot;
|
||||
uint8_t key_slot[KEYSLOT_SIZE_BYTES];
|
||||
/** [in] Holds the Key length */
|
||||
/** Supported keylengths are 16 and 32 bytes */
|
||||
uint8_t key_length;
|
||||
@@ -227,7 +228,7 @@ struct tegra_nvvse_aes_enc_dec_ctl {
|
||||
*/
|
||||
struct tegra_nvvse_aes_gmac_init_ctl {
|
||||
/** [in] Holds a keyslot number */
|
||||
uint32_t key_slot;
|
||||
uint8_t key_slot[KEYSLOT_SIZE_BYTES];
|
||||
/** [in] Holds the Key length */
|
||||
/** Supported keylengths are 16 and 32 bytes */
|
||||
uint8_t key_length;
|
||||
@@ -257,7 +258,7 @@ struct tegra_nvvse_aes_gmac_sign_verify_ctl {
|
||||
*/
|
||||
uint8_t is_last;
|
||||
/** [in] Holds a keyslot handle which is used for GMAC operation */
|
||||
uint32_t key_slot;
|
||||
uint8_t key_slot[KEYSLOT_SIZE_BYTES];
|
||||
/** [in] Holds the Key length
|
||||
* Supported keylength is only 16 bytes and 32 bytes
|
||||
*/
|
||||
@@ -321,7 +322,7 @@ struct tegra_nvvse_aes_cmac_sign_verify_ctl {
|
||||
*/
|
||||
uint8_t is_last;
|
||||
/** [in] Holds a keyslot handle which is used for CMAC operation */
|
||||
uint32_t key_slot;
|
||||
uint8_t key_slot[KEYSLOT_SIZE_BYTES];
|
||||
/** [in] Holds the Key length
|
||||
* Supported keylength is only 16 bytes and 32 bytes
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user