nv-tegra-mirror/linux-nv-oot
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nv-oot.git synced 2025-12-22 17:25:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

vse: crypto: Remove AES-ECB support

Browse Source 
Jira ESSS-1185

Change-Id: I9f0c9d8bb6e2816da2a826d3678dbbfc8bec2b2c
Signed-off-by: Advaya Andhare <aandhare@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3037693
(cherry picked from commit 035056a3e785251d03590f07fa30fae077a99cf0)
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3047736
Reviewed-by: Leo Chiu <lchiu@nvidia.com>
Reviewed-by: Nagaraj P N <nagarajp@nvidia.com>
Reviewed-by: Vipin Kumar <vipink@nvidia.com>
GVS: Gerrit_Virtual_Submit <buildbot_gerritrpt@nvidia.com>
This commit is contained in:
Advaya Andhare
2023-12-19 06:47:12 +00:00
committed by mobile promotions
parent e94216eeb9
commit df68c65bab
3 changed files with 4 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
drivers/crypto/tegra-hv-vse-safety.c
View File

@@ -554,9 +554,8 @@ enum tegra_virtual_se_op_mode {
}; };
enum tegra_virtual_se_aes_op_mode { enum tegra_virtual_se_aes_op_mode {
AES_CBC, AES_CBC = 0U,
AES_ECB, AES_CTR = 2U,
AES_CTR,
}; };
/* Security Engine request context */ /* Security Engine request context */
@@ -1865,8 +1864,6 @@ static void tegra_hv_vse_safety_prepare_cmd(struct tegra_virtual_se_dev *se_dev,
else else
aes->op.ivsel = AES_IV_REG; aes->op.ivsel = AES_IV_REG;
} }
else
aes->op.ivsel = AES_ORIGINAL_IV;
} }
} }
@@ -2144,54 +2141,6 @@ static int tegra_hv_vse_safety_aes_cbc_decrypt(struct skcipher_request *req)
return err; return err;
} }
static int tegra_hv_vse_safety_aes_ecb_encrypt(struct skcipher_request *req)
{
int err = 0;
struct tegra_virtual_se_aes_req_context *req_ctx = NULL;
struct tegra_virtual_se_aes_context *aes_ctx;
if (!req) {
pr_err("NULL req received by %s", __func__);
return -EINVAL;
}
aes_ctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(req));
req_ctx = skcipher_request_ctx(req);
req_ctx->encrypt = true;
req_ctx->op_mode = AES_ECB;
req_ctx->engine_id = g_crypto_to_ivc_map[aes_ctx->node_id].se_engine;
req_ctx->se_dev = g_virtual_se_dev[g_crypto_to_ivc_map[aes_ctx->node_id].se_engine];
err = tegra_hv_vse_safety_process_aes_req(req_ctx->se_dev, req);
if (err)
dev_err(req_ctx->se_dev->dev,
"%s failed with error %d\n", __func__, err);
return err;
}
static int tegra_hv_vse_safety_aes_ecb_decrypt(struct skcipher_request *req)
{
int err = 0;
struct tegra_virtual_se_aes_req_context *req_ctx = NULL;
struct tegra_virtual_se_aes_context *aes_ctx;
if (!req) {
pr_err("NULL req received by %s", __func__);
return -EINVAL;
}
aes_ctx = crypto_skcipher_ctx(crypto_skcipher_reqtfm(req));
req_ctx = skcipher_request_ctx(req);
req_ctx->encrypt = false;
req_ctx->op_mode = AES_ECB;
req_ctx->engine_id = g_crypto_to_ivc_map[aes_ctx->node_id].se_engine;
req_ctx->se_dev = g_virtual_se_dev[g_crypto_to_ivc_map[aes_ctx->node_id].se_engine];
err = tegra_hv_vse_safety_process_aes_req(req_ctx->se_dev, req);
if (err)
dev_err(req_ctx->se_dev->dev,
"%s failed with error %d\n", __func__, err);
return err;
}
static int tegra_hv_vse_safety_aes_ctr_encrypt(struct skcipher_request *req) static int tegra_hv_vse_safety_aes_ctr_encrypt(struct skcipher_request *req)
{ {
int err = 0; int err = 0;
@@ -4264,25 +4213,6 @@ static struct skcipher_alg aes_algs[] = {
.max_keysize = TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE, .max_keysize = TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE,
.ivsize = TEGRA_VIRTUAL_SE_AES_IV_SIZE, .ivsize = TEGRA_VIRTUAL_SE_AES_IV_SIZE,
}, },
{
.base.cra_name = "ecb-vse(aes)",
.base.cra_driver_name = "ecb-aes-tegra",
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER |
CRYPTO_ALG_ASYNC,
.base.cra_blocksize = TEGRA_VIRTUAL_SE_AES_BLOCK_SIZE,
.base.cra_ctxsize = HV_SAFETY_AES_CTX_SIZE,
.base.cra_alignmask = 0,
.base.cra_module = THIS_MODULE,
.init = tegra_hv_vse_safety_aes_cra_init,
.exit = tegra_hv_vse_safety_aes_cra_exit,
.setkey = tegra_hv_vse_safety_aes_setkey,
.encrypt = tegra_hv_vse_safety_aes_ecb_encrypt,
.decrypt = tegra_hv_vse_safety_aes_ecb_decrypt,
.min_keysize = TEGRA_VIRTUAL_SE_AES_MIN_KEY_SIZE,
.max_keysize = TEGRA_VIRTUAL_SE_AES_MAX_KEY_SIZE,
.ivsize = TEGRA_VIRTUAL_SE_AES_IV_SIZE,
},
{ {
.base.cra_name = "ctr-vse(aes)", .base.cra_name = "ctr-vse(aes)",
.base.cra_driver_name = "ctr-aes-tegra-safety", .base.cra_driver_name = "ctr-aes-tegra-safety",

4
drivers/crypto/tegra-nvvse-cryptodev.c
View File

@@ -1041,7 +1041,7 @@ static int tnvvse_crypto_aes_enc_dec(struct tnvvse_crypto_ctx *ctx,
int ret = 0; int ret = 0;
struct tnvvse_crypto_completion tcrypt_complete; struct tnvvse_crypto_completion tcrypt_complete;
struct tegra_virtual_se_aes_context *aes_ctx; struct tegra_virtual_se_aes_context *aes_ctx;
char aes_algo[5][15] = {"cbc-vse(aes)", "ecb-vse(aes)", "ctr-vse(aes)"}; char aes_algo[5][15] = {"cbc-vse(aes)", "ctr-vse(aes)"};
const char *driver_name; const char *driver_name;
char key_as_keyslot[AES_KEYSLOT_NAME_SIZE] = {0,}; char key_as_keyslot[AES_KEYSLOT_NAME_SIZE] = {0,};
uint8_t next_block_iv[TEGRA_NVVSE_AES_IV_LEN]; uint8_t next_block_iv[TEGRA_NVVSE_AES_IV_LEN];
@@ -1155,7 +1155,7 @@ static int tnvvse_crypto_aes_enc_dec(struct tnvvse_crypto_ctx *ctx,
} else { } else {
if (aes_enc_dec_ctl->aes_mode == TEGRA_NVVSE_AES_MODE_CTR) if (aes_enc_dec_ctl->aes_mode == TEGRA_NVVSE_AES_MODE_CTR)
memcpy(next_block_iv, ctx->intermediate_counter, TEGRA_NVVSE_AES_CTR_LEN); memcpy(next_block_iv, ctx->intermediate_counter, TEGRA_NVVSE_AES_CTR_LEN);
else //As ecb does not need IV, and CBC uses IV stored in SE server else //As CBC uses IV stored in SE server
memset(next_block_iv, 0, TEGRA_NVVSE_AES_IV_LEN); memset(next_block_iv, 0, TEGRA_NVVSE_AES_IV_LEN);
} }
pr_debug("%s(): %scryption\n", __func__, (aes_enc_dec_ctl->is_encryption ? "en" : "de")); pr_debug("%s(): %scryption\n", __func__, (aes_enc_dec_ctl->is_encryption ? "en" : "de"));

2
include/uapi/misc/tegra-nvvse-cryptodev.h
View File

@@ -71,8 +71,6 @@ enum tegra_nvvse_sha_type {
enum tegra_nvvse_aes_mode { enum tegra_nvvse_aes_mode {
/** Defines AES MODE CBC */ /** Defines AES MODE CBC */
TEGRA_NVVSE_AES_MODE_CBC = 0u, TEGRA_NVVSE_AES_MODE_CBC = 0u,
/** Defines AES MODE ECB */
TEGRA_NVVSE_AES_MODE_ECB,
/** Defines AES MODE CTR */ /** Defines AES MODE CTR */
TEGRA_NVVSE_AES_MODE_CTR, TEGRA_NVVSE_AES_MODE_CTR,
/** Defines AES MODE GCM */ /** Defines AES MODE GCM */