mirror of
https://github.com/torvalds/linux.git
synced 2024-11-29 15:41:36 +00:00
007c3ff11f
The NXP Cryptographic Acceleration and Assurance Module (CAAM) can be used to protect user-defined data across system reboot: - When the system is fused and boots into secure state, the master key is a unique never-disclosed device-specific key - random key is encrypted by key derived from master key - data is encrypted using the random key - encrypted data and its encrypted random key are stored alongside - This blob can now be safely stored in non-volatile memory On next power-on: - blob is loaded into CAAM - CAAM writes decrypted data either into memory or key register Add functions to realize encrypting and decrypting into memory alongside the CAAM driver. They will be used in a later commit as a source for the trusted key seal/unseal mechanism. Reviewed-by: David Gstir <david@sigma-star.at> Reviewed-by: Pankaj Gupta <pankaj.gupta@nxp.com> Tested-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com> Tested-by: Pankaj Gupta <pankaj.gupta@nxp.com> Tested-by: Michael Walle <michael@walle.cc> # on ls1028a (non-E and E) Tested-by: John Ernberg <john.ernberg@actia.se> # iMX8QXP Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> |
||
---|---|---|
.. | ||
blob_gen.c | ||
caamalg_desc.c | ||
caamalg_desc.h | ||
caamalg_qi2.c | ||
caamalg_qi2.h | ||
caamalg_qi.c | ||
caamalg.c | ||
caamhash_desc.c | ||
caamhash_desc.h | ||
caamhash.c | ||
caampkc.c | ||
caampkc.h | ||
caamrng.c | ||
compat.h | ||
ctrl.c | ||
ctrl.h | ||
debugfs.c | ||
debugfs.h | ||
desc_constr.h | ||
desc.h | ||
dpseci_cmd.h | ||
dpseci-debugfs.c | ||
dpseci-debugfs.h | ||
dpseci.c | ||
dpseci.h | ||
error.c | ||
error.h | ||
intern.h | ||
jr.c | ||
jr.h | ||
Kconfig | ||
key_gen.c | ||
key_gen.h | ||
Makefile | ||
pdb.h | ||
pkc_desc.c | ||
qi.c | ||
qi.h | ||
regs.h | ||
sg_sw_qm2.h | ||
sg_sw_qm.h | ||
sg_sw_sec4.h |