return ret;
}
+int derive_blob_kek(u8 *bkek_buf, u8 *key_mod, u32 key_sz)
+{
+ int ret, size;
+ u32 *desc;
+
+ if (!IS_ALIGNED((uintptr_t)bkek_buf, ARCH_DMA_MINALIGN) ||
+ !IS_ALIGNED((uintptr_t)key_mod, ARCH_DMA_MINALIGN)) {
+ puts("Error: derive_bkek: Address arguments are not aligned!\n");
+ return -EINVAL;
+ }
+
+ printf("\nBlob key encryption key(bkek)\n");
+ desc = malloc_cache_aligned(sizeof(int) * MAX_CAAM_DESCSIZE);
+ if (!desc) {
+ printf("Not enough memory for descriptor allocation\n");
+ return -ENOMEM;
+ }
+
+ size = ALIGN(key_sz, ARCH_DMA_MINALIGN);
+ flush_dcache_range((unsigned long)key_mod, (unsigned long)key_mod + size);
+
+ /* construct blob key encryption key(bkek) derive descriptor */
+ inline_cnstr_jobdesc_derive_bkek(desc, bkek_buf, key_mod, key_sz);
+
+ size = ALIGN(sizeof(int) * MAX_CAAM_DESCSIZE, ARCH_DMA_MINALIGN);
+ flush_dcache_range((unsigned long)desc, (unsigned long)desc + size);
+ size = ALIGN(BKEK_SIZE, ARCH_DMA_MINALIGN);
+ flush_dcache_range((unsigned long)bkek_buf,
+ (unsigned long)bkek_buf + size);
+
+ /* run descriptor */
+ ret = run_descriptor_jr(desc);
+ if (ret < 0) {
+ printf("Error: derive_blob_kek failed 0x%x\n", ret);
+ } else {
+ invalidate_dcache_range((unsigned long)bkek_buf,
+ (unsigned long)bkek_buf + size);
+ puts("derive bkek successful.\n");
+ }
+
+ free(desc);
+ return ret;
+}
+
+int hwrng_generate(u8 *dst, u32 len)
+{
+ int ret, size;
+ u32 *desc;
+
+ if (!IS_ALIGNED((uintptr_t)dst, ARCH_DMA_MINALIGN)) {
+ puts("Error: caam_hwrng_test: Address arguments are not aligned!\n");
+ return -EINVAL;
+ }
+
+ printf("\nRNG generate\n");
+ desc = malloc_cache_aligned(sizeof(int) * MAX_CAAM_DESCSIZE);
+ if (!desc) {
+ printf("Not enough memory for descriptor allocation\n");
+ return -ENOMEM;
+ }
+
+ inline_cnstr_jobdesc_rng(desc, dst ,len);
+
+ size = ALIGN(sizeof(int) * MAX_CAAM_DESCSIZE, ARCH_DMA_MINALIGN);
+ flush_dcache_range((unsigned long)desc, (unsigned long)desc + size);
+ size = ALIGN(len, ARCH_DMA_MINALIGN);
+ flush_dcache_range((unsigned long)dst, (unsigned long)dst + size);
+
+ ret = run_descriptor_jr(desc);
+ if (ret < 0) {
+ printf("Error: RNG generate failed 0x%x\n", ret);
+ } else {
+ invalidate_dcache_range((unsigned long)dst,
+ (unsigned long)dst + size);
+ puts("RNG generation successful.\n");
+ }
+
+ free(desc);
+ return ret;
+}
+
#ifdef CONFIG_CMD_DEKBLOB
int blob_dek(const u8 *src, u8 *dst, u8 len)
{
append_store(desc, dma_addr_out, storelen,
LDST_CLASS_2_CCB | LDST_SRCDST_BYTE_CONTEXT);
}
-#ifndef CONFIG_SPL_BUILD
+
void inline_cnstr_jobdesc_blob_encap(uint32_t *desc, uint8_t *key_idnfr,
uint8_t *plain_txt, uint8_t *enc_blob,
uint32_t in_sz)
append_operation(desc, OP_TYPE_DECAP_PROTOCOL | OP_PCLID_BLOB);
}
-#endif
+
/*
* Descriptor to instantiate RNG State Handle 0 in normal mode and
* load the JDKEK, TDKEK and TDSK registers
append_fifo_store(desc, dma_addr_out, out_siz,
LDST_CLASS_1_CCB | FIFOST_TYPE_PKHA_B);
}
+
+void inline_cnstr_jobdesc_derive_bkek(uint32_t *desc, void *bkek_out, void *key_mod, uint32_t key_sz)
+{
+ dma_addr_t dma_key_mod = virt_to_phys(key_mod);
+ dma_addr_t dma_bkek_out = virt_to_phys(bkek_out);
+
+ init_job_desc(desc, 0);
+ append_load(desc, dma_key_mod, key_sz, LDST_CLASS_2_CCB |
+ LDST_SRCDST_BYTE_KEY);
+ append_seq_out_ptr_intlen(desc, dma_bkek_out, BKEK_SIZE, 0);
+ append_operation(desc, OP_TYPE_ENCAP_PROTOCOL | OP_PCLID_BLOB |
+ OP_PROTINFO_MKVB);
+}
projects / u-boot.git / commitdiff