From: "Christoph G. Baumann" Subject: Re: [PATCH 2/3] ARM: mxs: crypto: Add Freescale MXS DCP driver Date: Mon, 7 Oct 2013 11:50:39 +0200 (CEST) Message-ID: <632804650.191291.1381139440065.open-xchange@email.1und1.de> References: <1380194306-5243-1-git-send-email-marex@denx.de> <201309261407.33923.marex@denx.de> <5245AC5B.80800@gmail.com> <201309280535.33672.marex@denx.de> Reply-To: "Christoph G. Baumann" Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: linux-crypto@vger.kernel.org, Herbert Xu , Shawn Guo , Fabio Estevam , "David S. Miller" , "linux-arm-kernel@lists.infradead.org" , Tobias Rauter To: Marek Vasut Return-path: Received: from moutng.kundenserver.de ([212.227.17.9]:53260 "EHLO moutng.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755237Ab3JGJu4 convert rfc822-to-8bit (ORCPT ); Mon, 7 Oct 2013 05:50:56 -0400 In-Reply-To: <201309280535.33672.marex@denx.de> Sender: linux-crypto-owner@vger.kernel.org List-ID: Hello Marek, >=C2=A0Marek=C2=A0Vasut=C2=A0=C2=A0hat=C2=A0am=C2=A028.=C2= =A0September=C2=A02013=C2=A0um=C2=A005:35=C2=A0geschrieben: > [...] >=C2=A0>=C2=A0>=C2=A03)=C2=A0What=C2=A0are=C2=A0those=C2=A0ugly=C2=A0ne= w=C2=A0IOCTLs=C2=A0in=C2=A0the=C2=A0dcp.c=C2=A0driver? >=C2=A0>=C2=A0 >=C2=A0>=C2=A0When=C2=A0I=C2=A0firstly=C2=A0posted=C2=A0the=C2=A0driver= =C2=A0in=C2=A0the=C2=A0mailinglist,=C2=A0there=C2=A0where=C2=A0one >=C2=A0>=C2=A0person=C2=A0who=C2=A0actually=C2=A0used=C2=A0this=C2=A0in= terface=C2=A0(it=C2=A0was=C2=A0introduced=C2=A0in >=C2=A0>=C2=A0Freescale's=C2=A0SDK)=C2=A0to=C2=A0use=C2=A0the=C2=A0OTP=C2= =A0keys=C2=A0for=C2=A0crypto.=C2=A0As=C2=A0far=C2=A0as=C2=A0I=C2=A0have >=C2=A0>=C2=A0seen,=C2=A0the=C2=A0crypto=C2=A0API=C2=A0does=C2=A0not=C2= =A0support=C2=A0such=C2=A0keys=C2=A0(i.e.=C2=A0there=C2=A0seems=C2=A0to >=C2=A0>=C2=A0be=C2=A0no=C2=A0way=C2=A0to=C2=A0tell=C2=A0a=C2=A0driver=C2= =A0to=C2=A0use=C2=A0some=C2=A0kind=C2=A0of=C2=A0special=C2=A0keys=C2=A0= -=C2=A0which >=C2=A0>=C2=A0are=C2=A0not=C2=A0delivered=C2=A0by=C2=A0the=C2=A0user=C2= =A0-=C2=A0via=C2=A0the=C2=A0API). >=C2=A0>=C2=A0Therefore=C2=A0I=C2=A0added=C2=A0this=C2=A0miscdevice=C2=A0= and=C2=A0adopted=C2=A0Freescale's=C2=A0interface. >=C2=A0 >=C2=A0The=C2=A0keys=C2=A0are=C2=A0programmed=C2=A0into=C2=A0the=C2=A0O= TP=C2=A0registers,=C2=A0correct?=C2=A0There=C2=A0is=C2=A0OCOTP=C2=A0dri= ver=C2=A0 >=C2=A0for=C2=A0the=C2=A0MX23/MX28=C2=A0OTP=C2=A0hardware.=C2=A0This=C2= =A0is=C2=A0what=C2=A0should=C2=A0have=C2=A0been=C2=A0used=C2=A0then. >=C2=A0 >=C2=A0NOTE:=C2=A0This=C2=A0IOCTL=C2=A0interface=C2=A0seems=C2=A0like=C2= =A0quite=C2=A0an=C2=A0abusive=C2=A0way=C2=A0to=C2=A0allow=C2=A0userland= =C2=A0to=C2=A0 >=C2=A0access=C2=A0the=C2=A0crypto=C2=A0API=C2=A0in=C2=A0kernel.=C2=A0I= =C2=A0understand=C2=A0this=C2=A0is=C2=A0used=C2=A0by=C2=A0some=C2=A0Fre= escale=C2=A0 >=C2=A0tool,=C2=A0but=C2=A0won't=C2=A0it=C2=A0be=C2=A0better=C2=A0to=C2= =A0fix=C2=A0the=C2=A0Freescale=C2=A0tool=C2=A0instead=C2=A0? the IOCTL interface is used to AES encrypt a bootstream with the AES ke= y in OCOTP. The idea is that only the DCP can read/access the key once it has been programmed into the OCOTP. If the crypto API has means to tell the DCP to use the = key from OCOTP, the tool from Freescale is a minor problem. Regards, Christoph