Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp3248654ybi; Tue, 2 Jul 2019 04:40:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqyaVhmQ+oKtMK4nN6v5PW1Q564JUnO8yZrk6fMneVlQ6Dzjg9k+VzuCCq0EhkcMlbtYV8MS X-Received: by 2002:a17:90a:9f08:: with SMTP id n8mr5202637pjp.102.1562067615187; Tue, 02 Jul 2019 04:40:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562067615; cv=none; d=google.com; s=arc-20160816; b=ySwUMCcYexjl/Ytaehn/tLnnfyZBNoOpP4SiOsowNf1t+W9ghpp84ouaeYEl8lWlZY CZg/0E8wVZ+JiOmXzB+YJdqaqdzfJthWgdtQlcPysMQzpyfXtZGj95j2HLQdq0whf6qf 5Par6hTDAboWredHXWxRQ/kQO1E0QloKlxDK6OKO36Su9RamVV1ylfpXwGP5XD/Mcw1b XmlpQXCES3AR5MxFr5R9Cihe0y4UFh5JZH4VmgtsY5YzNCn8mFarh1iHspQKdC4/jSIJ n0y3LrhaKjN2N677UmfXW+t96pC0/xHY/2oUwStWuodrs46G0n1bKrjKim/MaxXzvsJM DAKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=laAhE0tJsSCXwXDR47aYBVn0xVZsCR1pUCFL8CUiI+I=; b=u5j6eUU4G5+7cT2RbIRJgmEUjlBCk/2d8sdtAGvwSuLLhZMEx3Dj7p81gHTrJpl/jz PuW7jhpg6QUeBI4MdndZF2bYvs24Qw5gxNxwQ74zkRVRZCbrKZTN8MVoW/yTt/4fAEx4 xaFnKNT/8as0AMZ31ykkV0hOoTMUp3fk1K1OkwbELwrVi6hncKsJsoyYmdHpSHj7TODC TXDuQmyh1GEa6gZEeRm+wBWmaHahSnq8P2O+zaSU8zq41O3E/uMmJHS5VfStzHA5JKET XlisGYSYfnWWCyhb8lpAT7tDz/rcMTF8GxqDiC375uWJgiJ1CfHLEYNFXQywCmuEKj+f 9lYA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j25si13343407pfr.11.2019.07.02.04.40.01; Tue, 02 Jul 2019 04:40:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727002AbfGBLjo (ORCPT + 99 others); Tue, 2 Jul 2019 07:39:44 -0400 Received: from foss.arm.com ([217.140.110.172]:48126 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726917AbfGBLjn (ORCPT ); Tue, 2 Jul 2019 07:39:43 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 71EA5344; Tue, 2 Jul 2019 04:39:42 -0700 (PDT) Received: from e110176-lin.kfn.arm.com (unknown [10.50.4.178]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 38B113F246; Tue, 2 Jul 2019 04:39:41 -0700 (PDT) From: Gilad Ben-Yossef To: Herbert Xu , "David S. Miller" Cc: Ofir Drang , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 4/4] crypto: ccree: notify TEE on FIPS tests errors Date: Tue, 2 Jul 2019 14:39:21 +0300 Message-Id: <20190702113922.24911-5-gilad@benyossef.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190702113922.24911-1-gilad@benyossef.com> References: <20190702113922.24911-1-gilad@benyossef.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Register a FIPS test failure notifier and use it to notify TEE side of FIPS test failures on our side prior to panic. Signed-off-by: Gilad Ben-Yossef --- drivers/crypto/ccree/cc_fips.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/drivers/crypto/ccree/cc_fips.c b/drivers/crypto/ccree/cc_fips.c index 040e09c0e1af..4c8bce33abcf 100644 --- a/drivers/crypto/ccree/cc_fips.c +++ b/drivers/crypto/ccree/cc_fips.c @@ -3,6 +3,7 @@ #include #include +#include #include "cc_driver.h" #include "cc_fips.h" @@ -11,6 +12,8 @@ static void fips_dsr(unsigned long devarg); struct cc_fips_handle { struct tasklet_struct tasklet; + struct notifier_block nb; + struct cc_drvdata *drvdata; }; /* The function called once at driver entry point to check @@ -46,6 +49,21 @@ void cc_set_ree_fips_status(struct cc_drvdata *drvdata, bool status) cc_iowrite(drvdata, CC_REG(HOST_GPR0), val); } +/* Push REE side FIPS test failure to TEE side */ +static int cc_ree_fips_failure(struct notifier_block *nb, unsigned long unused1, + void *unused2) +{ + struct cc_fips_handle *fips_h = + container_of(nb, struct cc_fips_handle, nb); + struct cc_drvdata *drvdata = fips_h->drvdata; + struct device *dev = drvdata_to_dev(drvdata); + + cc_set_ree_fips_status(drvdata, false); + dev_info(dev, "Notifying TEE of FIPS test failure...\n"); + + return NOTIFY_OK; +} + void cc_fips_fini(struct cc_drvdata *drvdata) { struct cc_fips_handle *fips_h = drvdata->fips_handle; @@ -53,6 +71,8 @@ void cc_fips_fini(struct cc_drvdata *drvdata) if (drvdata->hw_rev < CC_HW_REV_712 || !fips_h) return; + atomic_notifier_chain_unregister(&fips_fail_notif_chain, &fips_h->nb); + /* Kill tasklet */ tasklet_kill(&fips_h->tasklet); drvdata->fips_handle = NULL; @@ -124,6 +144,9 @@ int cc_fips_init(struct cc_drvdata *p_drvdata) dev_dbg(dev, "Initializing fips tasklet\n"); tasklet_init(&fips_h->tasklet, fips_dsr, (unsigned long)p_drvdata); + fips_h->drvdata = p_drvdata; + fips_h->nb.notifier_call = cc_ree_fips_failure; + atomic_notifier_chain_register(&fips_fail_notif_chain, &fips_h->nb); cc_tee_handle_fips_error(p_drvdata); -- 2.21.0