Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp4465557pxf; Tue, 16 Mar 2021 14:22:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzQR+SQIKTk8VzGvmoNfh2Rz2OvGnqmoLy8gYSZYHVeXKfCyVCjf/6qolC6V9AB5DWJcXFq X-Received: by 2002:a17:907:216a:: with SMTP id rl10mr32148572ejb.365.1615929723849; Tue, 16 Mar 2021 14:22:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615929723; cv=none; d=google.com; s=arc-20160816; b=C60YlJXLRfXsiMXvxAXBQE3ZdFAORlp/JP+u2TXD4gcPjZUlfENCVDFXCSbPnMZmL6 D+dvhcVR7ROnDJyK1gS+ZqkXNrE1qrYbGFI65h3gBJmVCWiD8AMBPU8UC2upIOWuthCa yG81PxyIlKJKmBXkRMSkV376tupal9856LEs7FsYRliQ4I1j7K68sAWFHiOxtv3hhaMn G2TNMwOfSv5GJ/DhqxR6Qxy9uMnFPlBGH1OFAQ2K2QxB+nr16Tg7fmQ2bWMxvRZhBIy+ LwZExxt0oU6nrwEzZR3SSaHo9LtwsZlWjltv+bnrUjvkR91sgy6++PaJFYq7wrcHg4F2 TZiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=xXduSZFIqXW1dgqWsprybIEQNWFmoXK3C2ijJaC+8Rs=; b=Ob1HaN330ZCSOhVrORLRftnZTDoezs46bSBJ83XnqqBemxF2oY/cumyBkBbS0TP9ol nqJpKcn1gcefNb+a9zDgr5WKiuOpphFv4guSRlWn1IqGOAaNee8+pAavPdj3qxySxrYD DkdIXr2KaJDvr3He7tivyyKkofINd0HdiXoN6khaLpm2KluQw7ZtqfyOhU/s9PBV0+3l 4noihiWJjsiY7Cl3nzHkywPWkIEHrwGQDbim1Cb3xeKk3I+HWEFRwT6yC3zinmTMMQUc 15WmtFXDNTgEi5UUWz1rxdsEEa2aMe2mGQPUO+OOnAHQvBGraWasjWPSIGws7widahTS RwSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HpoautR6; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a2si16346316eda.350.2021.03.16.14.21.35; Tue, 16 Mar 2021 14:22:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HpoautR6; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236733AbhCPTWs (ORCPT + 99 others); Tue, 16 Mar 2021 15:22:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:59742 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234990AbhCPTWk (ORCPT ); Tue, 16 Mar 2021 15:22:40 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id E870D65061; Tue, 16 Mar 2021 19:22:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1615922559; bh=zg65Pn1r3cXmZ68Zj9qDDZ2iLpobA6DjNNZemVWYfXg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HpoautR6qNDWPE2QlXP5cZF13tXQgMfXBEoaqM/R32UyMWeeuXXUGEoQz85frM8GG ebu0MBOo1S8ciNndBDKlI26RwrhnBv4fhnktaQoWISiVL6Mx8fMJnYFyTVHjdi+YYi zdxRn0pNDuTAzSUzzVv3T5JI9rhcLSV1pFPVsorfyDWDMxUkwZdfBGqTIXRJj02SCV S0IBACa7l3uqHAk+CdOoOpadvNkP+1lRUIVu9OIkyuH0XvOPMxDM4q3wdKON03HIxT RkK0nZrnUqjGeHNhdhQYnCwB9aL7mEph5OhSCIWXRY/uKmDvDbGAd6iQR4R024Kdgo PNP2TdxzKrpgw== Date: Tue, 16 Mar 2021 21:22:14 +0200 From: Jarkko Sakkinen To: Ahmad Fatoum Cc: Jonathan Corbet , David Howells , James Bottomley , Mimi Zohar , kernel@pengutronix.de, James Morris , "Serge E. Hallyn" , Horia =?utf-8?Q?Geant=C4=83?= , Aymen Sghaier , Herbert Xu , "David S. Miller" , Udit Agarwal , Jan Luebbe , David Gstir , Franck LENORMAND , Sumit Garg , keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH v1 3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys Message-ID: References: <319e558e1bd19b80ad6447c167a2c3942bdafea2.1615914058.git-series.a.fatoum@pengutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <319e558e1bd19b80ad6447c167a2c3942bdafea2.1615914058.git-series.a.fatoum@pengutronix.de> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Mar 16, 2021 at 06:01:18PM +0100, Ahmad Fatoum wrote: > The Cryptographic Acceleration and Assurance Module (CAAM) is an IP core > built into many newer i.MX and QorIQ SoCs by NXP. > > The CAAM does crypto acceleration, hardware number generation and > has a blob mechanism for encapsulation/decapsulation of sensitive material. > > This blob mechanism depends on a device specific random 256-bit One Time > Programmable Master Key that is fused in each SoC at manufacturing > time. This key is unreadable and can only be used by the CAAM for AES > encryption/decryption of user data. > > This makes it a suitable backend (source) for kernel trusted keys. > > Previous commits generalized trusted keys to support multiple backends > and added an API to access the CAAM blob mechanism. Based on these, > provide the necessary glue to use the CAAM for trusted keys. > > Signed-off-by: Ahmad Fatoum > --- > To: Jonathan Corbet > To: David Howells > To: Jarkko Sakkinen > To: James Bottomley > To: Mimi Zohar > Cc: James Morris > Cc: "Serge E. Hallyn" > Cc: "Horia Geantă" > Cc: Aymen Sghaier > Cc: Herbert Xu > Cc: "David S. Miller" > Cc: Udit Agarwal > Cc: Jan Luebbe > Cc: David Gstir > Cc: Franck LENORMAND > Cc: Sumit Garg > Cc: keyrings@vger.kernel.org > Cc: linux-crypto@vger.kernel.org > Cc: linux-doc@vger.kernel.org > Cc: linux-integrity@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Cc: linux-security-module@vger.kernel.org > --- > Documentation/admin-guide/kernel-parameters.txt | 1 +- > include/keys/trusted_caam.h | 11 +++- > security/keys/trusted-keys/Makefile | 1 +- > security/keys/trusted-keys/trusted_caam.c | 74 ++++++++++++++++++- > security/keys/trusted-keys/trusted_core.c | 6 +- > 5 files changed, 92 insertions(+), 1 deletion(-) > create mode 100644 include/keys/trusted_caam.h > create mode 100644 security/keys/trusted-keys/trusted_caam.c > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index c8bad1762cba..382e911389aa 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -5469,6 +5469,7 @@ > sources: > - "tpm" > - "tee" > + - "caam" > If not specified then it defaults to iterating through > the trust source list starting with TPM and assigns the > first trust source as a backend which is initialized > diff --git a/include/keys/trusted_caam.h b/include/keys/trusted_caam.h > new file mode 100644 > index 000000000000..2fba0996b0b0 > --- /dev/null > +++ b/include/keys/trusted_caam.h > @@ -0,0 +1,11 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Copyright (C) 2021 Pengutronix, Ahmad Fatoum > + */ > + > +#ifndef __CAAM_TRUSTED_KEY_H > +#define __CAAM_TRUSTED_KEY_H > + > +extern struct trusted_key_ops caam_trusted_key_ops; > + > +#endif > diff --git a/security/keys/trusted-keys/Makefile b/security/keys/trusted-keys/Makefile > index feb8b6c3cc79..050370690abd 100644 > --- a/security/keys/trusted-keys/Makefile > +++ b/security/keys/trusted-keys/Makefile > @@ -12,3 +12,4 @@ trusted-y += trusted_tpm2.o > trusted-y += tpm2key.asn1.o > > trusted-$(CONFIG_TEE) += trusted_tee.o > +trusted-$(CONFIG_CRYPTO_DEV_FSL_CAAM_BLOB_GEN) += trusted_caam.o > diff --git a/security/keys/trusted-keys/trusted_caam.c b/security/keys/trusted-keys/trusted_caam.c > new file mode 100644 > index 000000000000..fc2e3dde9e06 > --- /dev/null > +++ b/security/keys/trusted-keys/trusted_caam.c > @@ -0,0 +1,74 @@ > +// SPDX-License-Identifier: GPL-2.0-only > +/* > + * Copyright (C) 2021 Pengutronix, Ahmad Fatoum > + */ > + > +#include > +#include > +#include > +#include > +#include > + > +struct caam_blob_priv *blobifier; > + > +#define KEYMOD "kernel:trusted" > + > +static_assert(MAX_KEY_SIZE + CAAM_BLOB_OVERHEAD <= CAAM_BLOB_MAX_LEN); > +static_assert(MAX_BLOB_SIZE <= CAAM_BLOB_MAX_LEN); > + > +static int trusted_caam_seal(struct trusted_key_payload *p, char *datablob) > +{ > + int length = p->key_len + CAAM_BLOB_OVERHEAD; > + int ret; > + > + ret = caam_encap_blob(blobifier, KEYMOD, p->key, p->blob, length); > + if (ret) > + return ret; > + > + p->blob_len = length; > + return 0; > +} > + > +static int trusted_caam_unseal(struct trusted_key_payload *p, char *datablob) > +{ > + int length = p->blob_len; > + int ret; > + > + ret = caam_decap_blob(blobifier, KEYMOD, p->blob, p->key, length); > + if (ret) > + return ret; > + > + p->key_len = length - CAAM_BLOB_OVERHEAD; > + return 0; > +} > + > +static int trusted_caam_init(void) > +{ > + int ret; > + > + blobifier = caam_blob_gen_init(); > + if (IS_ERR(blobifier)) { > + pr_err("Job Ring Device allocation for transform failed\n"); > + return PTR_ERR(blobifier); > + } > + > + ret = register_key_type(&key_type_trusted); > + if (ret) > + caam_blob_gen_exit(blobifier); > + > + return ret; > +} > + > +static void trusted_caam_exit(void) > +{ > + unregister_key_type(&key_type_trusted); > + caam_blob_gen_exit(blobifier); > +} > + > +struct trusted_key_ops caam_trusted_key_ops = { > + .migratable = 0, /* non-migratable */ > + .init = trusted_caam_init, > + .seal = trusted_caam_seal, > + .unseal = trusted_caam_unseal, > + .exit = trusted_caam_exit, > +}; > diff --git a/security/keys/trusted-keys/trusted_core.c b/security/keys/trusted-keys/trusted_core.c > index 5f92323efedf..e9bfb1bbc014 100644 > --- a/security/keys/trusted-keys/trusted_core.c > +++ b/security/keys/trusted-keys/trusted_core.c > @@ -9,6 +9,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -25,7 +26,7 @@ > > static char *trusted_key_source; > module_param_named(source, trusted_key_source, charp, 0); > -MODULE_PARM_DESC(source, "Select trusted keys source (tpm or tee)"); > +MODULE_PARM_DESC(source, "Select trusted keys source (tpm, tee or caam)"); > > static const struct trusted_key_source trusted_key_sources[] = { > #if defined(CONFIG_TCG_TPM) > @@ -34,6 +35,9 @@ static const struct trusted_key_source trusted_key_sources[] = { > #if defined(CONFIG_TEE) > { "tee", &trusted_key_tee_ops }, > #endif > +#if defined(CONFIG_CRYPTO_DEV_FSL_CAAM_BLOB_GEN) > + { "caam", &caam_trusted_key_ops }, > +#endif > }; > > DEFINE_STATIC_CALL_NULL(trusted_key_init, *trusted_key_sources[0].ops->init); > -- > git-series 0.9.1 > Too early to ack, as I've not included the TEE thing to any PR yet. /Jarkko