mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-30 14:19:16 +00:00
007c3ff11f
The NXP Cryptographic Acceleration and Assurance Module (CAAM) can be used to protect user-defined data across system reboot: - When the system is fused and boots into secure state, the master key is a unique never-disclosed device-specific key - random key is encrypted by key derived from master key - data is encrypted using the random key - encrypted data and its encrypted random key are stored alongside - This blob can now be safely stored in non-volatile memory On next power-on: - blob is loaded into CAAM - CAAM writes decrypted data either into memory or key register Add functions to realize encrypting and decrypting into memory alongside the CAAM driver. They will be used in a later commit as a source for the trusted key seal/unseal mechanism. Reviewed-by: David Gstir <david@sigma-star.at> Reviewed-by: Pankaj Gupta <pankaj.gupta@nxp.com> Tested-by: Tim Harvey <tharvey@gateworks.com> Tested-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com> Tested-by: Pankaj Gupta <pankaj.gupta@nxp.com> Tested-by: Michael Walle <michael@walle.cc> # on ls1028a (non-E and E) Tested-by: John Ernberg <john.ernberg@actia.se> # iMX8QXP Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> |
||
---|---|---|
.. | ||
allwinner | ||
amcc | ||
amlogic | ||
axis | ||
bcm | ||
caam | ||
cavium | ||
ccp | ||
ccree | ||
chelsio | ||
gemini | ||
hisilicon | ||
inside-secure | ||
keembay | ||
marvell | ||
nx | ||
qat | ||
qce | ||
rockchip | ||
stm32 | ||
ux500 | ||
virtio | ||
vmx | ||
xilinx | ||
atmel-aes-regs.h | ||
atmel-aes.c | ||
atmel-authenc.h | ||
atmel-ecc.c | ||
atmel-i2c.c | ||
atmel-i2c.h | ||
atmel-sha-regs.h | ||
atmel-sha.c | ||
atmel-sha204a.c | ||
atmel-tdes-regs.h | ||
atmel-tdes.c | ||
exynos-rng.c | ||
geode-aes.c | ||
geode-aes.h | ||
hifn_795x.c | ||
img-hash.c | ||
ixp4xx_crypto.c | ||
Kconfig | ||
Makefile | ||
mxs-dcp.c | ||
n2_asm.S | ||
n2_core.c | ||
n2_core.h | ||
omap-aes-gcm.c | ||
omap-aes.c | ||
omap-aes.h | ||
omap-crypto.c | ||
omap-crypto.h | ||
omap-des.c | ||
omap-sham.c | ||
padlock-aes.c | ||
padlock-sha.c | ||
qcom-rng.c | ||
s5p-sss.c | ||
sa2ul.c | ||
sa2ul.h | ||
sahara.c | ||
talitos.c | ||
talitos.h |