Re: [PATCH 3/3] arm64: dts: renesas: r8a7795: add ccree binding
Hi Gilad, On Tue, May 15, 2018 at 2:29 PM, Gilad Ben-Yossefwrote: > Add bindings for CryptoCell instance in the SoC. > > Signed-off-by: Gilad Ben-Yossef Thanks for your patch! > --- a/arch/arm64/boot/dts/renesas/r8a7795.dtsi > +++ b/arch/arm64/boot/dts/renesas/r8a7795.dtsi > @@ -528,6 +528,14 @@ > status = "disabled"; > }; > > + arm_cc630p: crypto@e6601000 { > + compatible = "arm,cryptocell-630p-ree"; > + interrupts = ; > + #interrupt-cells = <2>; I believe the #interrupt-cells property is not needed. > + reg = <0x0 0xe6601000 0 0x1000>; > + clocks = < CPG_MOD 229>; > + }; The rest looks good, but I cannot verify the register block. > + > i2c3: i2c@e66d { > #address-cells = <1>; > #size-cells = <0>; Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- ge...@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds
Re: [PATCH 2/3] clk: renesas: r8a7795: Add ccree clock
Hi Gilad, On Tue, May 15, 2018 at 2:29 PM, Gilad Ben-Yossefwrote: > This patch adds the clock used by the CryptoCell 630p instance in the SoC. > > Signed-off-by: Gilad Ben-Yossef Thanks for your patch! > --- a/drivers/clk/renesas/r8a7795-cpg-mssr.c > +++ b/drivers/clk/renesas/r8a7795-cpg-mssr.c > @@ -132,6 +132,7 @@ static struct mssr_mod_clk r8a7795_mod_clks[] __initdata > = { > DEF_MOD("sys-dmac2", 217, R8A7795_CLK_S0D3), > DEF_MOD("sys-dmac1", 218, R8A7795_CLK_S0D3), > DEF_MOD("sys-dmac0", 219, R8A7795_CLK_S0D3), > + DEF_MOD("ccree", 229, R8A7795_CLK_S3D2), I don't know if "ccree" is the proper name for this clock, as there may be multiple instances. I also can't verify the parent clock. > DEF_MOD("cmt3", 300, R8A7795_CLK_R), > DEF_MOD("cmt2", 301, R8A7795_CLK_R), > DEF_MOD("cmt1", 302, R8A7795_CLK_R), Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- ge...@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds
Re: [PATCH] crypto: reorder paes test lexicographically
On Fri, 2018-05-11 at 09:04 +0100, Gilad Ben-Yossef wrote: > Due to a snafu "paes" testmgr tests were not ordered > lexicographically, which led to boot time warnings. > Reorder the tests as needed. > > Fixes: a794d8d ("crypto: ccree - enable support for hardware keys") > Reported-by: Abdul Haleem> Signed-off-by: Gilad Ben-Yossef > --- > crypto/testmgr.c | 44 ++-- > 1 file changed, 22 insertions(+), 22 deletions(-) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index c31da0f..b1b8ebb 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -3012,13 +3012,6 @@ static const struct alg_test_desc alg_test_descs[] = { > } > } > }, { > - /* Same as ecb(aes) except the key is stored in > - * hardware secure memory which we reference by index > - */ > - .alg = "ecb(paes)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > .alg = "ecb(khazad)", > .test = alg_test_skcipher, > .suite = { > @@ -3028,6 +3021,13 @@ static const struct alg_test_desc alg_test_descs[] = { > } > } > }, { > + /* Same as ecb(aes) except the key is stored in > + * hardware secure memory which we reference by index > + */ > + .alg = "ecb(paes)", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "ecb(seed)", > .test = alg_test_skcipher, > .suite = { > @@ -3610,21 +3610,6 @@ static const struct alg_test_desc alg_test_descs[] = { > } > } > }, { > - /* Same as xts(aes) except the key is stored in > - * hardware secure memory which we reference by index > - */ > - .alg = "xts(paes)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "xts4096(paes)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "xts512(paes)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > .alg = "xts(camellia)", > .test = alg_test_skcipher, > .suite = { > @@ -3643,6 +3628,13 @@ static const struct alg_test_desc alg_test_descs[] = { > } > } > }, { > + /* Same as xts(aes) except the key is stored in > + * hardware secure memory which we reference by index > + */ > + .alg = "xts(paes)", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "xts(serpent)", > .test = alg_test_skcipher, > .suite = { > @@ -3679,6 +3671,14 @@ static const struct alg_test_desc alg_test_descs[] = { > } > } > }, { > + .alg = "xts4096(paes)", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > + .alg = "xts512(paes)", > + .test = alg_test_null, > + .fips_allowed = 1, > + }, { > .alg = "zlib-deflate", > .test = alg_test_comp, > .fips_allowed = 1, Gilad, The given patch fixes the boot warnings. Tested-by: Abdul Haleem Thanks for the fix. -- Regard's Abdul Haleem IBM Linux Technology Centre
[PATCH 1/3] crypto: ccree: drop signature register check
We were using the content of the signature register as a sanity check for the hardware functioning but it turns out not all implementers use the same values so the check is giving false negative on certain SoCs and so we drop it. Signed-off-by: Gilad Ben-Yossef--- drivers/crypto/ccree/cc_driver.c | 18 +++--- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/ccree/cc_driver.c b/drivers/crypto/ccree/cc_driver.c index 89ce013..f8ff358 100644 --- a/drivers/crypto/ccree/cc_driver.c +++ b/drivers/crypto/ccree/cc_driver.c @@ -38,21 +38,20 @@ MODULE_PARM_DESC(cc_dump_bytes, "Dump buffers to kernel log as debugging aid"); struct cc_hw_data { char *name; enum cc_hw_rev rev; - u32 sig; }; /* Hardware revisions defs. */ static const struct cc_hw_data cc712_hw = { - .name = "712", .rev = CC_HW_REV_712, .sig = 0xDCC71200U + .name = "712", .rev = CC_HW_REV_712 }; static const struct cc_hw_data cc710_hw = { - .name = "710", .rev = CC_HW_REV_710, .sig = 0xDCC63200U + .name = "710", .rev = CC_HW_REV_710 }; static const struct cc_hw_data cc630p_hw = { - .name = "630P", .rev = CC_HW_REV_630, .sig = 0xDCC63000U + .name = "630P", .rev = CC_HW_REV_630 }; static const struct of_device_id arm_ccree_dev_of_match[] = { @@ -186,7 +185,6 @@ static int init_cc_resources(struct platform_device *plat_dev) struct cc_drvdata *new_drvdata; struct device *dev = _dev->dev; struct device_node *np = dev->of_node; - u32 signature_val; u64 dma_mask; const struct cc_hw_data *hw_rev; const struct of_device_id *dev_id; @@ -275,16 +273,6 @@ static int init_cc_resources(struct platform_device *plat_dev) return rc; } - /* Verify correct mapping */ - signature_val = cc_ioread(new_drvdata, CC_REG(HOST_SIGNATURE)); - if (signature_val != hw_rev->sig) { - dev_err(dev, "Invalid CC signature: SIGNATURE=0x%08X != expected=0x%08X\n", - signature_val, hw_rev->sig); - rc = -EINVAL; - goto post_clk_err; - } - dev_dbg(dev, "CC SIGNATURE=0x%08X\n", signature_val); - /* Display HW versions */ dev_info(dev, "ARM CryptoCell %s Driver: HW version 0x%08X, Driver version %s\n", hw_rev->name, cc_ioread(new_drvdata, CC_REG(HOST_VERSION)), -- 2.7.4
[PATCH 2/3] clk: renesas: r8a7795: Add ccree clock
This patch adds the clock used by the CryptoCell 630p instance in the SoC. Signed-off-by: Gilad Ben-Yossef--- drivers/clk/renesas/r8a7795-cpg-mssr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/clk/renesas/r8a7795-cpg-mssr.c b/drivers/clk/renesas/r8a7795-cpg-mssr.c index 775b0ce..642706a 100644 --- a/drivers/clk/renesas/r8a7795-cpg-mssr.c +++ b/drivers/clk/renesas/r8a7795-cpg-mssr.c @@ -132,6 +132,7 @@ static struct mssr_mod_clk r8a7795_mod_clks[] __initdata = { DEF_MOD("sys-dmac2", 217, R8A7795_CLK_S0D3), DEF_MOD("sys-dmac1", 218, R8A7795_CLK_S0D3), DEF_MOD("sys-dmac0", 219, R8A7795_CLK_S0D3), + DEF_MOD("ccree", 229, R8A7795_CLK_S3D2), DEF_MOD("cmt3", 300, R8A7795_CLK_R), DEF_MOD("cmt2", 301, R8A7795_CLK_R), DEF_MOD("cmt1", 302, R8A7795_CLK_R), -- 2.7.4
[PATCH 3/3] arm64: dts: renesas: r8a7795: add ccree binding
Add bindings for CryptoCell instance in the SoC. Signed-off-by: Gilad Ben-Yossef--- arch/arm64/boot/dts/renesas/r8a7795.dtsi | 8 1 file changed, 8 insertions(+) diff --git a/arch/arm64/boot/dts/renesas/r8a7795.dtsi b/arch/arm64/boot/dts/renesas/r8a7795.dtsi index 91486b4..6c76841 100644 --- a/arch/arm64/boot/dts/renesas/r8a7795.dtsi +++ b/arch/arm64/boot/dts/renesas/r8a7795.dtsi @@ -528,6 +528,14 @@ status = "disabled"; }; + arm_cc630p: crypto@e6601000 { + compatible = "arm,cryptocell-630p-ree"; + interrupts = ; + #interrupt-cells = <2>; + reg = <0x0 0xe6601000 0 0x1000>; + clocks = < CPG_MOD 229>; + }; + i2c3: i2c@e66d { #address-cells = <1>; #size-cells = <0>; -- 2.7.4
[PATCH 0/3] enable ccree on Renesas R-Car platform
The following patch set enables CryptoCell present in the Renesas R-Car SoC. Gilad Ben-Yossef (3): crypto: ccree: drop signature register check clk: renesas: r8a7795: Add ccree clock arm64: dts: renesas: r8a7795: add ccree binding arch/arm64/boot/dts/renesas/r8a7795.dtsi | 8 drivers/clk/renesas/r8a7795-cpg-mssr.c | 1 + drivers/crypto/ccree/cc_driver.c | 18 +++--- 3 files changed, 12 insertions(+), 15 deletions(-) -- 2.7.4
[ANNOUNCE] Linux Security Summit Europe 2018 - CFP
== ANNOUNCEMENT AND CALL FOR PARTICIPATION LINUX SECURITY SUMMIT EUROPE 2018 25-26 October EDINBURGH, UK == DESCRIPTION The Linux Security Summit (LSS) is a technical forum for collaboration between Linux developers, researchers, and end users. Its primary aim is to foster community efforts in analyzing and solving Linux security challenges. This year, for the first time, the Linux Security Summit is going to be also held in Europe (LSS-EU) in order to facilitate broader participation in Linux Security development. Similar to LSS-North America, LSS-EU provides a unique opportunity for to have discussions and networking opportunities with key people in the Linux kernel security community , present your work and ideas and affect the future direction of Linux security. In addition to the refereed presentations, panels and BoF sessions, this year's LSS-EU program will have an introduction into various Linux kernel security subsystems in order to get participants acquainted with their main concepts and goals, as well as outline the areas of future development, where contribution by the community is welcomed. The program committee currently seeks proposals for: * Refereed Presentations: 45 minutes in length. * Panel Discussion Topics: 45 minutes in length. * Short Topics: 30 minutes in total, including at least 10 minutes discussion. * BoF Sessions. Topic areas include, but are not limited to: * Kernel self-protection * Access control * Cryptography and key management * Integrity control * Hardware Security * Iot and embedded security * Virtualization and containers * System-specific system hardening * Case studies * Security tools * Security UX * Emerging technologies, threats & techniques Proposals should be submitted via: https://events.linuxfoundation.org/events/linux-security-summit-europe-2018/program/cfp/ DATES * CFP Close: July 16, 2018 * CFP Notifications: July 23, 2018 * Schedule Announced: Aug 25, 2018 * Event: October 25-26, 2018 WHO SHOULD ATTEND We're seeking a diverse range of attendees, and welcome participation by people involved in Linux security development, operations, and research. The LSS is a unique global event which provides the opportunity to present and discuss your work or research with key Linux security community members and maintainers. It?s also useful for those who wish to keep up with the latest in Linux security development, and to provide input to the development process. WEB SITE https://events.linuxfoundation.org/events/linux-security-summit-europe-2018/ TWITTER For event updates and announcements, follow: https://twitter.com/LinuxSecSummit PROGRAM COMMITTEE The program committee for LSS-EU 2018 is: * Elena Reshetova, Intel * James Morris, Microsoft * Serge Hallyn, Cisco * Paul Moore, Red Hat * Stephen Smalley, NSA * John Johansen, Canonical * Kees Cook, Google * Casey Schaufler, Intel * Mimi Zohar, IBM * David A. Wheeler, Institute for Defense Analyses The program committee may be contacted as a group via email: lss-pc () lists.linuxfoundation.org