From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Christoph G. Baumann" <cb@sgoc.de>
Subject: Re: [PATCH 2/3] ARM: mxs: crypto: Add Freescale MXS DCP driver
Date: Mon, 7 Oct 2013 11:50:39 +0200 (CEST)
Message-ID: <632804650.191291.1381139440065.open-xchange@email.1und1.de>
References: <1380194306-5243-1-git-send-email-marex@denx.de> <201309261407.33923.marex@denx.de> <5245AC5B.80800@gmail.com> <201309280535.33672.marex@denx.de>
Reply-To: "Christoph G. Baumann" <cb@sgoc.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Cc: linux-crypto@vger.kernel.org,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Shawn Guo <shawn.guo@linaro.org>,
	Fabio Estevam <festevam@gmail.com>,
	"David S. Miller" <davem@davemloft.net>,
	"linux-arm-kernel@lists.infradead.org"
	<linux-arm-kernel@lists.infradead.org>,
	Tobias Rauter <tobiasrauter@gmail.com>
To: Marek Vasut <marex@denx.de>
Return-path: <linux-crypto-owner@vger.kernel.org>
Received: from moutng.kundenserver.de ([212.227.17.9]:53260 "EHLO
	moutng.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755237Ab3JGJu4 convert rfc822-to-8bit (ORCPT
	<rfc822;linux-crypto@vger.kernel.org>);
	Mon, 7 Oct 2013 05:50:56 -0400
In-Reply-To: <201309280535.33672.marex@denx.de>
Sender: linux-crypto-owner@vger.kernel.org
List-ID: <linux-crypto.vger.kernel.org>

Hello Marek,

>=C2=A0Marek=C2=A0Vasut=C2=A0<marex@denx.de>=C2=A0hat=C2=A0am=C2=A028.=C2=
=A0September=C2=A02013=C2=A0um=C2=A005:35=C2=A0geschrieben:
> [...]
>=C2=A0>=C2=A0>=C2=A03)=C2=A0What=C2=A0are=C2=A0those=C2=A0ugly=C2=A0ne=
w=C2=A0IOCTLs=C2=A0in=C2=A0the=C2=A0dcp.c=C2=A0driver?
>=C2=A0>=C2=A0
>=C2=A0>=C2=A0When=C2=A0I=C2=A0firstly=C2=A0posted=C2=A0the=C2=A0driver=
=C2=A0in=C2=A0the=C2=A0mailinglist,=C2=A0there=C2=A0where=C2=A0one
>=C2=A0>=C2=A0person=C2=A0who=C2=A0actually=C2=A0used=C2=A0this=C2=A0in=
terface=C2=A0(it=C2=A0was=C2=A0introduced=C2=A0in
>=C2=A0>=C2=A0Freescale's=C2=A0SDK)=C2=A0to=C2=A0use=C2=A0the=C2=A0OTP=C2=
=A0keys=C2=A0for=C2=A0crypto.=C2=A0As=C2=A0far=C2=A0as=C2=A0I=C2=A0have
>=C2=A0>=C2=A0seen,=C2=A0the=C2=A0crypto=C2=A0API=C2=A0does=C2=A0not=C2=
=A0support=C2=A0such=C2=A0keys=C2=A0(i.e.=C2=A0there=C2=A0seems=C2=A0to
>=C2=A0>=C2=A0be=C2=A0no=C2=A0way=C2=A0to=C2=A0tell=C2=A0a=C2=A0driver=C2=
=A0to=C2=A0use=C2=A0some=C2=A0kind=C2=A0of=C2=A0special=C2=A0keys=C2=A0=
-=C2=A0which
>=C2=A0>=C2=A0are=C2=A0not=C2=A0delivered=C2=A0by=C2=A0the=C2=A0user=C2=
=A0-=C2=A0via=C2=A0the=C2=A0API).
>=C2=A0>=C2=A0Therefore=C2=A0I=C2=A0added=C2=A0this=C2=A0miscdevice=C2=A0=
and=C2=A0adopted=C2=A0Freescale's=C2=A0interface.
>=C2=A0
>=C2=A0The=C2=A0keys=C2=A0are=C2=A0programmed=C2=A0into=C2=A0the=C2=A0O=
TP=C2=A0registers,=C2=A0correct?=C2=A0There=C2=A0is=C2=A0OCOTP=C2=A0dri=
ver=C2=A0
>=C2=A0for=C2=A0the=C2=A0MX23/MX28=C2=A0OTP=C2=A0hardware.=C2=A0This=C2=
=A0is=C2=A0what=C2=A0should=C2=A0have=C2=A0been=C2=A0used=C2=A0then.
>=C2=A0
>=C2=A0NOTE:=C2=A0This=C2=A0IOCTL=C2=A0interface=C2=A0seems=C2=A0like=C2=
=A0quite=C2=A0an=C2=A0abusive=C2=A0way=C2=A0to=C2=A0allow=C2=A0userland=
=C2=A0to=C2=A0
>=C2=A0access=C2=A0the=C2=A0crypto=C2=A0API=C2=A0in=C2=A0kernel.=C2=A0I=
=C2=A0understand=C2=A0this=C2=A0is=C2=A0used=C2=A0by=C2=A0some=C2=A0Fre=
escale=C2=A0
>=C2=A0tool,=C2=A0but=C2=A0won't=C2=A0it=C2=A0be=C2=A0better=C2=A0to=C2=
=A0fix=C2=A0the=C2=A0Freescale=C2=A0tool=C2=A0instead=C2=A0?


the IOCTL interface is used to AES encrypt a bootstream with the AES ke=
y in
OCOTP.
The idea is that only the DCP can read/access the key once it has been
programmed
into the OCOTP. If the crypto API has means to tell the DCP to use the =
key from
OCOTP, the tool from Freescale is a minor problem.


Regards,
Christoph

From mboxrd@z Thu Jan  1 00:00:00 1970
From: cb@sgoc.de (Christoph G. Baumann)
Date: Mon, 7 Oct 2013 11:50:39 +0200 (CEST)
Subject: [PATCH 2/3] ARM: mxs: crypto: Add Freescale MXS DCP driver
In-Reply-To: <201309280535.33672.marex@denx.de>
References: <1380194306-5243-1-git-send-email-marex@denx.de>
 <201309261407.33923.marex@denx.de> <5245AC5B.80800@gmail.com>
 <201309280535.33672.marex@denx.de>
Message-ID: <632804650.191291.1381139440065.open-xchange@email.1und1.de>
To: linux-arm-kernel@lists.infradead.org
List-Id: linux-arm-kernel.lists.infradead.org

Hello Marek,

>?Marek?Vasut?<marex@denx.de>?hat?am?28.?September?2013?um?05:35?geschrieben:
> [...]
>?>?>?3)?What?are?those?ugly?new?IOCTLs?in?the?dcp.c?driver?
>?>?
>?>?When?I?firstly?posted?the?driver?in?the?mailinglist,?there?where?one
>?>?person?who?actually?used?this?interface?(it?was?introduced?in
>?>?Freescale's?SDK)?to?use?the?OTP?keys?for?crypto.?As?far?as?I?have
>?>?seen,?the?crypto?API?does?not?support?such?keys?(i.e.?there?seems?to
>?>?be?no?way?to?tell?a?driver?to?use?some?kind?of?special?keys?-?which
>?>?are?not?delivered?by?the?user?-?via?the?API).
>?>?Therefore?I?added?this?miscdevice?and?adopted?Freescale's?interface.
>?
>?The?keys?are?programmed?into?the?OTP?registers,?correct??There?is?OCOTP?driver?
>?for?the?MX23/MX28?OTP?hardware.?This?is?what?should?have?been?used?then.
>?
>?NOTE:?This?IOCTL?interface?seems?like?quite?an?abusive?way?to?allow?userland?to?
>?access?the?crypto?API?in?kernel.?I?understand?this?is?used?by?some?Freescale?
>?tool,?but?won't?it?be?better?to?fix?the?Freescale?tool?instead??


the IOCTL interface is used to AES encrypt a bootstream with the AES key in
OCOTP.
The idea is that only the DCP can read/access the key once it has been
programmed
into the OCOTP. If the crypto API has means to tell the DCP to use the key from
OCOTP, the tool from Freescale is a minor problem.


Regards,
Christoph