Re: [PATCH v2] crypto: caam: blob_gen.c: warn if key is insecure

From: Herbert Xu
Date: Fri Nov 18 2022 - 01:06:34 EST

Next message: Oleksij Rempel: "Re: [PATCH RESEND] can: j1939: do not wait 250ms if the same addr was already claimed"
Previous message: Tiezhu Yang: "[PATCH v4 1/4] LoongArch: Simulate branch and PC instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 07, 2022 at 09:00:30AM +0100, Nikolaus Voss wrote:
> If CAAM is not in "trusted" or "secure" state, a fixed non-volatile key
> is used instead of the unique device key. This is the default mode of
> operation without secure boot (HAB). In this scenario, CAAM encrypted
> blobs should be used only for testing but not in a production
> environment, so issue a warning.
>
> Signed-off-by: Nikolaus Voss <nikolaus.voss@xxxxxxxxxxxxxxx>
>
> ---
> Changes
> =======
> v2: make warning more verbose, correct register, style fixes
>
> drivers/crypto/caam/blob_gen.c | 9 +++++++++
> drivers/crypto/caam/regs.h | 3 +++
> 2 files changed, 12 insertions(+)

This patch introduces a new warning with gcc or sparse using
C=1 W=1. Plesae fix.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Oleksij Rempel: "Re: [PATCH RESEND] can: j1939: do not wait 250ms if the same addr was already claimed"
Previous message: Tiezhu Yang: "[PATCH v4 1/4] LoongArch: Simulate branch and PC instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]