Re: [PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys

From: David Gstir
Date: Wed Sep 27 2023 - 02:33:25 EST

Next message: chenguohua: "[PATCH] vidio: Clean up errors in serial.h"
Previous message: Zhenhua Huang: "Re: [RESEND PATCH] driver core: Clear FWNODE_FLAG_LINKS_ADDED in device_links_purge()"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jarkko,

> On 25.09.2023, at 17:34, Jarkko Sakkinen <jarkko@xxxxxxxxxx> wrote:
>
> On Mon Sep 18, 2023 at 5:18 PM EEST, David Gstir wrote:
>> DCP (Data Co-Processor) is the little brother of NXP's CAAM IP.
>>
>> Beside of accelerated crypto operations, it also offers support for
>> hardware-bound keys. Using this feature it is possible to implement a blob
>> mechanism just like CAAM offers. Unlike on CAAM, constructing and
>> parsing the blob has to happen in software.
>>
>> We chose the following format for the blob:
>
> Who is we?

The authors of this patch. But I’ll rephrase that to get rid
of the academic paper style.

> And there is no choosing anything if the below structure if hardware
> defined (not software defined):

The below structure is actually software-defined by this patch.
Contrary to CAAM, DCP does not have a key blob feature.
DCP’s hardware-bound UNIQUE or OTP key is used to bind
these key blobs to a specific DCP chip.

>
>> /*
>> * struct dcp_blob_fmt - DCP BLOB format.
>> *
>> * @fmt_version: Format version, currently being %1
>> * @blob_key: Random AES 128 key which is used to encrypt @payload,
>> * @blob_key itself is encrypted with OTP or UNIQUE device key in
>> * AES-128-ECB mode by DCP.
>> * @nonce: Random nonce used for @payload encryption.
>> * @payload_len: Length of the plain text @payload.
>> * @payload: The payload itself, encrypted using AES-128-GCM and @blob_key,
>> * GCM auth tag of size AES_BLOCK_SIZE is attached at the end of it.
>> *
>> * The total size of a DCP BLOB is sizeof(struct dcp_blob_fmt) + @payload_len +
>> * AES_BLOCK_SIZE.
>> */
>> struct dcp_blob_fmt {
>> __u8 fmt_version;
>> __u8 blob_key[AES_KEYSIZE_128];
>> __u8 nonce[AES_KEYSIZE_128];
>> __le32 payload_len;
>> __u8 payload[];
>> } __packed;
>>
>> @payload is the key provided by trusted_key_ops->seal().
>>
>> By default the UNIQUE device key is used, it is also possible to use
>> the OTP key. While the UNIQUE device key should be unique it is not
>> entirely clear whether this is the case due to unclear documentation.
>> If someone wants to be sure they can burn their own unique key
>> into the OTP fuse and set the use_otp_key module parameter.
>>
>> Co-developed-by: Richard Weinberger <richard@xxxxxx>
>> Signed-off-by: Richard Weinberger <richard@xxxxxx>
>> Co-developed-by: David Oberhollenzer <david.oberhollenzer@xxxxxxxxxxxxx>
>> Signed-off-by: David Oberhollenzer <david.oberhollenzer@xxxxxxxxxxxxx>
>> Signed-off-by: David Gstir <david@xxxxxxxxxxxxx>
>> ---
>> .../admin-guide/kernel-parameters.txt | 13 +
>
> Separate commit for this.
>
>> MAINTAINERS | 9 +
>
> Ditto (i.e. total two additional patches).

Will do for v4!

Thanks,
- David

Next message: chenguohua: "[PATCH] vidio: Clean up errors in serial.h"
Previous message: Zhenhua Huang: "Re: [RESEND PATCH] driver core: Clear FWNODE_FLAG_LINKS_ADDED in device_links_purge()"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 2/3] KEYS: trusted: Introduce support for NXP DCP-based trusted keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]