Hello Marek, > Marek Vasut <marex@xxxxxxx> hat am 28. September 2013 um 05:35 geschrieben: > [...] > > > 3) What are those ugly new IOCTLs in the dcp.c driver? > > > > When I firstly posted the driver in the mailinglist, there where one > > person who actually used this interface (it was introduced in > > Freescale's SDK) to use the OTP keys for crypto. As far as I have > > seen, the crypto API does not support such keys (i.e. there seems to > > be no way to tell a driver to use some kind of special keys - which > > are not delivered by the user - via the API). > > Therefore I added this miscdevice and adopted Freescale's interface. > > The keys are programmed into the OTP registers, correct? There is OCOTP driver > for the MX23/MX28 OTP hardware. This is what should have been used then. > > NOTE: This IOCTL interface seems like quite an abusive way to allow userland to > access the crypto API in kernel. I understand this is used by some Freescale > tool, but won't it be better to fix the Freescale tool instead ? the IOCTL interface is used to AES encrypt a bootstream with the AES key in OCOTP. The idea is that only the DCP can read/access the key once it has been programmed into the OCOTP. If the crypto API has means to tell the DCP to use the key from OCOTP, the tool from Freescale is a minor problem. Regards, Christoph -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html