Re: [PATCH 2/3] ARM: mxs: crypto: Add Freescale MXS DCP driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Marek,

> Marek Vasut <marex@xxxxxxx> hat am 28. September 2013 um 05:35 geschrieben:
> [...]
> > > 3) What are those ugly new IOCTLs in the dcp.c driver?
> > 
> > When I firstly posted the driver in the mailinglist, there where one
> > person who actually used this interface (it was introduced in
> > Freescale's SDK) to use the OTP keys for crypto. As far as I have
> > seen, the crypto API does not support such keys (i.e. there seems to
> > be no way to tell a driver to use some kind of special keys - which
> > are not delivered by the user - via the API).
> > Therefore I added this miscdevice and adopted Freescale's interface.
> 
> The keys are programmed into the OTP registers, correct? There is OCOTP driver 
> for the MX23/MX28 OTP hardware. This is what should have been used then.
> 
> NOTE: This IOCTL interface seems like quite an abusive way to allow userland to 
> access the crypto API in kernel. I understand this is used by some Freescale 
> tool, but won't it be better to fix the Freescale tool instead ?


the IOCTL interface is used to AES encrypt a bootstream with the AES key in
OCOTP.
The idea is that only the DCP can read/access the key once it has been
programmed
into the OCOTP. If the crypto API has means to tell the DCP to use the key from
OCOTP, the tool from Freescale is a minor problem.


Regards,
Christoph
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux