-
This driver allows userspace applications to use the blob encapsulation and decapsulation capabilities of the CAAM module, using the secure memory keystore driver (sm_store). The sm_store driver is designed to work only with SECURE MEMORY. The blobs are always encapsulated and decapsulated from/to secure memory, as the implementation in sm_store doesn't allow working with blobs generated from general memory. All blobs generated by this driver are secure memory blobs, and therefore the access permissions given in the SMAPJR and SMAGR registers are included in the blob itself. Also, the key modifier used in the process can just be 8 bytes (instead of the 16 bytes required for general memory blobs). The maximum size of the input data that can be used to generate a blob is given by the slot size (configurable via CRYPTO_DEV_FSL_CAAM_SM_SLOTSIZE). Even if the sm_store is designed to assume that the input data is a key, this driver treats the input data as general data. The driver always generates 'RED' blobs (i.e. never BLACK key blobs). The data loaded from a encapsulated blob does anyway not stay in secure memory once the ioctl() has finished, so it really does not matter. The encapsulation and decapsulation commands through the device ioctl() are independent from each other. If more than one such commands happen at the same time, their success will depend on whether the secure storage was able to allocate a slot for the operation. This driver is somewhat based on the sm_test driver. Signed-off-by: Aleksander Morgado <aleksander@aleksander.es> Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
dcaac549