Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap

From: Michael Walle
Date: Wed May 11 2022 - 05:21:31 EST

Next message: Ahmad Fatoum: "Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Previous message: Andy Shevchenko: "Re: [PATCH V2] toshiba_acpi: use kobj_to_dev()"
In reply to: Pankaj Gupta: "RE: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Next in thread: Horia Geantă: "Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Am 2022-05-11 11:16, schrieb Pankaj Gupta:

-----Original Message-----
From: Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx>
Sent: Monday, May 9, 2022 6:34 PM
To: Pankaj Gupta <pankaj.gupta@xxxxxxx>; Horia Geanta
<horia.geanta@xxxxxxx>; Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>; David S.
Miller <davem@xxxxxxxxxxxxx>
Cc: kernel@xxxxxxxxxxxxxx; Michael Walle <michael@xxxxxxxx>; James
Bottomley <jejb@xxxxxxxxxxxxx>; Jarkko Sakkinen <jarkko@xxxxxxxxxx>; Mimi
Zohar <zohar@xxxxxxxxxxxxx>; David Howells <dhowells@xxxxxxxxxx>; James
Morris <jmorris@xxxxxxxxx>; Eric Biggers <ebiggers@xxxxxxxxxx>; Serge E.
Hallyn <serge@xxxxxxxxxx>; Jan Luebbe <j.luebbe@xxxxxxxxxxxxxx>; David Gstir
<david@xxxxxxxxxxxxx>; Richard Weinberger <richard@xxxxxx>; Franck
Lenormand <franck.lenormand@xxxxxxx>; Matthias Schiffer
<matthias.schiffer@xxxxxxxxxxxxxxx>; Sumit Garg <sumit.garg@xxxxxxxxxx>;
linux-integrity@xxxxxxxxxxxxxxx; keyrings@xxxxxxxxxxxxxxx; linux-
crypto@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; linux-security-
module@xxxxxxxxxxxxxxx
Subject: Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM
supports blob encap/decap

Caution: EXT Email

Hello Pankaj,

On Mon, 2022-05-09 at 12:39 +0000, Pankaj Gupta wrote:
> > - if (ctrlpriv->era < 10)
> > + comp_params = rd_reg32(&ctrl->perfmon.comp_parms_ls);
> > + ctrlpriv->blob_present = !!(comp_params & CTPR_LS_BLOB);
> > +
> > + if (ctrlpriv->era < 10) {
> > rng_vid = (rd_reg32(&ctrl->perfmon.cha_id_ls) &
> > CHA_ID_LS_RNG_MASK) >>
> > CHA_ID_LS_RNG_SHIFT;
>
> Check for AES CHAs for Era < 10, should be added.

Do I need this? I only do this check for Era >= 10, because apparently there are
Layerscape non-E processors that indicate BLOB support via CTPR_LS_BLOB, but
fail at runtime. Are there any Era < 10 SoCs that are similarly broken?

For non-E variants, it might happen that Blob protocol is enabled, but
number of AES CHA are zero.
If the output of below expression is > 0, then only blob_present
should be marked present or true.
For era > 10, you handled. But for era < 10, please add the below code.

Are there any CAAMs which can be just enabled partially for era < 10?
I didn't found anything. To me it looks like the non-export controlled
CAAM is only available for era >= 10. For era < 10, the CAAM is either
fully featured there or it is not available at all and thus the node
is removed in the bootloader (at least that is the case for layerscape).

-michael

Next message: Ahmad Fatoum: "Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Previous message: Andy Shevchenko: "Re: [PATCH V2] toshiba_acpi: use kobj_to_dev()"
In reply to: Pankaj Gupta: "RE: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Next in thread: Horia Geantă: "Re: [EXT] [PATCH v9 3/7] crypto: caam - determine whether CAAM supports blob encap/decap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]