projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 31f8140) | patch
crypto: caam - warn if blob_gen key is insecure
authorNikolaus Voss <nikolaus.voss@haag-streit.com>
Mon, 21 Nov 2022 14:12:41 +0000 (15:12 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 2 Dec 2022 10:12:39 +0000 (18:12 +0800)
commit6a83830f649a614aca445bbcadbd582c7929e63d
tree32e84e1c842f112e3be6da1decfd41e143a38b2ctree | snapshot
parent31f81401e23fb88cc030cd586abd28740e6c8136commit | diff
crypto: caam - warn if blob_gen key is insecure

If CAAM is not in "trusted" or "secure" state, a fixed non-volatile key
is used instead of the unique device key. This is the default mode of
operation without secure boot (HAB). In this scenario, CAAM encrypted
blobs should be used only for testing but not in a production
environment, so issue a warning.

Signed-off-by: Nikolaus Voss <nikolaus.voss@haag-streit.com>
Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/caam/blob_gen.c diff | blob | history
drivers/crypto/caam/regs.h diff | blob | history
Domain: System / Kernel;