From: "Marek Behún" <kabel@kernel.org>
To: "Gregory CLEMENT" <gregory.clement@bootlin.com>,
"Andrew Lunn" <andrew@lunn.ch>, "Arnd Bergmann" <arnd@arndb.de>,
soc@kernel.org, arm@kernel.org,
"Andy Shevchenko" <andy@kernel.org>,
"Hans de Goede" <hdegoede@redhat.com>,
"Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>
Cc: "Marek Behún" <kabel@kernel.org>
Subject: [PATCH v2 06/17] firmware: turris-mox-rwtm: Hide signature related constants behind macros
Date: Thu, 13 Jun 2024 18:10:34 +0200 [thread overview]
Message-ID: <20240613161045.29606-7-kabel@kernel.org> (raw)
In-Reply-To: <20240613161045.29606-1-kabel@kernel.org>
Hide signature generation related constants behind macros instead of
hardcoding the values.
Use SHA512_DIGEST_SIZE from crypto/sha2.h instead of hardcoded 64 as the
message size.
Signed-off-by: Marek Behún <kabel@kernel.org>
---
drivers/firmware/turris-mox-rwtm.c | 34 +++++++++++++++++++-----------
1 file changed, 22 insertions(+), 12 deletions(-)
diff --git a/drivers/firmware/turris-mox-rwtm.c b/drivers/firmware/turris-mox-rwtm.c
index 703b05c404e4..fb263f9bbab9 100644
--- a/drivers/firmware/turris-mox-rwtm.c
+++ b/drivers/firmware/turris-mox-rwtm.c
@@ -5,6 +5,7 @@
* Copyright (C) 2019, 2024 Marek Behún <kabel@kernel.org>
*/
+#include <crypto/sha2.h>
#include <linux/armada-37xx-rwtm-mailbox.h>
#include <linux/completion.h>
#include <linux/debugfs.h>
@@ -29,6 +30,12 @@
* https://gitlab.labs.nic.cz/turris/mox-boot-builder/tree/master/wtmi.
*/
+#define MOX_ECC_NUMBER_WORDS 17
+#define MOX_ECC_NUMBER_LEN (MOX_ECC_NUMBER_WORDS * sizeof(u32))
+
+#define MOX_ECC_SIGNATURE_WORDS (2 * MOX_ECC_NUMBER_WORDS)
+#define MOX_ECC_SIGNATURE_LEN (MOX_ECC_NUMBER_WORDS * sizeof(u32))
+
#define MBOX_STS_SUCCESS (0 << 30)
#define MBOX_STS_FAIL (1 << 30)
#define MBOX_STS_BADCMD (2 << 30)
@@ -83,7 +90,7 @@ struct mox_rwtm {
* from userspace.
*/
struct dentry *debugfs_root;
- u32 last_sig[34];
+ u32 last_sig[MOX_ECC_SIGNATURE_WORDS];
bool last_sig_done;
#endif
};
@@ -344,14 +351,15 @@ static ssize_t do_sign_read(struct file *file, char __user *buf, size_t len,
if (*ppos != 0)
return 0;
- if (len < 136)
+ if (len < MOX_ECC_SIGNATURE_LEN)
return -EINVAL;
if (!rwtm->last_sig_done)
return -ENODATA;
/* 2 arrays of 17 32-bit words are 136 bytes */
- ret = simple_read_from_buffer(buf, len, ppos, rwtm->last_sig, 136);
+ ret = simple_read_from_buffer(buf, len, ppos, rwtm->last_sig,
+ MOX_ECC_SIGNATURE_LEN);
rwtm->last_sig_done = false;
return ret;
@@ -366,8 +374,7 @@ static ssize_t do_sign_write(struct file *file, const char __user *buf,
loff_t dummy = 0;
ssize_t ret;
- /* the input is a SHA-512 hash, so exactly 64 bytes have to be read */
- if (len != 64)
+ if (len != SHA512_DIGEST_SIZE)
return -EINVAL;
/* if last result is not zero user has not read that information yet */
@@ -388,17 +395,18 @@ static ssize_t do_sign_write(struct file *file, const char __user *buf,
* 3. Address of the buffer where ECDSA signature value S shall be
* stored by the rWTM firmware.
*/
- memset(rwtm->buf, 0, 4);
- ret = simple_write_to_buffer(rwtm->buf + 4, 64, &dummy, buf, len);
+ memset(rwtm->buf, 0, sizeof(u32));
+ ret = simple_write_to_buffer(rwtm->buf + sizeof(u32),
+ SHA512_DIGEST_SIZE, &dummy, buf, len);
if (ret < 0)
goto unlock_mutex;
- be32_to_cpu_array(rwtm->buf, rwtm->buf, 17);
+ be32_to_cpu_array(rwtm->buf, rwtm->buf, MOX_ECC_NUMBER_WORDS);
msg.command = MBOX_CMD_SIGN;
msg.args[0] = 1;
msg.args[1] = rwtm->buf_phys;
- msg.args[2] = rwtm->buf_phys + 68;
- msg.args[3] = rwtm->buf_phys + 2 * 68;
+ msg.args[2] = rwtm->buf_phys + MOX_ECC_NUMBER_LEN;
+ msg.args[3] = rwtm->buf_phys + 2 * MOX_ECC_NUMBER_LEN;
ret = mbox_send_message(rwtm->mbox, &msg);
if (ret < 0)
goto unlock_mutex;
@@ -416,8 +424,10 @@ static ssize_t do_sign_write(struct file *file, const char __user *buf,
* computed by the rWTM firmware and convert their words from
* LE to BE.
*/
- memcpy(rwtm->last_sig, rwtm->buf + 68, 136);
- cpu_to_be32_array(rwtm->last_sig, rwtm->last_sig, 34);
+ memcpy(rwtm->last_sig, rwtm->buf + MOX_ECC_NUMBER_LEN,
+ MOX_ECC_SIGNATURE_LEN);
+ cpu_to_be32_array(rwtm->last_sig, rwtm->last_sig,
+ MOX_ECC_SIGNATURE_WORDS);
rwtm->last_sig_done = true;
mutex_unlock(&rwtm->busy);
--
2.44.2
next prev parent reply other threads:[~2024-06-13 16:11 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-13 16:10 [PATCH v2 00/17] Updates for turris-mox-rwtm driver Marek Behún
2024-06-13 16:10 ` [PATCH v2 01/17] firmware: turris-mox-rwtm: Do not complete if there are no waiters Marek Behún
2024-06-13 16:10 ` [PATCH v2 02/17] firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() Marek Behún
2024-06-13 16:10 ` [PATCH v2 03/17] firmware: turris-mox-rwtm: Use macro constant instead of hardcoded 4096 Marek Behún
2024-06-13 16:15 ` Ilpo Järvinen
2024-06-13 17:51 ` Andy Shevchenko
2024-06-14 5:44 ` Arnd Bergmann
2024-06-17 10:57 ` Marek Behún
2024-06-17 11:01 ` Andy Shevchenko
2024-06-13 16:10 ` [PATCH v2 04/17] firmware: turris-mox-rwtm: Use ETH_ALEN instead of hardcoded 6 Marek Behún
2024-06-13 16:10 ` [PATCH v2 05/17] firmware: turris-mox-rwtm: Use the boolean type where appropriate Marek Behún
2024-06-13 16:10 ` Marek Behún [this message]
2024-06-13 16:10 ` [PATCH v2 07/17] firmware: turris-mox-rwtm: Fix driver includes Marek Behún
2024-06-13 16:10 ` [PATCH v2 08/17] firmware: turris-mox-rwtm: Don't create own kobject type Marek Behún
2024-06-13 16:28 ` Ilpo Järvinen
2024-06-13 20:32 ` Andy Shevchenko
2024-06-14 5:58 ` Arnd Bergmann
2024-06-17 11:01 ` Marek Behún
2024-06-17 11:04 ` Marek Behún
2024-06-13 16:10 ` [PATCH v2 09/17] firmware: turris-mox-rwtm: Simplify debugfs code Marek Behún
2024-06-13 20:37 ` Andy Shevchenko
2024-06-17 11:10 ` Marek Behún
2024-06-13 16:10 ` [PATCH v2 10/17] firmware: turris-mox-rwtm: Convert rest to devm_* and get rid of driver .remove() Marek Behún
2024-06-13 20:39 ` Andy Shevchenko
2024-06-17 11:13 ` Marek Behún
2024-06-13 16:10 ` [PATCH v2 11/17] firmware: turris-mox-rwtm: Use dev_err_probe() where possible Marek Behún
2024-06-13 20:49 ` Andy Shevchenko
2024-06-17 11:14 ` Marek Behún
2024-06-17 12:26 ` Andy Shevchenko
2024-06-17 13:04 ` Marek Behún
2024-06-13 16:10 ` [PATCH v2 12/17] firmware: turris-mox-rwtm: Initialize completion before mailbox Marek Behún
2024-06-13 20:56 ` Andy Shevchenko
2024-06-13 16:10 ` [PATCH v2 13/17] firmware: turris-mox-rwtm: Drop redundant device pointer Marek Behún
2024-06-13 16:10 ` [PATCH v2 14/17] firmware: turris-mox-rwtm: Use devm_mutex_init() instead of mutex_init() Marek Behún
2024-06-13 16:10 ` [PATCH v2 15/17] firmware: turris-mox-rwtm: Use container_of() instead of hwrng .priv member Marek Behún
2024-06-13 16:10 ` [PATCH v2 16/17] firmware: turris-mox-rwtm: Use EOPNOTSUPP instead of ENOSYS Marek Behún
2024-06-13 16:10 ` [PATCH v2 17/17] firmware: turris-mox-rwtm: Deduplicate command execution code Marek Behún
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240613161045.29606-7-kabel@kernel.org \
--to=kabel@kernel.org \
--cc=andrew@lunn.ch \
--cc=andy@kernel.org \
--cc=arm@kernel.org \
--cc=arnd@arndb.de \
--cc=gregory.clement@bootlin.com \
--cc=hdegoede@redhat.com \
--cc=ilpo.jarvinen@linux.intel.com \
--cc=soc@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox