Hello @nxp,
I want to use security CAAM module in Android 13. I have checked the documents related CAAM module but all doc. showing Yocto Linux Application (eg. kb_test) for testing caam module.
I have already probed CAAM module in imx8mp EVK. now at kernel layer means on debugg uart how i will perform encryption and decryption and verify that my caam is working at kernel layer.
any test utility is there or we need to add any external utility for that?
Thanks,
Aditya
Hi @Adi99,
Hi @Dhruvit ,
I have checked that section :
there is no any file is available - "${MY_TRUSTY}/trusty/device/nxp/imx8/project"
I have enable the caam in Kernel. from uboot side any configration required for caam bringup?
in kernel side: I am facing one issue....can you check ?
Kerel Log:
****************************************************************************************************
[ 9.702376][ T259] caam 30900000.crypto: device ID = 0x0a16040100000100 (Era 9)
[ 9.709864][ T259] caam 30900000.crypto: job rings = 2, qi = 0
[ 9.889010][ T259] caam algorithms registered in /proc/crypto
[ 9.896368][ T259] caam 30900000.crypto: caam pkc algorithms registered in /proc/crypto
[ 9.904780][ T259] caam 30900000.crypto: rng crypto API alg registered prng-caam
[ 9.912341][ T259] caam 30900000.crypto: ***registering rng-caam***********
[ 9.920089][ T259] testing without waiting
[ 9.924351][ T259] caam 30900000.crypto: wanted 32 bytes, got 0
[ 9.930409][ T259] caam 30900000.crypto: wanted 64 bytes, got 0
[ 9.936486][ T259] caam 30900000.crypto: wanted 128 bytes, got 0
[ 9.942605][ T259] testing with waiting
[ 9.956979][ T259] caam 30900000.crypto: wanted 32 bytes, got 16
[ 9.969343][ T259] caam 30900000.crypto: wanted 64 bytes, got 16
[ 9.981740][ T259] caam 30900000.crypto: wanted 128 bytes, got 16
[ 9.988820][ T259] Device caam-keygen registered
[ 10.084140][ T259] generate_black_key input: [key: (1) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.093507][ T259] caam_jr 30903000.jr: black key of size: 1, type: 1 returned -22
[ 10.140368][ T259] generate_black_key input: [key: (2) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.149538][ T259] caam_jr 30903000.jr: black key of size: 2, type: 1 returned -22
[ 10.196115][ T259] generate_black_key input: [key: (3) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.205268][ T259] caam_jr 30903000.jr: black key of size: 3, type: 1 returned -22
[ 10.251778][ T259] generate_black_key input: [key: (4) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.260930][ T259] caam_jr 30903000.jr: black key of size: 4, type: 1 returned -22
[ 10.307439][ T259] generate_black_key input: [key: (5) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.316589][ T259] caam_jr 30903000.jr: black key of size: 5, type: 1 returned -22
[ 10.363095][ T259] generate_black_key input: [key: (6) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.372243][ T259] caam_jr 30903000.jr: black key of size: 6, type: 1 returned -22
[ 10.418744][ T259] generate_black_key input: [key: (7) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.427893][ T259] caam_jr 30903000.jr: black key of size: 7, type: 1 returned -22
[ 10.474397][ T259] generate_black_key input: [key: (8) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.483551][ T259] caam_jr 30903000.jr: black key of size: 8, type: 1 returned -22
[ 10.530047][ T259] generate_black_key input: [key: (9) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.539196][ T259] caam_jr 30903000.jr: black key of size: 9, type: 1 returned -22
[ 10.585703][ T259] generate_black_key input: [key: (10) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.594943][ T259] caam_jr 30903000.jr: black key of size: 10, type: 1 returned -22
[ 10.632767][ T259] generate_black_key input: [key: (10) black_key: 000000008e44bc10(10), key_enc: 0]
[ 10.642045][ T259] caam_jr 30903000.jr: black key of size: 10, type: 1 returned -22
[ 10.650330][ T259] *******^^^^ Nb errors: 12
[ 10.654838][ T259] do_init_module: 'caamkeyblob_test'->init suspiciously returned 12, it should follow 0/-E convention
[ 10.654838][ T259] do_init_module: loading module anyway...
[ 10.671337][ T259] CPU: 2 PID: 259 Comm: modprobe Tainted: G C OE 5.15.74-android13-8-00004-gdd7483ef9e6b-dirty #1
[ 10.682839][ T259] Hardware name: NXP i.MX8MPlus EVK board (DT)
[ 10.688854][ T259] Call trace:
[ 10.692001][ T259] dump_backtrace.cfi_jt+0x0/0x8
[ 10.696808][ T259] dump_stack_lvl+0x80/0xb8
[ 10.701181][ T259] do_init_module+0x3e8/0x67c
[ 10.705726][ T259] load_module+0x14d8/0x17dc
[ 10.710183][ T259] __arm64_sys_finit_module+0x18c/0x1a0
[ 10.715591][ T259] invoke_syscall+0x60/0x150
[ 10.720048][ T259] el0_svc_common+0xb8/0xf8
[ 10.724415][ T259] do_el0_svc+0x28/0xa0
[ 10.728436][ T259] el0_svc+0x24/0x84
[ 10.732199][ T259] el0t_64_sync_handler+0x88/0xec
[ 10.737090][ T259] el0t_64_sync+0x1b4/0x1b8
[ 10.748233][ T259] platform caam_sm: blkkey_ex: 2 keystore units available
[ 10.756758][ T259] caam 30900000.crypto: SM test passed
[ 10.795141][ T259] caam-snvs 30370000.caam-snvs: violation handlers armed - non-secure state
******************************************************************************************************
defconfig:
CONFIG_CRYPTO=y
CONFIG_CRYPTO_HW=y
CONFIG_CRYPTO_ENGINE=y
CONFIG_CRYPTO_DEV_FSL_CAAM_COMMON=y
CONFIG_CRYPTO_DEV_FSL_CAAM=m
CONFIG_CRYPTO_DEV_FSL_CAAM_JR=m
CONFIG_CRYPTO_DEV_FSL_CAAM_RINGSIZE=9
CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_AHASH_API_DESC=m
CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC=m
CONFIG_CRYPTO_DEV_FSL_CAAM_KEYBLOB_API_DESC=m
CONFIG_CRYPTO_DEV_FSL_CAAM_JR_UIO=m
CONFIG_FSL_MC_DPIO=y
CONFIG_NETDEVICES=y
CONFIG_CRYPTO_DEV_FSL_CAAM_AHASH_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_PKC_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_PRNG_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_TEST=y
CONFIG_CRYPTO_DEV_FSL_CAAM_TK_API=y
CONFIG_CRYPTO_DEV_FSL_CAAM_TK_API_TEST=m
CONFIG_CRYPTO_DEV_FSL_CAAM_SM=y
CONFIG_CRYPTO_DEV_FSL_CAAM_SM_SLOTSIZE=7
CONFIG_CRYPTO_DEV_FSL_CAAM_SM_TEST=m
CONFIG_CRYPTO_DEV_FSL_CAAM_SECVIO=m
CONFIG_CRYPTO_DEV_FSL_CAAM_DEBUG=y
CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=n
Let me know if any dependecy is missing?
Hi @Adi99,
Hi @Dhruvit ,
kernel log : cat /proc/crypto >> its works perfectly.
from boot loader i have enabled the driver but still same error is getting.
> how we can run caam keyblob self test file without any crash?
waiting for your reply.
Thanks
Hi @Adi99
> how we can run caam keyblob self test file without any crash?