- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
-
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- Linux caam_blob driver support.
Linux caam_blob driver support.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Linux caam_blob driver support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi everyone!
I am interested in using the CAAM blob mechanism in my i.MX6 device to create general purpose BLOBs (not related to encrypted boot images).
I have been studying these documents:
1. AN12554: https://www.nxp.com/docs/en/application-note/AN12554.pdf
This references (in the source code kb_test.c) the /dev/kb device.
2. AN12838: https://www.nxp.com/docs/en/application-note/AN12838.pdf
This references /dev/caam_blob.
I got some demo files and openembedded layers from: https://source.codeaurora.org/external/imxsupport/imx_sec_apps/
I have a few questions:
1. What is the difference between /dev/kb and /dev/caam_blob? don't they both provide an interface to generate BLOBs using CAAM?
2. In the files that I got (imx_sec_apps), I can see that there is a patch to add CAAM BLOBs to the kernel. However this patch seems to be for the 4.19.35 kernel. I am building 5.4.39. My kernel does not seem to have the needed caam_blob driver files (no /drivers/crypto/caam/caam_keyblob.c, for example). what would be the best way to add caam blob support to my version of the kernel? do i need to manually do it and generate my own patch?
3. In the repo mentioned above, what is the difference between the two layers: meta-caam-pkc-sec and meta-imx-ecdsa-sec?
Any information that will help me explore caam blobs further would be appreciated!
Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If it helps, I am building branch 5.4.x+fslc from the community repository "https://github.com/Freescale/linux-fslc"
I noticed that someone updated the imx_sec_apps repo the other day. Fausto Chiatante added patches for BSP 5.4.24-2.1.0. I am aware that his patches are for the official BSP. but i thought I'd try applying them manually to my kernel and seeing what happens. (I also had to add the sm.h file to get it to compile). I am able to see the /dev/caam_blob.
I proceeded to build eckey.c manually (the test file tool in the same repository). and i created a keypair to test the blob mechanism (without cryptodev engine). and I attempted to use eckey to encapsulate my private key in a blob. the kernel crashed.
I am not surprised that this didn't work properly. but I am in need of some guidance here. How does one go about adding blob support to a version of the kernel that doesn't support it? What other drivers are needed (if any)?
Where should I look for patches for my version of the kernel to support this?
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Noorahmadshinwa,
Have you had much luck with this?
I'm also interested in this, and I'm also running on 5.4.x+fslc. I'm struggling to get the /dev/caam_blob. caam_blob_init in caamblob.c doesn't finish initialising because priv = dev_get_drvdata(ctrldev) is returning null. Do you remember seeing this issue?
Daniel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @danielberhe .
Sorry for the late reply, I missed the email notification.
Unfortunately I was not successful in porting the drivers to the community version. I did not try any further and ended up using an older official kernel version (4.19.someting) that some of the available imx_sec_apps drivers were compatible with.
Regarding that specific function return value I'm sorry but I don't remember dealing with it.
I don't now why the community kernel, or even the official one, do not have these drivers available by default.
I will get back to this issue again soon. If I am successful in porting the driver to the community branch, I will make a pull request to update it and will update this thread.
If you are ever successful with this, please update me here also.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No worries @noorahmadshinwa.
I ended up porting this driver to my 5.4.x+fslc kernel and it is working fine.
