AnsweredAssumed Answered

Using secure memory in crypto APIs

Question asked by Ethan Yang on Dec 1, 2016
Latest reply on Dec 1, 2016 by Yuri Muhin


In the CAAM sample code, it uses buffer allocated with kzalloc() when doing crypto calculation:

input = kzalloc(block_size, GFP_KERNEL | GFP_DMA);
memcpy(input, text, block_size);
sg_init_one(sg, input, block_size);
iv_len = crypto_ablkcipher_ivsize(tfm);
if (iv_len)
memset(&iv, 0xff, iv_len);
ablkcipher_request_set_crypt(req, sg, sg, block_size, iv);

Is is possible to use the memory from keystore to do the ciphering?

Something like:

  1. addr_dst = kspriv->slot_get_address(ksdev, unit, slot_dst);  
  2. sm_keystore_slot_alloc(ksdev, unit, size, &slot_dst);  


We need this when we're doing the key variant calculation.

We want the calculated result is located in the secure memory as it will be used as a cipher key.