[meta-freescale] [meta-fsl-ppc][PATCH 4/9] cryptodev: disable RSA_KEYGEN if pkc-host installed
ting.liu at freescale.com
ting.liu at freescale.com
Wed Jan 7 01:55:02 PST 2015
From: Cristian Stoica <cristian.stoica at freescale.com>
Currently pkc-host does not support RSA_KEYGEN. When pkc-host
installed, RSA keygen operations should be avoided.
Introduce DISTRO_FEATURE "c29x_pkc". To install pkc-host, this
feature should be enabled. Then cryptodev checks it to disable
RSA_KEYGEN.
this can be done in conf/local.conf:
DISTRO_FEATURES_append = " c29x_pkc"
Signed-off-by: Cristian Stoica <cristian.stoica at freescale.com>
---
.../0001-don-t-advertise-RSA-keygen.patch | 32 ++++++++++++++++++++++
.../cryptodev/cryptodev-module_1.6.bbappend | 4 +++
recipes-kernel/pkc-host/pkc-host_git.bb | 5 ++++
3 files changed, 41 insertions(+)
create mode 100644 recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch
diff --git a/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch b/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch
new file mode 100644
index 0000000..3d7c608
--- /dev/null
+++ b/recipes-kernel/cryptodev/cryptodev-fsl/0001-don-t-advertise-RSA-keygen.patch
@@ -0,0 +1,32 @@
+From b6e2a3747e3cffdf3cc515b0ce35d6bcdcb051c5 Mon Sep 17 00:00:00 2001
+From: Cristian Stoica <cristian.stoica at freescale.com>
+Date: Tue, 9 Dec 2014 16:41:25 +0200
+Subject: [PATCH] don't advertise RSA keygen
+
+This is supposed to avoid RSA keygen operations when they are not
+available. Since no testing can be done, the patch should be applied
+selectively (for example when offloading through pkc driver on C293)
+
+Change-Id: I60765f46fd7a39053d42e075d2ec71b032b2ed8a
+Signed-off-by: Cristian Stoica <cristian.stoica at freescale.com>
+---
+ ioctl.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/ioctl.c b/ioctl.c
+index e907167..3239093 100644
+--- a/ioctl.c
++++ b/ioctl.c
+@@ -961,8 +961,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_)
+ case CIOCASYMFEAT:
+ return put_user(CRF_MOD_EXP_CRT | CRF_MOD_EXP | CRF_DSA_SIGN |
+ CRF_DSA_VERIFY | CRF_DH_COMPUTE_KEY |
+- CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY |
+- CRF_RSA_GENERATE_KEY, p);
++ CRF_DSA_GENERATE_KEY | CRF_DH_GENERATE_KEY, p);
+ case CRIOGET:
+ fd = clonefd(filp);
+ ret = put_user(fd, p);
+--
+2.2.0
+
diff --git a/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend b/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
index 345a09d..2bf012c 100644
--- a/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
+++ b/recipes-kernel/cryptodev/cryptodev-module_1.6.bbappend
@@ -6,3 +6,7 @@ do_install_append_qoriq-ppc () {
rm -fr ${D}/usr
}
+# Currently pkc-host does not support RSA_KEYGEN, remove this
+# if it is fixed.
+SRC_URI_append_qoriq-ppc = "${@base_contains('DISTRO_FEATURES', 'c29x_pkc', ' file://0001-don-t-advertise-RSA-keygen.patch', '', d)}"
+
diff --git a/recipes-kernel/pkc-host/pkc-host_git.bb b/recipes-kernel/pkc-host/pkc-host_git.bb
index 2e579c1..2d5e316 100644
--- a/recipes-kernel/pkc-host/pkc-host_git.bb
+++ b/recipes-kernel/pkc-host/pkc-host_git.bb
@@ -4,6 +4,11 @@ LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://Makefile;endline=30;md5=6a26ed8e76a8ea2e019c525369ed0f03"
inherit module qoriq_build_64bit_kernel
+RDEPENDS_${PN} += "cryptodev-module"
+
+# Currently pkc-host does not support RSA_KEYGEN, remove this
+# if it is fixed.
+REQUIRED_DISTRO_FEATURES = "c29x_pkc"
SRC_URI = "git://git.freescale.com/ppc/sdk/pkc-host.git;nobranch=1"
SRCREV = "cae512c94e2a26cc6b0d6393d307cdea2d7282c9"
--
1.9.1
More information about the meta-freescale
mailing list