[PATCH v6 4/4] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
Jarkko Sakkinen
jarkko at kernel.org
Sun Mar 20 21:02:03 UTC 2022
On Wed, Mar 16, 2022 at 05:43:35PM +0100, Ahmad Fatoum wrote:
> The Cryptographic Acceleration and Assurance Module (CAAM) is an IP core
> built into many newer i.MX and QorIQ SoCs by NXP.
>
> The CAAM does crypto acceleration, hardware number generation and
> has a blob mechanism for encapsulation/decapsulation of sensitive material.
>
> This blob mechanism depends on a device specific random 256-bit One Time
> Programmable Master Key that is fused in each SoC at manufacturing
> time. This key is unreadable and can only be used by the CAAM for AES
> encryption/decryption of user data.
>
> This makes it a suitable backend (source) for kernel trusted keys.
>
> Previous commits generalized trusted keys to support multiple backends
> and added an API to access the CAAM blob mechanism. Based on these,
> provide the necessary glue to use the CAAM for trusted keys.
>
> Reviewed-by: David Gstir <david at sigma-star.at>
> Reviewed-by: Pankaj Gupta <pankaj.gupta at nxp.com>
> Tested-By: Tim Harvey <tharvey at gateworks.com>
> Tested-by: Matthias Schiffer <matthias.schiffer at ew.tq-group.com>
> Tested-by: Pankaj Gupta <pankaj.gupta at nxp.com>
> Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
> ---
> v5 -> v6:
> - Rename caam_trusted_key_ops to trusted_key_caam_ops for symmetry
> with other trust sources (Pankaj)
> - collected Pankaj's Reviewed-by
> v4 -> v5:
> - Collected Reviewed-by's and Tested-by's
> - Changed modifier to SECURE_KEY for compatibility with linux-imx
> (Matthias)
> v3 -> v4:
> - Collected Acked-by's, Reviewed-by's and Tested-by
> v2 -> v3:
> - add MAINTAINERS entry
> v1 -> v2:
> - Extend trusted keys documentation for CAAM
>
> To: Jonathan Corbet <corbet at lwn.net>
> To: David Howells <dhowells at redhat.com>
> To: Jarkko Sakkinen <jarkko at kernel.org>
> To: James Bottomley <jejb at linux.ibm.com>
> To: Mimi Zohar <zohar at linux.ibm.com>
> Cc: James Morris <jmorris at namei.org>
> Cc: "Serge E. Hallyn" <serge at hallyn.com>
> Cc: "Horia Geantă" <horia.geanta at nxp.com>
> Cc: Aymen Sghaier <aymen.sghaier at nxp.com>
> Cc: Herbert Xu <herbert at gondor.apana.org.au>
> Cc: "David S. Miller" <davem at davemloft.net>
> Cc: Eric Biggers <ebiggers at kernel.org>
> Cc: Jan Luebbe <j.luebbe at pengutronix.de>
> Cc: David Gstir <david at sigma-star.at>
> Cc: Richard Weinberger <richard at nod.at>
> Cc: Franck LENORMAND <franck.lenormand at nxp.com>
> Cc: Matthias Schiffer <matthias.schiffer at ew.tq-group.com>
> Cc: Sumit Garg <sumit.garg at linaro.org>
> Cc: keyrings at vger.kernel.org
> Cc: linux-crypto at vger.kernel.org
> Cc: linux-doc at vger.kernel.org
> Cc: linux-integrity at vger.kernel.org
> Cc: linux-kernel at vger.kernel.org
> Cc: linux-security-module at vger.kernel.org
> ---
> .../admin-guide/kernel-parameters.txt | 1 +
> .../security/keys/trusted-encrypted.rst | 40 +++++++++-
> MAINTAINERS | 9 +++
> include/keys/trusted_caam.h | 11 +++
> security/keys/trusted-keys/Kconfig | 11 ++-
> security/keys/trusted-keys/Makefile | 2 +
> security/keys/trusted-keys/trusted_caam.c | 74 +++++++++++++++++++
> security/keys/trusted-keys/trusted_core.c | 6 +-
> 8 files changed, 151 insertions(+), 3 deletions(-)
> create mode 100644 include/keys/trusted_caam.h
> create mode 100644 security/keys/trusted-keys/trusted_caam.c
>
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 844c883ca9d8..9e7ef4c6585d 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -5875,6 +5875,7 @@
> sources:
> - "tpm"
> - "tee"
> + - "caam"
> If not specified then it defaults to iterating through
> the trust source list starting with TPM and assigns the
> first trust source as a backend which is initialized
> diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
> index 99cf34d7c025..ed60c48cb692 100644
> --- a/Documentation/security/keys/trusted-encrypted.rst
> +++ b/Documentation/security/keys/trusted-encrypted.rst
> @@ -35,6 +35,13 @@ safe.
> Rooted to Hardware Unique Key (HUK) which is generally burnt in on-chip
> fuses and is accessible to TEE only.
>
> + (3) CAAM (Cryptographic Acceleration and Assurance Module: IP on NXP SoCs)
> +
> + When High Assurance Boot (HAB) is enabled and the CAAM is in secure
> + mode, trust is rooted to the OTPMK, a never-disclosed 256-bit key
> + randomly generated and fused into each SoC at manufacturing time.
> + Otherwise, a common fixed test key is used instead.
> +
> * Execution isolation
>
> (1) TPM
> @@ -46,6 +53,10 @@ safe.
> Customizable set of operations running in isolated execution
> environment verified via Secure/Trusted boot process.
>
> + (3) CAAM
> +
> + Fixed set of operations running in isolated execution environment.
> +
> * Optional binding to platform integrity state
>
> (1) TPM
> @@ -63,6 +74,11 @@ safe.
> Relies on Secure/Trusted boot process for platform integrity. It can
> be extended with TEE based measured boot process.
>
> + (3) CAAM
> +
> + Relies on the High Assurance Boot (HAB) mechanism of NXP SoCs
> + for platform integrity.
> +
> * Interfaces and APIs
>
> (1) TPM
> @@ -74,10 +90,13 @@ safe.
> TEEs have well-documented, standardized client interface and APIs. For
> more details refer to ``Documentation/staging/tee.rst``.
>
> + (3) CAAM
> +
> + Interface is specific to silicon vendor.
>
> * Threat model
>
> - The strength and appropriateness of a particular TPM or TEE for a given
> + The strength and appropriateness of a particular trust source for a given
> purpose must be assessed when using them to protect security-relevant data.
>
>
> @@ -104,6 +123,12 @@ selected trust source:
> from platform specific hardware RNG or a software based Fortuna CSPRNG
> which can be seeded via multiple entropy sources.
>
> + * CAAM: Kernel RNG
> +
> + The normal kernel random number generator is used. To seed it from the
> + CAAM HWRNG, enable CRYPTO_DEV_FSL_CAAM_RNG_API and ensure the device
> + is probed.
> +
> Users may override this by specifying ``trusted.rng=kernel`` on the kernel
> command-line to override the used RNG with the kernel's random number pool.
>
> @@ -192,6 +217,19 @@ Usage::
> specific to TEE device implementation. The key length for new keys is always
> in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits).
>
> +Trusted Keys usage: CAAM
> +------------------------
> +
> +Usage::
> +
> + keyctl add trusted name "new keylen" ring
> + keyctl add trusted name "load hex_blob" ring
> + keyctl print keyid
> +
> +"keyctl print" returns an ASCII hex copy of the sealed key, which is in format
> +specific to CAAM device implementation. The key length for new keys is always
> +in bytes. Trusted Keys can be 32 - 128 bytes (256 - 1024 bits).
> +
> Encrypted Keys usage
> --------------------
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 05fd080b82f3..f13382a14967 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -10647,6 +10647,15 @@ S: Supported
> F: include/keys/trusted_tee.h
> F: security/keys/trusted-keys/trusted_tee.c
>
> +KEYS-TRUSTED-CAAM
> +M: Ahmad Fatoum <a.fatoum at pengutronix.de>
> +R: Pengutronix Kernel Team <kernel at pengutronix.de>
> +L: linux-integrity at vger.kernel.org
> +L: keyrings at vger.kernel.org
> +S: Maintained
> +F: include/keys/trusted_caam.h
> +F: security/keys/trusted-keys/trusted_caam.c
> +
> KEYS/KEYRINGS
> M: David Howells <dhowells at redhat.com>
> M: Jarkko Sakkinen <jarkko at kernel.org>
Documentation and MAINTAINERS updates must be separate patches.
BR, Jarkko
More information about the Linux-security-module-archive
mailing list