drivers: versal: ecc: Enable support for ECC curve NIST P256

For this to work, Versal PLM Firmware needs to be compiled with
XSECURE_ECC_SUPPORT_NIST_P256 defined. Like with
XSECURE_ECC_SUPPORT_NIST

drivers: versal: ecc: Enable support for ECC curve NIST P256

For this to work, Versal PLM Firmware needs to be compiled with
XSECURE_ECC_SUPPORT_NIST_P256 defined. Like with
XSECURE_ECC_SUPPORT_NIST_P521 to support NIST P521. Note that NIST P384 is
enabled by default in PLM Firmware.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>

show more ...

drivers: versal: nvm: Minor fix, use EFUSE_OFFCHIP_REVOCATION_ID_LEN consistently

Function versal_efuse_read_offchip_revoke_id() refers to the OffChip
Revocation eFUSEs, thus use the corresponding l

drivers: versal: nvm: Minor fix, use EFUSE_OFFCHIP_REVOCATION_ID_LEN consistently

Function versal_efuse_read_offchip_revoke_id() refers to the OffChip
Revocation eFUSEs, thus use the corresponding length definition.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: nvm: Really support PLM API id BBRAM_ZEROIZE

Function versal_bbram_zeroize() does call versal_nvm_write() with API id
0x510 (BBRAM_ZEROIZE).

Fixes: 55667e70aa4b ("drivers: versal:

drivers: versal: nvm: Really support PLM API id BBRAM_ZEROIZE

Function versal_bbram_zeroize() does call versal_nvm_write() with API id
0x510 (BBRAM_ZEROIZE).

Fixes: 55667e70aa4b ("drivers: versal: non volatile memory (eFuse and BBRAM)")
Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>

show more ...

drivers: versal: nvm: Minor fixes, headers and defines

- Deduplicate inclusion of drivers/versal_nvm.h inclusion.
- Use macro SHIFT_U32() as in other drivers for API id definitions.

Signed-off-by:

drivers: versal: nvm: Minor fixes, headers and defines

- Deduplicate inclusion of drivers/versal_nvm.h inclusion.
- Use macro SHIFT_U32() as in other drivers for API id definitions.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: trng: Fix seed life evaluation

User configuration specifies the number of generation operations to do per
seed, and the "elapsed" counter starts at 0.

Signed-off-by: Joachim Foerst

drivers: versal: trng: Fix seed life evaluation

User configuration specifies the number of generation operations to do per
seed, and the "elapsed" counter starts at 0.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: trng: Minor, cleanup includes

Various includes are simply not required, some theoretically missing.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Re

drivers: versal: trng: Minor, cleanup includes

Various includes are simply not required, some theoretically missing.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: trng: Fix, us early_init() instead of driver_init()

hw_get_random_bytes() can be called _before_ driver_init() functions have
been executed. This results in panic()ing since trng_hr

drivers: versal: trng: Fix, us early_init() instead of driver_init()

hw_get_random_bytes() can be called _before_ driver_init() functions have
been executed. This results in panic()ing since trng_hrng_mode_init() needs
to be executed before the first use.

Fixes: cc672e1f1ce0 ("drivers: versal: true random number generator")
Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>

show more ...

drivers: versal: puf: Minor, remove unneeded initialization of parameter data

In case of PUF registration all members of struct versal_puf_data are pure
outputs from xilpuf API id 0x0c01 (PUF_REGIST

drivers: versal: puf: Minor, remove unneeded initialization of parameter data

In case of PUF registration all members of struct versal_puf_data are pure
outputs from xilpuf API id 0x0c01 (PUF_REGISTRATION).

In case of PUF regeneration member efuse_syn_data of struct versal_puf_data
is irrelevant to xilpuf API id 0x0c02 (PUF_REGENERATION).

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: huk: Fix AES key source check

PLM Firmware XilSecure API id 0x050a (AES_OP_INIT) accepts AES key source
identifiers up to its internal definition: XSECURE_MAX_KEY_SOURCES - 1
[1,2].

drivers: versal: huk: Fix AES key source check

PLM Firmware XilSecure API id 0x050a (AES_OP_INIT) accepts AES key source
identifiers up to its internal definition: XSECURE_MAX_KEY_SOURCES - 1
[1,2]. This definition matches our enum symbol VERSAL_AES_USER_KEY_7 (and
their XSECURE_AES_USER_KEY_7 [3]).

Link: https://github.com/Xilinx/embeddedsw/blob/c0aed2eff7a30f307238ec853fa8fbc45dcabdda/lib/sw_services/xilsecure/src/server/core/aes/xsecure_aes.c#L1933 [1]
Link: https://github.com/Xilinx/embeddedsw/blob/45a18907084e77bb3a450a035d280130d7ff6e26/lib/sw_services/xilsecure/src/common/core/xsecure_core.h#L127 [2]
Link: https://github.com/Xilinx/embeddedsw/blob/45a18907084e77bb3a450a035d280130d7ff6e26/lib/sw_services/xilsecure/src/common/core/xsecure_core.h#L154 [3]
Fixes: cd0d1dd6b232 ("drivers: versal: hardware unique key")
Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>

show more ...

drivers: versal: trng: Restructure and update KAT as found in upstream driver v2024.2

The example of the upstream driver v2024.2 does an explicit re-seed
operation with a different seed after the in

drivers: versal: trng: Restructure and update KAT as found in upstream driver v2024.2

The example of the upstream driver v2024.2 does an explicit re-seed
operation with a different seed after the initial seeding and thus expects
a different output.

Furthermore this commit prepares for adding support for the 2nd version of
the TRNG IP Core found in Versal NET's PKI Accelerator by turning those
hard-coded byte sequences (e.g. seeds) into file scope variables to avoid
duplication.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: trng: Apply various fixes derived from upstream driver v2024.2

Derived changes:

- Fetch more random data (64 byte) for HRNG reseeding than actually need
for security reasons.

-

drivers: versal: trng: Apply various fixes derived from upstream driver v2024.2

Derived changes:

- Fetch more random data (64 byte) for HRNG reseeding than actually need
for security reasons.

- Proper seed length check in trng_reseed().

- Asserting PRNGMODE_GEN (TRNG_CTRL_PRNGMODE_MASK) next to
TRNG_CTRL_PRNGXS_MASK when generating.

- Do explicit reseeding on initialization in HRNG mode, only!

Extra changes:

- Output error message when seed life is over, in DRNG mode, instead of
rather silently failing.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: trng: Minor, add comments derived from upstream driver v2024.2

There may even be more explanatory comments.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics

drivers: versal: trng: Minor, add comments derived from upstream driver v2024.2

There may even be more explanatory comments.

Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: versal: Update API ids to v2024.1 and newer PLM firmware release, only

IMPORTANT: This commit breaks compatibility with pre-v2024.1 PLM firmware
releases!

Since PLM firmware rel

drivers: versal: Update API ids to v2024.1 and newer PLM firmware release, only

IMPORTANT: This commit breaks compatibility with pre-v2024.1 PLM firmware
releases!

Since PLM firmware release v2022.1 there have been multiple changes to the
PLM firmware, specifically the XilSecure API ids and a new KAT subsystem
API id. Since release v2024.1 the API id situation did not change anymore -
at least up to v2025.1.

In addition to the above changes, the following breaking changes regarding
RSA and PUF support should be highlighted here:

In PLM firmware release v2022.2 module XilSecure has been updated to pack
the RSA public exponent right after the modulus rather than at a fixed 512
bytes (RSA 4096 key size) offset. See PLM firmware commit [1] for v2022.2
and [2] for later versions.

Also in PLM firmware release v2022.2 [3], module XilPuf removed the 1st
member RegMode from structure XPuf_DataAddr and made 4k syndrome mode the
only support one.

Largely based on previous work by
Jeremie Corbier <jeremie.corbier@provenrun.com>.

Link: https://github.com/Xilinx/embeddedsw/commit/c2dd2ebac38e [1]
Link: https://github.com/Xilinx/embeddedsw/commit/5cd79b2891dc [2]
Link: https://github.com/Xilinx/embeddedsw/commit/943aa4479aad [3]
Signed-off-by: Joachim Foerster <joachim.foerster@missinglinkelectronics.com>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Tested-by: Nathan Menhorn <nathan.menhorn@amd.com>
Reviewed-by: Sean McGinn <sean.mcginn@amd.com>
Reviewed-by: Lucas Kiker <lucas.kiker@amd.com>
Reviewed-by: Sindhu Raveendra <Sindhu.Raveendra@amd.com>
Reviewed-by: Clemens Nasenberg <clemens.nasenberg@amd.com>
Reviewed-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

core: crypto_api: fix underflow in emsa_pkcs1_v1_5_encode()

Guard against an integer underflow in emsa_pkcs1_v1_5_encode() that can
occur when calculating the padding field in the EMA-PKCS1-v1_5 enc

core: crypto_api: fix underflow in emsa_pkcs1_v1_5_encode()

Guard against an integer underflow in emsa_pkcs1_v1_5_encode() that can
occur when calculating the padding field in the EMA-PKCS1-v1_5 encoding.

Fixes: f5a70e3efb80 ("drivers: crypto: generic resources for crypto device driver - RSA")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>

show more ...

crypto: asu: send hash address in request buffer for digest

Update driver to read digest from hash address sent to firmware
instead of response buffer

Fixes: 74ddb42edbe0 ("crypto: asu: Add crypto

crypto: asu: send hash address in request buffer for digest

Update driver to read digest from hash address sent to firmware
instead of response buffer

Fixes: 74ddb42edbe0 ("crypto: asu: Add crypto hash driver")
Signed-off-by: Harish Ediga <harish.ediga@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: asu: guard wfe() with IRQ-mask check and add response timeout

The wfe()-based response loop in asu_update_queue_buffer_n_send_ipi()
assumes THREAD_EXCP_NATIVE_INTR is clear at every call si

drivers: asu: guard wfe() with IRQ-mask check and add response timeout

The wfe()-based response loop in asu_update_queue_buffer_n_send_ipi()
assumes THREAD_EXCP_NATIVE_INTR is clear at every call site. This
does not hold during early boot: boot_init_primary_final() re-masks all
exceptions including THREAD_EXCP_NATIVE_INTR at boot.c:1103 before
calling thread_update_canaries() -> hw_get_random_bytes(). With
PSTATE.I=1 the GIC cannot deliver SPI 89 (ASU doorbell),
asu_resp_handler() never fires, sev() is never called, and wfe() blocks
indefinitely.

Fix the response loop with two changes:

1. Arm a 2s safety timeout unconditionally before the loop so ASU
firmware failures surface as TEE_ERROR_TARGET_DEAD rather than a
silent hang.

2. Sample thread_get_exceptions() immediately before each wfe() call
with no intervening code between the check and the instruction.
This closes the TOCTOU window where the exception mask could change
between a snapshot taken before the loop and the actual wfe().
- THREAD_EXCP_NATIVE_INTR clear (IRQs unmasked): wfe() yields the
CPU; asu_resp_handler() fires sev() to wake it on response.
- THREAD_EXCP_NATIVE_INTR set (IRQs masked): udelay(10) throttles
the busy-poll, avoiding both a wfe() hang and uncontrolled bus
hammering.

asu_resp_handler() retains its sev() call to support the wfe() path.

Fixes: 7f2d4e10736f ("drivers: amd: Add ASU support")
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: asu: fix command header length and race condition

- Updated asu_create_header() to pass command length in words
(sizeof(*cp)/sizeof(uint32_t)) instead of zero, to align with
ASUFW requir

crypto: asu: fix command header length and race condition

- Updated asu_create_header() to pass command length in words
(sizeof(*cp)/sizeof(uint32_t)) instead of zero, to align with
ASUFW requirements for proper command parsing.
- Multiple crypto drivers can submit request to shared buffer.
Make sure all queue parameters are update in spin_lock.

Fixes: 7f2d4e10736f ("drivers: amd: Add ASU support")
Signed-off-by: Harish Ediga <harish.ediga@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx: rngb: soft reset in case of errors

Soft reset the RNGB core before retrying, if errors are logged in the
ESR register.

The i.MX 6ULL Applications Processor Reference Manual states in

drivers: imx: rngb: soft reset in case of errors

Soft reset the RNGB core before retrying, if errors are logged in the
ESR register.

The i.MX 6ULL Applications Processor Reference Manual states in the
RNG_CR[MASKERR] field description about errors in ESR:

All errors are considered fatal, requiring the RNGB to be reset.
Until the reset occurs, the RNGB does not service any random data.

It was observed that issuing CMD[CE|CI] (Clear error / interrupt
command) did not clear the ESR[SATE] (Statistical test error) state
as expected. Issuing CMD[SR] (Software reset) instead, as suggested
by the reference manual, works.

Signed-off-by: Philipp Zabel <p.zabel@pengutronix.de>
Acked-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: imx: rngb: split irq_mask() from irq_clear()

Introduce irq_mask() as a counterpart to irq_unmask(), split from
irq_clear(). This way function names match what they do, and we
can replace ir

drivers: imx: rngb: split irq_mask() from irq_clear()

Introduce irq_mask() as a counterpart to irq_unmask(), split from
irq_clear(). This way function names match what they do, and we
can replace irq_clear() with a soft_reset() in the error case next.

Signed-off-by: Philipp Zabel <p.zabel@pengutronix.de>
Acked-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: imx: rngb: use explicit seed generation command

Follow the Linux and U-Boot drivers in using the explicit command
to trigger seed generation. Relying on auto-seeding didn't seem
to trigger

drivers: imx: rngb: use explicit seed generation command

Follow the Linux and U-Boot drivers in using the explicit command
to trigger seed generation. Relying on auto-seeding didn't seem
to trigger reseeding when the first try fails the statistics tests.

Only switch to continuous auto-reseeding after initialization
succeeded.

Signed-off-by: Philipp Zabel <p.zabel@pengutronix.de>
Acked-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>

show more ...

drivers: crypto: hisilicon: fix qp memory leak

Fix the null pointer access issue for hisilicon QM driver.

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-of

drivers: crypto: hisilicon: fix qp memory leak

Fix the null pointer access issue for hisilicon QM driver.

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-off-by: zhaozheng7 <zhaozheng96@outlook.com>
Acked-by: Zexi Yu <yuzexi@hisilicon.com>

show more ...

drivers: tzc380: add tzc_verify_region0_secure helper

Add a helper which verifies that region0 is only accessible by the
secure world.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Review

drivers: tzc380: add tzc_verify_region0_secure helper

Add a helper which verifies that region0 is only accessible by the
secure world.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: tzc380: add support to dump region0

Dumping region0 is interesting too since it may have a insecure sp
configuration applied by the previous running firmware.

Reviewed-by: Sahil Malhotra <

drivers: tzc380: add support to dump region0

Dumping region0 is interesting too since it may have a insecure sp
configuration applied by the previous running firmware.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Aksha

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: amd: Add ASU support

Add support for the AMD Application Security Unit (ASU), the on-chip
Hardware Security Module (HSM) for Versal Gen 2.
The ASU manages all device-level security services

drivers: amd: Add ASU support

Add support for the AMD Application Security Unit (ASU), the on-chip
Hardware Security Module (HSM) for Versal Gen 2.
The ASU manages all device-level security services for user
applications, extending beyond accelerator-centric tasks.
Its firmware also exposes several software-based cryptographic
primitives, including:
- Key transfer
- RSA authentication (multiple padding schemes)
- HMAC
- Key Derivation Function (KDF)
- Key wrap / unwrap

Co-developed-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...