| #
9f007225 |
| 12-Dec-2022 |
Patrick Delaunay <patrick.delaunay@foss.st.com> |
drivers: stm32_bsec: add support for bits property in the DT
Adds the possibility to specify the number of managed bit in the NVMEM
cell device tree description, using the optional bits property
and
drivers: stm32_bsec: add support for bits property in the DT
Adds the possibility to specify the number of managed bit in the NVMEM
cell device tree description, using the optional bits property
and removes restriction on aligned NVMEM cell on 32-bit word by supporting
bit offset in stm32_bsec_find_otp_in_nvmem_layout().
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
show more ...
|
| #
b0946e1d |
| 09-Mar-2023 |
Thomas BOURGOIN <thomas.bourgoin@foss.st.com> |
drivers: stm32mp15_huk: use DT HUK NVMEM layout API
Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().
Signed-off-b
drivers: stm32mp15_huk: use DT HUK NVMEM layout API
Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().
Signed-off-by: Thomas BOURGOIN <thomas.bourgoin@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
10fb0d97 |
| 12-Dec-2022 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
drivers: stm32_bsec: use DT NVMEM layout API
Uses OTP definition in the device tree, by using the function
stm32_bsec_find_otp_in_nvmem_layout() and removes the
hardcoded OTP index in platform confi
drivers: stm32_bsec: use DT NVMEM layout API
Uses OTP definition in the device tree, by using the function
stm32_bsec_find_otp_in_nvmem_layout() and removes the
hardcoded OTP index in platform config.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
7cb0cbba |
| 06-Jan-2023 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
drivers: stm32mp15_huk: fix use of stm32mp_is_closed_device()
This function is no more defined because it was superseded by BSEC
driver API function stm32_bsec_get_state().
Implements use of the ne
drivers: stm32mp15_huk: fix use of stm32mp_is_closed_device()
This function is no more defined because it was superseded by BSEC
driver API function stm32_bsec_get_state().
Implements use of the new API.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
a833cb74 |
| 21-Oct-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
drivers: stm32mp15_huk: default to fuse key without derivation
Introduces 2 configuration switches for defining how stm32mp15 HUK
is generated from fuses. Both are exclusive. One of them must be set
drivers: stm32mp15_huk: default to fuse key without derivation
Introduces 2 configuration switches for defining how stm32mp15 HUK
is generated from fuses. Both are exclusive. One of them must be set
when CFG_STM32MP15_HUK is enable.
When CFG_STM32MP15_HUK_BSEC_KEY is enabled, HUK is HUK fuses raw content.
When CFG_STM32MP15_HUK_BSEC_DERIVE_UID is enabled, HUK is the derivation
of HUK fuses content derived with device UID fuses content.
The platform default enables CFG_STM32MP15_HUK_BSEC_KEY when
CFG_STM32MP15_HUK is enable.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
7e203c67 |
| 27-Sep-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
core: drivers: stm32mp15 Hardware Unique Key driver
Generate a secret Hardware Unique Key from BSEC OTPs.
The algorithm used simplifies the device provisioning phase because
it does not require a u
core: drivers: stm32mp15 Hardware Unique Key driver
Generate a secret Hardware Unique Key from BSEC OTPs.
The algorithm used simplifies the device provisioning phase because
it does not require a unique per device secret to be fused: just a key
common to all devices.
The algorithm uses a 128 bit symmetric key stored as four 32 bit words
read from OTP fuses.
The HUK is calculated by AES-GCM encrypting the device UID (96 bits).
Since the UID is persistent - and so should be the key - the NONCE can
be reused and hold any value.
The OTP values must be secrets but don't need to be unique per-device.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|