crypto: ccree - add function to handle cryptocell tee fips error
authorOfir Drang <ofir.drang@arm.com>
Thu, 18 Apr 2019 13:39:09 +0000 (16:39 +0300)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 25 Apr 2019 07:38:16 +0000 (15:38 +0800)
Adds function that checks if cryptocell tee fips error occurred
and in such case triggers system error through kernel panic.
Change fips function to use this new routine.

Signed-off-by: Ofir Drang <ofir.drang@arm.com>
Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: stable@vger.kernel.org # v4.19+
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/ccree/cc_fips.c
drivers/crypto/ccree/cc_fips.h

index 4a67248f5625b4e128c79ec4d1cf178730d81736..5ad3ffb7acaa8973a9f9fcc09c87c6eb8878f339 100644 (file)
@@ -70,20 +70,28 @@ static inline void tee_fips_error(struct device *dev)
                dev_err(dev, "TEE reported error!\n");
 }
 
+/*
+ * This function check if cryptocell tee fips error occurred
+ * and in such case triggers system error
+ */
+void cc_tee_handle_fips_error(struct cc_drvdata *p_drvdata)
+{
+       struct device *dev = drvdata_to_dev(p_drvdata);
+
+       if (!cc_get_tee_fips_status(p_drvdata))
+               tee_fips_error(dev);
+}
+
 /* Deferred service handler, run as interrupt-fired tasklet */
 static void fips_dsr(unsigned long devarg)
 {
        struct cc_drvdata *drvdata = (struct cc_drvdata *)devarg;
-       struct device *dev = drvdata_to_dev(drvdata);
-       u32 irq, state, val;
+       u32 irq, val;
 
        irq = (drvdata->irq & (CC_GPR0_IRQ_MASK));
 
        if (irq) {
-               state = cc_ioread(drvdata, CC_REG(GPR_HOST));
-
-               if (state != (CC_FIPS_SYNC_TEE_STATUS | CC_FIPS_SYNC_MODULE_OK))
-                       tee_fips_error(dev);
+               cc_tee_handle_fips_error(drvdata);
        }
 
        /* after verifing that there is nothing to do,
@@ -111,8 +119,7 @@ int cc_fips_init(struct cc_drvdata *p_drvdata)
        dev_dbg(dev, "Initializing fips tasklet\n");
        tasklet_init(&fips_h->tasklet, fips_dsr, (unsigned long)p_drvdata);
 
-       if (!cc_get_tee_fips_status(p_drvdata))
-               tee_fips_error(dev);
+       cc_tee_handle_fips_error(p_drvdata);
 
        return 0;
 }
index 2c287faf10ff1a2d7f277d6f4a302e035353a386..fc33eeb4d5669622ddb486e4ec3c394d6c173f7e 100644 (file)
@@ -18,6 +18,7 @@ int cc_fips_init(struct cc_drvdata *p_drvdata);
 void cc_fips_fini(struct cc_drvdata *drvdata);
 void fips_handler(struct cc_drvdata *drvdata);
 void cc_set_ree_fips_status(struct cc_drvdata *drvdata, bool ok);
+void cc_tee_handle_fips_error(struct cc_drvdata *p_drvdata);
 
 #else  /* CONFIG_CRYPTO_FIPS */
 
@@ -30,6 +31,7 @@ static inline void cc_fips_fini(struct cc_drvdata *drvdata) {}
 static inline void cc_set_ree_fips_status(struct cc_drvdata *drvdata,
                                          bool ok) {}
 static inline void fips_handler(struct cc_drvdata *drvdata) {}
+static inline void cc_tee_handle_fips_error(struct cc_drvdata *p_drvdata) {}
 
 #endif /* CONFIG_CRYPTO_FIPS */