[ARM/tegra] aes: Disable read access to key slots.

To prevent unauthorized access to keys loaded into
key slots in AES engines, disabling read access to
all key slots.

Bug 649783: AES driver must disable read access to keys in all key slots

Change-Id: Id5cd8a059b9b6cef76e4e1817748f84825636d97
Reviewed-on: http://git-master/r/2553
Tested-by: Mallikarjun Kasoju <mkasoju@nvidia.com>
Reviewed-by: Gary King <gking@nvidia.com>

5 files changed, 102 insertions, 5 deletions

diff --git a/arch/arm/mach-tegra/nvddk/nvddk_aes.c b/arch/arm/mach-tegra/nvddk/nvddk_aes.c
index de80631e9c82..c3f83ca9dfee 100755..100644
--- a/arch/arm/mach-tegra/nvddk/nvddk_aes.c
+++ b/arch/arm/mach-tegra/nvddk/nvddk_aes.c
@@ -1740,11 +1740,16 @@ NvError AesCoreInitEngine(const NvRmDeviceHandle hRmDevice)
         pAesHwCtxt->ppEngineCaps[0]->pAesInterf->AesHwGetUsedSlots(gs_pAesCoreEngine);
     }
 
-    // Get the Iv read permissions
     for (Engine = AesHwEngine_A; Engine < AesHwEngine_Num; Engine++)
     {
         NVDDK_AES_CHECK_INTERFACE(pAesHwCtxt, Engine);
         NVDDK_AES_CHECK_INTERFACE_FUNC(pAesHwCtxt, Engine, GetIvReadPermissions);
+        pAesHwCtxt->ppEngineCaps[Engine]->pAesInterf->AesHwDisableAllKeyRead(
+            pAesHwCtxt,
+            Engine,
+            pAesHwCtxt->ppEngineCaps[Engine]->NumSlotsSupported);
+
+        // Get the Iv read permissions
         pAesHwCtxt->ppEngineCaps[Engine]->pAesInterf->AesHwGetIvReadPermissions(Engine, pAesHwCtxt);
     }
 
diff --git a/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.c b/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.c
index 1e24deb90c2e..1766910013e5 100644
--- a/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.c
+++ b/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.c
@@ -93,15 +93,27 @@
 #define SECURE_DRF_NUM(engine, reg, field, num) \
     NV_DRF_NUM(ARVDE_BSEV, reg, field, num) \
 
-#define SECURE_INDEXED_REGR(engine, viraddr, reg, index,value) \
+#define SECURE_INDEXED_REGR(engine, viraddr, index, value) \
 { \
     if (AesHwEngine_A == engine) \
     { \
-        (value) = NV_READ32((NvU32)(viraddr) + (ARVDE_BSEV_##reg##_##0) + index * 4); \
+        (value) = NV_READ32((NvU32)(viraddr) + ARVDE_BSEV_SECURE_SEC_SEL0_0 + ((index) * 4)); \
     } \
     else if (AesHwEngine_B == engine) \
     { \
-        (value) = NV_READ32((NvU32)(viraddr) + (AVPBSEA_##reg##_##0) + index * 4 ); \
+        (value) = NV_READ32((NvU32)(viraddr) + AVPBSEA_SECURE_SEC_SEL0_0 + ((index) * 4)); \
+    } \
+}
+
+#define SECURE_INDEXED_REGW(engine, viraddr, index, value) \
+{ \
+    if (AesHwEngine_A == engine) \
+    { \
+        NV_WRITE32((NvU32)(viraddr) + (ARVDE_BSEV_SECURE_SEC_SEL0_0 + ((index) * 4)), (value)); \
+    } \
+    else if (AesHwEngine_B == engine) \
+    { \
+        NV_WRITE32((NvU32)(viraddr) + (AVPBSEA_SECURE_SEC_SEL0_0 + ((index) * 4)), (value)); \
     } \
 }
 
@@ -611,7 +623,19 @@ NvAesCoreAp20GetIvReadPermissions(
 
     for (KeySlot = AesHwKeySlot_0; KeySlot < AesHwKeySlot_NumExt; KeySlot++)
     {
-        SECURE_INDEXED_REGR(Engine, pEngineVirAddr, SECURE_SEC_SEL0, KeySlot,RegValue);
+        SECURE_INDEXED_REGR(Engine, pEngineVirAddr, KeySlot, RegValue);
         SECURE_DRF_READ_VAL(Engine, SECURE_SEC_SEL0, IVREAD_ENB0, RegValue, pReadPermissions[KeySlot]);
     }
 }
+
+void NvAesCoreAp20KeyReadDisable(
+    const AesHwEngine Engine,
+    const AesHwKeySlot Slot,
+    const NvU32 *const pEngineVirAddr)
+{
+    NvU32 RegValue = 0;
+
+    SECURE_INDEXED_REGR(Engine, pEngineVirAddr, Slot, RegValue);
+    RegValue = NV_FLD_SET_DRF_NUM(ARVDE_BSEV, SECURE_SEC_SEL0, KEYREAD_ENB0, 0, RegValue);
+    SECURE_INDEXED_REGW(Engine, pEngineVirAddr, Slot, RegValue);
+}
diff --git a/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.h b/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.h
index 3840efd41bed..3449ad1141e1 100644
--- a/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.h
+++ b/arch/arm/mach-tegra/nvddk/nvddk_aes_core_ap20.h
@@ -222,6 +222,22 @@ NvAesCoreAp20GetIvReadPermissions(
     const NvU32 *const pEngineVirAddr,
     NvBool *const pReadPermissions);
 
+/**
+ * Disables read access to the given key slot
+ *
+ * @param Engine AES engine for which read access needs to be disabled
+ *               for the given key slot
+ * @param Slot Key slot number for which read access needs to be disabled.
+ * @param pEngineVirAddr AES engine virtual address.
+ *
+ * @retval None
+ */
+void
+NvAesCoreAp20KeyReadDisable(
+    const AesHwEngine Engine,
+    const AesHwKeySlot Slot,
+    const NvU32 *const pEngineVirAddr);
+
 #ifdef __cplusplus
 };
 #endif
diff --git a/arch/arm/mach-tegra/nvddk/nvddk_aes_intf_ap20.c b/arch/arm/mach-tegra/nvddk/nvddk_aes_intf_ap20.c
index 2e86e6e0ae27..49e903ba88b7 100644
--- a/arch/arm/mach-tegra/nvddk/nvddk_aes_intf_ap20.c
+++ b/arch/arm/mach-tegra/nvddk/nvddk_aes_intf_ap20.c
@@ -118,6 +118,11 @@ Ap20AesHwSetIv(
     const AesHwKeySlot Slot,
     const AesHwIv *const pIv,
     AesHwContext *const pAesHwCtxt);
+static void
+Ap20AesHwDisableAllKeyRead(
+    const AesHwContext *const pAesHwCtxt,
+    const AesHwEngine Engine,
+    const AesHwKeySlot NumSlotsSupported);
 
 /**
  * Set the Setup Table command required for the AES engine.
@@ -304,6 +309,9 @@ Ap20AesHwSetKeyAndIv(
     // Wait till engine becomes IDLE
     NvAesCoreAp20WaitTillEngineIdle(Engine, pAesHwCtxt->pVirAdr[Engine]);
 
+    // Disable read access to the key slot
+    NvAesCoreAp20KeyReadDisable(Engine, Slot, pAesHwCtxt->pVirAdr[Engine]);
+
     NvAesCoreAp20ControlKeyScheduleGeneration(Engine, pAesHwCtxt->pVirAdr[Engine], NV_TRUE);
 
     Ap20AesHwSelectKeyIvSlot(Engine, Slot, pAesHwCtxt);
@@ -681,6 +689,35 @@ void Ap20AesHwGetIvReadPermissions(const AesHwEngine Engine, AesHwContext *const
     NvOsMutexUnlock(pAesHwCtxt->Mutex[Engine]);
 }
 
+/**
+ * Disables read access to all key slots for the given engine.
+ *
+ * @param pAesHwCtxt Pointer to the AES H/W context
+ * @param Engine AES engine for which key reads needs to be disabled
+ * @param NumSlotsSupported Number of key slots supported in the engine
+ *
+ * @retval None
+ */
+void
+Ap20AesHwDisableAllKeyRead(
+    const AesHwContext *const pAesHwCtxt,
+    const AesHwEngine Engine,
+    const AesHwKeySlot NumSlotsSupported)
+{
+    AesHwKeySlot Slot;
+    NV_ASSERT(pAesHwCtxt);
+
+    NvOsMutexLock(pAesHwCtxt->Mutex[Engine]);
+    NvAesCoreAp20WaitTillEngineIdle(Engine, pAesHwCtxt->pVirAdr[Engine]);
+
+    // Disable read access to key slots
+    for(Slot = AesHwKeySlot_0; Slot < NumSlotsSupported; Slot++)
+    {
+        NvAesCoreAp20KeyReadDisable(Engine, Slot, pAesHwCtxt->pVirAdr[Engine]);
+    }
+    NvOsMutexUnlock(pAesHwCtxt->Mutex[Engine]);
+}
+
 void NvAesIntfAp20GetHwInterface(AesHwInterface *const pAp20AesHw)
 {
     NV_ASSERT(pAp20AesHw);
@@ -698,4 +735,5 @@ void NvAesIntfAp20GetHwInterface(AesHwInterface *const pAp20AesHw)
     pAp20AesHw->AesHwGetUsedSlots = Ap20AesHwGetUsedSlots;
     pAp20AesHw->AesHwIsEngineDisabled = Ap20AesHwIsEngineDisabled;
     pAp20AesHw->AesHwGetIvReadPermissions = Ap20AesHwGetIvReadPermissions;
+    pAp20AesHw->AesHwDisableAllKeyRead = Ap20AesHwDisableAllKeyRead;
 }
diff --git a/arch/arm/mach-tegra/nvddk/nvddk_aes_priv.h b/arch/arm/mach-tegra/nvddk/nvddk_aes_priv.h
index bebbebe1900d..ab7a5234e72d 100644
--- a/arch/arm/mach-tegra/nvddk/nvddk_aes_priv.h
+++ b/arch/arm/mach-tegra/nvddk/nvddk_aes_priv.h
@@ -386,6 +386,20 @@ struct AesHwInterfaceRec
      * @retval None.
      */
     void (*AesHwGetIvReadPermissions)(const AesHwEngine Engine, AesHwContext *const pAesHwCtxt);
+
+    /**
+     * Disables read access to all key slots for the given engine.
+     *
+     * @param pAesHwCtxt Pointer to the AES H/W context
+     * @param Engine AES engine for which key reads needs to be disabled
+     * @param NumSlotsSupported Number of key slots supported in the engine
+     *
+     * @retval None
+     */
+    void (*AesHwDisableAllKeyRead)(
+        const AesHwContext *const pAesHwCtxt,
+        const AesHwEngine Engine,
+        const AesHwKeySlot NumSlotsSupported);
 };
 
 // AES client state: this structure is common to all clients