summaryrefslogtreecommitdiffstats
path: root/drivers/firmware/turris-mox-rwtm.c
Commit message (Collapse)AuthorAgeFilesLines
* firmware: turris-mox-rwtm: support ECDSA signatures via debugfsMarek Behún2020-07-181-0/+166
| | | | | | | | | | | | | | | | | | | | | | The firmware on Turris MOX secure processor offers signing messages with ECDSA private key stored in protected OTP memory. The optimal solution would be to register an akcipher provider via kernel's crypto API, but crypto API does not yet support accessing akcipher API from userspace (and probably won't for some time, see https://www.spinics.net/lists/linux-crypto/msg38388.html). At first I tried to put this via standard sysfs API, but the way I designed it is not compatible with sysfs's standard "one file per attribute". This patch therefore adds support for accessing this signature generation mechanism via debugfs. Since CZ.NIC's Turris MOX is the only user of this module, the potential future change to akcipher API should not cause problems, since we can just change our userspace software then. Signed-off-by: Marek Behún <marek.behun@nic.cz> Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
* firmware: turris-mox-rwtm: small white space cleanupDan Carpenter2020-01-081-1/+1
| | | | | | | | | | This patch deletes a stray tab. Cc: Gregory CLEMENT <gregory.clement@bootlin.com> Cc: Colin King <colin.king@canonical.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Marek Behún <marek.behun@nic.cz> Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
* firmware: Add Turris Mox rWTM firmware driverMarek Behún2019-09-041-0/+384
This adds a driver to communicate with the firmware running on the secure processor of the Turris Mox router, enabling the kernel to retrieve true random numbers from the Entropy Bit Generator and to read some information burned into eFuses when device was manufactured: and to sign messages with the ECDSA private key burned into each Turris Mox device when manufacturing. This also adds support to read other information burned into eFuses: - serial number - board version - MAC addresses - RAM size - ECDSA public key (this is not read directly from eFuses, rather it is computed by the firmware as pair to the burned private key) The source code of the firmware is open source and can be found at https://gitlab.labs.nic.cz/turris/mox-boot-builder/tree/master/wtmi The firmware is also able to, on demand, sign messages with the burned ECDSA private key, but since Linux's akcipher API is not yet stable (and therefore not exposed to userspace via netlink), this functionality is not supported yet. Link: https://lore.kernel.org/r/20190822014318.19478-3-marek.behun@nic.cz Signed-off-by: Marek Behún <marek.behun@nic.cz> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 13:40:06 +0000