261ea058f0
There are SoCs like LS1043A where CAAM endianness (BE) does not match the default endianness of the core (LE). Moreover, there are requirements for the driver to handle cases like CPU_BIG_ENDIAN=y on ARM-based SoCs. This requires for a complete rewrite of the I/O accessors. PPC-specific accessors - {in,out}_{le,be}XX - are replaced with generic ones - io{read,write}[be]XX. Endianness is detected dynamically (at runtime) to allow for multiplatform kernels, for e.g. running the same kernel image on LS1043A (BE CAAM) and LS2080A (LE CAAM) armv8-based SoCs. While here: debugfs entries need to take into consideration the endianness of the core when displaying data. Add the necessary glue code so the entries remain the same, but they are properly read, regardless of the core and/or SEC endianness. Note: pdb.h fixes only what is currently being used (IPsec). Reviewed-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
867 lines
24 KiB
C
867 lines
24 KiB
C
/* * CAAM control-plane driver backend
|
|
* Controller-level driver, kernel property detection, initialization
|
|
*
|
|
* Copyright 2008-2012 Freescale Semiconductor, Inc.
|
|
*/
|
|
|
|
#include <linux/device.h>
|
|
#include <linux/of_address.h>
|
|
#include <linux/of_irq.h>
|
|
|
|
#include "compat.h"
|
|
#include "regs.h"
|
|
#include "intern.h"
|
|
#include "jr.h"
|
|
#include "desc_constr.h"
|
|
#include "error.h"
|
|
|
|
bool caam_little_end;
|
|
EXPORT_SYMBOL(caam_little_end);
|
|
|
|
/*
|
|
* i.MX targets tend to have clock control subsystems that can
|
|
* enable/disable clocking to our device.
|
|
*/
|
|
#ifdef CONFIG_CRYPTO_DEV_FSL_CAAM_IMX
|
|
static inline struct clk *caam_drv_identify_clk(struct device *dev,
|
|
char *clk_name)
|
|
{
|
|
return devm_clk_get(dev, clk_name);
|
|
}
|
|
#else
|
|
static inline struct clk *caam_drv_identify_clk(struct device *dev,
|
|
char *clk_name)
|
|
{
|
|
return NULL;
|
|
}
|
|
#endif
|
|
|
|
/*
|
|
* Descriptor to instantiate RNG State Handle 0 in normal mode and
|
|
* load the JDKEK, TDKEK and TDSK registers
|
|
*/
|
|
static void build_instantiation_desc(u32 *desc, int handle, int do_sk)
|
|
{
|
|
u32 *jump_cmd, op_flags;
|
|
|
|
init_job_desc(desc, 0);
|
|
|
|
op_flags = OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
|
|
(handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INIT;
|
|
|
|
/* INIT RNG in non-test mode */
|
|
append_operation(desc, op_flags);
|
|
|
|
if (!handle && do_sk) {
|
|
/*
|
|
* For SH0, Secure Keys must be generated as well
|
|
*/
|
|
|
|
/* wait for done */
|
|
jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
|
|
set_jump_tgt_here(desc, jump_cmd);
|
|
|
|
/*
|
|
* load 1 to clear written reg:
|
|
* resets the done interrrupt and returns the RNG to idle.
|
|
*/
|
|
append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
|
|
|
|
/* Initialize State Handle */
|
|
append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
|
|
OP_ALG_AAI_RNG4_SK);
|
|
}
|
|
|
|
append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
|
|
}
|
|
|
|
/* Descriptor for deinstantiation of State Handle 0 of the RNG block. */
|
|
static void build_deinstantiation_desc(u32 *desc, int handle)
|
|
{
|
|
init_job_desc(desc, 0);
|
|
|
|
/* Uninstantiate State Handle 0 */
|
|
append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
|
|
(handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INITFINAL);
|
|
|
|
append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
|
|
}
|
|
|
|
/*
|
|
* run_descriptor_deco0 - runs a descriptor on DECO0, under direct control of
|
|
* the software (no JR/QI used).
|
|
* @ctrldev - pointer to device
|
|
* @status - descriptor status, after being run
|
|
*
|
|
* Return: - 0 if no error occurred
|
|
* - -ENODEV if the DECO couldn't be acquired
|
|
* - -EAGAIN if an error occurred while executing the descriptor
|
|
*/
|
|
static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc,
|
|
u32 *status)
|
|
{
|
|
struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
|
|
struct caam_ctrl __iomem *ctrl = ctrlpriv->ctrl;
|
|
struct caam_deco __iomem *deco = ctrlpriv->deco;
|
|
unsigned int timeout = 100000;
|
|
u32 deco_dbg_reg, flags;
|
|
int i;
|
|
|
|
|
|
if (ctrlpriv->virt_en == 1) {
|
|
clrsetbits_32(&ctrl->deco_rsr, 0, DECORSR_JR0);
|
|
|
|
while (!(rd_reg32(&ctrl->deco_rsr) & DECORSR_VALID) &&
|
|
--timeout)
|
|
cpu_relax();
|
|
|
|
timeout = 100000;
|
|
}
|
|
|
|
clrsetbits_32(&ctrl->deco_rq, 0, DECORR_RQD0ENABLE);
|
|
|
|
while (!(rd_reg32(&ctrl->deco_rq) & DECORR_DEN0) &&
|
|
--timeout)
|
|
cpu_relax();
|
|
|
|
if (!timeout) {
|
|
dev_err(ctrldev, "failed to acquire DECO 0\n");
|
|
clrsetbits_32(&ctrl->deco_rq, DECORR_RQD0ENABLE, 0);
|
|
return -ENODEV;
|
|
}
|
|
|
|
for (i = 0; i < desc_len(desc); i++)
|
|
wr_reg32(&deco->descbuf[i], caam32_to_cpu(*(desc + i)));
|
|
|
|
flags = DECO_JQCR_WHL;
|
|
/*
|
|
* If the descriptor length is longer than 4 words, then the
|
|
* FOUR bit in JRCTRL register must be set.
|
|
*/
|
|
if (desc_len(desc) >= 4)
|
|
flags |= DECO_JQCR_FOUR;
|
|
|
|
/* Instruct the DECO to execute it */
|
|
clrsetbits_32(&deco->jr_ctl_hi, 0, flags);
|
|
|
|
timeout = 10000000;
|
|
do {
|
|
deco_dbg_reg = rd_reg32(&deco->desc_dbg);
|
|
/*
|
|
* If an error occured in the descriptor, then
|
|
* the DECO status field will be set to 0x0D
|
|
*/
|
|
if ((deco_dbg_reg & DESC_DBG_DECO_STAT_MASK) ==
|
|
DESC_DBG_DECO_STAT_HOST_ERR)
|
|
break;
|
|
cpu_relax();
|
|
} while ((deco_dbg_reg & DESC_DBG_DECO_STAT_VALID) && --timeout);
|
|
|
|
*status = rd_reg32(&deco->op_status_hi) &
|
|
DECO_OP_STATUS_HI_ERR_MASK;
|
|
|
|
if (ctrlpriv->virt_en == 1)
|
|
clrsetbits_32(&ctrl->deco_rsr, DECORSR_JR0, 0);
|
|
|
|
/* Mark the DECO as free */
|
|
clrsetbits_32(&ctrl->deco_rq, DECORR_RQD0ENABLE, 0);
|
|
|
|
if (!timeout)
|
|
return -EAGAIN;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* instantiate_rng - builds and executes a descriptor on DECO0,
|
|
* which initializes the RNG block.
|
|
* @ctrldev - pointer to device
|
|
* @state_handle_mask - bitmask containing the instantiation status
|
|
* for the RNG4 state handles which exist in
|
|
* the RNG4 block: 1 if it's been instantiated
|
|
* by an external entry, 0 otherwise.
|
|
* @gen_sk - generate data to be loaded into the JDKEK, TDKEK and TDSK;
|
|
* Caution: this can be done only once; if the keys need to be
|
|
* regenerated, a POR is required
|
|
*
|
|
* Return: - 0 if no error occurred
|
|
* - -ENOMEM if there isn't enough memory to allocate the descriptor
|
|
* - -ENODEV if DECO0 couldn't be acquired
|
|
* - -EAGAIN if an error occurred when executing the descriptor
|
|
* f.i. there was a RNG hardware error due to not "good enough"
|
|
* entropy being aquired.
|
|
*/
|
|
static int instantiate_rng(struct device *ctrldev, int state_handle_mask,
|
|
int gen_sk)
|
|
{
|
|
struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
|
|
struct caam_ctrl __iomem *ctrl;
|
|
u32 *desc, status = 0, rdsta_val;
|
|
int ret = 0, sh_idx;
|
|
|
|
ctrl = (struct caam_ctrl __iomem *)ctrlpriv->ctrl;
|
|
desc = kmalloc(CAAM_CMD_SZ * 7, GFP_KERNEL);
|
|
if (!desc)
|
|
return -ENOMEM;
|
|
|
|
for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
|
|
/*
|
|
* If the corresponding bit is set, this state handle
|
|
* was initialized by somebody else, so it's left alone.
|
|
*/
|
|
if ((1 << sh_idx) & state_handle_mask)
|
|
continue;
|
|
|
|
/* Create the descriptor for instantiating RNG State Handle */
|
|
build_instantiation_desc(desc, sh_idx, gen_sk);
|
|
|
|
/* Try to run it through DECO0 */
|
|
ret = run_descriptor_deco0(ctrldev, desc, &status);
|
|
|
|
/*
|
|
* If ret is not 0, or descriptor status is not 0, then
|
|
* something went wrong. No need to try the next state
|
|
* handle (if available), bail out here.
|
|
* Also, if for some reason, the State Handle didn't get
|
|
* instantiated although the descriptor has finished
|
|
* without any error (HW optimizations for later
|
|
* CAAM eras), then try again.
|
|
*/
|
|
rdsta_val = rd_reg32(&ctrl->r4tst[0].rdsta) & RDSTA_IFMASK;
|
|
if ((status && status != JRSTA_SSRC_JUMP_HALT_CC) ||
|
|
!(rdsta_val & (1 << sh_idx)))
|
|
ret = -EAGAIN;
|
|
if (ret)
|
|
break;
|
|
dev_info(ctrldev, "Instantiated RNG4 SH%d\n", sh_idx);
|
|
/* Clear the contents before recreating the descriptor */
|
|
memset(desc, 0x00, CAAM_CMD_SZ * 7);
|
|
}
|
|
|
|
kfree(desc);
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* deinstantiate_rng - builds and executes a descriptor on DECO0,
|
|
* which deinitializes the RNG block.
|
|
* @ctrldev - pointer to device
|
|
* @state_handle_mask - bitmask containing the instantiation status
|
|
* for the RNG4 state handles which exist in
|
|
* the RNG4 block: 1 if it's been instantiated
|
|
*
|
|
* Return: - 0 if no error occurred
|
|
* - -ENOMEM if there isn't enough memory to allocate the descriptor
|
|
* - -ENODEV if DECO0 couldn't be acquired
|
|
* - -EAGAIN if an error occurred when executing the descriptor
|
|
*/
|
|
static int deinstantiate_rng(struct device *ctrldev, int state_handle_mask)
|
|
{
|
|
u32 *desc, status;
|
|
int sh_idx, ret = 0;
|
|
|
|
desc = kmalloc(CAAM_CMD_SZ * 3, GFP_KERNEL);
|
|
if (!desc)
|
|
return -ENOMEM;
|
|
|
|
for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
|
|
/*
|
|
* If the corresponding bit is set, then it means the state
|
|
* handle was initialized by us, and thus it needs to be
|
|
* deintialized as well
|
|
*/
|
|
if ((1 << sh_idx) & state_handle_mask) {
|
|
/*
|
|
* Create the descriptor for deinstantating this state
|
|
* handle
|
|
*/
|
|
build_deinstantiation_desc(desc, sh_idx);
|
|
|
|
/* Try to run it through DECO0 */
|
|
ret = run_descriptor_deco0(ctrldev, desc, &status);
|
|
|
|
if (ret || status) {
|
|
dev_err(ctrldev,
|
|
"Failed to deinstantiate RNG4 SH%d\n",
|
|
sh_idx);
|
|
break;
|
|
}
|
|
dev_info(ctrldev, "Deinstantiated RNG4 SH%d\n", sh_idx);
|
|
}
|
|
}
|
|
|
|
kfree(desc);
|
|
|
|
return ret;
|
|
}
|
|
|
|
static int caam_remove(struct platform_device *pdev)
|
|
{
|
|
struct device *ctrldev;
|
|
struct caam_drv_private *ctrlpriv;
|
|
struct caam_ctrl __iomem *ctrl;
|
|
int ring;
|
|
|
|
ctrldev = &pdev->dev;
|
|
ctrlpriv = dev_get_drvdata(ctrldev);
|
|
ctrl = (struct caam_ctrl __iomem *)ctrlpriv->ctrl;
|
|
|
|
/* Remove platform devices for JobRs */
|
|
for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) {
|
|
if (ctrlpriv->jrpdev[ring])
|
|
of_device_unregister(ctrlpriv->jrpdev[ring]);
|
|
}
|
|
|
|
/* De-initialize RNG state handles initialized by this driver. */
|
|
if (ctrlpriv->rng4_sh_init)
|
|
deinstantiate_rng(ctrldev, ctrlpriv->rng4_sh_init);
|
|
|
|
/* Shut down debug views */
|
|
#ifdef CONFIG_DEBUG_FS
|
|
debugfs_remove_recursive(ctrlpriv->dfs_root);
|
|
#endif
|
|
|
|
/* Unmap controller region */
|
|
iounmap(ctrl);
|
|
|
|
/* shut clocks off before finalizing shutdown */
|
|
clk_disable_unprepare(ctrlpriv->caam_ipg);
|
|
clk_disable_unprepare(ctrlpriv->caam_mem);
|
|
clk_disable_unprepare(ctrlpriv->caam_aclk);
|
|
clk_disable_unprepare(ctrlpriv->caam_emi_slow);
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* kick_trng - sets the various parameters for enabling the initialization
|
|
* of the RNG4 block in CAAM
|
|
* @pdev - pointer to the platform device
|
|
* @ent_delay - Defines the length (in system clocks) of each entropy sample.
|
|
*/
|
|
static void kick_trng(struct platform_device *pdev, int ent_delay)
|
|
{
|
|
struct device *ctrldev = &pdev->dev;
|
|
struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
|
|
struct caam_ctrl __iomem *ctrl;
|
|
struct rng4tst __iomem *r4tst;
|
|
u32 val;
|
|
|
|
ctrl = (struct caam_ctrl __iomem *)ctrlpriv->ctrl;
|
|
r4tst = &ctrl->r4tst[0];
|
|
|
|
/* put RNG4 into program mode */
|
|
clrsetbits_32(&r4tst->rtmctl, 0, RTMCTL_PRGM);
|
|
|
|
/*
|
|
* Performance-wise, it does not make sense to
|
|
* set the delay to a value that is lower
|
|
* than the last one that worked (i.e. the state handles
|
|
* were instantiated properly. Thus, instead of wasting
|
|
* time trying to set the values controlling the sample
|
|
* frequency, the function simply returns.
|
|
*/
|
|
val = (rd_reg32(&r4tst->rtsdctl) & RTSDCTL_ENT_DLY_MASK)
|
|
>> RTSDCTL_ENT_DLY_SHIFT;
|
|
if (ent_delay <= val) {
|
|
/* put RNG4 into run mode */
|
|
clrsetbits_32(&r4tst->rtmctl, RTMCTL_PRGM, 0);
|
|
return;
|
|
}
|
|
|
|
val = rd_reg32(&r4tst->rtsdctl);
|
|
val = (val & ~RTSDCTL_ENT_DLY_MASK) |
|
|
(ent_delay << RTSDCTL_ENT_DLY_SHIFT);
|
|
wr_reg32(&r4tst->rtsdctl, val);
|
|
/* min. freq. count, equal to 1/4 of the entropy sample length */
|
|
wr_reg32(&r4tst->rtfrqmin, ent_delay >> 2);
|
|
/* disable maximum frequency count */
|
|
wr_reg32(&r4tst->rtfrqmax, RTFRQMAX_DISABLE);
|
|
/* read the control register */
|
|
val = rd_reg32(&r4tst->rtmctl);
|
|
/*
|
|
* select raw sampling in both entropy shifter
|
|
* and statistical checker
|
|
*/
|
|
clrsetbits_32(&val, 0, RTMCTL_SAMP_MODE_RAW_ES_SC);
|
|
/* put RNG4 into run mode */
|
|
clrsetbits_32(&val, RTMCTL_PRGM, 0);
|
|
/* write back the control register */
|
|
wr_reg32(&r4tst->rtmctl, val);
|
|
}
|
|
|
|
/**
|
|
* caam_get_era() - Return the ERA of the SEC on SoC, based
|
|
* on "sec-era" propery in the DTS. This property is updated by u-boot.
|
|
**/
|
|
int caam_get_era(void)
|
|
{
|
|
struct device_node *caam_node;
|
|
int ret;
|
|
u32 prop;
|
|
|
|
caam_node = of_find_compatible_node(NULL, NULL, "fsl,sec-v4.0");
|
|
ret = of_property_read_u32(caam_node, "fsl,sec-era", &prop);
|
|
of_node_put(caam_node);
|
|
|
|
return ret ? -ENOTSUPP : prop;
|
|
}
|
|
EXPORT_SYMBOL(caam_get_era);
|
|
|
|
#ifdef CONFIG_DEBUG_FS
|
|
static int caam_debugfs_u64_get(void *data, u64 *val)
|
|
{
|
|
*val = caam64_to_cpu(*(u64 *)data);
|
|
return 0;
|
|
}
|
|
|
|
static int caam_debugfs_u32_get(void *data, u64 *val)
|
|
{
|
|
*val = caam32_to_cpu(*(u32 *)data);
|
|
return 0;
|
|
}
|
|
|
|
DEFINE_SIMPLE_ATTRIBUTE(caam_fops_u32_ro, caam_debugfs_u32_get, NULL, "%llu\n");
|
|
DEFINE_SIMPLE_ATTRIBUTE(caam_fops_u64_ro, caam_debugfs_u64_get, NULL, "%llu\n");
|
|
#endif
|
|
|
|
/* Probe routine for CAAM top (controller) level */
|
|
static int caam_probe(struct platform_device *pdev)
|
|
{
|
|
int ret, ring, rspec, gen_sk, ent_delay = RTSDCTL_ENT_DLY_MIN;
|
|
u64 caam_id;
|
|
struct device *dev;
|
|
struct device_node *nprop, *np;
|
|
struct caam_ctrl __iomem *ctrl;
|
|
struct caam_drv_private *ctrlpriv;
|
|
struct clk *clk;
|
|
#ifdef CONFIG_DEBUG_FS
|
|
struct caam_perfmon *perfmon;
|
|
#endif
|
|
u32 scfgr, comp_params;
|
|
u32 cha_vid_ls;
|
|
int pg_size;
|
|
int BLOCK_OFFSET = 0;
|
|
|
|
ctrlpriv = devm_kzalloc(&pdev->dev, sizeof(*ctrlpriv), GFP_KERNEL);
|
|
if (!ctrlpriv)
|
|
return -ENOMEM;
|
|
|
|
dev = &pdev->dev;
|
|
dev_set_drvdata(dev, ctrlpriv);
|
|
ctrlpriv->pdev = pdev;
|
|
nprop = pdev->dev.of_node;
|
|
|
|
/* Enable clocking */
|
|
clk = caam_drv_identify_clk(&pdev->dev, "ipg");
|
|
if (IS_ERR(clk)) {
|
|
ret = PTR_ERR(clk);
|
|
dev_err(&pdev->dev,
|
|
"can't identify CAAM ipg clk: %d\n", ret);
|
|
return ret;
|
|
}
|
|
ctrlpriv->caam_ipg = clk;
|
|
|
|
clk = caam_drv_identify_clk(&pdev->dev, "mem");
|
|
if (IS_ERR(clk)) {
|
|
ret = PTR_ERR(clk);
|
|
dev_err(&pdev->dev,
|
|
"can't identify CAAM mem clk: %d\n", ret);
|
|
return ret;
|
|
}
|
|
ctrlpriv->caam_mem = clk;
|
|
|
|
clk = caam_drv_identify_clk(&pdev->dev, "aclk");
|
|
if (IS_ERR(clk)) {
|
|
ret = PTR_ERR(clk);
|
|
dev_err(&pdev->dev,
|
|
"can't identify CAAM aclk clk: %d\n", ret);
|
|
return ret;
|
|
}
|
|
ctrlpriv->caam_aclk = clk;
|
|
|
|
clk = caam_drv_identify_clk(&pdev->dev, "emi_slow");
|
|
if (IS_ERR(clk)) {
|
|
ret = PTR_ERR(clk);
|
|
dev_err(&pdev->dev,
|
|
"can't identify CAAM emi_slow clk: %d\n", ret);
|
|
return ret;
|
|
}
|
|
ctrlpriv->caam_emi_slow = clk;
|
|
|
|
ret = clk_prepare_enable(ctrlpriv->caam_ipg);
|
|
if (ret < 0) {
|
|
dev_err(&pdev->dev, "can't enable CAAM ipg clock: %d\n", ret);
|
|
return ret;
|
|
}
|
|
|
|
ret = clk_prepare_enable(ctrlpriv->caam_mem);
|
|
if (ret < 0) {
|
|
dev_err(&pdev->dev, "can't enable CAAM secure mem clock: %d\n",
|
|
ret);
|
|
goto disable_caam_ipg;
|
|
}
|
|
|
|
ret = clk_prepare_enable(ctrlpriv->caam_aclk);
|
|
if (ret < 0) {
|
|
dev_err(&pdev->dev, "can't enable CAAM aclk clock: %d\n", ret);
|
|
goto disable_caam_mem;
|
|
}
|
|
|
|
ret = clk_prepare_enable(ctrlpriv->caam_emi_slow);
|
|
if (ret < 0) {
|
|
dev_err(&pdev->dev, "can't enable CAAM emi slow clock: %d\n",
|
|
ret);
|
|
goto disable_caam_aclk;
|
|
}
|
|
|
|
/* Get configuration properties from device tree */
|
|
/* First, get register page */
|
|
ctrl = of_iomap(nprop, 0);
|
|
if (ctrl == NULL) {
|
|
dev_err(dev, "caam: of_iomap() failed\n");
|
|
ret = -ENOMEM;
|
|
goto disable_caam_emi_slow;
|
|
}
|
|
|
|
caam_little_end = !(bool)(rd_reg32(&ctrl->perfmon.status) &
|
|
(CSTA_PLEND | CSTA_ALT_PLEND));
|
|
|
|
/* Finding the page size for using the CTPR_MS register */
|
|
comp_params = rd_reg32(&ctrl->perfmon.comp_parms_ms);
|
|
pg_size = (comp_params & CTPR_MS_PG_SZ_MASK) >> CTPR_MS_PG_SZ_SHIFT;
|
|
|
|
/* Allocating the BLOCK_OFFSET based on the supported page size on
|
|
* the platform
|
|
*/
|
|
if (pg_size == 0)
|
|
BLOCK_OFFSET = PG_SIZE_4K;
|
|
else
|
|
BLOCK_OFFSET = PG_SIZE_64K;
|
|
|
|
ctrlpriv->ctrl = (struct caam_ctrl __force *)ctrl;
|
|
ctrlpriv->assure = (struct caam_assurance __force *)
|
|
((uint8_t *)ctrl +
|
|
BLOCK_OFFSET * ASSURE_BLOCK_NUMBER
|
|
);
|
|
ctrlpriv->deco = (struct caam_deco __force *)
|
|
((uint8_t *)ctrl +
|
|
BLOCK_OFFSET * DECO_BLOCK_NUMBER
|
|
);
|
|
|
|
/* Get the IRQ of the controller (for security violations only) */
|
|
ctrlpriv->secvio_irq = irq_of_parse_and_map(nprop, 0);
|
|
|
|
/*
|
|
* Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
|
|
* long pointers in master configuration register
|
|
*/
|
|
clrsetbits_32(&ctrl->mcr, MCFGR_AWCACHE_MASK, MCFGR_AWCACHE_CACH |
|
|
MCFGR_AWCACHE_BUFF | MCFGR_WDENABLE | MCFGR_LARGE_BURST |
|
|
(sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0));
|
|
|
|
/*
|
|
* Read the Compile Time paramters and SCFGR to determine
|
|
* if Virtualization is enabled for this platform
|
|
*/
|
|
scfgr = rd_reg32(&ctrl->scfgr);
|
|
|
|
ctrlpriv->virt_en = 0;
|
|
if (comp_params & CTPR_MS_VIRT_EN_INCL) {
|
|
/* VIRT_EN_INCL = 1 & VIRT_EN_POR = 1 or
|
|
* VIRT_EN_INCL = 1 & VIRT_EN_POR = 0 & SCFGR_VIRT_EN = 1
|
|
*/
|
|
if ((comp_params & CTPR_MS_VIRT_EN_POR) ||
|
|
(!(comp_params & CTPR_MS_VIRT_EN_POR) &&
|
|
(scfgr & SCFGR_VIRT_EN)))
|
|
ctrlpriv->virt_en = 1;
|
|
} else {
|
|
/* VIRT_EN_INCL = 0 && VIRT_EN_POR_VALUE = 1 */
|
|
if (comp_params & CTPR_MS_VIRT_EN_POR)
|
|
ctrlpriv->virt_en = 1;
|
|
}
|
|
|
|
if (ctrlpriv->virt_en == 1)
|
|
clrsetbits_32(&ctrl->jrstart, 0, JRSTART_JR0_START |
|
|
JRSTART_JR1_START | JRSTART_JR2_START |
|
|
JRSTART_JR3_START);
|
|
|
|
if (sizeof(dma_addr_t) == sizeof(u64))
|
|
if (of_device_is_compatible(nprop, "fsl,sec-v5.0"))
|
|
dma_set_mask_and_coherent(dev, DMA_BIT_MASK(40));
|
|
else
|
|
dma_set_mask_and_coherent(dev, DMA_BIT_MASK(36));
|
|
else
|
|
dma_set_mask_and_coherent(dev, DMA_BIT_MASK(32));
|
|
|
|
/*
|
|
* Detect and enable JobRs
|
|
* First, find out how many ring spec'ed, allocate references
|
|
* for all, then go probe each one.
|
|
*/
|
|
rspec = 0;
|
|
for_each_available_child_of_node(nprop, np)
|
|
if (of_device_is_compatible(np, "fsl,sec-v4.0-job-ring") ||
|
|
of_device_is_compatible(np, "fsl,sec4.0-job-ring"))
|
|
rspec++;
|
|
|
|
ctrlpriv->jrpdev = devm_kcalloc(&pdev->dev, rspec,
|
|
sizeof(*ctrlpriv->jrpdev), GFP_KERNEL);
|
|
if (ctrlpriv->jrpdev == NULL) {
|
|
ret = -ENOMEM;
|
|
goto iounmap_ctrl;
|
|
}
|
|
|
|
ring = 0;
|
|
ctrlpriv->total_jobrs = 0;
|
|
for_each_available_child_of_node(nprop, np)
|
|
if (of_device_is_compatible(np, "fsl,sec-v4.0-job-ring") ||
|
|
of_device_is_compatible(np, "fsl,sec4.0-job-ring")) {
|
|
ctrlpriv->jrpdev[ring] =
|
|
of_platform_device_create(np, NULL, dev);
|
|
if (!ctrlpriv->jrpdev[ring]) {
|
|
pr_warn("JR%d Platform device creation error\n",
|
|
ring);
|
|
continue;
|
|
}
|
|
ctrlpriv->jr[ring] = (struct caam_job_ring __force *)
|
|
((uint8_t *)ctrl +
|
|
(ring + JR_BLOCK_NUMBER) *
|
|
BLOCK_OFFSET
|
|
);
|
|
ctrlpriv->total_jobrs++;
|
|
ring++;
|
|
}
|
|
|
|
/* Check to see if QI present. If so, enable */
|
|
ctrlpriv->qi_present =
|
|
!!(rd_reg32(&ctrl->perfmon.comp_parms_ms) &
|
|
CTPR_MS_QI_MASK);
|
|
if (ctrlpriv->qi_present) {
|
|
ctrlpriv->qi = (struct caam_queue_if __force *)
|
|
((uint8_t *)ctrl +
|
|
BLOCK_OFFSET * QI_BLOCK_NUMBER
|
|
);
|
|
/* This is all that's required to physically enable QI */
|
|
wr_reg32(&ctrlpriv->qi->qi_control_lo, QICTL_DQEN);
|
|
}
|
|
|
|
/* If no QI and no rings specified, quit and go home */
|
|
if ((!ctrlpriv->qi_present) && (!ctrlpriv->total_jobrs)) {
|
|
dev_err(dev, "no queues configured, terminating\n");
|
|
ret = -ENOMEM;
|
|
goto caam_remove;
|
|
}
|
|
|
|
cha_vid_ls = rd_reg32(&ctrl->perfmon.cha_id_ls);
|
|
|
|
/*
|
|
* If SEC has RNG version >= 4 and RNG state handle has not been
|
|
* already instantiated, do RNG instantiation
|
|
*/
|
|
if ((cha_vid_ls & CHA_ID_LS_RNG_MASK) >> CHA_ID_LS_RNG_SHIFT >= 4) {
|
|
ctrlpriv->rng4_sh_init =
|
|
rd_reg32(&ctrl->r4tst[0].rdsta);
|
|
/*
|
|
* If the secure keys (TDKEK, JDKEK, TDSK), were already
|
|
* generated, signal this to the function that is instantiating
|
|
* the state handles. An error would occur if RNG4 attempts
|
|
* to regenerate these keys before the next POR.
|
|
*/
|
|
gen_sk = ctrlpriv->rng4_sh_init & RDSTA_SKVN ? 0 : 1;
|
|
ctrlpriv->rng4_sh_init &= RDSTA_IFMASK;
|
|
do {
|
|
int inst_handles =
|
|
rd_reg32(&ctrl->r4tst[0].rdsta) &
|
|
RDSTA_IFMASK;
|
|
/*
|
|
* If either SH were instantiated by somebody else
|
|
* (e.g. u-boot) then it is assumed that the entropy
|
|
* parameters are properly set and thus the function
|
|
* setting these (kick_trng(...)) is skipped.
|
|
* Also, if a handle was instantiated, do not change
|
|
* the TRNG parameters.
|
|
*/
|
|
if (!(ctrlpriv->rng4_sh_init || inst_handles)) {
|
|
dev_info(dev,
|
|
"Entropy delay = %u\n",
|
|
ent_delay);
|
|
kick_trng(pdev, ent_delay);
|
|
ent_delay += 400;
|
|
}
|
|
/*
|
|
* if instantiate_rng(...) fails, the loop will rerun
|
|
* and the kick_trng(...) function will modfiy the
|
|
* upper and lower limits of the entropy sampling
|
|
* interval, leading to a sucessful initialization of
|
|
* the RNG.
|
|
*/
|
|
ret = instantiate_rng(dev, inst_handles,
|
|
gen_sk);
|
|
if (ret == -EAGAIN)
|
|
/*
|
|
* if here, the loop will rerun,
|
|
* so don't hog the CPU
|
|
*/
|
|
cpu_relax();
|
|
} while ((ret == -EAGAIN) && (ent_delay < RTSDCTL_ENT_DLY_MAX));
|
|
if (ret) {
|
|
dev_err(dev, "failed to instantiate RNG");
|
|
goto caam_remove;
|
|
}
|
|
/*
|
|
* Set handles init'ed by this module as the complement of the
|
|
* already initialized ones
|
|
*/
|
|
ctrlpriv->rng4_sh_init = ~ctrlpriv->rng4_sh_init & RDSTA_IFMASK;
|
|
|
|
/* Enable RDB bit so that RNG works faster */
|
|
clrsetbits_32(&ctrl->scfgr, 0, SCFGR_RDBENABLE);
|
|
}
|
|
|
|
/* NOTE: RTIC detection ought to go here, around Si time */
|
|
|
|
caam_id = (u64)rd_reg32(&ctrl->perfmon.caam_id_ms) << 32 |
|
|
(u64)rd_reg32(&ctrl->perfmon.caam_id_ls);
|
|
|
|
/* Report "alive" for developer to see */
|
|
dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id,
|
|
caam_get_era());
|
|
dev_info(dev, "job rings = %d, qi = %d\n",
|
|
ctrlpriv->total_jobrs, ctrlpriv->qi_present);
|
|
|
|
#ifdef CONFIG_DEBUG_FS
|
|
/*
|
|
* FIXME: needs better naming distinction, as some amalgamation of
|
|
* "caam" and nprop->full_name. The OF name isn't distinctive,
|
|
* but does separate instances
|
|
*/
|
|
perfmon = (struct caam_perfmon __force *)&ctrl->perfmon;
|
|
|
|
ctrlpriv->dfs_root = debugfs_create_dir(dev_name(dev), NULL);
|
|
ctrlpriv->ctl = debugfs_create_dir("ctl", ctrlpriv->dfs_root);
|
|
|
|
/* Controller-level - performance monitor counters */
|
|
|
|
ctrlpriv->ctl_rq_dequeued =
|
|
debugfs_create_file("rq_dequeued",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->req_dequeued,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ob_enc_req =
|
|
debugfs_create_file("ob_rq_encrypted",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ob_enc_req,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ib_dec_req =
|
|
debugfs_create_file("ib_rq_decrypted",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ib_dec_req,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ob_enc_bytes =
|
|
debugfs_create_file("ob_bytes_encrypted",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ob_enc_bytes,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ob_prot_bytes =
|
|
debugfs_create_file("ob_bytes_protected",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ob_prot_bytes,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ib_dec_bytes =
|
|
debugfs_create_file("ib_bytes_decrypted",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ib_dec_bytes,
|
|
&caam_fops_u64_ro);
|
|
ctrlpriv->ctl_ib_valid_bytes =
|
|
debugfs_create_file("ib_bytes_validated",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->ib_valid_bytes,
|
|
&caam_fops_u64_ro);
|
|
|
|
/* Controller level - global status values */
|
|
ctrlpriv->ctl_faultaddr =
|
|
debugfs_create_file("fault_addr",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->faultaddr,
|
|
&caam_fops_u32_ro);
|
|
ctrlpriv->ctl_faultdetail =
|
|
debugfs_create_file("fault_detail",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->faultdetail,
|
|
&caam_fops_u32_ro);
|
|
ctrlpriv->ctl_faultstatus =
|
|
debugfs_create_file("fault_status",
|
|
S_IRUSR | S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl, &perfmon->status,
|
|
&caam_fops_u32_ro);
|
|
|
|
/* Internal covering keys (useful in non-secure mode only) */
|
|
ctrlpriv->ctl_kek_wrap.data = &ctrlpriv->ctrl->kek[0];
|
|
ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
|
|
ctrlpriv->ctl_kek = debugfs_create_blob("kek",
|
|
S_IRUSR |
|
|
S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl,
|
|
&ctrlpriv->ctl_kek_wrap);
|
|
|
|
ctrlpriv->ctl_tkek_wrap.data = &ctrlpriv->ctrl->tkek[0];
|
|
ctrlpriv->ctl_tkek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
|
|
ctrlpriv->ctl_tkek = debugfs_create_blob("tkek",
|
|
S_IRUSR |
|
|
S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl,
|
|
&ctrlpriv->ctl_tkek_wrap);
|
|
|
|
ctrlpriv->ctl_tdsk_wrap.data = &ctrlpriv->ctrl->tdsk[0];
|
|
ctrlpriv->ctl_tdsk_wrap.size = KEK_KEY_SIZE * sizeof(u32);
|
|
ctrlpriv->ctl_tdsk = debugfs_create_blob("tdsk",
|
|
S_IRUSR |
|
|
S_IRGRP | S_IROTH,
|
|
ctrlpriv->ctl,
|
|
&ctrlpriv->ctl_tdsk_wrap);
|
|
#endif
|
|
return 0;
|
|
|
|
caam_remove:
|
|
caam_remove(pdev);
|
|
iounmap_ctrl:
|
|
iounmap(ctrl);
|
|
disable_caam_emi_slow:
|
|
clk_disable_unprepare(ctrlpriv->caam_emi_slow);
|
|
disable_caam_aclk:
|
|
clk_disable_unprepare(ctrlpriv->caam_aclk);
|
|
disable_caam_mem:
|
|
clk_disable_unprepare(ctrlpriv->caam_mem);
|
|
disable_caam_ipg:
|
|
clk_disable_unprepare(ctrlpriv->caam_ipg);
|
|
return ret;
|
|
}
|
|
|
|
static struct of_device_id caam_match[] = {
|
|
{
|
|
.compatible = "fsl,sec-v4.0",
|
|
},
|
|
{
|
|
.compatible = "fsl,sec4.0",
|
|
},
|
|
{},
|
|
};
|
|
MODULE_DEVICE_TABLE(of, caam_match);
|
|
|
|
static struct platform_driver caam_driver = {
|
|
.driver = {
|
|
.name = "caam",
|
|
.of_match_table = caam_match,
|
|
},
|
|
.probe = caam_probe,
|
|
.remove = caam_remove,
|
|
};
|
|
|
|
module_platform_driver(caam_driver);
|
|
|
|
MODULE_LICENSE("GPL");
|
|
MODULE_DESCRIPTION("FSL CAAM request backend");
|
|
MODULE_AUTHOR("Freescale Semiconductor - NMG/STC");
|