| Message ID | 20230405090752.1708455-3-meenakshi.aggarwal@nxp.com |
|---|---|
| State | New |
| Headers | show |
| Series | No access to CAAM page 0 registers | expand |
Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com> > -----Original Message----- > From: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com> > Sent: Wednesday, April 5, 2023 2:38 PM > To: Horia Geanta <horia.geanta@nxp.com>; Varun Sethi <V.Sethi@nxp.com>; > Pankaj Gupta <pankaj.gupta@nxp.com>; Gaurav Jain <gaurav.jain@nxp.com>; > herbert@gondor.apana.org.au; davem@davemloft.net; linux- > crypto@vger.kernel.org; linux-kernel@vger.kernel.org > Cc: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com> > Subject: [PATCH v3 2/2] crypto: caam - OP-TEE firmware support > > From: Horia GeantA <horia.geanta@nxp.com> > > caam driver needs to be aware of OP-TEE f/w presence, since some things are > done differently: > > 1. there is no access to controller's register page (note however that some > registers are aliased in job rings' register pages) > > 2 Due to this, MCFGR[PS] cannot be read and driver assumes MCFGR[PS] = b'0 - > engine using 32-bit address pointers. > > This is in sync with the fact that: > -all i.MX SoCs currently use MCFGR[PS] = b'0 -only i.MX OP-TEE use cases don't > allow access to controller register page > > Signed-off-by: Horia GeantA <horia.geanta@nxp.com> > Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com> > --- > drivers/crypto/caam/ctrl.c | 23 ++++++++++++++++++++++- > drivers/crypto/caam/debugfs.c | 3 +++ > drivers/crypto/caam/intern.h | 1 + > 3 files changed, 26 insertions(+), 1 deletion(-) > > diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c index > de1f0acdb712..9c5a035e1b96 100644 > --- a/drivers/crypto/caam/ctrl.c > +++ b/drivers/crypto/caam/ctrl.c > @@ -633,6 +633,7 @@ static int caam_probe(struct platform_device *pdev) > int pg_size; > int BLOCK_OFFSET = 0; > bool pr_support = false; > + bool reg_access = true; > > ctrlpriv = devm_kzalloc(&pdev->dev, sizeof(*ctrlpriv), GFP_KERNEL); > if (!ctrlpriv) > @@ -646,6 +647,17 @@ static int caam_probe(struct platform_device *pdev) > caam_imx = (bool)imx_soc_match; > > if (imx_soc_match) { > + /* > + * Until Layerscape and i.MX OP-TEE get in sync, > + * only i.MX OP-TEE use cases disallow access to > + * caam page 0 (controller) registers. > + */ > + np = of_find_compatible_node(NULL, NULL, "linaro,optee-tz"); > + ctrlpriv->optee_en = !!np; > + of_node_put(np); > + > + reg_access = !ctrlpriv->optee_en; > + > if (!imx_soc_match->data) { > dev_err(dev, "No clock data provided for i.MX SoC"); > return -EINVAL; > @@ -696,7 +708,8 @@ static int caam_probe(struct platform_device *pdev) > caam_little_end = !(bool)(rd_reg32(&perfmon->status) & > (CSTA_PLEND | CSTA_ALT_PLEND)); > comp_params = rd_reg32(&perfmon->comp_parms_ms); > - if (comp_params & CTPR_MS_PS && rd_reg32(&ctrl->mcr) & > MCFGR_LONG_PTR) > + if (reg_access && comp_params & CTPR_MS_PS && > + rd_reg32(&ctrl->mcr) & MCFGR_LONG_PTR) > caam_ptr_sz = sizeof(u64); > else > caam_ptr_sz = sizeof(u32); > @@ -761,6 +774,9 @@ static int caam_probe(struct platform_device *pdev) > } > #endif > > + if (!reg_access) > + goto set_dma_mask; > + > /* > * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel, > * long pointers in master configuration register. > @@ -800,6 +816,7 @@ static int caam_probe(struct platform_device *pdev) > JRSTART_JR1_START | JRSTART_JR2_START | > JRSTART_JR3_START); > > +set_dma_mask: > ret = dma_set_mask_and_coherent(dev, caam_get_dma_mask(dev)); > if (ret) { > dev_err(dev, "dma_set_mask_and_coherent failed (%d)\n", ret); > @@ -842,6 +859,9 @@ static int caam_probe(struct platform_device *pdev) > return -ENOMEM; > } > > + if (!reg_access) > + goto report_live; > + > comp_params = rd_reg32(&perfmon->comp_parms_ls); > ctrlpriv->blob_present = !!(comp_params & CTPR_LS_BLOB); > > @@ -944,6 +964,7 @@ static int caam_probe(struct platform_device *pdev) > clrsetbits_32(&ctrl->scfgr, 0, SCFGR_RDBENABLE); > } > > +report_live: > /* NOTE: RTIC detection ought to go here, around Si time */ > > caam_id = (u64)rd_reg32(&perfmon->caam_id_ms) << 32 | diff --git > a/drivers/crypto/caam/debugfs.c b/drivers/crypto/caam/debugfs.c index > b2ef2273298d..6358d3cabf57 100644 > --- a/drivers/crypto/caam/debugfs.c > +++ b/drivers/crypto/caam/debugfs.c > @@ -77,6 +77,9 @@ void caam_debugfs_init(struct caam_drv_private *ctrlpriv, > debugfs_create_file("fault_status", 0444, ctrlpriv->ctl, > &perfmon->status, &caam_fops_u32_ro); > > + if (ctrlpriv->optee_en) > + return; > + > /* Internal covering keys (useful in non-secure mode only) */ > ctrlpriv->ctl_kek_wrap.data = (__force void *)&ctrlpriv->ctrl->kek[0]; > ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32); diff --git > a/drivers/crypto/caam/intern.h b/drivers/crypto/caam/intern.h index > 572cf66c887a..86ed1b91c22d 100644 > --- a/drivers/crypto/caam/intern.h > +++ b/drivers/crypto/caam/intern.h > @@ -94,6 +94,7 @@ struct caam_drv_private { > u8 qi_present; /* Nonzero if QI present in device */ > u8 blob_present; /* Nonzero if BLOB support present in device */ > u8 mc_en; /* Nonzero if MC f/w is active */ > + u8 optee_en; /* Nonzero if OP-TEE f/w is active */ > int secvio_irq; /* Security violation interrupt number */ > int virt_en; /* Virtualization enabled in CAAM */ > int era; /* CAAM Era (internal HW revision) */ > -- > 2.25.1
diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c index de1f0acdb712..9c5a035e1b96 100644 --- a/drivers/crypto/caam/ctrl.c +++ b/drivers/crypto/caam/ctrl.c @@ -633,6 +633,7 @@ static int caam_probe(struct platform_device *pdev) int pg_size; int BLOCK_OFFSET = 0; bool pr_support = false; + bool reg_access = true; ctrlpriv = devm_kzalloc(&pdev->dev, sizeof(*ctrlpriv), GFP_KERNEL); if (!ctrlpriv) @@ -646,6 +647,17 @@ static int caam_probe(struct platform_device *pdev) caam_imx = (bool)imx_soc_match; if (imx_soc_match) { + /* + * Until Layerscape and i.MX OP-TEE get in sync, + * only i.MX OP-TEE use cases disallow access to + * caam page 0 (controller) registers. + */ + np = of_find_compatible_node(NULL, NULL, "linaro,optee-tz"); + ctrlpriv->optee_en = !!np; + of_node_put(np); + + reg_access = !ctrlpriv->optee_en; + if (!imx_soc_match->data) { dev_err(dev, "No clock data provided for i.MX SoC"); return -EINVAL; @@ -696,7 +708,8 @@ static int caam_probe(struct platform_device *pdev) caam_little_end = !(bool)(rd_reg32(&perfmon->status) & (CSTA_PLEND | CSTA_ALT_PLEND)); comp_params = rd_reg32(&perfmon->comp_parms_ms); - if (comp_params & CTPR_MS_PS && rd_reg32(&ctrl->mcr) & MCFGR_LONG_PTR) + if (reg_access && comp_params & CTPR_MS_PS && + rd_reg32(&ctrl->mcr) & MCFGR_LONG_PTR) caam_ptr_sz = sizeof(u64); else caam_ptr_sz = sizeof(u32); @@ -761,6 +774,9 @@ static int caam_probe(struct platform_device *pdev) } #endif + if (!reg_access) + goto set_dma_mask; + /* * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel, * long pointers in master configuration register. @@ -800,6 +816,7 @@ static int caam_probe(struct platform_device *pdev) JRSTART_JR1_START | JRSTART_JR2_START | JRSTART_JR3_START); +set_dma_mask: ret = dma_set_mask_and_coherent(dev, caam_get_dma_mask(dev)); if (ret) { dev_err(dev, "dma_set_mask_and_coherent failed (%d)\n", ret); @@ -842,6 +859,9 @@ static int caam_probe(struct platform_device *pdev) return -ENOMEM; } + if (!reg_access) + goto report_live; + comp_params = rd_reg32(&perfmon->comp_parms_ls); ctrlpriv->blob_present = !!(comp_params & CTPR_LS_BLOB); @@ -944,6 +964,7 @@ static int caam_probe(struct platform_device *pdev) clrsetbits_32(&ctrl->scfgr, 0, SCFGR_RDBENABLE); } +report_live: /* NOTE: RTIC detection ought to go here, around Si time */ caam_id = (u64)rd_reg32(&perfmon->caam_id_ms) << 32 | diff --git a/drivers/crypto/caam/debugfs.c b/drivers/crypto/caam/debugfs.c index b2ef2273298d..6358d3cabf57 100644 --- a/drivers/crypto/caam/debugfs.c +++ b/drivers/crypto/caam/debugfs.c @@ -77,6 +77,9 @@ void caam_debugfs_init(struct caam_drv_private *ctrlpriv, debugfs_create_file("fault_status", 0444, ctrlpriv->ctl, &perfmon->status, &caam_fops_u32_ro); + if (ctrlpriv->optee_en) + return; + /* Internal covering keys (useful in non-secure mode only) */ ctrlpriv->ctl_kek_wrap.data = (__force void *)&ctrlpriv->ctrl->kek[0]; ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32); diff --git a/drivers/crypto/caam/intern.h b/drivers/crypto/caam/intern.h index 572cf66c887a..86ed1b91c22d 100644 --- a/drivers/crypto/caam/intern.h +++ b/drivers/crypto/caam/intern.h @@ -94,6 +94,7 @@ struct caam_drv_private { u8 qi_present; /* Nonzero if QI present in device */ u8 blob_present; /* Nonzero if BLOB support present in device */ u8 mc_en; /* Nonzero if MC f/w is active */ + u8 optee_en; /* Nonzero if OP-TEE f/w is active */ int secvio_irq; /* Security violation interrupt number */ int virt_en; /* Virtualization enabled in CAAM */ int era; /* CAAM Era (internal HW revision) */