MIRRORS/linux-imx
1
0
Fork 0
mirror of https://github.com/nxp-imx/linux-imx.git synced 2025-09-03 02:16:09 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
lf-6.6.y
linux-imx/drivers/crypto/caam/sm.h
Steve Cornelius 7cab0da0e4 MLKU-25-3 crypto: caam - add Secure Memory support 
This is a squash of the following i.MX BSP commits
(rel_imx_4.19.35_1.1.0_rc2)

1.  ae8175a3f1 ("MLK-9710-10 Add CCM defs for FIFO_STORE instruction")
2.  9512280d06 ("MLK-9769-11 Add SM register defs, and expanded driver-private storage.")
3.  a9dc44de81 ("MLK-9769-10 Add Blob command bitdefs.")
4.  8f6a17b419 ("ENGR00289885 [iMX6Q] Add Secure Memory and SECVIO support.")
5.  c7d4f9db10 ("MLK-9710-11 Add internal key cover and external blob export/import to prototype SM-API")
6.  568e449edf ("MLK-9710-12 Adapt sm_test as a black-key handling example")
7.  f42f12d9cb ("MLK-9710-13 Correct size in BLOB_OVERHEAD definition")
8.  022fc2b33f ("MLK-9710-14 Un-pad cache sizes for blob export/import")
9.  8d3e8c3c4d ("MLK-9710-15 Correct size of padded key buffers")
10. 997fb2ff88 ("MLK-9710-5 Unregister Secure Memory platform device upon shutdown")
11. 5316249198 ("MLK-10897-1 ARM: imx7d: Add CAAM support for i.mx7d")
12. 07566f42a4 ("MLK-11103 Missing register in Secure memory configuration v1")
13. 3004636304 ("MLK-12302 caam: Secure Memory platform device creation crashes")
14. 0e6ed5a819 ("MLK-13779 crypto: caam - initialize kslock spinlock")
15. b1254b6b5f ("Add missing NULL checks in CAAM sm")
16. 61f57509bc ("MLK-17992: caam: sm: Fix compilation warnings")
17. 41cf3d4c58 ("MLK-15473-1: crypto: caam: Add CAAM driver support for iMX8 soc family")
18. bb87424812 ("MLK-17253-1: crypto: caam: Fix computation of SM pages addresses")
19. 308796dfae ("MLK-17253-2: crypto: caam: Use correct memory function for Secure Memory")
20. ba2cb6b5fb ("MLK-17732-2: SM store: Support iMX8QX and iMX8QM")
21. de710d376a ("MLK-17674-1: sm_store remove CONFIG_OF")
22. cfcae64743 ("MLK-17674-2: CAAM SM : get base address from device tree")
23. f49ebbd5ee ("MLK-17992: caam: sm: Fix compilation warnings")
24. 345ead4338 ("MLK-17841: crypto: caam: Correct bugs in Secure Memory")
25. c17811f3ff ("MLK-18082: crypto: caam: sm: Fix encap/decap function to handle errors")
26. 41bcba1d4c ("MLK-18082: crypto: caam: sm: Fix descriptor running functions")
27. b7385ab947 ("MLK-20204: drivers: crypto: caam: sm: Remove deadcode")
28. 1d749430cb ("MLK-20204: drivers: crypto: caam: sm: test: Dealloc keyslot properly")
29. 6a5c2d9d35 ("crypto: caam - lower SM test verbosity")
30. 1a6bc92c0c ("MLK-21617: crypto: caam - update SM test error handling")

Signed-off-by: Dan Douglass <dan.douglass@nxp.com>
Signed-off-by: Victoria Milhoan <vicki.milhoan@freescale.com>
Signed-off-by: Steve Cornelius <steve.cornelius@nxp.com>
Signed-off-by: Octavian Purdila <octavian.purdila@nxp.com>
Signed-off-by: Radu Solea <radu.solea@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>

and LF commits (lf-5.4.y-1.0.0-rc2):
31. 4d3a0772bf ("LFV-26 crypto: caam - fix Secure Memory driver init")
32. 97dc4e4fa4 ("LF-63-1 crypto: caam - fix SM test init")

and LF commit (lf-5.4.y-1.0.1-rc1):
33. fabf6de666 ("LF-1602 crypto: caam - fix signals handling in sm_store")

and LF commit (rebase-20200703/crypto/caam):
34. 8d85d700e8d2 ("LF-1116-3 crypto: caam - update the check for the return code of caam_jr_enqueue function")

and LF commit (rebase-20200918/crypto/caam):
35. bfeb0bffc35a ("crypto: caam - build config changes")

and LF commit
36. LF-2487 crypto: caam - fix pointer cast in sm_keystore_slot_import
	( https://linux.nxdi.nxp.com/patchwork/patch/71174/ )

that have been reworked:

4.
-make SM depend on JR
-enable SM, SECVIO only on i.MX SoCs
-fix resource leak - add off_node_put() where needed
-remove unused sm_size

Split commit in three:
1 - SNVS/SECVIO driver
2 - Secure Memory driver
3 - DT changes

11.
Clock handling dropped - logic already upstream.

17.
Keep only Secure Memory related changes.
Changes related to page 0 registers have been added previously.
Other changes are dropped.

21.
Always use first jr in ctrlpriv->jr[] array to access registers
in page 0 (aliased in jr page), irrespective of SCU presence.

35.
Split the patch in three (SECVIO, SM, UIO)

Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
2023-10-30 17:37:35 +08:00

127 lines
4.6 KiB
C
Raw Permalink Blame History

/* SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause) */
/*
* CAAM Secure Memory/Keywrap API Definitions
*
* Copyright 2008-2015 Freescale Semiconductor, Inc.
* Copyright 2016-2019 NXP
*/
#ifndef SM_H
#define SM_H
/* Storage access permissions */
#define SM_PERM_READ 0x01
#define SM_PERM_WRITE 0x02
#define SM_PERM_BLOB 0x03
/* Define treatment of secure memory vs. general memory blobs */
#define SM_SECMEM 0
#define SM_GENMEM 1
/* Define treatment of red/black keys */
#define RED_KEY 0
#define BLACK_KEY 1
/* Define key encryption/covering options */
#define KEY_COVER_ECB 0 /* cover key in AES-ECB */
#define KEY_COVER_CCM 1 /* cover key with AES-CCM */
/*
* Round a key size up to an AES blocksize boundary so to allow for
* padding out to a full block
*/
#define AES_BLOCK_PAD(x) ((x % 16) ? ((x >> 4) + 1) << 4 : x)
/* Define space required for BKEK + MAC tag storage in any blob */
#define BLOB_OVERHEAD (32 + 16)
/* Keystore maintenance functions */
void sm_init_keystore(struct device *dev);
u32 sm_detect_keystore_units(struct device *dev);
int sm_establish_keystore(struct device *dev, u32 unit);
void sm_release_keystore(struct device *dev, u32 unit);
int caam_sm_example_init(struct platform_device *pdev);
/* Keystore accessor functions */
extern int sm_keystore_slot_alloc(struct device *dev, u32 unit, u32 size,
u32 *slot);
extern int sm_keystore_slot_dealloc(struct device *dev, u32 unit, u32 slot);
extern int sm_keystore_slot_load(struct device *dev, u32 unit, u32 slot,
const u8 *key_data, u32 key_length);
extern int sm_keystore_slot_read(struct device *dev, u32 unit, u32 slot,
u32 key_length, u8 *key_data);
extern int sm_keystore_cover_key(struct device *dev, u32 unit, u32 slot,
u16 key_length, u8 keyauth);
extern int sm_keystore_slot_export(struct device *dev, u32 unit, u32 slot,
u8 keycolor, u8 keyauth, u8 *outbuf,
u16 keylen, u8 *keymod);
extern int sm_keystore_slot_import(struct device *dev, u32 unit, u32 slot,
u8 keycolor, u8 keyauth, u8 *inbuf,
u16 keylen, u8 *keymod);
/* Prior functions from legacy API, deprecated */
extern int sm_keystore_slot_encapsulate(struct device *dev, u32 unit,
u32 inslot, u32 outslot, u16 secretlen,
u8 *keymod, u16 keymodlen);
extern int sm_keystore_slot_decapsulate(struct device *dev, u32 unit,
u32 inslot, u32 outslot, u16 secretlen,
u8 *keymod, u16 keymodlen);
/* Data structure to hold per-slot information */
struct keystore_data_slot_info {
u8 allocated; /* Track slot assignments */
u32 key_length; /* Size of the key */
};
/* Data structure to hold keystore information */
struct keystore_data {
void *base_address; /* Virtual base of secure memory pages */
void *phys_address; /* Physical base of secure memory pages */
u32 slot_count; /* Number of slots in the keystore */
struct keystore_data_slot_info *slot; /* Per-slot information */
};
/* store the detected attributes of a secure memory page */
struct sm_page_descriptor {
u16 phys_pagenum; /* may be discontiguous */
u16 own_part; /* Owning partition */
void *pg_base; /* Calculated virtual address */
void *pg_phys; /* Calculated physical address */
struct keystore_data *ksdata;
};
struct caam_drv_private_sm {
struct device *parentdev; /* this ends up as the controller */
struct device *smringdev; /* ring that owns this instance */
struct platform_device *sm_pdev; /* Secure Memory platform device */
spinlock_t kslock ____cacheline_aligned;
/* SM Register offset from JR base address */
u32 sm_reg_offset;
/* Default parameters for geometry */
u32 max_pages; /* maximum pages this instance can support */
u32 top_partition; /* highest partition number in this instance */
u32 top_page; /* highest page number in this instance */
u32 page_size; /* page size */
u32 slot_size; /* selected size of each storage block */
/* Partition/Page Allocation Map */
u32 localpages; /* Number of pages we can access */
struct sm_page_descriptor *pagedesc; /* Allocated per-page */
/* Installed handlers for keystore access */
int (*data_init)(struct device *dev, u32 unit);
void (*data_cleanup)(struct device *dev, u32 unit);
int (*slot_alloc)(struct device *dev, u32 unit, u32 size, u32 *slot);
int (*slot_dealloc)(struct device *dev, u32 unit, u32 slot);
void *(*slot_get_address)(struct device *dev, u32 unit, u32 handle);
void *(*slot_get_physical)(struct device *dev, u32 unit, u32 handle);
u32 (*slot_get_base)(struct device *dev, u32 unit, u32 handle);
u32 (*slot_get_offset)(struct device *dev, u32 unit, u32 handle);
u32 (*slot_get_slot_size)(struct device *dev, u32 unit, u32 handle);
};
#endif /* SM_H */
Reference in New Issue View Git Blame Copy Permalink