2 * CAAM control-plane driver backend
3 * Controller-level driver, kernel property detection, initialization
5 * Copyright 2008-2012 Freescale Semiconductor, Inc.
12 #include "desc_constr.h"
17 * Descriptor to instantiate RNG State Handle 0 in normal mode and
18 * load the JDKEK, TDKEK and TDSK registers
20 static void build_instantiation_desc(u32 *desc, int handle, int do_sk)
22 u32 *jump_cmd, op_flags;
24 init_job_desc(desc, 0);
26 op_flags = OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
27 (handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INIT;
29 /* INIT RNG in non-test mode */
30 append_operation(desc, op_flags);
32 if (!handle && do_sk) {
34 * For SH0, Secure Keys must be generated as well
38 jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
39 set_jump_tgt_here(desc, jump_cmd);
42 * load 1 to clear written reg:
43 * resets the done interrrupt and returns the RNG to idle.
45 append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
47 /* Initialize State Handle */
48 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
52 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
55 /* Descriptor for deinstantiation of State Handle 0 of the RNG block. */
56 static void build_deinstantiation_desc(u32 *desc, int handle)
58 init_job_desc(desc, 0);
60 /* Uninstantiate State Handle 0 */
61 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
62 (handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INITFINAL);
64 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
68 * run_descriptor_deco0 - runs a descriptor on DECO0, under direct control of
69 * the software (no JR/QI used).
70 * @ctrldev - pointer to device
71 * @status - descriptor status, after being run
73 * Return: - 0 if no error occurred
74 * - -ENODEV if the DECO couldn't be acquired
75 * - -EAGAIN if an error occurred while executing the descriptor
77 static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc,
80 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
81 struct caam_full __iomem *topregs;
82 unsigned int timeout = 100000;
83 u32 deco_dbg_reg, flags;
86 /* Set the bit to request direct access to DECO0 */
87 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
88 setbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
90 while (!(rd_reg32(&topregs->ctrl.deco_rq) & DECORR_DEN0) &&
95 dev_err(ctrldev, "failed to acquire DECO 0\n");
96 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
100 for (i = 0; i < desc_len(desc); i++)
101 wr_reg32(&topregs->deco.descbuf[i], *(desc + i));
103 flags = DECO_JQCR_WHL;
105 * If the descriptor length is longer than 4 words, then the
106 * FOUR bit in JRCTRL register must be set.
108 if (desc_len(desc) >= 4)
109 flags |= DECO_JQCR_FOUR;
111 /* Instruct the DECO to execute it */
112 wr_reg32(&topregs->deco.jr_ctl_hi, flags);
116 deco_dbg_reg = rd_reg32(&topregs->deco.desc_dbg);
118 * If an error occured in the descriptor, then
119 * the DECO status field will be set to 0x0D
121 if ((deco_dbg_reg & DESC_DBG_DECO_STAT_MASK) ==
122 DESC_DBG_DECO_STAT_HOST_ERR)
125 } while ((deco_dbg_reg & DESC_DBG_DECO_STAT_VALID) && --timeout);
127 *status = rd_reg32(&topregs->deco.op_status_hi) &
128 DECO_OP_STATUS_HI_ERR_MASK;
130 /* Mark the DECO as free */
131 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
140 * instantiate_rng - builds and executes a descriptor on DECO0,
141 * which initializes the RNG block.
142 * @ctrldev - pointer to device
143 * @state_handle_mask - bitmask containing the instantiation status
144 * for the RNG4 state handles which exist in
145 * the RNG4 block: 1 if it's been instantiated
146 * by an external entry, 0 otherwise.
147 * @gen_sk - generate data to be loaded into the JDKEK, TDKEK and TDSK;
148 * Caution: this can be done only once; if the keys need to be
149 * regenerated, a POR is required
151 * Return: - 0 if no error occurred
152 * - -ENOMEM if there isn't enough memory to allocate the descriptor
153 * - -ENODEV if DECO0 couldn't be acquired
154 * - -EAGAIN if an error occurred when executing the descriptor
155 * f.i. there was a RNG hardware error due to not "good enough"
156 * entropy being aquired.
158 static int instantiate_rng(struct device *ctrldev, int state_handle_mask,
161 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
162 struct caam_full __iomem *topregs;
163 struct rng4tst __iomem *r4tst;
164 u32 *desc, status, rdsta_val;
167 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
168 r4tst = &topregs->ctrl.r4tst[0];
170 desc = kmalloc(CAAM_CMD_SZ * 7, GFP_KERNEL);
174 for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
176 * If the corresponding bit is set, this state handle
177 * was initialized by somebody else, so it's left alone.
179 if ((1 << sh_idx) & state_handle_mask)
182 /* Create the descriptor for instantiating RNG State Handle */
183 build_instantiation_desc(desc, sh_idx, gen_sk);
185 /* Try to run it through DECO0 */
186 ret = run_descriptor_deco0(ctrldev, desc, &status);
189 * If ret is not 0, or descriptor status is not 0, then
190 * something went wrong. No need to try the next state
191 * handle (if available), bail out here.
192 * Also, if for some reason, the State Handle didn't get
193 * instantiated although the descriptor has finished
194 * without any error (HW optimizations for later
195 * CAAM eras), then try again.
198 rd_reg32(&topregs->ctrl.r4tst[0].rdsta) & RDSTA_IFMASK;
199 if (status || !(rdsta_val & (1 << sh_idx)))
204 dev_info(ctrldev, "Instantiated RNG4 SH%d\n", sh_idx);
205 /* Clear the contents before recreating the descriptor */
206 memset(desc, 0x00, CAAM_CMD_SZ * 7);
215 * deinstantiate_rng - builds and executes a descriptor on DECO0,
216 * which deinitializes the RNG block.
217 * @ctrldev - pointer to device
218 * @state_handle_mask - bitmask containing the instantiation status
219 * for the RNG4 state handles which exist in
220 * the RNG4 block: 1 if it's been instantiated
222 * Return: - 0 if no error occurred
223 * - -ENOMEM if there isn't enough memory to allocate the descriptor
224 * - -ENODEV if DECO0 couldn't be acquired
225 * - -EAGAIN if an error occurred when executing the descriptor
227 static int deinstantiate_rng(struct device *ctrldev, int state_handle_mask)
232 desc = kmalloc(CAAM_CMD_SZ * 3, GFP_KERNEL);
236 for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
238 * If the corresponding bit is set, then it means the state
239 * handle was initialized by us, and thus it needs to be
240 * deintialized as well
242 if ((1 << sh_idx) & state_handle_mask) {
244 * Create the descriptor for deinstantating this state
247 build_deinstantiation_desc(desc, sh_idx);
249 /* Try to run it through DECO0 */
250 ret = run_descriptor_deco0(ctrldev, desc, &status);
254 "Failed to deinstantiate RNG4 SH%d\n",
258 dev_info(ctrldev, "Deinstantiated RNG4 SH%d\n", sh_idx);
267 static int caam_remove(struct platform_device *pdev)
269 struct device *ctrldev;
270 struct caam_drv_private *ctrlpriv;
271 struct caam_drv_private_jr *jrpriv;
272 struct caam_full __iomem *topregs;
275 ctrldev = &pdev->dev;
276 ctrlpriv = dev_get_drvdata(ctrldev);
277 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
279 /* shut down JobRs */
280 for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) {
281 ret |= caam_jr_shutdown(ctrlpriv->jrdev[ring]);
282 jrpriv = dev_get_drvdata(ctrlpriv->jrdev[ring]);
283 irq_dispose_mapping(jrpriv->irq);
286 /* De-initialize RNG state handles initialized by this driver. */
287 if (ctrlpriv->rng4_sh_init)
288 deinstantiate_rng(ctrldev, ctrlpriv->rng4_sh_init);
290 /* Shut down debug views */
291 #ifdef CONFIG_DEBUG_FS
292 debugfs_remove_recursive(ctrlpriv->dfs_root);
295 /* Unmap controller region */
296 iounmap(&topregs->ctrl);
298 kfree(ctrlpriv->jrdev);
305 * kick_trng - sets the various parameters for enabling the initialization
306 * of the RNG4 block in CAAM
307 * @pdev - pointer to the platform device
308 * @ent_delay - Defines the length (in system clocks) of each entropy sample.
310 static void kick_trng(struct platform_device *pdev, int ent_delay)
312 struct device *ctrldev = &pdev->dev;
313 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
314 struct caam_full __iomem *topregs;
315 struct rng4tst __iomem *r4tst;
318 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
319 r4tst = &topregs->ctrl.r4tst[0];
321 /* put RNG4 into program mode */
322 setbits32(&r4tst->rtmctl, RTMCTL_PRGM);
325 * Performance-wise, it does not make sense to
326 * set the delay to a value that is lower
327 * than the last one that worked (i.e. the state handles
328 * were instantiated properly. Thus, instead of wasting
329 * time trying to set the values controlling the sample
330 * frequency, the function simply returns.
332 val = (rd_reg32(&r4tst->rtsdctl) & RTSDCTL_ENT_DLY_MASK)
333 >> RTSDCTL_ENT_DLY_SHIFT;
334 if (ent_delay <= val) {
335 /* put RNG4 into run mode */
336 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
340 val = rd_reg32(&r4tst->rtsdctl);
341 val = (val & ~RTSDCTL_ENT_DLY_MASK) |
342 (ent_delay << RTSDCTL_ENT_DLY_SHIFT);
343 wr_reg32(&r4tst->rtsdctl, val);
344 /* min. freq. count, equal to 1/4 of the entropy sample length */
345 wr_reg32(&r4tst->rtfrqmin, ent_delay >> 2);
346 /* max. freq. count, equal to 8 times the entropy sample length */
347 wr_reg32(&r4tst->rtfrqmax, ent_delay << 3);
348 /* put RNG4 into run mode */
349 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
353 * caam_get_era() - Return the ERA of the SEC on SoC, based
354 * on the SEC_VID register.
355 * Returns the ERA number (1..4) or -ENOTSUPP if the ERA is unknown.
356 * @caam_id - the value of the SEC_VID register
358 int caam_get_era(u64 caam_id)
360 struct sec_vid *sec_vid = (struct sec_vid *)&caam_id;
361 static const struct {
376 for (i = 0; i < ARRAY_SIZE(caam_eras); i++)
377 if (caam_eras[i].ip_id == sec_vid->ip_id &&
378 caam_eras[i].maj_rev == sec_vid->maj_rev)
379 return caam_eras[i].era;
383 EXPORT_SYMBOL(caam_get_era);
385 /* Probe routine for CAAM top (controller) level */
386 static int caam_probe(struct platform_device *pdev)
388 int ret, ring, rspec, gen_sk, ent_delay = RTSDCTL_ENT_DLY_MIN;
391 struct device_node *nprop, *np;
392 struct caam_ctrl __iomem *ctrl;
393 struct caam_full __iomem *topregs;
394 struct caam_drv_private *ctrlpriv;
395 #ifdef CONFIG_DEBUG_FS
396 struct caam_perfmon *perfmon;
400 ctrlpriv = kzalloc(sizeof(struct caam_drv_private), GFP_KERNEL);
405 dev_set_drvdata(dev, ctrlpriv);
406 ctrlpriv->pdev = pdev;
407 nprop = pdev->dev.of_node;
409 /* Get configuration properties from device tree */
410 /* First, get register page */
411 ctrl = of_iomap(nprop, 0);
413 dev_err(dev, "caam: of_iomap() failed\n");
416 ctrlpriv->ctrl = (struct caam_ctrl __force *)ctrl;
418 /* topregs used to derive pointers to CAAM sub-blocks only */
419 topregs = (struct caam_full __iomem *)ctrl;
421 /* Get the IRQ of the controller (for security violations only) */
422 ctrlpriv->secvio_irq = of_irq_to_resource(nprop, 0, NULL);
425 * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
426 * long pointers in master configuration register
428 setbits32(&topregs->ctrl.mcr, MCFGR_WDENABLE |
429 (sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0));
431 if (sizeof(dma_addr_t) == sizeof(u64))
432 if (of_device_is_compatible(nprop, "fsl,sec-v5.0"))
433 dma_set_mask(dev, DMA_BIT_MASK(40));
435 dma_set_mask(dev, DMA_BIT_MASK(36));
437 dma_set_mask(dev, DMA_BIT_MASK(32));
440 * Detect and enable JobRs
441 * First, find out how many ring spec'ed, allocate references
442 * for all, then go probe each one.
445 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring")
448 /* for backward compatible with device trees */
449 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring")
453 ctrlpriv->jrdev = kzalloc(sizeof(struct device *) * rspec, GFP_KERNEL);
454 if (ctrlpriv->jrdev == NULL) {
455 iounmap(&topregs->ctrl);
460 ctrlpriv->total_jobrs = 0;
461 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") {
462 caam_jr_probe(pdev, np, ring);
463 ctrlpriv->total_jobrs++;
467 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") {
468 caam_jr_probe(pdev, np, ring);
469 ctrlpriv->total_jobrs++;
474 /* Check to see if QI present. If so, enable */
475 ctrlpriv->qi_present = !!(rd_reg64(&topregs->ctrl.perfmon.comp_parms) &
477 if (ctrlpriv->qi_present) {
478 ctrlpriv->qi = (struct caam_queue_if __force *)&topregs->qi;
479 /* This is all that's required to physically enable QI */
480 wr_reg32(&topregs->qi.qi_control_lo, QICTL_DQEN);
483 /* If no QI and no rings specified, quit and go home */
484 if ((!ctrlpriv->qi_present) && (!ctrlpriv->total_jobrs)) {
485 dev_err(dev, "no queues configured, terminating\n");
490 cha_vid = rd_reg64(&topregs->ctrl.perfmon.cha_id);
493 * If SEC has RNG version >= 4 and RNG state handle has not been
494 * already instantiated, do RNG instantiation
496 if ((cha_vid & CHA_ID_RNG_MASK) >> CHA_ID_RNG_SHIFT >= 4) {
497 ctrlpriv->rng4_sh_init =
498 rd_reg32(&topregs->ctrl.r4tst[0].rdsta);
500 * If the secure keys (TDKEK, JDKEK, TDSK), were already
501 * generated, signal this to the function that is instantiating
502 * the state handles. An error would occur if RNG4 attempts
503 * to regenerate these keys before the next POR.
505 gen_sk = ctrlpriv->rng4_sh_init & RDSTA_SKVN ? 0 : 1;
506 ctrlpriv->rng4_sh_init &= RDSTA_IFMASK;
509 rd_reg32(&topregs->ctrl.r4tst[0].rdsta) &
512 * If either SH were instantiated by somebody else
513 * (e.g. u-boot) then it is assumed that the entropy
514 * parameters are properly set and thus the function
515 * setting these (kick_trng(...)) is skipped.
516 * Also, if a handle was instantiated, do not change
517 * the TRNG parameters.
519 if (!(ctrlpriv->rng4_sh_init || inst_handles)) {
520 kick_trng(pdev, ent_delay);
524 * if instantiate_rng(...) fails, the loop will rerun
525 * and the kick_trng(...) function will modfiy the
526 * upper and lower limits of the entropy sampling
527 * interval, leading to a sucessful initialization of
530 ret = instantiate_rng(dev, inst_handles,
532 } while ((ret == -EAGAIN) && (ent_delay < RTSDCTL_ENT_DLY_MAX));
534 dev_err(dev, "failed to instantiate RNG");
539 * Set handles init'ed by this module as the complement of the
540 * already initialized ones
542 ctrlpriv->rng4_sh_init = ~ctrlpriv->rng4_sh_init & RDSTA_IFMASK;
544 /* Enable RDB bit so that RNG works faster */
545 setbits32(&topregs->ctrl.scfgr, SCFGR_RDBENABLE);
548 /* NOTE: RTIC detection ought to go here, around Si time */
550 caam_id = rd_reg64(&topregs->ctrl.perfmon.caam_id);
552 /* Report "alive" for developer to see */
553 dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id,
554 caam_get_era(caam_id));
555 dev_info(dev, "job rings = %d, qi = %d\n",
556 ctrlpriv->total_jobrs, ctrlpriv->qi_present);
558 #ifdef CONFIG_DEBUG_FS
560 * FIXME: needs better naming distinction, as some amalgamation of
561 * "caam" and nprop->full_name. The OF name isn't distinctive,
562 * but does separate instances
564 perfmon = (struct caam_perfmon __force *)&ctrl->perfmon;
566 ctrlpriv->dfs_root = debugfs_create_dir("caam", NULL);
567 ctrlpriv->ctl = debugfs_create_dir("ctl", ctrlpriv->dfs_root);
569 /* Controller-level - performance monitor counters */
570 ctrlpriv->ctl_rq_dequeued =
571 debugfs_create_u64("rq_dequeued",
572 S_IRUSR | S_IRGRP | S_IROTH,
573 ctrlpriv->ctl, &perfmon->req_dequeued);
574 ctrlpriv->ctl_ob_enc_req =
575 debugfs_create_u64("ob_rq_encrypted",
576 S_IRUSR | S_IRGRP | S_IROTH,
577 ctrlpriv->ctl, &perfmon->ob_enc_req);
578 ctrlpriv->ctl_ib_dec_req =
579 debugfs_create_u64("ib_rq_decrypted",
580 S_IRUSR | S_IRGRP | S_IROTH,
581 ctrlpriv->ctl, &perfmon->ib_dec_req);
582 ctrlpriv->ctl_ob_enc_bytes =
583 debugfs_create_u64("ob_bytes_encrypted",
584 S_IRUSR | S_IRGRP | S_IROTH,
585 ctrlpriv->ctl, &perfmon->ob_enc_bytes);
586 ctrlpriv->ctl_ob_prot_bytes =
587 debugfs_create_u64("ob_bytes_protected",
588 S_IRUSR | S_IRGRP | S_IROTH,
589 ctrlpriv->ctl, &perfmon->ob_prot_bytes);
590 ctrlpriv->ctl_ib_dec_bytes =
591 debugfs_create_u64("ib_bytes_decrypted",
592 S_IRUSR | S_IRGRP | S_IROTH,
593 ctrlpriv->ctl, &perfmon->ib_dec_bytes);
594 ctrlpriv->ctl_ib_valid_bytes =
595 debugfs_create_u64("ib_bytes_validated",
596 S_IRUSR | S_IRGRP | S_IROTH,
597 ctrlpriv->ctl, &perfmon->ib_valid_bytes);
599 /* Controller level - global status values */
600 ctrlpriv->ctl_faultaddr =
601 debugfs_create_u64("fault_addr",
602 S_IRUSR | S_IRGRP | S_IROTH,
603 ctrlpriv->ctl, &perfmon->faultaddr);
604 ctrlpriv->ctl_faultdetail =
605 debugfs_create_u32("fault_detail",
606 S_IRUSR | S_IRGRP | S_IROTH,
607 ctrlpriv->ctl, &perfmon->faultdetail);
608 ctrlpriv->ctl_faultstatus =
609 debugfs_create_u32("fault_status",
610 S_IRUSR | S_IRGRP | S_IROTH,
611 ctrlpriv->ctl, &perfmon->status);
613 /* Internal covering keys (useful in non-secure mode only) */
614 ctrlpriv->ctl_kek_wrap.data = &ctrlpriv->ctrl->kek[0];
615 ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
616 ctrlpriv->ctl_kek = debugfs_create_blob("kek",
620 &ctrlpriv->ctl_kek_wrap);
622 ctrlpriv->ctl_tkek_wrap.data = &ctrlpriv->ctrl->tkek[0];
623 ctrlpriv->ctl_tkek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
624 ctrlpriv->ctl_tkek = debugfs_create_blob("tkek",
628 &ctrlpriv->ctl_tkek_wrap);
630 ctrlpriv->ctl_tdsk_wrap.data = &ctrlpriv->ctrl->tdsk[0];
631 ctrlpriv->ctl_tdsk_wrap.size = KEK_KEY_SIZE * sizeof(u32);
632 ctrlpriv->ctl_tdsk = debugfs_create_blob("tdsk",
636 &ctrlpriv->ctl_tdsk_wrap);
641 static struct of_device_id caam_match[] = {
643 .compatible = "fsl,sec-v4.0",
646 .compatible = "fsl,sec4.0",
650 MODULE_DEVICE_TABLE(of, caam_match);
652 static struct platform_driver caam_driver = {
655 .owner = THIS_MODULE,
656 .of_match_table = caam_match,
659 .remove = caam_remove,
662 module_platform_driver(caam_driver);
664 MODULE_LICENSE("GPL");
665 MODULE_DESCRIPTION("FSL CAAM request backend");
666 MODULE_AUTHOR("Freescale Semiconductor - NMG/STC");