2 * CAAM control-plane driver backend
3 * Controller-level driver, kernel property detection, initialization
5 * Copyright 2008-2012 Freescale Semiconductor, Inc.
8 #include <linux/of_address.h>
9 #include <linux/of_irq.h>
15 #include "desc_constr.h"
20 * Descriptor to instantiate RNG State Handle 0 in normal mode and
21 * load the JDKEK, TDKEK and TDSK registers
23 static void build_instantiation_desc(u32 *desc, int handle, int do_sk)
25 u32 *jump_cmd, op_flags;
27 init_job_desc(desc, 0);
29 op_flags = OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
30 (handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INIT;
32 /* INIT RNG in non-test mode */
33 append_operation(desc, op_flags);
35 if (!handle && do_sk) {
37 * For SH0, Secure Keys must be generated as well
41 jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
42 set_jump_tgt_here(desc, jump_cmd);
45 * load 1 to clear written reg:
46 * resets the done interrrupt and returns the RNG to idle.
48 append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
50 /* Initialize State Handle */
51 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
55 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
58 /* Descriptor for deinstantiation of State Handle 0 of the RNG block. */
59 static void build_deinstantiation_desc(u32 *desc, int handle)
61 init_job_desc(desc, 0);
63 /* Uninstantiate State Handle 0 */
64 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
65 (handle << OP_ALG_AAI_SHIFT) | OP_ALG_AS_INITFINAL);
67 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
71 * run_descriptor_deco0 - runs a descriptor on DECO0, under direct control of
72 * the software (no JR/QI used).
73 * @ctrldev - pointer to device
74 * @status - descriptor status, after being run
76 * Return: - 0 if no error occurred
77 * - -ENODEV if the DECO couldn't be acquired
78 * - -EAGAIN if an error occurred while executing the descriptor
80 static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc,
83 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
84 struct caam_full __iomem *topregs;
85 unsigned int timeout = 100000;
86 u32 deco_dbg_reg, flags;
89 /* Set the bit to request direct access to DECO0 */
90 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
91 setbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
93 while (!(rd_reg32(&topregs->ctrl.deco_rq) & DECORR_DEN0) &&
98 dev_err(ctrldev, "failed to acquire DECO 0\n");
99 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
103 for (i = 0; i < desc_len(desc); i++)
104 wr_reg32(&topregs->deco.descbuf[i], *(desc + i));
106 flags = DECO_JQCR_WHL;
108 * If the descriptor length is longer than 4 words, then the
109 * FOUR bit in JRCTRL register must be set.
111 if (desc_len(desc) >= 4)
112 flags |= DECO_JQCR_FOUR;
114 /* Instruct the DECO to execute it */
115 wr_reg32(&topregs->deco.jr_ctl_hi, flags);
119 deco_dbg_reg = rd_reg32(&topregs->deco.desc_dbg);
121 * If an error occured in the descriptor, then
122 * the DECO status field will be set to 0x0D
124 if ((deco_dbg_reg & DESC_DBG_DECO_STAT_MASK) ==
125 DESC_DBG_DECO_STAT_HOST_ERR)
128 } while ((deco_dbg_reg & DESC_DBG_DECO_STAT_VALID) && --timeout);
130 *status = rd_reg32(&topregs->deco.op_status_hi) &
131 DECO_OP_STATUS_HI_ERR_MASK;
133 /* Mark the DECO as free */
134 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
143 * instantiate_rng - builds and executes a descriptor on DECO0,
144 * which initializes the RNG block.
145 * @ctrldev - pointer to device
146 * @state_handle_mask - bitmask containing the instantiation status
147 * for the RNG4 state handles which exist in
148 * the RNG4 block: 1 if it's been instantiated
149 * by an external entry, 0 otherwise.
150 * @gen_sk - generate data to be loaded into the JDKEK, TDKEK and TDSK;
151 * Caution: this can be done only once; if the keys need to be
152 * regenerated, a POR is required
154 * Return: - 0 if no error occurred
155 * - -ENOMEM if there isn't enough memory to allocate the descriptor
156 * - -ENODEV if DECO0 couldn't be acquired
157 * - -EAGAIN if an error occurred when executing the descriptor
158 * f.i. there was a RNG hardware error due to not "good enough"
159 * entropy being aquired.
161 static int instantiate_rng(struct device *ctrldev, int state_handle_mask,
164 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
165 struct caam_full __iomem *topregs;
166 struct rng4tst __iomem *r4tst;
167 u32 *desc, status, rdsta_val;
170 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
171 r4tst = &topregs->ctrl.r4tst[0];
173 desc = kmalloc(CAAM_CMD_SZ * 7, GFP_KERNEL);
177 for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
179 * If the corresponding bit is set, this state handle
180 * was initialized by somebody else, so it's left alone.
182 if ((1 << sh_idx) & state_handle_mask)
185 /* Create the descriptor for instantiating RNG State Handle */
186 build_instantiation_desc(desc, sh_idx, gen_sk);
188 /* Try to run it through DECO0 */
189 ret = run_descriptor_deco0(ctrldev, desc, &status);
192 * If ret is not 0, or descriptor status is not 0, then
193 * something went wrong. No need to try the next state
194 * handle (if available), bail out here.
195 * Also, if for some reason, the State Handle didn't get
196 * instantiated although the descriptor has finished
197 * without any error (HW optimizations for later
198 * CAAM eras), then try again.
201 rd_reg32(&topregs->ctrl.r4tst[0].rdsta) & RDSTA_IFMASK;
202 if (status || !(rdsta_val & (1 << sh_idx)))
207 dev_info(ctrldev, "Instantiated RNG4 SH%d\n", sh_idx);
208 /* Clear the contents before recreating the descriptor */
209 memset(desc, 0x00, CAAM_CMD_SZ * 7);
218 * deinstantiate_rng - builds and executes a descriptor on DECO0,
219 * which deinitializes the RNG block.
220 * @ctrldev - pointer to device
221 * @state_handle_mask - bitmask containing the instantiation status
222 * for the RNG4 state handles which exist in
223 * the RNG4 block: 1 if it's been instantiated
225 * Return: - 0 if no error occurred
226 * - -ENOMEM if there isn't enough memory to allocate the descriptor
227 * - -ENODEV if DECO0 couldn't be acquired
228 * - -EAGAIN if an error occurred when executing the descriptor
230 static int deinstantiate_rng(struct device *ctrldev, int state_handle_mask)
235 desc = kmalloc(CAAM_CMD_SZ * 3, GFP_KERNEL);
239 for (sh_idx = 0; sh_idx < RNG4_MAX_HANDLES; sh_idx++) {
241 * If the corresponding bit is set, then it means the state
242 * handle was initialized by us, and thus it needs to be
243 * deintialized as well
245 if ((1 << sh_idx) & state_handle_mask) {
247 * Create the descriptor for deinstantating this state
250 build_deinstantiation_desc(desc, sh_idx);
252 /* Try to run it through DECO0 */
253 ret = run_descriptor_deco0(ctrldev, desc, &status);
257 "Failed to deinstantiate RNG4 SH%d\n",
261 dev_info(ctrldev, "Deinstantiated RNG4 SH%d\n", sh_idx);
270 static int caam_remove(struct platform_device *pdev)
272 struct device *ctrldev;
273 struct caam_drv_private *ctrlpriv;
274 struct caam_drv_private_jr *jrpriv;
275 struct caam_full __iomem *topregs;
278 ctrldev = &pdev->dev;
279 ctrlpriv = dev_get_drvdata(ctrldev);
280 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
282 /* shut down JobRs */
283 for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) {
284 ret |= caam_jr_shutdown(ctrlpriv->jrdev[ring]);
285 jrpriv = dev_get_drvdata(ctrlpriv->jrdev[ring]);
286 irq_dispose_mapping(jrpriv->irq);
289 /* De-initialize RNG state handles initialized by this driver. */
290 if (ctrlpriv->rng4_sh_init)
291 deinstantiate_rng(ctrldev, ctrlpriv->rng4_sh_init);
293 /* Shut down debug views */
294 #ifdef CONFIG_DEBUG_FS
295 debugfs_remove_recursive(ctrlpriv->dfs_root);
298 /* Unmap controller region */
299 iounmap(&topregs->ctrl);
301 kfree(ctrlpriv->jrdev);
308 * kick_trng - sets the various parameters for enabling the initialization
309 * of the RNG4 block in CAAM
310 * @pdev - pointer to the platform device
311 * @ent_delay - Defines the length (in system clocks) of each entropy sample.
313 static void kick_trng(struct platform_device *pdev, int ent_delay)
315 struct device *ctrldev = &pdev->dev;
316 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
317 struct caam_full __iomem *topregs;
318 struct rng4tst __iomem *r4tst;
321 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
322 r4tst = &topregs->ctrl.r4tst[0];
324 /* put RNG4 into program mode */
325 setbits32(&r4tst->rtmctl, RTMCTL_PRGM);
328 * Performance-wise, it does not make sense to
329 * set the delay to a value that is lower
330 * than the last one that worked (i.e. the state handles
331 * were instantiated properly. Thus, instead of wasting
332 * time trying to set the values controlling the sample
333 * frequency, the function simply returns.
335 val = (rd_reg32(&r4tst->rtsdctl) & RTSDCTL_ENT_DLY_MASK)
336 >> RTSDCTL_ENT_DLY_SHIFT;
337 if (ent_delay <= val) {
338 /* put RNG4 into run mode */
339 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
343 val = rd_reg32(&r4tst->rtsdctl);
344 val = (val & ~RTSDCTL_ENT_DLY_MASK) |
345 (ent_delay << RTSDCTL_ENT_DLY_SHIFT);
346 wr_reg32(&r4tst->rtsdctl, val);
347 /* min. freq. count, equal to 1/4 of the entropy sample length */
348 wr_reg32(&r4tst->rtfrqmin, ent_delay >> 2);
349 /* max. freq. count, equal to 8 times the entropy sample length */
350 wr_reg32(&r4tst->rtfrqmax, ent_delay << 3);
351 /* put RNG4 into run mode */
352 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
356 * caam_get_era() - Return the ERA of the SEC on SoC, based
357 * on the SEC_VID register.
358 * Returns the ERA number (1..4) or -ENOTSUPP if the ERA is unknown.
359 * @caam_id - the value of the SEC_VID register
361 int caam_get_era(u64 caam_id)
363 struct sec_vid *sec_vid = (struct sec_vid *)&caam_id;
364 static const struct {
379 for (i = 0; i < ARRAY_SIZE(caam_eras); i++)
380 if (caam_eras[i].ip_id == sec_vid->ip_id &&
381 caam_eras[i].maj_rev == sec_vid->maj_rev)
382 return caam_eras[i].era;
386 EXPORT_SYMBOL(caam_get_era);
388 /* Probe routine for CAAM top (controller) level */
389 static int caam_probe(struct platform_device *pdev)
391 int ret, ring, rspec, gen_sk, ent_delay = RTSDCTL_ENT_DLY_MIN;
394 struct device_node *nprop, *np;
395 struct caam_ctrl __iomem *ctrl;
396 struct caam_full __iomem *topregs;
397 struct caam_drv_private *ctrlpriv;
398 #ifdef CONFIG_DEBUG_FS
399 struct caam_perfmon *perfmon;
403 ctrlpriv = kzalloc(sizeof(struct caam_drv_private), GFP_KERNEL);
408 dev_set_drvdata(dev, ctrlpriv);
409 ctrlpriv->pdev = pdev;
410 nprop = pdev->dev.of_node;
412 /* Get configuration properties from device tree */
413 /* First, get register page */
414 ctrl = of_iomap(nprop, 0);
416 dev_err(dev, "caam: of_iomap() failed\n");
419 ctrlpriv->ctrl = (struct caam_ctrl __force *)ctrl;
421 /* topregs used to derive pointers to CAAM sub-blocks only */
422 topregs = (struct caam_full __iomem *)ctrl;
424 /* Get the IRQ of the controller (for security violations only) */
425 ctrlpriv->secvio_irq = of_irq_to_resource(nprop, 0, NULL);
428 * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
429 * long pointers in master configuration register
431 setbits32(&topregs->ctrl.mcr, MCFGR_WDENABLE |
432 (sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0));
434 if (sizeof(dma_addr_t) == sizeof(u64))
435 if (of_device_is_compatible(nprop, "fsl,sec-v5.0"))
436 dma_set_mask(dev, DMA_BIT_MASK(40));
438 dma_set_mask(dev, DMA_BIT_MASK(36));
440 dma_set_mask(dev, DMA_BIT_MASK(32));
443 * Detect and enable JobRs
444 * First, find out how many ring spec'ed, allocate references
445 * for all, then go probe each one.
448 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring")
451 /* for backward compatible with device trees */
452 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring")
456 ctrlpriv->jrdev = kzalloc(sizeof(struct device *) * rspec, GFP_KERNEL);
457 if (ctrlpriv->jrdev == NULL) {
458 iounmap(&topregs->ctrl);
463 ctrlpriv->total_jobrs = 0;
464 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") {
465 caam_jr_probe(pdev, np, ring);
466 ctrlpriv->total_jobrs++;
470 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") {
471 caam_jr_probe(pdev, np, ring);
472 ctrlpriv->total_jobrs++;
477 /* Check to see if QI present. If so, enable */
478 ctrlpriv->qi_present = !!(rd_reg64(&topregs->ctrl.perfmon.comp_parms) &
480 if (ctrlpriv->qi_present) {
481 ctrlpriv->qi = (struct caam_queue_if __force *)&topregs->qi;
482 /* This is all that's required to physically enable QI */
483 wr_reg32(&topregs->qi.qi_control_lo, QICTL_DQEN);
486 /* If no QI and no rings specified, quit and go home */
487 if ((!ctrlpriv->qi_present) && (!ctrlpriv->total_jobrs)) {
488 dev_err(dev, "no queues configured, terminating\n");
493 cha_vid = rd_reg64(&topregs->ctrl.perfmon.cha_id);
496 * If SEC has RNG version >= 4 and RNG state handle has not been
497 * already instantiated, do RNG instantiation
499 if ((cha_vid & CHA_ID_RNG_MASK) >> CHA_ID_RNG_SHIFT >= 4) {
500 ctrlpriv->rng4_sh_init =
501 rd_reg32(&topregs->ctrl.r4tst[0].rdsta);
503 * If the secure keys (TDKEK, JDKEK, TDSK), were already
504 * generated, signal this to the function that is instantiating
505 * the state handles. An error would occur if RNG4 attempts
506 * to regenerate these keys before the next POR.
508 gen_sk = ctrlpriv->rng4_sh_init & RDSTA_SKVN ? 0 : 1;
509 ctrlpriv->rng4_sh_init &= RDSTA_IFMASK;
512 rd_reg32(&topregs->ctrl.r4tst[0].rdsta) &
515 * If either SH were instantiated by somebody else
516 * (e.g. u-boot) then it is assumed that the entropy
517 * parameters are properly set and thus the function
518 * setting these (kick_trng(...)) is skipped.
519 * Also, if a handle was instantiated, do not change
520 * the TRNG parameters.
522 if (!(ctrlpriv->rng4_sh_init || inst_handles)) {
523 kick_trng(pdev, ent_delay);
527 * if instantiate_rng(...) fails, the loop will rerun
528 * and the kick_trng(...) function will modfiy the
529 * upper and lower limits of the entropy sampling
530 * interval, leading to a sucessful initialization of
533 ret = instantiate_rng(dev, inst_handles,
535 } while ((ret == -EAGAIN) && (ent_delay < RTSDCTL_ENT_DLY_MAX));
537 dev_err(dev, "failed to instantiate RNG");
542 * Set handles init'ed by this module as the complement of the
543 * already initialized ones
545 ctrlpriv->rng4_sh_init = ~ctrlpriv->rng4_sh_init & RDSTA_IFMASK;
547 /* Enable RDB bit so that RNG works faster */
548 setbits32(&topregs->ctrl.scfgr, SCFGR_RDBENABLE);
551 /* NOTE: RTIC detection ought to go here, around Si time */
553 caam_id = rd_reg64(&topregs->ctrl.perfmon.caam_id);
555 /* Report "alive" for developer to see */
556 dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id,
557 caam_get_era(caam_id));
558 dev_info(dev, "job rings = %d, qi = %d\n",
559 ctrlpriv->total_jobrs, ctrlpriv->qi_present);
561 #ifdef CONFIG_DEBUG_FS
563 * FIXME: needs better naming distinction, as some amalgamation of
564 * "caam" and nprop->full_name. The OF name isn't distinctive,
565 * but does separate instances
567 perfmon = (struct caam_perfmon __force *)&ctrl->perfmon;
569 ctrlpriv->dfs_root = debugfs_create_dir("caam", NULL);
570 ctrlpriv->ctl = debugfs_create_dir("ctl", ctrlpriv->dfs_root);
572 /* Controller-level - performance monitor counters */
573 ctrlpriv->ctl_rq_dequeued =
574 debugfs_create_u64("rq_dequeued",
575 S_IRUSR | S_IRGRP | S_IROTH,
576 ctrlpriv->ctl, &perfmon->req_dequeued);
577 ctrlpriv->ctl_ob_enc_req =
578 debugfs_create_u64("ob_rq_encrypted",
579 S_IRUSR | S_IRGRP | S_IROTH,
580 ctrlpriv->ctl, &perfmon->ob_enc_req);
581 ctrlpriv->ctl_ib_dec_req =
582 debugfs_create_u64("ib_rq_decrypted",
583 S_IRUSR | S_IRGRP | S_IROTH,
584 ctrlpriv->ctl, &perfmon->ib_dec_req);
585 ctrlpriv->ctl_ob_enc_bytes =
586 debugfs_create_u64("ob_bytes_encrypted",
587 S_IRUSR | S_IRGRP | S_IROTH,
588 ctrlpriv->ctl, &perfmon->ob_enc_bytes);
589 ctrlpriv->ctl_ob_prot_bytes =
590 debugfs_create_u64("ob_bytes_protected",
591 S_IRUSR | S_IRGRP | S_IROTH,
592 ctrlpriv->ctl, &perfmon->ob_prot_bytes);
593 ctrlpriv->ctl_ib_dec_bytes =
594 debugfs_create_u64("ib_bytes_decrypted",
595 S_IRUSR | S_IRGRP | S_IROTH,
596 ctrlpriv->ctl, &perfmon->ib_dec_bytes);
597 ctrlpriv->ctl_ib_valid_bytes =
598 debugfs_create_u64("ib_bytes_validated",
599 S_IRUSR | S_IRGRP | S_IROTH,
600 ctrlpriv->ctl, &perfmon->ib_valid_bytes);
602 /* Controller level - global status values */
603 ctrlpriv->ctl_faultaddr =
604 debugfs_create_u64("fault_addr",
605 S_IRUSR | S_IRGRP | S_IROTH,
606 ctrlpriv->ctl, &perfmon->faultaddr);
607 ctrlpriv->ctl_faultdetail =
608 debugfs_create_u32("fault_detail",
609 S_IRUSR | S_IRGRP | S_IROTH,
610 ctrlpriv->ctl, &perfmon->faultdetail);
611 ctrlpriv->ctl_faultstatus =
612 debugfs_create_u32("fault_status",
613 S_IRUSR | S_IRGRP | S_IROTH,
614 ctrlpriv->ctl, &perfmon->status);
616 /* Internal covering keys (useful in non-secure mode only) */
617 ctrlpriv->ctl_kek_wrap.data = &ctrlpriv->ctrl->kek[0];
618 ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
619 ctrlpriv->ctl_kek = debugfs_create_blob("kek",
623 &ctrlpriv->ctl_kek_wrap);
625 ctrlpriv->ctl_tkek_wrap.data = &ctrlpriv->ctrl->tkek[0];
626 ctrlpriv->ctl_tkek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
627 ctrlpriv->ctl_tkek = debugfs_create_blob("tkek",
631 &ctrlpriv->ctl_tkek_wrap);
633 ctrlpriv->ctl_tdsk_wrap.data = &ctrlpriv->ctrl->tdsk[0];
634 ctrlpriv->ctl_tdsk_wrap.size = KEK_KEY_SIZE * sizeof(u32);
635 ctrlpriv->ctl_tdsk = debugfs_create_blob("tdsk",
639 &ctrlpriv->ctl_tdsk_wrap);
644 static struct of_device_id caam_match[] = {
646 .compatible = "fsl,sec-v4.0",
649 .compatible = "fsl,sec4.0",
653 MODULE_DEVICE_TABLE(of, caam_match);
655 static struct platform_driver caam_driver = {
658 .owner = THIS_MODULE,
659 .of_match_table = caam_match,
662 .remove = caam_remove,
665 module_platform_driver(caam_driver);
667 MODULE_LICENSE("GPL");
668 MODULE_DESCRIPTION("FSL CAAM request backend");
669 MODULE_AUTHOR("Freescale Semiconductor - NMG/STC");