2 * CAAM control-plane driver backend
3 * Controller-level driver, kernel property detection, initialization
5 * Copyright 2008-2012 Freescale Semiconductor, Inc.
12 #include "desc_constr.h"
17 * Descriptor to instantiate RNG State Handle 0 in normal mode and
18 * load the JDKEK, TDKEK and TDSK registers
20 static void build_instantiation_desc(u32 *desc)
24 init_job_desc(desc, 0);
26 /* INIT RNG in non-test mode */
27 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
31 jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1);
32 set_jump_tgt_here(desc, jump_cmd);
35 * load 1 to clear written reg:
36 * resets the done interrupt and returns the RNG to idle.
38 append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW);
40 /* generate secure keys (non-test) */
41 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
44 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
47 /* Descriptor for deinstantiation of State Handle 0 of the RNG block. */
48 static void build_deinstantiation_desc(u32 *desc)
50 init_job_desc(desc, 0);
52 /* Uninstantiate State Handle 0 */
53 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG |
56 append_jump(desc, JUMP_CLASS_CLASS1 | JUMP_TYPE_HALT);
60 * run_descriptor_deco0 - runs a descriptor on DECO0, under direct control of
61 * the software (no JR/QI used).
62 * @ctrldev - pointer to device
63 * Return: - 0 if no error occurred
64 * - -ENODEV if the DECO couldn't be acquired
65 * - -EAGAIN if an error occurred while executing the descriptor
67 static inline int run_descriptor_deco0(struct device *ctrldev, u32 *desc)
69 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
70 struct caam_full __iomem *topregs;
71 unsigned int timeout = 100000;
72 u32 deco_dbg_reg, flags;
75 /* Set the bit to request direct access to DECO0 */
76 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
77 setbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
79 while (!(rd_reg32(&topregs->ctrl.deco_rq) & DECORR_DEN0) &&
84 dev_err(ctrldev, "failed to acquire DECO 0\n");
85 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
89 for (i = 0; i < desc_len(desc); i++)
90 wr_reg32(&topregs->deco.descbuf[i], *(desc + i));
92 flags = DECO_JQCR_WHL;
94 * If the descriptor length is longer than 4 words, then the
95 * FOUR bit in JRCTRL register must be set.
97 if (desc_len(desc) >= 4)
98 flags |= DECO_JQCR_FOUR;
100 /* Instruct the DECO to execute it */
101 wr_reg32(&topregs->deco.jr_ctl_hi, flags);
105 deco_dbg_reg = rd_reg32(&topregs->deco.desc_dbg);
107 * If an error occured in the descriptor, then
108 * the DECO status field will be set to 0x0D
110 if ((deco_dbg_reg & DESC_DBG_DECO_STAT_MASK) ==
111 DESC_DBG_DECO_STAT_HOST_ERR)
114 } while ((deco_dbg_reg & DESC_DBG_DECO_STAT_VALID) && --timeout);
116 /* Mark the DECO as free */
117 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE);
126 * instantiate_rng - builds and executes a descriptor on DECO0,
127 * which initializes the RNG block.
128 * @ctrldev - pointer to device
129 * Return: - 0 if no error occurred
130 * - -ENOMEM if there isn't enough memory to allocate the descriptor
131 * - -ENODEV if DECO0 couldn't be acquired
132 * - -EAGAIN if an error occurred when executing the descriptor
133 * f.i. there was a RNG hardware error due to not "good enough"
134 * entropy being aquired.
136 static int instantiate_rng(struct device *ctrldev)
141 desc = kmalloc(CAAM_CMD_SZ * 7, GFP_KERNEL);
144 /* Create the descriptor for instantiating RNG State Handle 0 */
145 build_instantiation_desc(desc);
147 /* Try to run it through DECO0 */
148 ret = run_descriptor_deco0(ctrldev, desc);
156 * deinstantiate_rng - builds and executes a descriptor on DECO0,
157 * which deinitializes the RNG block.
158 * @ctrldev - pointer to device
160 * Return: - 0 if no error occurred
161 * - -ENOMEM if there isn't enough memory to allocate the descriptor
162 * - -ENODEV if DECO0 couldn't be acquired
163 * - -EAGAIN if an error occurred when executing the descriptor
165 static int deinstantiate_rng(struct device *ctrldev)
170 desc = kmalloc(CAAM_CMD_SZ * 3, GFP_KERNEL);
174 /* Create the descriptor for deinstantating RNG State Handle 0 */
175 build_deinstantiation_desc(desc);
177 /* Try to run it through DECO0 */
178 ret = run_descriptor_deco0(ctrldev, desc);
181 dev_err(ctrldev, "failed to deinstantiate RNG\n");
188 static int caam_remove(struct platform_device *pdev)
190 struct device *ctrldev;
191 struct caam_drv_private *ctrlpriv;
192 struct caam_drv_private_jr *jrpriv;
193 struct caam_full __iomem *topregs;
196 ctrldev = &pdev->dev;
197 ctrlpriv = dev_get_drvdata(ctrldev);
198 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
200 /* shut down JobRs */
201 for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) {
202 ret |= caam_jr_shutdown(ctrlpriv->jrdev[ring]);
203 jrpriv = dev_get_drvdata(ctrlpriv->jrdev[ring]);
204 irq_dispose_mapping(jrpriv->irq);
207 /* De-initialize RNG if it was initialized by this driver. */
208 if (ctrlpriv->rng4_init)
209 deinstantiate_rng(ctrldev);
211 /* Shut down debug views */
212 #ifdef CONFIG_DEBUG_FS
213 debugfs_remove_recursive(ctrlpriv->dfs_root);
216 /* Unmap controller region */
217 iounmap(&topregs->ctrl);
219 kfree(ctrlpriv->jrdev);
226 * kick_trng - sets the various parameters for enabling the initialization
227 * of the RNG4 block in CAAM
228 * @pdev - pointer to the platform device
229 * @ent_delay - Defines the length (in system clocks) of each entropy sample.
231 static void kick_trng(struct platform_device *pdev, int ent_delay)
233 struct device *ctrldev = &pdev->dev;
234 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev);
235 struct caam_full __iomem *topregs;
236 struct rng4tst __iomem *r4tst;
239 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl;
240 r4tst = &topregs->ctrl.r4tst[0];
242 /* put RNG4 into program mode */
243 setbits32(&r4tst->rtmctl, RTMCTL_PRGM);
246 * Performance-wise, it does not make sense to
247 * set the delay to a value that is lower
248 * than the last one that worked (i.e. the state handles
249 * were instantiated properly. Thus, instead of wasting
250 * time trying to set the values controlling the sample
251 * frequency, the function simply returns.
253 val = (rd_reg32(&r4tst->rtsdctl) & RTSDCTL_ENT_DLY_MASK)
254 >> RTSDCTL_ENT_DLY_SHIFT;
255 if (ent_delay <= val) {
256 /* put RNG4 into run mode */
257 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
261 val = rd_reg32(&r4tst->rtsdctl);
262 val = (val & ~RTSDCTL_ENT_DLY_MASK) |
263 (ent_delay << RTSDCTL_ENT_DLY_SHIFT);
264 wr_reg32(&r4tst->rtsdctl, val);
265 /* min. freq. count, equal to 1/4 of the entropy sample length */
266 wr_reg32(&r4tst->rtfrqmin, ent_delay >> 2);
267 /* max. freq. count, equal to 8 times the entropy sample length */
268 wr_reg32(&r4tst->rtfrqmax, ent_delay << 3);
269 /* put RNG4 into run mode */
270 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM);
274 * caam_get_era() - Return the ERA of the SEC on SoC, based
275 * on the SEC_VID register.
276 * Returns the ERA number (1..4) or -ENOTSUPP if the ERA is unknown.
277 * @caam_id - the value of the SEC_VID register
279 int caam_get_era(u64 caam_id)
281 struct sec_vid *sec_vid = (struct sec_vid *)&caam_id;
282 static const struct {
297 for (i = 0; i < ARRAY_SIZE(caam_eras); i++)
298 if (caam_eras[i].ip_id == sec_vid->ip_id &&
299 caam_eras[i].maj_rev == sec_vid->maj_rev)
300 return caam_eras[i].era;
304 EXPORT_SYMBOL(caam_get_era);
306 /* Probe routine for CAAM top (controller) level */
307 static int caam_probe(struct platform_device *pdev)
309 int ret, ring, rspec, ent_delay = RTSDCTL_ENT_DLY_MIN;
312 struct device_node *nprop, *np;
313 struct caam_ctrl __iomem *ctrl;
314 struct caam_full __iomem *topregs;
315 struct caam_drv_private *ctrlpriv;
316 #ifdef CONFIG_DEBUG_FS
317 struct caam_perfmon *perfmon;
321 ctrlpriv = kzalloc(sizeof(struct caam_drv_private), GFP_KERNEL);
326 dev_set_drvdata(dev, ctrlpriv);
327 ctrlpriv->pdev = pdev;
328 nprop = pdev->dev.of_node;
330 /* Get configuration properties from device tree */
331 /* First, get register page */
332 ctrl = of_iomap(nprop, 0);
334 dev_err(dev, "caam: of_iomap() failed\n");
337 ctrlpriv->ctrl = (struct caam_ctrl __force *)ctrl;
339 /* topregs used to derive pointers to CAAM sub-blocks only */
340 topregs = (struct caam_full __iomem *)ctrl;
342 /* Get the IRQ of the controller (for security violations only) */
343 ctrlpriv->secvio_irq = of_irq_to_resource(nprop, 0, NULL);
346 * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
347 * long pointers in master configuration register
349 setbits32(&topregs->ctrl.mcr, MCFGR_WDENABLE |
350 (sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0));
352 if (sizeof(dma_addr_t) == sizeof(u64))
353 if (of_device_is_compatible(nprop, "fsl,sec-v5.0"))
354 dma_set_mask(dev, DMA_BIT_MASK(40));
356 dma_set_mask(dev, DMA_BIT_MASK(36));
358 dma_set_mask(dev, DMA_BIT_MASK(32));
361 * Detect and enable JobRs
362 * First, find out how many ring spec'ed, allocate references
363 * for all, then go probe each one.
366 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring")
369 /* for backward compatible with device trees */
370 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring")
374 ctrlpriv->jrdev = kzalloc(sizeof(struct device *) * rspec, GFP_KERNEL);
375 if (ctrlpriv->jrdev == NULL) {
376 iounmap(&topregs->ctrl);
381 ctrlpriv->total_jobrs = 0;
382 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") {
383 caam_jr_probe(pdev, np, ring);
384 ctrlpriv->total_jobrs++;
388 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") {
389 caam_jr_probe(pdev, np, ring);
390 ctrlpriv->total_jobrs++;
395 /* Check to see if QI present. If so, enable */
396 ctrlpriv->qi_present = !!(rd_reg64(&topregs->ctrl.perfmon.comp_parms) &
398 if (ctrlpriv->qi_present) {
399 ctrlpriv->qi = (struct caam_queue_if __force *)&topregs->qi;
400 /* This is all that's required to physically enable QI */
401 wr_reg32(&topregs->qi.qi_control_lo, QICTL_DQEN);
404 /* If no QI and no rings specified, quit and go home */
405 if ((!ctrlpriv->qi_present) && (!ctrlpriv->total_jobrs)) {
406 dev_err(dev, "no queues configured, terminating\n");
411 cha_vid = rd_reg64(&topregs->ctrl.perfmon.cha_id);
414 * If SEC has RNG version >= 4 and RNG state handle has not been
415 * already instantiated, do RNG instantiation
417 if ((cha_vid & CHA_ID_RNG_MASK) >> CHA_ID_RNG_SHIFT >= 4 &&
418 !(rd_reg32(&topregs->ctrl.r4tst[0].rdsta) & RDSTA_IF0)) {
420 kick_trng(pdev, ent_delay);
421 ret = instantiate_rng(dev);
423 } while ((ret == -EAGAIN) && (ent_delay < RTSDCTL_ENT_DLY_MAX));
425 dev_err(dev, "failed to instantiate RNG");
430 ctrlpriv->rng4_init = 1;
432 /* Enable RDB bit so that RNG works faster */
433 setbits32(&topregs->ctrl.scfgr, SCFGR_RDBENABLE);
436 /* NOTE: RTIC detection ought to go here, around Si time */
438 caam_id = rd_reg64(&topregs->ctrl.perfmon.caam_id);
440 /* Report "alive" for developer to see */
441 dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id,
442 caam_get_era(caam_id));
443 dev_info(dev, "job rings = %d, qi = %d\n",
444 ctrlpriv->total_jobrs, ctrlpriv->qi_present);
446 #ifdef CONFIG_DEBUG_FS
448 * FIXME: needs better naming distinction, as some amalgamation of
449 * "caam" and nprop->full_name. The OF name isn't distinctive,
450 * but does separate instances
452 perfmon = (struct caam_perfmon __force *)&ctrl->perfmon;
454 ctrlpriv->dfs_root = debugfs_create_dir("caam", NULL);
455 ctrlpriv->ctl = debugfs_create_dir("ctl", ctrlpriv->dfs_root);
457 /* Controller-level - performance monitor counters */
458 ctrlpriv->ctl_rq_dequeued =
459 debugfs_create_u64("rq_dequeued",
460 S_IRUSR | S_IRGRP | S_IROTH,
461 ctrlpriv->ctl, &perfmon->req_dequeued);
462 ctrlpriv->ctl_ob_enc_req =
463 debugfs_create_u64("ob_rq_encrypted",
464 S_IRUSR | S_IRGRP | S_IROTH,
465 ctrlpriv->ctl, &perfmon->ob_enc_req);
466 ctrlpriv->ctl_ib_dec_req =
467 debugfs_create_u64("ib_rq_decrypted",
468 S_IRUSR | S_IRGRP | S_IROTH,
469 ctrlpriv->ctl, &perfmon->ib_dec_req);
470 ctrlpriv->ctl_ob_enc_bytes =
471 debugfs_create_u64("ob_bytes_encrypted",
472 S_IRUSR | S_IRGRP | S_IROTH,
473 ctrlpriv->ctl, &perfmon->ob_enc_bytes);
474 ctrlpriv->ctl_ob_prot_bytes =
475 debugfs_create_u64("ob_bytes_protected",
476 S_IRUSR | S_IRGRP | S_IROTH,
477 ctrlpriv->ctl, &perfmon->ob_prot_bytes);
478 ctrlpriv->ctl_ib_dec_bytes =
479 debugfs_create_u64("ib_bytes_decrypted",
480 S_IRUSR | S_IRGRP | S_IROTH,
481 ctrlpriv->ctl, &perfmon->ib_dec_bytes);
482 ctrlpriv->ctl_ib_valid_bytes =
483 debugfs_create_u64("ib_bytes_validated",
484 S_IRUSR | S_IRGRP | S_IROTH,
485 ctrlpriv->ctl, &perfmon->ib_valid_bytes);
487 /* Controller level - global status values */
488 ctrlpriv->ctl_faultaddr =
489 debugfs_create_u64("fault_addr",
490 S_IRUSR | S_IRGRP | S_IROTH,
491 ctrlpriv->ctl, &perfmon->faultaddr);
492 ctrlpriv->ctl_faultdetail =
493 debugfs_create_u32("fault_detail",
494 S_IRUSR | S_IRGRP | S_IROTH,
495 ctrlpriv->ctl, &perfmon->faultdetail);
496 ctrlpriv->ctl_faultstatus =
497 debugfs_create_u32("fault_status",
498 S_IRUSR | S_IRGRP | S_IROTH,
499 ctrlpriv->ctl, &perfmon->status);
501 /* Internal covering keys (useful in non-secure mode only) */
502 ctrlpriv->ctl_kek_wrap.data = &ctrlpriv->ctrl->kek[0];
503 ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
504 ctrlpriv->ctl_kek = debugfs_create_blob("kek",
508 &ctrlpriv->ctl_kek_wrap);
510 ctrlpriv->ctl_tkek_wrap.data = &ctrlpriv->ctrl->tkek[0];
511 ctrlpriv->ctl_tkek_wrap.size = KEK_KEY_SIZE * sizeof(u32);
512 ctrlpriv->ctl_tkek = debugfs_create_blob("tkek",
516 &ctrlpriv->ctl_tkek_wrap);
518 ctrlpriv->ctl_tdsk_wrap.data = &ctrlpriv->ctrl->tdsk[0];
519 ctrlpriv->ctl_tdsk_wrap.size = KEK_KEY_SIZE * sizeof(u32);
520 ctrlpriv->ctl_tdsk = debugfs_create_blob("tdsk",
524 &ctrlpriv->ctl_tdsk_wrap);
529 static struct of_device_id caam_match[] = {
531 .compatible = "fsl,sec-v4.0",
534 .compatible = "fsl,sec4.0",
538 MODULE_DEVICE_TABLE(of, caam_match);
540 static struct platform_driver caam_driver = {
543 .owner = THIS_MODULE,
544 .of_match_table = caam_match,
547 .remove = caam_remove,
550 module_platform_driver(caam_driver);
552 MODULE_LICENSE("GPL");
553 MODULE_DESCRIPTION("FSL CAAM request backend");
554 MODULE_AUTHOR("Freescale Semiconductor - NMG/STC");