1 /* 2 * CAAM control-plane driver backend 3 * Controller-level driver, kernel property detection, initialization 4 * 5 * Copyright 2008-2012 Freescale Semiconductor, Inc. 6 */ 7 8 #include "compat.h" 9 #include "regs.h" 10 #include "intern.h" 11 #include "jr.h" 12 #include "desc_constr.h" 13 #include "error.h" 14 #include "ctrl.h" 15 16 static int caam_remove(struct platform_device *pdev) 17 { 18 struct device *ctrldev; 19 struct caam_drv_private *ctrlpriv; 20 struct caam_drv_private_jr *jrpriv; 21 struct caam_full __iomem *topregs; 22 int ring, ret = 0; 23 24 ctrldev = &pdev->dev; 25 ctrlpriv = dev_get_drvdata(ctrldev); 26 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl; 27 28 /* shut down JobRs */ 29 for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) { 30 ret |= caam_jr_shutdown(ctrlpriv->jrdev[ring]); 31 jrpriv = dev_get_drvdata(ctrlpriv->jrdev[ring]); 32 irq_dispose_mapping(jrpriv->irq); 33 } 34 35 /* Shut down debug views */ 36 #ifdef CONFIG_DEBUG_FS 37 debugfs_remove_recursive(ctrlpriv->dfs_root); 38 #endif 39 40 /* Unmap controller region */ 41 iounmap(&topregs->ctrl); 42 43 kfree(ctrlpriv->jrdev); 44 kfree(ctrlpriv); 45 46 return ret; 47 } 48 49 /* 50 * Descriptor to instantiate RNG State Handle 0 in normal mode and 51 * load the JDKEK, TDKEK and TDSK registers 52 */ 53 static void build_instantiation_desc(u32 *desc) 54 { 55 u32 *jump_cmd; 56 57 init_job_desc(desc, 0); 58 59 /* INIT RNG in non-test mode */ 60 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG | 61 OP_ALG_AS_INIT); 62 63 /* wait for done */ 64 jump_cmd = append_jump(desc, JUMP_CLASS_CLASS1); 65 set_jump_tgt_here(desc, jump_cmd); 66 67 /* 68 * load 1 to clear written reg: 69 * resets the done interrupt and returns the RNG to idle. 70 */ 71 append_load_imm_u32(desc, 1, LDST_SRCDST_WORD_CLRW); 72 73 /* generate secure keys (non-test) */ 74 append_operation(desc, OP_TYPE_CLASS1_ALG | OP_ALG_ALGSEL_RNG | 75 OP_ALG_RNG4_SK); 76 } 77 78 static int instantiate_rng(struct device *ctrldev) 79 { 80 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev); 81 struct caam_full __iomem *topregs; 82 unsigned int timeout = 100000; 83 u32 *desc; 84 int i, ret = 0; 85 86 desc = kmalloc(CAAM_CMD_SZ * 6, GFP_KERNEL | GFP_DMA); 87 if (!desc) { 88 dev_err(ctrldev, "can't allocate RNG init descriptor memory\n"); 89 return -ENOMEM; 90 } 91 build_instantiation_desc(desc); 92 93 /* Set the bit to request direct access to DECO0 */ 94 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl; 95 setbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE); 96 97 while (!(rd_reg32(&topregs->ctrl.deco_rq) & DECORR_DEN0) && 98 --timeout) 99 cpu_relax(); 100 101 if (!timeout) { 102 dev_err(ctrldev, "failed to acquire DECO 0\n"); 103 ret = -EIO; 104 goto out; 105 } 106 107 for (i = 0; i < desc_len(desc); i++) 108 topregs->deco.descbuf[i] = *(desc + i); 109 110 wr_reg32(&topregs->deco.jr_ctl_hi, DECO_JQCR_WHL | DECO_JQCR_FOUR); 111 112 timeout = 10000000; 113 while ((rd_reg32(&topregs->deco.desc_dbg) & DECO_DBG_VALID) && 114 --timeout) 115 cpu_relax(); 116 117 if (!timeout) { 118 dev_err(ctrldev, "failed to instantiate RNG\n"); 119 ret = -EIO; 120 } 121 122 clrbits32(&topregs->ctrl.deco_rq, DECORR_RQD0ENABLE); 123 out: 124 kfree(desc); 125 return ret; 126 } 127 128 /* 129 * By default, the TRNG runs for 200 clocks per sample; 130 * 1600 clocks per sample generates better entropy. 131 */ 132 static void kick_trng(struct platform_device *pdev) 133 { 134 struct device *ctrldev = &pdev->dev; 135 struct caam_drv_private *ctrlpriv = dev_get_drvdata(ctrldev); 136 struct caam_full __iomem *topregs; 137 struct rng4tst __iomem *r4tst; 138 u32 val; 139 140 topregs = (struct caam_full __iomem *)ctrlpriv->ctrl; 141 r4tst = &topregs->ctrl.r4tst[0]; 142 143 /* put RNG4 into program mode */ 144 setbits32(&r4tst->rtmctl, RTMCTL_PRGM); 145 /* 1600 clocks per sample */ 146 val = rd_reg32(&r4tst->rtsdctl); 147 val = (val & ~RTSDCTL_ENT_DLY_MASK) | (1600 << RTSDCTL_ENT_DLY_SHIFT); 148 wr_reg32(&r4tst->rtsdctl, val); 149 /* min. freq. count */ 150 wr_reg32(&r4tst->rtfrqmin, 400); 151 /* max. freq. count */ 152 wr_reg32(&r4tst->rtfrqmax, 6400); 153 /* put RNG4 into run mode */ 154 clrbits32(&r4tst->rtmctl, RTMCTL_PRGM); 155 } 156 157 /** 158 * caam_get_era() - Return the ERA of the SEC on SoC, based 159 * on the SEC_VID register. 160 * Returns the ERA number (1..4) or -ENOTSUPP if the ERA is unknown. 161 * @caam_id - the value of the SEC_VID register 162 **/ 163 int caam_get_era(u64 caam_id) 164 { 165 struct sec_vid *sec_vid = (struct sec_vid *)&caam_id; 166 static const struct { 167 u16 ip_id; 168 u8 maj_rev; 169 u8 era; 170 } caam_eras[] = { 171 {0x0A10, 1, 1}, 172 {0x0A10, 2, 2}, 173 {0x0A12, 1, 3}, 174 {0x0A14, 1, 3}, 175 {0x0A14, 2, 4}, 176 {0x0A16, 1, 4}, 177 {0x0A11, 1, 4} 178 }; 179 int i; 180 181 for (i = 0; i < ARRAY_SIZE(caam_eras); i++) 182 if (caam_eras[i].ip_id == sec_vid->ip_id && 183 caam_eras[i].maj_rev == sec_vid->maj_rev) 184 return caam_eras[i].era; 185 186 return -ENOTSUPP; 187 } 188 EXPORT_SYMBOL(caam_get_era); 189 190 /* Probe routine for CAAM top (controller) level */ 191 static int caam_probe(struct platform_device *pdev) 192 { 193 int ret, ring, rspec; 194 u64 caam_id; 195 struct device *dev; 196 struct device_node *nprop, *np; 197 struct caam_ctrl __iomem *ctrl; 198 struct caam_full __iomem *topregs; 199 struct caam_drv_private *ctrlpriv; 200 #ifdef CONFIG_DEBUG_FS 201 struct caam_perfmon *perfmon; 202 #endif 203 u64 cha_vid; 204 205 ctrlpriv = kzalloc(sizeof(struct caam_drv_private), GFP_KERNEL); 206 if (!ctrlpriv) 207 return -ENOMEM; 208 209 dev = &pdev->dev; 210 dev_set_drvdata(dev, ctrlpriv); 211 ctrlpriv->pdev = pdev; 212 nprop = pdev->dev.of_node; 213 214 /* Get configuration properties from device tree */ 215 /* First, get register page */ 216 ctrl = of_iomap(nprop, 0); 217 if (ctrl == NULL) { 218 dev_err(dev, "caam: of_iomap() failed\n"); 219 return -ENOMEM; 220 } 221 ctrlpriv->ctrl = (struct caam_ctrl __force *)ctrl; 222 223 /* topregs used to derive pointers to CAAM sub-blocks only */ 224 topregs = (struct caam_full __iomem *)ctrl; 225 226 /* Get the IRQ of the controller (for security violations only) */ 227 ctrlpriv->secvio_irq = of_irq_to_resource(nprop, 0, NULL); 228 229 /* 230 * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel, 231 * long pointers in master configuration register 232 */ 233 setbits32(&topregs->ctrl.mcr, MCFGR_WDENABLE | 234 (sizeof(dma_addr_t) == sizeof(u64) ? MCFGR_LONG_PTR : 0)); 235 236 if (sizeof(dma_addr_t) == sizeof(u64)) 237 if (of_device_is_compatible(nprop, "fsl,sec-v5.0")) 238 dma_set_mask(dev, DMA_BIT_MASK(40)); 239 else 240 dma_set_mask(dev, DMA_BIT_MASK(36)); 241 else 242 dma_set_mask(dev, DMA_BIT_MASK(32)); 243 244 /* 245 * Detect and enable JobRs 246 * First, find out how many ring spec'ed, allocate references 247 * for all, then go probe each one. 248 */ 249 rspec = 0; 250 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") 251 rspec++; 252 if (!rspec) { 253 /* for backward compatible with device trees */ 254 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") 255 rspec++; 256 } 257 258 ctrlpriv->jrdev = kzalloc(sizeof(struct device *) * rspec, GFP_KERNEL); 259 if (ctrlpriv->jrdev == NULL) { 260 iounmap(&topregs->ctrl); 261 return -ENOMEM; 262 } 263 264 ring = 0; 265 ctrlpriv->total_jobrs = 0; 266 for_each_compatible_node(np, NULL, "fsl,sec-v4.0-job-ring") { 267 caam_jr_probe(pdev, np, ring); 268 ctrlpriv->total_jobrs++; 269 ring++; 270 } 271 if (!ring) { 272 for_each_compatible_node(np, NULL, "fsl,sec4.0-job-ring") { 273 caam_jr_probe(pdev, np, ring); 274 ctrlpriv->total_jobrs++; 275 ring++; 276 } 277 } 278 279 /* Check to see if QI present. If so, enable */ 280 ctrlpriv->qi_present = !!(rd_reg64(&topregs->ctrl.perfmon.comp_parms) & 281 CTPR_QI_MASK); 282 if (ctrlpriv->qi_present) { 283 ctrlpriv->qi = (struct caam_queue_if __force *)&topregs->qi; 284 /* This is all that's required to physically enable QI */ 285 wr_reg32(&topregs->qi.qi_control_lo, QICTL_DQEN); 286 } 287 288 /* If no QI and no rings specified, quit and go home */ 289 if ((!ctrlpriv->qi_present) && (!ctrlpriv->total_jobrs)) { 290 dev_err(dev, "no queues configured, terminating\n"); 291 caam_remove(pdev); 292 return -ENOMEM; 293 } 294 295 cha_vid = rd_reg64(&topregs->ctrl.perfmon.cha_id); 296 297 /* 298 * If SEC has RNG version >= 4 and RNG state handle has not been 299 * already instantiated ,do RNG instantiation 300 */ 301 if ((cha_vid & CHA_ID_RNG_MASK) >> CHA_ID_RNG_SHIFT >= 4 && 302 !(rd_reg32(&topregs->ctrl.r4tst[0].rdsta) & RDSTA_IF0)) { 303 kick_trng(pdev); 304 ret = instantiate_rng(dev); 305 if (ret) { 306 caam_remove(pdev); 307 return ret; 308 } 309 310 /* Enable RDB bit so that RNG works faster */ 311 setbits32(&topregs->ctrl.scfgr, SCFGR_RDBENABLE); 312 } 313 314 /* NOTE: RTIC detection ought to go here, around Si time */ 315 316 caam_id = rd_reg64(&topregs->ctrl.perfmon.caam_id); 317 318 /* Report "alive" for developer to see */ 319 dev_info(dev, "device ID = 0x%016llx (Era %d)\n", caam_id, 320 caam_get_era(caam_id)); 321 dev_info(dev, "job rings = %d, qi = %d\n", 322 ctrlpriv->total_jobrs, ctrlpriv->qi_present); 323 324 #ifdef CONFIG_DEBUG_FS 325 /* 326 * FIXME: needs better naming distinction, as some amalgamation of 327 * "caam" and nprop->full_name. The OF name isn't distinctive, 328 * but does separate instances 329 */ 330 perfmon = (struct caam_perfmon __force *)&ctrl->perfmon; 331 332 ctrlpriv->dfs_root = debugfs_create_dir("caam", NULL); 333 ctrlpriv->ctl = debugfs_create_dir("ctl", ctrlpriv->dfs_root); 334 335 /* Controller-level - performance monitor counters */ 336 ctrlpriv->ctl_rq_dequeued = 337 debugfs_create_u64("rq_dequeued", 338 S_IRUSR | S_IRGRP | S_IROTH, 339 ctrlpriv->ctl, &perfmon->req_dequeued); 340 ctrlpriv->ctl_ob_enc_req = 341 debugfs_create_u64("ob_rq_encrypted", 342 S_IRUSR | S_IRGRP | S_IROTH, 343 ctrlpriv->ctl, &perfmon->ob_enc_req); 344 ctrlpriv->ctl_ib_dec_req = 345 debugfs_create_u64("ib_rq_decrypted", 346 S_IRUSR | S_IRGRP | S_IROTH, 347 ctrlpriv->ctl, &perfmon->ib_dec_req); 348 ctrlpriv->ctl_ob_enc_bytes = 349 debugfs_create_u64("ob_bytes_encrypted", 350 S_IRUSR | S_IRGRP | S_IROTH, 351 ctrlpriv->ctl, &perfmon->ob_enc_bytes); 352 ctrlpriv->ctl_ob_prot_bytes = 353 debugfs_create_u64("ob_bytes_protected", 354 S_IRUSR | S_IRGRP | S_IROTH, 355 ctrlpriv->ctl, &perfmon->ob_prot_bytes); 356 ctrlpriv->ctl_ib_dec_bytes = 357 debugfs_create_u64("ib_bytes_decrypted", 358 S_IRUSR | S_IRGRP | S_IROTH, 359 ctrlpriv->ctl, &perfmon->ib_dec_bytes); 360 ctrlpriv->ctl_ib_valid_bytes = 361 debugfs_create_u64("ib_bytes_validated", 362 S_IRUSR | S_IRGRP | S_IROTH, 363 ctrlpriv->ctl, &perfmon->ib_valid_bytes); 364 365 /* Controller level - global status values */ 366 ctrlpriv->ctl_faultaddr = 367 debugfs_create_u64("fault_addr", 368 S_IRUSR | S_IRGRP | S_IROTH, 369 ctrlpriv->ctl, &perfmon->faultaddr); 370 ctrlpriv->ctl_faultdetail = 371 debugfs_create_u32("fault_detail", 372 S_IRUSR | S_IRGRP | S_IROTH, 373 ctrlpriv->ctl, &perfmon->faultdetail); 374 ctrlpriv->ctl_faultstatus = 375 debugfs_create_u32("fault_status", 376 S_IRUSR | S_IRGRP | S_IROTH, 377 ctrlpriv->ctl, &perfmon->status); 378 379 /* Internal covering keys (useful in non-secure mode only) */ 380 ctrlpriv->ctl_kek_wrap.data = &ctrlpriv->ctrl->kek[0]; 381 ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32); 382 ctrlpriv->ctl_kek = debugfs_create_blob("kek", 383 S_IRUSR | 384 S_IRGRP | S_IROTH, 385 ctrlpriv->ctl, 386 &ctrlpriv->ctl_kek_wrap); 387 388 ctrlpriv->ctl_tkek_wrap.data = &ctrlpriv->ctrl->tkek[0]; 389 ctrlpriv->ctl_tkek_wrap.size = KEK_KEY_SIZE * sizeof(u32); 390 ctrlpriv->ctl_tkek = debugfs_create_blob("tkek", 391 S_IRUSR | 392 S_IRGRP | S_IROTH, 393 ctrlpriv->ctl, 394 &ctrlpriv->ctl_tkek_wrap); 395 396 ctrlpriv->ctl_tdsk_wrap.data = &ctrlpriv->ctrl->tdsk[0]; 397 ctrlpriv->ctl_tdsk_wrap.size = KEK_KEY_SIZE * sizeof(u32); 398 ctrlpriv->ctl_tdsk = debugfs_create_blob("tdsk", 399 S_IRUSR | 400 S_IRGRP | S_IROTH, 401 ctrlpriv->ctl, 402 &ctrlpriv->ctl_tdsk_wrap); 403 #endif 404 return 0; 405 } 406 407 static struct of_device_id caam_match[] = { 408 { 409 .compatible = "fsl,sec-v4.0", 410 }, 411 { 412 .compatible = "fsl,sec4.0", 413 }, 414 {}, 415 }; 416 MODULE_DEVICE_TABLE(of, caam_match); 417 418 static struct platform_driver caam_driver = { 419 .driver = { 420 .name = "caam", 421 .owner = THIS_MODULE, 422 .of_match_table = caam_match, 423 }, 424 .probe = caam_probe, 425 .remove = caam_remove, 426 }; 427 428 module_platform_driver(caam_driver); 429 430 MODULE_LICENSE("GPL"); 431 MODULE_DESCRIPTION("FSL CAAM request backend"); 432 MODULE_AUTHOR("Freescale Semiconductor - NMG/STC"); 433