1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * Common internal memory map for some Freescale SoCs 4 * 5 * Copyright 2014 Freescale Semiconductor, Inc. 6 */ 7 8 #ifndef __FSL_SEC_H 9 #define __FSL_SEC_H 10 11 #include <common.h> 12 #include <asm/io.h> 13 14 #ifdef CONFIG_SYS_FSL_SEC_LE 15 #define sec_in32(a) in_le32(a) 16 #define sec_out32(a, v) out_le32(a, v) 17 #define sec_in16(a) in_le16(a) 18 #define sec_clrbits32 clrbits_le32 19 #define sec_setbits32 setbits_le32 20 #elif defined(CONFIG_SYS_FSL_SEC_BE) 21 #define sec_in32(a) in_be32(a) 22 #define sec_out32(a, v) out_be32(a, v) 23 #define sec_in16(a) in_be16(a) 24 #define sec_clrbits32 clrbits_be32 25 #define sec_setbits32 setbits_be32 26 #elif defined(CONFIG_SYS_FSL_HAS_SEC) 27 #error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined 28 #endif 29 30 /* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ 31 #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 32 /* RNG4 TRNG test registers */ 33 struct rng4tst { 34 #define RTMCTL_PRGM 0x00010000 /* 1 -> program mode, 0 -> run mode */ 35 #define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_SC 0 /* use von Neumann data in 36 both entropy shifter and 37 statistical checker */ 38 #define RTMCTL_SAMP_MODE_RAW_ES_SC 1 /* use raw data in both 39 entropy shifter and 40 statistical checker */ 41 #define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_RAW_SC 2 /* use von Neumann data in 42 entropy shifter, raw data 43 in statistical checker */ 44 #define RTMCTL_SAMP_MODE_INVALID 3 /* invalid combination */ 45 u32 rtmctl; /* misc. control register */ 46 u32 rtscmisc; /* statistical check misc. register */ 47 u32 rtpkrrng; /* poker range register */ 48 #define RTSDCTL_ENT_DLY_MIN 3200 49 #define RTSDCTL_ENT_DLY_MAX 12800 50 union { 51 u32 rtpkrmax; /* PRGM=1: poker max. limit register */ 52 u32 rtpkrsq; /* PRGM=0: poker square calc. result register */ 53 }; 54 #define RTSDCTL_ENT_DLY_SHIFT 16 55 #define RTSDCTL_ENT_DLY_MASK (0xffff << RTSDCTL_ENT_DLY_SHIFT) 56 u32 rtsdctl; /* seed control register */ 57 union { 58 u32 rtsblim; /* PRGM=1: sparse bit limit register */ 59 u32 rttotsam; /* PRGM=0: total samples register */ 60 }; 61 u32 rtfreqmin; /* frequency count min. limit register */ 62 #define RTFRQMAX_DISABLE (1 << 20) 63 union { 64 u32 rtfreqmax; /* PRGM=1: freq. count max. limit register */ 65 u32 rtfreqcnt; /* PRGM=0: freq. count register */ 66 }; 67 u32 rsvd1[40]; 68 #define RNG_STATE0_HANDLE_INSTANTIATED 0x00000001 69 #define RNG_STATE1_HANDLE_INSTANTIATED 0x00000002 70 #define RNG_STATE_HANDLE_MASK \ 71 (RNG_STATE0_HANDLE_INSTANTIATED | RNG_STATE1_HANDLE_INSTANTIATED) 72 u32 rdsta; /*RNG DRNG Status Register*/ 73 u32 rsvd2[15]; 74 }; 75 76 typedef struct ccsr_sec { 77 u32 res0; 78 u32 mcfgr; /* Master CFG Register */ 79 u8 res1[0x4]; 80 u32 scfgr; 81 struct { 82 u32 ms; /* Job Ring LIODN Register, MS */ 83 u32 ls; /* Job Ring LIODN Register, LS */ 84 } jrliodnr[4]; 85 u8 res2[0x2c]; 86 u32 jrstartr; /* Job Ring Start Register */ 87 struct { 88 u32 ms; /* RTIC LIODN Register, MS */ 89 u32 ls; /* RTIC LIODN Register, LS */ 90 } rticliodnr[4]; 91 u8 res3[0x1c]; 92 u32 decorr; /* DECO Request Register */ 93 struct { 94 u32 ms; /* DECO LIODN Register, MS */ 95 u32 ls; /* DECO LIODN Register, LS */ 96 } decoliodnr[8]; 97 u8 res4[0x40]; 98 u32 dar; /* DECO Avail Register */ 99 u32 drr; /* DECO Reset Register */ 100 u8 res5[0x4d8]; 101 struct rng4tst rng; /* RNG Registers */ 102 u8 res6[0x8a0]; 103 u32 crnr_ms; /* CHA Revision Number Register, MS */ 104 u32 crnr_ls; /* CHA Revision Number Register, LS */ 105 u32 ctpr_ms; /* Compile Time Parameters Register, MS */ 106 u32 ctpr_ls; /* Compile Time Parameters Register, LS */ 107 u8 res7[0x10]; 108 u32 far_ms; /* Fault Address Register, MS */ 109 u32 far_ls; /* Fault Address Register, LS */ 110 u32 falr; /* Fault Address LIODN Register */ 111 u32 fadr; /* Fault Address Detail Register */ 112 u8 res8[0x4]; 113 u32 csta; /* CAAM Status Register */ 114 u32 smpart; /* Secure Memory Partition Parameters */ 115 u32 smvid; /* Secure Memory Version ID */ 116 u32 rvid; /* Run Time Integrity Checking Version ID Reg.*/ 117 u32 ccbvid; /* CHA Cluster Block Version ID Register */ 118 u32 chavid_ms; /* CHA Version ID Register, MS */ 119 u32 chavid_ls; /* CHA Version ID Register, LS */ 120 u32 chanum_ms; /* CHA Number Register, MS */ 121 u32 chanum_ls; /* CHA Number Register, LS */ 122 u32 secvid_ms; /* SEC Version ID Register, MS */ 123 u32 secvid_ls; /* SEC Version ID Register, LS */ 124 u8 res9[0x6020]; 125 u32 qilcr_ms; /* Queue Interface LIODN CFG Register, MS */ 126 u32 qilcr_ls; /* Queue Interface LIODN CFG Register, LS */ 127 u8 res10[0x8fd8]; 128 } ccsr_sec_t; 129 130 #define SEC_CTPR_MS_AXI_LIODN 0x08000000 131 #define SEC_CTPR_MS_QI 0x02000000 132 #define SEC_CTPR_MS_VIRT_EN_INCL 0x00000001 133 #define SEC_CTPR_MS_VIRT_EN_POR 0x00000002 134 #define SEC_RVID_MA 0x0f000000 135 #define SEC_CHANUM_MS_JRNUM_MASK 0xf0000000 136 #define SEC_CHANUM_MS_JRNUM_SHIFT 28 137 #define SEC_CHANUM_MS_DECONUM_MASK 0x0f000000 138 #define SEC_CHANUM_MS_DECONUM_SHIFT 24 139 #define SEC_SECVID_MS_IPID_MASK 0xffff0000 140 #define SEC_SECVID_MS_IPID_SHIFT 16 141 #define SEC_SECVID_MS_MAJ_REV_MASK 0x0000ff00 142 #define SEC_SECVID_MS_MAJ_REV_SHIFT 8 143 #define SEC_CCBVID_ERA_MASK 0xff000000 144 #define SEC_CCBVID_ERA_SHIFT 24 145 #define SEC_SCFGR_RDBENABLE 0x00000400 146 #define SEC_SCFGR_VIRT_EN 0x00008000 147 #define SEC_CHAVID_LS_RNG_SHIFT 16 148 #define SEC_CHAVID_RNG_LS_MASK 0x000f0000 149 150 #define CONFIG_JRSTARTR_JR0 0x00000001 151 152 struct jr_regs { 153 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 154 !(defined(CONFIG_MX6) || defined(CONFIG_MX7)) 155 u32 irba_l; 156 u32 irba_h; 157 #else 158 u32 irba_h; 159 u32 irba_l; 160 #endif 161 u32 rsvd1; 162 u32 irs; 163 u32 rsvd2; 164 u32 irsa; 165 u32 rsvd3; 166 u32 irja; 167 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 168 !(defined(CONFIG_MX6) || defined(CONFIG_MX7)) 169 u32 orba_l; 170 u32 orba_h; 171 #else 172 u32 orba_h; 173 u32 orba_l; 174 #endif 175 u32 rsvd4; 176 u32 ors; 177 u32 rsvd5; 178 u32 orjr; 179 u32 rsvd6; 180 u32 orsf; 181 u32 rsvd7; 182 u32 jrsta; 183 u32 rsvd8; 184 u32 jrint; 185 u32 jrcfg0; 186 u32 jrcfg1; 187 u32 rsvd9; 188 u32 irri; 189 u32 rsvd10; 190 u32 orwi; 191 u32 rsvd11; 192 u32 jrcr; 193 }; 194 195 /* 196 * Scatter Gather Entry - Specifies the the Scatter Gather Format 197 * related information 198 */ 199 struct sg_entry { 200 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 201 !(defined(CONFIG_MX6) || defined(CONFIG_MX7)) 202 uint32_t addr_lo; /* Memory Address - lo */ 203 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 204 #else 205 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 206 uint32_t addr_lo; /* Memory Address - lo */ 207 #endif 208 209 uint32_t len_flag; /* Length of the data in the frame */ 210 #define SG_ENTRY_LENGTH_MASK 0x3FFFFFFF 211 #define SG_ENTRY_EXTENSION_BIT 0x80000000 212 #define SG_ENTRY_FINAL_BIT 0x40000000 213 uint32_t bpid_offset; 214 #define SG_ENTRY_BPID_MASK 0x00FF0000 215 #define SG_ENTRY_BPID_SHIFT 16 216 #define SG_ENTRY_OFFSET_MASK 0x00001FFF 217 #define SG_ENTRY_OFFSET_SHIFT 0 218 }; 219 220 #define BLOB_SIZE(x) ((x) + 32 + 16) /* Blob buffer size */ 221 222 #if defined(CONFIG_MX6) || defined(CONFIG_MX7) 223 /* Job Ring Base Address */ 224 #define JR_BASE_ADDR(x) (CONFIG_SYS_FSL_SEC_ADDR + 0x1000 * (x + 1)) 225 /* Secure Memory Offset varies accross versions */ 226 #define SM_V1_OFFSET 0x0f4 227 #define SM_V2_OFFSET 0xa00 228 /*Secure Memory Versioning */ 229 #define SMVID_V2 0x20105 230 #define SM_VERSION(x) (x < SMVID_V2 ? 1 : 2) 231 #define SM_OFFSET(x) (x == 1 ? SM_V1_OFFSET : SM_V2_OFFSET) 232 /* CAAM Job Ring 0 Registers */ 233 /* Secure Memory Partition Owner register */ 234 #define SMCSJR_PO (3 << 6) 235 /* JR Allocation Error */ 236 #define SMCSJR_AERR (3 << 12) 237 /* Secure memory partition 0 page 0 owner register */ 238 #define CAAM_SMPO_0 (CONFIG_SYS_FSL_SEC_ADDR + 0x1FBC) 239 /* Secure memory command register */ 240 #define CAAM_SMCJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_CMD(v)) 241 /* Secure memory command status register */ 242 #define CAAM_SMCSJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_STATUS(v)) 243 /* Secure memory access permissions register */ 244 #define CAAM_SMAPJR(v, jr, y) \ 245 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_PERM(v) + y * 16) 246 /* Secure memory access group 2 register */ 247 #define CAAM_SMAG2JR(v, jr, y) \ 248 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP2(v) + y * 16) 249 /* Secure memory access group 1 register */ 250 #define CAAM_SMAG1JR(v, jr, y) \ 251 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP1(v) + y * 16) 252 253 /* Commands and macros for secure memory */ 254 #define SM_CMD(v) (v == 1 ? 0x0 : 0x1E4) 255 #define SM_STATUS(v) (v == 1 ? 0x8 : 0x1EC) 256 #define SM_PERM(v) (v == 1 ? 0x10 : 0x4) 257 #define SM_GROUP2(v) (v == 1 ? 0x14 : 0x8) 258 #define SM_GROUP1(v) (v == 1 ? 0x18 : 0xC) 259 #define CMD_PAGE_ALLOC 0x1 260 #define CMD_PAGE_DEALLOC 0x2 261 #define CMD_PART_DEALLOC 0x3 262 #define CMD_INQUIRY 0x5 263 #define CMD_COMPLETE (3 << 14) 264 #define PAGE_AVAILABLE 0 265 #define PAGE_OWNED (3 << 6) 266 #define PAGE(x) (x << 16) 267 #define PARTITION(x) (x << 8) 268 #define PARTITION_OWNER(x) (0x3 << (x*2)) 269 270 /* Address of secure 4kbyte pages */ 271 #define SEC_MEM_PAGE0 CAAM_ARB_BASE_ADDR 272 #define SEC_MEM_PAGE1 (CAAM_ARB_BASE_ADDR + 0x1000) 273 #define SEC_MEM_PAGE2 (CAAM_ARB_BASE_ADDR + 0x2000) 274 #define SEC_MEM_PAGE3 (CAAM_ARB_BASE_ADDR + 0x3000) 275 276 #define JR_MID 2 /* Matches ROM configuration */ 277 #define KS_G1 (1 << JR_MID) /* CAAM only */ 278 #define PERM 0x0000B008 /* Clear on release, lock SMAP 279 * lock SMAG group 1 Blob */ 280 281 /* HAB WRAPPED KEY header */ 282 #define WRP_HDR_SIZE 0x08 283 #define HDR_TAG 0x81 284 #define HDR_PAR 0x41 285 /* HAB WRAPPED KEY Data */ 286 #define HAB_MOD 0x66 287 #define HAB_ALG 0x55 288 #define HAB_FLG 0x00 289 290 /* Partition and Page IDs */ 291 #define PARTITION_1 1 292 #define PAGE_1 1 293 294 #define ERROR_IN_PAGE_ALLOC 1 295 #define ECONSTRJDESC -1 296 297 #endif 298 299 /* blob_dek: 300 * Encapsulates the src in a secure blob and stores it dst 301 * @src: reference to the plaintext 302 * @dst: reference to the output adrress 303 * @len: size in bytes of src 304 * @return: 0 on success, error otherwise 305 */ 306 int blob_dek(const u8 *src, u8 *dst, u8 len); 307 308 #if defined(CONFIG_ARCH_C29X) 309 int sec_init_idx(uint8_t); 310 #endif 311 int sec_init(void); 312 #endif 313 314 #endif /* __FSL_SEC_H */ 315