From patchwork Thu May 9 00:45:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vabhav Sharma X-Patchwork-Id: 13659298 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2069.outbound.protection.outlook.com [40.107.21.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5086B1BDCE for ; Thu, 9 May 2024 00:45:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.21.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215544; cv=fail; b=XErIUJtdz87Q0iz5tdCJmooq0gyB/+zhnm/T+KUlasMjouD6UZkCWV5vWRe88em+UXobtVDZskIUQURXaOooDZIVvmPVaYOH65hUGWKQGPI09/Omro0dN/uzrrR/k5Rbxt96pUds5pj1TAWE5m53ppCG9ZEshe+2yrCYINeCbAk= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215544; c=relaxed/simple; bh=xnez9GeGkHmFoBmCSgX8cYtduKVfBlb8HE1UD/Um/Jg=; h=From:Subject:Date:Message-Id:Content-Type:To:Cc:MIME-Version; b=YAjbntT2DcsAwBFE6Cs+GTfD8QvxKFQUhlPHrpYcfw1zSHI+Nbmy8n7PctJrlnvcXQEhnciPexlmM6qB1S5rErJa5OYBtb3VQTGRJOIUT5uVLM821YvkWI/46Qhhn+9Cq/gkcURvtJlBAvZNxGHrsyHOpz1w2h4gzU0UmEdHF/I= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=k6ITCj6Y; arc=fail smtp.client-ip=40.107.21.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="k6ITCj6Y" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XwhDTl6RzvZQBcnb/M00GqCVndN0DHUINLrO+xGh6B87zdC5pVJhc67KGm7hHCVft4USawP0t/Xg/XFd+PCm70mj2tXF8fujaOoHCDo10KdcGw+xuX1UPr3d7+TJ4Y1CnkOWSE64prfJBd5ysSV3gOfPPh3XGDLbRRods0ISIdv4lrcXIg+oYFTMEJwMNJDAHD8B8+OKCHcfT28jqOzyhpIRJ4W2AnmFXiQNVVA5QNJz5V6l+TzFWommLNWDT/Xydh7YDgUQyS4QQOM6bAGGuxodIiu1t2IQMGj1ZaEFv/st4k0cU8fogMFpR1amxQBrhYiV8kdKhiOlT+v//p0oKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U4vycOa415A+HhTY6XSOp9lZp/QrSVwBvgHQsgt94XU=; b=MkjKeqkzb8Bg85sATc/+KUMVyCJVTjQFZKvlSYKpDnpadwG+qua0IdV6sFUvB14ajupovdD9zgQwFgVTCRe+UqU4pUYVe7AR4A33hoLvLyBPD4XuULR09ESuSHLF3hQtEuvR3CU5mpWrlWn/3ofpUGtLMrwDFl5oO4tcslzSzd4cJ5bfJaod5pdrcj03hBdkeiglXrNpWPZZ1DzjNKExd/hhDAB9xAHguHX03UezMGEGgAkupmbfcrG/8L3iC/I3cjsM/qu4G1DRWfGIdnJv2Ca2nksFXOiR7H63Ee8tlEPEZUY5VgE3dInO2AL5Dbyu+9hSs/BdpE15NnBc848sqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U4vycOa415A+HhTY6XSOp9lZp/QrSVwBvgHQsgt94XU=; b=k6ITCj6Yx6ZfyHi1CVGt7//W2Ysib0wmbg6Rvi3LwI2thLnD6h3i5n4jEi03LiTKdlCorZqtAp3EDYELD7+qVil7fn2c+n2nYnb7NvD/7VvlLTOAlzCYroqLMh9covHACIZhBEWVgga1vsh+T97V2CGSPeapbKpl1fmiYU7ctSM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) by AM9PR04MB8273.eurprd04.prod.outlook.com (2603:10a6:20b:3e5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.42; Thu, 9 May 2024 00:45:39 +0000 Received: from AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84]) by AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 00:45:39 +0000 From: Vabhav Sharma Subject: [PATCH 0/4] soc: imx: secvio: Add secvio support Date: Thu, 09 May 2024 02:45:31 +0200 Message-Id: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> X-B4-Tracking: v=1; b=H4sIAKscPGYC/6tWKk4tykwtVrJSqFYqSi3LLM7MzwNyDHUUlJIzE vPSU3UzU4B8JSMDIxMDUwML3eLU5LLMfF2LxOS0RCMLYyA0VQIqLihKTcusABsUHVtbCwCD7cC LWAAAAA== To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Franck LENORMAND , Dong Aisheng , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Peng Fan Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Varun Sethi , Silvano Di Ninno , Pankaj Gupta , frank.li@nxp.com, daniel.baluta@nxp.com, Vabhav Sharma , Iuliana Prodan , Horia Geanta X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P190CA0006.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5de::9) To AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS1PR04MB9358:EE_|AM9PR04MB8273:EE_ X-MS-Office365-Filtering-Correlation-Id: b9232096-4ec3-4bd0-57c7-08dc6fc158c2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|1800799015|7416005|52116005|376005|366007|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?QeE+Cdq9p943OV3KdekjF7r5YgfMB6Q?= =?utf-8?q?3htl1gYefviMoFUYMCVzv3vKoAMHiA+ONZnVaBtAgX2MHU7N8VcOA46imnVk4dr/O?= =?utf-8?q?2oow24q1JF6d6LY9TNP3myxVDHuJ1/4s6K3OgcvfIztr+WnHrGtqsc/wiVGun0FUo?= =?utf-8?q?LgNIQvmNCVx02uHli+2mP9fOKoFliwE+6oNy9YiH+DCASpSMIxlCTbpupQCLaEXZx?= =?utf-8?q?ixtsDGltKBPs71JYNbBMETTzdwZ+AHMqxabyiGIPfxSv7eT6l2xn5h8r+1WLcYzkN?= =?utf-8?q?pu75AuoxdEOjdq0qgD7bMPOJn6rL11LoGXW3kj2Qh+CnNySxJBRpewqf9b//L/14S?= =?utf-8?q?n0BIVX8cAJXkftzXiYbyuDVp69g0kwS/6rBWxSoBuwHT5a4CYp1/5hjEfvL09M+EE?= =?utf-8?q?LH2VSnwNJQinffMx2QIJv+1rYypyETg/AIKlpr2AoCBbIEcoKE7SiOE4sE8+xhoAn?= =?utf-8?q?rAoq2IVk/eUCsfVK44vdL+9Crf4LxxhfMiS58fZq9XsrIbEi6b68BufkBByEMDEoM?= =?utf-8?q?OkpejxXvnXkhxjJoHnBA3ii5h3VCvZQFmr067jlDvxA6X6xmu6xYQs2TJedSD4h3A?= =?utf-8?q?Z1Guuo6DAFb9SjOpVgS6r3+BGvd8lqu9pFQWZ6jHZ6pLBzwDZH0nwlGLqmD0KEjAI?= =?utf-8?q?T6zYSjATt2VzfATvEdkC47HmKHj3UTcAOkAGAkPU0QfagQb5loU6eP4YTHigIiTQ+?= =?utf-8?q?mb3gLrmZvEzaz65Eu8j6ZIiXnRC0iXB2tWyyx1uKjKi5luoG1jnAbXdIJz0vM5Zh/?= =?utf-8?q?+vNK52iUpp2lcIYuMmWoFBoOTxjIteQkNLJPYCmMMRVWbQOgarkWzEyfECpCTlqzH?= =?utf-8?q?D8ELhwQjs71h5Ex9yjPJYaKRDo6Wwo0I9aRohEr0RYhoWyNX4+O/y4Ty/Jv8zbYOO?= =?utf-8?q?IB5lMY5FSq4hgAxhrrU707aLW0+OdIDEDgQu8Dnpxnhz9TIGq7LVZDs9ZFzpFtxth?= =?utf-8?q?n5mOy0kkDRjSelB2ajc9ilC0r0/ckWmj7+m2P0yr8be2ZrLIqbgv512+AV7X0mw/J?= =?utf-8?q?i1Xz0tk0jtXkVX5hl6Yr241AfKJwF2mdNEJeeF5pjbE3tvolMdFgu0eY4F+t+eKMP?= =?utf-8?q?FxPxMS8mRIYo+Iz+uyfiQi7B+H66s5fVuw4PLUDlYzw8wtlhVn6COsA2641nPEYw/?= =?utf-8?q?EBG76e40fKgsTdQfzcDyE2GejY/dT/jGWeCmRH8i/eCdIC7AbtDoUc6F/YqH2J4cf?= =?utf-8?q?mDojswkhKOdtZlfT1u06rzE9OAgy+UHkvPsa4QlQlswZRi7mB06rGYkiRR5bM0CnY?= =?utf-8?q?cbV0v5z+YuWBYc3BVdhBeoh3ugAgp9GUormLFwtzLUfmNlkiDBoQYj90=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR04MB9358.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(52116005)(376005)(366007)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?2iNXjWWHMIMIJJqs9fKUo7az7ESE?= =?utf-8?q?Xr9bEUpNrR8/sEFh7ZqsNqmXBeepESMGBhdnlMZja1KjJqeecvEIlFhMLw4hc3PNf?= =?utf-8?q?e/LpLUBnDMiwyS6YigEFap/+5HR+/C2mjJr3sbnBknMPp9eP8i5Hcn3IFWc+5UrLQ?= =?utf-8?q?zvsuEG0EbXpjlsDDVg9pmaRXfPfHm1UjaBF8pp528kkxejIIiCG28Gv4MUDtlY8yZ?= =?utf-8?q?+eoEllMY+oQYa4pONW5b07Kfi3SgdUKhISKkAwX5hYF2H3EhCttzzeafeURiUt02G?= =?utf-8?q?cHDuUPRcUWZuJBEuQa/5ddbo+EZPuk3DYMuaV1SgHJDEgWMZS1mhlxgtAtBJGKl+s?= =?utf-8?q?BNEePlMxwMJRmOlgzPNps3e0+bQm08XkKU9InjDXTL96hD82/RFf1t1MS0GnKB/Dl?= =?utf-8?q?e1qWyWxISMjHEp5zR5/hWLEzBJ6Fm0kIKLd1z30jH+lRIWBF8cGdMkhtJBVqH07gm?= =?utf-8?q?LJH6zVfLjgbydV4OALC60pyVdXMHu3B4fxcPYM5vNss4bt/5Petmyinr+ayO3k96g?= =?utf-8?q?nSXbWWRwvI7BvQuaF00yGgi/dtDXdOat2cGMZUMqUKfhJZkM89+UkWcASCF4oLXLF?= =?utf-8?q?qy4ga67JJfgwjwcVXw9BJPJgA6kK+mChPAIPnIG4oO3PqdtGaYL5yfBZTb5J5OZ8a?= =?utf-8?q?ww3soG05V2W/y2SJqRQ9Hbr/dwrFGMdudzkyb/K1+P7+C0do2hbMvAQk+lXJ75syV?= =?utf-8?q?FY59s/r3LlUhOUR32WSg9QIjDt9SV2IjxU7gZsP7qOz1nau1QdxVKk0rxAK3oOcSJ?= =?utf-8?q?+Jxztfx+8JMr3n5kSdltzpfNFJQM7F6SiajLl1Pa9E0gpNL3ljzCW8bwTkebsYp3U?= =?utf-8?q?Z8qQD6SzffTUGW4WHproo9XgKlnTNb0+Y3loY9ZKyA0j27C7hCO1u93+jIcvD9scJ?= =?utf-8?q?YP+t1k+EvVa5u2hSVadYevO+Dx4LbX77K16FVEvNaP0DDX6CqOM+sqjwVjNXbvyvH?= =?utf-8?q?MCX/++1qXKVzeUAgwDk+JO1vFhDeueIFwT48/wzdUgaHEkBxxhWiPGWZn3/sj/MQp?= =?utf-8?q?AXFT7lsmzDNHaM2KW4CCHnBvfQPN8jv7cH0vrgPAhX2K323Gcp+O9dT/2n1tcFIKp?= =?utf-8?q?PklO/lqIpszN3+51TuM8EJszNGm1Qhp6ADfuHqTjepwqKNq2TODPk1LKI6oxLc1h+?= =?utf-8?q?R+wFB6SENPm3pkj7xbwnpbmBnYO6bttT13N5iToI+EBTlMeXadVpZktF7jGkdpZkt?= =?utf-8?q?JdUybM2gsUIqe9sfFXR2/Fh34hNHY85MiYqgGeovvxWgsvmZD1f9YaDYcW9OmODMJ?= =?utf-8?q?5IA1ZPuumzvia3/+H6ksndRFeANiuRw8J3lVmVMxNBGsqvHXbEQUNcs923Dn5n+76?= =?utf-8?q?s6QxRMlAtRtiHce1RtvVc20XL6XXQv3iuTBVnQVtR1K6wAEzLUKgotdPsA+YpJ8RQ?= =?utf-8?q?THIqJxaJaXkJWyzWfehVXD7rrvUfiBvLOJZdBeFVK4TWPmznS+hIFSyt+XnEaRe5q?= =?utf-8?q?J3BJVmRFZPnr9PKR99XI8c06Ih1b9NJQeYByX7j3s2YggFZJMMsKV3BnUaQZBTK1A?= =?utf-8?q?j4Eah/IxiMIY?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: b9232096-4ec3-4bd0-57c7-08dc6fc158c2 X-MS-Exchange-CrossTenant-AuthSource: AS1PR04MB9358.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2024 00:45:38.9961 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 6wN0c6RgJ6hq42+2Q1AVlazwRHAEwgskr2PDtxSW1dqx+3ifTnwOqvvHlfyBGLrrUC4yqrzAfFp3SKzVWDsVgA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8273 The tampers are security feature available on i.MX products and managed by SNVS block.The tamper goal is to detect the variation of hardware or physical parameters, which can indicate an attack. The SNVS, which provides secure non-volatile storage, allows to detect some hardware attacks against the SoC.They are connected to the security-violation ports, which send an alert when an out-of-range value is detected. This detection is done by: -Analog tampers: measure analogic values - External clock frequency. - Temperature. - Voltage. - Digital tampers: - External tamper - Other detectors: - Secure real-time counter rollover tamper. - Monotonic counter rollover tamper. - Power supply glitch tamper. The on-chip sensors for voltage, temperature, and clock frequency indicate if tamper scenarios may be present. These sensors generate an out-of-range signal that causes a security violation to clear the authentication and storage keys and to block access to sensitive information. Add linux module secvio driver to handle security violation interrupt. The "imx-secvio-sc" module is designed to report security violations and tamper triggering to the user. The functionalities of the module are accessible via the "debugfs" kernel.The folder containing the interface files for the module is "/secvio/". Get status Reading from the "info" file will return the status of security: - Fuse related to security tampers. - SNVS readable registers. - DGO registers. Signed-off-by: Vabhav Sharma --- Vabhav Sharma (4): dt-bindings: firmware: secvio: Add device tree bindings firmware: imx: Add SC APIs required for secvio module soc: imx: secvio: Add support for SNVS secvio and tamper via SCFW arm64: dts: imx8q: Add node for Security Violation .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++ .../devicetree/bindings/firmware/fsl,scu.yaml | 10 + arch/arm64/boot/dts/freescale/imx8qxp.dtsi | 5 + drivers/firmware/imx/Makefile | 2 +- drivers/firmware/imx/imx-scu.c | 4 +- drivers/firmware/imx/seco.c | 216 ++++++++ drivers/soc/imx/Kconfig | 11 + drivers/soc/imx/Makefile | 1 + drivers/soc/imx/secvio/Makefile | 2 + drivers/soc/imx/secvio/imx-secvio-debugfs.c | 274 ++++++++++ drivers/soc/imx/secvio/imx-secvio-sc.c | 595 +++++++++++++++++++++ include/linux/firmware/imx/ipc.h | 1 + include/linux/firmware/imx/sci.h | 4 + include/linux/firmware/imx/svc/seco.h | 69 +++ include/soc/imx/imx-secvio-sc.h | 216 ++++++++ 15 files changed, 1443 insertions(+), 2 deletions(-) --- base-commit: 93a39e4766083050ca0ecd6a3548093a3b9eb60c change-id: 20240508-secvio-8acfa2838385 Best regards,