Message ID | 20241107-secvio-v3-0-ea27f1e9ced4@nxp.com (mailing list archive) |
---|---|
Headers | show
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2049.outbound.protection.outlook.com [40.107.22.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5842C18F2DA for <imx@lists.linux.dev>; Thu, 7 Nov 2024 05:42:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.22.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730958171; cv=fail; b=DKFf3pUTjRlF3K50VHiv+EFQPEJDEz7CWE7WpY1c0fs5B4/jQpw3cUUASxIaXzDjhFhaDlEa43jdu70Njk52WkunCx9gZcHi7r7FhQZ85JrApBSiNhUYfWlNWyDGRugHkdCsb3lmR8MOlZZXWbhPy56Hh4ZW7Ww6A3XOubNaUI8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730958171; c=relaxed/simple; bh=RQ+K4LJpB5Qdwp1Ca1m4Qb46LR4i6L4zgmHSNkvoS7Q=; h=From:Subject:Date:Message-Id:Content-Type:To:Cc:MIME-Version; b=ajnMc0e/xZtrcelD5gCcxU6KwSFDhrJvvKqDEe79ELPhcud5rpYvoESvYpGH9jC/KYzLjpOHrvpcMxl2b6AvKLzmmwbNaZn73/GfxiftpN51L848Avnqd5Dewt8LYhjeLZyWN20tZFkm6LZNBWkpgeO+aiXxSi4W1SmbtyYh5Ug= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (2048-bit key) header.d=nxp.com header.i=@nxp.com header.b=Hw2uYUtK; arc=fail smtp.client-ip=40.107.22.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nxp.com header.i=@nxp.com header.b="Hw2uYUtK" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=YLxeauyNUlVm2qiGUfNVtvvPYW3B9vsp+KhLU5/4NTFPbL9ssOTsca8MuWtPROZGU8StrLDZBwtD4jfr3uGV1kLblG5HvudK5sDZiw9UdNc8d219tCDkIcLbJFHj/oaJKanoNelHjFyTD0Fhw40lfYhRo7R2DwslryPFgCG5Z1566Kfrlczn+WwskrcS9JDRg0H1RDACRUUWKEU5WPZdF1q4yK8tIljctFvnPnvx07mHo3GTpLzFOlRlLVhB2NJeSdrr4MMfjY9gxQhARKt15t1ZdT9Nnhaq1O55bM1a/0oC0svON8zd/3waVXNllfKq8fRsZOgRQTpURtlhcZTWRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9jGghA006iEpqwvneq72VVllL4tVNfy1VPejAQZpHvw=; b=wmnU5D2Vb8Ic9Umasoyh7EilspwLR+Jpu0C1PObTFxSiHXBgxdcKSeuCotX+UtL4evf4SkUPWoo/7CiTGJzgU2Qc1xJUaSuuQmeZXvcVgRx1EW4bjIHyDhORX3VrgZhDZDBVg0J5Jvf4IyVt36MJz2uANht1HyXsnULMlX17f3Z241TJIoAge/VKm5R5noNwXUsIb2gMf6ThJTakVD+I5BPBncfjriYKUpfWGqcxuu+lQKXginF5Zrk5Xf96ITFrI9nKJcdSX17t29u0YXVcLjD5/syP946AfEbTr3GOtP7rxOlr5zA1LC08WIIIMSHn6RRMTrFeQ1BFtdk9+zpo9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9jGghA006iEpqwvneq72VVllL4tVNfy1VPejAQZpHvw=; b=Hw2uYUtKLt2e+JQz3UZEiZNeDDWkMfYF4MLebsbDcd7PxQpWkd3e47YQGW9lH5cQczo0O9lCl3bTnRvdNHirN3wYZeOhUoNFCeWKfyxar7jI1ouagvQXYc1t1uA4MTaIPXFHWGQ/EGVC9yfI2AuwwUPRCwc5DQ3Bqxh3CmYDej5inYG1FppOjOirSqSO6DWbxDeNDNMlze28OfF4ii3ARs2GDomDeTeSWzZD5JEqgiEm2VPPiR7dHx8y7fQO7IB6Ph1SOK3zqAmpsNvELAhiQBncKlaIRQmf+R9ZCPuhfuxD7H75LbqgTfpXbh8FwApzNwgCBPwy7iIr2NNWMxITjQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from DB9PR04MB9354.eurprd04.prod.outlook.com (2603:10a6:10:36c::10) by VI2PR04MB10145.eurprd04.prod.outlook.com (2603:10a6:800:22c::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8137.18; Thu, 7 Nov 2024 05:42:45 +0000 Received: from DB9PR04MB9354.eurprd04.prod.outlook.com ([fe80::3cd3:1ff0:8bae:a7ab]) by DB9PR04MB9354.eurprd04.prod.outlook.com ([fe80::3cd3:1ff0:8bae:a7ab%4]) with mapi id 15.20.8114.028; Thu, 7 Nov 2024 05:42:45 +0000 From: Vabhav Sharma <vabhav.sharma@nxp.com> Subject: [PATCH v3 0/4] firmware: imx: secvio: Add secvio support Date: Thu, 07 Nov 2024 06:42:38 +0100 Message-Id: <20241107-secvio-v3-0-ea27f1e9ced4@nxp.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-B4-Tracking: v=1; b=H4sIAE5TLGcC/02NQQ6DIBBFr9KwLgYGidhV79F0MeJYWCgGGmJjv HvRxLSZ1fv5/83KEkVPid0uK4uUffJhKqCuF2YdTi/ivi/MQEAttDA8kc0+cIN2QDCqnGalPEc a/HKIHs/Czqd3iJ/Dm+WengoptAKhK9moBmrDJc/YOcxVchhHvE/LXNkwst2S4X/Zns+z5IK3Y ugIOqQe4Tfatu0LWt+nntQAAAA= To: Rob Herring <robh@kernel.org>, Krzysztof Kozlowski <krzk+dt@kernel.org>, Conor Dooley <conor+dt@kernel.org>, Dong Aisheng <aisheng.dong@nxp.com>, Shawn Guo <shawnguo@kernel.org>, Sascha Hauer <s.hauer@pengutronix.de>, Pengutronix Kernel Team <kernel@pengutronix.de>, Fabio Estevam <festevam@gmail.com> Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, frank.li@nxp.com, pankaj.gupta@nxp.com, daniel.baluta@nxp.com, silvano.dininno@nxp.com, V.Sethi@nxp.com, meenakshi.aggarwal@nxp.com, Vabhav Sharma <vabhav.sharma@nxp.com>, Franck LENORMAND <franck.lenormand@nxp.com>, Iuliana Prodan <iuliana.prodan@nxp.com>, Horia Geanta <horia.geanta@nxp.com> X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P192CA0010.EURP192.PROD.OUTLOOK.COM (2603:10a6:20b:5da::17) To DB9PR04MB9354.eurprd04.prod.outlook.com (2603:10a6:10:36c::10) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: <imx.lists.linux.dev> List-Subscribe: <mailto:imx+subscribe@lists.linux.dev> List-Unsubscribe: <mailto:imx+unsubscribe@lists.linux.dev> MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB9PR04MB9354:EE_|VI2PR04MB10145:EE_ X-MS-Office365-Filtering-Correlation-Id: 2b2bd9cf-bac9-4163-8af0-08dcfeef0177 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|52116014|1800799024|366016|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?2jHPVsfPkDyJfH1SfPXpEdvcHx9vaAO?= =?utf-8?q?Shy58jD9yJh3hAGXgskq7nK8YjjPPabqM39fjxKyFip0mFjD/Ze8HMWpTwwirXP5F?= =?utf-8?q?RAtSIWNfYD2Dy+O044qZcW/fmbYyEtE287bmhRpvqfFWV/lrhqLb18sxoI5FrZsqX?= =?utf-8?q?dWv93uIqkzvLHyp2kkk2qoCSqiM+HsZkQQNRqt0DxWcG1O7OZAULf0o4HU/zoT4GP?= =?utf-8?q?UggI+2nb8FLTitm1OSiBh6OaaD2uPbUB09QY8Ri2y+v2/Y9J1iWHx9s61D3iH+iYe?= =?utf-8?q?ub6V+2rAFZgwCDgDC9d8or1EsFwBPlDwem2tnGhrLtF3/bXq5ttYYw2CyjtmsolW5?= =?utf-8?q?+iDiOtl8nZNrc1F3s345jb/lExGkXVx9dqHXAuEEMCWn6LsvMJy/RvziyNNc01B43?= =?utf-8?q?omBM8Yj2yY8A0g1QcZuXdmSRnU/C45KNYgCPE6qvKynmU5ROdok4uVh/SoY3E5XnN?= =?utf-8?q?o1v0d6N95LQC80QgZl7bPOa3C2JSFww9n1H0X31KTkZD99SD7iuVEH3zzHCDzcUvT?= =?utf-8?q?FB1vpFZiy6/rYja4rI0h5Y4niWDzQqh3WCREiWXkcFH2qwMLIDaIdNECrbCCPMEBy?= =?utf-8?q?jtiAdmeT9lS4S81WgV9iz4cvBkmuoMaPPSTJRRkvYOHGCbyOIKKDeQGgJEnda8jLa?= =?utf-8?q?vsv9Q8X2wMw1VKKyb8OBd3IXhXTWYyxhfAcGOu2UXWekw5FJAemEmpsuN4w9qV9vS?= =?utf-8?q?gE9gPPaQsQ2QlJjLQNSZA8WawTFtFWEZS8tBytQ6CHsXCUgv+HnW+8jIoMKnimOpa?= =?utf-8?q?V/2GPeQO/yv5wz4ExuW4+YDGDiHuO3gLZNzwjys5n9uUvzHISnwZV/GfLqJWrSXgE?= =?utf-8?q?3VwdWHGh0uT2vXGA5SxCkGNIg3WKHrthlTsy7pUDHos/WJo/Ijbr0FYjZAMl4XM1O?= =?utf-8?q?TmYyzVTuaFtdRyu1OJK1flq4fquBU0vNBjJzHA1VGnE2ITtFShfZ4/otfOiyllmsI?= =?utf-8?q?cQmGLZ0+p4gnWFyCRWbPPSUhN74jtQCQ7IKO+NbzI1QdCWUu4+gDUcyVxgPUZPyNW?= =?utf-8?q?3+Hgm7iMwEfHIYlCTD1EpjSyJNgBBLI5Btvvh1G9zNPGA46rbyHK+e/c7xXzxJsRk?= =?utf-8?q?OyWnvm8Iq6E5wMSsTazF/FE4LvtMcnu/7kprF5PhUOdLTiS8/perDNlVsBOn2N2/C?= =?utf-8?q?XTKXM6oHI69qXC4/42/Co0iYPFrzC+WHLNP1pWyr16awxPkcmkFpMbO+aNwTzkfNH?= =?utf-8?q?m+Swrwu5MKzqBSaraBDBLQJQ+QX0iggGbQmec/Xacv9NP2OVOWvfIWVgeiYG3QzpB?= =?utf-8?q?CD99Y7R+ZoMiBIzL5f6cB+P7omgeEIjmAPAWhCj3dMSBG4v65woDYR+NlNuJX137C?= =?utf-8?q?y57QnLGqxvQB?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR04MB9354.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(7416014)(52116014)(1800799024)(366016)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?g47RKNvfWo21RsebSjDLnXeBaN58?= =?utf-8?q?NectStED7DhlaHBkXsqUKTl+OUlhYM2qrWH9KeJ47w2znZXRjZLKGcwaM4wFYaIxe?= =?utf-8?q?kYtPGSZbK0s9Hdr9KIOLWGTC66VLA3J2CAVC3OcmmIJaOa/8gA4R5EdejQNpGvto/?= =?utf-8?q?RY/wHYNarm3DHd2hihIXfJQCCnwwHcmHdTtZGVJH6F6DrSxeTUwXNKr0vEquCkx/C?= =?utf-8?q?gqTZQM5kLdgwuweWiog7ni12QmXNJ1gEaJyfvegtBAUnBxu1m9SAivKxJLzcfVhuM?= =?utf-8?q?oEFNnpWa1x+r3SUbeHxjc3WROXJEOP6h98Q9RlNUzx4YcVPUkAqPP1a15KRkZmYpl?= =?utf-8?q?FKy9iS7ax3xhiw1LLAc5DX1FBp+kpJqEm7dE6LVll+RxGMo0+7EVzKkAlItXRnyJO?= =?utf-8?q?PnbNZ/96VpopxxeIXhuQnxHj9VGY4CWozXWroTf9P6e/2y5CE7WOdV32CxCOtnx0G?= =?utf-8?q?Z27ocjyJP62H/7jP/nhkZ5W6KsQJw1cbqkDxxxZJpE5gAYpoYEjYv6oEjZU1Y2Iwr?= =?utf-8?q?F5mgBhXPuvU+FNvQVDtOzq4K4bjFsVoGPEK49OCJ41SHSEEApZyEnIJnqRvF4+jiw?= =?utf-8?q?zcrQRHAa5UMl7udCbQ4PNlER0Luec0RIIyul1tQd++AuUErwMCGoOuUxP3PRdHwNP?= =?utf-8?q?4KMcFBJWgMyW7r40Je6WVr/3rHxy6W65U/jCZD2dLTnfiAYvKnZPTmmSQVhuggow5?= =?utf-8?q?b84WqD+YTUNVJEPTd5WrRRIe0W934i/Jan/GPcvI/YVoAl/Pc+/TPyt0UFJ3tp3dv?= =?utf-8?q?ofZ+TObh/pFZn9igcBqg0V3L9Ubz1u9UG4OY04dZyKL0A4ZEhmJ/WsYz/vJKGAqqz?= =?utf-8?q?UVJFY2cqOLdARHeY79NEkkWY/1rLKU/w4oYAKlCxretPdM1HzAlBSEbiKlZY5OKKa?= =?utf-8?q?d8PQN0Z3u1DhJd746nO07rO/qwnBcH1v/qhemVm3ipPL8+iiNF081vbXlOAqkc4G0?= =?utf-8?q?QeQ316gJ5YBULhTh+K6xsu9xnuZou/ZEqA9MBgNuK4tDxTZT+xXx9e1DidZ8jiW2/?= =?utf-8?q?FrI50xsNI0rWzs9Tko6jpuYYEmOxgE2z4Jhl2S4jb/6/ZSawxZCAaCTN4Ed3xtDdD?= =?utf-8?q?KURlJZFMhjrjHXPrsp/tW2Ab8wt+Eh20l6t5PZgKlt3rji1N2NHg1P8VscaD/oIlL?= =?utf-8?q?P4mD7R5YZEAsJfPTp1xJ7Tm0GHpLokrm5TqCKL1Fwtyx7O4tl1CLNPLBBRPKO0ILg?= =?utf-8?q?Htu0bgSAGyv9OBen3gWlhFcO9hHYfTXb9OGjoX00OqKJJYPKSE1yakpMsCNmF8YdG?= =?utf-8?q?x+5SR9hv6YJJNG4mRFCUGgnboFCzxJcwY6WmgjJwDqskN3y0tcAf770Lr9sw2tfsx?= =?utf-8?q?LjWsO2MW+QtxrXN71K+dbsPHS1+dyR4nz7FdHrbPbH5Pxdqy96an/ZI9AyqHAkRSw?= =?utf-8?q?+Zb5zdkVem3V2Aru5stCn/9r2E5phx5M2HLqwCfG7h5+gBFJ/txFrlCzCgC0QUxk/?= =?utf-8?q?rLKuIjEK1tz63QzJRLWtMnSmw+5ijcfAtiDM4z5pBPIl9gDC65wn8vHF/36Zx9Ye4?= =?utf-8?q?YcidclhxQu8I?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2b2bd9cf-bac9-4163-8af0-08dcfeef0177 X-MS-Exchange-CrossTenant-AuthSource: DB9PR04MB9354.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Nov 2024 05:42:45.6742 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: J2PAaxyBbUCWjF3bmBkG0v5zwtgBWRoxSTogCBrnhA0E+9YVX0gTLwcDuI+Re8kmQtyTd/PtQThnPK4MYVSg/w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI2PR04MB10145 |
Series |
firmware: imx: secvio: Add secvio support
|
expand
|
The tampers are security feature available on i.MX products and managed by SNVS block.The tamper goal is to detect the variation of hardware or physical parameters, which can indicate an attack. The SNVS, which provides secure non-volatile storage, allows to detect some hardware attacks against the SoC.They are connected to the security-violation ports, which send an alert when an out-of-range value is detected. This detection is done by: -Analog tampers: measure analogic values - External clock frequency. - Temperature. - Voltage. - Digital tampers: - External tamper - Other detectors: - Secure real-time counter rollover tamper. - Monotonic counter rollover tamper. - Power supply glitch tamper. The on-chip sensors for voltage, temperature, and clock frequency indicate if tamper scenarios may be present. These sensors generate an out-of-range signal that causes a security violation to clear the authentication and storage keys and to block access to sensitive information. Add linux module secvio driver to handle security violation interrupt. The "imx-secvio-sc" module is designed to report security violations and tamper triggering to the user. The functionalities of the module are accessible via the "debugfs" kernel.The folder containing the interface files for the module is "<kernel_debugfs>/secvio/". Get status Reading from the "info" file will return the status of security: - Fuse related to security tampers. - SNVS readable registers. - DGO registers. To: Rob Herring <robh@kernel.org> To: Krzysztof Kozlowski <krzk+dt@kernel.org> To: Conor Dooley <conor+dt@kernel.org> To: Dong Aisheng <aisheng.dong@nxp.com> To: Shawn Guo <shawnguo@kernel.org> To: Sascha Hauer <s.hauer@pengutronix.de> To: Pengutronix Kernel Team <kernel@pengutronix.de> To: Fabio Estevam <festevam@gmail.com> Cc: devicetree@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: imx@lists.linux.dev Cc: linux-arm-kernel@lists.infradead.org Cc: frank.li@nxp.com Cc: pankaj.gupta@nxp.com Cc: daniel.baluta@nxp.com Cc: silvano.dininno@nxp.com Cc: V.Sethi@nxp.com Cc: meenakshi.aggarwal@nxp.com Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com> Changes in v3: - Dropped [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree bindings. - Reuse SCU node to prove secvio driver asynchronously. - Dropped [PATCH 4/4] arm64: dts: imx8q: Add node for Security Violation. - Removed explicit secvio sub-node within SCU node. - Create seperate secvio platform devices. - secvio driver probe asynchronously. - SCU driver keep going and finish the probe first. - added new function imx_scu_secvio_init() called within imx_scu_probe() - Link to v2: https://lore.kernel.org/r/20240509-secvio-v1-0-90fbe2baeda2@nxp.com Changes in v2: - used b4 to add the devicetree list. - Added all necessary to/cc list. - Link to v1: https://lore.kernel.org/r/20240501053205.1737248-1-vabhav.sharma@nxp.com --- Vabhav Sharma (4): dt-bindings: firmware: imx: add nvmem phandle arm64: dts: imx8qxp: add node for nvmem property firmware: imx: Add SC APIs required for secvio module firmware: imx: secvio: Add support for SNVS secvio and tamper via SCFW .../devicetree/bindings/firmware/fsl,scu.yaml | 3 + arch/arm64/boot/dts/freescale/imx8qxp.dtsi | 1 + drivers/firmware/imx/Kconfig | 11 + drivers/firmware/imx/Makefile | 4 +- drivers/firmware/imx/imx-scu-secvio-debugfs.c | 274 +++++++++ drivers/firmware/imx/imx-scu-secvio.c | 618 +++++++++++++++++++++ drivers/firmware/imx/imx-scu.c | 8 +- drivers/firmware/imx/seco.c | 216 +++++++ include/linux/firmware/imx/ipc.h | 1 + include/linux/firmware/imx/sci.h | 9 + include/linux/firmware/imx/svc/imx-secvio-sc.h | 216 +++++++ include/linux/firmware/imx/svc/seco.h | 69 +++ 12 files changed, 1428 insertions(+), 2 deletions(-) --- base-commit: 9852d85ec9d492ebef56dc5f229416c925758edc change-id: 20240508-secvio-8acfa2838385 Best regards,