From patchwork Thu May 23 10:49:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 13671608 Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04on2083.outbound.protection.outlook.com [40.107.6.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C8CAD1411C6 for ; Thu, 23 May 2024 10:52:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.6.83 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716461555; cv=fail; b=XVcb8JQ3CVI+D5P3/nBBHb/UgpZ5pDBcPrDG9/DfJ9wb/dTjA+YbsQgrBvNXaLK0VnWVNNTjbOWBAWhE9bGLJzujI6AuWOICGRHluz9SK586YEyW6lfPkAC7OG+w8WwyJsccDfL5LxtnlO7OI/CYvCgbmNEqMc8C+pDwdrAE8Ao= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716461555; c=relaxed/simple; bh=EUeRLH1u3HnFhFGQ8WFYu1U3Bzgyf144085PpyjlZlA=; h=From:Date:Subject:Content-Type:Message-Id:References:In-Reply-To: To:Cc:MIME-Version; b=YohDgFYyQiB+Wn8SildhPodOimEO5fvnZio/Njm43WEEFvOEEWrq+ldOkQF7vBZPihTIW5shloVBdnEf91z/oxgDDnp1CuLRu3HiF731hJIwe7HkVjl+FGBqKiIAnWP0+e+Hqol/faZ5F//L6Bf+lyKajnNOPbLRkuiStgqsiAo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=IJe5wlnn; arc=fail smtp.client-ip=40.107.6.83 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="IJe5wlnn" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oAWCVR6kGYtH+9Cwuaaf4ZWvlmXSA688P+WP5eFbn9abj9Yz/fuEdr0Cl4ckxUjqHTQx9VjyqzFPT7UDeNjMoxV+2aLgHS8CbPADmnJ7Y7Sk5NP/9ibvDBU6L9ux+WA2RXEPRDUYpFJIqpWMi6zjuewUqhvGnjj29CHuyuqUXS/4mMUKkPL8FVQrSjj/HZ8XdAtOU1BT8Wicp1/abUaajNvz3CwgZpouVqU5ygJVYa74bkS/nEe7TUVGYEsWeXTLg+BcVS/mNhR5BvQWMFxH6e3SgawkJ1VMWi8zIr0zBlNN33WsjyrX3bbD2iSStULMTvFLPhYiXWZ/zXV7dkihMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wUUkBLMg0O8LrsxQpmu3PouhOIOH0gJxqVubz2X/YPI=; b=YLozlUIYH7KQc6hZIBCpPc6nyv11TWiNRCTSBahx7g/UTlT/eaOX5A193sy0HAz8wFHbrJgvGM9KBV8fWA1sMR70MGbQfmQl9u4bwg6ByDGZvDyBM6yDlNDW0w08JyMHTx8wFNRaEZCnHG958LU36K4hlX+3mifjURsYaLpj2gHKxBIirpj1gVWty2rwFL9L3uVdgawI15EAQYCyVydRFgZrONHexu/IwQo7Ce9bUCV4WhoNin6NPe37VBlMFiWgGjQbZW9X0KK4AZ6QUxcaLfH7ADAiX8Vs2sZcQ0UzT4zvN1NWwJbAWoYHOofoXT395PfWXaSXfH1vHZABgYqPRA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wUUkBLMg0O8LrsxQpmu3PouhOIOH0gJxqVubz2X/YPI=; b=IJe5wlnn3qXoxhTn+lEotQQy61vBRuFjLxcop71f1tisPvxN7bs73eS0yStawiSTkPl4AGzepUnBW1ts+FvjitulA7wm4f42x9mFILN6YySdzf5xTNGhXkclAi2+bn84ipS+BjBn9r4XGbRcjyFptzoBgbv0ddI0NCX6nWQgQs0= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by AM8PR04MB7474.eurprd04.prod.outlook.com (2603:10a6:20b:1d9::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.36; Thu, 23 May 2024 10:52:31 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%4]) with mapi id 15.20.7587.035; Thu, 23 May 2024 10:52:31 +0000 From: Pankaj Gupta Date: Thu, 23 May 2024 16:19:32 +0530 Subject: [PATCH v2 1/5] Documentation/firmware: add imx/se to other_interfaces Message-Id: <20240523-imx-se-if-v2-1-5a6fd189a539@nxp.com> References: <20240523-imx-se-if-v2-0-5a6fd189a539@nxp.com> In-Reply-To: <20240523-imx-se-if-v2-0-5a6fd189a539@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Rob Herring , Krzysztof Kozlowski Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Pankaj Gupta X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1716461396; l=6534; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=EUeRLH1u3HnFhFGQ8WFYu1U3Bzgyf144085PpyjlZlA=; b=JkxurDtEA24/RbdCmoLqw5ywhcljghkKxJbkhG/Hm2EHk3zy/Pd2Th3/l4eo0X3EQjR1UaAGp cHqvV8luWZKAfN4Ow7v0cQ5BdcglbHQZK1qnuFm8D06redlFXauDCIM X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SI2PR01CA0027.apcprd01.prod.exchangelabs.com (2603:1096:4:192::7) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|AM8PR04MB7474:EE_ X-MS-Office365-Filtering-Correlation-Id: aacb6be4-5423-460b-f759-08dc7b1671dd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|7416005|366007|1800799015|52116005|376005|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?miiyHMVd0838B1Yb8IzeYEbN7Rk5+FY?= =?utf-8?q?dk0aijzEv5U3WG01JF17fJ14wlXPEihLHE/e56DuEAAQvfXPLSFQyr6UXUtzEUYEl?= =?utf-8?q?EWsqc0t2ozuDztsxK/zwKOlrkCZ2gtzzHuziH82xpC89qvay1RiuNPSIO7ny5VyD1?= =?utf-8?q?nonJ8+W5BJvXwMfmz4i/L3XaLkfE+2WyWHD8u5spZCepJOsrb3BNwXjPfrWHUBMkS?= =?utf-8?q?3lDwFwSkGbsNu3H2LBXmJiKkddhaI5ZJzwl3L7stH33f0q6b+v5PKnFDIErBak1tP?= =?utf-8?q?iFa9p17RYDaQ6Ew62PDfRkf2vGDtC2a9eL0X+jWv5/5CmCoIlmGlAP+b3jTjmZfqq?= =?utf-8?q?NZQsnI9O3lrJJKrS0k3/r/jfzqTobvQhTwBLgCBFemY1NDwZ+PCBnCfP7zgwnvrUU?= =?utf-8?q?02kn2FldpqNvew4H8aqVsGtSNCXWyAbqGYPKkQUGSkiUQ18zw7nNFSBm/Ap/r6ZwT?= =?utf-8?q?X2Y9hS74d7V3spNv/DgJy6MNsplnKel/pK/N4SZSv+Olaiw4DM7fOjlBSeygWAnav?= =?utf-8?q?uF+O8lWVtYB65oNILqLReceU6sISksdhYxI0LZSRfPifotmFJuFgDbEDl8k2a9d7i?= =?utf-8?q?hgECpsAqElxawzrlpRAbqqROnJIi0dC3FPRY3OaQXx14WYlaFuy68eenYtRebHugk?= =?utf-8?q?5qW8NS2mbFVmhqe6WG9JROH1835TDMmIKq8+O2wJsSoWDqFMFyYAlGruTON8IW+/T?= =?utf-8?q?2EO+8rv/TF6CYAOEc/DC46uUZVOKUSe5JkVuhRaavqE9TLhUU/4/pTiCdPCVC9BSn?= =?utf-8?q?yBAeqZnWsyUrG2/WXNW+a0LvjDmUvqDo/o4kudD8zC23KYoTX5QLp8IqOmUpUGPwu?= =?utf-8?q?jmG9fmsfueKVSoHAk55/EiXyx7+iOvByYrlKaRIi1UY0lVH81SFaBWCYXln4SKzlc?= =?utf-8?q?7n+ZczgtOqv01M81gsuRVsxtPd5yew1eBDnMWVBPPLAmna/JtcdPM4y0m43YTX/8T?= =?utf-8?q?68gDHOwWx0vHC4TSMA4xTxi3e4OYV1/hf+uXj4hCh0/lOlTVlXlTaeeFlL7/NJ80G?= =?utf-8?q?lI9pMQ1fBVWHAVLtiWIYNlwAOT3Se4Nw9eRkO9Ij7NL6YaP0IT0l5tUAFXhAs8aRZ?= =?utf-8?q?g/POk0bEmdO7XqHZzjpyVfqtfBn2eioSy5Hi4zGDZnnevU54gVFIGrjdnu3O7JsD3?= =?utf-8?q?Ky4dwKLhLzY/Oy0CuSxs0fAKEY2n4kMN+97VsvwSuk53N21zDo7KI/RC9a18akYuy?= =?utf-8?q?bkgpF5lMJzQ5R1oBaF/uw3M8bwZZQm1K64ID5s4EepLas9O6DOWukae8TfIHNo7Vy?= =?utf-8?q?ioRozFq494BFj5R5XnEoCLlD4di7Po+0Z2qfvQ0UxDU0M50jgxIowwcA=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(7416005)(366007)(1800799015)(52116005)(376005)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?c0TNQTVFTTecL00m/6QKDqZw7d8k?= =?utf-8?q?8Q6/MQUexEgADR6jg706TdnJz6pZnoXYV9/0zjvxW91FLr2og3XsLP2U5cCfFhku+?= =?utf-8?q?kg24EUhNEk4UOq/0+IBA1FwnGijwRbS/6PAM80LdNBmSgHYnR6qmUuJJSNLNjCkBN?= =?utf-8?q?1HDyDEkPOQ46jq86sYLBa2I7Kv4Br72X9TcqkFiiO/3SgjskfAV+Kj7zlw4UAFYNs?= =?utf-8?q?udOd/0QbpiBapJY6akc26TMxtSDr74iK6H1qs7Llz3HvIxYFu3gErH+IBQPDX7xBw?= =?utf-8?q?woEnqqJ6wJkRHMDGmFSiyVBd1HAaPY0enZp0Arl+/tLjVq7oCyCzMSlxguFSfA8iB?= =?utf-8?q?agtz/dSGs8iP4i25Wm4T0pYzMCaCGIHAdOb0K1UY3Gp3ox4F1TDGb3HgX1qjyUtNx?= =?utf-8?q?FYxPFwzAw7kzYxiVp1t1QcjAKSPDsjs0wBDuJnGKOCiuqvjeMvkJne01Pn1o+95qL?= =?utf-8?q?3mPBpvMmsRX7kdgDG9a0+W1b5mu0hMr6DPMeBWUEjEwj4xokqJ+cpn0nsi1sh1uGq?= =?utf-8?q?nObVYnytbWtOqKnrHwfXcrA8+o8tL6GNhvTNGWKJJnJvoDLZhf9u5myvu66pxogsw?= =?utf-8?q?nje93RmdN49SoICsN6wXByozaxUoDqXVfODMgVe+lsmiachHAlZL3ueEEFy2h7zZT?= =?utf-8?q?6/3dgOuPmnD3dfz4Ei5i2XGUpMQJs3YBtpWDNlOPZiWJune5ADFiCGPOQEtiMj8iz?= =?utf-8?q?08dh6El/5Fc9Av9XF4kAavbF91yKm4pSkZUkfgnD7240Ie+qILbrDGLsdVUesUDB1?= =?utf-8?q?KDGhPED7MqHXSTHLFGa+zk3e9yvKvwDwjYMzhzolUckncf0EI3n+5863XDKE7hPE4?= =?utf-8?q?z1ruO5KeJyEOYfuomc95dkYHbX+DBaSC4M09/kTINIe+dDzSzrdSTL+hveJ1z4FmB?= =?utf-8?q?L4JCwn6cnPApcTkme028NEMRKcixfehwuS84UMy3WRsfnWPBDz2nmiNeUlwkasA5O?= =?utf-8?q?i7AonNevcY8JOt1tIly4bsUmCXKEbi3q7SlOgFU5OIwABYkvDNLjdaH+QQV227cVq?= =?utf-8?q?YbyBWdMPDPt+uBC+8jLs1fDQSZaMp9n0mkye0uNWE44HnKsiBF9QiCrwEIQ/65Yzj?= =?utf-8?q?fQCKOdAfgqaRNbrxO0Ru61pJxBbv9wZoS7b2J9O1aQczfnH3iigmepca9q0YYlbf3?= =?utf-8?q?VEkmI0sAsjjf5wc+AqqadMx57H0jH/3TjBgAvM/FysKpjvMT2TkPFqnDF9pvOyOXz?= =?utf-8?q?elVp1CiSot0LfVBFgXw04DmMifB9AeCPd945HXdaZ5keIsWCdZkcclJ9f2Zxi8ZWP?= =?utf-8?q?qZfGukKHHKtq8VF9oKzT0bn1G/7XosbZKz21O0Urq7X9VDLGSAAwAUyBZpCfV/2XU?= =?utf-8?q?umj73VMuGf8lsjA2d3lkVmBMLJgH2IVeIZGg5H4rgLb5MhYl/kcEBgjK9KgOwkkWN?= =?utf-8?q?urOkNv390ftVFSWWxeMs406DolBRV4evjHr2RRWn4JhBcHh7Zz3hSCdiO9drIdWp6?= =?utf-8?q?+PNgcWg5fXlVEH44nNCPLGWmP0fML+A2n6v33bsx7KPfVQDKK/QCtTq37OuFSl/0B?= =?utf-8?q?GjHoiFU1VNZW?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: aacb6be4-5423-460b-f759-08dc7b1671dd X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 May 2024 10:52:31.0942 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: o/4C4jPFwYm1GaRW03p6oMvjuZDh1yAy8RTnPcJXXdZLkggIEuCoYSgc5jYeW7ukbh+f1UWYMIQOvNde91bRKA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR04MB7474 Documents i.MX SoC's Service layer and C_DEV driver for selected SoC(s) that contains the NXP hardware IP(s) for secure-enclaves(se) like: - NXP EdgeLock Enclave on i.MX93 & i.MX8ULP Signed-off-by: Pankaj Gupta --- .../driver-api/firmware/other_interfaces.rst | 119 +++++++++++++++++++++ 1 file changed, 119 insertions(+) diff --git a/Documentation/driver-api/firmware/other_interfaces.rst b/Documentation/driver-api/firmware/other_interfaces.rst index 06ac89adaafb..65e69396e22a 100644 --- a/Documentation/driver-api/firmware/other_interfaces.rst +++ b/Documentation/driver-api/firmware/other_interfaces.rst @@ -49,3 +49,122 @@ of the requests on to a secure monitor (EL3). .. kernel-doc:: drivers/firmware/stratix10-svc.c :export: + +NXP Secure Enclave Firmware Interface +===================================== + +Introduction +------------ +The NXP's i.MX HW IP like EdgeLock-Enclave, V2X etc., creates an embedded secure +enclave within the SoC boundary to enable features like + - Hardware Security Module (HSM) + - Security Hardware Extension (SHE) + - Vehicular to Anything (V2X) + +Each of the above feature, is enabled through dedicated NXP H/W IP on the SoC. +On a single SoC, multiple hardware IP (or can say more than one secure enclave) +can exists. + +NXP SoCs enabled with the such secure enclaves(SEs) IPs are: +i.MX93, i.MX8ULP + +To communicate with one or more co-existing SE(s) on SoC, there is/are dedicated +messaging units(MU) per SE. Each co-existing 'se' can have one or multiple exclusive +MU(s), dedicated to itself. None of the MU is shared between two SEs. +Communication of the MU is realized using the Linux mailbox driver. + +NXP Secure Enclave(SE) Interface +-------------------------------- +All those SE interfaces 'se-if' that is/are dedicated to a particular SE, will be +enumerated and provisioned under the very single 'SE' node. + +Each 'se-if', comprise of twp layers: +- (C_DEV Layer) User-Space software-access interface. +- (Service Layer) OS-level software-access interface. + + +--------------------------------------------+ + | Character Device(C_DEV) | + | | + | +---------+ +---------+ +---------+ | + | | misc #1 | | misc #2 | ... | misc #n | | + | | dev | | dev | | dev | | + | +---------+ +---------+ +---------+ | + | +-------------------------+ | + | | Misc. Dev Synchr. Logic | | + | +-------------------------+ | + | | + +--------------------------------------------+ + + +--------------------------------------------+ + | Service Layer | + | | + | +-----------------------------+ | + | | Message Serialization Logic | | + | +-----------------------------+ | + | +---------------+ | + | | imx-mailbox | | + | | mailbox.c | | + | +---------------+ | + | | + +--------------------------------------------+ + +- service layer: + This layer is responsible for ensuring the communication protocol, that is defined + for communication with firmware. + + FW Communication protocol ensures two things: + - Serializing the messages to be sent over an MU. + + - FW can handle one command-message at a time. + +- c_dev: + This layer offers character device contexts, created as '/dev/_mux_chx'. + Using these multiple device contexts, that are getting multiplexed over a single MU, + user-space application(s) can call fops like write/read to send the command-message, + and read back the command-response-message to/from Firmware. + fops like read & write uses the above defined service layer API(s) to communicate with + Firmware. + + Misc-device(/dev/_mux_chn) synchronization protocol: + + Non-Secure + Secure + | + | + +---------+ +-------------+ | + | se_fw.c +<---->+imx-mailbox.c| | + | | | mailbox.c +<-->+------+ +------+ + +---+-----+ +-------------+ | MU X +<-->+ ELE | + | +------+ +------+ + +----------------+ | + | | | + v v | + logical logical | + receiver waiter | + + + | + | | | + | | | + | +----+------+ | + | | | | + | | | | + device_ctx device_ctx device_ctx | + | + User 0 User 1 User Y | + +------+ +------+ +------+ | + |misc.c| |misc.c| |misc.c| | + kernel space +------+ +------+ +------+ | + | + +------------------------------------------------------ | + | | | | + userspace /dev/ele_muXch0 | | | + /dev/ele_muXch1 | | + /dev/ele_muXchY | + | + +When a user sends a command to the firmware, it registers its device_ctx +as waiter of a response from firmware. + +Enclave's Firmware owns the storage management, over linux filesystem. +For this c_dev provisions a dedicated slave device called "receiver". + +.. kernel-doc:: drivers/firmware/imx/se_fw.c + :export: