From patchwork Thu May 9 00:45:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vabhav Sharma X-Patchwork-Id: 13659299 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2069.outbound.protection.outlook.com [40.107.21.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7A051BDCE for ; Thu, 9 May 2024 00:45:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.21.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215547; cv=fail; b=XI2vapnbONYKf7GS6yeaWk4WceZYKzXXkhV4segGUvhNxZ7B/xIKd4GgNyI1L5tP9Di3E+RD8ZuC0ZTKDWVEOMFeAKbDLypcYGmaCeNfZPzRx9EF7UeLZBQc8OvBGzw9Uu0f7R+O+xnmdHfXZ2IyGaA3PHe6derBepVn6tmlI3I= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215547; c=relaxed/simple; bh=7ifINYCByfo5Rm2D01X9gpRbpguxgJzH/s1a2oalSGE=; h=From:Date:Subject:Content-Type:Message-Id:References:In-Reply-To: To:Cc:MIME-Version; b=THhzZrvd7QNAEgHAyeXJaKb5dhkib25Uk69OaSA6GxEuqOqAv1+8QyU7paq4mbprey+5aULNiOLzo85w60f+4MxTBZYsgdH6Tq42fv+8w8xReRdR4mlxlkLf9+4mVNfZkDKpwfET08NuFUyJGYzld2/hGp57HrrS4s94zecQMg4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=gRMGHo6d; arc=fail smtp.client-ip=40.107.21.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="gRMGHo6d" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ewv6KbmbWr2caoRLEj17PizqOnNwmO7LSHXhYp6fbJkAxOHISJcx+rzDNcsdpV2RevupHfeX3AcMERKOsTNoRTkZq+uWsu2wg8rfC9A/sOTm6yaTqx8P0BczJalnUwJgAXR0PmCvmXpc9njSZAwLrx3ddWeyii1PD13Rg7b4wXbfNKALxV2C9DflxV/v4rAgtBJDh8ybnoxCzDmo16i3A6GiXA3g6AiWB/4m3lpGaFPX8c8Y6+ALbTgbgMjTsTce3P+rHXCG+4715zdKkYUekHQXNJB6ZkNjXVs5erTZTISIoJIdqu5T3ladYUradpvzb5tw0z3OpZsq5eirERllvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZegWxIa1zIwZXyyTi83e83cwxK2CZBnVEV2ywdhASCQ=; b=Ow9BwA/3JN5RQj8EokaSNIVqX3rxV+YzZtvOr3gVLq1JAzbMcBezUrH2ZaJ4VTsbrTQ9B4rHATxO/Ym5zI5A7oxpsyFbC53LxBafri/4mcY3M3/hba7Bs6u8gCsRz5JTvJVD4It+sFxGot/vqBz7ZQzcTYj5aG7hD1RDAAsov5Dhr4ldbLVZtOMNrJr17jFwIgtDj8+KPUOu8LYhaqsqVYYz37kWZ3frPHmbqJ4VhVuaB2qv1CstXR2wgiXMR+iGR4n32g8WkZFT6wR12DNrIsdupqZkflpDhUSrfl37K67ALCoUmsLPD5VdvsP0vym0hK5HS9NhF6CyYBxSo2A+Gg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZegWxIa1zIwZXyyTi83e83cwxK2CZBnVEV2ywdhASCQ=; b=gRMGHo6dryrGI4IMsvBT47tqUgQ2RWru2u3TUBbEKmj0apq0vtrdMj/5pItcoPWb06LE5R643xstqXyAqHHvPjqtaQC4Iy7ug8kVnfDpsMwdg9c2ViO36PbZvgGySq3HR+VKC00HyhopOKP1RqEXYqzFnAUK5LV9qUJGhBVpbwM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) by AM9PR04MB8273.eurprd04.prod.outlook.com (2603:10a6:20b:3e5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.42; Thu, 9 May 2024 00:45:39 +0000 Received: from AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84]) by AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 00:45:39 +0000 From: Vabhav Sharma Date: Thu, 09 May 2024 02:45:32 +0200 Subject: [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree bindings Message-Id: <20240509-secvio-v1-1-90fbe2baeda2@nxp.com> References: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> In-Reply-To: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Franck LENORMAND , Dong Aisheng , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Peng Fan Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Varun Sethi , Silvano Di Ninno , Pankaj Gupta , frank.li@nxp.com, daniel.baluta@nxp.com, Vabhav Sharma X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P190CA0006.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5de::9) To AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS1PR04MB9358:EE_|AM9PR04MB8273:EE_ X-MS-Office365-Filtering-Correlation-Id: 5da18fb3-c361-4791-1a91-08dc6fc158f4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|1800799015|7416005|52116005|376005|366007|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?1kDTiTlyFbtjUUI3jztDodXlBMKxckR?= =?utf-8?q?Ei+yPDPQx7siLJQUwX4gG5BdTuS4kdluxB4mBIP7qM4utNJlKrECVUSbzjlEgovV2?= =?utf-8?q?dF/H3PmHTVsDVtpaKySVF1C1wcRvhgBNx4i1PYY/B8jHCOYBDE2/thd6LLSXRpHvN?= =?utf-8?q?YI2oPwwbi5+VnRTTegMkCadVZnvJeKWrU5dIOriSveEbPl+SJ4RJzBVVZg8izk34C?= =?utf-8?q?Zj3HN/2DR9IcG7GkbruVQgYIEAasQxdGKuzMNPEG/HGf8adaR5mhM2WKr6tz8yEET?= =?utf-8?q?4/wzjFw8oOJKPSrn//Rf/8piKUay2uMuZTAPNVirhp5dzvn9YU8TQCLoDFxiA663m?= =?utf-8?q?uWwjCGgsNRdFvrl62ZIjqmYbAUrokHkFiQiwxEnTZwSkF8jnKJtbgvJ1B+aUj2xNl?= =?utf-8?q?JC435cH50/1bboh13rE8a1DcprTighUSmTv5O+zLIQ3QikOuQJnJtMuO7rbkyiTuD?= =?utf-8?q?tle+KXrqSUtqM9+9abicTf4fxn7r/hNGdYJ+YEKQK2rw6iFSao15MfJ5ITCjVWhkl?= =?utf-8?q?qjuEkEcQ982HxgfJdOajbfYY8IULNAmdQCWLayemKtEYWVunwSFlj4u51bPuUlS6q?= =?utf-8?q?S/O5X7InxvHmKWpudvAyPzuDZnd7LpdNZ/aioJh57GRy+QNqLROmWOSS7zPU7hJbh?= =?utf-8?q?bXDJftefL82txlZWz0Ic96D0kMVFmGhkEVIKzZSoVDStsHk4DmZd+D1BK79f/fYgP?= =?utf-8?q?Qi2xo+WvpHLt6m/nICas8x7QMkY+a58N6R/+KAWAxyCwrku4Vn1phZNLsaoGfrPnv?= =?utf-8?q?65iRdjwWH5TY8S0qwfRBVDARuf1CGffxGW6EYIvaG6V6gtR+LGelbBfx9DoJsx3Kd?= =?utf-8?q?mZ/LqMtzsL+uVn5jkzxfYeG57rcisJOw/ZReTXmErllKiK56oMxGg+gAD0dRgwY14?= =?utf-8?q?TbS3il3egDdJVE5QJMMuEXqFVXnb2VaW+Q2b4Lsp58QPMTax1O7GqzvWC+/13zq4O?= =?utf-8?q?g1bqcSFJjrP3KJ7mVZ25uUQMYhe2BZXWVyjhDtu5/rEfEPdtMJqQkGaL8NzKLyiwb?= =?utf-8?q?uBufQzlL34wDO5046/BTQ1VW8xw1vBgT/3rwL1yofqoGCjA8e2VLNE++nUPxoVBpI?= =?utf-8?q?CUZNyVjoO8cPL6MFmwpExf95W9LI94BIJ4K6buKEju9jBjz634N4edLvPgsK21fVz?= =?utf-8?q?ETS30rjnQ4QigOcv2jgwFHHWt9GRogHSs9g0T0klCERktQTSZq1XzMxv4otoSYsPh?= =?utf-8?q?tBgpLhhQ9B6viuQzv7vrhog/5D2Q95khyZsBtxhRaFeyePpDgF+2OY1C8=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR04MB9358.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(52116005)(376005)(366007)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?GLmxvI8+49OEQDhUtZGTIMab2eSv?= =?utf-8?q?JSuegVf2qPyUuOnUuAiwE5lvWRUvrEId7jAh6E46/0pxb2nipnCxXNTKExxuHOor5?= =?utf-8?q?WDe/m59R66KzYdqPOfUHqEwCVJHrq5RUrLjoOpYp5RLyTklWVwwa7vbl21VEdwT/6?= =?utf-8?q?aMM2FtQncRh64K0mDQQcSB0+XTdwpEQDnojtDrRkYug8cPktOCNphmr8YcuVBBWQx?= =?utf-8?q?2Nw0Vu86LFRNIJPBoBlwFwMxYs6U80Rp1zrVFgnDDfPfxgqJJQxsfQwbKXNufI/TF?= =?utf-8?q?OBdAPoLE1sjP9AsDjpUGWKSh0Oh8t2B/CZ1EgIFkE1ae5Ym8O+lCS/y/bshFYlJCC?= =?utf-8?q?Z7aCWE/Va1E9GozY7Q/QJcM5KHGMFRUHrnXixHpeHKeJVEShfQh2obJToe2nvjn1g?= =?utf-8?q?gCZne4uJNlyohhdMx7dNFZzAZ4IeDzEP6VLlstk9wGeYB5ZaOoh5xQmhSooveDMIn?= =?utf-8?q?lbo+0edSuGfBGBI4Woqh0Ojbb/pwOnmH8fHhCf7nFbfz2NWIR9SocpfiwWmTfGOkL?= =?utf-8?q?2xE3QAtMChbkVnJvIORKdx71f+EFMUpBFa5YF37GVKBz2zeleJ5OQhfQWJQO+Kvv7?= =?utf-8?q?X3t6NLMSzIa7o99EOAKuN4C+dOhfBvmKjCdAFM+b3sA8v7qV3CQYDrzSPY506LClw?= =?utf-8?q?/QfgrF5TV4mMaoeJIt+oOZ/A39YQybtqmk8OmL1s5z+gENkAesvq3JJF6yGQkfDdB?= =?utf-8?q?24ghX4kIrQWQZOoUGns4cs06ckP/26IdYUvehKGYsyZuSH0donY+FByerX2mzxFBr?= =?utf-8?q?kYozjwlFybcCKGBNVYWFPkxoDu0R5IpruA4UcN/Kl81UvzxgA8lQDswsu1ZQNtDcR?= =?utf-8?q?06B2bSt0IS9SrKvpGK6xnSz6pwqd1WJOaDEw+qNaKQH8qk7Y4REJYd1PZHCn+0S/S?= =?utf-8?q?I7n2QJXRbP6eYB65bqNVegdEp7aPVDgm8F3fhvZ3dRl/6/v9m8WMiNl+tok9vcATH?= =?utf-8?q?bDUcMXkKR0cnSR0J5yg05IjveSOECVF99B9B+LwytxPd63EnlHokuBomp3cbslOeq?= =?utf-8?q?qVIeQc6Bsp8b62fjFn02FFycFDWp39WLIPTStDuaHBsMwsJjbtC2A3M3QTTvL2xsL?= =?utf-8?q?ZS5FEbwZuB5ZrXYHnA1g/xoPBNtCDleou2jQ0bVS3oL1valwIAGHkuEHWQGniAxDq?= =?utf-8?q?nQhj5rmrLVlclsEw14taHKwEh5IDQ1xPXwXi/s8WV6x1Zj1vO2Rct5TWT7PgNnYmE?= =?utf-8?q?dTkSFLpWG7zwZpw6/F8u/WvyR/G8aMKduwwSw8/dUYx09ofHltI0KfnPIaO0ZYmKM?= =?utf-8?q?qVOg4Ez1v0MSKMQq8lSpAfpPW/P0WAHc1E9FyuGq4uG7UCgntPjvac8EvmIBSbHeC?= =?utf-8?q?dgxoT3EMiZrZ5BpM9mGpktJfgWG78i9voPKkuHcK1tEzNSykQDRN206sfP1QcEu+B?= =?utf-8?q?5qGD6iibZHGWG7E5Pxb96NTDvV6DME+Ke6+WiXXTP0+4u66fFitAcqj5F6K5oFWY/?= =?utf-8?q?Y21CauIuDyzjW/n54kZrf8R51Wzoo5cVh4DhjFHLIgpOpExdH4KyyMqlyfyuOmysL?= =?utf-8?q?eCM0DXwko6MZ?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5da18fb3-c361-4791-1a91-08dc6fc158f4 X-MS-Exchange-CrossTenant-AuthSource: AS1PR04MB9358.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2024 00:45:39.2836 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: g4AxLtI2odJMYrAoPy3MSqb62RdVvlT3q8YkgwevqdWf/Um79ESyFnkvkNa0enuF8iMiI6YREPLEEWvjAV0Apg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8273 Document the secvio device tree bindings. The tampers are security feature available on i.MX products and managed by SNVS block.The tamper goal is to detect the variation of hardware or physical parameters, which can indicate an attack. The SNVS, which provides secure non-volatile storage, allows to detect some hardware attacks against the SoC.They are connected to the security-violation ports, which send an alert when an out-of-range value is detected. The "imx-secvio-sc" module is designed to report security violations and tamper triggering via SCU firmware to the user. Add the imx-scu secvio sub node and secvio sub node description. Signed-off-by: Franck LENORMAND Signed-off-by: Vabhav Sharma --- .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++++++++++++++++++++++ .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++ 2 files changed, 45 insertions(+) diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml new file mode 100644 index 000000000000..30dc1e21f903 --- /dev/null +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: NXP i.MX Security Violation driver + +maintainers: + - Franck LENORMAND + +description: | + Receive security violation from the SNVS via the SCU firmware. Allow to + register notifier for additional processing + +properties: + compatible: + enum: + - fsl,imx-sc-secvio + + nvmem: + maxItems: 1 + +required: + - compatible + - nvmem + +additionalProperties: false + +examples: + - | + secvio { + compatible = "fsl,imx-sc-secvio"; + nvmem = <&ocotp>; + }; diff --git a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml index 557e524786c2..b40e127fdc88 100644 --- a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml +++ b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml @@ -129,6 +129,11 @@ properties: RTC controller provided by the SCU $ref: /schemas/rtc/fsl,scu-rtc.yaml + secvio: + description: + Receive security violation from the SNVS via the SCU firmware + $ref: /schemas/arm/freescale/fsl,scu-secvio.yaml + thermal-sensor: description: Thermal sensor provided by the SCU @@ -197,6 +202,11 @@ examples: compatible = "fsl,imx8qxp-sc-rtc"; }; + secvio { + compatible = "fsl,imx-sc-secvio"; + nvmem = <&ocotp>; + }; + keys { compatible = "fsl,imx8qxp-sc-key", "fsl,imx-sc-key"; linux,keycodes = ; From patchwork Thu May 9 00:45:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vabhav Sharma X-Patchwork-Id: 13659300 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2069.outbound.protection.outlook.com [40.107.21.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 533CF3B185 for ; Thu, 9 May 2024 00:45:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.21.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215549; cv=fail; b=NCwigq2EZCjr/o6m4eOrDqsL1yn2yjC4IDP4cg2OGpM3+sV8FecLvr8CWKJzlMiTqiyXxXRk8ZllreK4blIuncUJe5d3yJSbRSlLEhVcDDLeiqOIrDBTYLlpHpCGJFCxOf9PE8CnlqhgK1U8BwPfIhRInf4FQbdn1w0xP9IzlY0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215549; c=relaxed/simple; bh=CwB+dL5zyYX72han3czsGN72i36Ut3sOkzdA4ezN1vA=; h=From:Date:Subject:Content-Type:Message-Id:References:In-Reply-To: To:Cc:MIME-Version; b=TGlg4WUSN+I/vxX+s0C7pFiOOGaXtMX1mlJ0btwxGLXtWmS5krXyCFbQ1Hii0M7m6b0p6UMCprDEmFPIrPPpgsDatfLR1karHRbSyLudkb/H0a8Jo9GSCyFq2SgJc96ovbL/TEp2BMtjqSweBy7vf8sYuw+I9BXkgt8XmX76k9Q= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=SO6aXHf+; arc=fail smtp.client-ip=40.107.21.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="SO6aXHf+" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kd6cDLeTGrbfMHcbeh7dvBn4sD9u29/18OXcEOsVC+dt5MzWjTwgHrunIg8NYJvZd2eOgUiPDP/GP3pNaWfmK6Y5ujYBDh796IboBGC9kmk2JdGzyFFRs5otzwuZ4eI+304zh4Aj/hyFnESE3VVOvlCFb8E615dLmnGhYhZagnv+DAbtG4AmPQTAn6q2Q2HXU2QnXuhVw7PneTnYLy1bnMkzLufDUTUSaElh8SOuKPdiNvFcg6oLeWW+leXHnnQa2dRKO0TqaCBqt4M3lJOCaAKmjbktrDjdoJylYFTM7e9KuszmHDRpHYgDXuqVfXNf6E+bumFiJBpF4Q25aU21VA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KW3TEVYisXJpBSafePW3lqofXj3EwywSx5j4Jm9+RDw=; b=Q6qZ7dARUExSMp5sUFsgiI6LhZjcCH8pfxEo/R+vetRNIQLEq2FJq7WmgRDJlJeRzpH28WlIKvcsrTHI6jFs9WHDAeSOAhUQHjfJGYArfkdKVsnU0u3RPIeXiQZCjBonnd/GumbY4lTHzLNtdEyVKodFl4dqErLk8J+kvQ2/mW1IS0mJOvlk9wk9jcxDfoHjUyMuYM0axc5ns8m8rFA1UVdg4XaxCdsvFkTjUovPWCkNZlJDbpiLsJET5w3OqI3PYhLQcG/rUfLwiG7h8Yzvh8+VXwrT+/dbZayeIZT45MBX/efnrXa7rQNUfNoaPgWFj8ly5M7cpLW7Kk0qcL9TiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KW3TEVYisXJpBSafePW3lqofXj3EwywSx5j4Jm9+RDw=; b=SO6aXHf+u3BT9a5FPAa8N0HD0YX0A+XXOUcAPU7O6ne7iDMX5IUsmjIQm/c6LmEQHPKAG/7+pMKa7rF5m09ikx6j2I2uPpdk0o7682Wp5K4nORni3nebTcKJJb++R+0qD1uXC9b4UWsFuPfsD/hvBB3zZ7VTVSezilLRGAyuEEM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) by AM9PR04MB8273.eurprd04.prod.outlook.com (2603:10a6:20b:3e5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.42; Thu, 9 May 2024 00:45:39 +0000 Received: from AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84]) by AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 00:45:39 +0000 From: Vabhav Sharma Date: Thu, 09 May 2024 02:45:33 +0200 Subject: [PATCH 2/4] firmware: imx: Add SC APIs required for secvio module Message-Id: <20240509-secvio-v1-2-90fbe2baeda2@nxp.com> References: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> In-Reply-To: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Franck LENORMAND , Dong Aisheng , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Peng Fan Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Varun Sethi , Silvano Di Ninno , Pankaj Gupta , frank.li@nxp.com, daniel.baluta@nxp.com, Vabhav Sharma , Iuliana Prodan , Horia Geanta X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P190CA0006.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5de::9) To AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS1PR04MB9358:EE_|AM9PR04MB8273:EE_ X-MS-Office365-Filtering-Correlation-Id: e7063b96-69c3-4074-3eea-08dc6fc15921 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|1800799015|7416005|52116005|376005|366007|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?JsPzIMEZtK78fcBaVfm8fa13jfJbBf2?= =?utf-8?q?nNXUOkHFnQpkXePgIzNTVSZZRZ2KNnPlFZGwhzeUUJPOOUuJxQupCTgJ6QXbc6YhN?= =?utf-8?q?cnpiiZ0uDzK7IL6TcJHgA/rA6g6+t9DiUoqBCrENj47Gbk45wcrgEUM0LG4YcYRRK?= =?utf-8?q?PyYie1+aL/T6hXUaR+itQjPltZE3UMaPpSRgWXmNe4uJ/275liXzS0HOZ5DbkzvGu?= =?utf-8?q?zSpd/aDXUZyyitqmadplzSbuViDsiuBFuLjRCvvFH7Vdck70PASBz9MAkWhT25Ulf?= =?utf-8?q?Lm73BCV0eA12JZDDQhWZSVDULt/eWsYhywLkslE977/4l3AatjZShLi1PAkXRJTnT?= =?utf-8?q?/A4C+PHMP2pRt+lkOqGqVx1Z/yFEegSwfHe0PXnVGYh+u9xtpdpKxHj0XWkUTh+TY?= =?utf-8?q?PIU+ekTwNdD0iPaMneojYFY6Yo3kN/NcuGbNaNbnE9Ccjbnlr4vNwp9U4+oWOK/Qs?= =?utf-8?q?+uTcnI81ZvCM14bL+8AmI6L7hs7GGV2fk7a+ALC9TNt78AzYcXhn+vE0y/ugS70hR?= =?utf-8?q?uJyH0rRUbkkAdntSIhiJmGd2sz2cUqJfaiAFPAkxe2G0vLWQARWGup2rxbUji8hVy?= =?utf-8?q?LXhbbrLuve6lE9FcuxXUS26Eaoi5dfb/Kg2iXqSt0eovDvOxjBaZJECPtqrdpu5UP?= =?utf-8?q?s48xSoO/vyE4bHM1AyN273SyiYQMPGFH0L7MHBynGUQIImElOShZrEeA71GHIINhf?= =?utf-8?q?cYqM+icOtlbKBZDUmLcXBnmv3T2hx0pPXTpeaGzDu2u6hPd7zDowSQR2Yzy/yLBnh?= =?utf-8?q?09xDg+ztfOTjnMv/nayZPS1WThpbjhfUwZbjibJCIyZFnwBkQNXHBivsNPs8E3UXF?= =?utf-8?q?1TgdDoxFvuEV6iajdO/ODhIP3MGaeoXTHIbTmgTlYJWLJ+3w1BA2w97/s0zLtRjat?= =?utf-8?q?nTlKV8XG9WYH64ZHTGcwC4tIFyrHVCXwwDN6QjSubjEtxMpMNXmZBW3IJck03TDnQ?= =?utf-8?q?1pfZ9Gq0YE5c//ycqJnTvZjOD+JmRpUvWs0k0ktLoJ0XC+xw/wMQRVU7xp5BiJh5i?= =?utf-8?q?YXEb0U74O8TEnBk5gYAkodATZAzqJ+4XZR/1mg9J5aTBL9P19I1j8jDRhfOWg4hg5?= =?utf-8?q?rnEWFnwledtDQ6ixRHuoaVwuSSFITb8CsZHeopwyerbVm1GKa+0LL2CazmcqbMXpr?= =?utf-8?q?KB2JOsxBAYEMYlfWyCb7eh/C7wziYWNW6C8xev2xDHwIyFLEdjIWUdmgjrfv2QGnZ?= =?utf-8?q?wzWXu7Zx8gpetFzD4xzNXkfB/zorYRxRhmlMtuw4wXaLq0JqmKdqe/rjp9u94J2pZ?= =?utf-8?q?aWJG+GUfbgAq9wQvS+2glTJL0ZaFlLA3pHRKcY6UFRdUeL8x84p2VcP8=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR04MB9358.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(52116005)(376005)(366007)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?OXKfgxz+4SU18js2LOtdiqpU1pat?= =?utf-8?q?q0wY2RpVWb+2fPec9Q6l3xM/nnhJvj8VpvG8Qz30ecdhdZqarLYOGxSfy6pVQdobh?= =?utf-8?q?AT73LLxN0kUYMZ1cNSTDWdiLKEayl2rafZ79IkmHuA0O/wKNgfvhF5KPVgSZyK7ji?= =?utf-8?q?VI6j6s6PwLxFq+STD+mrkSKl7+3wkiVfPP2WAlkBpTXYS4LaVRSDt6/f7nOLpZsiV?= =?utf-8?q?fzTnzCQqZ9F/7SwdOCV+dpCxszQQSd5pF3NRLLvoQEz8o0qIVdgicU2+JDgKKwtp9?= =?utf-8?q?IhUwBSr16FCqjxidDWzgOz9eBg7LCKXieLGwXAI5ZehN34O7wxOfqKOjbW7pQ38oa?= =?utf-8?q?uhzdBm5RvY9cMeGo2RnS47ogyC+QMFrqM358whmK5BiKVhwZX73AO811uNxv21zF+?= =?utf-8?q?Y0nEdoesna4LT5SAxIC+FPQLSqSiEcV/Yj09716iSNCRmNX8dof7lWVc9TUvBcZvY?= =?utf-8?q?zxUDWVVozbT4zggDvkIiKBwO6tWeC/G7cD7p1gQ/QJ9F84NUiirne1a05JLqprkmL?= =?utf-8?q?so+r5XW36ixP8yDd5MIHoBcrrSrjK7daWFO3KWzUyI/Vzm0Stv1JDGg+KdmMaumjx?= =?utf-8?q?chhlOdaIhNhnX876qoiKOQA6cKjZfdB5Y1Caz7nhyKiaEECbrD2BWpEddnD9A7Q+P?= =?utf-8?q?SI+eKDB6z+GVit0f8Yoc3mAbcsdqiosLtkvcdD35ScxjQ9YlC7117N0x3jUUgwBer?= =?utf-8?q?BLKrupcR/hUopYkeVUqjMVker5SVmAgIz4eyri4sxlAcovYVTOLbH0vgv0D+fcUGx?= =?utf-8?q?sJx5sQfXw+yzmvQKofgDuQi2HIF8t/enKku6ZoldjxjcE0vAqx7TFHreeJFzFaiqp?= =?utf-8?q?xRQRn/b6pRkR0LzXDDYdK1231Pg8I0XEJmBCZFVuMbh8pr4kv28xeFcWu/KmWHBE3?= =?utf-8?q?WCFAsy3udJ5dq0TsYInW06uLxFZ2DsAZKVZmruAkrR9YnR9D8QINxWVe5TMSEgwJA?= =?utf-8?q?7QlW6C7FMJPX00PEqW3a6Oj2xu3shqKgC2UNrxqMH/xQA6lbjfR1cSh+Tabq5UkPS?= =?utf-8?q?H3+HB/mxkn8oXegx5nLTSzemxxb4pHgioEKOYgp3bhF2k42EzZ+wPUYiJjn0ouhca?= =?utf-8?q?asDkdSY6+PZY69MCCuXUJBS/idwFrISV4+ykGJVDmaJG+M7osx2b07UhQtlCr6Ort?= =?utf-8?q?VNfdLbugscOFhrN7+rRCW7lhb6LinpDFEf91B3aFnoDewgc4TdtV0/gARru4smNJs?= =?utf-8?q?Wm9w8GGZ1dGnvyLp13oUkI77ohYbsnVr0UsrFmwnZiQafRas9bzKapDCMACpakn8d?= =?utf-8?q?/wEmk9AjZcbb5AeON4GSVtoy9Bc5krbNiJIVpwJtbfXVT08fWW+vati3s2vVsBHdQ?= =?utf-8?q?V/K4zA2bOPlkWxq/oGZwVbSg7wjt5vQPFvzuztZATGE+ikkhLe1y7LRw2ve80jVGt?= =?utf-8?q?zEdC83NNZmmpzmdJgh7GvKV26JkkMDm+wAYo9wrXyEpHvOznBXTfoyxnd99N3ZMOz?= =?utf-8?q?z38HdfuVd/R7yQ+INy0BPwGgCHZgxHf/yCQEmgIGgdTj+a3jknJAMAUmOY4wpjDNA?= =?utf-8?q?BTwyxfx5Uhb0?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: e7063b96-69c3-4074-3eea-08dc6fc15921 X-MS-Exchange-CrossTenant-AuthSource: AS1PR04MB9358.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2024 00:45:39.5607 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: e84Ylbiz+qzaxQG9W2gyaQWgQXrwWn+/lQukJJXphu9JL32P5MGDXzXPSRPsoNhqb/m/YTcPbH++WyVpvcva/w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8273 The Security Violation module requires below System Controller Security controller API to interact with SNVS block via SCFW - imx_sc_seco_build_info - imx_sc_seco_secvio_enable - imx_sc_seco_secvio_config - imx_sc_seco_secvio_dgo_config Signed-off-by: Franck LENORMAND Reviewed-by: Iuliana Prodan Reviewed-by: Horia Geanta Signed-off-by: Dong Aisheng Signed-off-by: Vabhav Sharma --- drivers/firmware/imx/Makefile | 2 +- drivers/firmware/imx/imx-scu.c | 4 +- drivers/firmware/imx/seco.c | 216 ++++++++++++++++++++++++++++++++++ include/linux/firmware/imx/ipc.h | 1 + include/linux/firmware/imx/sci.h | 4 + include/linux/firmware/imx/svc/seco.h | 69 +++++++++++ 6 files changed, 294 insertions(+), 2 deletions(-) diff --git a/drivers/firmware/imx/Makefile b/drivers/firmware/imx/Makefile index 8f9f04a513a8..b53d2dee8ff3 100644 --- a/drivers/firmware/imx/Makefile +++ b/drivers/firmware/imx/Makefile @@ -1,3 +1,3 @@ # SPDX-License-Identifier: GPL-2.0 obj-$(CONFIG_IMX_DSP) += imx-dsp.o -obj-$(CONFIG_IMX_SCU) += imx-scu.o misc.o imx-scu-irq.o rm.o imx-scu-soc.o +obj-$(CONFIG_IMX_SCU) += imx-scu.o misc.o imx-scu-irq.o rm.o imx-scu-soc.o seco.o diff --git a/drivers/firmware/imx/imx-scu.c b/drivers/firmware/imx/imx-scu.c index 1dd4362ef9a3..c96dc73689a8 100644 --- a/drivers/firmware/imx/imx-scu.c +++ b/drivers/firmware/imx/imx-scu.c @@ -242,9 +242,11 @@ int imx_scu_call_rpc(struct imx_sc_ipc *sc_ipc, void *msg, bool have_resp) * APIs are defined as void function in SCU firmware, so they * should be treated as return success always. */ - if ((saved_svc == IMX_SC_RPC_SVC_MISC) && + if (((saved_svc == IMX_SC_RPC_SVC_MISC) && (saved_func == IMX_SC_MISC_FUNC_UNIQUE_ID || saved_func == IMX_SC_MISC_FUNC_GET_BUTTON_STATUS)) + || (saved_svc == IMX_SC_RPC_SVC_SECO && + saved_func == IMX_SC_SECO_FUNC_BUILD_INFO)) ret = 0; } diff --git a/drivers/firmware/imx/seco.c b/drivers/firmware/imx/seco.c new file mode 100644 index 000000000000..2d6bf301ac87 --- /dev/null +++ b/drivers/firmware/imx/seco.c @@ -0,0 +1,216 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2020, 2024 NXP + * + * File containing client-side RPC functions for the SECO service. These + * function are ported to clients that communicate to the SC. + */ + +#include + +struct imx_sc_msg_seco_get_build_id { + struct imx_sc_rpc_msg hdr; + u32 version; + u32 commit; +} __packed __aligned(4); + +int imx_sc_seco_build_info(struct imx_sc_ipc *ipc, uint32_t *version, + uint32_t *commit) +{ + struct imx_sc_msg_seco_get_build_id msg; + struct imx_sc_rpc_msg *hdr = &msg.hdr; + int ret; + + hdr->ver = IMX_SC_RPC_VERSION; + hdr->svc = IMX_SC_RPC_SVC_SECO; + hdr->func = IMX_SC_SECO_FUNC_BUILD_INFO; + hdr->size = 1; + + ret = imx_scu_call_rpc(ipc, &msg, true); + if (ret) + return ret; + + if (version) + *version = msg.version; + if (commit) + *commit = msg.commit; + + return 0; +} +EXPORT_SYMBOL(imx_sc_seco_build_info); + +int imx_sc_seco_secvio_enable(struct imx_sc_ipc *ipc) +{ + struct imx_sc_rpc_msg msg; + struct imx_sc_rpc_msg *hdr = &msg; + + hdr->ver = IMX_SC_RPC_VERSION; + hdr->svc = IMX_SC_RPC_SVC_SECO; + hdr->func = IMX_SC_SECO_FUNC_SECVIO_ENABLE; + hdr->size = 1; + + return imx_scu_call_rpc(ipc, &msg, true); +} +EXPORT_SYMBOL(imx_sc_seco_secvio_enable); + +struct imx_sc_msg_req_seco_config { + struct imx_sc_rpc_msg hdr; + u32 data0; + u32 data1; + u32 data2; + u32 data3; + u32 data4; + u8 id; + u8 access; + u8 size; +} __packed __aligned(4); + +struct imx_sc_msg_resp_seco_config { + struct imx_sc_rpc_msg hdr; + u32 data0; + u32 data1; + u32 data2; + u32 data3; + u32 data4; +} __packed __aligned(4); + +int imx_sc_seco_secvio_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data0, u32 *data1, u32 *data2, u32 *data3, + u32 *data4, u8 size) +{ + struct imx_sc_msg_req_seco_config msg; + struct imx_sc_msg_resp_seco_config *resp; + struct imx_sc_rpc_msg *hdr = &msg.hdr; + int ret; + + hdr->ver = IMX_SC_RPC_VERSION; + hdr->svc = IMX_SC_RPC_SVC_SECO; + hdr->func = IMX_SC_SECO_FUNC_SECVIO_CONFIG; + hdr->size = 7; + + /* Check the pointers on data are valid and set it if doing a write */ + switch (size) { + case 5: + if (data4) { + if (access) + msg.data4 = *data4; + } else { + return -EINVAL; + } + fallthrough; + case 4: + if (data3) { + if (access) + msg.data3 = *data3; + } else { + return -EINVAL; + } + fallthrough; + case 3: + if (data2) { + if (access) + msg.data2 = *data2; + } else { + return -EINVAL; + } + fallthrough; + case 2: + if (data1) { + if (access) + msg.data1 = *data1; + } else { + return -EINVAL; + } + fallthrough; + case 1: + if (data0) { + if (access) + msg.data0 = *data0; + } else { + return -EINVAL; + } + break; + default: + return -EINVAL; + } + + msg.id = id; + msg.access = access; + msg.size = size; + + ret = imx_scu_call_rpc(ipc, &msg, true); + if (ret) + return ret; + + resp = (struct imx_sc_msg_resp_seco_config *)&msg; + + /* Pointers already checked so we just copy the data if reading */ + if (!access) + switch (size) { + case 5: + *data4 = resp->data4; + fallthrough; + case 4: + *data3 = resp->data3; + fallthrough; + case 3: + *data2 = resp->data2; + fallthrough; + case 2: + *data1 = resp->data1; + fallthrough; + case 1: + *data0 = resp->data0; + } + + return 0; +} +EXPORT_SYMBOL(imx_sc_seco_secvio_config); + +struct imx_sc_msg_req_seco_dgo_config { + struct imx_sc_rpc_msg hdr; + u32 data; + u8 id; + u8 access; +} __packed __aligned(4); + +struct imx_sc_msg_resp_seco_dgo_config { + struct imx_sc_rpc_msg hdr; + u32 data; +} __packed __aligned(4); + +int imx_sc_seco_secvio_dgo_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data) +{ + struct imx_sc_msg_req_seco_dgo_config msg; + struct imx_sc_msg_resp_seco_dgo_config *resp; + struct imx_sc_rpc_msg *hdr = &msg.hdr; + int ret; + + hdr->ver = IMX_SC_RPC_VERSION; + hdr->svc = IMX_SC_RPC_SVC_SECO; + hdr->func = IMX_SC_SECO_FUNC_SECVIO_DGO_CONFIG; + hdr->size = 3; + + if (access) { + if (data) + msg.data = *data; + else + return -EINVAL; + } + + msg.access = access; + msg.id = id; + + ret = imx_scu_call_rpc(ipc, &msg, true); + if (ret) + return ret; + + resp = (struct imx_sc_msg_resp_seco_dgo_config *)&msg; + + if (!access && data) + *data = resp->data; + + return 0; +} +EXPORT_SYMBOL(imx_sc_seco_secvio_dgo_config); diff --git a/include/linux/firmware/imx/ipc.h b/include/linux/firmware/imx/ipc.h index 0b4643571625..df38ab8e7e2e 100644 --- a/include/linux/firmware/imx/ipc.h +++ b/include/linux/firmware/imx/ipc.h @@ -25,6 +25,7 @@ enum imx_sc_rpc_svc { IMX_SC_RPC_SVC_PAD = 6, IMX_SC_RPC_SVC_MISC = 7, IMX_SC_RPC_SVC_IRQ = 8, + IMX_SC_RPC_SVC_SECO = 9, }; struct imx_sc_rpc_msg { diff --git a/include/linux/firmware/imx/sci.h b/include/linux/firmware/imx/sci.h index df17196df5ff..947e49d8bebc 100644 --- a/include/linux/firmware/imx/sci.h +++ b/include/linux/firmware/imx/sci.h @@ -15,6 +15,10 @@ #include #include #include +#include + +#define IMX_SC_IRQ_SECVIO BIT(6) /* Security violation */ +#define IMX_SC_IRQ_GROUP_WAKE 3 /* Wakeup interrupts */ #if IS_ENABLED(CONFIG_IMX_SCU) int imx_scu_enable_general_irq_channel(struct device *dev); diff --git a/include/linux/firmware/imx/svc/seco.h b/include/linux/firmware/imx/svc/seco.h new file mode 100644 index 000000000000..508444c02d39 --- /dev/null +++ b/include/linux/firmware/imx/svc/seco.h @@ -0,0 +1,69 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2020, 2024 NXP + * + * Header file containing the public API for the System Controller (SC) + * Security Controller (SECO) function. + * + * SECO_SVC (SVC) Security Controller Service + * + * Module for the Security Controller (SECO) service. + */ + +#ifndef _SC_SECO_API_H +#define _SC_SECO_API_H + +#include +#include + +/* + * This type is used to indicate RPCs/RM/SECO function calls. + */ +enum imx_sc_seco_func { + IMX_SC_SECO_FUNC_UNKNOWN = 0, + IMX_SC_SECO_FUNC_BUILD_INFO = 16, + IMX_SC_SECO_FUNC_SECVIO_ENABLE = 25, + IMX_SC_SECO_FUNC_SECVIO_CONFIG = 26, + IMX_SC_SECO_FUNC_SECVIO_DGO_CONFIG = 27, +}; + +#if IS_ENABLED(CONFIG_IMX_SCU) +int imx_sc_seco_build_info(struct imx_sc_ipc *ipc, uint32_t *version, + uint32_t *commit); +int imx_sc_seco_secvio_enable(struct imx_sc_ipc *ipc); +int imx_sc_seco_secvio_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data0, u32 *data1, u32 *data2, u32 *data3, + u32 *data4, u8 size); +int imx_sc_seco_secvio_dgo_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data); +#else /* IS_ENABLED(CONFIG_IMX_SCU) */ +static inline +int imx_sc_seco_build_info(struct imx_sc_ipc *ipc, uint32_t *version, + uint32_t *commit) +{ + return -EOPNOTSUPP; +} + +static inline +int imx_sc_seco_secvio_enable(struct imx_sc_ipc *ipc) +{ + return -EOPNOTSUPP; +} + +static inline +int imx_sc_seco_secvio_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data0, u32 *data1, u32 *data2, u32 *data3, + u32 *data4, u8 size) +{ + return -EOPNOTSUPP; +} + +static inline +int imx_sc_seco_secvio_dgo_config(struct imx_sc_ipc *ipc, u8 id, u8 access, + u32 *data) +{ + return -EOPNOTSUPP; +} +#endif /* IS_ENABLED(CONFIG_IMX_SCU) */ + +#endif /* _SC_SECO_API_H */ From patchwork Thu May 9 00:45:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vabhav Sharma X-Patchwork-Id: 13659302 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2069.outbound.protection.outlook.com [40.107.21.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6A7A405EC for ; Thu, 9 May 2024 00:45:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.21.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215554; cv=fail; b=QEaMExkjH+LwzfUC8Xx1oBwNgAZitOe3xR4EVscZn32znRbBb1QTRcAXbi4ke9Gsix2/5EVEx53KPMb/RPiWkdOB3NOQW/0BSHBcMsOPewqZRMjrhxfjjLfhJ2M3+qJN0o1Iw1yWpAcClMCbHQmSIgYUAwn4C0O/8alFISLa2Qs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215554; c=relaxed/simple; bh=9zvnpB2bk2tGbmlKkEt54oxdz7pJh24wBJ8LY9xQsGg=; h=From:Date:Subject:Content-Type:Message-Id:References:In-Reply-To: To:Cc:MIME-Version; b=Q4p9bq88lIxh/clsRD70qUqWGZdkIzvpt3neXkSZEXOOf1qYLVBQOmzjcUWTQXOMZWYWn9W9/Na+sKnMvxKWmAmkdMjwMlV+ecAr43eoq3gvJGIC1e1+GUDKZ37qppJHqVmzxko5EjbAUeZzg8Ci672MgB7QEHAIYKIO2JQM1MU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=NaMOW6S6; arc=fail smtp.client-ip=40.107.21.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="NaMOW6S6" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ndhM6BI/ccGc+RV6i/2ra6KUk8FJuyboPmGR/BmY9MwtH/ebgmQKooTrb6rW5QjD2gNJPc/zLa7Ag+jZf0RiNgQwkeOJffHmN1ttYtRKC8Vli4Q6ifhfK3NrfmUmbz6uS3FwQKtzFAwhfvIg39/9zLOciqGQrFzk9ngiJaM8oNgQHQqdf9e6FIw5J7Vn1wOWVQ13I04eNJDRWoWSk4ugto+9XkNFbuxCcMyVbJgo9nje5oMjA0qUxv0dnvQbT3b1FNV2taSYtK1qKoV4Z4IyKE43+cgvahU18IzkO9jwr9iC7iuw8UmsYzuprknGN/BgTYoEabEDMNb0TohUYCyHbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Vy27gOVkDJ8PqhuqMBgVtfrF1vHhszeCToXAyuZLAa8=; b=FBbSbPSFGp4U5/DnloBvSB4e35EVggXbUDtHSHOIj8/8OXKiAW6UoZGExco8BgUDUtxNMZ1n690xtFMI+1AJXbo4DSbsgg1YFdqAhS09cE2Hrfs+kDedlMDulMxA9nzmbYRgZfmoNpF3J7Xh+N8zC2VAR0ccDkqNS/wgbFIXEkslLDdMNEl64w66tmHEttR02kaIpeBanE/XlFAbYuaPADHLf2EfvT4Od+0Tr6V7bE9NLD3QEJ4WGKVFliUoBfjuoxcSrxTGXATDxov7Mztx9KCyAfd/Cke5bO7mJm8emQ+lEUEg+TF/hN79yCw/nJlf75fvwIB7cZ906F8h0oWK4Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Vy27gOVkDJ8PqhuqMBgVtfrF1vHhszeCToXAyuZLAa8=; b=NaMOW6S6aq6JxLPukdkahWjBQAKCybMlQ4IQHsmECgcEORBWhR4wdkgRzxgeUShgXftfwtBBiO8ZEm/pxJD2mAznQhcoUyUFHWjE+18yon3bDRr9LAw5ntii3Zv021H43Uw+zvaWYYzB51YNn57HWvl15kBaav9n+1ogHryLhMk= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) by AM9PR04MB8273.eurprd04.prod.outlook.com (2603:10a6:20b:3e5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.42; Thu, 9 May 2024 00:45:40 +0000 Received: from AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84]) by AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 00:45:39 +0000 From: Vabhav Sharma Date: Thu, 09 May 2024 02:45:34 +0200 Subject: [PATCH 3/4] soc: imx: secvio: Add support for SNVS secvio and tamper via SCFW Message-Id: <20240509-secvio-v1-3-90fbe2baeda2@nxp.com> References: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> In-Reply-To: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Franck LENORMAND , Dong Aisheng , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Peng Fan Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Varun Sethi , Silvano Di Ninno , Pankaj Gupta , frank.li@nxp.com, daniel.baluta@nxp.com, Vabhav Sharma X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P190CA0006.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5de::9) To AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS1PR04MB9358:EE_|AM9PR04MB8273:EE_ X-MS-Office365-Filtering-Correlation-Id: f3afea78-4981-459a-6939-08dc6fc1594e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|1800799015|7416005|52116005|376005|366007|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?WRPm6F2V1uvGm7cmiEMcdE4hYLFArnF?= =?utf-8?q?zNHJfk7ESc1cnTpFy1mpjOx76dhufROVOzcaIcPj0Khlpj4l8zJLPa34/95hUq3QZ?= =?utf-8?q?eg2lcdOoYQ2Bs1dyvMUTN/zZLIQaLgoiaPaBD3KThP04zhVDclPFcQH20ttvnPd+h?= =?utf-8?q?qIrerVyrdYlHxqbj/ZMDO+4tz/sfrpP4PHZvRgWc5UBippSsDVUoSu9nb2xXHaoZi?= =?utf-8?q?8uvKzJWxlr7wn+0x7lTCiil/qa9E5e1HetZ9MHDPbyH3UOcsrTKlxtUHatp18jOWp?= =?utf-8?q?EMF3Ro3MwVsCMjNADaI9Sc60SUrtJ3bL0ZcYFJ4pUAWtMQl6zsNbCU/SXti7tlTlw?= =?utf-8?q?3lY3ee5tuS7iTKRcbmvS+6b2OeVTmfxKUPkcMirlxP3DHb3+Gye1sMYctd8QZqu8z?= =?utf-8?q?Ho5AjWzDNNFQN6H31JisKRnwQYXlUK2+Ho4rhRCiQK3KmfcYIZT+UXJhe1y1Zggvq?= =?utf-8?q?bYEV++WUbopaBmFijHvIFj6AMpnjew0Ih6DvbOzDIX+xfRc156NrpM54uOdTo7dxt?= =?utf-8?q?sV4ybDEpXOMvTmGr7Nwit0KBl1pvkTSey3+OYMo7lKmTHZIudMCPZSs0gVpEFZ8gr?= =?utf-8?q?pIExS9gkrgOVtZz/UfUSUCq+N+T7xn3e1AAVDlU4oLAXogb5FfNmIDOKmZ5Jx2rXQ?= =?utf-8?q?8BrC1YDd6HcAH+DE3wYEiQ4LroRPC0a1MJZ5FiV6F6g7HvBrWtN+1lW9soOXkd+hu?= =?utf-8?q?9wqZho1FUdo4ccSKo6KAojNeEjY5vo8NkwxoHej8OJqPSajlOLbKuDqGVJJ8I4pdu?= =?utf-8?q?7PwLVKbDY6hT1djreH5wKCKIDXzBuFuasmluUJmB80cbllZU6rFT1dYHt5pONKh1Z?= =?utf-8?q?MkFVNSoW++sjIq5N7TYMENltPZAhgCiFN5uWPVO1HkoIWtxRu/iQxu39BBcKylvLP?= =?utf-8?q?GQJ1pAkjd1wLENv9kAJyRlycCTezlyI/d96/B0eB4lSC0JJ7MzAsxQZ9yJASdhBr4?= =?utf-8?q?LmcOaVExUbJ4IBFRMwxUS3McDNo79RCQcR0ZvYF8cbK5zTjvyImzFIyJstr0AlbAC?= =?utf-8?q?jrAgok4aclgoeu4Eff5bJXmh5B+QiAiP0Q211b655OO/tTY7zQFhL3vs7ITk8xL8k?= =?utf-8?q?QTSuPktfLAxm67/w8y8PWMNGLmokStYXg12N2WyX2zemNlN4tEl0vl3U6GmzbQvBb?= =?utf-8?q?8csnWvQRjgiXDrzbmMyqEcbz6maAeuA/R5uTZDpbOqhWixKqbFFFK0jr8aD1a/hEG?= =?utf-8?q?WZnYBCtADVi+MxF8Sgz4drd4E0N0hgjMhyvmtK0IariWe94eNHxJF/nNOk3Up22fm?= =?utf-8?q?XWuORU2eZGRMXtQNIQqwjKLj8OsxO3Om7uX9QZIYrqRBEEsv/JrjFr00=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR04MB9358.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(52116005)(376005)(366007)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?zLoV35xORPMt/q5A4ftpOkbCJHPa?= =?utf-8?q?dj9HRmA/i3eP9k8ZyTErKkhjlCkA2sATYNf8BN73cTshMX6JOjRem57xVz8BC2+Wk?= =?utf-8?q?BM7acJ4qDoDDLWaw8vd+OqSE8AKOQoOS7vJbJrL1QPbaGIm7orxSNWbnsbMRaDKxr?= =?utf-8?q?N0YFdqK5FJdws+A32I38O/gbeLlULgD2eqcLcJGXdmMLQsbUIPT1nMJFSc6qC7VYG?= =?utf-8?q?848WwxVa/1ZfmgBJEYoZRprvOr8HYn5vbiUhLs4dkl4eKUjzMvjntQOxVtaoCt2E2?= =?utf-8?q?iwX2r8q5LKxAVmovM1hTWAkHS4XXAIkbRwzzjL1GYZMATa+NYiw3wVEKtxqoVjoIg?= =?utf-8?q?ae8hpEnqb6zYDGNoFSpBQMjZCa8HfOJFVFVjxHg1oQWQlW6FgX1imeY9ywuEAAG9B?= =?utf-8?q?v06J8C7+eguau6aYIf6B9VHQeGNqm1wzqq94+uGwuggfAVGCqykesu2aMpv3JMoHY?= =?utf-8?q?8L4vCNcLAdYN8L17rISdVbeVh9f+IkOVPZMbe7jD7+r+kSkvDGrbjl/XQK0V4kePe?= =?utf-8?q?2T/PXh2e3sld2cf+rhnSAUYzC9sn21byF+dpwzclVpczPso3GQ3tAE5DuUqZ5sbX2?= =?utf-8?q?4vIvMA45oTM82o0jYp2R0Ll+6x3OpvYv1VO5aO4u8EPuo9mFtVxEVDzBVYywQFJut?= =?utf-8?q?etYNP1+F534nbLJXvdpK9DrJdEqdGNNq6ZQ25ZdZLiOlf140LwVHBDZCQpr2OXjDa?= =?utf-8?q?LhkHtnlWMrz/rNCRsjwIgmIeDC78d4CiTGa0jIgeDjSZOtVAiwvEIfdigWJ47kmk0?= =?utf-8?q?L9XvMAsaVA7SVtAoe204dCa+EYQROv01ymTl/trQ+fZGwL27AksulM+rdHqlEuShh?= =?utf-8?q?d0zwf2FQgKWDRF7YNkT+uZBP3E1GMvFXXek491K+e/BEHTUwaiUZ9tCMCqKWyENKQ?= =?utf-8?q?UlKFTH3STRRcGIdKV7Y38pBjymyvxquunS1CyG5aUB+kAgZU7TquJZT/MbvOsv7xv?= =?utf-8?q?LyBuOY6H1ehIKbgkE/gAMDcqYwX46VRqmWU3ErP7DypHuYAysSfgn62rBJEEd332K?= =?utf-8?q?Nmzy4gq6D+gJvDcHmkHikQRxJsiC7SZLOqcC65DWEoXp0LUL1ORTDD7WVf2DZc0NH?= =?utf-8?q?WMwg0aE2meR2WevBwv7jGGxqEOox9baTw0D7WUyGjhXSTcmCH9wA81w1MMhS54NIO?= =?utf-8?q?OiyI3JK7psihFP22r5ECG7+C0agy+AYhQ4dRjHMbKewUEWzPlHjI1iBxfqhCNSnD1?= =?utf-8?q?KJbx/5lZQ8NtZ97EX9G1F+ub69BPsl7GY0bvxKJZW75hrNjtD8oo4QZ0RezFvzyws?= =?utf-8?q?cwlwdUhSM6ikX0ZkCCQAS/ogzYg4oSvzr2OJbinkBLfQH2kRLkUROWUK8L3t/CE7R?= =?utf-8?q?bEphc0B5JE0u2MtdR5fueDvacAfO28M9OeEg2PeMcFouhoefcNXX+DjE2tfDhda8t?= =?utf-8?q?i7vCINqVNQct7S4qDQrikg+vx0UHYUPViHWorXHTi4KG1ZNupZiZXcOHTui0MODKV?= =?utf-8?q?OFQi+0hEiFrViadC6cYYLu07aLUhfkhL8wBjygSirrgJZ2nMUWfo+QN53nbEKYVk5?= =?utf-8?q?VLdIDaXSz3BW?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: f3afea78-4981-459a-6939-08dc6fc1594e X-MS-Exchange-CrossTenant-AuthSource: AS1PR04MB9358.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2024 00:45:39.8869 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oLhTKqCPq2Yws3xAva8qM2tmJWlTKBWwLvCgJBz+Fx4BjNHxXL3wJs4+kuPGZXPRfa3Cx/78pwxuPH08ARmDOg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8273 The i.MX8QXP SoC contains the Secure Non-Volatile Storage (SNVS) block. This block can detect specific hardware attacks.This block can only be accessible using the SCFW API. This module interact with the SCU which relay request to/from the SNVS block to detect if security violation occurred. The driver register an IRQ handle to SCU for security violation interrupt. When an interruption is fired, the driver inform the user. Signed-off-by: Franck LENORMAND Signed-off-by: Vabhav Sharma --- drivers/soc/imx/Kconfig | 11 + drivers/soc/imx/Makefile | 1 + drivers/soc/imx/secvio/Makefile | 2 + drivers/soc/imx/secvio/imx-secvio-debugfs.c | 274 +++++++++++++ drivers/soc/imx/secvio/imx-secvio-sc.c | 595 ++++++++++++++++++++++++++++ include/soc/imx/imx-secvio-sc.h | 216 ++++++++++ 6 files changed, 1099 insertions(+) diff --git a/drivers/soc/imx/Kconfig b/drivers/soc/imx/Kconfig index 2a90ddd20104..3d2715a8b798 100644 --- a/drivers/soc/imx/Kconfig +++ b/drivers/soc/imx/Kconfig @@ -20,4 +20,15 @@ config SOC_IMX9 help If you say yes here, you get support for the NXP i.MX9 family +config SECVIO_SC + tristate "NXP SC secvio support" + depends on IMX_SCU + default y + help + If you say yes here you get support for the NXP SNVS security + violation module. It includes the possibility to read information + related to security violations and tampers. It also gives the + possibility to register user callbacks when a security violation + occurs. + endmenu diff --git a/drivers/soc/imx/Makefile b/drivers/soc/imx/Makefile index 3ad321ca608a..bda0259077be 100644 --- a/drivers/soc/imx/Makefile +++ b/drivers/soc/imx/Makefile @@ -4,3 +4,4 @@ obj-$(CONFIG_ARCH_MXC) += soc-imx.o endif obj-$(CONFIG_SOC_IMX8M) += soc-imx8m.o obj-$(CONFIG_SOC_IMX9) += imx93-src.o +obj-${CONFIG_SECVIO_SC} += secvio/ diff --git a/drivers/soc/imx/secvio/Makefile b/drivers/soc/imx/secvio/Makefile new file mode 100644 index 000000000000..55ef1c044009 --- /dev/null +++ b/drivers/soc/imx/secvio/Makefile @@ -0,0 +1,2 @@ +obj-y += imx-secvio-sc.o +obj-$(CONFIG_DEBUG_FS) += imx-secvio-debugfs.o diff --git a/drivers/soc/imx/secvio/imx-secvio-debugfs.c b/drivers/soc/imx/secvio/imx-secvio-debugfs.c new file mode 100644 index 000000000000..8dd0cd4361b9 --- /dev/null +++ b/drivers/soc/imx/secvio/imx-secvio-debugfs.c @@ -0,0 +1,274 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright 2019, 2024 NXP + */ + +/* + * The module exposes below files in debugfs: + * - secvio/info: + * * Read: It returns the value of the fuses and SNVS registers which are + * readable and related to secvio and tampers. + */ + +#include +#include +#include +#include +#include + +#include +#include + +#include + +static int fuse_reader(struct device *dev, u32 id, u32 *value, u8 mul) +{ + struct imx_secvio_sc_data *data = dev_get_drvdata(dev); + u32 size_to_read = mul * sizeof(u32); + int ret; + + ret = nvmem_device_read(data->nvmem, id, size_to_read, value); + if (ret < 0) { + dev_err(data->dev, "Failed to read fuse %d: %d\n", id, ret); + return ret; + } + + if (ret != size_to_read) { + dev_err(data->dev, "Read only %d instead of %d\n", ret, + size_to_read); + return -ENOMEM; + } + + return 0; +} + +static int snvs_reader(struct device *dev, u32 id, u32 *value, u8 mul) +{ + int ret; + u32 *v1, *v2, *v3, *v4, *v5; + struct imx_secvio_sc_data *data; + + data = dev_get_drvdata(dev); + v1 = NULL; + v2 = NULL; + v3 = NULL; + v4 = NULL; + v5 = NULL; + + switch (mul) { + case 5: + v5 = &value[4]; + fallthrough; + case 4: + v4 = &value[3]; + fallthrough; + case 3: + v3 = &value[2]; + fallthrough; + case 2: + v2 = &value[1]; + fallthrough; + case 1: + v1 = &value[0]; + break; + default: + return -EINVAL; + } + + ret = imx_sc_seco_secvio_config(data->ipc_handle, id, SECVIO_CONFIG_READ, + v1, v2, v3, v4, v5, mul); + if (ret < 0) + dev_err(dev, "Failed to read snvs reg %d: %d\n", id, ret); + + return ret; +} + +static int snvs_dgo_reader(struct device *dev, u32 id, u32 *value, u8 mul) +{ + struct imx_secvio_sc_data *data = dev_get_drvdata(dev); + int ret; + + if (mul != 1) + return -EINVAL; + + ret = imx_sc_seco_secvio_dgo_config(data->ipc_handle, id, + SECVIO_CONFIG_READ, value); + if (ret) + dev_err(dev, "Failed to read snvs dgo reg %d: %d\n", id, ret); + + return ret; +} + +static const struct imx_secvio_info_entry { + int (*reader)(struct device *dev, u32 id, u32 *value, u8 mul); + const char *type; + const char *name; + u32 id; + u8 mul; +} gs_imx_secvio_info_list[] = { + {fuse_reader, "fuse", "trim", 30, 1}, + {fuse_reader, "fuse", "trim2", 31, 1}, + {fuse_reader, "fuse", "ctrim1", 260, 1}, + {fuse_reader, "fuse", "ctrim2", 261, 1}, + {fuse_reader, "fuse", "ctrim3", 262, 1}, + {fuse_reader, "fuse", "ctrim4", 263, 1}, + {fuse_reader, "fuse", "OSC_CAP", 768, 1}, + + {snvs_reader, "snvs", "HPLR", 0x0, 1}, + {snvs_reader, "snvs", "LPLR", 0x34, 1}, + {snvs_reader, "snvs", "HPSICR", 0xc, 1}, + {snvs_reader, "snvs", "HPSVCR", 0x10, 1}, + {snvs_reader, "snvs", "HPSVS", 0x18, 1}, + {snvs_reader, "snvs", "LPSVC", 0x40, 1}, + {snvs_reader, "snvs", "LPTDC", 0x48, 2}, + {snvs_reader, "snvs", "LPSR", 0x4c, 1}, + {snvs_reader, "snvs", "LPTDS", 0xa4, 1}, + {snvs_reader, "snvs", "LPTGFC", 0x44, 3}, + {snvs_reader, "snvs", "LPATCTL", 0xe0, 1}, + {snvs_reader, "snvs", "LPATCLK", 0xe4, 1}, + {snvs_reader, "snvs", "LPATRC1", 0xe8, 2}, + {snvs_reader, "snvs", "LPMKC", 0x3c, 1}, + {snvs_reader, "snvs", "LPSMC", 0x5c, 2}, + {snvs_reader, "snvs", "LPPGD", 0x64, 1}, + {snvs_reader, "snvs", "HPVID", 0xf8, 2}, + + {snvs_dgo_reader, "dgo", "Offset", 0x0, 1}, + {snvs_dgo_reader, "dgo", "PUP/PD", 0x10, 1}, + {snvs_dgo_reader, "dgo", "Anatest", 0x20, 1}, + {snvs_dgo_reader, "dgo", "T trim", 0x30, 1}, + {snvs_dgo_reader, "dgo", "Misc", 0x40, 1}, + {snvs_dgo_reader, "dgo", "Vmon", 0x50, 1}, +}; + +struct imx_secvio_sc_info_seq_data { + struct device *dev; + const struct imx_secvio_info_entry *list; + int size; +}; + +static void *imx_secvio_sc_info_seq_start(struct seq_file *m, loff_t *pos) +{ + struct imx_secvio_sc_info_seq_data *data = m->private; + + /* Check we are not out of bound */ + if (*pos >= data->size) + return NULL; + + return (void *)pos; +} + +static void *imx_secvio_sc_info_seq_next(struct seq_file *m, void *v, loff_t *pos) +{ + /* Increment the counter */ + ++*pos; + + /* call the start function which will check the index */ + return imx_secvio_sc_info_seq_start(m, pos); +} + +static void imx_secvio_sc_info_seq_stop(struct seq_file *m, void *v) +{ +} + +static int imx_secvio_sc_info_seq_show(struct seq_file *m, void *v) +{ + struct imx_secvio_sc_info_seq_data *data = m->private; + const struct imx_secvio_info_entry *e; + int ret; + u32 vals[5]; + int idx; + + idx = *(loff_t *)v; + e = &data->list[idx]; + + /* Read the values */ + ret = e->reader(data->dev, e->id, (u32 *)&vals, e->mul); + if (ret) { + dev_err(data->dev, "Fail to read %s %s (idx %d)\n", e->type, + e->name, e->id); + return 0; + } + + seq_printf(m, "%5s/%-10s(%.3d):", e->type, e->name, e->id); + + /* Loop over the values */ + for (idx = 0; idx < e->mul; idx++) + seq_printf(m, " %.8x", vals[idx]); + + seq_puts(m, "\n"); + + return 0; +} + +static const struct seq_operations imx_secvio_sc_info_seq_ops = { + .start = imx_secvio_sc_info_seq_start, + .next = imx_secvio_sc_info_seq_next, + .stop = imx_secvio_sc_info_seq_stop, + .show = imx_secvio_sc_info_seq_show, +}; + +static int imx_secvio_sc_info_open(struct inode *inode, struct file *file) +{ + struct imx_secvio_sc_info_seq_data *data; + + data = __seq_open_private(file, &imx_secvio_sc_info_seq_ops, sizeof(*data)); + if (!data) + return -ENOMEM; + + data->dev = inode->i_private; + data->list = gs_imx_secvio_info_list; + data->size = ARRAY_SIZE(gs_imx_secvio_info_list); + + return 0; +} + +static const struct file_operations imx_secvio_sc_info_ops = { + .owner = THIS_MODULE, + .open = imx_secvio_sc_info_open, + .read = seq_read, + .llseek = seq_lseek, + .release = seq_release_private, +}; + +static void if_debugfs_remove_recursive(void *dentry) +{ + debugfs_remove_recursive(dentry); +} + +int imx_secvio_sc_debugfs(struct device *dev) +{ + struct imx_secvio_sc_data *data = dev_get_drvdata(dev); + struct dentry *dir; + int ret = 0; + + /* Create a folder */ + dir = debugfs_create_dir(dev_name(dev), NULL); + if (IS_ERR(dir)) { + dev_err(dev, "Failed to create dfs dir\n"); + ret = PTR_ERR(dir); + goto exit; + } + data->dfs = dir; + + ret = devm_add_action(dev, if_debugfs_remove_recursive, data->dfs); + if (ret) { + dev_err(dev, "Failed to add managed action to disable IRQ\n"); + goto remove_fs; + } + + /* Create the file to read info and write to reg */ + dir = debugfs_create_file("info", 0x666, data->dfs, dev, + &imx_secvio_sc_info_ops); + if (IS_ERR(dir)) { + dev_err(dev, "Failed to add info to debugfs\n"); + ret = PTR_ERR(dir); + goto exit; + } + +exit: + return ret; + +remove_fs: + debugfs_remove_recursive(data->dfs); + goto exit; +} diff --git a/drivers/soc/imx/secvio/imx-secvio-sc.c b/drivers/soc/imx/secvio/imx-secvio-sc.c new file mode 100644 index 000000000000..a4e96c730a23 --- /dev/null +++ b/drivers/soc/imx/secvio/imx-secvio-sc.c @@ -0,0 +1,595 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright 2019, 2024 NXP + * + */ + +/* + * The i.MX8QXP SoC contains the Secure Non-Volatile Storage (SNVS) block. This + * block can detect specific hardware attacks.This block can only be accessible + * using the SCFW API. + * + * This module interact with the SCU which relay request to/from the SNVS block + * to detect if security violation occurred. + * + * The module exports an API to add processing when a SV is detected: + * - register_imx_secvio_sc_notifier + * - unregister_imx_secvio_sc_notifier + * - imx_secvio_sc_check_state + * - imx_secvio_sc_clear_state + * - imx_secvio_sc_enable_irq + * - imx_secvio_sc_disable_irq + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +/* Reference on the driver_device */ +static struct device *imx_secvio_sc_dev; + +/* Register IDs for sc_seco_secvio_config API */ +#define HPSVS_ID 0x18 +#define LPS_ID 0x4c +#define LPTDS_ID 0xa4 +#define HPVIDR_ID 0xf8 + +#define SECO_MINOR_VERSION_SUPPORT_SECVIO_TAMPER 0x53 +#define SECO_VERSION_MINOR_MASK GENMASK(15, 0) + +/* Notifier list for new CB */ +static BLOCKING_NOTIFIER_HEAD(imx_secvio_sc_notifier_chain); + +int register_imx_secvio_sc_notifier(struct notifier_block *nb) +{ + return blocking_notifier_chain_register(&imx_secvio_sc_notifier_chain, + nb); +} +EXPORT_SYMBOL(register_imx_secvio_sc_notifier); + +int unregister_imx_secvio_sc_notifier(struct notifier_block *nb) +{ + return blocking_notifier_chain_unregister(&imx_secvio_sc_notifier_chain, + nb); +} +EXPORT_SYMBOL(unregister_imx_secvio_sc_notifier); + +static void if_imx_scu_irq_register_notifier(void *nb) +{ + imx_scu_irq_register_notifier(nb); +} + +static void if_unregister_imx_secvio_sc_notifier(void *nb) +{ + unregister_imx_secvio_sc_notifier(nb); +} + +static +int imx_secvio_sc_notifier_call_chain(struct secvio_sc_notifier_info *info) +{ + return blocking_notifier_call_chain(&imx_secvio_sc_notifier_chain, 0, + (void *)info); +} + +int imx_secvio_sc_get_state(struct device *dev, + struct secvio_sc_notifier_info *info) +{ + int ret, err = 0; + struct imx_secvio_sc_data *data; + + dev = imx_secvio_sc_dev; + if (!dev) + return -EINVAL; + + data = dev_get_drvdata(dev); + + /* Read secvio status */ + ret = imx_sc_seco_secvio_config(data->ipc_handle, HPSVS_ID, SECVIO_CONFIG_READ, + &info->hpsvs, NULL, NULL, NULL, NULL, 1); + if (ret) { + err = ret; + dev_err(dev, "Fail read secvio config status %d\n", ret); + } + info->hpsvs &= HPSVS_ALL_SV_MASK; + + /* Read tampers status */ + ret = imx_sc_seco_secvio_config(data->ipc_handle, LPS_ID, SECVIO_CONFIG_READ, + &info->lps, NULL, NULL, NULL, NULL, 1); + if (ret) { + err = ret; + dev_err(dev, "Fail read tamper 1 status: %d\n", ret); + } + info->lps &= LPS_ALL_TP_MASK; + + ret = imx_sc_seco_secvio_config(data->ipc_handle, LPTDS_ID, SECVIO_CONFIG_READ, + &info->lptds, NULL, NULL, NULL, NULL, 1); + if (ret) { + err = ret; + dev_err(dev, "Fail read tamper 2 status: %d\n", ret); + } + info->lptds &= LPTDS_ALL_TP_MASK; + + dev_dbg(dev, "Status: %.8x, %.8x, %.8x\n", info->hpsvs, + info->lps, info->lptds); + + return err; +} +EXPORT_SYMBOL(imx_secvio_sc_get_state); + +int imx_secvio_sc_check_state(struct device *dev) +{ + struct secvio_sc_notifier_info info; + int ret; + + dev = imx_secvio_sc_dev; + + ret = imx_secvio_sc_get_state(dev, &info); + if (ret) { + dev_err(dev, "Failed to get secvio state\n"); + return ret; + } + + /* Call chain of CB registered to this module if status detected */ + if (info.hpsvs || info.lps || info.lptds) + if (imx_secvio_sc_notifier_call_chain(&info)) + dev_warn(dev, + "Issues when calling the notifier chain\n"); + + return ret; +} +EXPORT_SYMBOL(imx_secvio_sc_check_state); + +static int imx_secvio_sc_disable_irq(struct device *dev) +{ + int ret; + + if (!dev) + return -EINVAL; + + /* Disable the IRQ */ + ret = imx_scu_irq_group_enable(IMX_SC_IRQ_GROUP_WAKE, IMX_SC_IRQ_SECVIO, + false); + if (ret) { + dev_err(dev, "Cannot disable SCU IRQ: %d\n", ret); + return ret; + } + + return ret; +} + +static int imx_secvio_sc_enable_irq(struct device *dev) +{ + int ret = 0, err; + u32 irq_status; + struct imx_secvio_sc_data *data; + + if (!dev) + return -EINVAL; + + data = dev_get_drvdata(dev); + + /* Enable the IRQ */ + ret = imx_scu_irq_group_enable(IMX_SC_IRQ_GROUP_WAKE, IMX_SC_IRQ_SECVIO, + true); + if (ret) { + dev_err(dev, "Cannot enable SCU IRQ: %d\n", ret); + goto exit; + } + + /* Enable interrupt */ + ret = imx_sc_seco_secvio_enable(data->ipc_handle); + if (ret) { + dev_err(dev, "Cannot enable SNVS irq: %d\n", ret); + goto exit; + } + + /* Unmask interrupt */ + ret = imx_scu_irq_get_status(IMX_SC_IRQ_GROUP_WAKE, &irq_status); + if (ret) { + dev_err(dev, "Cannot unmask irq: %d\n", ret); + goto exit; + } + +exit: + if (ret) { + err = imx_secvio_sc_disable_irq(dev); + if (err) + dev_warn(dev, "Failed to disable the IRQ\n"); + } + + return ret; +} + +static int imx_secvio_sc_notify(struct notifier_block *nb, + unsigned long event, void *group) +{ + struct imx_secvio_sc_data *data = + container_of(nb, struct imx_secvio_sc_data, + irq_nb); + struct device *dev = data->dev; + int ret; + + /* Filter event for us */ + if (!((event & IMX_SC_IRQ_SECVIO) && + (*(u8 *)group == IMX_SC_IRQ_GROUP_WAKE))) + return 0; + + dev_warn(dev, "secvio security violation detected\n"); + + ret = imx_secvio_sc_check_state(dev); + + /* Re-enable interrupt */ + ret = imx_secvio_sc_enable_irq(dev); + if (ret) + dev_err(dev, "Failed to enable IRQ\n"); + + return ret; +} + +int imx_secvio_sc_clear_state(struct device *dev, u32 hpsvs, u32 lps, u32 lptds) +{ + int ret; + struct imx_secvio_sc_data *data; + + dev = imx_secvio_sc_dev; + if (!dev) + return -EINVAL; + + data = dev_get_drvdata(dev); + + ret = imx_sc_seco_secvio_config(data->ipc_handle, HPSVS_ID, SECVIO_CONFIG_WRITE, + &hpsvs, NULL, NULL, NULL, NULL, 1); + if (ret) { + dev_err(dev, "Fail to clear secvio status: %d\n", ret); + return ret; + } + + ret = imx_sc_seco_secvio_config(data->ipc_handle, LPS_ID, SECVIO_CONFIG_WRITE, + &lps, NULL, NULL, NULL, NULL, 1); + if (ret) { + dev_err(dev, "Fail to clear tamper 1 status: %d\n", ret); + return ret; + } + + ret = imx_sc_seco_secvio_config(data->ipc_handle, LPTDS_ID, SECVIO_CONFIG_WRITE, + &lptds, NULL, NULL, NULL, NULL, 1); + if (ret) { + dev_err(dev, "Fail to clear tamper 2 status: %d\n", ret); + return ret; + } + + return ret; +} +EXPORT_SYMBOL(imx_secvio_sc_clear_state); + +static int report_to_user_notify(struct notifier_block *nb, + unsigned long status, void *notif_info) +{ + struct secvio_sc_notifier_info *info = notif_info; + struct imx_secvio_sc_data *data = + container_of(nb, struct imx_secvio_sc_data, + report_nb); + struct device *dev = data->dev; + + /* Information about the security violation */ + if (info->hpsvs & HPSVS_LP_SEC_VIO_MASK) + dev_info(dev, "SNVS secvio: LPSV\n"); + if (info->hpsvs & HPSVS_SW_LPSV_MASK) + dev_info(dev, "SNVS secvio: SW LPSV\n"); + if (info->hpsvs & HPSVS_SW_FSV_MASK) + dev_info(dev, "SNVS secvio: SW FSV\n"); + if (info->hpsvs & HPSVS_SW_SV_MASK) + dev_info(dev, "SNVS secvio: SW SV\n"); + if (info->hpsvs & HPSVS_SV5_MASK) + dev_info(dev, "SNVS secvio: SV 5\n"); + if (info->hpsvs & HPSVS_SV4_MASK) + dev_info(dev, "SNVS secvio: SV 4\n"); + if (info->hpsvs & HPSVS_SV3_MASK) + dev_info(dev, "SNVS secvio: SV 3\n"); + if (info->hpsvs & HPSVS_SV2_MASK) + dev_info(dev, "SNVS secvio: SV 2\n"); + if (info->hpsvs & HPSVS_SV1_MASK) + dev_info(dev, "SNVS secvio: SV 1\n"); + if (info->hpsvs & HPSVS_SV0_MASK) + dev_info(dev, "SNVS secvio: SV 0\n"); + + /* Information about the tampers */ + if (info->lps & LPS_ESVD_MASK) + dev_info(dev, "SNVS tamper: External SV\n"); + if (info->lps & LPS_ET2D_MASK) + dev_info(dev, "SNVS tamper: Tamper 2\n"); + if (info->lps & LPS_ET1D_MASK) + dev_info(dev, "SNVS tamper: Tamper 1\n"); + if (info->lps & LPS_WMT2D_MASK) + dev_info(dev, "SNVS tamper: Wire Mesh 2\n"); + if (info->lps & LPS_WMT1D_MASK) + dev_info(dev, "SNVS tamper: Wire Mesh 1\n"); + if (info->lps & LPS_VTD_MASK) + dev_info(dev, "SNVS tamper: Voltage\n"); + if (info->lps & LPS_TTD_MASK) + dev_info(dev, "SNVS tamper: Temperature\n"); + if (info->lps & LPS_CTD_MASK) + dev_info(dev, "SNVS tamper: Clock\n"); + if (info->lps & LPS_PGD_MASK) + dev_info(dev, "SNVS tamper: Power Glitch\n"); + if (info->lps & LPS_MCR_MASK) + dev_info(dev, "SNVS tamper: Monotonic Counter rollover\n"); + if (info->lps & LPS_SRTCR_MASK) + dev_info(dev, "SNVS tamper: Secure RTC rollover\n"); + if (info->lps & LPS_LPTA_MASK) + dev_info(dev, "SNVS tamper: Time alarm\n"); + + if (info->lptds & LPTDS_ET10D_MASK) + dev_info(dev, "SNVS tamper: Tamper 10\n"); + if (info->lptds & LPTDS_ET9D_MASK) + dev_info(dev, "SNVS tamper: Tamper 9\n"); + if (info->lptds & LPTDS_ET8D_MASK) + dev_info(dev, "SNVS tamper: Tamper 8\n"); + if (info->lptds & LPTDS_ET7D_MASK) + dev_info(dev, "SNVS tamper: Tamper 7\n"); + if (info->lptds & LPTDS_ET6D_MASK) + dev_info(dev, "SNVS tamper: Tamper 6\n"); + if (info->lptds & LPTDS_ET5D_MASK) + dev_info(dev, "SNVS tamper: Tamper 5\n"); + if (info->lptds & LPTDS_ET4D_MASK) + dev_info(dev, "SNVS tamper: Tamper 4\n"); + if (info->lptds & LPTDS_ET3D_MASK) + dev_info(dev, "SNVS tamper: Tamper 3\n"); + + return 0; +} + +static void if_imx_secvio_sc_disable_irq(void *dev) +{ + imx_secvio_sc_disable_irq(dev); +} + +static int imx_secvio_sc_open(struct inode *node, struct file *filp) +{ + filp->private_data = node->i_private; + + return 0; +} + +static long imx_secvio_sc_ioctl(struct file *file, unsigned int cmd, unsigned long arg) +{ + struct device *dev = file->private_data; + struct secvio_sc_notifier_info info; + int ret; + + switch (cmd) { + case IMX_SECVIO_SC_GET_STATE: + ret = imx_secvio_sc_get_state(dev, &info); + if (ret) + return ret; + + ret = copy_to_user((void *)arg, &info, sizeof(info)); + if (ret) { + dev_err(dev, "Fail to copy info to user\n"); + return -EFAULT; + } + break; + case IMX_SECVIO_SC_CHECK_STATE: + ret = imx_secvio_sc_check_state(dev); + if (ret) + return ret; + break; + case IMX_SECVIO_SC_CLEAR_STATE: + ret = copy_from_user(&info, (void *)arg, sizeof(info)); + if (ret) { + dev_err(dev, "Fail to copy info from user\n"); + return -EFAULT; + } + + ret = imx_secvio_sc_clear_state(dev, info.hpsvs, info.lps, + info.lptds); + if (ret) + return ret; + break; + default: + ret = -ENOIOCTLCMD; + } + + return ret; +} + +static const struct file_operations imx_secvio_sc_fops = { + .owner = THIS_MODULE, + .open = imx_secvio_sc_open, + .unlocked_ioctl = imx_secvio_sc_ioctl, +}; + +static void if_misc_deregister(void *miscdevice) +{ + misc_deregister(miscdevice); +} + +static int imx_secvio_sc_probe(struct platform_device *pdev) +{ + struct device *dev = &pdev->dev; + struct imx_secvio_sc_data *data; + u32 seco_version = 0; + bool own_secvio; + u32 irq_status; + int ret; + + /* Allocate private data */ + data = devm_kzalloc(dev, sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + if (!devres_open_group(dev, NULL, GFP_KERNEL)) + return -ENOMEM; + + data->dev = dev; + + dev_set_drvdata(dev, data); + + data->nvmem = devm_nvmem_device_get(dev, NULL); + if (IS_ERR(data->nvmem)) { + ret = PTR_ERR(data->nvmem); + + if (ret != -EPROBE_DEFER) + dev_err_probe(dev, ret, "Failed to retrieve nvmem\n"); + + goto clean; + } + + /* Get a handle */ + ret = imx_scu_get_handle(&data->ipc_handle); + if (ret) { + dev_err(dev, "cannot get handle to scu: %d\n", ret); + goto clean; + } + + /* Check the version of the SECO */ + ret = imx_sc_seco_build_info(data->ipc_handle, &seco_version, NULL); + if (ret) { + dev_err(dev, "Failed to get seco version\n"); + goto clean; + } + + if ((seco_version & SECO_VERSION_MINOR_MASK) < + SECO_MINOR_VERSION_SUPPORT_SECVIO_TAMPER) { + dev_err(dev, "SECO version %.8x doesn't support all secvio\n", + seco_version); + ret = -EOPNOTSUPP; + goto clean; + } + + /* Init debug FS */ + ret = imx_secvio_sc_debugfs(dev); + if (ret) { + dev_err(dev, "Failed to set debugfs\n"); + goto clean; + } + + /* Check we own the SECVIO */ + ret = imx_sc_rm_is_resource_owned(data->ipc_handle, IMX_SC_R_SECVIO); + if (ret < 0) { + dev_err(dev, "Failed to retrieve secvio ownership\n"); + goto clean; + } + + own_secvio = ret > 0; + if (!own_secvio) { + dev_err(dev, "Secvio resource is not owned\n"); + ret = -EPERM; + goto clean; + } + + /* Check IRQ exists and enable it */ + ret = imx_scu_irq_get_status(IMX_SC_IRQ_GROUP_WAKE, &irq_status); + if (ret) { + dev_err(dev, "Cannot get IRQ state: %d\n", ret); + goto clean; + } + + ret = imx_secvio_sc_enable_irq(dev); + if (ret) { + dev_err(dev, "Failed to enable IRQ\n"); + goto clean; + } + + ret = devm_add_action_or_reset(dev, if_imx_secvio_sc_disable_irq, dev); + if (ret) { + dev_err(dev, "Failed to add managed action to disable IRQ\n"); + goto clean; + } + + /* Register the notifier for IRQ from SNVS */ + data->irq_nb.notifier_call = imx_secvio_sc_notify; + ret = imx_scu_irq_register_notifier(&data->irq_nb); + if (ret) { + dev_err(dev, "Failed to register IRQ notification handler\n"); + goto clean; + } + + ret = devm_add_action_or_reset(dev, if_imx_scu_irq_register_notifier, + &data->irq_nb); + if (ret) { + dev_err(dev, "Failed to add action to remove irq notif\n"); + goto clean; + } + + /* Register the notification for reporting to user */ + data->report_nb.notifier_call = report_to_user_notify; + ret = register_imx_secvio_sc_notifier(&data->report_nb); + if (ret) { + dev_err(dev, "Failed to register report notif handler\n"); + goto clean; + } + + ret = devm_add_action_or_reset(dev, if_unregister_imx_secvio_sc_notifier, + &data->report_nb); + if (ret) { + dev_err(dev, "Failed to add action to remove report notif\n"); + goto clean; + } + + /* Register misc device for IOCTL */ + data->miscdev.name = devm_kstrdup(dev, "secvio-sc", GFP_KERNEL); + data->miscdev.minor = MISC_DYNAMIC_MINOR; + data->miscdev.fops = &imx_secvio_sc_fops; + data->miscdev.parent = dev; + ret = misc_register(&data->miscdev); + if (ret) { + dev_err(dev, "failed to register misc device\n"); + return ret; + } + + ret = devm_add_action_or_reset(dev, if_misc_deregister, &data->miscdev); + if (ret) { + dev_err(dev, "Failed to add action to unregister miscdev\n"); + goto clean; + } + + imx_secvio_sc_dev = dev; + + /* Process current state of the secvio and tampers */ + imx_secvio_sc_check_state(dev); + + devres_remove_group(dev, NULL); + + return ret; + +clean: + devres_release_group(dev, NULL); + + return ret; +} + +static const struct of_device_id imx_secvio_sc_dt_ids[] = { + { .compatible = "fsl,imx-sc-secvio", }, + { /* sentinel */ } +}; +MODULE_DEVICE_TABLE(of, imx_secvio_sc_dt_ids); + +static struct platform_driver imx_secvio_sc_driver = { + .driver = { + .owner = THIS_MODULE, + .name = "imx-secvio-sc", + .of_match_table = imx_secvio_sc_dt_ids, + }, + .probe = imx_secvio_sc_probe, +}; +module_platform_driver(imx_secvio_sc_driver); + +MODULE_AUTHOR("Franck LENORMAND "); +MODULE_DESCRIPTION("NXP i.MX driver to handle SNVS secvio irq sent by SCFW"); +MODULE_LICENSE("GPL"); diff --git a/include/soc/imx/imx-secvio-sc.h b/include/soc/imx/imx-secvio-sc.h new file mode 100644 index 000000000000..d8c9208217fe --- /dev/null +++ b/include/soc/imx/imx-secvio-sc.h @@ -0,0 +1,216 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2019, 2024 NXP + */ + +#ifndef _MISC_IMX_SECVIO_SC_H_ +#define _MISC_IMX_SECVIO_SC_H_ + +#include +#include +#include + +/* Bitmask of the security violation status bit in the HPSVS register */ +#define HPSVS_LP_SEC_VIO_MASK BIT(31) +#define HPSVS_SW_LPSV_MASK BIT(15) +#define HPSVS_SW_FSV_MASK BIT(14) +#define HPSVS_SW_SV_MASK BIT(13) +#define HPSVS_SV5_MASK BIT(5) +#define HPSVS_SV4_MASK BIT(4) +#define HPSVS_SV3_MASK BIT(3) +#define HPSVS_SV2_MASK BIT(2) +#define HPSVS_SV1_MASK BIT(1) +#define HPSVS_SV0_MASK BIT(0) + +/* Bitmask of all security violation status bit in the HPSVS register */ +#define HPSVS_ALL_SV_MASK (HPSVS_LP_SEC_VIO_MASK | \ + HPSVS_SW_LPSV_MASK | \ + HPSVS_SW_FSV_MASK | \ + HPSVS_SW_SV_MASK | \ + HPSVS_SV5_MASK | \ + HPSVS_SV4_MASK | \ + HPSVS_SV3_MASK | \ + HPSVS_SV2_MASK | \ + HPSVS_SV1_MASK | \ + HPSVS_SV0_MASK) + +/* + * Bitmask of the security violation and tampers status bit in the LPS register + */ +#define LPS_ESVD_MASK BIT(16) +#define LPS_ET2D_MASK BIT(10) +#define LPS_ET1D_MASK BIT(9) +#define LPS_WMT2D_MASK BIT(8) +#define LPS_WMT1D_MASK BIT(7) +#define LPS_VTD_MASK BIT(6) +#define LPS_TTD_MASK BIT(5) +#define LPS_CTD_MASK BIT(4) +#define LPS_PGD_MASK BIT(3) +#define LPS_MCR_MASK BIT(2) +#define LPS_SRTCR_MASK BIT(1) +#define LPS_LPTA_MASK BIT(0) + +/* + * Bitmask of all security violation and tampers status bit in the LPS register + */ +#define LPS_ALL_TP_MASK (LPS_ESVD_MASK | \ + LPS_ET2D_MASK | \ + LPS_ET1D_MASK | \ + LPS_WMT2D_MASK | \ + LPS_WMT1D_MASK | \ + LPS_VTD_MASK | \ + LPS_TTD_MASK | \ + LPS_CTD_MASK | \ + LPS_PGD_MASK | \ + LPS_MCR_MASK | \ + LPS_SRTCR_MASK | \ + LPS_LPTA_MASK) + +/* + * Bitmask of the security violation and tampers status bit in the LPTDS + * register + */ +#define LPTDS_ET10D_MASK BIT(7) +#define LPTDS_ET9D_MASK BIT(6) +#define LPTDS_ET8D_MASK BIT(5) +#define LPTDS_ET7D_MASK BIT(4) +#define LPTDS_ET6D_MASK BIT(3) +#define LPTDS_ET5D_MASK BIT(2) +#define LPTDS_ET4D_MASK BIT(1) +#define LPTDS_ET3D_MASK BIT(0) + +/* + * Bitmask of all security violation and tampers status bit in the LPTDS + * register + */ +#define LPTDS_ALL_TP_MASK (LPTDS_ET10D_MASK | \ + LPTDS_ET9D_MASK | \ + LPTDS_ET8D_MASK | \ + LPTDS_ET7D_MASK | \ + LPTDS_ET6D_MASK | \ + LPTDS_ET5D_MASK | \ + LPTDS_ET4D_MASK | \ + LPTDS_ET3D_MASK) + +/* Access for sc_seco_secvio_config API */ +#define SECVIO_CONFIG_READ 0 +#define SECVIO_CONFIG_WRITE 1 + +/* Internal Structure */ +struct imx_secvio_sc_data { + struct device *dev; + + struct imx_sc_ipc *ipc_handle; + + struct notifier_block irq_nb; + struct notifier_block report_nb; + + struct nvmem_device *nvmem; + + struct miscdevice miscdev; + +#ifdef CONFIG_DEBUG_FS + struct dentry *dfs; +#endif + + u32 version; +}; + +/* Struct for notification */ +/** + * struct secvio_sc_notifier_info - Information about the status of the SNVS + * @hpsvs: status from register HPSVS + * @lps: status from register LPS + * @lptds: status from register LPTDS + */ +struct secvio_sc_notifier_info { + u32 hpsvs; + u32 lps; + u32 lptds; +}; + +/** + * register_imx_secvio_sc_notifier() - Register a notifier + * + * @nb: The notifier block structure + * + * Register a function to notify to the imx-secvio-sc module. The function + * will be notified when a check of the state of the SNVS happens: called by + * a user or triggered by an interruption form the SNVS. + * + * The struct secvio_sc_notifier_info is passed as data to the notifier. + * + * Return: 0 in case of success + */ +int register_imx_secvio_sc_notifier(struct notifier_block *nb); + +/** + * unregister_imx_secvio_sc_notifier() - Unregister a notifier + * + * @nb: The notifier block structure + * + * Return: 0 in case of success + */ +int unregister_imx_secvio_sc_notifier(struct notifier_block *nb); + +/** + * imx_secvio_sc_get_state() - Get the state of the SNVS + * + * @dev: Pointer to the struct device of secvio + * @info: The structure containing the state of the SNVS + * + * Return: 0 in case of success + */ +int imx_secvio_sc_get_state(struct device *dev, struct secvio_sc_notifier_info *info); + +/** + * imx_secvio_sc_check_state() - Check the state of the SNVS + * + * If a security violation or a tamper is detected, the list of notifier + * (registered using register_imx_secvio_sc_notifier() ) will be called + * + * @dev: Pointer to the struct device of secvio + * + * Return: 0 in case of success + */ +int imx_secvio_sc_check_state(struct device *dev); + +/** + * imx_secvio_sc_clear_state() - Clear the state of the SNVS + * + * @dev: Pointer to the struct device of secvio + * @hpsvs: Value to write to HPSVS register + * @lps: Value to write to LPS register + * @lptds: Value to write to LPTDSregister + * + * The function will write the value provided to the corresponding register + * which will clear the status of the bits set. + * + * Return: 0 in case of success + */ +int imx_secvio_sc_clear_state(struct device *dev, u32 hpsvs, u32 lps, u32 lptds); + +/* Commands of the ioctl interface */ +enum ioctl_cmd_t { + GET_STATE, + CHECK_STATE, + CLEAR_STATE, +}; + +/* Definition for the ioctl interface */ +#define IMX_SECVIO_SC_GET_STATE _IOR('S', GET_STATE, \ + struct secvio_sc_notifier_info) +#define IMX_SECVIO_SC_CHECK_STATE _IO('S', CHECK_STATE) +#define IMX_SECVIO_SC_CLEAR_STATE _IOW('S', CLEAR_STATE, \ + struct secvio_sc_notifier_info) + +#ifdef CONFIG_DEBUG_FS +int imx_secvio_sc_debugfs(struct device *dev); +#else +static inline +int imx_secvio_sc_debugfs(struct device *dev) +{ + return 0; +} +#endif /* CONFIG_DEBUG_FS */ +#endif /* _MISC_IMX_SECVIO_SC_H_ */ From patchwork Thu May 9 00:45:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vabhav Sharma X-Patchwork-Id: 13659301 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2069.outbound.protection.outlook.com [40.107.21.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A701D3F9FC for ; Thu, 9 May 2024 00:45:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.21.69 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215551; cv=fail; b=mHqHHSXNkywQzSTVuqljPd4r9Z1DIuFhlj04+62Ns7fBGGkpI2k2aon966jEbbwNOLzW/4p4YrsVsrlv9o6ib89iw1aAVDNDD3PG5PvK/Zl5Jf+CWezPhn7iTGetKzFD8xkG6pdQNKTWnCDt7pUbVrDbLN1fKDOKWT3iv9TXdwg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715215551; c=relaxed/simple; bh=TbAVnlhIacHNb+5te5cwwkee1XS7vLG8ShCdgPJW6LE=; h=From:Date:Subject:Content-Type:Message-Id:References:In-Reply-To: To:Cc:MIME-Version; b=nCKl1OLHRht29ZIpaxSKvfoasZMpxyb+ryMQsfdPq8I/b7JlBpNajKxmOJvFoaQs9aVbxWU2V2XAkwTxc2uAO2gpLsU5lDWZM+6OC+ElLonAd3bphucpvDHAQBoV3whyYeVux3tyKc9PO1Iwy+7RYkaKLUbZbYRghK4TcLxj6PE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com; spf=pass smtp.mailfrom=nxp.com; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b=lmunT7RV; arc=fail smtp.client-ip=40.107.21.69 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nxp.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=nxp.com header.i=@nxp.com header.b="lmunT7RV" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dcM2L0nMvptl7U0ikkhnCgsIO8MPxt4NEZ/2tqfwlQvFpSwcUManGtLvcSF6+It7H8XnOE8yuwvYtvInEqmNtmTgfIbU9rJqxFdA+EEI1NccLgguWPPv9MiFVVIb4ZyPiPd01GHdiJs0gmzn2xNIfO7pX+27Rd6mtXhFO1Z4Pu/4JZ+53/vhKncuNWRXX9+yxWaNXekYuiAIZV+A8lx9URiyd7bADMt5jEavuIeKFcPq3dQAi1Hac29pCeb9yOcQayG5I12XX9qctZFpv+hDlgu7oTtawrw7ac1erEnLAoqHhGt2EAn61KnVufRVa4ibz3YTwRJjEhEqiTk/23vmpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=84OCHnyjBZQ/qydfQvDQ7XzMxmE+HugHhLxeeVBJ+8s=; b=KMMTNHp0vHiBqI9JRvtRX8Bpby+2E/Ha4Y0+kjNx2WEMk6gZA35H//9h2HXmqqAbXOwOmZb8oEcJE15MJgVutyHG/vbcztRaWB4i701YHLR+7bQHur2ZUI9EYOUS3N7bfOtqmuvZbkTWe5vz537q+VttWmkMnZUpkL3V8DuqQJ0+DxSuqAONRr2WS+miIUdnL9qIKccgk1/zP4sx3zg6S/sekgjnJ7n0kmN+HgnIFvdXBaoJFF43rUe2l8DiTW1HVHFjtYrFKcGEdMVljCBVR+/FaKOBswQlTZTO6JNOBkgCYKXlyxlQAaWB1enW8F6nlLASwVab+pYpc5AxWbTVIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=84OCHnyjBZQ/qydfQvDQ7XzMxmE+HugHhLxeeVBJ+8s=; b=lmunT7RVmZ0ycuwsxbCAUtZAZuUIfp4+sugGpgRskyP5rpRT3cwAHAgP4MRCt4c1FHhUicAG4hTlnSRc1vZiGde+jFC0QicHKbpxFbPv+/RRnJFEKngjvOxWnHFXJQzHmHDw7ZHoRI4B9sgmVjLGxOQrzZ0VrEAfRj0OeoO+NQw= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) by AM9PR04MB8273.eurprd04.prod.outlook.com (2603:10a6:20b:3e5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.42; Thu, 9 May 2024 00:45:40 +0000 Received: from AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84]) by AS1PR04MB9358.eurprd04.prod.outlook.com ([fe80::d74b:21b6:d315:cb84%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 00:45:40 +0000 From: Vabhav Sharma Date: Thu, 09 May 2024 02:45:35 +0200 Subject: [PATCH 4/4] arm64: dts: imx8q: Add node for Security Violation Message-Id: <20240509-secvio-v1-4-90fbe2baeda2@nxp.com> References: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> In-Reply-To: <20240509-secvio-v1-0-90fbe2baeda2@nxp.com> To: Rob Herring , Krzysztof Kozlowski , Conor Dooley , Franck LENORMAND , Dong Aisheng , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Peng Fan Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org, Varun Sethi , Silvano Di Ninno , Pankaj Gupta , frank.li@nxp.com, daniel.baluta@nxp.com, Vabhav Sharma X-Mailer: b4 0.13.0 X-ClientProxiedBy: AS4P190CA0006.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:5de::9) To AS1PR04MB9358.eurprd04.prod.outlook.com (2603:10a6:20b:4dc::19) Precedence: bulk X-Mailing-List: imx@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS1PR04MB9358:EE_|AM9PR04MB8273:EE_ X-MS-Office365-Filtering-Correlation-Id: 131c888a-dbbd-40cf-89fb-08dc6fc1597b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|1800799015|7416005|52116005|376005|366007|38350700005|921011; X-Microsoft-Antispam-Message-Info: =?utf-8?q?fdLJPp5WkckKn4y+GT0SOeSBvllinvl?= =?utf-8?q?mHIL5nRNhexgjJ2Pa5sG0NrLmEk+Iunj3beP5FPp5zdi3+VHZXFjjiLFTJWKY1ATS?= =?utf-8?q?2+b8q4ySHrpD637iON1jgN4qHit+/RLSvUayuukEwMun+NuvgecSUkj1x5TdQ9Dfb?= =?utf-8?q?9eQDN/eyagxWPf5S7VaL1z8QDQirwZeCgSMSE6gu8+GfJ3rrxWZIfYHV7+95p8nzf?= =?utf-8?q?mxTCGQwfSoHj95uapmEyM63CYu5IJkNwpUVd7j5OiuVzTYJOUqZCqXg+OPo5K1Sc4?= =?utf-8?q?eRMXgc/bEtdk89T/Gz9ObnhEm90unlLBGz7+ZpS97TVYZDLubixyuKLqykCdzns+H?= =?utf-8?q?YVukKkGEjIwRPg/tRyXN+UrIufAjJv2JF+UwHe8RrCvg0f1PSLnOutKShQJe5CfMF?= =?utf-8?q?fL8nxL65fWb4e4v3KBbHDqDOU14lHgT1ND5HzlaicR8O4BaB+o25OrqxXBisapoOt?= =?utf-8?q?dit9vwv1wdDDfvwW2AWA1ZDD0TdTNdFlUEklR5h8VR6Ei6iWbUvmDnVhzNJS/kqVO?= =?utf-8?q?lW67chozQirFehYnpjyTSWFWH3CiGZfdtiUhEE6upbTO+29g2CB5LZqUr/GfbDDt7?= =?utf-8?q?hTCp54CFCIF487lNFn+fhkZDnaHeqpAaQUmCb17z7cvhFEOcSLUs6XobxYe3sOA3r?= =?utf-8?q?3od0pL6BwZHM28rfrVYpbunPHEByQX1PkLeleA49fMPyc//cTlkmpoHbUO/NU339u?= =?utf-8?q?3gErrmDRDzmsjOtXHhWFdmoKDiJuwIrsgCexouJdQBI73yg8htFsBBtWk0stT0YvA?= =?utf-8?q?zCE3i5fsu5Edyzqy56eLydvJM5fUdYUM63UroH0pa/+pX4XiFC+Qg9kehRdl2CMLz?= =?utf-8?q?54gzV8OUKKgaM1RgtW1QtoH112PToeky9xBm7suGpnNX2yqB4R0lXSDOSqDNn8wGY?= =?utf-8?q?uL08zQqD+mrPBiVfSUYynbGRrnO/N6/bH4qzpOE8ohf7oyvEbN78Vv90e8+h6vv8g?= =?utf-8?q?1ail7i2lp+AklUAEYBIBCgL2xES30OIW2xknm82cBcS06MVmz/TypHFnqrtpOlqPc?= =?utf-8?q?1f0viHD2M0gINuWsB3V+oNG/aeputqUBZzhWLXUYpZdP48qi3zkTt6nZe8ERt0sII?= =?utf-8?q?Lr21npikz+q7SUyHdEswks++0OShzkKi0WC8jjq6jVd12I0z6XDQEq6O6KUqXSdZ0?= =?utf-8?q?piIJhd10Y48ZoWnquq7xP//SGy6XHA+awwVQUCMQ5RPCEDRdrJoOBuqXeeTEyKh6E?= =?utf-8?q?TKBHIBP34N3dtnHdEHc/KSJVNKoc2m4xaXTO21x9wfMMwra1qkYcrp+FWyPO7byPf?= =?utf-8?q?mltAi8c2QqFG0zo2EA4ywGAgvReW5sfLaGA=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR04MB9358.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(52116005)(376005)(366007)(38350700005)(921011);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?3AGQ2jSpBykC7kzObFsDOI9tgf5C?= =?utf-8?q?YyJoEpAvfxkh8V2v9T/xvfvGSfu0PzSKDmAlmShplvYqYSF3myRlCJrS7b2s4HNb9?= =?utf-8?q?eL7iP1hFwS6+p9duO/1PzNZpfzcqt25Y9TJIlqtpPYKScRcIgCHZakH8fjgOLVK2+?= =?utf-8?q?GAX1qFgbtUl6eA8l3IVUhPm/3wg9wrio5wuRafh4DCQFkoYzJ/wmJogNhHYF7jmiJ?= =?utf-8?q?/pD0aMGIX8GoAxwzY5YXab+e5LkbZ21F5Hyi3WJCu1wfP9cb6RejIplKRNJmlxvDE?= =?utf-8?q?IihqTeNMKjXj0j2hRrkk5z4wgwjJTAuY/Pr7L8nMYj/giHoneG33VjmMYCqe0VEKU?= =?utf-8?q?/qo/hj9vMT25mPyPvFrN8r+yUTB2UMNnrzJJW7qhggutVzFuUiK57yXD+Z9nJOlAq?= =?utf-8?q?EE1HD5Unoj5t/7r95pgTLVrvdQvs2HaJOopi0cuPLMcjW4TyX+2Uz+/zgssJOVhso?= =?utf-8?q?sY4tBG+Z1znyutd4keMre1oFHqOvg6Cv/YD82bJonB7wO1L3Rr4yARfKuHfGuAtGD?= =?utf-8?q?g5hEnoCeP0TTQmLjU7ryQ1KaAAV8STQ34dhIbb5UeOVg0xuQR7Lf+ruFqc/2mEZgr?= =?utf-8?q?BP7ZR6zOWG04RLSI/z03R71Kd9WKsjH4vqrq8HIWWYIPimHn1kyHFwKHlVcvgG3Yf?= =?utf-8?q?LX4eqHJyQIvgb+XRInSC3KNYSapjktj7hExjJVBCMsYPPKsHyBqtdgo06cAd08k/2?= =?utf-8?q?yV1gSrxqqUVEuvIns4qYFqbMarpo9ggex+j4vi2EfKN73nK5YISArLAAsB7DubUEF?= =?utf-8?q?p0VgO6sOhCMDZy2JEpgOG/8uEm0OSjny0NdrodhEMKZ0MNCfzz+yUaeTppEIZosMR?= =?utf-8?q?V5ci80VRbUCayiYmFoVBzfauHf/qTZmPsVJNax2dETL1ueUQLTEJprbK/ecUNLn1l?= =?utf-8?q?00dpIE+51ycYKRX6lJmvpWkp/ubPceUGI3aIHuNOHdOYxu9kbTd/z0BZFYN5lNkBw?= =?utf-8?q?OwLMe9SaFHmRXwzkmS3jMVrhyVkdnwf2rwdXMo1u8kowVn1fLLPjTX818pC3b3NX4?= =?utf-8?q?RRrZO/Fq3n13is2b7/KgM5R8FmDGHudYRreQKSNF/jVSLUlUM0HWxtcRecTsXVQcL?= =?utf-8?q?Tv+/Lp3Kyb/5L/HEIKOi+Jowfm04Nqo2hioXhLQsSazRWVMlzwa5DiUfUDVEeP3BQ?= =?utf-8?q?Ni5MndXdaWzOdmax8atllAtyLSV1cEnGNrDtwcqH+5kSqzzZa9OWwl29F26GEhMwD?= =?utf-8?q?xOZK51btshWdBEXkxTSAP30VjMf0n+vNrP2hurIXjGYgZTQ3KSY3SQpQnpDwL78f1?= =?utf-8?q?mnyxkwjhvwQZx/sAjrvleCQJTx2BqXvkThmxya8rIf7krhkws7KX6ES9Cmb+01gpY?= =?utf-8?q?tb6nO81t/uNI/UmH4LuevSL7NqDiv5kuPws52nnJcBCNZOFCC2A9lIsY8qMeLi1dU?= =?utf-8?q?cgC0E0mLiiggccvY/CjCqkMALHtV5KkvzlUFBxBT70Cd6syilI3Wib7q0rswEQ4mK?= =?utf-8?q?f+O7kLk1JQS6N4UWmoqLtMGAJVdUm9ykjsXbNjQyb9vp1iMrkL19H3242CXxwHXhk?= =?utf-8?q?89Gi70kDYzdr?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 131c888a-dbbd-40cf-89fb-08dc6fc1597b X-MS-Exchange-CrossTenant-AuthSource: AS1PR04MB9358.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2024 00:45:40.1342 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: wZ3wj4WsMttqGyh/slNFiNt7K5gX6Rrgm83hG5ml+1VF8obc/jyCKmOW+fCdbY/ZL/JstKIzjlLw1FQ6UkQICw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8273 Add secvio node definition for imx8qxp. Signed-off-by: Franck LENORMAND Signed-off-by: Vabhav Sharma --- arch/arm64/boot/dts/freescale/imx8qxp.dtsi | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/arm64/boot/dts/freescale/imx8qxp.dtsi b/arch/arm64/boot/dts/freescale/imx8qxp.dtsi index 0313f295de2e..09d3e11eef3f 100644 --- a/arch/arm64/boot/dts/freescale/imx8qxp.dtsi +++ b/arch/arm64/boot/dts/freescale/imx8qxp.dtsi @@ -241,6 +241,11 @@ rtc: rtc { compatible = "fsl,imx8qxp-sc-rtc"; }; + secvio: secvio { + compatible = "fsl,imx-sc-secvio"; + nvmem = <&ocotp>; + }; + watchdog { compatible = "fsl,imx8qxp-sc-wdt", "fsl,imx-sc-wdt"; timeout-sec = <60>;