From patchwork Wed Mar 26 18:37:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030096 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 85D92C3600B for ; Wed, 26 Mar 2025 13:50:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=8+o55FPMa7m6VVea9dp3slj5OALcBnoJzyUth39j3Gk=; b=N95AlnzIGls3Co75K4ubldujoi 9GdqmbWxPHTj/mpLs4NOApY4JI4f7YW98I68llipHF33x2eBnO/wjSVDyJmWSfdIeKplXX2jc1F4n FmMqmwBvUFWazvkHXy2sDdibAiHk3qN6wmWqZZ/3dTJVjKmRmvILiWoFqmvwYJh3/ZrYn3+TpTbrG FdWyb5wP/EDKPbxvzUJ/OTZQRvifi03yEKGjiGbUg6Q/OpBypBbsdjOMYkMNLqq2N60zcp+sLzERa jnuxGLcYf04lFfMK0y5UJlOPvmNuCJHercy0LvGG8EB05cnTB614D7jvuxEXWpGJxmiynGjZjRwY4 h3tBysbQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txR8j-00000008bXn-22M5; Wed, 26 Mar 2025 13:49:53 +0000 Received: from mail-northeuropeazlp170120003.outbound.protection.outlook.com ([2a01:111:f403:c200::3] helo=DU2PR03CU002.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQpz-00000008ZYI-2U85 for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:30:32 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=g8t3O6DEVHM7vRKhCiJV97fsl4hI5gnaOC7uo8OpptzwYgQnjwAowiYXMK+Xv5uNge89zHDGX4D4Cyoc7cEM/wATblfagJuLi1iOhxg3WfPseDh/7GySmeQVBts5mepOivc9z6J7yLtSl9DeYdkeTqn1Im7rFZIRmWJhTmumOPYimSsifKLasw5hOfODeT1GQPFOQZak5dNAyS2dRbVa9YyVZpjy331Y3PR+rvqJhnHdYSWs+LHbQU1I0U2chYA5ghOfJNgMV0VA6c2G2+JPKM4lLznq9m4SWQmYeJgsgzrh418MnlEi0UHRnb/x+z/VArV1TPhwFUxvwFEgXnYtHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8+o55FPMa7m6VVea9dp3slj5OALcBnoJzyUth39j3Gk=; b=eWwH0pB0G+7kOtMS8J+o9id0jwuL1sEFvE+hguRePvCkcUbIzj22QrZStqya+ytOf8wCCYfxhrsAxA8afEViqhpewRbVlOCzIPcoRsE0DGaQS4R7JpqjVGP83TmxnO6J3ipb6bZGYrgg98E8KthsSFADNZLx2xf+npa4AAjcgUHeUpaK+ZHRs/rHjvi9pQ3qgtSXBbOyMERj1s+zr4eXNpndiwMBSm3gpyDSB9hxP07GnZLdJ1EecmUoBOWRp3s09SwVA8rY4PSRExWfztySJW1g6CaHES8E4uvSdPmwLXqJ9cYiBAbMAMuEESuCG5SLIcZadmaBSLqPGwRE+we24w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8+o55FPMa7m6VVea9dp3slj5OALcBnoJzyUth39j3Gk=; b=FDXZn6P2qVNQ8l0DKHKHvKuXEoruQbe0PzPs5QIFwZDbu56BZd4iw/qGS0tWz66B01Pk6Z6rxCMFZjA6s32jreI4zeOWMwvGYTuGMc+UbRNvhZq5Zjyx3CGeIj66kr2QoZEvgdStxiUJxjfQjO1G+Z/HBIapzTeWhGdpGbP04NZcdthKlFPxxnlljFiktrclwqyyql8JrH/Wi/PPktNtHH9u5XbYTAN0EBQ23D0a5fHQCQ0hQbXwOY4iM8NSaSYqt4DuRfamD8Xumiw9F7Sn9KgD7UAUdwTg+4xALcJ88j4VnVOouZmojIeqw5+kD44yLsWWMfwkntJTmhqTKwp9qA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by DU2PR04MB8855.eurprd04.prod.outlook.com (2603:10a6:10:2e2::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:14:54 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:14:54 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:07:57 +0530 Subject: [PATCH v14 1/6] Documentation/firmware: add imx/se to other_interfaces Message-Id: <20250327-imx-se-if-v14-1-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=6679; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=8QvSWd4rmn+G1ZEKi8f+TGc8yN5T+yIQA/mdWdtzwO0=; b=wEzEAc0lC8pgrT5zIn34aePYb4YGUGCmdpAwsOolJcjt00CykYMpaLbaoBlFeL/NOIBCnFmaI /tQoWHPxOcJCRTDT4a6OtHkz+n5HWWqU5v2VxXcOZg1G8NVNO4/TxjH X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|DU2PR04MB8855:EE_ X-MS-Office365-Filtering-Correlation-Id: a12936d9-b40d-4ae6-40cf-08dd6c683311 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|52116014|366016|376014|7416014|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?7WWnRkOmjh/SBQFqLtchoQG5o6jpZP/?= =?utf-8?q?WPdYIUrlXIJe+FgWSZJy42ToGYPpZ1QOzJIEt8rgm4tT+mhfu0kJvduwOAS0607x0?= =?utf-8?q?f0fduYgLxmmtCCCsJEALGRJUbHCFQv3mQBm/ou+E6EKeKHHWzS2kkK6C+PuggLOwo?= =?utf-8?q?+4w6n8jSUka6QOTYkIxfhmreTVbVcObYYQSgECIYytFNRhByYtdIRyuJQYO+Nq0Fh?= =?utf-8?q?+VGpYaRb8IpGEj3Bu0zeLzxfjDe2hLmmM+TypFH7DG6/MZrnkM3cw4Jcnm1oMSlEN?= =?utf-8?q?/BMLdJiejSBQXnixIQBOuFBQz0TRb50Bj93a8Rep5wfbg/Q2QdJJupwpjYv8GVvXj?= =?utf-8?q?mlTLTZQmRwXUtDXg8CzdLrZ4sxa4jHJiQ7sF36c/gk7LO1gb26eja33vo8VX+856C?= =?utf-8?q?mMATREFc5E11qEH8+2R0pCv0XLya6b0AYYvzqZ1LZvx/9vWkzOb0K0dlEXHix2Zy2?= =?utf-8?q?2daXzz4Ml57+xsY1D2N5Vsg4FCmvrFYQVwt0RQf+3ggLc7Ymj2Yu2zBIOY3TJ/4XG?= =?utf-8?q?2iFFc/TrgB/N67MPqQygNLMI3jBTh6q5QY/ZFbHHVX8bX+gkPIQLK0MGumr4WzTeN?= =?utf-8?q?JUNJ05berUi8DjnEPd9RZrit7cV9qA7XPvc/H4m2A2bCKkc4nTxfgvYAHYE8QRRX5?= =?utf-8?q?7fwQIPRI6XK3vrJRPqT65kKYJw8A62grtssxQuJNPBrKyDZkfbsdHiFsg02yF6gBy?= =?utf-8?q?Z6PSQ2IUQ4XsETkWZ2qzbLUokY7TheyKyU4/2XFudLG7NkYRMXTjGhDk6mTwK3cKF?= =?utf-8?q?f60WoeZ8OjrkLkvWH6mB1asYH9cZowIxyqVOncj5wx3F78TrWuSmlyQJz6tz4n/PF?= =?utf-8?q?nBNc+BtkU/vvwgBrBBSTTsWlk3CWmFCV3FXWzmChnHNzF1def03l0OMm0zQClXHUI?= =?utf-8?q?/wjE24F/MnVSTCVsXpYWyJulFjhGvdV7FjwzNcdlBEm9KbiqdZS5vShUSZc4ZYY9X?= =?utf-8?q?q8iDAyt+NlRAgH8mkVnX04nRZMZdlWfccvaho7VQAxuc4OdaiUc+F4SKXcShnOtLs?= =?utf-8?q?nXByVZsrD1snm7qqRhe+GUsP+5W88QQCc+N8ms3gua6o8iuIO2k0HjtyE4t5byJ0Y?= =?utf-8?q?0Vxqvn01C3vWhsRtbN1LM8KLeYU+lgF6SHfKfbh68QPV/FZ5vvd3DztqkJkfOB6lE?= =?utf-8?q?FJH7M5dcI1otifcXattmYkg4J/Ac98V4vAlV2WmoG8gxsQiLNJAx6uVkkD3UjkdQN?= =?utf-8?q?k6Ko4wHTwPEGGwGNBhQ6iqWvDDKNKSujLB3LF9XVyylM3CbLV2vC64s7ajEwRdUMr?= =?utf-8?q?SkwbmywG6bGbS3IzKITq+dRQaHjr1QcJG9p80YaWH6MJBaOZ01L96bd35jqp+RNuP?= =?utf-8?q?op8Nj499MGvh1PD5hyiupgN2ZI/X+9H211SMzap6csNP0TemxBhKqClFiti779C4k?= =?utf-8?q?4dcXUQxYfKH8LFUeC5wvu/6xTy1VIEHFQ=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(52116014)(366016)(376014)(7416014)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?SKEEbYw19FfEHeYwHMGosjOMnWFK?= =?utf-8?q?RcWS+8/VCAa0SiOBjXmXtkbtRNstm+Uqsv3O06uecNNKLJTTRwlMtUPoCWk+Wzk3R?= =?utf-8?q?+UMy8EF00HoDSYeMHssSPqyRYoW5BU5LuxNpcIFito4YGm0JfZiZe2PquY2KU8A6Q?= =?utf-8?q?2+CLEVZVcrfGMVl1HyDZPGh0AmOIBFUaEVsPlhHNJYYC4FkJrkkYpRGsmLVCSqG6m?= =?utf-8?q?PuFYswiUtxMhDro5hv0a2o7eoA4Fx1FJ5C6zdqT/prBgpIZ+No+p53TaTIEp5yN9c?= =?utf-8?q?XhN4637XLEZe9Z/H82Y2fCgBQDulp1w8y4J5geRUIX/VobvGfffj9panbavy1KVsT?= =?utf-8?q?wrlRdIkR0U3mr4KvQ38vAaX2GqhB6BpETLLyM454JeFykon7Oc1DTuQynoByZbuTo?= =?utf-8?q?mb7aN3BfUKvfGR79t1w1K8er2mFBspWUITSUt5GOph/Q6RMwxePWxwq4U74q06QmX?= =?utf-8?q?fRkESOho9HceQ0lcFvoNdG47rJ5CCkpEPDB+D2moSejGOIgZI3FS+bYTlPvJVuAPM?= =?utf-8?q?5nf9a/3Pe4zBL4bYnMrcHesOemX1TmgfA8g84/zyMWJq5IsujYfsLXAdEj66FdmTz?= =?utf-8?q?H+TndvItT72uaUquSHGoTDs2t0zDpQtRQt/FocvGjpO1sugMmyAf4ivhY2r3LsA4q?= =?utf-8?q?xNRG/sApQbHx+iep1JGes8Fg7bZ5APWq6hfW85dgGFZp2amaevGhlrXpRpUrIUnSg?= =?utf-8?q?5j6O49duXMAxzVyduWS9JzQ4X6lzsO0X2nA+n6OFBeFL0qm1PX5n6PJGqhYq3J0R1?= =?utf-8?q?Z5flsp8BXjJR4h4lp34acsdH9aTzCuHW6+orU/M0wq8JyIbqVMEBxKHa7eSJu0DZi?= =?utf-8?q?3SglYnvac9arwjG0qt+1zwiv7NFOPpZT7p5v01Sct4KdRkWh48wODqBQzDmcXEKmb?= =?utf-8?q?MHvfeZDB7pSoZxvB0lXQBOPt2iu/Se8uCzLpbxS3kwiwOGxqbzSlGnc+pVFuXXxRc?= =?utf-8?q?8bQPIDaadK1aI6SbwLWz7X+IHhDJtwcz/6n4WtbAuoRTMvhoCzfctFQyJwGG5zaOY?= =?utf-8?q?B361ACtPVAdCIMLdSh83nX2jTlufQ9/BRlObgZmjcDOpdNU9Wwmf/zvHj7uj9kFSY?= =?utf-8?q?7sqnbSAwdGjazH1gBHhs9D78kIBLLBFpYQf97ufTCPT4iUie76u1sfIVn2qEe8JHJ?= =?utf-8?q?+csjUT+WJgcB70SCThSjenWQnXZ9ukWaJh011T+Ob1ncXOFMV7XneaZ25r8jMnKfJ?= =?utf-8?q?RTQbBQaJ79wrhB628sge7vbWK33mdOBuJ42EPMpXM807DjWV64dxF2zIz8azICmDm?= =?utf-8?q?7kCUE3Xnm6ErgNZZv5NdszjjMVAcWZ5Jt8kfb7SKSfhafdj8CngjtMTgPpXimjKaU?= =?utf-8?q?K7LclE4cOB+EiUa7UGLFrZitP8xfry73MgpGssN9f1KyedncDaELsJp9UHHxmfp+o?= =?utf-8?q?1JTPA6DC7y4cuzikYAqkSBMS0kpRq5/73TdMbogTE4besGHaDUEiVUbJdRrTb+90U?= =?utf-8?q?dStZF7l/FDLHEEeibVA0r37g2vyOt1Z1jGiL+URaVZk1No9fsKP/0J9mvu68s5+i9?= =?utf-8?q?2vwPirNu6Z22?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: a12936d9-b40d-4ae6-40cf-08dd6c683311 X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:14:54.7498 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: RWXlX4C1l/+er2LUwuzFwpl4+3rJjIHpAPLwkNRC+oP4yZFPpDxrA9yCmN5y26h4BkiQDP9rMzAi4EWkFh8K4Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8855 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_063031_775378_6BBA9A01 X-CRM114-Status: GOOD ( 13.37 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Documents i.MX SoC's Service layer and C_DEV driver for selected SoC(s) that contains the NXP hardware IP(s) for Secure Enclaves(se) like: - NXP EdgeLock Enclave on i.MX93 & i.MX8ULP Signed-off-by: Pankaj Gupta --- .../driver-api/firmware/other_interfaces.rst | 121 +++++++++++++++++++++ 1 file changed, 121 insertions(+) diff --git a/Documentation/driver-api/firmware/other_interfaces.rst b/Documentation/driver-api/firmware/other_interfaces.rst index 06ac89adaafb..a3a95b54a174 100644 --- a/Documentation/driver-api/firmware/other_interfaces.rst +++ b/Documentation/driver-api/firmware/other_interfaces.rst @@ -49,3 +49,124 @@ of the requests on to a secure monitor (EL3). .. kernel-doc:: drivers/firmware/stratix10-svc.c :export: + +NXP Secure Enclave Firmware Interface +===================================== + +Introduction +------------ +The NXP's i.MX HW IP like EdgeLock Enclave, V2X etc., creates an embedded secure +enclave within the SoC boundary to enable features like + - Hardware Security Module (HSM) + - Security Hardware Extension (SHE) + - Vehicular to Anything (V2X) + +Each of the above feature is enabled through dedicated NXP H/W IP on the SoC. +On a single SoC, multiple hardware IP (or can say more than one secure enclave) +can exist. + +NXP SoCs enabled with the such secure enclaves(SEs) IPs are: +i.MX93, i.MX8ULP + +To communicate with one or more co-existing SE(s) on SoC, there is/are dedicated +messaging units(MU) per SE. Each co-existing SE can have one or multiple exclusive +MUs, dedicated to itself. None of the MU is shared between two SEs. +Communication of the MU is realized using the Linux mailbox driver. + +NXP Secure Enclave(SE) Interface +-------------------------------- +Although MU(s) is/are not shared between SE(s). But for SoC like i.MX95 which has +multiple SE(s) like HSM, V2X-HSM, V2X-SHE; all the SE(s) and their interfaces 'se-if' +that is/are dedicated to a particular SE will be enumerated and provisioned using the +single compatible node("fsl,imx95-se"). + +Each 'se-if' comprise of twp layers: +- (C_DEV Layer) User-Space software-access interface. +- (Service Layer) OS-level software-access interface. + + +--------------------------------------------+ + | Character Device(C_DEV) | + | | + | +---------+ +---------+ +---------+ | + | | misc #1 | | misc #2 | ... | misc #n | | + | | dev | | dev | | dev | | + | +---------+ +---------+ +---------+ | + | +-------------------------+ | + | | Misc. Dev Synchr. Logic | | + | +-------------------------+ | + | | + +--------------------------------------------+ + + +--------------------------------------------+ + | Service Layer | + | | + | +-----------------------------+ | + | | Message Serialization Logic | | + | +-----------------------------+ | + | +---------------+ | + | | imx-mailbox | | + | | mailbox.c | | + | +---------------+ | + | | + +--------------------------------------------+ + +- service layer: + This layer is responsible for ensuring the communication protocol that is defined + for communication with firmware. + + FW Communication protocol ensures two things: + - Serializing the messages to be sent over an MU. + + - FW can handle one command message at a time. + +- c_dev: + This layer offers character device contexts, created as '/dev/_mux_chx'. + Using these multiple device contexts that are getting multiplexed over a single MU, + userspace application(s) can call fops like write/read to send the command message, + and read back the command response message to/from Firmware. + fops like read & write use the above defined service layer API(s) to communicate with + Firmware. + + Misc-device(/dev/_mux_chn) synchronization protocol: + + Non-Secure + Secure + | + | + +---------+ +-------------+ | + | se_fw.c +<---->+imx-mailbox.c| | + | | | mailbox.c +<-->+------+ +------+ + +---+-----+ +-------------+ | MU X +<-->+ ELE | + | +------+ +------+ + +----------------+ | + | | | + v v | + logical logical | + receiver waiter | + + + | + | | | + | | | + | +----+------+ | + | | | | + | | | | + device_ctx device_ctx device_ctx | + | + User 0 User 1 User Y | + +------+ +------+ +------+ | + |misc.c| |misc.c| |misc.c| | + kernel space +------+ +------+ +------+ | + | + +------------------------------------------------------ | + | | | | + userspace /dev/ele_muXch0 | | | + /dev/ele_muXch1 | | + /dev/ele_muXchY | + | + +When a user sends a command to the firmware, it registers its device_ctx +as waiter of a response from firmware. + +Enclave's Firmware owns the storage management, over Linux filesystem. +For this c_dev provisions a dedicated slave device called "receiver". + +.. kernel-doc:: drivers/firmware/imx/se_fw.c + :export: From patchwork Wed Mar 26 18:37:58 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030095 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 250DBC36008 for ; Wed, 26 Mar 2025 13:48:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=YJ9glBG/Fa0FANTVAW4gygMrCec6MV9a5TSsfhDsytc=; b=5GzZutsKe8L8hlCpJB9iY1gB/k MZ6sQT9MoPRGVhY3TOwkimqMSSlV3NV8VGuwGr9E7nEU31RWMWUebpzjBZLu18acXqwO1UJrnFmfV 5/Y435IWlagjMot6w1/Nx63sMPJM6nIz2as98yIFI6XFs4gG5jnA8YcpiaOUnxOhLkQCdivPwjegu NhEoOBPksaH7G37xLcTI0TR4/J3qKE/sMpXRyN87HaekJ/MOLHe7W5d64zQdJF98rNYK2ySHhXUc+ 2bkhIiYCZ78BqefWS4mPWVvpdieYNmwUvH0Xe2FzetHQaa+hG+Jx4xdJVc1NmjN8NszQF9E5hqz1b BMai38mA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txR71-00000008bK8-35Yt; Wed, 26 Mar 2025 13:48:07 +0000 Received: from mail-westeuropeazlp170130007.outbound.protection.outlook.com ([2a01:111:f403:c201::7] helo=AM0PR02CU008.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQpT-00000008ZVu-3Uwh for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:30:01 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=stdiru7Aw+TOZpc1C09xPpMb6TEXTkef9Q6wZcjcBNREX6baJK9TP0+dlN+airhSFsFHt+TOz1o0P8XPa/gzLiuHNMQ7AcZKNfBYHaezXmKO1IxP7OUGiBxi8SLeFY+iaZOyf1P0W6AfjYvwXHN0h5G3LWlcpmhp5ajyEd+1DFrYWMepR0La4ndB7S88MdPs5UBsK/pJQ//khfxpR/PZPQZByzlvbg923CZ7oKcesW4xDea+mQMo9vEhaRmzR5NUAA8sf/d1Zb5YAVHKui3iCIqI61DoN5Co2mLnjqa3JkffhMFwA8c5Mk2391ilbCCU3puT90TUbCXKuawexjxzdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YJ9glBG/Fa0FANTVAW4gygMrCec6MV9a5TSsfhDsytc=; b=GjIIFYbk7w00QRby8hl7lAk6ZgyUbwI0dduyW6cJwbtgw/p7gLrrGxBjmGIG0R1FNqmmOGpdyK/pW5RB5BY83REvUMSTAFNn3lVPjcWCAlkTo2TyCVQ75BL0jmY/LhVwzC6frBDkKiqFzXcrlVPx/yKVxyEahg8axylGKkjEuSfDLXa00Lz9wxtqJ/KDmIi7Yj2lhuDgloChZnkQ1TXtZnp13xYR/XSubugbh6t7FJtFxb8RxQiKDj63MMbkqyAlebOEZhL2FUWIXtVkTGoxYiV8Oeqlb6wR78J9Q9zWe0BsX6J0d3yvW5a1DBG1r2YwX1qQ7Gd6UKBjO4NSnnAtVg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YJ9glBG/Fa0FANTVAW4gygMrCec6MV9a5TSsfhDsytc=; b=TzktxxxVbSF0/H0pAnke2bVMr66tA3W1h2zoSbVbJFpV0Qfwk8+MmbpzqGDdpEVR8IcT8PZWnfbMTPgFM3m5yr+aK/1Zk3w9iLMIGKMm66qNq2x2d7fkWCaA8VlhdSCFusi/Jdvbb7G+vAteBVnghrWwqGtzadi2Uq8ZF+xwpbyqKEVgeWwllV/Rmf/i3dmgnNLvVXXlgQLgd0MZhRD3gxvUeN+vZmERFStCHq74k+1T2zSwI2biamdiolXNTjL0Sa6zZ2uxrJIPbPdQkjIogiuxVZeVgTUU8fyhtqqNE/LeSFuNlpXOzOJD5smwfND3QcK19MPd64VrUaT+fi6qxQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by DU2PR04MB8855.eurprd04.prod.outlook.com (2603:10a6:10:2e2::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:14:59 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:14:59 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:07:58 +0530 Subject: [PATCH v14 2/6] dt-bindings: arm: fsl: add imx-se-fw binding doc Message-Id: <20250327-imx-se-if-v14-2-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=3712; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=DRkDZg1VfpzhFBuixQT+JSk3xiHDgMICrZU2Rgis64E=; b=p47sOm2XIWO1bZZ7uCPcKpirvf/O00U0/qnYqYBdBMpLqZ+2x+pGlr5EdLa8hLxzQWYa9DBP7 ArMCzvOs97MDcAZ9NdBFtPZ70Ae3jPrscNGiL0APNOQWSAp/Tl+Vruh X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|DU2PR04MB8855:EE_ X-MS-Office365-Filtering-Correlation-Id: 0ee1a811-c3cf-49b9-5e4f-08dd6c6835ca X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|52116014|366016|376014|7416014|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?puyOvPNiHYmlEllmVefdbGAPqBo+pBv?= =?utf-8?q?fHQqm2GeRV/PEYHgI6tvIQw2muZsjCpLcRUsmUdBSofMXZ8IY2WQkNspdKjhfbbe1?= =?utf-8?q?ivdRicltsViTNaWV9bDdLbjifMHLPuGANKdr+FtICj3tH2jr0q7h/cDvCF0XNaAko?= =?utf-8?q?0O1C7/tA10y5LYmkQIPWF8ADARVCJ504Oua7mqpFHLimFxK6L6AOQYMcwGtv3C0Wu?= =?utf-8?q?e2wCRLdXo/r2xQYMdNdX2BTWMXRKt2IF2zUEJHjqlCZndiSoyb4QXNwrGgWJC8mTP?= =?utf-8?q?5svpPaK+AGLCFynA14u9MdSWmK1ipN65xdRNdsTaU6BjPg3/9lbQXNE8cPRSHZsdw?= =?utf-8?q?FY1LE/wIjrISrRUZSGcj/b7s6Qb7iKtMWCX3ecBma5r/HzM6UfxroAYR5uWBIutDJ?= =?utf-8?q?MP7e4wAE8+C7UtW+XYQsaSpt38JLQPVJFnr2iY+nL8ywpkM+ORd4T+VwiZ7ynHVV6?= =?utf-8?q?mgEk959iNjMXkSJJTnhlgXljzLMYGYBPIR5aYsRFBhssc9ApRa4+/dMhafjr+Jfoi?= =?utf-8?q?zh/ZNMfko/xH+8/zR0bDnL3SoCLki184yn1m3OqliXwC40o2RMXy1VSRERbQAJaFX?= =?utf-8?q?zKFdceeIJlVS4DuEgJ0O9IUmwfg7Uk0l1etlCAE0RnLr6TgYhdCB2DmYCFtGrexac?= =?utf-8?q?dHMXLd5wjqyL77W3+8iJcfvDnaRuc10Xu9Rn0Qgb+7oy30mP8Ye/OPjjomePsOA9R?= =?utf-8?q?2CmhrUJbwULPV+vgP5cC9xKS+i3CX+SCDka1H/YoCskIQwM5f8r5lKazfmcjEkYxX?= =?utf-8?q?LiNirnN7N9+FK/LTb/jXQWbYZzYH4JlcnMPQoPlqMewgohJ6FF+S67cx/7z+cxNev?= =?utf-8?q?3bW2P7I5bMefRxmjpq5EsL7uso7zCLbOTT1sum4N3FBsR8ylVUBPFyMosUErFLp5N?= =?utf-8?q?rntAO6BnmlpWfywB8L9AT+9BKO17qdy/iGUWoj7vUpRaWvDlMT9SGoQtYLmbADhcg?= =?utf-8?q?yR53qZW2tE5q0Qmp85XNMtBmvtgQtHzwTLIjiCQwGtvmTrjrYXLOV6r+dDEJKHB/X?= =?utf-8?q?wipIN3N+As1x/NGtkdo2wLn4T/Lk7p4QPnh5IqX7KO6vk/Q+FjvU9OuoFxxA8E13s?= =?utf-8?q?anaGBPbEElSgNOYQcke4nRnFhg/tKX0j4In5Kw4kUI7/AzLVar28h2iS8HEjcr5n3?= =?utf-8?q?Jilgmbk6p8HDaKdA7quqyl6aRHK+DK5YdKYMEFD5GVVTJBQwTcUx30BiI16+tDey3?= =?utf-8?q?AK6M+SXr0u3EPcVNG1ByYIZZAXCbBDNXTRsksoom2bJXVaC1qveZHFTdkEBEeljUG?= =?utf-8?q?GnBff4Au0umBpWeKPhWZUZl1+6XtFSnqsoBbwra7wTe0/31E8a/mhq7bMxh+LM37A?= =?utf-8?q?NYxOCaxyEnZBofcXDcJo63nivMeJxpNBYlV0O/I46IT1YS+3SLdPc6M=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(52116014)(366016)(376014)(7416014)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?+ODL9nXXWfihiPYcz1p8406sbFI7?= =?utf-8?q?rnEgoH5MN+pb+i2FPhz1Na88zxLcgCUGs5Kw3fE1FIdgUJwLiiS66183dQNQJza5S?= =?utf-8?q?atFfWWtPmJ/AD8M6woY1u4skionPJ/3a9RZy/ivEnAQ9cNFEeujmBDafMcm/E4j7Q?= =?utf-8?q?0jyluN90tZeCQFVeq/BqOan0NoKFzYIxQxcaitbiBtHGA09QNb3Eqx9pKA5SaHT9l?= =?utf-8?q?0M4y//jJkHrzBaON1WGTwoRroMaRI7uscyNeGHOGiPuWLWuAAbuSKNyCLJBTKruS6?= =?utf-8?q?Lz+z3fWLQ7R4SCj3XTlH6n7j/hrKz/3j47U4kd16d0NUk5zI2axiTR/ghvF/fdGWD?= =?utf-8?q?I2nM4n+96Ned6ahrbjiui+pwWATIKL5TTjqS7tcuixCTbFLuAXQbioCpPojF/jB5k?= =?utf-8?q?4Pfh+YxwwTb0knaGbio0jqnxxT2jGmyCX5G+QZszIvGbIO7RxDKflt+neBxOloZV/?= =?utf-8?q?/+Rg4AjxfBH84OTn0U9E9ZuJfRUqEe6dZRLFYAY2YPjF/qZEjniUMkvfsE/yRdYdP?= =?utf-8?q?MnYpqhsnyJTd3FNeZY4276BO7Hp/PjDNhOVBP9eF3L/4DdVKlD155uUnw3mcnyguW?= =?utf-8?q?AfnylMFikCMi1yAOXB6Ns2IHaBXHa2YsWb9r12MmMWn6cGH0+1MeDdgi0QYdZNpny?= =?utf-8?q?Fi7tKi3vFf9CLNAdw+pt+MHz4i21LfL/gSjlxMrwAeDOXaTFtTsBJEbQlCKPFs9p0?= =?utf-8?q?ToreMmZ7fFBXVLiiWqIFYK7lfVCBCyUcXcJLqktJCBr4CGi6PcrLHhw8sgPri7Y4k?= =?utf-8?q?fD0Pv3PnJx93cjUwlCLtMaA6ze2mOsKQqWqfpmxVnMaJYI1RknVdrGBJPUn2xdxR7?= =?utf-8?q?VbGnUZ8sUytYlfEMiMUYfw3nIg+uFfEU0vu2qLBsvDoTVEghIkf3TqEgVvngo89QC?= =?utf-8?q?eGsT4VfCVxZky0J1upwVubvqHJnzoE0k/bZkeY0N3ls0JgpvQyONJ5Fu9ma4yz0Gq?= =?utf-8?q?CSc3jaisI0vd0sS121dUqzPjQEBP9Yvj/QdY6o+JXBowXUiR4W5+11Ekc8+9gm2ZC?= =?utf-8?q?ftNIw3q0HWiWjH3SItP4Az1cdowMH1zCL7JRlWwmAbIvmpzDF4DTAQpWmu2w+roGg?= =?utf-8?q?gqJ3duLciiW6zYVgtzGWSoebyt9yu/0xByLkZwA8aEE/erMUlOXzRi+PKqray6703?= =?utf-8?q?Nsxf3IqAkwFIG+FkrnmTFDiBzV8vFWGf1Q6lj52eghohKmI1r1WvS49K1sgtni/nN?= =?utf-8?q?8BSRVYSgbdR5PJIfqqQDGtRn1x5V9EYr2TtjOBeOm9TiUZ3876qxQp5PxvNFRPD1C?= =?utf-8?q?LE4b5md+fdtomUVkX4ZY94QaLnb+l8tkq8DG2z9JCmT3bwIvpqiqnO3hyGFDiPFP0?= =?utf-8?q?napfObeZxSSyN6BNvHh1WTZJew3QYdj1kk+VJw66m0dfqhOLWIeDEMrxJabMrxunl?= =?utf-8?q?DXCiqyGwW/j8AA2ryRV5sFVVlh8OjdaquzBQaxl+jq3oUJhkqDvZ/9B4wRLLqjVm8?= =?utf-8?q?7amIz3jQFJHgF/8bSOFoAuV81HcDixkQULOeK4OjP484oQZJJaV0lTPiwl2rlfCrA?= =?utf-8?q?3R+wlkVrl5NW?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0ee1a811-c3cf-49b9-5e4f-08dd6c6835ca X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:14:59.8307 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: v86wdqdNPRbedKMoVD9nbjEtvukkp8vqqdYCppPWOGrXxhvIJzlFDhg0a9kaf8KGvdLjNK1rCwTVaRwyJkfWaA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8855 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_062959_875869_EC5B86CB X-CRM114-Status: GOOD ( 13.78 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc., creates an embedded secure enclave within the SoC boundary to enable features like: - HSM - SHE - V2X Secure-Enclave(s) communication interface are typically via message unit, i.e., based on mailbox linux kernel driver. This driver enables communication ensuring well defined message sequence protocol between Application Core and enclave's firmware. Driver configures multiple misc-device on the MU, for multiple user-space applications, to be able to communicate over single MU. It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc. Signed-off-by: Pankaj Gupta Reviewed-by: Rob Herring (Arm) --- Changes from v13 to v14: - No changed. Changes from v12 to v13: - compatible string is modified from "fsl,imx8ulp-se" to "fsl,imx8ulp-se-ele-hsm". - compatible string is modified from "fsl,imx93-se" to "fsl,imx93-se-ele-hsm". - compatible string is modified from "fsl,imx95-se" to "fsl,imx95-se-ele-hsm". - Mis-understood the +1 from Conor. Hence dropped the Reviewed-by tag. - Collected Rob's R-b tag on v7 (https://lore.kernel.org/all/172589152997.4184616.5889493628960272898.robh@kernel.org/) --- .../devicetree/bindings/firmware/fsl,imx-se.yaml | 91 ++++++++++++++++++++++ 1 file changed, 91 insertions(+) diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml new file mode 100644 index 000000000000..fa81adbf9b80 --- /dev/null +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml @@ -0,0 +1,91 @@ +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/firmware/fsl,imx-se.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave + +maintainers: + - Pankaj Gupta + +description: | + NXP's SoC may contain one or multiple embedded secure-enclave HW + IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s) + enables features like + - Hardware Security Module (HSM), + - Security Hardware Extension (SHE), and + - Vehicular to Anything (V2X) + + Communication interface to the secure-enclaves(se) is based on the + messaging unit(s). + +properties: + compatible: + enum: + - fsl,imx8ulp-se-ele-hsm + - fsl,imx93-se-ele-hsm + - fsl,imx95-se-ele-hsm + + mboxes: + items: + - description: mailbox phandle to send message to se firmware + - description: mailbox phandle to receive message from se firmware + + mbox-names: + items: + - const: tx + - const: rx + + memory-region: + maxItems: 1 + + sram: + maxItems: 1 + +required: + - compatible + - mboxes + - mbox-names + +allOf: + # memory-region + - if: + properties: + compatible: + contains: + enum: + - fsl,imx8ulp-se-ele-hsm + - fsl,imx93-se-ele-hsm + then: + required: + - memory-region + else: + properties: + memory-region: false + + # sram + - if: + properties: + compatible: + contains: + enum: + - fsl,imx8ulp-se-ele-hsm + then: + required: + - sram + + else: + properties: + sram: false + +additionalProperties: false + +examples: + - | + secure-enclave { + compatible = "fsl,imx95-se-ele-hsm"; + mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>; + mbox-names = "tx", "rx"; + }; +... From patchwork Wed Mar 26 18:37:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030098 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6C1FFC36008 for ; Wed, 26 Mar 2025 13:53:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=k0+jNm/oCY+edyAlRxCrL+v61cacOZ4p83gSZFxDEZY=; b=G7GO1KVEXehw333GC2409js35k /qFQyvpDcVlqur3gxjq0wyxaS0p9iDe3ySm6DOlpemigpB+TYiz14k3VeLWWXEsyFi33EvnZBOpGe CzoxSjDBYkyuA3JLWXZrG4FqmJH8WxsLdokrPGNvEy/O48rTpjau8LqMhv3yxYD9Lqllep7O5dnV5 89qlIfqhipPKaw7/IaFGC1tLfKiG0qbnAKzlAPblADATBuCrRhKnwSxVXpeVTtSgq9U18Kk66RMcL vMfJuYbLp5causOyXIkE2DDrEWyOeTjaFM9Ytcuvrz1SrrUr8nuhojG7wVW3xFLEUEcV2OJ1vcTt4 yT3a0niw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txRC8-00000008byK-3y3O; Wed, 26 Mar 2025 13:53:24 +0000 Received: from mail-westeuropeazlp170120005.outbound.protection.outlook.com ([2a01:111:f403:c201::5] helo=AS8PR03CU001.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQqM-00000008ZbT-3AvW for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:30:55 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=m3NTY8qSYiFUvh1s4q0M0jwLo26XXUx7MpaTjx8KIKUvQEhknS00vr6mpCM4jUk1ygzOAXin8sL7yo0BJ8Q4991sbdzxE+NHZNju4ZujVnMXwfNJEGKJd7RFm7UJ/Ay89M3T4e3ddqIlZHYfvkQL79XsdiEnOZMwrKpJWhNnqLiJHOiKid38+LKPNokjNZkffaxBTNvaQ3b0qfWlN+9CI9PL3/Rk4CTV/R6nZBaUgWXqf71Bko0/gsFJen38kQaTfIxjfVI6bP1NDRwEugb/7WfgABgaKL4v5TBiO9xmJJ105B/PrrGVljCd5tfZIzksJrftW4PiRBXkx6GBzt017g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=k0+jNm/oCY+edyAlRxCrL+v61cacOZ4p83gSZFxDEZY=; b=DRMY2/l0LA5ghXtir+1gVpQQ5mBPo9Fs2HOj6qDfypdefPmR2tvn3snWDv4e3bFSyq8XGem0MM30gkdw+0ZYlqCHxJ+qhav4SDaOgRq0YmH7vXP8H69B8f5ZoT5m+DuX7bvfUG87BITBKpSXUDeTYFe6VKGdyFr9FhqU8CIHYgD6yOz01dHzBjkRqD3/bLqqPsjh6m090hn4FvmNALA9/kQ581yyl7eTW2Vs7bsWen7El5XdQ8pRoFUKyzKQHAeSNJWHxWh1r4/cNkIvswVZAe9moVmWZQaedgIBjXkVktI2Vetjl5ywTrgE98uFGoB9nRb0DgRw21ZIoX5Nj3ACvA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=k0+jNm/oCY+edyAlRxCrL+v61cacOZ4p83gSZFxDEZY=; b=cgfDDwPHrLe2zmnq8cOSAP0JBqEs7xIeYa7fNnV8nyzfT0uGA3q4HH3fj6gbGjt6mUXTNcQD689iF1jz6mEX5I5UAxhBz6RtLl28Na8FtDdrJ+mf9B64xcC29EDHUVizi4/erYiprN7rHkkGTbGjSSZ1e2Wj1SueVOh7Gdc/qF3c+kp/Jenhx3UJSuWR6OU83ZUupGb2H5UHjZqioCVrrGZ07FReRL4Sk6kk97qoQhc3VlMBybWAgPtD/8xrtPbSm1UdrX/omRJnjxOSfeigBnL1M34lVeXKg4wEuXvhIAEguB0gpkpPO2T3dm7ChVOtk+Lc1qgwI8mo0DlYTku14Q== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by DU2PR04MB8855.eurprd04.prod.outlook.com (2603:10a6:10:2e2::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:15:04 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:15:04 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:07:59 +0530 Subject: [PATCH v14 3/6] arm64: dts: imx8ulp-evk: add nxp secure enclave firmware Message-Id: <20250327-imx-se-if-v14-3-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=2596; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=Am+Ylr90BSOOvZ1CM+nme3ejG4e4Q1vXzuDz2ouprmY=; b=mhTBBAWW+rcsm0GQ8siiE2PEL5o+JkMowLCMveSaacIGfSZ79f1wr2jCR8E94MztDHooViTXk UwyFSBeXcaBA72fDQWcHP3OEyctbALxCWiKUMiG6SJ85y7hgtv/PVe0 X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|DU2PR04MB8855:EE_ X-MS-Office365-Filtering-Correlation-Id: 3ac4fffa-61d4-4411-794a-08dd6c6838de X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|52116014|366016|376014|7416014|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?lxr1iOd6NK3KCjrzr0FmdV+89yMDDJP?= =?utf-8?q?Lmw9PQPZo8T47H03S0fgBh+mp45wa9Yy6tp1LlaWcSN2ytCK958bYb2669govZxK5?= =?utf-8?q?lcceII3nQebQ+MzZKTQGTf/Z1pWSydpNNmvRxv+dvJtLVcTH+UD9iwJjc0tj7Tw9+?= =?utf-8?q?ilyvKNRE/PU1sGxqZ+PhPcskmhpRfFA6Z0QXjgj2hsiH4lORa32nQUrs7d2zgh6m+?= =?utf-8?q?U2UL8JeR0EKehL0OBxAg6rtMTMTc9Zbdnicr5vTxZctuAj00sfxUbj82QMRjZJ+un?= =?utf-8?q?pMo/Wd2nDYkCdhNaod8PS4ctg/6spZezVqn79zrQmS3RIx3ZEs3Wg4tGEQ0hphIie?= =?utf-8?q?9wNapjghUm4s/AYh78yWLvBrH6X9UeShrP13++fOenXeiiZJRvy6AXanWUXzyEJrK?= =?utf-8?q?6NW/2VRAaNn5R6/NgnoidG45BVoIovaT7z0E9R6YZvd4iwOZcT2fGBwEQ+95CvS21?= =?utf-8?q?lUx3sJcalxqK6YPnkGaMSzZOivDVsmOT9hd0sfqrWu84xCXJdlgZUG+bt9jGnv8XQ?= =?utf-8?q?zEI9MslLBNZyTV4IJFXTXlx8Kp+0znAZuTJkt56cWa3O+SGHiMI9n41wP3KxzQSUd?= =?utf-8?q?HqxFczENnTpkOWYIZxVIznCgmgP/6acfL+M4cPPLDOmQEdYHHOQO0L3lMTnmgXgww?= =?utf-8?q?7Z2YcVWpS8PsnlC7R3sKvffBDSc7vnlYT+YiOYW3s29uDN7VtGFd04c2OMzmYN0en?= =?utf-8?q?l7QxFQ/u9BExMEX1JvAec7paXcQZoQTsklj+thMGCSCCUS1Pbji2Y/83GLWEVycXd?= =?utf-8?q?+fGlvZ3aVEnoQLCoegFEXvD2nkDLEcq5BWzNrSH1d5QfBlkg+kthLcFAtl1SCLn1e?= =?utf-8?q?omCOAjWkL4nOo8ak3y78bHYygGK2QSh611z1T/qWXwbj4eyliivWH1NOZbRdloj3R?= =?utf-8?q?lY9NlTy8aMJANpV27JQ/KJsQUecAlcujSyMtOpwOQQVKuoKRqbd4eafQxplrU1OP6?= =?utf-8?q?7QYwQ28Fs1FiGu1/6lEqFAZOtgUNEMRTzi2jHw+BiDfXgMlcrmiN0WhcDtT7eom4t?= =?utf-8?q?OBN5SZJuoF+Wf4lP0TwETgAp875cnSue35+0YB4ivchzL3KMNwwZ0/Q5bVVhUPAVm?= =?utf-8?q?JSG5whLvBUihf8QQ8fZdqFdg4BLdCvB1S+rPLjzqV5ug3qwypzRjyE1mehUUT6GcN?= =?utf-8?q?Nq1DDZVmnvhQQXFwrwIEXTKTxd2pHkcm66/9DvCO9XIFx9d/gEHlWQGTWD8w1wk7j?= =?utf-8?q?plQ8PY2TCttf6O1PfJg4NBR5gokrYrG1o9OIZgxLN1IDBfHri0UqIhqyVio1OoBlH?= =?utf-8?q?Nz5zW4AwIpK8HOBxxDdayKbiBtS2GWOmsAvO7itG9wgk9IyME0XPoEkxpuyC88Xwf?= =?utf-8?q?BYnYxI0D81pK2HG7yABxSJF1cyOUA9alb4fbXS7mv4KpTiMSVJ3UDaS9OqtQalq/g?= =?utf-8?q?F4KCSdlNZNJwjt9wJfYK4Pue2WCAlYNNQ=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(52116014)(366016)(376014)(7416014)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?9lzgueA7tICjigMiboSz3W+wtT9p?= =?utf-8?q?SBVcNnOCL3IoP50DSaRvF0ZZWjuorV02mWwDQGqbUpMfU8vklJZEY01HSsKMxPsxD?= =?utf-8?q?3qRyMn0q7Fiq0iGwK9gBjM+cgGt3gmkdTQuZvQA5jmSCzX8X5s69QyPZYb9fxw/ue?= =?utf-8?q?uaAmS48Ux+o8PlfRyjYk7/zO9QqSNj5lDRtp5ARC96k22ea3dBjhxd9Q2DKMd/Ph4?= =?utf-8?q?3cLJAm5LtbeB3JS2XYkEdYwSlcuywVE09bERaiPr+uC2fY+k8ZeuY7TSLNze/G1SW?= =?utf-8?q?kbPSUZnjvVCB+vOReOkz6R+ktQMEoYVAh4dvaQEbdYkiIgWUGRWSOxAsEZWJ3hRyC?= =?utf-8?q?jHFFFEcyxpmtpMosBllwyjNETI1WKUf0IXvOjYM/HPEB9eclzxF+1bvxTPZsQuhOn?= =?utf-8?q?HDRClzSw+imtAkAJcmKkEuysvXRT5+PNuIB+0I+XFTY2xKv+oXeR+3lvnByE3VvPz?= =?utf-8?q?Lv3F0/ogcPiDzXz/cNn7PQa8NsMWH3fZYNPcOrpzGHioNR2SFFObnWmyTwwd55gBW?= =?utf-8?q?QwmTVzi1mk4+OqwhW4SIhauWkTGvZmw2J/6rSIhjeuEaQ+fzlGAjy2Lk1+k3oOK/k?= =?utf-8?q?OMC11cinMNsgbT/74jNseaND48KNem9mm73Dz+9PKy04VSSWaRAtDvWZ0T57m/QS3?= =?utf-8?q?EY+yrUGRYY6kwifyj4VQVP0J52D39HykRqe4rKnJwMWM9XsryZxbl6IJjh7cJQeoe?= =?utf-8?q?MtDwtQOp8iMYfGYsrOKtfC+gwNz8zh0U3O3cgs4fRtAUZl+YPKRWzWujG++OpvPz7?= =?utf-8?q?h8+tJGeb+I3BQ1ZEbDyPoVyhZaivMLnudrT8iiUtSPhLTI3jF9ptMJcWZHIWmbWcs?= =?utf-8?q?U1aKSzYD5KzjoJQatfQGocm90j6KOi04v+MG1QTq2yGmzbMjbDI8PXv9NM7/+nZ7h?= =?utf-8?q?RprHwE5qewuadVTtHsKp5CEeEaBilDZd2LKOJp5lLi1wnPNn5puEjFotq2SbAzDDA?= =?utf-8?q?NK51XPHnAwSo4qQcwMJz3IV2lZgVtIVrO5icp5tbkVUhLWXfm9qwV+lPh67d6K5og?= =?utf-8?q?TzzCU409hfyi/uzBXLvkn56Hj8mduSZJFei/stdBDseQ8csjl5yQIUJiBvz4Fif/J?= =?utf-8?q?3qR0pERUISH4QBAVSRrrA5QzFN6t9N7Bdz9mfnhPaWiM+/3Vfvan6sSgFl+zXrGKy?= =?utf-8?q?QjHlBwzyoRG/mxK9/XMrNniTjaW7ZO1CRPN/E8liJqdNv6jKwkHO7DbM2/ce8ZrHz?= =?utf-8?q?1LKtc9l/tZKiehxtoPW+2RQv4ObYMyNm3B9xJYOkzBNs1jFgHXU7mY5ucuFmCM2iQ?= =?utf-8?q?2ekPRhLXzTzSHVwbfz5ldYqh2stcvtqOKEcV0m0x+1ZyJQnAiv4SsqVYwZeAhQw0v?= =?utf-8?q?ebmxJWobodBVq1RQbkbVxfvutMfbmtKfp/JinJMBg2k1MkBJMF5zVJeZZw0xjJAK5?= =?utf-8?q?Dv/9X7SwsASKBY/WvXJQObVcRFyr8O+HoZrQrvqCQrNgbxNFsCu0U49SVkh9XYW+4?= =?utf-8?q?6dn0htcMInGe7dd1aEWF02YegKQe8vHduSpr19+3SkyfDqFoqnYz/eC9igKmUrUJ7?= =?utf-8?q?n6wfG9gXai+g?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3ac4fffa-61d4-4411-794a-08dd6c6838de X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:15:04.4606 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: X/QfZ+//o1pDE4pc2Rp2U9VFNOykg9/F0Ir8nTNyFYq3ViWLa5znJ5SKAuh2Zjmd9bECeTGPd4/JgukvEliJiw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8855 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_063054_793988_032F458C X-CRM114-Status: GOOD ( 12.59 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add support for NXP secure enclave called EdgeLock Enclave firmware (se-fw) for imx8ulp-evk. EdgeLock Enclave has a hardware limitation of restricted access to DDR address: 0x80000000 to 0xafffffff, so reserve 1MB of DDR memory region from 0x80000000. Signed-off-by: Pankaj Gupta --- changes from v13 to v14 - added the blank line. - removed the lines: #address-cells = <1>; , #size-cells = <0>; - moved the ele-reserved under the parent node "reserved-memory". - rename the node name "ele-reserved" to general name "memory". --- arch/arm64/boot/dts/freescale/imx8ulp-evk.dts | 12 +++++++++++- arch/arm64/boot/dts/freescale/imx8ulp.dtsi | 11 +++++++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/arch/arm64/boot/dts/freescale/imx8ulp-evk.dts b/arch/arm64/boot/dts/freescale/imx8ulp-evk.dts index 290a49bea2f7..10aaf02f8ea7 100644 --- a/arch/arm64/boot/dts/freescale/imx8ulp-evk.dts +++ b/arch/arm64/boot/dts/freescale/imx8ulp-evk.dts @@ -1,6 +1,6 @@ // SPDX-License-Identifier: (GPL-2.0+ OR MIT) /* - * Copyright 2021 NXP + * Copyright 2021, 2025 NXP */ /dts-v1/; @@ -37,6 +37,12 @@ linux,cma { linux,cma-default; }; + ele_reserved: memory@90000000 { + compatible = "shared-dma-pool"; + reg = <0 0x90000000 0 0x100000>; + no-map; + }; + m33_reserved: noncacheable-section@a8600000 { reg = <0 0xa8600000 0 0x1000000>; no-map; @@ -259,6 +265,10 @@ &usdhc0 { status = "okay"; }; +&hsm0 { + memory-region = <&ele_reserved>; +}; + &fec { pinctrl-names = "default", "sleep"; pinctrl-0 = <&pinctrl_enet>; diff --git a/arch/arm64/boot/dts/freescale/imx8ulp.dtsi b/arch/arm64/boot/dts/freescale/imx8ulp.dtsi index 2562a35286c2..05db47668b7e 100644 --- a/arch/arm64/boot/dts/freescale/imx8ulp.dtsi +++ b/arch/arm64/boot/dts/freescale/imx8ulp.dtsi @@ -1,6 +1,6 @@ // SPDX-License-Identifier: (GPL-2.0+ OR MIT) /* - * Copyright 2021 NXP + * Copyright 2021, 2025 NXP */ #include @@ -154,7 +154,7 @@ sosc: clock-sosc { #clock-cells = <0>; }; - sram@2201f000 { + sram0: sram@2201f000 { compatible = "mmio-sram"; reg = <0x0 0x2201f000 0x0 0x1000>; @@ -186,6 +186,13 @@ scmi_sensor: protocol@15 { #thermal-sensor-cells = <1>; }; }; + + hsm0: secure-enclave { + compatible = "fsl,imx8ulp-se-ele-hsm"; + mbox-names = "tx", "rx"; + mboxes = <&s4muap 0 0>, <&s4muap 1 0>; + sram = <&sram0>; + }; }; cm33: remoteproc-cm33 { From patchwork Wed Mar 26 18:38:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030059 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9D3C0C36008 for ; Wed, 26 Mar 2025 13:17:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=rlpEfZGzB2T6I/sX8gLw2edoGZZWPEci2WUiM9/D7Bs=; b=xlW2dWVMrBZy/KfOcC2u02sjPj Vu3URCA5p8aSYH0l5bZdUjGHetHDEdeC5jq42SAf52NqsX5esy5ddeK5EZz8PUteGlniBc6yJNf+F 2Ov1yODWMahZHTrfOzcKXF+h9+gRTlhw+nmo24h8s9LQABGZ7N99IGk0JTYfVM3G078krsiJghu7u 5x8nO6gFmjdFONCIT87SHdMwnD0nTdqywULENvuWhx5R16YaNKbNrC96z2lv4QGyj/7QoHeszn9gH elhIVZoJSOn6HEe6sGz1ciWa5ivcB6eZOZ9z78ZoOjGemL2RkUhbdBhCY/Kq3ej1Ma8aVq44vdohq E+gQyxJA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQcv-00000008XEM-0D8a; Wed, 26 Mar 2025 13:17:01 +0000 Received: from mail-westeuropeazlp170130007.outbound.protection.outlook.com ([2a01:111:f403:c201::7] helo=AM0PR02CU008.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQbA-00000008Wt2-3DWt for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:15:14 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JBq4AiVTHADYGkMxnxgS3qXqLdCqBVWq1CeI/YoSajP68FhxRtGOsORVIErbXTcaUF0CEXFG7KTp0Fm8kSzOwygTstCedVBSo4piOeImK55x0JMWJ4IHXUtcg7Ky9lxCEYXLTn2B0DiJ4unOcP4tIXi2c8Vr/pi8P9l3k6+BZzZesSt7BKx7XW+aq+ljF8EH6U8b93rXwbIJQ8is/lQIx0XN6Zrku9VtEgaC6Bc3NB9BOsMy+eJkpBLOp5n06AZK7ud/KRDOFueDkfbFrNYoM4/gN71JAKyk5hd49jsjAyMAS/68KILHt5HtJFes5wUGX3voz/hlyLtMvmuNb8+Qog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rlpEfZGzB2T6I/sX8gLw2edoGZZWPEci2WUiM9/D7Bs=; b=YqZYJHNOrgzdYagbhvayipMwJkESj4VG1uoEl1yglYC9Xkw45Slf/H6s2e7c5cKesRQQBcwg0mW4gY2nd/jIFczTdFySSRoreOy9NYRfhZfRUY8AD9VXLXMgu7TwgU0yJxSGZOJhSnuR6uAA/65IErMfStX2PufAw5fvb9B4UdA0t7M6CmdGiB/Zx5qoliE1/+rtBCcEILuRbcJGWJoQUoJ6tfmogECtFmKNvHWJRSVwZLtb0GcwqSkKLacMBOIKFOkCuSNI17AaQvz9HnjjICPYHmpIQFbC/GWNhn7PDTp8aBs86gnJZw+l1qTcx03yp9yoeL8G40u/h+JInAqBqg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rlpEfZGzB2T6I/sX8gLw2edoGZZWPEci2WUiM9/D7Bs=; b=ABl6iVpTLtb77DZMHfNePCFVzrKVIpWVchksTJ09F3WySHkUE6Y/tEDk1c+js76RNvkmQDIdIqnpN6CeCih0GSc8gzu3XAK3WuWiyrELJPR147QWsDYVYqAWf4GtZ/K/vbghPYO+M9Y9S1sbNplkBPjpUKx4dHaZID9NZjBkQfaqmtnR1U9pIb+LIymEiAbS7+ypy2EIYaTGFIFL/NNv7ql/upDAKb8rl6T1LvyDmRI8Opx0khoS3fpcGFoOg8aKRzbE5gPWV1OuHuhSgiQ6RGHaxHMS20fa6Qrh7WjuP1FD8/z4iv+YYXPNmpo+kxeKwt6kkxfEy+wGjgveofMx1g== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by DU2PR04MB8855.eurprd04.prod.outlook.com (2603:10a6:10:2e2::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:15:09 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:15:09 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:08:00 +0530 Subject: [PATCH v14 4/6] firmware: imx: add driver for NXP EdgeLock Enclave Message-Id: <20250327-imx-se-if-v14-4-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=39292; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=d9ghXjA7XbkK/PptSq/iXmM9cfluf6kTBj9Nk+k/Gkk=; b=luvTG83Ky5SJ+8SQjoWy41F9Ks7H84ZK5JLn0sNwlkFpY6vyXI58MGokCCiaZAauFxkerRNI6 HXqA1P9ZzKVCXvkoX14zPr+XbG2STos5VXQc9Yl+fx67GZzdf/GUemG X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|DU2PR04MB8855:EE_ X-MS-Office365-Filtering-Correlation-Id: e92f5f47-393c-45aa-62ed-08dd6c683ba3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|52116014|366016|376014|7416014|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?joiODJi4QYr/X6w/KiDYNoOW9PXQTPO?= =?utf-8?q?dZMDLLXUK4+DDknbs4SKAsOmXUHD3sufo7olFgyUWb7plNF6sbcyU153mr+oAvG0k?= =?utf-8?q?liMnTmHD3Pahh+e/fxy/VhDVmUIimQ0XEjHrOCiHeJUo1V6zvNg+WXwjy92kNGqoi?= =?utf-8?q?lfgoLRvcIXcsYt92J9vIqaZprxMDahNSQWnlBvmJvDrv0WhYpKVPO2x8VYxC9Hu1G?= =?utf-8?q?+edVME+AZPBlck47QTZ8sS33Rety8M68NpwI2PZqZ9V4NlUpp2cNQZgP6jUZ2UBC5?= =?utf-8?q?1jVjQUqzhOSvHHm/w7M/rsknHbAbf05A4GeeGp1FeP3Yrguaq15nBU1SSRSl3G6eH?= =?utf-8?q?snXA6DLuDV64YLVkxvOZO7EUR7q2Cvk1xjGJWi1YCtzXguypnVtIxLSyiOuvBwF/v?= =?utf-8?q?bP8T+S0kKcrTJ/rsZ7atEaxUspWRhJ33aVpTOw/TVuSuXvD7ZQdn8cJN5qXM7aRmM?= =?utf-8?q?lUhfCtixXCxtcFvGwDWOPFafcmURwYxCDtUGsqshNAycQvGgf4RJTWQsfOg6n3op1?= =?utf-8?q?bK3teagaFJA16ebX4KBTUT34sPX/D7JrCYwn4TWW89oxP1vZsJnHqKB8T84MI5OYv?= =?utf-8?q?WGWDGmiQysID/+o5Rkbm7VFRxCcKJ3X5WRimeFWc3kIeYasn7kYUACZOpPpZE3nqu?= =?utf-8?q?6loHVZWnG5BFCJvtmj27hXIsIpoGMdL+8KyzUNT9W1/TfOhidG0FOdsNskTbrrbpC?= =?utf-8?q?+O++diYeTxOJ8sBqs1OTcTZH2KpeQJxOSRHM3YWM3XhqiKYhtcAEfOPTiOvoxSi+s?= =?utf-8?q?qsxd/3CKsF2bNKKpKiSMf2zeKba1pmMsTP//YD/sK26mfCBlGwNvkDegpJhEXuHzV?= =?utf-8?q?RNEBcVBVh7US3MRtocltPMEVf3r2dB1eGdnph7ft50b2UfG/jNKGCO6EsLN0y+WK1?= =?utf-8?q?96OA3peiEkM0EoZkSwSzXgq2Locpwt3n6CVzbNaSAtBrBEMuizcYCB/QSmmiUOxcf?= =?utf-8?q?LY99RTb+IE1iToGMtH5NSnz04Y7eapcZgrZz5d3g3DhZyVsROt2c4VuluAG+iQII3?= =?utf-8?q?1dfl3Bt9J5qaeqSzMUcUFoxEGNjGn9HuY1w1iPmqG+3vD47HbZE8vWMZbM21Ad/Tp?= =?utf-8?q?BjBWQ/PbO3w2l56iOlzWcX0MsbwGeqhWbdhyKBNUN4UMRMkQB2of5qa4o2e2RzLLg?= =?utf-8?q?R2pYKWmWW0Xb7VOyOVu8PAvbV6Rbvb1KL4IVozV9cNZKXpghpBRuQlI3tGT6QrLNz?= =?utf-8?q?ZdlynnbJkqJ1h6T9jIxJeMmxwrk6wQ6cR/aD7I6YfpMw9KWJ85jpGxpaA0iYql4Xf?= =?utf-8?q?OG1R+fup65G1a5nI5zvwmVSq0owzq8m3//3POoDFYJSSFFENxnBPeZjkVmzyKNJlY?= =?utf-8?q?AeEVMeJ979VeWU6UkyLabnH1019ukb5A0SGGA7oDPZj/82nvkugqh5v6ittiRMAwD?= =?utf-8?q?pKucr2PnRGy2IezVrOozshm4VrXxu5Kmg=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(52116014)(366016)(376014)(7416014)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?3yxy7yukbQcBwUkbFABOJuZcOsVS?= =?utf-8?q?1JcJZkQpuiHNRVCref4dycPe2FIj+bLwecJHU2HssbxjmlBCWncmCiBLu7k0WEdHa?= =?utf-8?q?URzggHSwAVrzAcO4hi/xMu7evnZPRjfOKmFf5Nq3Vubh8Z5tDLZ8eOcJqnPGo1+7F?= =?utf-8?q?2KzNsLSBNBX0ujUi1EWZTrhSLcLYaROv5ETdsBcEI2leAU50s344kw6iHyuVZbMd0?= =?utf-8?q?/HhlM2e8iuCssfiK04854w8q9jHFX1k1JeEkPY60h/KsPqEQI8K2vnGuTtGHhlKep?= =?utf-8?q?K93D26P7/QuR7BsMiC5McdfN2lZ1NEgL4YhTAIdTqixdHAECCTSZI+CMG3YY3xSMl?= =?utf-8?q?gHV8wGBvjFTIDpHhKNzn16eE5l5eIpFlWPIuGlJqpisW9nMMRB1HT5RgeVyvLeJ5O?= =?utf-8?q?e57iu9ELNmuLea1OjepkorsXWocbkZlMeRMANv3YyuIK1oOm9dmYppy7+V95iANOT?= =?utf-8?q?ZpkPK9TINxHO8NpvINADXm7/V7G37ySHLfE+a+HMVCC9v1zWJg7vH+FKblRem8y0f?= =?utf-8?q?ZANsLy9OJv4ESB5fuctG7j/UpKJiwoshrWeCsB7OPLIkWEXVeI1jxMC4jFcNza458?= =?utf-8?q?ymY7iIy/WeZZI0U27Iu1pO+jNyJfuu2AQaLjSp3+RVsIbuden2JmdlbparL7ug54p?= =?utf-8?q?zdVb1dXiaVsW+VeY1DfiYb7iyz4LLtoQ3oInDtsXMzHSIvzqMolwUJZ0pkVKKuylj?= =?utf-8?q?wiM3MMMJm7uW8xtct9cOYspasdRaedwl0+gOmvMjfDCwbjKuvtio2RH+Tifs75yfK?= =?utf-8?q?j2JUAimGSICsm8k6AphOjYRL3/yob7Ye+mXmpTFTE7YHH1Di9N6hfeF5/GOMbzS70?= =?utf-8?q?23Z8HdwOWKPUh8Su9O1GcNuYAv34rzO0jGvUkq3RG6Tz/Lelm8Q+eo2lAYVTYYQiz?= =?utf-8?q?EWZzIfGJa5Ymfv9Vt9YxX8rDkpW2x5yiyublO1uFwpTYs5YK8D2delcNiCwjmNY/a?= =?utf-8?q?VRjHPd0nIoNeOYS8MIsHJQblIYqZ2IXsjiGklXDUXU7ITT1dIHOJsRPoxATqOSysJ?= =?utf-8?q?FBRyFAtSavG9saXQLARYWP/fzmPOzzGL7RyNhb5yp64mE4OK5l8B234/qkuaHNjml?= =?utf-8?q?5dAiJVQg2T3UTS+H6D3GRk0THfH5L9RwO3xHf8UcCTOtut/BreztZvKJQaa9JAzae?= =?utf-8?q?ZgLEcOhbnBYTEozZzIeUr+Uix6vpvnQ3fxKaO77+FowKhD1WEEXBFbG7/zPT2D50+?= =?utf-8?q?N1IUNnr5bzXFziL11BrAA2XZTicyrLyWUyJ0oAOGZpU6gaUg19WSbkw15gtIqf45T?= =?utf-8?q?JPfCsMBFb/KYv61X84o+1gIiexam7NFJ39c8KDlP0C4ifcFImGaX4dIttL3EnUWxM?= =?utf-8?q?R75a7LhIBgiwyALmqMeabAdk9hiamnaJRpYFIUkzLJIL/Sy+O9y9qgZbsbac6wite?= =?utf-8?q?SY2ia3wkoFnuupSRU36HPD1Dd55REPhBnPbmao2FCtOOepg3dmViJWxBQP4vrL/ug?= =?utf-8?q?y3jX28RvsPSO4o05c5eEgBs01SZW2e6V9qiG1KZLuYxQMwD9kImAkf5Ck8ddpxymC?= =?utf-8?q?r6MNjRhCtZRv?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: e92f5f47-393c-45aa-62ed-08dd6c683ba3 X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:15:09.1167 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: zQIcBaENpvs83zBYllmK5TA6QrJPPB3uXnBojO2aSFDzxDcSoHQkuxrh7LdqT1CSfsXm2uJJDdzkroxfnbSEhw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8855 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_061513_129374_923EF981 X-CRM114-Status: GOOD ( 23.16 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add driver for enabling MU based communication interface to secure-enclave. NXP hardware IP(s) for secure-enclaves like Edgelock Enclave(ELE), are embedded in the SoC to support the features like HSM, SHE & V2X, using message based communication interface. The secure enclave FW communicates with Linux over single or multiple dedicated messaging unit(MU) based interface(s). Exists on i.MX SoC(s) like i.MX8ULP, i.MX93, i.MX95 etc. Other dependent kernel drivers will be: - NVMEM: that supports non-volatile devices like EFUSES, managed by NXP's secure-enclave. Signed-off-by: Pankaj Gupta --- changes from v13 to v14 - trimmed the ele_fetch_soc_info. - removed the function ptr "se_info->se_fetch_soc_info" and replaced with ele_fetch_soc_info. - moved definition of func se_load_firmware, to 6/6 patch. - Different SoC, different ways to fetch soc_info. Generic function declaration for ele_fetch_soc_info() is needed. Hence wrapping ele_get_info() in it. - Updated Kconfig help text for assertive tone. - func ele_debug_dump is updated, to remove constructing the format string. - removed the macro usage for SOC_ID_MASK. - used low case hex number. - Condition will never occur, where msg_len satisfy the following condition "msg_len % 4 != 0". Err msg is added if it occurs. - Function description is added to se_add_msg_crc. - timeout is added to function ele_msg_rcv, in 5/5 patch. - local variable "header" is initialized with "tx_msg" and replaced "return err" with "return tx_msg_sz" in func ele_msg_send(). - replace function name from "exception_for_size" to "check_hdr_exception_for_sz" - replaced "return ret > 0 ? 0 : -1;" with "return ret > 0 ? 0 : ret;" in func "se_save_imem_state". - func "se_restore_imem_state", to return if the condition is false to proceed. - removed casting by (void *). - removed devm_kasprintf and done direct allocatiion for attr->soc_id = "i.MX8ULP" & attr->soc_id = "i.MX8ULP", & attr->family. - Followed Reverse christmas tree order, whereever missing. - There is no return if ele_fw_authenticate fails. Execution flow continue forward and execute the fucn dma_free_coherent(). - The loop is not for retry. The loop is needed to load secondary fw followed by loading primary fw, first. This is the case when ELE also got reset. - dev_err_probe is corrected in func "se_if_request_channel". --- drivers/firmware/imx/Kconfig | 13 ++ drivers/firmware/imx/Makefile | 2 + drivers/firmware/imx/ele_base_msg.c | 315 ++++++++++++++++++++++++++++ drivers/firmware/imx/ele_base_msg.h | 95 +++++++++ drivers/firmware/imx/ele_common.c | 343 ++++++++++++++++++++++++++++++ drivers/firmware/imx/ele_common.h | 50 +++++ drivers/firmware/imx/se_ctrl.c | 402 ++++++++++++++++++++++++++++++++++++ drivers/firmware/imx/se_ctrl.h | 84 ++++++++ include/linux/firmware/imx/se_api.h | 14 ++ 9 files changed, 1318 insertions(+) diff --git a/drivers/firmware/imx/Kconfig b/drivers/firmware/imx/Kconfig index c964f4924359..f76ad32aad59 100644 --- a/drivers/firmware/imx/Kconfig +++ b/drivers/firmware/imx/Kconfig @@ -33,3 +33,16 @@ config IMX_SCMI_MISC_DRV core that could provide misc functions such as board control. This driver can also be built as a module. + +config IMX_SEC_ENCLAVE + tristate "i.MX Embedded Secure Enclave - EdgeLock Enclave Firmware driver." + depends on IMX_MBOX && ARCH_MXC && ARM64 + select FW_LOADER + default m if ARCH_MXC + + help + Exposes APIs supported by the iMX Secure Enclave HW IP called: + - EdgeLock Enclave Firmware (for i.MX8ULP, i.MX93), + like base, HSM, V2X & SHE using the SAB protocol via the shared Messaging + Unit. This driver exposes these interfaces via a set of file descriptors + allowing to configure shared memory, send and receive messages. diff --git a/drivers/firmware/imx/Makefile b/drivers/firmware/imx/Makefile index 8d046c341be8..4e1d2706535d 100644 --- a/drivers/firmware/imx/Makefile +++ b/drivers/firmware/imx/Makefile @@ -2,3 +2,5 @@ obj-$(CONFIG_IMX_DSP) += imx-dsp.o obj-$(CONFIG_IMX_SCU) += imx-scu.o misc.o imx-scu-irq.o rm.o imx-scu-soc.o obj-${CONFIG_IMX_SCMI_MISC_DRV} += sm-misc.o +sec_enclave-objs = se_ctrl.o ele_common.o ele_base_msg.o +obj-${CONFIG_IMX_SEC_ENCLAVE} += sec_enclave.o diff --git a/drivers/firmware/imx/ele_base_msg.c b/drivers/firmware/imx/ele_base_msg.c new file mode 100644 index 000000000000..3839c93f8212 --- /dev/null +++ b/drivers/firmware/imx/ele_base_msg.c @@ -0,0 +1,315 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2025 NXP + */ + +#include + +#include +#include +#include + +#include "ele_base_msg.h" +#include "ele_common.h" + +#define FW_DBG_DUMP_FIXED_STR "ELE" + +int ele_get_info(struct se_if_priv *priv, struct ele_dev_info *s_info) +{ + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + dma_addr_t get_info_addr = 0; + u32 *get_info_data = NULL; + int ret = 0; + + if (!priv) + return -EINVAL; + + memset(s_info, 0x0, sizeof(*s_info)); + + tx_msg = kzalloc(ELE_GET_INFO_REQ_MSG_SZ, GFP_KERNEL); + if (!tx_msg) + return -ENOMEM; + + rx_msg = kzalloc(ELE_GET_INFO_RSP_MSG_SZ, GFP_KERNEL); + if (!rx_msg) + return -ENOMEM; + + if (priv->mem_pool) + get_info_data = gen_pool_dma_alloc(priv->mem_pool, + ELE_GET_INFO_BUFF_SZ, + &get_info_addr); + else + get_info_data = dma_alloc_coherent(priv->dev, + ELE_GET_INFO_BUFF_SZ, + &get_info_addr, + GFP_KERNEL); + if (!get_info_data) { + dev_dbg(priv->dev, + "%s: Failed to allocate get_info_addr.\n", + __func__); + return -ENOMEM; + } + + ret = se_fill_cmd_msg_hdr(priv, + (struct se_msg_hdr *)&tx_msg->header, + ELE_GET_INFO_REQ, + ELE_GET_INFO_REQ_MSG_SZ, + true); + if (ret) + goto exit; + + tx_msg->data[0] = upper_32_bits(get_info_addr); + tx_msg->data[1] = lower_32_bits(get_info_addr); + tx_msg->data[2] = sizeof(*s_info); + ret = ele_msg_send_rcv(priv, + tx_msg, + ELE_GET_INFO_REQ_MSG_SZ, + rx_msg, + ELE_GET_INFO_RSP_MSG_SZ); + if (ret < 0) + goto exit; + + ret = se_val_rsp_hdr_n_status(priv, + rx_msg, + ELE_GET_INFO_REQ, + ELE_GET_INFO_RSP_MSG_SZ, + true); + + memcpy(s_info, get_info_data, sizeof(*s_info)); + +exit: + if (priv->mem_pool) + gen_pool_free(priv->mem_pool, + (u64)get_info_data, + ELE_GET_INFO_BUFF_SZ); + else + dma_free_coherent(priv->dev, + ELE_GET_INFO_BUFF_SZ, + get_info_data, + get_info_addr); + + return ret; +} + +int ele_fetch_soc_info(struct se_if_priv *priv, void *data) +{ + return ele_get_info(priv, data); +} + +int ele_ping(struct se_if_priv *priv) +{ + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + int ret = 0; + + if (!priv) + return -EINVAL; + + tx_msg = kzalloc(ELE_PING_REQ_SZ, GFP_KERNEL); + if (!tx_msg) + return -ENOMEM; + + rx_msg = kzalloc(ELE_PING_RSP_SZ, GFP_KERNEL); + if (!rx_msg) + return -ENOMEM; + + ret = se_fill_cmd_msg_hdr(priv, + (struct se_msg_hdr *)&tx_msg->header, + ELE_PING_REQ, ELE_PING_REQ_SZ, true); + if (ret) { + dev_err(priv->dev, "Error: se_fill_cmd_msg_hdr failed.\n"); + return ret; + } + + ret = ele_msg_send_rcv(priv, + tx_msg, + ELE_PING_REQ_SZ, + rx_msg, + ELE_PING_RSP_SZ); + if (ret < 0) + return ret; + + ret = se_val_rsp_hdr_n_status(priv, + rx_msg, + ELE_PING_REQ, + ELE_PING_RSP_SZ, + true); + + return ret; +} + +int ele_service_swap(struct se_if_priv *priv, + phys_addr_t addr, + u32 addr_size, u16 flag) +{ + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + int ret = 0; + + if (!priv) + return -EINVAL; + + tx_msg = kzalloc(ELE_SERVICE_SWAP_REQ_MSG_SZ, GFP_KERNEL); + if (!tx_msg) + return -ENOMEM; + + rx_msg = kzalloc(ELE_SERVICE_SWAP_RSP_MSG_SZ, GFP_KERNEL); + if (!rx_msg) + return -ENOMEM; + + ret = se_fill_cmd_msg_hdr(priv, + (struct se_msg_hdr *)&tx_msg->header, + ELE_SERVICE_SWAP_REQ, + ELE_SERVICE_SWAP_REQ_MSG_SZ, true); + if (ret) + return ret; + + tx_msg->data[0] = flag; + tx_msg->data[1] = addr_size; + tx_msg->data[2] = ELE_NONE_VAL; + tx_msg->data[3] = lower_32_bits(addr); + tx_msg->data[4] = se_add_msg_chksum((uint32_t *)&tx_msg[0], + ELE_SERVICE_SWAP_REQ_MSG_SZ); + if (!tx_msg->data[4]) + return -EINVAL; + + ret = ele_msg_send_rcv(priv, + tx_msg, + ELE_SERVICE_SWAP_REQ_MSG_SZ, + rx_msg, + ELE_SERVICE_SWAP_RSP_MSG_SZ); + if (ret < 0) + return ret; + + ret = se_val_rsp_hdr_n_status(priv, + rx_msg, + ELE_SERVICE_SWAP_REQ, + ELE_SERVICE_SWAP_RSP_MSG_SZ, + true); + if (ret) + return ret; + + if (flag == ELE_IMEM_EXPORT) + ret = rx_msg->data[1]; + else + ret = 0; + + return ret; +} + +int ele_fw_authenticate(struct se_if_priv *priv, phys_addr_t addr) +{ + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + int ret = 0; + + if (!priv) + return -EINVAL; + + tx_msg = kzalloc(ELE_FW_AUTH_REQ_SZ, GFP_KERNEL); + if (!tx_msg) + return -ENOMEM; + + rx_msg = kzalloc(ELE_FW_AUTH_RSP_MSG_SZ, GFP_KERNEL); + if (!rx_msg) + return -ENOMEM; + + ret = se_fill_cmd_msg_hdr(priv, + (struct se_msg_hdr *)&tx_msg->header, + ELE_FW_AUTH_REQ, + ELE_FW_AUTH_REQ_SZ, + true); + if (ret) + return ret; + + tx_msg->data[1] = upper_32_bits(addr); + tx_msg->data[0] = lower_32_bits(addr); + tx_msg->data[2] = addr; + + ret = ele_msg_send_rcv(priv, + tx_msg, + ELE_FW_AUTH_REQ_SZ, + rx_msg, + ELE_FW_AUTH_RSP_MSG_SZ); + if (ret < 0) + return ret; + + ret = se_val_rsp_hdr_n_status(priv, + rx_msg, + ELE_FW_AUTH_REQ, + ELE_FW_AUTH_RSP_MSG_SZ, + true); + return ret; +} + +int ele_debug_dump(struct se_if_priv *priv) +{ + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + bool keep_logging; + int msg_ex_cnt; + int ret = 0; + int i; + + if (!priv) + return -EINVAL; + + tx_msg = kzalloc(ELE_DEBUG_DUMP_REQ_SZ, GFP_KERNEL); + if (!tx_msg) + return -ENOMEM; + + rx_msg = kzalloc(ELE_DEBUG_DUMP_RSP_SZ, GFP_KERNEL); + if (!rx_msg) + return -ENOMEM; + + ret = se_fill_cmd_msg_hdr(priv, + &tx_msg->header, + ELE_DEBUG_DUMP_REQ, + ELE_DEBUG_DUMP_REQ_SZ, + true); + if (ret) + return ret; + + msg_ex_cnt = 0; + do { + memset(rx_msg, 0x0, ELE_DEBUG_DUMP_RSP_SZ); + + ret = ele_msg_send_rcv(priv, + tx_msg, + ELE_DEBUG_DUMP_REQ_SZ, + rx_msg, + ELE_DEBUG_DUMP_RSP_SZ); + if (ret < 0) + return ret; + + ret = se_val_rsp_hdr_n_status(priv, + rx_msg, + ELE_DEBUG_DUMP_REQ, + ELE_DEBUG_DUMP_RSP_SZ, + true); + if (!ret) { + keep_logging = (rx_msg->header.size < (ELE_DEBUG_DUMP_RSP_SZ >> 2)) ? + false : true; + keep_logging = keep_logging ? + (msg_ex_cnt > ELE_MAX_DBG_DMP_PKT ? false : true) : + false; + + rx_msg->header.size -= 2; + + if (rx_msg->header.size > 4) + rx_msg->header.size--; + + for (i = 0; i < rx_msg->header.size; i += 2) + dev_info(priv->dev, "%s%02x_%02x: 0x%08x 0x%08x", + FW_DBG_DUMP_FIXED_STR, msg_ex_cnt, i, + rx_msg->data[i + 1], rx_msg->data[i + 2]); + } else { + dev_err(priv->dev, "Dump_Debug_Buffer Error: %x.", ret); + break; + } + msg_ex_cnt++; + } while (keep_logging); + + return ret; +} diff --git a/drivers/firmware/imx/ele_base_msg.h b/drivers/firmware/imx/ele_base_msg.h new file mode 100644 index 000000000000..c037a9cfa24c --- /dev/null +++ b/drivers/firmware/imx/ele_base_msg.h @@ -0,0 +1,95 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2025 NXP + * + * Header file for the EdgeLock Enclave Base API(s). + */ + +#ifndef ELE_BASE_MSG_H +#define ELE_BASE_MSG_H + +#include +#include + +#include "se_ctrl.h" + +#define ELE_NONE_VAL 0x0 + +#define ELE_GET_INFO_REQ 0xda +#define ELE_GET_INFO_REQ_MSG_SZ 0x10 +#define ELE_GET_INFO_RSP_MSG_SZ 0x08 + +#define MAX_UID_SIZE (16) +#define DEV_GETINFO_ROM_PATCH_SHA_SZ (32) +#define DEV_GETINFO_FW_SHA_SZ (32) +#define DEV_GETINFO_OEM_SRKH_SZ (64) +#define DEV_GETINFO_MIN_VER_MASK 0xff +#define DEV_GETINFO_MAJ_VER_MASK 0xff00 +#define ELE_DEV_INFO_EXTRA_SZ 0x60 + +struct dev_info { + u8 cmd; + u8 ver; + u16 length; + u16 soc_id; + u16 soc_rev; + u16 lmda_val; + u8 ssm_state; + u8 dev_atts_api_ver; + u8 uid[MAX_UID_SIZE]; + u8 sha_rom_patch[DEV_GETINFO_ROM_PATCH_SHA_SZ]; + u8 sha_fw[DEV_GETINFO_FW_SHA_SZ]; +}; + +struct dev_addn_info { + u8 oem_srkh[DEV_GETINFO_OEM_SRKH_SZ]; + u8 trng_state; + u8 csal_state; + u8 imem_state; + u8 reserved2; +}; + +struct ele_dev_info { + struct dev_info d_info; + struct dev_addn_info d_addn_info; +}; + +#define ELE_GET_INFO_BUFF_SZ (sizeof(struct ele_dev_info) \ + + ELE_DEV_INFO_EXTRA_SZ) + +#define GET_SERIAL_NUM_FROM_UID(x, uid_word_sz) \ + (((u64)(((u32 *)(x))[(uid_word_sz) - 1]) << 32) | ((u32 *)(x))[0]) + +#define ELE_MAX_DBG_DMP_PKT 50 +#define ELE_DEBUG_DUMP_REQ 0x21 +#define ELE_DEBUG_DUMP_REQ_SZ 0x4 +#define ELE_DEBUG_DUMP_RSP_SZ 0x5c + +#define ELE_PING_REQ 0x01 +#define ELE_PING_REQ_SZ 0x04 +#define ELE_PING_RSP_SZ 0x08 + +#define ELE_SERVICE_SWAP_REQ 0xdf +#define ELE_SERVICE_SWAP_REQ_MSG_SZ 0x18 +#define ELE_SERVICE_SWAP_RSP_MSG_SZ 0x0c +#define ELE_IMEM_SIZE 0x10000 +#define ELE_IMEM_STATE_OK 0xca +#define ELE_IMEM_STATE_BAD 0xfe +#define ELE_IMEM_STATE_WORD 0x27 +#define ELE_IMEM_STATE_MASK 0x00ff0000 +#define ELE_IMEM_EXPORT 0x1 +#define ELE_IMEM_IMPORT 0x2 + +#define ELE_FW_AUTH_REQ 0x02 +#define ELE_FW_AUTH_REQ_SZ 0x10 +#define ELE_FW_AUTH_RSP_MSG_SZ 0x08 + +int ele_get_info(struct se_if_priv *priv, struct ele_dev_info *s_info); +int ele_fetch_soc_info(struct se_if_priv *priv, void *data); +int ele_ping(struct se_if_priv *priv); +int ele_service_swap(struct se_if_priv *priv, + phys_addr_t addr, + u32 addr_size, u16 flag); +int ele_fw_authenticate(struct se_if_priv *priv, phys_addr_t addr); +int ele_debug_dump(struct se_if_priv *priv); +#endif diff --git a/drivers/firmware/imx/ele_common.c b/drivers/firmware/imx/ele_common.c new file mode 100644 index 000000000000..be4dabeeb64c --- /dev/null +++ b/drivers/firmware/imx/ele_common.c @@ -0,0 +1,343 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2025 NXP + */ + +#include "ele_base_msg.h" +#include "ele_common.h" + +/* + * se_add_msg_chksum() - to calculate checksum word by word. + * + * @msg : reference to the input msg-data. + * @msg_len : reference to the input msg-data length in bytes. + * + * This function returns the checksum calculated by ORing word by word. + * + * Return: + * 0: if the input length is not 4 byte aligned, or num of words < 5. + * chksum: calculated word by word. + */ +u32 se_add_msg_chksum(u32 *msg, u32 msg_len) +{ + u32 nb_words = msg_len / (u32)sizeof(u32); + u32 chksum = 0; + u32 i; + + if (nb_words < 5) + return chksum; + + if (msg_len % SE_MSG_WORD_SZ) { + pr_err("Msg-len is not 4-byte aligned."); + return chksum; + } + + for (i = 0; i < nb_words - 1; i++) + chksum ^= *(msg + i); + + return chksum; +} + +int ele_msg_rcv(struct se_if_priv *priv, + struct se_clbk_handle *se_clbk_hdl) +{ + int err = 0; + + do { + err = wait_for_completion_interruptible(&se_clbk_hdl->done); + if (err == -ERESTARTSYS) { + if (priv->waiting_rsp_clbk_hdl.rx_msg) { + priv->waiting_rsp_clbk_hdl.signal_rcvd = true; + continue; + } + dev_err(priv->dev, + "Err[0x%x]:Interrupted by signal.\n", err); + err = -EINTR; + break; + } + } while (err != 0); + + return err ? err : se_clbk_hdl->rx_msg_sz; +} + +int ele_msg_send(struct se_if_priv *priv, + void *tx_msg, + int tx_msg_sz) +{ + struct se_msg_hdr *header = tx_msg; + int err; + + /* + * Check that the size passed as argument matches the size + * carried in the message. + */ + if (header->size << 2 != tx_msg_sz) { + dev_err(priv->dev, + "User buf hdr: 0x%x, sz mismatced with input-sz (%d != %d).", + *(u32 *)header, + header->size << 2, tx_msg_sz); + return -EINVAL; + } + + err = mbox_send_message(priv->tx_chan, tx_msg); + if (err < 0) { + dev_err(priv->dev, "Error: mbox_send_message failure.\n"); + return err; + } + + return tx_msg_sz; +} + +/* API used for send/receive blocking call. */ +int ele_msg_send_rcv(struct se_if_priv *priv, + void *tx_msg, + int tx_msg_sz, + void *rx_msg, + int exp_rx_msg_sz) +{ + int err; + + guard(mutex)(&priv->se_if_cmd_lock); + + priv->waiting_rsp_clbk_hdl.rx_msg_sz = exp_rx_msg_sz; + priv->waiting_rsp_clbk_hdl.rx_msg = rx_msg; + + err = ele_msg_send(priv, tx_msg, tx_msg_sz); + if (err < 0) + return err; + + err = ele_msg_rcv(priv, &priv->waiting_rsp_clbk_hdl); + + if (priv->waiting_rsp_clbk_hdl.signal_rcvd) { + err = -EINTR; + priv->waiting_rsp_clbk_hdl.signal_rcvd = false; + dev_err(priv->dev, + "Err[0x%x]:Interrupted by signal.\n", err); + } + + return err; +} + +static bool check_hdr_exception_for_sz(struct se_if_priv *priv, + struct se_msg_hdr *header) +{ + /* List of API(s) header that can be accepte variable length + * response buffer. + */ + if (header->command == ELE_DEBUG_DUMP_REQ && + header->ver == priv->if_defs->base_api_ver && + header->size >= 0 && + header->size <= ELE_DEBUG_DUMP_RSP_SZ) + return true; + + return false; +} + +/* + * Callback called by mailbox FW, when data is received. + */ +void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg) +{ + struct se_clbk_handle *se_clbk_hdl; + struct device *dev = mbox_cl->dev; + struct se_msg_hdr *header; + struct se_if_priv *priv; + u32 rx_msg_sz; + + priv = dev_get_drvdata(dev); + + /* The function can be called with NULL msg */ + if (!msg) { + dev_err(dev, "Message is invalid\n"); + return; + } + + header = msg; + rx_msg_sz = header->size << 2; + + /* Incoming command: wake up the receiver if any. */ + if (header->tag == priv->if_defs->cmd_tag) { + se_clbk_hdl = &priv->cmd_receiver_clbk_hdl; + dev_dbg(dev, + "Selecting cmd receiver for mesg header:0x%x.", + *(u32 *)header); + + /* Pre-allocated buffer of MAX_NVM_MSG_LEN + * as the NVM command are initiated by FW. + * Size is revealed as part of this call function. + */ + if (rx_msg_sz > MAX_NVM_MSG_LEN) { + dev_err(dev, + "CMD-RCVER NVM: hdr(0x%x) with different sz(%d != %d).\n", + *(u32 *)header, + rx_msg_sz, se_clbk_hdl->rx_msg_sz); + + se_clbk_hdl->rx_msg_sz = MAX_NVM_MSG_LEN; + } + se_clbk_hdl->rx_msg_sz = rx_msg_sz; + + } else if (header->tag == priv->if_defs->rsp_tag) { + se_clbk_hdl = &priv->waiting_rsp_clbk_hdl; + dev_dbg(dev, + "Selecting resp waiter for mesg header:0x%x.", + *(u32 *)header); + + if (rx_msg_sz != se_clbk_hdl->rx_msg_sz && + check_hdr_exception_for_sz(priv, header)) { + dev_err(dev, + "Rsp to CMD: hdr(0x%x) with different sz(%d != %d).\n", + *(u32 *)header, + rx_msg_sz, se_clbk_hdl->rx_msg_sz); + + se_clbk_hdl->rx_msg_sz = min(rx_msg_sz, se_clbk_hdl->rx_msg_sz); + } + } else { + dev_err(dev, "Failed to select a device for message: %.8x\n", + *((u32 *)header)); + return; + } + + memcpy(se_clbk_hdl->rx_msg, msg, se_clbk_hdl->rx_msg_sz); + + /* Allow user to read */ + complete(&se_clbk_hdl->done); +} + +int se_val_rsp_hdr_n_status(struct se_if_priv *priv, + struct se_api_msg *msg, + u8 msg_id, + u8 sz, + bool is_base_api) +{ + struct se_msg_hdr *header = &msg->header; + u32 status; + + if (header->tag != priv->if_defs->rsp_tag) { + dev_err(priv->dev, + "MSG[0x%x] Hdr: Resp tag mismatch. (0x%x != 0x%x)", + msg_id, header->tag, priv->if_defs->rsp_tag); + return -EINVAL; + } + + if (header->command != msg_id) { + dev_err(priv->dev, + "MSG Header: Cmd id mismatch. (0x%x != 0x%x)", + header->command, msg_id); + return -EINVAL; + } + + if (header->size != (sz >> 2) && !check_hdr_exception_for_sz(priv, header)) { + dev_err(priv->dev, + "MSG[0x%x] Hdr: Cmd size mismatch. (0x%x != 0x%x)", + msg_id, header->size, (sz >> 2)); + return -EINVAL; + } + + if (is_base_api && header->ver != priv->if_defs->base_api_ver) { + dev_err(priv->dev, + "MSG[0x%x] Hdr: Base API Vers mismatch. (0x%x != 0x%x)", + msg_id, header->ver, priv->if_defs->base_api_ver); + return -EINVAL; + } else if (!is_base_api && header->ver != priv->if_defs->fw_api_ver) { + dev_err(priv->dev, + "MSG[0x%x] Hdr: FW API Vers mismatch. (0x%x != 0x%x)", + msg_id, header->ver, priv->if_defs->fw_api_ver); + return -EINVAL; + } + + status = RES_STATUS(msg->data[0]); + if (status != priv->if_defs->success_tag) { + dev_err(priv->dev, "Command Id[%x], Response Failure = 0x%x", + header->command, status); + return -EPERM; + } + + return 0; +} + +int se_save_imem_state(struct se_if_priv *priv, struct se_imem_buf *imem) +{ + struct ele_dev_info s_info = {0}; + int ret; + + ret = ele_get_info(priv, &s_info); + if (ret) { + dev_err(priv->dev, "Failed to get info from ELE.\n"); + return ret; + } + + /* Do not save the IMEM buffer, if the current IMEM state is BAD. */ + if (s_info.d_addn_info.imem_state == ELE_IMEM_STATE_BAD) + return ret; + + /* EXPORT command will save encrypted IMEM to given address, + * so later in resume, IMEM can be restored from the given + * address. + * + * Size must be at least 64 kB. + */ + ret = ele_service_swap(priv, + imem->phyaddr, + ELE_IMEM_SIZE, + ELE_IMEM_EXPORT); + if (ret < 0) { + dev_err(priv->dev, "Failed to export IMEM."); + imem->size = 0; + } else { + dev_info(priv->dev, + "Exported %d bytes of encrypted IMEM.", + ret); + imem->size = ret; + } + + return ret > 0 ? 0 : ret; +} + +int se_restore_imem_state(struct se_if_priv *priv, struct se_imem_buf *imem) +{ + struct ele_dev_info s_info; + int ret; + + /* get info from ELE */ + ret = ele_get_info(priv, &s_info); + if (ret) { + dev_err(priv->dev, "Failed to get info from ELE."); + return ret; + } + imem->state = s_info.d_addn_info.imem_state; + + /* Get IMEM state, if 0xFE then import IMEM if imem size is non-zero. */ + if (s_info.d_addn_info.imem_state != ELE_IMEM_STATE_BAD || !imem->size) + return ret; + + /* IMPORT command will restore IMEM from the given + * address, here size is the actual size returned by ELE + * during the export operation + */ + ret = ele_service_swap(priv, + imem->phyaddr, + imem->size, + ELE_IMEM_IMPORT); + if (ret) { + dev_err(priv->dev, "Failed to import IMEM"); + return ret; + } + + /* After importing IMEM, check if IMEM state is equal to 0xCA + * to ensure IMEM is fully loaded and + * ELE functionality can be used. + */ + ret = ele_get_info(priv, &s_info); + if (ret) { + dev_err(priv->dev, "Failed to get info from ELE."); + return ret; + } + imem->state = s_info.d_addn_info.imem_state; + + if (s_info.d_addn_info.imem_state == ELE_IMEM_STATE_OK) + dev_info(priv->dev, "Successfully restored IMEM."); + else + dev_err(priv->dev, "Failed to restore IMEM."); + + return ret; +} diff --git a/drivers/firmware/imx/ele_common.h b/drivers/firmware/imx/ele_common.h new file mode 100644 index 000000000000..c95e45123b5b --- /dev/null +++ b/drivers/firmware/imx/ele_common.h @@ -0,0 +1,50 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2025 NXP + */ + +#ifndef __ELE_COMMON_H__ +#define __ELE_COMMON_H__ + +#include "se_ctrl.h" + +#define ELE_SUCCESS_IND 0xD6 + +#define IMX_ELE_FW_DIR "imx/ele/" + +u32 se_add_msg_chksum(u32 *msg, u32 msg_len); +int ele_msg_rcv(struct se_if_priv *priv, + struct se_clbk_handle *se_clbk_hdl); +int ele_msg_send(struct se_if_priv *priv, + void *tx_msg, + int tx_msg_sz); +int ele_msg_send_rcv(struct se_if_priv *priv, + void *tx_msg, + int tx_msg_sz, + void *rx_msg, + int exp_rx_msg_sz); +void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg); +int se_val_rsp_hdr_n_status(struct se_if_priv *priv, + struct se_api_msg *msg, + u8 msg_id, + u8 sz, + bool is_base_api); + +/* Fill a command message header with a given command ID and length in bytes. */ +static inline int se_fill_cmd_msg_hdr(struct se_if_priv *priv, + struct se_msg_hdr *hdr, + u8 cmd, u32 len, + bool is_base_api) +{ + hdr->tag = priv->if_defs->cmd_tag; + hdr->ver = (is_base_api) ? priv->if_defs->base_api_ver : priv->if_defs->fw_api_ver; + hdr->command = cmd; + hdr->size = len >> 2; + + return 0; +} + +int se_save_imem_state(struct se_if_priv *priv, struct se_imem_buf *imem); +int se_restore_imem_state(struct se_if_priv *priv, struct se_imem_buf *imem); + +#endif /*__ELE_COMMON_H__ */ diff --git a/drivers/firmware/imx/se_ctrl.c b/drivers/firmware/imx/se_ctrl.c new file mode 100644 index 000000000000..be381980fec0 --- /dev/null +++ b/drivers/firmware/imx/se_ctrl.c @@ -0,0 +1,402 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2025 NXP + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "ele_base_msg.h" +#include "ele_common.h" +#include "se_ctrl.h" + +#define MAX_SOC_INFO_DATA_SZ 256 +#define MBOX_TX_NAME "tx" +#define MBOX_RX_NAME "rx" +#define SE_TYPE_STR_HSM "hsm" +#define SE_TYPE_ID_HSM 0x2 + +struct se_fw_img_name { + const u8 *prim_fw_nm_in_rfs; + const u8 *seco_fw_nm_in_rfs; +}; + +struct se_fw_load_info { + const struct se_fw_img_name *se_fw_img_nm; + bool is_fw_tobe_loaded; + bool imem_mgmt; + struct se_imem_buf imem; +}; + +struct se_var_info { + u16 soc_rev; + struct se_fw_load_info load_fw; +}; + +/* contains fixed information */ +struct se_soc_info { + const u16 soc_id; + const bool soc_register; + const struct se_fw_img_name se_fw_img_nm; +}; + +struct se_if_node { + struct se_soc_info *se_info; + u8 *pool_name; + bool reserved_dma_ranges; + struct se_if_defines if_defs; +}; + +/* common for all the SoC. */ +static struct se_var_info var_se_info; + +static struct se_soc_info se_imx8ulp_info = { + .soc_id = SOC_ID_OF_IMX8ULP, + .soc_register = true, + .se_fw_img_nm = { + .prim_fw_nm_in_rfs = IMX_ELE_FW_DIR + "mx8ulpa2-ahab-container.img", + .seco_fw_nm_in_rfs = IMX_ELE_FW_DIR + "mx8ulpa2ext-ahab-container.img", + }, +}; + +static struct se_if_node imx8ulp_se_ele_hsm = { + .se_info = &se_imx8ulp_info, + .pool_name = "sram", + .reserved_dma_ranges = true, + .if_defs = { + .se_if_type = SE_TYPE_ID_HSM, + .se_instance_id = 0, + .cmd_tag = 0x17, + .rsp_tag = 0xe1, + .success_tag = ELE_SUCCESS_IND, + .base_api_ver = MESSAGING_VERSION_6, + .fw_api_ver = MESSAGING_VERSION_7, + }, +}; + +static struct se_soc_info se_imx93_info = { + .soc_id = SOC_ID_OF_IMX93, +}; + +static struct se_if_node imx93_se_ele_hsm = { + .se_info = &se_imx93_info, + .reserved_dma_ranges = true, + .if_defs = { + .se_if_type = SE_TYPE_ID_HSM, + .se_instance_id = 0, + .cmd_tag = 0x17, + .rsp_tag = 0xe1, + .success_tag = ELE_SUCCESS_IND, + .base_api_ver = MESSAGING_VERSION_6, + .fw_api_ver = MESSAGING_VERSION_7, + }, +}; + +static const struct of_device_id se_match[] = { + { .compatible = "fsl,imx8ulp-se-ele-hsm", .data = &imx8ulp_se_ele_hsm}, + { .compatible = "fsl,imx93-se-ele-hsm", .data = &imx93_se_ele_hsm}, + {}, +}; + +static struct se_fw_load_info *get_load_fw_instance(struct se_if_priv *priv) +{ + return &var_se_info.load_fw; +} + +static int get_se_soc_info(struct se_if_priv *priv, const struct se_soc_info *se_info) +{ + struct se_fw_load_info *load_fw = get_load_fw_instance(priv); + struct soc_device_attribute *attr; + u8 data[MAX_SOC_INFO_DATA_SZ]; + struct ele_dev_info *s_info; + struct soc_device *sdev; + int err = 0; + + /* This function should be called once. + * Check if the se_soc_rev is zero to continue. + */ + if (var_se_info.soc_rev) + return err; + + err = ele_fetch_soc_info(priv, &data); + if (err < 0) + return dev_err_probe(priv->dev, err, "Failed to fetch SoC Info."); + s_info = (void *)data; + var_se_info.soc_rev = s_info->d_info.soc_rev; + load_fw->imem.state = s_info->d_addn_info.imem_state; + + if (!se_info->soc_register) + return 0; + + attr = devm_kzalloc(priv->dev, sizeof(*attr), GFP_KERNEL); + if (!attr) + return -ENOMEM; + + if (FIELD_GET(DEV_GETINFO_MIN_VER_MASK, var_se_info.soc_rev)) + attr->revision = devm_kasprintf(priv->dev, GFP_KERNEL, "%x.%x", + FIELD_GET(DEV_GETINFO_MIN_VER_MASK, + var_se_info.soc_rev), + FIELD_GET(DEV_GETINFO_MAJ_VER_MASK, + var_se_info.soc_rev)); + else + attr->revision = devm_kasprintf(priv->dev, GFP_KERNEL, "%x", + FIELD_GET(DEV_GETINFO_MAJ_VER_MASK, + var_se_info.soc_rev)); + + switch (se_info->soc_id) { + case SOC_ID_OF_IMX8ULP: + attr->soc_id = "i.MX8ULP"; + break; + case SOC_ID_OF_IMX93: + attr->soc_id = "i.MX93"; + break; + } + + err = of_property_read_string(of_root, "model", + &attr->machine); + if (err) + return -EINVAL; + + attr->family = "Freescale i.MX"; + + attr->serial_number = devm_kasprintf(priv->dev, + GFP_KERNEL, "%016llX", + GET_SERIAL_NUM_FROM_UID(s_info->d_info.uid, + MAX_UID_SIZE >> 2)); + + sdev = soc_device_register(attr); + if (IS_ERR(sdev)) + return PTR_ERR(sdev); + + return 0; +} + +/* interface for managed res to free a mailbox channel */ +static void if_mbox_free_channel(void *mbox_chan) +{ + mbox_free_channel(mbox_chan); +} + +static int se_if_request_channel(struct device *dev, + struct mbox_chan **chan, + struct mbox_client *cl, + const char *name) +{ + struct mbox_chan *t_chan; + int ret = 0; + + t_chan = mbox_request_channel_byname(cl, name); + if (IS_ERR(t_chan)) + return dev_err_probe(dev, PTR_ERR(t_chan), + "Failed to request %s channel.", name); + + ret = devm_add_action_or_reset(dev, if_mbox_free_channel, t_chan); + if (ret) + return dev_err_probe(dev, -EPERM, + "Failed to add-action for removal of mbox: %s\n", + name); + *chan = t_chan; + + return ret; +} + +static void se_if_probe_cleanup(void *plat_dev) +{ + struct platform_device *pdev = plat_dev; + struct se_fw_load_info *load_fw; + struct device *dev = &pdev->dev; + struct se_if_priv *priv; + + priv = dev_get_drvdata(dev); + load_fw = get_load_fw_instance(priv); + + /* In se_if_request_channel(), passed the clean-up functional + * pointer reference as action to devm_add_action_or_reset(). + * No need to free the mbox channels here. + */ + + /* free the buffer in se remove, previously allocated + * in se probe to store encrypted IMEM + */ + if (load_fw && load_fw->imem.buf) { + dmam_free_coherent(dev, + ELE_IMEM_SIZE, + load_fw->imem.buf, + load_fw->imem.phyaddr); + load_fw->imem.buf = NULL; + } + + /* No need to check, if reserved memory is allocated + * before calling for its release. Or clearing the + * un-set bit. + */ + of_reserved_mem_device_release(dev); +} + +static int se_if_probe(struct platform_device *pdev) +{ + const struct se_soc_info *se_info; + const struct se_if_node *if_node; + struct se_fw_load_info *load_fw; + struct device *dev = &pdev->dev; + struct se_if_priv *priv; + int ret; + + if_node = device_get_match_data(dev); + if (!if_node) + return -EINVAL; + + se_info = if_node->se_info; + + priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + priv->dev = dev; + priv->if_defs = &if_node->if_defs; + dev_set_drvdata(dev, priv); + + ret = devm_add_action_or_reset(dev, se_if_probe_cleanup, pdev); + if (ret) + return ret; + + /* Mailbox client configuration */ + priv->se_mb_cl.dev = dev; + priv->se_mb_cl.tx_block = false; + priv->se_mb_cl.knows_txdone = true; + priv->se_mb_cl.rx_callback = se_if_rx_callback; + + ret = se_if_request_channel(dev, &priv->tx_chan, + &priv->se_mb_cl, MBOX_TX_NAME); + if (ret) + return ret; + + ret = se_if_request_channel(dev, &priv->rx_chan, + &priv->se_mb_cl, MBOX_RX_NAME); + if (ret) + return ret; + + mutex_init(&priv->se_if_cmd_lock); + + init_completion(&priv->waiting_rsp_clbk_hdl.done); + init_completion(&priv->cmd_receiver_clbk_hdl.done); + + if (if_node->pool_name) { + priv->mem_pool = of_gen_pool_get(dev->of_node, + if_node->pool_name, 0); + if (!priv->mem_pool) + return dev_err_probe(dev, -ENOMEM, + "Unable to get sram pool = %s.", + if_node->pool_name); + } + + if (if_node->reserved_dma_ranges) { + ret = of_reserved_mem_device_init(dev); + if (ret) + return dev_err_probe(dev, ret, + "Failed to init reserved memory region."); + } + + if (if_node->if_defs.se_if_type == SE_TYPE_ID_HSM) { + ret = get_se_soc_info(priv, se_info); + if (ret) + return dev_err_probe(dev, ret, + "Failed to fetch SoC Info."); + } + + /* By default, there is no pending FW to be loaded.*/ + if (se_info->se_fw_img_nm.prim_fw_nm_in_rfs || + se_info->se_fw_img_nm.seco_fw_nm_in_rfs) { + load_fw = get_load_fw_instance(priv); + load_fw->se_fw_img_nm = &se_info->se_fw_img_nm; + load_fw->is_fw_tobe_loaded = true; + + if (se_info->se_fw_img_nm.prim_fw_nm_in_rfs) { + /* allocate buffer where SE store encrypted IMEM */ + load_fw->imem.buf = dmam_alloc_coherent(priv->dev, ELE_IMEM_SIZE, + &load_fw->imem.phyaddr, + GFP_KERNEL); + if (!load_fw->imem.buf) + return dev_err_probe(dev, -ENOMEM, + "dmam-alloc-failed: To store encr-IMEM."); + load_fw->imem_mgmt = true; + } + } + dev_info(dev, "i.MX secure-enclave: %s%d interface to firmware, configured.", + SE_TYPE_STR_HSM, + priv->if_defs->se_instance_id); + + return ret; +} + +static void se_if_remove(struct platform_device *pdev) +{ + se_if_probe_cleanup(pdev); +} + +static int se_suspend(struct device *dev) +{ + struct se_if_priv *priv = dev_get_drvdata(dev); + struct se_fw_load_info *load_fw; + int ret = 0; + + load_fw = get_load_fw_instance(priv); + + if (load_fw->imem_mgmt) + ret = se_save_imem_state(priv, &load_fw->imem); + + return ret; +} + +static int se_resume(struct device *dev) +{ + struct se_if_priv *priv = dev_get_drvdata(dev); + struct se_fw_load_info *load_fw; + + load_fw = get_load_fw_instance(priv); + + if (load_fw->imem_mgmt) + se_restore_imem_state(priv, &load_fw->imem); + + return 0; +} + +static const struct dev_pm_ops se_pm = { + SET_SYSTEM_SLEEP_PM_OPS(se_suspend, se_resume) +}; + +static struct platform_driver se_driver = { + .driver = { + .name = "fsl-se", + .of_match_table = se_match, + .pm = &se_pm, + }, + .probe = se_if_probe, + .remove = se_if_remove, +}; +MODULE_DEVICE_TABLE(of, se_match); + +module_platform_driver(se_driver); +MODULE_AUTHOR("Pankaj Gupta "); +MODULE_DESCRIPTION("iMX Secure Enclave Driver."); +MODULE_LICENSE("GPL"); diff --git a/drivers/firmware/imx/se_ctrl.h b/drivers/firmware/imx/se_ctrl.h new file mode 100644 index 000000000000..177623f3890e --- /dev/null +++ b/drivers/firmware/imx/se_ctrl.h @@ -0,0 +1,84 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2025 NXP + */ + +#ifndef SE_MU_H +#define SE_MU_H + +#include +#include +#include + +#define MAX_FW_LOAD_RETRIES 50 +#define SE_MSG_WORD_SZ 0x4 + +#define RES_STATUS(x) FIELD_GET(0x000000ff, x) +#define MAX_NVM_MSG_LEN (256) +#define MESSAGING_VERSION_6 0x6 +#define MESSAGING_VERSION_7 0x7 + +struct se_clbk_handle { + struct completion done; + bool signal_rcvd; + u32 rx_msg_sz; + /* Assignment of the rx_msg buffer to held till the + * received content as part callback function, is copied. + */ + struct se_api_msg *rx_msg; +}; + +struct se_imem_buf { + u8 *buf; + phys_addr_t phyaddr; + u32 size; + u32 state; +}; + +/* Header of the messages exchange with the EdgeLock Enclave */ +struct se_msg_hdr { + u8 ver; + u8 size; + u8 command; + u8 tag; +} __packed; + +#define SE_MU_HDR_SZ 4 + +struct se_api_msg { + struct se_msg_hdr header; + u32 data[]; +}; + +struct se_if_defines { + const u8 se_if_type; + const u8 se_instance_id; + u8 cmd_tag; + u8 rsp_tag; + u8 success_tag; + u8 base_api_ver; + u8 fw_api_ver; +}; + +struct se_if_priv { + struct device *dev; + + struct se_clbk_handle cmd_receiver_clbk_hdl; + /* Update to the waiting_rsp_dev, to be protected + * under se_if_cmd_lock. + */ + struct se_clbk_handle waiting_rsp_clbk_hdl; + /* + * prevent new command to be sent on the se interface while previous + * command is still processing. (response is awaited) + */ + struct mutex se_if_cmd_lock; + + struct mbox_client se_mb_cl; + struct mbox_chan *tx_chan, *rx_chan; + + struct gen_pool *mem_pool; + const struct se_if_defines *if_defs; +}; + +#endif diff --git a/include/linux/firmware/imx/se_api.h b/include/linux/firmware/imx/se_api.h new file mode 100644 index 000000000000..b1c4c9115d7b --- /dev/null +++ b/include/linux/firmware/imx/se_api.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2025 NXP + */ + +#ifndef __SE_API_H__ +#define __SE_API_H__ + +#include + +#define SOC_ID_OF_IMX8ULP 0x084d +#define SOC_ID_OF_IMX93 0x9300 + +#endif /* __SE_API_H__ */ From patchwork Wed Mar 26 18:38:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030097 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2F7B8C36008 for ; Wed, 26 Mar 2025 13:51:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=VbIqE7IC6vIxpIXZJoa7BqK7zTm7yS9o2G8fp5SWkEQ=; b=dYSr3z3+GLd0DIsnHXIWfhcZ2F hj8qvuXPwh3yqcAXarEsX2qjyFLwyh2k06pLAyqRQgWCREgSwA9FL9iIdDwfM4q+rRH2XUYYDO0Yt BPdQ1os3BW3BH1XEdh7enthjB6zcztLYPb9soiHSFNp9uo/TelFVdi8reVnQ2a9srX7gjxL50CdeM ETr8b9xNu9xK/wqEhKiDQRTDSAKyCR1KkiTTlFuJKnjCp8yEzgFeHfWNleqrse+VeMZHyzVn+4Wc6 9ALH45QVT60W19OnR7JLhuM///8cxEQaKz5tMV7Dt/QuI2yciB7MFkdGwYD3szSKnJt+iG8+NQSek oWsPIbeQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txRAR-00000008bkf-0ye6; Wed, 26 Mar 2025 13:51:39 +0000 Received: from mail-northeuropeazlp170110001.outbound.protection.outlook.com ([2a01:111:f403:c200::1] helo=DB3PR0202CU003.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQqI-00000008Zaw-3ZYf for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:30:52 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JOjtNhOpJxa+fN7Eb/bQftBFurG5niQg57wt2z7ZywlNI88WJOK/BcpajxYDiIxaOYBjWBndOqCMq6wDKoxF2LJ7YBxcSMVFnDtYkgZHmZhH9+10thQVQwWOll+n6hxS2XVULxoYtLOFq99aIlNxKwxcxP4xSGRSI4NGfhp3yIgzzaSnwnXKZBYRCIjzBITVu3xruIMxdRSdZZO8Bgwj1WyBwDIX74GRPd4fhy05CcjRBU94hAvBgrpEkk/Y+fZmMyzmW3iIC0qkIpVmbf8Z8ViZVEcUcBcBHO6u1J9Kivg0gclVpfQS4WsjTZaHBBstUYG1waMCMsACrUiWBqW11A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VbIqE7IC6vIxpIXZJoa7BqK7zTm7yS9o2G8fp5SWkEQ=; b=uUHS4hh3EXnsu86Se/fooArTY1PVePBc7W8IjmUEIpp6CpDLgmyNkAMcd8Wm9XRkFIQyAdNCjZ+OcVYXv5sMMF6k4pidxzFnZbBA1x+0Ox6m+N+S+fy9y5o16TR/DhMmDkbH0F4l/cbmuKlW8mBwAwbm0gTyY9o1uzc2+JcvQIbDyNjb/A8ldTvLir7qOnqFieqeaGDSxdzXFd4wPTB5OYcelzC9R17c6IteLLRRvhDEOHF8hUA+IhJzSfnR6EpoVcJl5oWamJ5XdarVpB1PBZMAiFq6zFEGTaFq5N2bqbCAKuajIUR3twrZupT9g9ElO2tZUY0f4GAEUwdbueMVUg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VbIqE7IC6vIxpIXZJoa7BqK7zTm7yS9o2G8fp5SWkEQ=; b=oAzoAHzKo/LapN8stB0wfFT9Yx+oa6HI1DCu8XY8Vzxio/YB/E8QpP8x97JobhWoQKtI1sAxYpxFuRhjeIVTHwuPRCgWHti+6lBpnr3cfpve/1uiCjbc3mdWc4nVuYZwE1ej9z54BQzUOjn6tKFxLL2VF3Nnr+fEWH/iF8PN/LphzDg5dHtgjWWE0VsiUBGwetdlFwNCZYk2noVJ+3wpYsiY7SbsnKZ3unKeLKAHnfZq/CpZ2qa+MYGQAwxD2DHUDHeI+CikglDSkghO4d2tpzL9GmDVOqh2d3IVKU8g6IAz4M9QjzRBkshE4DtM5bbW1y0zrQ5bgHE2MJ0O9hrAKg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by AM9PR04MB8828.eurprd04.prod.outlook.com (2603:10a6:20b:40b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:15:14 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:15:14 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:08:01 +0530 Subject: [PATCH v14 5/6] firmware: imx: device context dedicated to priv Message-Id: <20250327-imx-se-if-v14-5-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=5512; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=x46GPrAXCNE6NZYHZlvm+lLo6wiB7ucFqA87IFILO74=; b=16vpPmMS1/FEMy5Ys1yR/ewphQAVZlL5xZXFxVS9uNhnV0PZBpQACWzJak93nFmP3/XvCTfpk h8Qauacf7wKCqlUix4Ze7QvgKcOFfbvNlBoIbqvo3CTvJAjaevQNmVk X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|AM9PR04MB8828:EE_ X-MS-Office365-Filtering-Correlation-Id: d8313c92-722d-4344-b602-08dd6c683e95 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|52116014|1800799024|366016|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?q?7oZ0H7w2H4RUIWqG/FGd1nGB+Q3vFx0?= =?utf-8?q?+UcLvszVxhj8lrZfv5JuFGzbS0BQme6kRSSsuGMMOtGranAL+00TnPWWgzYpO0e6f?= =?utf-8?q?vqDxfC1UWXEXZoaIfNo7L3K7u7lOhrM7/2cISooVwclDirdyg1QQ/2v42ME1z/jMY?= =?utf-8?q?WBsCUoB1sGPFUppsGnRqn4tC4xPZ1figcLhFlIW9twCC8E6TqsAeO58+PM254a76g?= =?utf-8?q?zvuvssZc1cawv6ZrSnu4KG3RmAbXJ69GC4vZKSpR4N/RUeQ/CVfpi+HxAUzeKLMbJ?= =?utf-8?q?WYow6NVEZYmoiZ2wb76zk99PgDG9d7ltcml2g2+xBAla50r1zxb+lgJQ/yxx40hN1?= =?utf-8?q?ZEaOuicwPr0LM2GL3CkbtKj3FMkHeHYaB7VNeUNoHUpojt6gnaxjprSVq1qmf3AEb?= =?utf-8?q?kjxmZ9/2DphwpuawqaC8IEr+7ZwHiHz8w8tJJEnRsl4KC+ScMaUzazq4Yv3x1jSs/?= =?utf-8?q?VnhGwh8589L0Tk6luXFlojveDbzeKTAiR0JWn238ljMHPWAxHKpWfrQ0fQ+OrGr6+?= =?utf-8?q?Bvq4obTtdyNXrLugW7O7Pw+NbwhmyjsvcNSmRaJiOP7UUeOsx3OvmYOnbUYAn54qx?= =?utf-8?q?S5J54nprBEJ3iXKMA2TtZL77Q37islDmMSqcOu0XbsI6KMcf+aaRpyhrGTj9drPnQ?= =?utf-8?q?FfouvQPihyk04quWYZXqHKXOxyW9b73uLWlzYX675T9LTyk7FMd98cbger3k/g0SW?= =?utf-8?q?aWQMvYOFd07UsRUOapCkTsBIJx+uKQWCpEIXJORYUC4ll5m2R7SrZ3jBnoV9BzSw1?= =?utf-8?q?rwNBzME6NWS1R7acW0bN2J7FsWf91sOKd0ErwYyK8AP5uSFeg2dtZ/wPB40GQYMJ3?= =?utf-8?q?1S3Li0+9x9QCDWLy5KYIp9up8ulb/UJvd9cXtwOuc9uM4WCueNgqzX6l2IOnmLT/y?= =?utf-8?q?Y2gwoFYkzpoP4APjC9U/RsWt53fpjib+6/FWktSdk6BmpA939USNBpnGuU7+wX0+X?= =?utf-8?q?4jxCGRtzgPGwvZLT0xjk05SsdqSR8al4rDUtUHgjlYA4Ww6obXAHAos6VrIHoxLX7?= =?utf-8?q?Co2HUpVVpsJIA3q99b09owlxTsZGQImQZyIQrRxj/OGcgU3R0lmAzGluYV1bQ3JdD?= =?utf-8?q?zM4KS8DXAe0z7/wylbjJS9nw9Y/y1QGr/QRcO6+FlA2VvMXmDHSFcRi572weie3+6?= =?utf-8?q?ToHquY6Z16cEJUYE3wHS+o0RXE+MBCLDG3hOQwWUIyVb0vxxTKGXvQs192HZSDs+K?= =?utf-8?q?EFJhN0DVig2+fVVc52rv08ZLfniVQsURlwSyk9YjOZ4cH76xXW4AWeae7dILcFcAR?= =?utf-8?q?ZAAtAiJWHDpJ9oBQty2pSpz5vmMBNCUgoVnZ2shan0LvPsSTcUd48b4rAe8V/FepU?= =?utf-8?q?OnMeQlK05llxhPDgEXBnnyD5gW0vhXxCzgiPW15eI/E7VFqtixS9/Ft/P058hN4/m?= =?utf-8?q?ilRkPYVai2x?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(7416014)(376014)(52116014)(1800799024)(366016)(38350700014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?Un+Jw39QvLcBzQGc8HUmtXZBWilk?= =?utf-8?q?HEfL+ksMv98qcX3dtPgMzjVVR49ShcnCpaDtdTfumC+yBi1dzJoiwDeWTHjeHyLOz?= =?utf-8?q?N6on8mxoao9J6yclypI2ZKDHxzqJe82o/1byqPhYA5M75lScCt6NBlOCAuNj6iNFD?= =?utf-8?q?Ezr3BE6btacCPVTLX+YmtfJFcTeby4PNHqeqQGrhGtMJYgSwKxbYIuJ8rY1Gl5HxS?= =?utf-8?q?SlfEISvUZbsTMBHuOYx8wVgX3/BnWNOJpNA9IpIXWB8jbNDEW5w1O41ldArdedk5d?= =?utf-8?q?/sxlV4f6AVYQAbCUEg0AX2bqnZIo6GXsZupBBNQCn/pSf/wMzFSsJkIPez+ygj9i6?= =?utf-8?q?XYuKrGfhX4WkJ3J7UlwuZk55K+Ea+8jfS5P4u4Ja/51ydztt/MgK1UnLvTR8Cg9cz?= =?utf-8?q?R9PYhrFdr0PKzrD1IWkuGi5h0bFfYeFSEdT5Kcxk56tysx3QCZ7ppvK+lty6qdkLR?= =?utf-8?q?bQH7EEirioV432GlQHQdDfk3r3UfDDRpzOEvYam9mzNVIUMM21ND5vsxw34OJ6lzy?= =?utf-8?q?gWocIVRiRrdcmrg0D1y9lg0chpFxYblhwSSfNoiewteXurFI23U565eXRSS0/GhSF?= =?utf-8?q?D6tmxTbQcLGF4cS2m1M7bLwF5dwvsB0oVUJZz2ScC9T19oOihd3Xek6ESHSZ+BzGu?= =?utf-8?q?Z22m7FCn8rfauHNGOvwlCxnALVd3hidwFrXx0+Z8xQNS/rcP0gweFuIYo6L8Vt+Lj?= =?utf-8?q?zJ1HS3XSZhAuD/epWj2xWO8mwOuxShKD3/MIScghLWs+KlK8LJokbnDSFfDVL3DGp?= =?utf-8?q?usHFVEBpAuLxPVyxZroh6k5V+nZKbiS44+SQxBpnB18dWa2Lfa1CO50drP1FC21VC?= =?utf-8?q?HBR4K5OfkpMopEOvTJE5FQ9rSWdhEtUL0cIHDt1J9bqCC8X/xioN9wDHmXy1Z/3sQ?= =?utf-8?q?KcMrCvldIEg9hp6Rq6vnkiTl0kd0Z64ZWOZMoWXbjFbaA8zQpzys0uuCXW/jv9tr0?= =?utf-8?q?f7VMwXmEddsh2xdJlpbrZa1854i6+77z8Q7zNC925k6EMwZ/G2HkArOPO2z7U1iPv?= =?utf-8?q?XzDttpRVnwB6JjnoELMQgnQCt/7MVl79YGiKM/+MJfhuVEFhGD8+TXG+CJ66wcBlW?= =?utf-8?q?DCMNII3vN6dUBsDLvTImxG/N2ux++M6v0kEVuxQLhTrC/nbk1Dv/ILBuiLKftL36C?= =?utf-8?q?zaEqkbGTx244mmuPY4v4Gt2otJy/hX11n85R3NndKYsfJgTQkol331X3Dv0bqvAoU?= =?utf-8?q?vtMc4qabKm6H4Fq+Z1khudPU9CYK9jokVk48GsFxuXO0yFdVOuElTl2FnSmNm6wcM?= =?utf-8?q?94oVVLrXN0ws7Tk73O2DqK3mcDAG+r1gvqWu6h8rQfNOpaY9th+mARg6umzsBHk8Z?= =?utf-8?q?A39d1+n7DdWc9MWVWdfrwv42s719M8tPbNNpvTApgXsPHOJvTLB2BWyEVH13voDIk?= =?utf-8?q?vyEP2bOe9aGx/N3+/GBnngBAswgp5L+3Ith1Kt1YzroROpgxcBGrSl1txuyt+MbBg?= =?utf-8?q?rpE7xxTZmvOkz74okGzccd2mUbEAlX/s7PrfyFv4Xs7iFOeC3mHCZWiitpbY1K0CK?= =?utf-8?q?RGl4K9uLBLvH?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: d8313c92-722d-4344-b602-08dd6c683e95 X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:15:14.3537 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: dS9fsyqPpM/tmpa3L4DwT6QkvmiUUEJ/mQwQgpNFyA4VEa+VLo9CXFeWm8I9LjNPmGjvhEPqPULPeVsjwIDglg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8828 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_063051_029893_4E5C1EB0 X-CRM114-Status: GOOD ( 16.86 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add priv_dev_ctx to prepare enabling misc-device context based send-receive path, to communicate with FW. No functionality change. Signed-off-by: Pankaj Gupta Reviewed-by: Frank Li --- drivers/firmware/imx/ele_base_msg.c | 10 +++++----- drivers/firmware/imx/ele_common.c | 3 ++- drivers/firmware/imx/ele_common.h | 2 +- drivers/firmware/imx/se_ctrl.c | 31 +++++++++++++++++++++++++++++++ drivers/firmware/imx/se_ctrl.h | 8 ++++++++ 5 files changed, 47 insertions(+), 7 deletions(-) diff --git a/drivers/firmware/imx/ele_base_msg.c b/drivers/firmware/imx/ele_base_msg.c index 3839c93f8212..c07c21f1fbbd 100644 --- a/drivers/firmware/imx/ele_base_msg.c +++ b/drivers/firmware/imx/ele_base_msg.c @@ -62,7 +62,7 @@ int ele_get_info(struct se_if_priv *priv, struct ele_dev_info *s_info) tx_msg->data[0] = upper_32_bits(get_info_addr); tx_msg->data[1] = lower_32_bits(get_info_addr); tx_msg->data[2] = sizeof(*s_info); - ret = ele_msg_send_rcv(priv, + ret = ele_msg_send_rcv(priv->priv_dev_ctx, tx_msg, ELE_GET_INFO_REQ_MSG_SZ, rx_msg, @@ -122,7 +122,7 @@ int ele_ping(struct se_if_priv *priv) return ret; } - ret = ele_msg_send_rcv(priv, + ret = ele_msg_send_rcv(priv->priv_dev_ctx, tx_msg, ELE_PING_REQ_SZ, rx_msg, @@ -174,7 +174,7 @@ int ele_service_swap(struct se_if_priv *priv, if (!tx_msg->data[4]) return -EINVAL; - ret = ele_msg_send_rcv(priv, + ret = ele_msg_send_rcv(priv->priv_dev_ctx, tx_msg, ELE_SERVICE_SWAP_REQ_MSG_SZ, rx_msg, @@ -227,7 +227,7 @@ int ele_fw_authenticate(struct se_if_priv *priv, phys_addr_t addr) tx_msg->data[0] = lower_32_bits(addr); tx_msg->data[2] = addr; - ret = ele_msg_send_rcv(priv, + ret = ele_msg_send_rcv(priv->priv_dev_ctx, tx_msg, ELE_FW_AUTH_REQ_SZ, rx_msg, @@ -275,7 +275,7 @@ int ele_debug_dump(struct se_if_priv *priv) do { memset(rx_msg, 0x0, ELE_DEBUG_DUMP_RSP_SZ); - ret = ele_msg_send_rcv(priv, + ret = ele_msg_send_rcv(priv->priv_dev_ctx, tx_msg, ELE_DEBUG_DUMP_REQ_SZ, rx_msg, diff --git a/drivers/firmware/imx/ele_common.c b/drivers/firmware/imx/ele_common.c index be4dabeeb64c..f75a8237e353 100644 --- a/drivers/firmware/imx/ele_common.c +++ b/drivers/firmware/imx/ele_common.c @@ -89,12 +89,13 @@ int ele_msg_send(struct se_if_priv *priv, } /* API used for send/receive blocking call. */ -int ele_msg_send_rcv(struct se_if_priv *priv, +int ele_msg_send_rcv(struct se_if_device_ctx *dev_ctx, void *tx_msg, int tx_msg_sz, void *rx_msg, int exp_rx_msg_sz) { + struct se_if_priv *priv = dev_ctx->priv; int err; guard(mutex)(&priv->se_if_cmd_lock); diff --git a/drivers/firmware/imx/ele_common.h b/drivers/firmware/imx/ele_common.h index c95e45123b5b..a6bf93f0048f 100644 --- a/drivers/firmware/imx/ele_common.h +++ b/drivers/firmware/imx/ele_common.h @@ -18,7 +18,7 @@ int ele_msg_rcv(struct se_if_priv *priv, int ele_msg_send(struct se_if_priv *priv, void *tx_msg, int tx_msg_sz); -int ele_msg_send_rcv(struct se_if_priv *priv, +int ele_msg_send_rcv(struct se_if_device_ctx *dev_ctx, void *tx_msg, int tx_msg_sz, void *rx_msg, diff --git a/drivers/firmware/imx/se_ctrl.c b/drivers/firmware/imx/se_ctrl.c index be381980fec0..144a727bbfe0 100644 --- a/drivers/firmware/imx/se_ctrl.c +++ b/drivers/firmware/imx/se_ctrl.c @@ -191,6 +191,31 @@ static int get_se_soc_info(struct se_if_priv *priv, const struct se_soc_info *se return 0; } +static int init_misc_device_context(struct se_if_priv *priv, int ch_id, + struct se_if_device_ctx **new_dev_ctx) +{ + struct se_if_device_ctx *dev_ctx; + int ret = 0; + + dev_ctx = devm_kzalloc(priv->dev, sizeof(*dev_ctx), GFP_KERNEL); + + if (!dev_ctx) + return -ENOMEM; + + dev_ctx->priv = priv; + + dev_ctx->devname = devm_kasprintf(priv->dev, GFP_KERNEL, "%s%d_ch%d", + SE_TYPE_STR_HSM, + priv->if_defs->se_instance_id, + ch_id); + if (!dev_ctx->devname) + return -ENOMEM; + + *new_dev_ctx = dev_ctx; + + return ret; +} + /* interface for managed res to free a mailbox channel */ static void if_mbox_free_channel(void *mbox_chan) { @@ -317,6 +342,12 @@ static int se_if_probe(struct platform_device *pdev) "Failed to init reserved memory region."); } + ret = init_misc_device_context(priv, 0, &priv->priv_dev_ctx); + if (ret) + return dev_err_probe(dev, ret, + "Failed[0x%x] to create device contexts.", + ret); + if (if_node->if_defs.se_if_type == SE_TYPE_ID_HSM) { ret = get_se_soc_info(priv, se_info); if (ret) diff --git a/drivers/firmware/imx/se_ctrl.h b/drivers/firmware/imx/se_ctrl.h index 177623f3890e..f0893c5c9145 100644 --- a/drivers/firmware/imx/se_ctrl.h +++ b/drivers/firmware/imx/se_ctrl.h @@ -35,6 +35,12 @@ struct se_imem_buf { u32 state; }; +/* Private struct for each char device instance. */ +struct se_if_device_ctx { + struct se_if_priv *priv; + const char *devname; +}; + /* Header of the messages exchange with the EdgeLock Enclave */ struct se_msg_hdr { u8 ver; @@ -79,6 +85,8 @@ struct se_if_priv { struct gen_pool *mem_pool; const struct se_if_defines *if_defs; + + struct se_if_device_ctx *priv_dev_ctx; }; #endif From patchwork Wed Mar 26 18:38:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pankaj Gupta X-Patchwork-Id: 14030065 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A4092C36008 for ; Wed, 26 Mar 2025 13:18:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version:Cc:To: In-Reply-To:References:Message-Id:Content-Transfer-Encoding:Content-Type: Subject:Date:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=0NNIVASCpH3oRkwaJ1bFkhvuRoDwnmM2RaDPlfcOJ9M=; b=MBSIom6qZz9lhDV5347aTHBXco nZgLkFrOn1Vq7QBty7R3L6Zqcv4zGS5FE9F4pUPacoL2ymRR10nyaHlLHXY2dszTHTuF5uiw5Y82X 0RWbZFuU5x77ZvZCs5wd6bCuPj4AwabXO9mhAX0OS7QZUMiJeQjxsLMTsxgfR94f4rlpAOfbJICya ZztGhrxi3XVhWt7xOysqIB20oMDdXTMBZINic8XTaql6D6wwMEZyQOaruyiE3KkAB1EwjUT/lb/j0 tAfQg6y4ASKJa7bcZ3nlYmvV0WSyNoPvwFukoYT1rjCFtSec8EDMM758JApDwXLDpKzEmuieT83IS uuAT4Bvg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQec-00000008XWJ-3HoN; Wed, 26 Mar 2025 13:18:46 +0000 Received: from mail-francecentralazlp170130007.outbound.protection.outlook.com ([2a01:111:f403:c20a::7] helo=PA4PR04CU001.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.98.1 #2 (Red Hat Linux)) id 1txQbN-00000008WwY-15yu for linux-arm-kernel@lists.infradead.org; Wed, 26 Mar 2025 13:15:27 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Low9D1eLP+1Jpf+59KEu02LwRi9BgpukUjdjkZFsm2iUsn3jUNNJEScloDSAybHpGk1edAMHkuYs+AyNAqQUEcgbrKSoOUkn4qB8qkfqs+p84imQ+plKtJU43aoaNNqd8YNxdvNu5DDJ+cdm4FZsa3bMbywn3o6UShBAbFIjqO6J3ELkhUK4mJtorgbnTkm5nUIYASnsE2o3iWrArz1DOVW+SqzhNg8HOxNcLr4StDZ62UZ9C2cOPwlm1g5on5EwZPsxglp4+qWEH4SP/O22la4iWhBHRVZsu5K1CGxV8YRR8IeXUIl930QrxiQklOV/Qe2Vz8zh4iW3oXaLJsf0ZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0NNIVASCpH3oRkwaJ1bFkhvuRoDwnmM2RaDPlfcOJ9M=; b=nr2uyn0GwZ+XYsE0d4hILof4Qnrgq3bE9TRmEElhNanbepA3QWRPa2tEIAsE/uqs7Jkb6nXEZwl4c1aSbDnbYj71I8k7fuK5fO/bG1obLO9rt3Sd5bRRzjzov1Qb/l42W91o1+3otW2c5lT+QPlHAf8MY1/Qsj/OhQsBkmeLKpXewbXqpUwaM+NIokZBJGp13u8nMnKdGf1FI7l6cJe8GWu+61zKYnjBRDYKUv/gdqHZVbMbA1zR3j9q3oUtpQyV7B/GmpTttcZKwlTzyI5CIJ4tNrzHDdtrYsw845BKEE26UQHuoLnRkQmwQDoibkONLpcrUm9gI1H9cigQvuBflg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0NNIVASCpH3oRkwaJ1bFkhvuRoDwnmM2RaDPlfcOJ9M=; b=dSNwDcJ3Z4RGwWUF1QpNvjR0lCIkp5CbY+SPuGEsnmjRsTIgRaW6pboiNa3QiONBSTkhNsLeeKzcSxDmkSSv+5FAl4flBPryxeSUONIvcE55Mbw0aT21BDs26d73czNkieHE41V86uALJ3X3lgIXDSZXvP3eJ+i/JnF9LOayZ+otgEGa35OfqDmm4Fi8KeD6ncpxeeBYPaqP55m/mkB6MCyhIor5uAeAHQom046qXgK/lsh8XDm/XW+D7qJFE2xMWSbng1o/7LynjB3dW5xjt+6mnLyi3ZG5XdTrj6WF/IKyWnr5i0KusGIfHoZJkIoucz4/2fAjmYP5xmeRrj+EIw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nxp.com; Received: from AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) by AM9PR04MB8828.eurprd04.prod.outlook.com (2603:10a6:20b:40b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8534.44; Wed, 26 Mar 2025 13:15:20 +0000 Received: from AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827]) by AM9PR04MB8604.eurprd04.prod.outlook.com ([fe80::e751:223e:aa3d:5827%5]) with mapi id 15.20.8534.043; Wed, 26 Mar 2025 13:15:20 +0000 From: Pankaj Gupta Date: Thu, 27 Mar 2025 00:08:02 +0530 Subject: [PATCH v14 6/6] firmware: drivers: imx: adds miscdev Message-Id: <20250327-imx-se-if-v14-6-2219448932e4@nxp.com> References: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> In-Reply-To: <20250327-imx-se-if-v14-0-2219448932e4@nxp.com> To: Jonathan Corbet , Rob Herring , Krzysztof Kozlowski , Conor Dooley , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , Pankaj Gupta Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, imx@lists.linux.dev, linux-arm-kernel@lists.infradead.org X-Mailer: b4 0.13.0 X-Developer-Signature: v=1; a=ed25519-sha256; t=1743014302; l=39847; i=pankaj.gupta@nxp.com; s=20240523; h=from:subject:message-id; bh=Pm965ZxSgm5Tut4qEUOzWZLw8EGX2bIp+SF6P82dPPk=; b=yuiJb5xfVPbrwD4Mr7thRP4fjl5EAYpZJPL960xGqRWHNzbtuw2WjrS06/6W7AD1tYTgqcUeV HLCFJZubj3GB4OSvka+/Mpm5zWPR0eu04yH/Ebr1mW13xkHDoGa4I/9 X-Developer-Key: i=pankaj.gupta@nxp.com; a=ed25519; pk=OA0pBQoupy5lV0XfKzD8B0OOBVB6tpAoIf+0x1bYGRg= X-ClientProxiedBy: SG2P153CA0047.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c6::16) To AM9PR04MB8604.eurprd04.prod.outlook.com (2603:10a6:20b:43b::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AM9PR04MB8604:EE_|AM9PR04MB8828:EE_ X-MS-Office365-Filtering-Correlation-Id: dd4781b2-5084-4f98-320c-08dd6c6841b7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|52116014|1800799024|366016|38350700014|13003099007; X-Microsoft-Antispam-Message-Info: =?utf-8?q?k/RBtVaMOu+K0FEnQ1gYGNTZWefCltg?= =?utf-8?q?LmIC/qP3BwSmk/fgW3nnRTazASc3int4ek4VoIzEJu5cMJLblH7gZ/lfXsHZZ3drs?= =?utf-8?q?DIUPD3s7AVoZKcObjLcVLWkVHuvxDcNInefXQGYmD9peawNaEV3erx8IQToy5H8a9?= =?utf-8?q?pzMILyczXLzn96aXlTEAslM+1TnLOQTwGnqDUyrfjbDTuAELattkfOD7T3aOAorHT?= =?utf-8?q?37opJxifeI1RcFH+go6wxMdXHE8NAyu/x2ogSJb/ag9VOHjNxE9oNr7NmmfR5O6TZ?= =?utf-8?q?wvM9ZGSdLFUwsF7WB5B3mnjDb5PCpGo/QiGS3+XVWEX2hooCXo/dD4DBQFahkrXOc?= =?utf-8?q?bZB7XCAJQzxLLO5R6L13eOQ/QNlY53zB0iYNa6Yom9poOLFPa3gydxNwm/KFF5z7S?= =?utf-8?q?PXusiMR0UG52WiNlO46LckdBhyEJM0xfBSBl1i1Rw3wGzfBaODvO7h1bgWhAxC+Ke?= =?utf-8?q?e9r4N0TnbaKCHDY7dHCrBJiagysfu+zNnbHnzwg28jYACkTxS455nljd1fTlnzbSR?= =?utf-8?q?w/3t5kGctq7+tI6TA1abUhbo6xJvWPA7OwOO7JsT6kxJRS3zJYAhNqkHfo4653lSb?= =?utf-8?q?sJqULsCTVwu7s7JzR4KHtED7TjzKbYdw+2lOKDrW69wII+jGboU5xrtmR/So8cBhR?= =?utf-8?q?B0vcFyC7IaFrRE5QePfY5Z5pgYbx7lHefyLfXWLfsYehmMgiN51LxAVEN7oP8KWWh?= =?utf-8?q?G1qtQPiwfDgjuB5DeKotqj9Mvo0Xg+vnHNTe7rDMGYUfcnf9UcOB43BHaB6HSbGIw?= =?utf-8?q?R98wK73tlYHNZkHP2KgAljjRvA12de/kovZFKiusFC1141Ke8gDAEIUWtJVaBZSHw?= =?utf-8?q?7UM2Ra6EycHfXnnoVop5Rgm+p4nMHXbqvCmcnS9XFNgJsTwNEGeVv5UasU6sUBN/H?= =?utf-8?q?CNECNwkbCKc03kGZtEK+r+6ys/u+6xCWwySnG21VNSq3jqYfXODZUZq4ZZHGaOhtY?= =?utf-8?q?cdKh8jIIY3g1e6GbrtPj/x4ri0VTT0nzM/wcOhgNOvI3X/P9itCUc0zT3iqI1IsF8?= =?utf-8?q?j6Eiox1WJaVLUP1iBYe+rtRXgAQpp9nbnyBJ73QeMmySszBBmaUVtXbiaS4eW4fri?= =?utf-8?q?j/N2OAxjILZLP8UgxKjD+ZVpPNF4lDXZlxAbwm+88NL0rTHn4IonYDvIRU1DRzjYa?= =?utf-8?q?+q1XUWePXPoquQwezf+fNrJnbJBoL8Md8cadgYgQ0n5HYKB6NzKP9tW0k4McjYDPM?= =?utf-8?q?748AU1lkM1dxCLZB9WOh5eeRZs1R83YnWYX0ic4CkHZiLn/1a5FbrTWoXhHTu5y07?= =?utf-8?q?/8oKM7o+xnARFFFN9l5LPWzRIZAWia93SQBQbIAkB+afKLene9FAhWdym0sZPYXTi?= =?utf-8?q?Mh8OPyjVScNaDGgJoA101GvYlj2IfFHzL0DfH0qxmrBHBSriM2h7Ybb2tmDY67DIr?= =?utf-8?q?O9dyHa3/kyE1F22UWS+qo057w6UheNBvA=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR04MB8604.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(7416014)(376014)(52116014)(1800799024)(366016)(38350700014)(13003099007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?ow9UAbURuqtoL9xc+EkmSl+7krlR?= =?utf-8?q?+UABFFRWhKiWOcPRVGtcxXvha+ozHDdjrJQYvMvET2tW5CYIV2ji9UIJglnrG5eWR?= =?utf-8?q?9G2GL2xIdwOSuTfaa+Tz1uOL5MYCFjvkiapHXGLDM1xZKki3qQ2wfOsOkA3VQABhJ?= =?utf-8?q?HXuZlb3NQP9fa9NRubh6Wp2zFc3cmBI9YbgNtz4ffX1iosG6xkng/jGqbFowjd2RM?= =?utf-8?q?uMsNSbEdNldECsONif/4ch5CH9rU2S1Zc/yo7SZo8mntt9aHJgPZKpjFE6r/SNrxH?= =?utf-8?q?Xl9MSG731vC5/EkTi9pPblLQOf4mXiHs/YDMgmZWnBIDgbK3lUjniOeqLzjaB1pZ1?= =?utf-8?q?8mq8/rGFiV62+ikxpMKRUYM8X9zncFhpl2MNPVV6xPk/UbBvXn/GM9/XyjdOU1gw3?= =?utf-8?q?qZjOnWaV4h5dmjpn/pdDp78gnBKbrK5Ltv/B6AgBLqgoWMftvscOC5k4BngFExG/e?= =?utf-8?q?ypVJF//W0F1iVZpbBB6e5iisbsp5j4+na05czz2wgAzIBqaVIAIviwBqs48vbgx3Z?= =?utf-8?q?SvFOmrEW1r67r2v9A0EZKbvN5cGj+kjn0sGigCuJw5wyt27FojA2Z9bjFOvpPzfux?= =?utf-8?q?/82IwLtlsOH/0PNDaxwmEVxUgYvRhuiVPnlfs9SqnajsuE4ooB2eGj+p+ZSITRZOG?= =?utf-8?q?VNcaM3bU9Z+IgvpaKe7vcCOggrW3plgQ2cc8mY4Dx6JILorvcZhT7gbvRxbE1mGeJ?= =?utf-8?q?PJUvvO9HT52j9n/lAf+oM/FG2cTjiVzN+cqAXmw22xgGJEASHDtl9FfW1oy0avfHn?= =?utf-8?q?NuQwk7pUvoWOTQ14UmnjNbr9K0Khg1TVq56bihBRS+sc66uXjyhe6/srGSX6WZWI2?= =?utf-8?q?jqITk69lRVLp+g1VbHEpv/bi1s9FOO/UsgMUJSn1flGxZ/XTYOXeVZjRaD6d644U4?= =?utf-8?q?MzFfJPufdDC2crQItaxSkzFXKv6PmSGfurrpEqrF6IOcdowvWy88D6V9NtRBuVz+2?= =?utf-8?q?+9qtExV1S2/V81z3mQwRkAqKgW835d+p1OqYHaaj0HN1MRwhFJ1+frh2S4WahnxZh?= =?utf-8?q?qclKHvRnDUKETPf74jW4xGkxl6QT6Zz8cOySeeXHeQg2bCISufZMZUMiaIFJO4GX0?= =?utf-8?q?pXOIwuVOnMy8zjWkCFWaESRlmVgkImuBCuxa071G8q7rKCSUYqCcvlNqOCfg8p1MT?= =?utf-8?q?emZ/NJ+jE7JMGlyKV1Oyy1o4EBXoMHLXUfmYTrEYS5itkkk8h50ZBcN9TZ7kM3KhX?= =?utf-8?q?n4oESXJGb1Bkjq76Tk9BnRYSiHRUTo0rqSMSEc13Z3eSOzLQ4U9upL94n502nxGNT?= =?utf-8?q?BD3dXqLoRM1o/WXCZfHP06GQXF/H7kFrh4ySs5LxHZ4q1QUlMhWmLjMkFTSKfMhxe?= =?utf-8?q?83TCfmhDIiyeJi/0mc8FvX725T5DfWuMSbLKD4mgYqC2bqd71thfvWyi+TPxYLq+U?= =?utf-8?q?vB/Zwbi+wfKDB9rf0EuZtjcKYQUygB0UI6ytrpKVkBp45FI3LmkVkX0X0lnFUr1R6?= =?utf-8?q?U7QyM61N0E26TAU69TRx5KoRcE+9aoDA5sPZBwQSDjAzpxtYq/dwYLxWJwCCGODOh?= =?utf-8?q?iDvAWJ1b8fj6?= X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: dd4781b2-5084-4f98-320c-08dd6c6841b7 X-MS-Exchange-CrossTenant-AuthSource: AM9PR04MB8604.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2025 13:15:20.8418 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: q0HhWxyUWb12JkdeAkeo8EudUqjTgd8IOgVeY72iUT0u1PPrA2vgv65R5et1s3ASCiBAg1vYm8LFRPbc7+cHgw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB8828 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250326_061525_619970_3C9E3F9B X-CRM114-Status: GOOD ( 25.26 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Adds the driver for communication interface to secure-enclave, for exchanging messages with NXP secure enclave HW IP(s) like EdgeLock Enclave from: - User-Space Applications via character driver. ABI documentation for the NXP secure-enclave driver. User-space library using this driver: - i.MX Secure Enclave library: -- URL: https://github.com/nxp-imx/imx-secure-enclave.git, - i.MX Secure Middle-Ware: -- URL: https://github.com/nxp-imx/imx-smw.git Signed-off-by: Pankaj Gupta --- changes from v13 to v14 - moved definition of func se_load_firmware, from 4/6 patch to this patch. - split init_device_context to init_misc_device_context. - Different value of se_rcv_msg_timeout is required to be set. Receiving the response of 4K RSA operation can to take upto 3 minutes. This long value cannot be set during Linux: boot-up and suspend-resume. Hence, it will be set to default small-value during Linux: boot-up and suspend-resume. - func se_dev_ctx_cpy_out_data(), in either case: do_cpy true or false, the clean-up needs to be done and it is implemented like wise. Once do_cpy is false, no need to continue copy to user buffer. But continue to do clean-up. hence cannot return. And every dev-ctx operation is done after taking the lock. Hence, two operations with same dev-ctx is not possible in parallel. - func "init_device_context", for 0th misc dev_ctx, which is created at the time of probe, the device memory management is required. hence there is a difference. - func "init_device_context", dev_er is replaced with return dev_err_probe. - func "init_device_context", devm_add_action is replaced by devm_add_action_reset. - removed type-cast from func se_ioctl_get_se_soc_info_handler(). - used scoped_cond_guard(mutex, _intr, return -EBUSY, &) - combined dev_err & dev_dbg to one dev_err in se_if_fops_read(). - removed the structure member "se_shared_mem_mgmt->secure_mem". --- Documentation/ABI/testing/se-cdev | 43 ++ drivers/firmware/imx/ele_common.c | 70 +++- drivers/firmware/imx/ele_common.h | 8 +- drivers/firmware/imx/se_ctrl.c | 797 +++++++++++++++++++++++++++++++++++++- drivers/firmware/imx/se_ctrl.h | 34 ++ include/uapi/linux/se_ioctl.h | 101 +++++ 6 files changed, 1024 insertions(+), 29 deletions(-) diff --git a/Documentation/ABI/testing/se-cdev b/Documentation/ABI/testing/se-cdev new file mode 100644 index 000000000000..dad39ffd245a --- /dev/null +++ b/Documentation/ABI/testing/se-cdev @@ -0,0 +1,43 @@ +What: /dev/_mu[0-9]+_ch[0-9]+ +Date: Mar 2025 +KernelVersion: 6.8 +Contact: linux-imx@nxp.com, pankaj.gupta@nxp.com +Description: + NXP offers multiple hardware IP(s) for secure enclaves like EdgeLock- + Enclave(ELE), SECO. The character device file descriptors + /dev/_mu*_ch* are the interface between userspace NXP's secure- + enclave shared library and the kernel driver. + + The ioctl(2)-based ABI is defined and documented in + [include]. + ioctl(s) are used primarily for: + - shared memory management + - allocation of I/O buffers + - getting mu info + - setting a dev-ctx as receiver to receive all the commands from FW + - getting SoC info + - send command and receive command response + + The following file operations are supported: + + open(2) + Currently the only useful flags are O_RDWR. + + read(2) + Every read() from the opened character device context is waiting on + wait_event_interruptible, that gets set by the registered mailbox callback + function, indicating a message received from the firmware on message- + unit. + + write(2) + Every write() to the opened character device context needs to acquire + mailbox_lock before sending message on to the message unit. + + close(2) + Stops and frees up the I/O contexts that were associated + with the file descriptor. + +Users: https://github.com/nxp-imx/imx-secure-enclave.git, + https://github.com/nxp-imx/imx-smw.git + crypto/skcipher, + drivers/nvmem/imx-ocotp-ele.c diff --git a/drivers/firmware/imx/ele_common.c b/drivers/firmware/imx/ele_common.c index f75a8237e353..7978772f034d 100644 --- a/drivers/firmware/imx/ele_common.c +++ b/drivers/firmware/imx/ele_common.c @@ -6,6 +6,8 @@ #include "ele_base_msg.h" #include "ele_common.h" +u32 se_rcv_msg_timeout = SE_RCV_MSG_DEFAULT_TIMEOUT; + /* * se_add_msg_chksum() - to calculate checksum word by word. * @@ -38,32 +40,52 @@ u32 se_add_msg_chksum(u32 *msg, u32 msg_len) return chksum; } -int ele_msg_rcv(struct se_if_priv *priv, +void set_se_rcv_msg_timeout(u32 val) +{ + se_rcv_msg_timeout = val; +} + +int ele_msg_rcv(struct se_if_device_ctx *dev_ctx, struct se_clbk_handle *se_clbk_hdl) { - int err = 0; + struct se_if_priv *priv = dev_ctx->priv; + unsigned int wait; + int ret; do { - err = wait_for_completion_interruptible(&se_clbk_hdl->done); - if (err == -ERESTARTSYS) { - if (priv->waiting_rsp_clbk_hdl.rx_msg) { + wait = priv->cmd_receiver_clbk_hdl.dev_ctx == dev_ctx ? + MAX_SCHEDULE_TIMEOUT : msecs_to_jiffies(se_rcv_msg_timeout); + + ret = wait_for_completion_interruptible_timeout(&se_clbk_hdl->done, wait); + + if (ret == -ERESTARTSYS) { + if (priv->waiting_rsp_clbk_hdl.dev_ctx) { priv->waiting_rsp_clbk_hdl.signal_rcvd = true; continue; } + ret = -EINTR; + break; + } + if (ret == 0) { + ret = -ETIMEDOUT; dev_err(priv->dev, - "Err[0x%x]:Interrupted by signal.\n", err); - err = -EINTR; + "Fatal Error: SE interface: %s%d, hangs indefinitely.\n", + get_se_if_name(priv->if_defs->se_if_type), + priv->if_defs->se_instance_id); break; } - } while (err != 0); + ret = se_clbk_hdl->rx_msg_sz; + break; + } while (ret < 0); - return err ? err : se_clbk_hdl->rx_msg_sz; + return ret; } -int ele_msg_send(struct se_if_priv *priv, +int ele_msg_send(struct se_if_device_ctx *dev_ctx, void *tx_msg, int tx_msg_sz) { + struct se_if_priv *priv = dev_ctx->priv; struct se_msg_hdr *header = tx_msg; int err; @@ -73,7 +95,8 @@ int ele_msg_send(struct se_if_priv *priv, */ if (header->size << 2 != tx_msg_sz) { dev_err(priv->dev, - "User buf hdr: 0x%x, sz mismatced with input-sz (%d != %d).", + "%s: User buf hdr: 0x%x, sz mismatced with input-sz (%d != %d).", + dev_ctx->devname, *(u32 *)header, header->size << 2, tx_msg_sz); return -EINVAL; @@ -81,7 +104,9 @@ int ele_msg_send(struct se_if_priv *priv, err = mbox_send_message(priv->tx_chan, tx_msg); if (err < 0) { - dev_err(priv->dev, "Error: mbox_send_message failure.\n"); + dev_err(priv->dev, + "%s: Error: mbox_send_message failure.", + dev_ctx->devname); return err; } @@ -100,21 +125,24 @@ int ele_msg_send_rcv(struct se_if_device_ctx *dev_ctx, guard(mutex)(&priv->se_if_cmd_lock); + priv->waiting_rsp_clbk_hdl.dev_ctx = dev_ctx; priv->waiting_rsp_clbk_hdl.rx_msg_sz = exp_rx_msg_sz; priv->waiting_rsp_clbk_hdl.rx_msg = rx_msg; - err = ele_msg_send(priv, tx_msg, tx_msg_sz); + err = ele_msg_send(dev_ctx, tx_msg, tx_msg_sz); if (err < 0) return err; - err = ele_msg_rcv(priv, &priv->waiting_rsp_clbk_hdl); + err = ele_msg_rcv(dev_ctx, &priv->waiting_rsp_clbk_hdl); if (priv->waiting_rsp_clbk_hdl.signal_rcvd) { err = -EINTR; priv->waiting_rsp_clbk_hdl.signal_rcvd = false; dev_err(priv->dev, - "Err[0x%x]:Interrupted by signal.\n", err); + "%s: Err[0x%x]:Interrupted by signal.\n", + dev_ctx->devname, err); } + priv->waiting_rsp_clbk_hdl.dev_ctx = NULL; return err; } @@ -160,7 +188,8 @@ void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg) if (header->tag == priv->if_defs->cmd_tag) { se_clbk_hdl = &priv->cmd_receiver_clbk_hdl; dev_dbg(dev, - "Selecting cmd receiver for mesg header:0x%x.", + "Selecting cmd receiver:%s for mesg header:0x%x.", + se_clbk_hdl->dev_ctx->devname, *(u32 *)header); /* Pre-allocated buffer of MAX_NVM_MSG_LEN @@ -169,7 +198,8 @@ void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg) */ if (rx_msg_sz > MAX_NVM_MSG_LEN) { dev_err(dev, - "CMD-RCVER NVM: hdr(0x%x) with different sz(%d != %d).\n", + "%s: CMD-RCVER NVM: hdr(0x%x) with different sz(%d != %d).\n", + se_clbk_hdl->dev_ctx->devname, *(u32 *)header, rx_msg_sz, se_clbk_hdl->rx_msg_sz); @@ -180,13 +210,15 @@ void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg) } else if (header->tag == priv->if_defs->rsp_tag) { se_clbk_hdl = &priv->waiting_rsp_clbk_hdl; dev_dbg(dev, - "Selecting resp waiter for mesg header:0x%x.", + "Selecting resp waiter:%s for mesg header:0x%x.", + se_clbk_hdl->dev_ctx->devname, *(u32 *)header); if (rx_msg_sz != se_clbk_hdl->rx_msg_sz && check_hdr_exception_for_sz(priv, header)) { dev_err(dev, - "Rsp to CMD: hdr(0x%x) with different sz(%d != %d).\n", + "%s: Rsp to CMD: hdr(0x%x) with different sz(%d != %d).\n", + se_clbk_hdl->dev_ctx->devname, *(u32 *)header, rx_msg_sz, se_clbk_hdl->rx_msg_sz); diff --git a/drivers/firmware/imx/ele_common.h b/drivers/firmware/imx/ele_common.h index a6bf93f0048f..dc7da69c0f92 100644 --- a/drivers/firmware/imx/ele_common.h +++ b/drivers/firmware/imx/ele_common.h @@ -12,10 +12,14 @@ #define IMX_ELE_FW_DIR "imx/ele/" +#define SE_RCV_MSG_DEFAULT_TIMEOUT 5000 +#define SE_RCV_MSG_LONG_TIMEOUT 5000000 + +void set_se_rcv_msg_timeout(u32 val); u32 se_add_msg_chksum(u32 *msg, u32 msg_len); -int ele_msg_rcv(struct se_if_priv *priv, +int ele_msg_rcv(struct se_if_device_ctx *dev_ctx, struct se_clbk_handle *se_clbk_hdl); -int ele_msg_send(struct se_if_priv *priv, +int ele_msg_send(struct se_if_device_ctx *dev_ctx, void *tx_msg, int tx_msg_sz); int ele_msg_send_rcv(struct se_if_device_ctx *dev_ctx, diff --git a/drivers/firmware/imx/se_ctrl.c b/drivers/firmware/imx/se_ctrl.c index 144a727bbfe0..9dbe866b7b13 100644 --- a/drivers/firmware/imx/se_ctrl.c +++ b/drivers/firmware/imx/se_ctrl.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "ele_base_msg.h" #include "ele_common.h" @@ -31,8 +32,6 @@ #define MAX_SOC_INFO_DATA_SZ 256 #define MBOX_TX_NAME "tx" #define MBOX_RX_NAME "rx" -#define SE_TYPE_STR_HSM "hsm" -#define SE_TYPE_ID_HSM 0x2 struct se_fw_img_name { const u8 *prim_fw_nm_in_rfs; @@ -118,6 +117,24 @@ static const struct of_device_id se_match[] = { {}, }; +char *get_se_if_name(u8 se_if_id) +{ + switch (se_if_id) { + case SE_TYPE_ID_DBG: return SE_TYPE_STR_DBG; + case SE_TYPE_ID_HSM: return SE_TYPE_STR_HSM; + } + + return NULL; +} + +static uint32_t get_se_soc_id(struct se_if_priv *priv) +{ + const struct se_soc_info *se_info = + device_get_match_data(priv->dev); + + return se_info->soc_id; +} + static struct se_fw_load_info *get_load_fw_instance(struct se_if_priv *priv) { return &var_se_info.load_fw; @@ -191,31 +208,785 @@ static int get_se_soc_info(struct se_if_priv *priv, const struct se_soc_info *se return 0; } -static int init_misc_device_context(struct se_if_priv *priv, int ch_id, - struct se_if_device_ctx **new_dev_ctx) +static int load_firmware(struct se_if_priv *priv, const u8 *se_img_file_to_load) +{ + const struct firmware *fw = NULL; + phys_addr_t se_fw_phyaddr; + u8 *se_fw_buf; + int ret; + + if (!se_img_file_to_load) { + dev_err(priv->dev, "FW image is not provided."); + return -EINVAL; + } + ret = request_firmware(&fw, se_img_file_to_load, priv->dev); + if (ret) + return ret; + + dev_info(priv->dev, "loading firmware %s\n", se_img_file_to_load); + + /* allocate buffer to store the SE FW */ + se_fw_buf = dma_alloc_coherent(priv->dev, fw->size, + &se_fw_phyaddr, GFP_KERNEL); + if (!se_fw_buf) + return -ENOMEM; + + memcpy(se_fw_buf, fw->data, fw->size); + ret = ele_fw_authenticate(priv, se_fw_phyaddr); + if (ret < 0) { + dev_err(priv->dev, + "Error %pe: Authenticate & load SE firmware %s.\n", + ERR_PTR(ret), + se_img_file_to_load); + ret = -EPERM; + } + + dma_free_coherent(priv->dev, + fw->size, + se_fw_buf, + se_fw_phyaddr); + + release_firmware(fw); + + return ret; +} + +static int se_load_firmware(struct se_if_priv *priv) +{ + struct se_fw_load_info *load_fw = get_load_fw_instance(priv); + int ret = 0; + + if (!load_fw->is_fw_tobe_loaded) + return 0; + + if (load_fw->imem.state == ELE_IMEM_STATE_BAD) { + ret = load_firmware(priv, load_fw->se_fw_img_nm->prim_fw_nm_in_rfs); + if (ret) { + dev_err(priv->dev, "Failed to load boot firmware."); + return -EPERM; + } + } + + ret = load_firmware(priv, load_fw->se_fw_img_nm->seco_fw_nm_in_rfs); + if (ret) { + dev_err(priv->dev, "Failed to load runtime firmware."); + return -EPERM; + } + + load_fw->is_fw_tobe_loaded = false; + + return ret; +} + +static int init_se_shared_mem(struct se_if_device_ctx *dev_ctx) +{ + struct se_shared_mem_mgmt_info *se_shared_mem_mgmt = &dev_ctx->se_shared_mem_mgmt; + struct se_if_priv *priv = dev_ctx->priv; + + INIT_LIST_HEAD(&se_shared_mem_mgmt->pending_out); + INIT_LIST_HEAD(&se_shared_mem_mgmt->pending_in); + + /* + * Allocate some memory for data exchanges with S40x. + * This will be used for data not requiring secure memory. + */ + se_shared_mem_mgmt->non_secure_mem.ptr = + dma_alloc_coherent(priv->dev, + MAX_DATA_SIZE_PER_USER, + &se_shared_mem_mgmt->non_secure_mem.dma_addr, + GFP_KERNEL); + if (!se_shared_mem_mgmt->non_secure_mem.ptr) + return -ENOMEM; + + se_shared_mem_mgmt->non_secure_mem.size = MAX_DATA_SIZE_PER_USER; + se_shared_mem_mgmt->non_secure_mem.pos = 0; + + return 0; +} + +static void cleanup_se_shared_mem(struct se_if_device_ctx *dev_ctx) +{ + struct se_shared_mem_mgmt_info *se_shared_mem_mgmt = &dev_ctx->se_shared_mem_mgmt; + struct se_if_priv *priv = dev_ctx->priv; + + /* Free non-secure shared buffer. */ + dma_free_coherent(priv->dev, MAX_DATA_SIZE_PER_USER, + se_shared_mem_mgmt->non_secure_mem.ptr, + se_shared_mem_mgmt->non_secure_mem.dma_addr); + + se_shared_mem_mgmt->non_secure_mem.ptr = NULL; + se_shared_mem_mgmt->non_secure_mem.dma_addr = 0; + se_shared_mem_mgmt->non_secure_mem.size = 0; + se_shared_mem_mgmt->non_secure_mem.pos = 0; +} + +/* Need to copy the output data to user-device context. + */ +static int se_dev_ctx_cpy_out_data(struct se_if_device_ctx *dev_ctx) +{ + struct se_shared_mem_mgmt_info *se_shared_mem_mgmt = &dev_ctx->se_shared_mem_mgmt; + struct se_if_priv *priv = dev_ctx->priv; + struct se_buf_desc *b_desc, *temp; + bool do_cpy = true; + + list_for_each_entry_safe(b_desc, temp, &se_shared_mem_mgmt->pending_out, link) { + // TBD + if (b_desc->usr_buf_ptr && b_desc->shared_buf_ptr && do_cpy) { + dev_dbg(priv->dev, + "Copying output data to user."); + if (do_cpy && copy_to_user(b_desc->usr_buf_ptr, + b_desc->shared_buf_ptr, + b_desc->size)) { + dev_err(priv->dev, + "Failure copying output data to user."); + do_cpy = false; + } + } + + if (b_desc->shared_buf_ptr) + memset(b_desc->shared_buf_ptr, 0, b_desc->size); + + list_del(&b_desc->link); + kfree(b_desc); + } + + return do_cpy ? 0 : -EFAULT; +} + +/* + * Clean the used Shared Memory space, + * whether its Input Data copied from user buffers, or + * Data received from FW. + */ +static void se_dev_ctx_shared_mem_cleanup(struct se_if_device_ctx *dev_ctx) +{ + struct se_shared_mem_mgmt_info *se_shared_mem_mgmt = &dev_ctx->se_shared_mem_mgmt; + struct list_head *pending_lists[] = {&se_shared_mem_mgmt->pending_in, + &se_shared_mem_mgmt->pending_out}; + struct se_buf_desc *b_desc, *temp; + int i; + + for (i = 0; i < 2; i++) { + list_for_each_entry_safe(b_desc, temp, + pending_lists[i], link) { + if (b_desc->shared_buf_ptr) + memset(b_desc->shared_buf_ptr, 0, b_desc->size); + + list_del(&b_desc->link); + kfree(b_desc); + } + } + se_shared_mem_mgmt->non_secure_mem.pos = 0; +} + +static int add_b_desc_to_pending_list(void *shared_ptr_with_pos, + struct se_ioctl_setup_iobuf *io, + struct se_if_device_ctx *dev_ctx) +{ + struct se_shared_mem_mgmt_info *se_shared_mem_mgmt = &dev_ctx->se_shared_mem_mgmt; + struct se_buf_desc *b_desc = NULL; + + b_desc = kzalloc(sizeof(*b_desc), GFP_KERNEL); + if (!b_desc) + return -ENOMEM; + + b_desc->shared_buf_ptr = shared_ptr_with_pos; + b_desc->usr_buf_ptr = io->user_buf; + b_desc->size = io->length; + + if (io->flags & SE_IO_BUF_FLAGS_IS_INPUT) { + /* + * buffer is input: + * add an entry in the "pending input buffers" list so + * that copied data can be cleaned from shared memory + * later. + */ + list_add_tail(&b_desc->link, &se_shared_mem_mgmt->pending_in); + } else { + /* + * buffer is output: + * add an entry in the "pending out buffers" list so data + * can be copied to user space when receiving Secure-Enclave + * response. + */ + list_add_tail(&b_desc->link, &se_shared_mem_mgmt->pending_out); + } + + return 0; +} + +/* interface for managed res to unregister a character device */ +static void if_misc_deregister(void *miscdevice) +{ + misc_deregister(miscdevice); +} + +static int init_device_context(struct se_if_priv *priv, int ch_id, + struct se_if_device_ctx **new_dev_ctx) { struct se_if_device_ctx *dev_ctx; int ret = 0; - dev_ctx = devm_kzalloc(priv->dev, sizeof(*dev_ctx), GFP_KERNEL); + dev_ctx = kzalloc(sizeof(*dev_ctx), GFP_KERNEL); if (!dev_ctx) return -ENOMEM; + dev_ctx->devname = kasprintf(GFP_KERNEL, "%s%d_ch%d", + get_se_if_name(priv->if_defs->se_if_type), + priv->if_defs->se_instance_id, + ch_id); + if (!dev_ctx->devname) { + kfree(dev_ctx); + return -ENOMEM; + } + + mutex_init(&dev_ctx->fops_lock); dev_ctx->priv = priv; + *new_dev_ctx = dev_ctx; + + list_add_tail(&dev_ctx->link, &priv->dev_ctx_list); + priv->active_devctx_count++; + + ret = init_se_shared_mem(dev_ctx); + if (ret < 0) { + kfree(dev_ctx->devname); + kfree(dev_ctx); + *new_dev_ctx = NULL; + } + + return ret; +} + +static int init_misc_device_context(struct se_if_priv *priv, int ch_id, + struct se_if_device_ctx **new_dev_ctx, + const struct file_operations *se_if_fops) +{ + struct se_if_device_ctx *dev_ctx; + int ret = 0; + + dev_ctx = devm_kzalloc(priv->dev, sizeof(*dev_ctx), GFP_KERNEL); + + if (!dev_ctx) + return -ENOMEM; dev_ctx->devname = devm_kasprintf(priv->dev, GFP_KERNEL, "%s%d_ch%d", - SE_TYPE_STR_HSM, + get_se_if_name(priv->if_defs->se_if_type), priv->if_defs->se_instance_id, ch_id); if (!dev_ctx->devname) return -ENOMEM; + mutex_init(&dev_ctx->fops_lock); + + dev_ctx->priv = priv; *new_dev_ctx = dev_ctx; + dev_ctx->miscdev = devm_kzalloc(priv->dev, sizeof(*dev_ctx->miscdev), GFP_KERNEL); + if (!dev_ctx->miscdev) { + *new_dev_ctx = NULL; + return -ENOMEM; + } + + dev_ctx->miscdev->name = dev_ctx->devname; + dev_ctx->miscdev->minor = MISC_DYNAMIC_MINOR; + dev_ctx->miscdev->fops = se_if_fops; + dev_ctx->miscdev->parent = priv->dev; + ret = misc_register(dev_ctx->miscdev); + if (ret) + return dev_err_probe(priv->dev, ret, "Failed to register misc device."); + + ret = devm_add_action_or_reset(priv->dev, if_misc_deregister, + dev_ctx->miscdev); + if (ret) + return dev_err_probe(priv->dev, ret, + "Failed to add action to the misc-dev."); return ret; } +static int se_ioctl_cmd_snd_rcv_rsp_handler(struct se_if_device_ctx *dev_ctx, + u64 arg) +{ + struct se_ioctl_cmd_snd_rcv_rsp_info cmd_snd_rcv_rsp_info = {0}; + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_api_msg *rx_msg __free(kfree) = NULL; + struct se_if_priv *priv = dev_ctx->priv; + int err = 0; + + if (copy_from_user(&cmd_snd_rcv_rsp_info, (u8 __user *)arg, + sizeof(cmd_snd_rcv_rsp_info))) { + dev_err(priv->dev, + "%s: Failed to copy cmd_snd_rcv_rsp_info from user\n", + dev_ctx->devname); + err = -EFAULT; + goto exit; + } + + if (cmd_snd_rcv_rsp_info.tx_buf_sz < SE_MU_HDR_SZ) { + dev_err(priv->dev, + "%s: User buffer too small(%d < %d)\n", + dev_ctx->devname, + cmd_snd_rcv_rsp_info.tx_buf_sz, + SE_MU_HDR_SZ); + err = -ENOSPC; + goto exit; + } + + rx_msg = kzalloc(cmd_snd_rcv_rsp_info.rx_buf_sz, GFP_KERNEL); + if (!rx_msg) { + err = -ENOMEM; + goto exit; + } + + tx_msg = memdup_user(cmd_snd_rcv_rsp_info.tx_buf, + cmd_snd_rcv_rsp_info.tx_buf_sz); + if (IS_ERR(tx_msg)) { + err = PTR_ERR(tx_msg); + goto exit; + } + + if (tx_msg->header.tag != priv->if_defs->cmd_tag) { + err = -EINVAL; + goto exit; + } + + if (tx_msg->header.ver == priv->if_defs->fw_api_ver && + get_load_fw_instance(priv)->is_fw_tobe_loaded) { + err = se_load_firmware(priv); + if (err) { + dev_err(priv->dev, "Could not send the message as FW is not loaded."); + err = -EPERM; + goto exit; + } + } + set_se_rcv_msg_timeout(SE_RCV_MSG_LONG_TIMEOUT); + + err = ele_msg_send_rcv(dev_ctx, + tx_msg, + cmd_snd_rcv_rsp_info.tx_buf_sz, + rx_msg, + cmd_snd_rcv_rsp_info.rx_buf_sz); + if (err < 0) + goto exit; + + dev_dbg(priv->dev, + "%s: %s %s\n", + dev_ctx->devname, + __func__, + "message received, start transmit to user"); + + /* We may need to copy the output data to user before + * delivering the completion message. + */ + err = se_dev_ctx_cpy_out_data(dev_ctx); + if (err < 0) + goto exit; + + /* Copy data from the buffer */ + print_hex_dump_debug("to user ", DUMP_PREFIX_OFFSET, 4, 4, + rx_msg, + cmd_snd_rcv_rsp_info.rx_buf_sz, false); + + if (copy_to_user(cmd_snd_rcv_rsp_info.rx_buf, rx_msg, + cmd_snd_rcv_rsp_info.rx_buf_sz)) { + dev_err(priv->dev, + "%s: Failed to copy to user\n", + dev_ctx->devname); + err = -EFAULT; + } + +exit: + + /* shared memory is allocated before this IOCTL */ + se_dev_ctx_shared_mem_cleanup(dev_ctx); + + if (copy_to_user((void __user *)arg, &cmd_snd_rcv_rsp_info, + sizeof(cmd_snd_rcv_rsp_info))) { + dev_err(priv->dev, + "%s: Failed to copy cmd_snd_rcv_rsp_info from user\n", + dev_ctx->devname); + err = -EFAULT; + } + + return err; +} + +static int se_ioctl_get_mu_info(struct se_if_device_ctx *dev_ctx, + u64 arg) +{ + struct se_if_priv *priv = dev_ctx->priv; + struct se_ioctl_get_if_info if_info; + struct se_if_node *if_node; + int err = 0; + + if_node = container_of(priv->if_defs, typeof(*if_node), if_defs); + + if_info.se_if_id = 0; + if_info.interrupt_idx = 0; + if_info.tz = 0; + if_info.did = 0; + if_info.cmd_tag = priv->if_defs->cmd_tag; + if_info.rsp_tag = priv->if_defs->rsp_tag; + if_info.success_tag = priv->if_defs->success_tag; + if_info.base_api_ver = priv->if_defs->base_api_ver; + if_info.fw_api_ver = priv->if_defs->fw_api_ver; + + dev_dbg(priv->dev, + "%s: info [se_if_id: %d, irq_idx: %d, tz: 0x%x, did: 0x%x]\n", + dev_ctx->devname, + if_info.se_if_id, if_info.interrupt_idx, + if_info.tz, if_info.did); + + if (copy_to_user((u8 __user *)arg, &if_info, sizeof(if_info))) { + dev_err(priv->dev, + "%s: Failed to copy mu info to user\n", + dev_ctx->devname); + err = -EFAULT; + } + + return err; +} + +/* + * Copy a buffer of data to/from the user and return the address to use in + * messages + */ +static int se_ioctl_setup_iobuf_handler(struct se_if_device_ctx *dev_ctx, + u64 arg) +{ + struct se_shared_mem *shared_mem = NULL; + struct se_ioctl_setup_iobuf io = {0}; + int err = 0; + u32 pos; + + if (copy_from_user(&io, (u8 __user *)arg, sizeof(io))) { + dev_err(dev_ctx->priv->dev, + "%s: Failed copy iobuf config from user\n", + dev_ctx->devname); + return -EFAULT; + } + + dev_dbg(dev_ctx->priv->dev, + "%s: io [buf: %p(%d) flag: %x]\n", + dev_ctx->devname, + io.user_buf, io.length, io.flags); + + if (io.length == 0 || !io.user_buf) { + /* + * Accept NULL pointers since some buffers are optional + * in FW commands. In this case we should return 0 as + * pointer to be embedded into the message. + * Skip all data copy part of code below. + */ + io.ele_addr = 0; + goto copy; + } + + /* No specific requirement for this buffer. */ + shared_mem = &dev_ctx->se_shared_mem_mgmt.non_secure_mem; + + /* Check there is enough space in the shared memory. */ + dev_dbg(dev_ctx->priv->dev, + "%s: req_size = %d, max_size= %d, curr_pos = %d", + dev_ctx->devname, + round_up(io.length, 8u), + shared_mem->size, shared_mem->pos); + + if (shared_mem->size < shared_mem->pos || + round_up(io.length, 8u) > (shared_mem->size - shared_mem->pos)) { + dev_err(dev_ctx->priv->dev, + "%s: Not enough space in shared memory\n", + dev_ctx->devname); + return -ENOMEM; + } + + /* Allocate space in shared memory. 8 bytes aligned. */ + pos = shared_mem->pos; + shared_mem->pos += round_up(io.length, 8u); + io.ele_addr = (u64)shared_mem->dma_addr + pos; + + memset(shared_mem->ptr + pos, 0, io.length); + if ((io.flags & SE_IO_BUF_FLAGS_IS_INPUT) || + (io.flags & SE_IO_BUF_FLAGS_IS_IN_OUT)) { + /* + * buffer is input: + * copy data from user space to this allocated buffer. + */ + if (copy_from_user(shared_mem->ptr + pos, io.user_buf, + io.length)) { + dev_err(dev_ctx->priv->dev, + "%s: Failed copy data to shared memory\n", + dev_ctx->devname); + return -EFAULT; + } + } + + err = add_b_desc_to_pending_list(shared_mem->ptr + pos, + &io, + dev_ctx); + if (err < 0) + dev_err(dev_ctx->priv->dev, + "%s: Failed to allocate/link b_desc.", + dev_ctx->devname); + +copy: + /* Provide the EdgeLock Enclave address to user space only if success.*/ + if (copy_to_user((u8 __user *)arg, &io, sizeof(io))) { + dev_err(dev_ctx->priv->dev, + "%s: Failed to copy iobuff setup to user.", + dev_ctx->devname); + err = -EFAULT; + } + + return err; +} + +/* IOCTL to provide SoC information */ +static int se_ioctl_get_se_soc_info_handler(struct se_if_device_ctx *dev_ctx, + u64 arg) +{ + struct se_ioctl_get_soc_info soc_info; + int err = -EINVAL; + + soc_info.soc_id = get_se_soc_id(dev_ctx->priv); + soc_info.soc_rev = var_se_info.soc_rev; + + err = copy_to_user((u8 __user *)arg, (u8 *)(&soc_info), sizeof(soc_info)); + if (err) { + dev_err(dev_ctx->priv->dev, + "%s: Failed to copy soc info to user\n", + dev_ctx->devname); + err = -EFAULT; + } + + return err; +} + +/* + * File operations for user-space + */ + +/* Write a message to the MU. */ +static ssize_t se_if_fops_write(struct file *fp, const char __user *buf, + size_t size, loff_t *ppos) +{ + struct se_if_device_ctx *dev_ctx = fp->private_data; + struct se_api_msg *tx_msg __free(kfree) = NULL; + struct se_if_priv *priv = dev_ctx->priv; + int err; + + dev_dbg(priv->dev, + "%s: write from buf (%p)%zu, ppos=%lld\n", + dev_ctx->devname, + buf, size, ((ppos) ? *ppos : 0)); + + scoped_cond_guard(mutex_intr, return -EBUSY, &dev_ctx->fops_lock) { + if (dev_ctx != priv->cmd_receiver_clbk_hdl.dev_ctx) + return -EINVAL; + + if (size < SE_MU_HDR_SZ) { + dev_err(priv->dev, + "%s: User buffer too small(%zu < %d)\n", + dev_ctx->devname, + size, SE_MU_HDR_SZ); + return -ENOSPC; + } + + tx_msg = memdup_user(buf, size); + if (IS_ERR(tx_msg)) + return PTR_ERR(tx_msg); + + print_hex_dump_debug("from user ", DUMP_PREFIX_OFFSET, 4, 4, + tx_msg, size, false); + + err = ele_msg_send(dev_ctx, tx_msg, size); + + return err; + } +} + +/* + * Read a message from the MU. + * Blocking until a message is available. + */ +static ssize_t se_if_fops_read(struct file *fp, char __user *buf, + size_t size, loff_t *ppos) +{ + struct se_if_device_ctx *dev_ctx = fp->private_data; + struct se_if_priv *priv = dev_ctx->priv; + int err; + + dev_dbg(priv->dev, + "%s: read to buf %p(%zu), ppos=%lld\n", + dev_ctx->devname, + buf, size, ((ppos) ? *ppos : 0)); + + scoped_cond_guard(mutex_intr, return -EBUSY, &dev_ctx->fops_lock) { + if (dev_ctx != priv->cmd_receiver_clbk_hdl.dev_ctx) { + err = -EINVAL; + goto exit; + } + + err = ele_msg_rcv(dev_ctx, &priv->cmd_receiver_clbk_hdl); + if (err < 0) { + dev_err(priv->dev, + "%s: Err[0x%x]:Interrupted by signal." + "Current active dev-ctx count = %d.", + dev_ctx->devname, err, + dev_ctx->priv->active_devctx_count); + goto exit; + } + + /* We may need to copy the output data to user before + * delivering the completion message. + */ + err = se_dev_ctx_cpy_out_data(dev_ctx); + if (err < 0) + goto exit; + + /* Copy data from the buffer */ + print_hex_dump_debug("to user ", DUMP_PREFIX_OFFSET, 4, 4, + priv->cmd_receiver_clbk_hdl.rx_msg, + priv->cmd_receiver_clbk_hdl.rx_msg_sz, + false); + + if (copy_to_user(buf, priv->cmd_receiver_clbk_hdl.rx_msg, + priv->cmd_receiver_clbk_hdl.rx_msg_sz)) { + dev_err(priv->dev, + "%s: Failed to copy to user\n", + dev_ctx->devname); + err = -EFAULT; + } else { + err = priv->cmd_receiver_clbk_hdl.rx_msg_sz; + } +exit: + priv->cmd_receiver_clbk_hdl.rx_msg_sz = 0; + + se_dev_ctx_shared_mem_cleanup(dev_ctx); + + return err; + } +} + +/* Open a character device. */ +static int se_if_fops_open(struct inode *nd, struct file *fp) +{ + struct miscdevice *miscdev = fp->private_data; + struct se_if_device_ctx *misc_dev_ctx; + struct se_if_device_ctx *dev_ctx; + struct se_if_priv *priv; + int err = 0; + + priv = dev_get_drvdata(miscdev->parent); + misc_dev_ctx = priv->priv_dev_ctx; + + scoped_cond_guard(mutex_intr, return -EBUSY, &misc_dev_ctx->fops_lock) { + priv->dev_ctx_mono_count++; + err = init_device_context(priv, + priv->dev_ctx_mono_count ? + priv->dev_ctx_mono_count + : priv->dev_ctx_mono_count++, + &dev_ctx); + if (err) + dev_err(priv->dev, + "Failed[0x%x] to create device contexts.\n", + err); + else + fp->private_data = dev_ctx; + + return err; + } +} + +/* Close a character device. */ +static int se_if_fops_close(struct inode *nd, struct file *fp) +{ + struct se_if_device_ctx *dev_ctx = fp->private_data; + struct se_if_priv *priv = dev_ctx->priv; + + scoped_cond_guard(mutex_intr, return -EBUSY, &dev_ctx->fops_lock) { + /* check if this device was registered as command receiver. */ + if (priv->cmd_receiver_clbk_hdl.dev_ctx == dev_ctx) { + priv->cmd_receiver_clbk_hdl.dev_ctx = NULL; + kfree(priv->cmd_receiver_clbk_hdl.rx_msg); + priv->cmd_receiver_clbk_hdl.rx_msg = NULL; + } + + se_dev_ctx_shared_mem_cleanup(dev_ctx); + cleanup_se_shared_mem(dev_ctx); + + priv->active_devctx_count--; + list_del(&dev_ctx->link); + + kfree(dev_ctx->devname); + kfree(dev_ctx); + } + + return 0; +} + +/* IOCTL entry point of a character device */ +static long se_ioctl(struct file *fp, unsigned int cmd, unsigned long arg) +{ + struct se_if_device_ctx *dev_ctx = fp->private_data; + struct se_if_priv *priv = dev_ctx->priv; + int err; + + /* Prevent race during change of device context */ + scoped_cond_guard(mutex_intr, return -EBUSY, &dev_ctx->fops_lock) { + switch (cmd) { + case SE_IOCTL_ENABLE_CMD_RCV: + if (!priv->cmd_receiver_clbk_hdl.dev_ctx) { + if (!priv->cmd_receiver_clbk_hdl.rx_msg) { + priv->cmd_receiver_clbk_hdl.rx_msg = + kzalloc(MAX_NVM_MSG_LEN, + GFP_KERNEL); + if (!priv->cmd_receiver_clbk_hdl.rx_msg) { + err = -ENOMEM; + break; + } + } + priv->cmd_receiver_clbk_hdl.rx_msg_sz = MAX_NVM_MSG_LEN; + priv->cmd_receiver_clbk_hdl.dev_ctx = dev_ctx; + err = 0; + } else { + err = -EBUSY; + } + break; + case SE_IOCTL_GET_MU_INFO: + err = se_ioctl_get_mu_info(dev_ctx, arg); + break; + case SE_IOCTL_SETUP_IOBUF: + err = se_ioctl_setup_iobuf_handler(dev_ctx, arg); + break; + case SE_IOCTL_GET_SOC_INFO: + err = se_ioctl_get_se_soc_info_handler(dev_ctx, arg); + break; + case SE_IOCTL_CMD_SEND_RCV_RSP: + err = se_ioctl_cmd_snd_rcv_rsp_handler(dev_ctx, arg); + break; + default: + err = -EINVAL; + dev_dbg(priv->dev, + "%s: IOCTL %.8x not supported\n", + dev_ctx->devname, + cmd); + } + } + + return (long)err; +} + +/* Char driver setup */ +static const struct file_operations se_if_fops = { + .open = se_if_fops_open, + .owner = THIS_MODULE, + .release = se_if_fops_close, + .unlocked_ioctl = se_ioctl, + .read = se_if_fops_read, + .write = se_if_fops_write, +}; + /* interface for managed res to free a mailbox channel */ static void if_mbox_free_channel(void *mbox_chan) { @@ -247,6 +1018,7 @@ static int se_if_request_channel(struct device *dev, static void se_if_probe_cleanup(void *plat_dev) { + struct se_if_device_ctx *dev_ctx, *t_dev_ctx; struct platform_device *pdev = plat_dev; struct se_fw_load_info *load_fw; struct device *dev = &pdev->dev; @@ -271,6 +1043,13 @@ static void se_if_probe_cleanup(void *plat_dev) load_fw->imem.buf = NULL; } + if (priv->dev_ctx_mono_count) { + list_for_each_entry_safe(dev_ctx, t_dev_ctx, &priv->dev_ctx_list, link) { + list_del(&dev_ctx->link); + priv->active_devctx_count--; + } + } + /* No need to check, if reserved memory is allocated * before calling for its release. Or clearing the * un-set bit. @@ -334,6 +1113,7 @@ static int se_if_probe(struct platform_device *pdev) "Unable to get sram pool = %s.", if_node->pool_name); } + INIT_LIST_HEAD(&priv->dev_ctx_list); if (if_node->reserved_dma_ranges) { ret = of_reserved_mem_device_init(dev); @@ -342,7 +1122,7 @@ static int se_if_probe(struct platform_device *pdev) "Failed to init reserved memory region."); } - ret = init_misc_device_context(priv, 0, &priv->priv_dev_ctx); + ret = init_misc_device_context(priv, 0, &priv->priv_dev_ctx, &se_if_fops); if (ret) return dev_err_probe(dev, ret, "Failed[0x%x] to create device contexts.", @@ -374,7 +1154,7 @@ static int se_if_probe(struct platform_device *pdev) } } dev_info(dev, "i.MX secure-enclave: %s%d interface to firmware, configured.", - SE_TYPE_STR_HSM, + get_se_if_name(priv->if_defs->se_if_type), priv->if_defs->se_instance_id); return ret; @@ -391,6 +1171,7 @@ static int se_suspend(struct device *dev) struct se_fw_load_info *load_fw; int ret = 0; + set_se_rcv_msg_timeout(SE_RCV_MSG_DEFAULT_TIMEOUT); load_fw = get_load_fw_instance(priv); if (load_fw->imem_mgmt) diff --git a/drivers/firmware/imx/se_ctrl.h b/drivers/firmware/imx/se_ctrl.h index f0893c5c9145..bd50caa4f135 100644 --- a/drivers/firmware/imx/se_ctrl.h +++ b/drivers/firmware/imx/se_ctrl.h @@ -14,6 +14,7 @@ #define SE_MSG_WORD_SZ 0x4 #define RES_STATUS(x) FIELD_GET(0x000000ff, x) +#define MAX_DATA_SIZE_PER_USER (65 * 1024) #define MAX_NVM_MSG_LEN (256) #define MESSAGING_VERSION_6 0x6 #define MESSAGING_VERSION_7 0x7 @@ -21,6 +22,7 @@ struct se_clbk_handle { struct completion done; bool signal_rcvd; + struct se_if_device_ctx *dev_ctx; u32 rx_msg_sz; /* Assignment of the rx_msg buffer to held till the * received content as part callback function, is copied. @@ -35,10 +37,38 @@ struct se_imem_buf { u32 state; }; +struct se_buf_desc { + u8 *shared_buf_ptr; + void __user *usr_buf_ptr; + u32 size; + struct list_head link; +}; + +struct se_shared_mem { + dma_addr_t dma_addr; + u32 size; + u32 pos; + u8 *ptr; +}; + +struct se_shared_mem_mgmt_info { + struct list_head pending_in; + struct list_head pending_out; + + struct se_shared_mem non_secure_mem; +}; + /* Private struct for each char device instance. */ struct se_if_device_ctx { struct se_if_priv *priv; + struct miscdevice *miscdev; const char *devname; + + /* process one file operation at a time. */ + struct mutex fops_lock; + + struct se_shared_mem_mgmt_info se_shared_mem_mgmt; + struct list_head link; }; /* Header of the messages exchange with the EdgeLock Enclave */ @@ -87,6 +117,10 @@ struct se_if_priv { const struct se_if_defines *if_defs; struct se_if_device_ctx *priv_dev_ctx; + struct list_head dev_ctx_list; + u32 active_devctx_count; + u32 dev_ctx_mono_count; }; +char *get_se_if_name(u8 se_if_id); #endif diff --git a/include/uapi/linux/se_ioctl.h b/include/uapi/linux/se_ioctl.h new file mode 100644 index 000000000000..29a9b1ec5ec3 --- /dev/null +++ b/include/uapi/linux/se_ioctl.h @@ -0,0 +1,101 @@ +/* SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause*/ +/* + * Copyright 2025 NXP + */ + +#ifndef SE_IOCTL_H +#define SE_IOCTL_H + +#include + +#define SE_TYPE_STR_DBG "dbg" +#define SE_TYPE_STR_HSM "hsm" +#define SE_TYPE_ID_UNKWN 0x0 +#define SE_TYPE_ID_DBG 0x1 +#define SE_TYPE_ID_HSM 0x2 +/* IOCTL definitions. */ + +struct se_ioctl_setup_iobuf { + void __user *user_buf; + __u32 length; + __u32 flags; + __u64 ele_addr; +}; + +struct se_ioctl_shared_mem_cfg { + __u32 base_offset; + __u32 size; +}; + +struct se_ioctl_get_if_info { + __u8 se_if_id; + __u8 interrupt_idx; + __u8 tz; + __u8 did; + __u8 cmd_tag; + __u8 rsp_tag; + __u8 success_tag; + __u8 base_api_ver; + __u8 fw_api_ver; +}; + +struct se_ioctl_cmd_snd_rcv_rsp_info { + __u32 __user *tx_buf; + int tx_buf_sz; + __u32 __user *rx_buf; + int rx_buf_sz; +}; + +struct se_ioctl_get_soc_info { + __u16 soc_id; + __u16 soc_rev; +}; + +/* IO Buffer Flags */ +#define SE_IO_BUF_FLAGS_IS_OUTPUT (0x00u) +#define SE_IO_BUF_FLAGS_IS_INPUT (0x01u) +#define SE_IO_BUF_FLAGS_USE_SEC_MEM (0x02u) +#define SE_IO_BUF_FLAGS_USE_SHORT_ADDR (0x04u) +#define SE_IO_BUF_FLAGS_IS_IN_OUT (0x10u) + +/* IOCTLS */ +#define SE_IOCTL 0x0A /* like MISC_MAJOR. */ + +/* + * ioctl to designated the current fd as logical-reciever. + * This is ioctl is send when the nvm-daemon, a slave to the + * firmware is started by the user. + */ +#define SE_IOCTL_ENABLE_CMD_RCV _IO(SE_IOCTL, 0x01) + +/* + * ioctl to get the buffer allocated from the memory, which is shared + * between kernel and FW. + * Post allocation, the kernel tagged the allocated memory with: + * Output + * Input + * Input-Output + * Short address + * Secure-memory + */ +#define SE_IOCTL_SETUP_IOBUF _IOWR(SE_IOCTL, 0x03, \ + struct se_ioctl_setup_iobuf) + +/* + * ioctl to get the mu information, that is used to exchange message + * with FW, from user-spaced. + */ +#define SE_IOCTL_GET_MU_INFO _IOR(SE_IOCTL, 0x04, \ + struct se_ioctl_get_if_info) +/* + * ioctl to get SoC Info from user-space. + */ +#define SE_IOCTL_GET_SOC_INFO _IOR(SE_IOCTL, 0x06, \ + struct se_ioctl_get_soc_info) + +/* + * ioctl to send command and receive response from user-space. + */ +#define SE_IOCTL_CMD_SEND_RCV_RSP _IOWR(SE_IOCTL, 0x07, \ + struct se_ioctl_cmd_snd_rcv_rsp_info) +#endif