Commit Graph

2289 Commits

Author SHA1 Message Date
9ee8c5c090 MLK-19055: driver: crypto: caam: Add build of driver on ARCH_MXC_ARM64 config
The driver is currently built because ARCH_LAYERSCAPE is defined however
this config should not be set for other platforms such as iMX8 family.

This patch add the built of the driver if ARCH_MXC_ARM64 is selected.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:33:14 +08:00
9bd5d31daf MLK-18082: crypto: caam: Change handling of error in probe
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:50 +08:00
6c1e4a3b1e MLK-18082: crypto: caam: Fix error handling flow
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:49 +08:00
335ae6c845 MLK-18082: crypto: caam: Minimal fix for QX panic
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:49 +08:00
85e2b0723f MLK-18082: crypto: caam: Check ret value of dma_set_mask_and_coherent
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:49 +08:00
04050c8f5a MLK-18082: crypto: caam: sm: Fix descriptor running functions
In case of error when runnign descriptor, there was no indication
of the root cause with the appropriate existing function.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:49 +08:00
9f91864c2c MLK-18082: crypto: caam: sm: Fix encap/decap function to handle errors
Explicit the use of the ring device to manage the operations related
to DMA.

Some values from DMA functions were not tested hence the issues
were making the descriptor to fail later and make it harder to debug.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:49 +08:00
f06ccb125b MLK-17302: crypto: caam: Move RNG instantiation to SECO
On i.MX8 platforms with SECO/SCU the RNG is not anymore instantiated
 by the Kernel driver but by SECO. This is true for B0 revision and
 later. A0 revision is not supported.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:49 +08:00
4f2f6dd13b MLK-17304-2: crypto: caam: Avoid dma_unmap call with empty buffer
This patch adds a check for the buffer size that is not empty before
 the dma_unmap function call.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:49 +08:00
121887cf72 MLK-17227: crypto: caam: Update CAAM driver verbosity while RNG init
Move to debug level rather than error level the RNG init traces while
  increasing entropy delays.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:48 +08:00
65495dc668 MLK-18082: crypto: caam: fix index when setting ctrlpriv->jr[]
In case index == 00001000, the resulting index used to access
ctrlpriv->jr[] was 15 instead of the expected value of 0.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:48 +08:00
c817cb1f73 MLK-17233: Fix CAAM pointer size error for i.MX8
While crypto manager tests some descriptors are malformed due to
 pointer size not coherent with CAAM specific dma address size

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:48 +08:00
b40c781ec9 MLK-17304: crypto: caam: Fix error swiotlb buffer is full for caamhash
During caamhash tests the error "swiotlb buffer is full" occurred.
 This was due to dma mapping without unmapping later.
 This patch adds the unmap call to avoid the loss of dma memory.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:47 +08:00
2a5d91de86 MLK-17841: crypto: caam: Correct bugs in Secure Memory
This patch perform following modifications:
- Send and receive SM command regrouped in 1 function
- Verify that the JR device to use is valid
- Modification of the error handling in the probe

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:47 +08:00
e96f0fc2a3 MLK-18345: drivers: caam: add support for i.mx8mm
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
Reviewed-by: Franck Lenormand <franck.lenormand@nxp.com>
2019-02-12 10:32:47 +08:00
7f6b3d1dd5 MLK-17909 RNG Instantation done in Secure Firmware
- For i.MX 6 and 7 check if the Secure Firmware (OPTEE) is present.
     If present don't do the RNG instantation in the CAAM driver

Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
2019-02-12 10:32:47 +08:00
3b779f0351 MLK-17992: caam: sm: Fix compilation warnings
Fix the following warnings in CAAM SM:

    drivers/crypto/caam/sm_store.c: In function 'blacken_key_jobdesc':
    drivers/crypto/caam/sm_store.c:141:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)key;
                       ^
    drivers/crypto/caam/sm_store.c:153:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)key;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'blob_encap_jobdesc':
    drivers/crypto/caam/sm_store.c:274:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)secretbuf;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'blob_decap_jobdesc':
    drivers/crypto/caam/sm_store.c:390:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)outbuf;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'slot_get_base':
    drivers/crypto/caam/sm_store.c:569:9: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      return (u32)(ksdata->base_address);
             ^
    drivers/crypto/caam/sm_store.c: In function 'sm_keystore_slot_load':
    drivers/crypto/caam/sm_store.c:789:6:
    	warning: unused variable 'i' [-Wunused-variable]
      u32 i;

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:47 +08:00
31db877bf8 MLK-17674-2: CAAM SM : get base address from device tree
Remove hard coded value for base physical address.
Use device tree to get this value.

i.MX8 with seco is still not address since CAAM uses a private bus
to access secure memory

Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
2019-02-12 10:32:47 +08:00
14b819112a MLK-17674-1: sm_store remove CONFIG_OF
I.MX linux only works with device tree support
No need to keep code without CONFIG_OF

Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
2019-02-12 10:32:46 +08:00
e0ccd75e55 MLK-17732-2: SM store: Support iMX8QX and iMX8QM
The iMX8 QX and QM have SECO/SCU enabled and the access
to SM registers is different as long as the addresses of
the pages.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:46 +08:00
4827c2185c MLK-17253-2: crypto: caam: Use correct memory function for Secure Memory
The Secure Memory is a hardware memory whose address was retrieved using
of_iomap, hence the memory manipulation shall use the set of functions:
memset_io/memcpy_fromio/memcpy_toio in order to works correctly.

Not using these functions can result in kernel panic.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:46 +08:00
9199283d71 MLK-17253-1: crypto: caam: Fix computation of SM pages addresses
The computation of the base address of the physical and virtual
need to be the same depending on the architecture.

The addresses are computed using a pointer on u8 so the additions
always works as expected.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:46 +08:00
1091a6fb07 MLK-17111-4: crypto: caam: Fix RNG Kernel oops on i.MX8QXP
Seen on i.MX8QXP board by reboot test, that Kernel oops occurs
 due to failing RNG instantiation with default entropy delay.
  The fix is to disable all job rings if RNG failed to prevent
 Kernel crash. And print an error message saying that this is
 a known limitation on REV A0 SoC.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:46 +08:00
0e77b44cc0 MLK-17111-1: crypto: caam: Fix RNG instantiation retry
Seen on i.MX8MQ EVK board revision B0 that the RNG instantiation
 fail with default entropy delay. Retry process is fixed here to
 be able to instantiate RNG successfully.

Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:46 +08:00
aa7b3f5197 MLK-16950 crypto: caam: Fix failed to flush job ring 0
This error occurred on MX8M-EVK while initializing the first job ring.
 If the job ring was used before Kernel level, then connecting it to the
 irq handler could generate error due to its (unknown) previous state.
  This patch calls the hardware reset function before connecting the irq
 handler.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:46 +08:00
8ebb20cdc5 MLK-18082: drivers: crypto: caam: Update copyrights to 2018
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:46 +08:00
f4a81fc4ea MLK-17019 Correct Copyright
Correct Copyright

Signed-off-by: Peng Fan <peng.fan@nxp.com>
2019-02-12 10:32:45 +08:00
8493ce4a55 MLK-15473-8: crypto: caam: Disable CAAM JR1 according to SCFW update
After CAAM JR1 has been moved to SECO,
 imx-sc-firmware commit 36ff24f36b56 ("Move CAAM JR1 to SECO FW."),
 Linux no longer boots and rises a kernel panic at "caam_probe".
  So the CAAM JR1 should be disabled in the device-tree.

Tested-by: Daniel Baluta <daniel.baluta@nxp.com>
Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:45 +08:00
249baa681c MLK-18082: crypto: caam: Fix DMA coherency configuration
The DMA configuration of the CAAM for imx8 boards is not strictly
related to the architecture of the kernel.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:45 +08:00
5faeaea5ca MLK-18082: Reduce code diff with last commit
The organization of functions of the CAAM driver changed
between 4.9 and 4.14 so this arrangement allow to see
more clearly the changes later in the tree.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:45 +08:00
e9688f0f05 MLK-15473-1: crypto: caam: Add CAAM driver support for iMX8 soc family
Enable CAAM driver for i.MX8 family:
	- Use a Job ring for RNG instantiation rather than DECO, even
     for i.MX6/7 families.
	- Use of aliased CAAM registers instead of original registers in page 0
     since page 0 is no more accessible in i.MX8 family except mScale.

Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
2019-02-12 10:32:45 +08:00
7aa8c6422b MLK-18082: crypto: caam: Move RNG instantation
Move the code related to RNG instanciation to another file
to ease comprehension.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:32:45 +08:00
514ce7d3f8 MLK-11020: arm: imx: caam: imx7d caam_aclk clock dependency
* Add caam_aclk clock root dependency, imx7d caam
  ip module needs caam_aclk and caam_ipg clock signals
  to operate add additional clock signal.

Signed-off-by: Adrian Alonso <aalonso@freescale.com>
Signed-off-by: Dan Douglass <dan.douglass@freescale.com>
[Octavian: since the clk API skips NULL args use a single disable label]
Signed-off-by: Octavian Purdila <octavian.purdila@nxp.com>

Conflicts:
	drivers/crypto/caam/ctrl.c
2019-02-12 10:32:44 +08:00
85e9b310e3 MLK-10978-1 ARM: imx6ul: Add CAAM support for i.mx6ul
There are only 3 CAAM clocks that are required for i.mx6ul. Adding
logic to enable only the required clocks based on the device tree
compatibility node.

Signed-off-by: Dan Douglass <dan.douglass@freescale.com>

Conflicts:
	drivers/crypto/caam/ctrl.c
2019-02-12 10:32:44 +08:00
0733ead151 MLK-17992: caam: sm: Fix compilation warnings
Fix the following warnings in CAAM SM:

    drivers/crypto/caam/sm_store.c: In function 'blacken_key_jobdesc':
    drivers/crypto/caam/sm_store.c:141:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)key;
                       ^
    drivers/crypto/caam/sm_store.c:153:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)key;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'blob_encap_jobdesc':
    drivers/crypto/caam/sm_store.c:274:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)secretbuf;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'blob_decap_jobdesc':
    drivers/crypto/caam/sm_store.c:390:19: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      tmpdesc[idx++] = (u32)outbuf;
                       ^
    drivers/crypto/caam/sm_store.c: In function 'slot_get_base':
    drivers/crypto/caam/sm_store.c:569:9: warning: cast from pointer
    	to integer of different size [-Wpointer-to-int-cast]
      return (u32)(ksdata->base_address);
             ^
    drivers/crypto/caam/sm_store.c: In function 'sm_keystore_slot_load':
    drivers/crypto/caam/sm_store.c:789:6:
    	warning: unused variable 'i' [-Wunused-variable]
      u32 i;

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:31:25 +08:00
7babbd891c MLK-17412-01: Fix secvio driver to have same driver name as DTS
The name of the driver was "snvs-secvio" which doesn't corresponds
to its use in the differents dts files.

This patch change the driver name to "caam-snvs" to corresponds
to the dts files.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
2019-02-12 10:30:17 +08:00
3da4a3ecee MLK-14765: Enable DCP SHA workaround on all platforms
Remove variant restriction for DCP SHA workaround. All integrations of
DCP seem affected.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:27:23 +08:00
a2c01d5f6a MA-9807: Fix ecb(aes) use without an IV
CAAM aes modes share descriptors, because of this CAAM requires an IV
for ECB. ECB does not need an IV and users do not have to pass valid
IV vectors. To allow correct usage with minimum impact to the driver a
zero IV is provided by the driver for ECB operations that need it.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:27:16 +08:00
c7123c5fb1 MLK-14765: Fix DCP Aes timeout issues when used with CTS
The DCP driver does not obey cryptlen, when doing CTS this results in
passing to hardware input stream lengths which are not multiple of
block size. This causes the hw to misbehave. Also not honoring
cryptlen makes CTS fail. A check was introduced to prevent future
erroneous stream lengths from reaching the hardware. Code which is
splitting the input stream in internal DCP pages was changed to obey
cryptlen.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:27:01 +08:00
a76531a005 MLK-14765: Fix DCP SHA null hashes and output length
On imx6sl and imx6ull DCP writes at least 32 bytes in the output
buffer instead of hash length as documented. Add intermediate buffer
to prevent write out of bounds.

When requested to produce null hashes DCP fails to produce valid
output. Add software workaround to bypass hardware and return valid output.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:27:01 +08:00
ba17bee537 MLK-14611 Fix xcbc unkeyed registration
AES is a keyed algorithm, XCBC-AES needs a key for operation,
this patch prevents the registration of AES-based transforms
as unkeyed operations.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:26:22 +08:00
fd77d57c39 MLK-14284 Fix CAAM Errata err005766 handling
* Update ERA detection code to check 3 sources CCBVID, CAAMVID and
the device tree.
* Fix bit handling of CAAMVID data to obtain correct results.
* Remove default device tree values.
* Update errata handling to target known affected platforms.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:26:20 +08:00
886be06477 MLK-14611 Fix CBC mode support by returning a correct IV
Current CBC mode does not return the last cyphertext block
as IV for operation chaining. CTS fails because of incorrect IV.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:26:20 +08:00
a44d2fe054 MLK-14611 Add DES key complexity validation
Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:26:19 +08:00
5f69ffe271 Add missing NULL checks in CAAM sm
Missing NULL checks in CAAM sm_store and sm_test cause kernel
    crashes if caam init fails.

Signed-off-by: Radu Solea <radu.solea@nxp.com>
2019-02-12 10:25:57 +08:00
d975a0bacc MLK-13779 crypto: caam - initialize kslock spinlock
Fixes the following lockdep message:

INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.1.30-02225-g55e4b9e #8
Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
[<800162b0>] (unwind_backtrace) from [<80012ba0>] (show_stack+0x10/0x14)
[<80012ba0>] (show_stack) from [<808d09d0>] (dump_stack+0xa8/0xd4)
[<808d09d0>] (dump_stack) from [<8007aed0>] (__lock_acquire+0x1eb0/0x2224)
[<8007aed0>] (__lock_acquire) from [<8007b840>] (lock_acquire+0xa4/0xd0)
[<8007b840>] (lock_acquire) from [<808dc28c>] (_raw_spin_lock+0x3c/0x4c)
[<808dc28c>] (_raw_spin_lock) from [<80666724>] (sm_keystore_slot_alloc+0x24/0x74)
[<80666724>] (sm_keystore_slot_alloc) from [<806677c8>] (caam_sm_example_init+0x1ec/0xb68)
[<806677c8>] (caam_sm_example_init) from [<80c6ff48>] (caam_sm_test_init+0x50/0x58)
[<80c6ff48>] (caam_sm_test_init) from [<80009770>] (do_one_initcall+0x8c/0x1d8)
[<80009770>] (do_one_initcall) from [<80c26dc8>] (kernel_init_freeable+0x144/0x1e4)
[<80c26dc8>] (kernel_init_freeable) from [<808cbff0>] (kernel_init+0x8/0xe8)
[<808cbff0>] (kernel_init) from [<8000f618>] (ret_from_fork+0x14/0x3c)

Signed-off-by: Octavian Purdila <octavian.purdila@nxp.com>
Reviewed-by: Dan Douglass <dan.douglass@nxp.com>
2019-02-12 10:25:45 +08:00
aa691c2db1 MLK-13095 DCP driver doesn't initialize the DCP clock
Added clock enable and disable to the probe and remove functions
where appropriate.

Signed-off-by: Dan Douglass <dan.douglass@nxp.com>
2019-02-12 10:24:53 +08:00
fd43287793 MLK-13073 crypto: dcp: Add DCP support for i.mx6
Enable DCP support for imx6 series.

Signed-off-by: Dan Douglass <dan.douglass@nxp.com>
2019-02-12 10:24:53 +08:00
3bf1080a9c MLK-11922 i.mx6: Linux 3.14.28 CAAM & SNVS enabled by default.
JTAG, DS-5 attachment causes exceptions

Added properties to device tree, in order to enable and disable
alarms. The following are the available alarms:
-JTAG active
-WatchDOG 2 reset
-Internal Boot
-External Tamper Detection pad
2019-02-12 10:24:31 +08:00
dfcf0caa49 MLK-12312: CAAM hash algorithms fail registration during initialization
Fix cherry-picked from 5ec908319a

crypto: caam - only export the state we really need to export

Avoid exporting lots of state by only exporting what we really require,
which is the buffer containing the set of pending bytes to be hashed,
number of pending bytes, the context buffer, and the function pointer
state.  This reduces down the exported state size to 216 bytes from
576 bytes.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-02-12 10:24:20 +08:00