The driver is currently built because ARCH_LAYERSCAPE is defined however
this config should not be set for other platforms such as iMX8 family.
This patch add the built of the driver if ARCH_MXC_ARM64 is selected.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
In case of error when runnign descriptor, there was no indication
of the root cause with the appropriate existing function.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Explicit the use of the ring device to manage the operations related
to DMA.
Some values from DMA functions were not tested hence the issues
were making the descriptor to fail later and make it harder to debug.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
On i.MX8 platforms with SECO/SCU the RNG is not anymore instantiated
by the Kernel driver but by SECO. This is true for B0 revision and
later. A0 revision is not supported.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
In case index == 00001000, the resulting index used to access
ctrlpriv->jr[] was 15 instead of the expected value of 0.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
While crypto manager tests some descriptors are malformed due to
pointer size not coherent with CAAM specific dma address size
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
During caamhash tests the error "swiotlb buffer is full" occurred.
This was due to dma mapping without unmapping later.
This patch adds the unmap call to avoid the loss of dma memory.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
This patch perform following modifications:
- Send and receive SM command regrouped in 1 function
- Verify that the JR device to use is valid
- Modification of the error handling in the probe
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
- For i.MX 6 and 7 check if the Secure Firmware (OPTEE) is present.
If present don't do the RNG instantation in the CAAM driver
Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Fix the following warnings in CAAM SM:
drivers/crypto/caam/sm_store.c: In function 'blacken_key_jobdesc':
drivers/crypto/caam/sm_store.c:141:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c:153:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c: In function 'blob_encap_jobdesc':
drivers/crypto/caam/sm_store.c:274:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)secretbuf;
^
drivers/crypto/caam/sm_store.c: In function 'blob_decap_jobdesc':
drivers/crypto/caam/sm_store.c:390:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)outbuf;
^
drivers/crypto/caam/sm_store.c: In function 'slot_get_base':
drivers/crypto/caam/sm_store.c:569:9: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
return (u32)(ksdata->base_address);
^
drivers/crypto/caam/sm_store.c: In function 'sm_keystore_slot_load':
drivers/crypto/caam/sm_store.c:789:6:
warning: unused variable 'i' [-Wunused-variable]
u32 i;
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Remove hard coded value for base physical address.
Use device tree to get this value.
i.MX8 with seco is still not address since CAAM uses a private bus
to access secure memory
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
The iMX8 QX and QM have SECO/SCU enabled and the access
to SM registers is different as long as the addresses of
the pages.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
The Secure Memory is a hardware memory whose address was retrieved using
of_iomap, hence the memory manipulation shall use the set of functions:
memset_io/memcpy_fromio/memcpy_toio in order to works correctly.
Not using these functions can result in kernel panic.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
The computation of the base address of the physical and virtual
need to be the same depending on the architecture.
The addresses are computed using a pointer on u8 so the additions
always works as expected.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Seen on i.MX8QXP board by reboot test, that Kernel oops occurs
due to failing RNG instantiation with default entropy delay.
The fix is to disable all job rings if RNG failed to prevent
Kernel crash. And print an error message saying that this is
a known limitation on REV A0 SoC.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
Seen on i.MX8MQ EVK board revision B0 that the RNG instantiation
fail with default entropy delay. Retry process is fixed here to
be able to instantiate RNG successfully.
Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
This error occurred on MX8M-EVK while initializing the first job ring.
If the job ring was used before Kernel level, then connecting it to the
irq handler could generate error due to its (unknown) previous state.
This patch calls the hardware reset function before connecting the irq
handler.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
After CAAM JR1 has been moved to SECO,
imx-sc-firmware commit 36ff24f36b56 ("Move CAAM JR1 to SECO FW."),
Linux no longer boots and rises a kernel panic at "caam_probe".
So the CAAM JR1 should be disabled in the device-tree.
Tested-by: Daniel Baluta <daniel.baluta@nxp.com>
Reviewed-by: Silvano Di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
The DMA configuration of the CAAM for imx8 boards is not strictly
related to the architecture of the kernel.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
The organization of functions of the CAAM driver changed
between 4.9 and 4.14 so this arrangement allow to see
more clearly the changes later in the tree.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Enable CAAM driver for i.MX8 family:
- Use a Job ring for RNG instantiation rather than DECO, even
for i.MX6/7 families.
- Use of aliased CAAM registers instead of original registers in page 0
since page 0 is no more accessible in i.MX8 family except mScale.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
* Add caam_aclk clock root dependency, imx7d caam
ip module needs caam_aclk and caam_ipg clock signals
to operate add additional clock signal.
Signed-off-by: Adrian Alonso <aalonso@freescale.com>
Signed-off-by: Dan Douglass <dan.douglass@freescale.com>
[Octavian: since the clk API skips NULL args use a single disable label]
Signed-off-by: Octavian Purdila <octavian.purdila@nxp.com>
Conflicts:
drivers/crypto/caam/ctrl.c
There are only 3 CAAM clocks that are required for i.mx6ul. Adding
logic to enable only the required clocks based on the device tree
compatibility node.
Signed-off-by: Dan Douglass <dan.douglass@freescale.com>
Conflicts:
drivers/crypto/caam/ctrl.c
Fix the following warnings in CAAM SM:
drivers/crypto/caam/sm_store.c: In function 'blacken_key_jobdesc':
drivers/crypto/caam/sm_store.c:141:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c:153:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)key;
^
drivers/crypto/caam/sm_store.c: In function 'blob_encap_jobdesc':
drivers/crypto/caam/sm_store.c:274:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)secretbuf;
^
drivers/crypto/caam/sm_store.c: In function 'blob_decap_jobdesc':
drivers/crypto/caam/sm_store.c:390:19: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
tmpdesc[idx++] = (u32)outbuf;
^
drivers/crypto/caam/sm_store.c: In function 'slot_get_base':
drivers/crypto/caam/sm_store.c:569:9: warning: cast from pointer
to integer of different size [-Wpointer-to-int-cast]
return (u32)(ksdata->base_address);
^
drivers/crypto/caam/sm_store.c: In function 'sm_keystore_slot_load':
drivers/crypto/caam/sm_store.c:789:6:
warning: unused variable 'i' [-Wunused-variable]
u32 i;
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
The name of the driver was "snvs-secvio" which doesn't corresponds
to its use in the differents dts files.
This patch change the driver name to "caam-snvs" to corresponds
to the dts files.
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
CAAM aes modes share descriptors, because of this CAAM requires an IV
for ECB. ECB does not need an IV and users do not have to pass valid
IV vectors. To allow correct usage with minimum impact to the driver a
zero IV is provided by the driver for ECB operations that need it.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
The DCP driver does not obey cryptlen, when doing CTS this results in
passing to hardware input stream lengths which are not multiple of
block size. This causes the hw to misbehave. Also not honoring
cryptlen makes CTS fail. A check was introduced to prevent future
erroneous stream lengths from reaching the hardware. Code which is
splitting the input stream in internal DCP pages was changed to obey
cryptlen.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
On imx6sl and imx6ull DCP writes at least 32 bytes in the output
buffer instead of hash length as documented. Add intermediate buffer
to prevent write out of bounds.
When requested to produce null hashes DCP fails to produce valid
output. Add software workaround to bypass hardware and return valid output.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
AES is a keyed algorithm, XCBC-AES needs a key for operation,
this patch prevents the registration of AES-based transforms
as unkeyed operations.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
* Update ERA detection code to check 3 sources CCBVID, CAAMVID and
the device tree.
* Fix bit handling of CAAMVID data to obtain correct results.
* Remove default device tree values.
* Update errata handling to target known affected platforms.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
Current CBC mode does not return the last cyphertext block
as IV for operation chaining. CTS fails because of incorrect IV.
Signed-off-by: Radu Solea <radu.solea@nxp.com>
Fixes the following lockdep message:
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.1.30-02225-g55e4b9e #8
Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
[<800162b0>] (unwind_backtrace) from [<80012ba0>] (show_stack+0x10/0x14)
[<80012ba0>] (show_stack) from [<808d09d0>] (dump_stack+0xa8/0xd4)
[<808d09d0>] (dump_stack) from [<8007aed0>] (__lock_acquire+0x1eb0/0x2224)
[<8007aed0>] (__lock_acquire) from [<8007b840>] (lock_acquire+0xa4/0xd0)
[<8007b840>] (lock_acquire) from [<808dc28c>] (_raw_spin_lock+0x3c/0x4c)
[<808dc28c>] (_raw_spin_lock) from [<80666724>] (sm_keystore_slot_alloc+0x24/0x74)
[<80666724>] (sm_keystore_slot_alloc) from [<806677c8>] (caam_sm_example_init+0x1ec/0xb68)
[<806677c8>] (caam_sm_example_init) from [<80c6ff48>] (caam_sm_test_init+0x50/0x58)
[<80c6ff48>] (caam_sm_test_init) from [<80009770>] (do_one_initcall+0x8c/0x1d8)
[<80009770>] (do_one_initcall) from [<80c26dc8>] (kernel_init_freeable+0x144/0x1e4)
[<80c26dc8>] (kernel_init_freeable) from [<808cbff0>] (kernel_init+0x8/0xe8)
[<808cbff0>] (kernel_init) from [<8000f618>] (ret_from_fork+0x14/0x3c)
Signed-off-by: Octavian Purdila <octavian.purdila@nxp.com>
Reviewed-by: Dan Douglass <dan.douglass@nxp.com>
JTAG, DS-5 attachment causes exceptions
Added properties to device tree, in order to enable and disable
alarms. The following are the available alarms:
-JTAG active
-WatchDOG 2 reset
-Internal Boot
-External Tamper Detection pad
Fix cherry-picked from 5ec908319a
crypto: caam - only export the state we really need to export
Avoid exporting lots of state by only exporting what we really require,
which is the buffer containing the set of pending bytes to be hashed,
number of pending bytes, the context buffer, and the function pointer
state. This reduces down the exported state size to 216 bytes from
576 bytes.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>