2018-12-05 |
drivers: caam: add RNG software self-test
...
This patch is based on a vendor patch in U-Boot, taken from
https://portland.source.codeaurora.org/patches/external/imxsupport/uboot-imx/imx_v2016.03_4.1.15_2.0.0_ga/HAB-238-Run-RNG-self-test-for-impacted-i.MX-chips.zip
| HAB-238 Run RNG self test for impacted i.MX chips
|
| Patch is only applicable to imx_v2016.03_4.1.15_2.0.0_ga branch of u-boot.
| Please adapt the patch for your respective release version.
|
| Background:
| Few i.MX chips which have HAB 4.2.3 or beyond, have oberserved following
| warning message generated by HAB due to incorrect implementation of drng
| self test in boot ROM.
|
| Event |0xdb|0x0024|0x42| SRCE Field: 69 30 e1 1d
| | | | | STS = HAB_WARNING (0x69)
| | | | | RSN = HAB_ENG_FAIL (0x30)
| | | | | CTX = HAB_CTX_ENTRY (0xE1)
| | | | | ENG = HAB_ENG_CAAM (0x1D)
| | | | | Evt Data (hex):
| | | | | 00 08 00 02 40 00 36 06 55 55 00 03 00 00 00 00
| | | | | 00 00 00 00 00 00 00 00 00 00 00 01
|
| It is recommended to run this rng self test before any RNG related crypto
| implementations are done.
|
[...]
|
| Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Currently known impacted chips, as determined by NXP, include:
* i.MX6DQ+ silicon revision 1.1
* i.MX6DQ silicon revision 1.6
* i.MX6DLS silicon revision 1.4
* i.MX6SX silicon revision 1.4
* i.MX6UL silicon revision 1.2
* i.MX67SD silicon revision 1.3
Port the RNG software self-test from this patch to barebox. It can be
enabled by selecting CRYPTO_DEV_FSL_CAAM_RNG_SELF_TEST in Kconfig.
The original patch included a command line utility to run the self-test,
but we choose a different approach here, and run the software self-test
automatically when the respective HAB events indicating a RNG ROM
self-test failure are found when running habv4_get_status(). Note that
habv4_get_status() must be called by the board code before the CAAM
device driver is probed for this mechanism to work.
Until now there are at least two such known events. The first event was
observed on an i.MX6Solo, silicon revision 1.4; the second event is
mentioned in the original patch description given above. When an event
occured, habv4_get_status() tests if it is one of those known events,
and if so, indicates to the CAAM driver to run the software self-test.
In this case, printing the respective HAB warning is suppressed to
prevent confusion; the software self-test itself will error out in case
of recurring RNG self-test failure.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Roland Hieber
authored
on 29 Nov 2018
Sascha Hauer
committed
on 5 Dec 2018
|
2018-09-04 |
crypto: caam - allow retrieving 'era' from register
...
Pick commit 654f2b9 from Linux
upstream.
crypto: caam - allow retrieving 'era' from register
The 'era' information can be retrieved from CAAM registers, so
introduce a caam_get_era_from_hw() function that gets it via register
reads in case the 'fsl,sec-era' property is not passed in the device
tree.
This function is based on the U-Boot implementation from
drivers/crypto/fsl/sec.c
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Tested-by: Breno Lima <breno.lima@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - staticize caam_get_era()
...
Pick commit b0039c0 from Linux
upstream.
crypto: caam - staticize caam_get_era()
caam_get_era() is only used locally, so do not export this function
and make it static instead.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - do not use mem and emi_slow clock for imx7x
...
Pick commit 699e491 from Linux
upstream.
crypto: caam - do not use mem and emi_slow clock for imx7x
I.MX7x only use two clocks for the CAAM module, so make sure we do not try to
use the mem and the emi_slow clock when running in that imx7d and imx7s machine
type.
Cc: "Horia Geantă" <horia.geanta@nxp.com>
Cc: Aymen Sghaier <aymen.sghaier@nxp.com>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - fix endless loop when DECO acquire fails
...
Pick commit 225ece3 from Linux
upstream.
crypto: caam - fix endless loop when DECO acquire fails
In case DECO0 cannot be acquired - i.e. run_descriptor_deco0() fails
with -ENODEV, caam_probe() enters an endless loop:
run_descriptor_deco0
ret -ENODEV
-> instantiate_rng
-ENODEV, overwritten by -EAGAIN
ret -EAGAIN
-> caam_probe
-EAGAIN results in endless loop
It turns out the error path in instantiate_rng() is incorrect,
the checks are done in the wrong order.
Cc: <stable@vger.kernel.org> # 3.13+
Fixes: 1005bccd7a4a6 ("crypto: caam - enable instantiation of all RNG4 state handles")
Reported-by: Bryan O'Donoghue <pure.logic@nexus-software.ie>
Suggested-by: Auer Lukas <lukas.auer@aisec.fraunhofer.de>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - fix sparse warnings
...
Pick commit 8439e94 from Linux
upstream.
crypto: caam - fix sparse warnings
Fix the following sparse warning (note that endianness issues
are not not addressed in current patch):
drivers/crypto/caam/ctrl.c:388:24: warning: incorrect type in argument 1 (different address spaces)
drivers/crypto/caam/ctrl.c:388:24: expected void [noderef] <asn:2>*reg
drivers/crypto/caam/ctrl.c:388:24: got unsigned int *<noident>
drivers/crypto/caam/ctrl.c:390:24: warning: incorrect type in argument 1 (different address spaces)
drivers/crypto/caam/ctrl.c:390:24: expected void [noderef] <asn:2>*reg
drivers/crypto/caam/ctrl.c:390:24: got unsigned int *<noident>
drivers/crypto/caam/ctrl.c:548:24: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:548:24: expected struct caam_ctrl [noderef] <asn:2>*ctrl
drivers/crypto/caam/ctrl.c:548:24: got struct caam_ctrl *<noident>
drivers/crypto/caam/ctrl.c:550:30: warning: cast removes address space of expression
drivers/crypto/caam/ctrl.c:549:26: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:549:26: expected struct caam_assurance [noderef] <asn:2>*assure
drivers/crypto/caam/ctrl.c:549:26: got struct caam_assurance *<noident>
drivers/crypto/caam/ctrl.c:554:28: warning: cast removes address space of expression
drivers/crypto/caam/ctrl.c:553:24: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:553:24: expected struct caam_deco [noderef] <asn:2>*deco
drivers/crypto/caam/ctrl.c:553:24: got struct caam_deco *<noident>
drivers/crypto/caam/ctrl.c:634:48: warning: cast removes address space of expression
drivers/crypto/caam/ctrl.c:633:44: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:633:44: expected struct caam_job_ring [noderef] <asn:2>*<noident>
drivers/crypto/caam/ctrl.c:633:44: got struct caam_job_ring *<noident>
drivers/crypto/caam/ctrl.c:648:34: warning: cast removes address space of expression
drivers/crypto/caam/ctrl.c:647:30: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:647:30: expected struct caam_queue_if [noderef] <asn:2>*qi
drivers/crypto/caam/ctrl.c:647:30: got struct caam_queue_if *<noident>
drivers/crypto/caam/ctrl.c:806:37: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:806:37: expected void *data
drivers/crypto/caam/ctrl.c:806:37: got unsigned int [noderef] <asn:2>*
drivers/crypto/caam/ctrl.c:814:38: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:814:38: expected void *data
drivers/crypto/caam/ctrl.c:814:38: got unsigned int [noderef] <asn:2>*
drivers/crypto/caam/ctrl.c:822:38: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/ctrl.c:822:38: expected void *data
drivers/crypto/caam/ctrl.c:822:38: got unsigned int [noderef] <asn:2>*
drivers/crypto/caam/jr.c:492:23: warning: incorrect type in assignment (different address spaces)
drivers/crypto/caam/jr.c:492:23: expected struct caam_job_ring [noderef] <asn:2>*rregs
drivers/crypto/caam/jr.c:492:23: got struct caam_job_ring *<noident>
drivers/crypto/caam/caampkc.c:398:35: warning: Using plain integer as NULL pointer
drivers/crypto/caam/caampkc.c:444:35: warning: Using plain integer as NULL pointer
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - add support for iMX6UL
...
Pick commit 4e51881 from Linux
upstream.
crypto: caam - add support for iMX6UL
i.MX6UL does only require three clocks to enable CAAM module.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Acked-by: Rob Herring <robh@kernel.org>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - handle core endianness != caam endianness
...
Pick commit 261ea05 from Linux
upstream.
crypto: caam - handle core endianness != caam endianness
There are SoCs like LS1043A where CAAM endianness (BE) does not match
the default endianness of the core (LE).
Moreover, there are requirements for the driver to handle cases like
CPU_BIG_ENDIAN=y on ARM-based SoCs.
This requires for a complete rewrite of the I/O accessors.
PPC-specific accessors - {in,out}_{le,be}XX - are replaced with
generic ones - io{read,write}[be]XX.
Endianness is detected dynamically (at runtime) to allow for
multiplatform kernels, for e.g. running the same kernel image
on LS1043A (BE CAAM) and LS2080A (LE CAAM) armv8-based SoCs.
While here: debugfs entries need to take into consideration the
endianness of the core when displaying data. Add the necessary
glue code so the entries remain the same, but they are properly
read, regardless of the core and/or SEC endianness.
Note: pdb.h fixes only what is currently being used (IPsec).
Reviewed-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
As part of this patch rd_reg[8,16,32,64]() and wr_reg[8,16,32,64]()
helper functions are introduced. All readl() calls are replaced by
rd_reg32() and all writel() calls are replaced by wr_reg32().
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - fix writing to JQCR_MS when using service interface
...
Pick commit 9f587fa from Linux
upstream.
crypto: caam - fix writing to JQCR_MS when using service interface
Most significant part of JQCR (Job Queue Control Register) contains
bits that control endianness: ILE - Immediate Little Endian,
DWS - Double Word Swap.
The bits are automatically set by the Job Queue Controller HW.
Unfortunately these bits are cleared in SW when submitting descriptors
via the register-based service interface.
>From LS1021A:
JQCR_MS = 08080100 - before writing: ILE | DWS | SRC (JR0)
JQCR_MS = 30000100 - after writing: WHL | FOUR | SRC (JR0)
This would cause problems on little endian caam for descriptors
containing immediata data or double-word pointers.
Currently there is no problem since the only descriptors ran through
this interface are the ones that (un)instantiate RNG.
Signed-off-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
crypto: caam - fix RNG init descriptor ret. code checking
...
Pick commit 62743a4 from Linux
upstream.
crypto: caam - fix RNG init descriptor ret. code checking
When successful, the descriptor that performs RNG initialization
is allowed to return a status code of 7000_0000h, since last command
in the descriptor is a JUMP HALT.
Signed-off-by: Horia Geant? <horia.geanta@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Marcin Niestroj
authored
on 3 Sep 2018
Sascha Hauer
committed
on 4 Sep 2018
|
2016-02-12 |
crypto: add i.MX6 CAAM support
...
Add the i.MX6 crypto core CAAM with support for the random number
generator.
The core itself works with jobrings in which descriptors can be
queued/dequeued for processing. Depending on descriptor type
the CAAM unit then either produces random numbers or decrypts/encrypts
data.
The code is based on the Linux v4.1 driver of the same name
without all the crypto/hashing components.
Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Steffen Trumtrar
authored
on 12 Feb 2016
Sascha Hauer
committed
on 12 Feb 2016
|