23 Feb, 2017
40 commits
-
caam_snvs driver involves snvs HP registers access that needs to
enable snvs clock source. The patch add the clock management.Signed-off-by: Fugang Duan
Signed-off-by: Dan Douglass -
Added missing reserved register for caam_secure_mem_v1 struct
Signed-off-by: Dan Douglass
-
* Add caam_aclk clock root dependency, imx7d caam
ip module needs caam_aclk and caam_ipg clock signals
to operate add additional clock signal.Signed-off-by: Adrian Alonso
Signed-off-by: Dan Douglass
[Octavian: since the clk API skips NULL args use a single disable label]
Signed-off-by: Octavian Purdila -
There are only 3 CAAM clocks that are required for i.mx6ul. Adding
logic to enable only the required clocks based on the device tree
compatibility node.Signed-off-by: Dan Douglass
-
CAAM only has a single clock in i.mx7d. Logic was added to initialize only the
single clock.The Secure Memory registers moved in CAAM era included in i.mx7d. This required
changes to support access to two different versions of the register map. The
registers are access through a data structure that overlay the register region.
Two new Secure Memory register structures were created to support the different
versions. Logic was also added to determine which version is implemented based on
the CAAM era, and access functions were added to support register access to the
Secure Memory Command and Status registers.Signed-off-by: Dan Douglass
-
Replace of_irq_to_resource() in the SECVIO module with the simpler
equivalent irq_of_parse_and_map(). Also, add error checking to
to the SECVIO and Job Ring modules. Based on upstream commit
f7578496a671a96e501f16a5104893275e32c33a.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
This patch allows CAAM to be enabled as a wakeup source for the
Mega/Fast mix domain. If CAAM is enabled as a wakeup source, it
will continue to be powered on across Deep Sleep Mode (DSM). This
allows CAAM to be functional after the system resumes from DSM.Signed-off-by: Victoria Milhoan
(cherry picked from commit 290744e3b40a563319324e234fa5a65b49fd4d82)
Signed-off-by: Dan Douglass -
Add XCBC-AES support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Add more CAAM era values to the CAAM driver's caam_get_era()
function. Read only 32 bits of data since the data required
to identify the IP_ID and MAJ_REV is located in the first 32
bits of the register. And, update the function for use with
ARM/Little Endian devices.[: Edited to apply to 3.14]
Signed-off-by: Victoria Milhoan
(cherry picked from commit 6050d7faf2d0c063195aa9454c130548a9f8058f)
Signed-off-by: Dan Douglass -
Unregister Secure Memory platform device when the Secure Memory
module is shut down. This allows the Secure Memory module to
be inserted again successfully.Signed-off-by: Victoria Milhoan
(cherry picked from commit 785456f38234e64618ee9c74ab4258f39f00e73c)
Signed-off-by: Dan Douglass -
i.MX6 devices have an issue wherein AXI bus transactions may not occur
in the correct order. This isn't a problem running single descriptors,
but can be if running multiple concurrent descriptors. Reworking the CAAM
driver to throttle to single requests is impractical, so this patch limits
the AXI pipeline to a depth of one (from a default of four) to preclude
this situation from occurring.Signed-off-by: Victoria Milhoan (b42089)
Signed-off-by: Dan Douglass -
Adds ARC4-ECB Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds 3DES-ECB-EDE Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds AES-ECB (Electronic Codebook) support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
Adds DES-ECB Mode support to the CAAM crypto accelerator core in
the i.MX6 family of SoC devices.Note that CAAM also goes by sec-4.0 or sec-5.0 in other product families (such as QorIQ).
Thus the property names are often tied to the sec-4.0+ nomenclature.Signed-off-by: Winston Hudson (b45308)
Signed-off-by: Dan Douglass -
The CRYPTO_ALG_KERN_DRIVER_ONLY flag is used to indicate that
the crypto algorithm is only available via a kernel driver.
This patch adds the flag only when the flag is available in the
kernel. Utilizing the flag based on it's availability in the
kernel allows the driver to compile on older kernel versions.The original community patch is located at
http://permalink.gmane.org/gmane.linux.kernel.cryptoapi/6547
for reference.Signed-off-by: Victoria Milhoan (b42089)
Signed-off-by: Dan Douglass -
By default, job ring 0 is the owner of the Secure Memory area
within CAAM. This patch modifies the Secure Memory module to
use job ring 0 for all accesses.Signed-off-by: Victoria Milhoan
(cherry picked from commit bb447bfb241d34492365bf881257b1a742a29c02)
Signed-off-by: Dan Douglass -
Correct size of padded key buffers for the Secure Memory test module.
Signed-off-by: Steve Cornelius
(cherry picked from commit da77cf5583c064deefd09a5e91851ab4398701a0)
Signed-off-by: Dan Douglass -
Blob exportation and importation functions were adding padding to
the buffer mapping and cache control functions, which resulted in
incorrect CPU-level views into a DMA-ed blob.Also, corrected descriptor constructors to use symbolic form of
blob overhead calculation.Signed-off-by: Steve Cornelius
(cherry picked from commit c5f2cbb1fa51b0142742de77fe0a37c290bd04a0)
Signed-off-by: Dan Douglass -
Increase the size of BLOB_OVERHEAD.
Signed-off-by: Steve Cornelius
(cherry picked from commit 32aced88dedf1c1c11170d125d3cc546ffefb366)
Signed-off-by: Dan Douglass -
Converted sm_test to an example that can show:
- key covering
- secret encapsulation as external memory blob
- secret decapsulation from external memory blob
- checks and displays of the handling of key contentSigned-off-by: Steve Cornelius
(cherry picked from commit 45818b72fc4b3fe3fff755b1f9a27cd5519ca2cf)
Signed-off-by: Dan Douglass -
Extended/amended the prototype SM-API with the following functions:
- Added key covering (blackening) function in-place to a keyslot
- Added export operation to encapsulate data to external memory as a
secure memory blob (including descriptor capable of secure memory or
general memory blob generation)
- Removed in-place blob encapsulation
- Added import operation to decapsulate a blob from external memory into
secure memory (including descriptor capable of general memory or secure
memory content decapsulation)
- Removed in-place blob decapsulation[: Edited to apply to 3.10]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan(cherry picked from commit c577769ed0347bb4e3428b5696fb7f209af0a7ad)
Signed-off-by: Dan Douglass -
Converted the prototype 3.0.x SNVS Security Violation Handler
subsystem to be device tree correct/compliant under 3.10 for ARM
platforms. Also, separated out SNVS property detection so as to make
it independent of CAAM, and corrected function namespace accordingly.Later releases of this subsystem are likely to be separate from the
kernel's CAAM driver space.[: Edited to apply to latest 3.10 kernel]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan
(cherry picked from commit c8c128086eae012ced0c96d66f21f36bcbd14f66)
Signed-off-by: Dan Douglass -
1. Pull in secure memory support from 3.0.35 kernel.
2. Pull in SECVIO support from 3.0.35 kernel.
3. Make changes to support device tree.
4. Add device tree setting for SECVIO sources.[: Edited to apply to 3.14]
Signed-off-by: Dan Douglass
(cherry picked from commit f3bfd42e2db3af8326734bebf750e94e74734f6e)
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Add bit definitions for Blob protocol protinfo field.
Signed-off-by: Steve Cornelius
Signed-off-by: Dan Douglass -
These add changes to the driver private areas for the CAAM
controller and CAAM Secure Memory subsystems, and expand register
definitions to include the Secure Memory subsystems as reflected
in multiple areas (controller, rings, secure memory itself).[: Edited to apply to 3.14]
Signed-off-by: Steve Cornelius
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Added definitions to enable FIFO_STORE to encode options for storing
keys in AES-CCM mode[: Edited to apply to 3.14]
Signed-off-by: Steve Cornelius
(cherry picked from commit a3cd8e5fad274f33fc6f0030413f89a6339b1d5a)
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Adjust RNG timing parameters to support more i.MX6 devices.
Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
Freescale's CAAM includes a Random Number Generator. This change adds
a kernel configuration option to test the RNG's capabilities via the
hw_random framework.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
The caam_jr_register() function is no longer part of the CAAM
driver. This patch removes a comment referencing the function.Signed-off-by: Victoria Milhoan
Signed-off-by: Dan Douglass -
commit 0378c9a855bfa395f595fbfb049707093e270f69 upstream.
This patch fixes a memory leak that appears when caam_jr module is unloaded.
Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu
Signed-off-by: Greg Kroah-HartmanConflicts:
drivers/crypto/caam/jr.c
Signed-off-by: Dan Douglass -
commit 27c5fb7a84242b66bf1e0b2fe6bf40d19bcc5c04 upstream.
GFP_ATOMIC memory allocation could fail.
In this case, avoid NULL pointer dereference and notify user.Cc: Kim Phillips
Signed-off-by: Horia Geanta
Signed-off-by: Herbert Xu
Signed-off-by: Greg Kroah-HartmanConflicts:
drivers/crypto/caam/error.c
Signed-off-by: Dan Douglass -
1. Per design requirement, EXSC for PCIe will need clock to recover RDC
setting on resume when M/F mix is off, so we need to enable PCIe
LPCG before entering DSM.2. As M4 clock is disabled in low power mode, after exit from DSM, A7
needs to restore TCM for M4, but without M4 clock, this operation
never success, so we enable A7 wakeup sources for M4 as well during
DSM, after exit DSM, M4's original wakeup sources will be restored.Signed-off-by: Anson Huang
(cherry picked from commit 847db79957d25545c762670eb1bc003f34cb2592)
Signed-off-by: Teo Hall -
On i.MX7D, only when M4 enters STOP mode, system is able to enter DSM
mode where M4 power will be gated off. This is done by checking
a variable which records M4's power mode. However, when system
resume from DSM, M4 is re-enabled to RUN mode by A7, but the variable
is NOT updated accordingly, so next time system suspend, even
M4 is NOT in STOP mode, system can enter DSM mode, which is
unexpected and would cause bus-freq use count mismatch.Fix this issue by reset M4 power mode to RUN mode when resume
from DSM.Signed-off-by: Anson Huang
(cherry picked from commit d22127a8f395edaf719a5bf4874cf22c5bdc8661)
Signed-off-by: Teo Hall -
For DSM mode, M4 TCM context is lost and A7 will restore them
after resume and write TCM entry to M4 and re-kick it. It
assumes M4 is running on TCM, but M4 also has case of running
image on DDR, OCRAMS first 2 words stores the stack and pc
address for M4, to support M4 running on both TCM and DDR
case, we can just leave the OCRAMS first 3 words unchanged
during DSM, the third words is also reserved for M4, as OCRAMS
can keep its context during DSM.This patch leaves OCRAMS first 3 words unchanged and remove
the re-program of TCM entry after exit from DSM, thus it can
support DSM mode for M4 running on TCM/DDR/OCRAM.Signed-off-by: Anson Huang
(cherry picked from commit b8c47389d16dacf3a78c0f92e6737d09811c45a9)
Signed-off-by: Teo Hall -
Save M4 tcm in ddr. Copy memory after exit from DSM.
Also hold M4 in reset when entering DSM.Signed-off-by: Teo Hall
(cherry picked from commit 011ed0ab784eb566b68ebacea57ae3a6857b48ff) -
add tcm to dtsi for saving FreeRTOS image
Signed-off-by: Teo Hall
-
change the slots to persistent to be congruent with
M4 image. Also change so that slots do read/modify/write
so that M4 settings are not overwritten.Signed-off-by: Teo Hall
(cherry picked from commit eae33480b615c1586248a761ef3c6bcd9e0c59af)Conflicts:
arch/arm/mach-imx/gpcv2.c -
add LPM messages for:
-M4 reporting state
-M4 Request/Release High Bus Freq
-A7 tell M4 it is readySigned-off-by: Teo Hall
(cherry picked from commit 52234ae38e6e4f2b3452d807dd1c1e199be6350c)Conflicts:
arch/arm/mach-imx/common.h
arch/arm/mach-imx/mu.c -
offset high_bus_count+1 when m4 is enabled
Signed-off-by: Teo Hall
(cherry picked from commit 58983b6522c324affdbbeaa5b7b192a673c615a7)