diff options
-rwxr-xr-x | drivers/crypto/fsl_caam.c | 134 | ||||
-rw-r--r-- | include/fsl_caam.h | 1 |
2 files changed, 102 insertions, 33 deletions
diff --git a/drivers/crypto/fsl_caam.c b/drivers/crypto/fsl_caam.c index 3ae9bf7..ebba87c 100755 --- a/drivers/crypto/fsl_caam.c +++ b/drivers/crypto/fsl_caam.c @@ -39,10 +39,10 @@ uint32_t g_input_ring[JOB_RING_ENTRIES] = {0}; -/* Output job ring - single entry output ring (consists of two words) */ +/* Output job ring - single entry output ring (consists of two words) */ uint32_t g_output_ring[2*JOB_RING_ENTRIES] = {0, 0}; -uint32_t decap_dsc[] = +uint32_t decap_dsc[] = { DECAP_BLOB_DESC1, DECAP_BLOB_DESC2, @@ -55,7 +55,7 @@ uint32_t decap_dsc[] = DECAP_BLOB_DESC9 }; -uint32_t encap_dsc[] = +uint32_t encap_dsc[] = { ENCAP_BLOB_DESC1, ENCAP_BLOB_DESC2, @@ -68,7 +68,8 @@ uint32_t encap_dsc[] = ENCAP_BLOB_DESC9 }; -uint32_t rng_inst_dsc[] = +uint32_t hwrng_dsc[6] = {0}; +uint32_t rng_inst_dsc[] = { RNG_INST_DESC1, RNG_INST_DESC2, @@ -146,7 +147,7 @@ uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size) /* uncomment when using descriptor from "fsl_caam_internal.h" does not use key modifier. */ -#if 0 +#if 0 /* Fill in input blob addr in decap_dsc */ decap_dsc[5] = (uint32_t)blob; /* Fill in the address where to decrypt the blob */ @@ -157,14 +158,19 @@ uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size) /* Add job to input ring */ g_input_ring[0] = (uint32_t)decap_dsc; - flush_dcache_range((uint32_t)blob_addr & ALIGN_MASK, - ((uint32_t)blob_addr & ALIGN_MASK) + 2*size); - flush_dcache_range((uint32_t)plain_text & ALIGN_MASK, - ((uint32_t)plain_text & ALIGN_MASK) + 2*size); flush_dcache_range((uint32_t)decap_dsc & ALIGN_MASK, ((uint32_t)decap_dsc & ALIGN_MASK) + 128); flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)decap_dsc & ALIGN_MASK, + ((uint32_t)decap_dsc & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, + ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)blob_addr & ALIGN_MASK, + (((uint32_t)blob_addr + 2 * size + 64) & ALIGN_MASK)); + invalidate_dcache_range((uint32_t)plain_text & ALIGN_MASK, + (((uint32_t)plain_text + 2 * size + 64) & ALIGN_MASK)); + /* Increment jobs added */ __raw_writel(1, CAAM_IRJAR0); @@ -172,7 +178,7 @@ uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size) while(__raw_readl(CAAM_ORSFR0) != 1); // TODO: check if Secure memory is cacheable. - invalidate_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, + flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, ((uint32_t)g_output_ring & ALIGN_MASK) + 128); /* check that descriptor address is the one expected in the output ring */ if(g_output_ring[0] == (uint32_t)decap_dsc) @@ -189,9 +195,6 @@ uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size) printf("Error: blob decap job output ring descriptor address does" \ " not match\n"); } - flush_dcache_range((uint32_t)plain_text & ALIGN_MASK, - ((uint32_t)plain_text & ALIGN_MASK) + 2*size); - /* Remove job from Job Ring Output Queue */ __raw_writel(1, CAAM_ORJRR0); @@ -239,15 +242,15 @@ uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t si encap_dsc[3] = (uint32_t)0xF0000000 | (0x0000ffff & (size)); encap_dsc[4] = (uint32_t)plain_data_addr; encap_dsc[5] = (uint32_t)0xF8000000 | (0x0000ffff & (size+48)); - encap_dsc[6] = (uint32_t)blob; + encap_dsc[6] = (uint32_t)blob; encap_dsc[7] = (uint32_t)0x870D0000; // uncomment when using descriptor from "fsl_caam_internal.h" - // does not use key modifier. + // does not use key modifier. #if 0 // /* Fill in the address where the DEK resides */ - encap_dsc[5] = (uint32_t)SEC_MEM_PAGE1; + encap_dsc[5] = (uint32_t)SEC_MEM_PAGE1; /* Fill in output blob addr in encap_dsc */ encap_dsc[7] = (uint32_t)blob; #endif @@ -256,12 +259,18 @@ uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t si /* Add job to input ring */ g_input_ring[0] = (uint32_t)encap_dsc; - flush_dcache_range((uint32_t)plain_data_addr & ALIGN_MASK, - ((uint32_t)plain_data_addr & ALIGN_MASK) + size); flush_dcache_range((uint32_t)encap_dsc & ALIGN_MASK, ((uint32_t)encap_dsc & ALIGN_MASK) + 128); - flush_dcache_range((uint32_t)blob & ALIGN_MASK, - ((uint32_t)g_input_ring & ALIGN_MASK) + 2 * size); + flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, + ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)encap_dsc & ALIGN_MASK, + ((uint32_t)encap_dsc & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, + ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)plain_data_addr & ALIGN_MASK, + (((uint32_t)plain_data_addr + 2 * size + 64) & ALIGN_MASK)); + invalidate_dcache_range((uint32_t)blob & ALIGN_MASK, + (((uint32_t)blob + 2 * size + 64) & ALIGN_MASK)); /* Increment jobs added */ __raw_writel(1, CAAM_IRJAR0); @@ -269,9 +278,7 @@ uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t si while(__raw_readl(CAAM_ORSFR0) != 1); // flush cache - invalidate_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, - ((uint32_t)g_output_ring & ALIGN_MASK) + 128); - invalidate_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, + flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, ((uint32_t)g_output_ring & ALIGN_MASK) + 128); /* check that descriptor address is the one expected in the output ring */ if(g_output_ring[0] == (uint32_t)encap_dsc) @@ -295,6 +302,67 @@ uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t si return ret; } +uint32_t caam_hwrng(uint8_t *output_ptr, uint32_t output_len) { + uint32_t ret = SUCCESS; + + /* Buffer to hold the resulting output*/ + uint8_t *output = (uint8_t *)output_ptr; + + /* initialize the output array */ + memset(output,0,output_len); + + int n = 0; + hwrng_dsc[n++] = (uint32_t)0xB0800004; + hwrng_dsc[n++] = (uint32_t)0x82500000; + hwrng_dsc[n++] = (uint32_t)0x60340000| (0x0000ffff & output_len); + hwrng_dsc[n++] = (uint32_t)output; + + /* Run descriptor with result written to blob buffer */ + /* Add job to input ring */ + // flush cache + g_input_ring[0] = (uint32_t)hwrng_dsc; + + flush_dcache_range((uint32_t)hwrng_dsc & ALIGN_MASK, + ((uint32_t)hwrng_dsc & ALIGN_MASK) + 128); + flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, + ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)hwrng_dsc & ALIGN_MASK, + ((uint32_t)hwrng_dsc & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, + ((uint32_t)g_input_ring & ALIGN_MASK) + 128); + invalidate_dcache_range((uint32_t)output & ALIGN_MASK, + (((uint32_t)output + 2 * output_len + 64) & ALIGN_MASK)); + /* Increment jobs added */ + __raw_writel(1, CAAM_IRJAR0); + + /* Wait for job ring to complete the job: 1 completed job expected */ + size_t timeout = 100000; + while(__raw_readl(CAAM_ORSFR0) != 1 && timeout--); + flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK, + ((uint32_t)g_output_ring & ALIGN_MASK) + 128); + + /* check that descriptor address is the one expected in the output ring */ + if(g_output_ring[0] == (uint32_t)hwrng_dsc) { + /* check if any error is reported in the output ring */ + if ((g_output_ring[1] & JOB_RING_STS) != 0) { + printf("Error: RNG job completed with errors 0x%X\n", + g_output_ring[1]); + ret = -1; + } + } else { + printf("Error: RNG output ring descriptor address does" \ + " not match\n"); + ret = -1; + + } + + /* Remove job from Job Ring Output Queue */ + __raw_writel(1, CAAM_ORJRR0); + + return ret; +} + + /*! * Initialize the CAAM. * @@ -307,8 +375,8 @@ void caam_open(void) /* switch on the clock */ temp_reg = __raw_readl(&mxc_ccm->CCGR0); - temp_reg |= MXC_CCM_CCGR0_CAAM_SECURE_MEM_MASK | - MXC_CCM_CCGR0_CAAM_WRAPPER_ACLK_MASK | + temp_reg |= MXC_CCM_CCGR0_CAAM_SECURE_MEM_MASK | + MXC_CCM_CCGR0_CAAM_WRAPPER_ACLK_MASK | MXC_CCM_CCGR0_CAAM_WRAPPER_IPG_MASK; __raw_writel(temp_reg, &mxc_ccm->CCGR0); @@ -318,7 +386,7 @@ void caam_open(void) * * However, still need to initialize Job Rings as these are torn * down by HAB for each command - */ + */ /* Initialize job ring addresses */ __raw_writel((uint32_t)g_input_ring, CAAM_IRBAR0); // input ring address @@ -330,7 +398,7 @@ void caam_open(void) /* HAB disables interrupts for JR0 so do the same here */ temp_reg = __raw_readl(CAAM_JRCFGR0_LS) | JRCFG_LS_IMSK; - __raw_writel(temp_reg, CAAM_JRCFGR0_LS); + __raw_writel(temp_reg, CAAM_JRCFGR0_LS); /********* Initialize and instantiate the RNG *******************/ /* if RNG already instantiated then skip it */ @@ -344,13 +412,13 @@ void caam_open(void) __raw_writel(temp_reg, CAAM_RTMCTL); /* Set delay */ - __raw_writel(((RNG_TRIM_ENT_DLY << 16) | 0x09C4), CAAM_RTSDCTL); + __raw_writel(((RNG_TRIM_ENT_DLY << 16) | 0x09C4), CAAM_RTSDCTL); __raw_writel((RNG_TRIM_ENT_DLY >> 1), CAAM_RTFRQMIN); __raw_writel((RNG_TRIM_ENT_DLY << 4), CAAM_RTFRQMAX); /* Resume TRNG Run mode */ temp_reg = __raw_readl(CAAM_RTMCTL) ^ RTMCTL_PGM; - __raw_writel(temp_reg, CAAM_RTMCTL); + __raw_writel(temp_reg, CAAM_RTMCTL); /* Clear the ERR bit in RTMCTL if set. The TRNG error can occur when the * RNG clock is not within 1/2x to 8x the system clock. @@ -367,7 +435,7 @@ void caam_open(void) flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK, ((uint32_t)g_input_ring & ALIGN_MASK) + 128); /* Increment jobs added */ - __raw_writel(1, CAAM_IRJAR0); + __raw_writel(1, CAAM_IRJAR0); /* Wait for job ring to complete the job: 1 completed job expected */ while(__raw_readl(CAAM_ORSFR0) != 1); @@ -399,13 +467,13 @@ void caam_open(void) temp_reg = __raw_readl(CAAM_RDSTA); if (temp_reg != (RDSTA_IF0 | RDSTA_SKVN)) { - + printf("Error: RNG instantiation failed 0x%X\n", temp_reg); } - + /* Remove job from Job Ring Output Queue */ __raw_writel(1, CAAM_ORJRR0); } - + return; } diff --git a/include/fsl_caam.h b/include/fsl_caam.h index d282a33..e1fdf77 100644 --- a/include/fsl_caam.h +++ b/include/fsl_caam.h @@ -70,5 +70,6 @@ uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t si //! @return ERROR_XXX //////////////////////////////////////////////////////////////////////////////// uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size); +uint32_t caam_hwrng(uint8_t *output_ptr, uint32_t output_len); #endif /* __CAAM_H__ */ |