1/* SPDX-License-Identifier: GPL-2.0+ */ 2/* 3 * Common internal memory map for some Freescale SoCs 4 * 5 * Copyright 2014 Freescale Semiconductor, Inc. 6 * Copyright 2018, 2021 NXP 7 */ 8 9#ifndef __FSL_SEC_H 10#define __FSL_SEC_H 11 12#include <asm/io.h> 13 14#ifdef CONFIG_SYS_FSL_SEC_LE 15#define sec_in32(a) in_le32((ulong *)(ulong)(a)) 16#define sec_out32(a, v) out_le32((ulong *)(ulong)(a), v) 17#define sec_in16(a) in_le16(a) 18#define sec_clrbits32 clrbits_le32 19#define sec_setbits32 setbits_le32 20#elif defined(CONFIG_SYS_FSL_SEC_BE) 21#define sec_in32(a) in_be32(a) 22#define sec_out32(a, v) out_be32(a, v) 23#define sec_in16(a) in_be16(a) 24#define sec_clrbits32 clrbits_be32 25#define sec_setbits32 setbits_be32 26#elif defined(CONFIG_SYS_FSL_HAS_SEC) 27#error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined 28#endif 29 30#define BLOB_SIZE(x) ((x) + 32 + 16) /* Blob buffer size */ 31 32/* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ 33#if CONFIG_SYS_FSL_SEC_COMPAT >= 4 34/* RNG4 TRNG test registers */ 35struct rng4tst { 36#define RTMCTL_PRGM 0x00010000 /* 1 -> program mode, 0 -> run mode */ 37#define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_SC 0 /* use von Neumann data in 38 both entropy shifter and 39 statistical checker */ 40#define RTMCTL_SAMP_MODE_RAW_ES_SC 1 /* use raw data in both 41 entropy shifter and 42 statistical checker */ 43#define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_RAW_SC 2 /* use von Neumann data in 44 entropy shifter, raw data 45 in statistical checker */ 46#define RTMCTL_SAMP_MODE_INVALID 3 /* invalid combination */ 47 u32 rtmctl; /* misc. control register */ 48 u32 rtscmisc; /* statistical check misc. register */ 49 u32 rtpkrrng; /* poker range register */ 50#ifdef CONFIG_MX6SX 51#define RTSDCTL_ENT_DLY 12000 52#else 53#define RTSDCTL_ENT_DLY 3200 54#endif 55#define RTSDCTL_ENT_DLY_MAX 12800 56 union { 57 u32 rtpkrmax; /* PRGM=1: poker max. limit register */ 58 u32 rtpkrsq; /* PRGM=0: poker square calc. result register */ 59 }; 60#define RTSDCTL_ENT_DLY_SHIFT 16 61#define RTSDCTL_ENT_DLY_MASK (0xffff << RTSDCTL_ENT_DLY_SHIFT) 62 u32 rtsdctl; /* seed control register */ 63 union { 64 u32 rtsblim; /* PRGM=1: sparse bit limit register */ 65 u32 rttotsam; /* PRGM=0: total samples register */ 66 }; 67 u32 rtfreqmin; /* frequency count min. limit register */ 68#define RTFRQMAX_DISABLE (1 << 20) 69 union { 70 u32 rtfreqmax; /* PRGM=1: freq. count max. limit register */ 71 u32 rtfreqcnt; /* PRGM=0: freq. count register */ 72 }; 73 u32 rsvd1[40]; 74#define RDSTA_IF(idx) (0x00000001 << (idx)) 75#define RDSTA_PR(idx) (0x00000010 << (idx)) 76#define RDSTA_MASK (RDSTA_PR(1) | RDSTA_PR(0) | RDSTA_IF(1) | RDSTA_IF(0)) 77#define RDSTA_SKVN 0x40000000 78 u32 rdsta; /*RNG DRNG Status Register*/ 79 u32 rsvd2[15]; 80}; 81 82/* Version registers (Era 10+) */ 83struct version_regs { 84 u32 crca; /* CRCA_VERSION */ 85 u32 afha; /* AFHA_VERSION */ 86 u32 kfha; /* KFHA_VERSION */ 87 u32 pkha; /* PKHA_VERSION */ 88 u32 aesa; /* AESA_VERSION */ 89 u32 mdha; /* MDHA_VERSION */ 90 u32 desa; /* DESA_VERSION */ 91 u32 snw8a; /* SNW8A_VERSION */ 92 u32 snw9a; /* SNW9A_VERSION */ 93 u32 zuce; /* ZUCE_VERSION */ 94 u32 zuca; /* ZUCA_VERSION */ 95 u32 ccha; /* CCHA_VERSION */ 96 u32 ptha; /* PTHA_VERSION */ 97 u32 rng; /* RNG_VERSION */ 98 u32 trng; /* TRNG_VERSION */ 99 u32 aaha; /* AAHA_VERSION */ 100 u32 rsvd[10]; 101 u32 sr; /* SR_VERSION */ 102 u32 dma; /* DMA_VERSION */ 103 u32 ai; /* AI_VERSION */ 104 u32 qi; /* QI_VERSION */ 105 u32 jr; /* JR_VERSION */ 106 u32 deco; /* DECO_VERSION */ 107}; 108 109#define CHA_VER_NUM_MASK 0x000000ff 110#define CHA_VER_MISC_SHIFT 8 111#define CHA_VER_MISC_MASK 0x0000ff00 112#define CHA_VER_REV_SHIFT 16 113#define CHA_VER_REV_MASK 0x00ff0000 114#define CHA_VER_VID_SHIFT 24 115#define CHA_VER_VID_MASK 0xff000000 116 117typedef struct ccsr_sec { 118 u32 res0; 119 u32 mcfgr; /* Master CFG Register */ 120 u8 res1[0x4]; 121 u32 scfgr; 122 struct { 123 u32 ms; /* Job Ring LIODN Register, MS */ 124 u32 ls; /* Job Ring LIODN Register, LS */ 125 } jrliodnr[4]; 126 u8 res2[0x2c]; 127 u32 jrstartr; /* Job Ring Start Register */ 128 struct { 129 u32 ms; /* RTIC LIODN Register, MS */ 130 u32 ls; /* RTIC LIODN Register, LS */ 131 } rticliodnr[4]; 132 u8 res3[0x1c]; 133 u32 decorr; /* DECO Request Register */ 134 struct { 135 u32 ms; /* DECO LIODN Register, MS */ 136 u32 ls; /* DECO LIODN Register, LS */ 137 } decoliodnr[16]; 138 u32 dar; /* DECO Avail Register */ 139 u32 drr; /* DECO Reset Register */ 140 u8 res5[0x4d8]; 141 struct rng4tst rng; /* RNG Registers */ 142 u8 res6[0x780]; 143 struct version_regs vreg; /* version registers since era 10 */ 144 u8 res7[0xa0]; 145 u32 crnr_ms; /* CHA Revision Number Register, MS */ 146 u32 crnr_ls; /* CHA Revision Number Register, LS */ 147 u32 ctpr_ms; /* Compile Time Parameters Register, MS */ 148 u32 ctpr_ls; /* Compile Time Parameters Register, LS */ 149 u8 res8[0x10]; 150 u32 far_ms; /* Fault Address Register, MS */ 151 u32 far_ls; /* Fault Address Register, LS */ 152 u32 falr; /* Fault Address LIODN Register */ 153 u32 fadr; /* Fault Address Detail Register */ 154 u8 res9[0x4]; 155 u32 csta; /* CAAM Status Register */ 156 u32 smpart; /* Secure Memory Partition Parameters */ 157 u32 smvid; /* Secure Memory Version ID */ 158 u32 rvid; /* Run Time Integrity Checking Version ID Reg.*/ 159 u32 ccbvid; /* CHA Cluster Block Version ID Register */ 160 u32 chavid_ms; /* CHA Version ID Register, MS */ 161 u32 chavid_ls; /* CHA Version ID Register, LS */ 162 u32 chanum_ms; /* CHA Number Register, MS */ 163 u32 chanum_ls; /* CHA Number Register, LS */ 164 u32 secvid_ms; /* SEC Version ID Register, MS */ 165 u32 secvid_ls; /* SEC Version ID Register, LS */ 166#if defined(CONFIG_FSL_LSCH2) || defined(CONFIG_FSL_LSCH3) 167 u8 res10[0x6f020]; 168#else 169 u8 res10[0x6020]; 170#endif 171 u32 qilcr_ms; /* Queue Interface LIODN CFG Register, MS */ 172 u32 qilcr_ls; /* Queue Interface LIODN CFG Register, LS */ 173#if defined(CONFIG_FSL_LSCH2) || defined(CONFIG_FSL_LSCH3) 174 u8 res11[0x8ffd8]; 175#else 176 u8 res11[0x8fd8]; 177#endif 178} ccsr_sec_t; 179 180#define SEC_CTPR_MS_AXI_LIODN 0x08000000 181#define SEC_CTPR_MS_QI 0x02000000 182#define SEC_CTPR_MS_VIRT_EN_INCL 0x00000001 183#define SEC_CTPR_MS_VIRT_EN_POR 0x00000002 184#define SEC_RVID_MA 0x0f000000 185#define SEC_CHANUM_MS_JRNUM_MASK 0xf0000000 186#define SEC_CHANUM_MS_JRNUM_SHIFT 28 187#define SEC_CHANUM_MS_DECONUM_MASK 0x0f000000 188#define SEC_CHANUM_MS_DECONUM_SHIFT 24 189#define SEC_SECVID_MS_IPID_MASK 0xffff0000 190#define SEC_SECVID_MS_IPID_SHIFT 16 191#define SEC_SECVID_MS_MAJ_REV_MASK 0x0000ff00 192#define SEC_SECVID_MS_MAJ_REV_SHIFT 8 193#define SEC_CCBVID_ERA_MASK 0xff000000 194#define SEC_CCBVID_ERA_SHIFT 24 195#define SEC_SCFGR_RDBENABLE 0x00000400 196#define SEC_SCFGR_VIRT_EN 0x00008000 197#define SEC_CHAVID_LS_RNG_SHIFT 16 198#define SEC_CHAVID_RNG_LS_MASK 0x000f0000 199 200struct jr_regs { 201#if defined(CONFIG_SYS_FSL_SEC_LE) && \ 202 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 203 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 204 u32 irba_l; 205 u32 irba_h; 206#else 207 u32 irba_h; 208 u32 irba_l; 209#endif 210 u32 rsvd1; 211 u32 irs; 212 u32 rsvd2; 213 u32 irsa; 214 u32 rsvd3; 215 u32 irja; 216#if defined(CONFIG_SYS_FSL_SEC_LE) && \ 217 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 218 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 219 u32 orba_l; 220 u32 orba_h; 221#else 222 u32 orba_h; 223 u32 orba_l; 224#endif 225 u32 rsvd4; 226 u32 ors; 227 u32 rsvd5; 228 u32 orjr; 229 u32 rsvd6; 230 u32 orsf; 231 u32 rsvd7; 232 u32 jrsta; 233 u32 rsvd8; 234 u32 jrint; 235 u32 jrcfg0; 236 u32 jrcfg1; 237 u32 rsvd9; 238 u32 irri; 239 u32 rsvd10; 240 u32 orwi; 241 u32 rsvd11; 242 u32 jrcr; 243}; 244 245/* 246 * Scatter Gather Entry - Specifies the the Scatter Gather Format 247 * related information 248 */ 249struct sg_entry { 250#if defined(CONFIG_SYS_FSL_SEC_LE) && \ 251 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 252 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 253 uint32_t addr_lo; /* Memory Address - lo */ 254 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 255#else 256 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 257 uint32_t addr_lo; /* Memory Address - lo */ 258#endif 259 260 uint32_t len_flag; /* Length of the data in the frame */ 261#define SG_ENTRY_LENGTH_MASK 0x3FFFFFFF 262#define SG_ENTRY_EXTENSION_BIT 0x80000000 263#define SG_ENTRY_FINAL_BIT 0x40000000 264 uint32_t bpid_offset; 265#define SG_ENTRY_BPID_MASK 0x00FF0000 266#define SG_ENTRY_BPID_SHIFT 16 267#define SG_ENTRY_OFFSET_MASK 0x00001FFF 268#define SG_ENTRY_OFFSET_SHIFT 0 269}; 270 271#if defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 272 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8) 273/* Job Ring Base Address */ 274#define JR_BASE_ADDR(x) (CFG_SYS_FSL_SEC_ADDR + 0x1000 * (x + 1)) 275/* Secure Memory Offset varies accross versions */ 276#define SM_V1_OFFSET 0x0f4 277#define SM_V2_OFFSET 0xa00 278/*Secure Memory Versioning */ 279#define SMVID_V2 0x20105 280#define SM_VERSION(x) ({typeof(x) _x = x; \ 281 _x < SMVID_V2 ? 1 : (_x < 0x20300 ? 2 : 3); }) 282#define SM_OFFSET(x) (x == 1 ? SM_V1_OFFSET : SM_V2_OFFSET) 283/* CAAM Job Ring 0 Registers */ 284/* Secure Memory Partition Owner register */ 285#define SMCSJR_PO (3 << 6) 286/* JR Allocation Error */ 287#define SMCSJR_AERR (3 << 12) 288/* Secure memory partition 0 page 0 owner register */ 289#define CAAM_SMPO_0 (CFG_SYS_FSL_SEC_ADDR + 0x1FBC) 290/* Secure memory command register */ 291#define CAAM_SMCJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_CMD(v)) 292/* Secure memory command status register */ 293#define CAAM_SMCSJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_STATUS(v)) 294/* Secure memory access permissions register */ 295#define CAAM_SMAPJR(v, jr, y) \ 296 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_PERM(v) + y * 16) 297/* Secure memory access group 2 register */ 298#define CAAM_SMAG2JR(v, jr, y) \ 299 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP2(v) + y * 16) 300/* Secure memory access group 1 register */ 301#define CAAM_SMAG1JR(v, jr, y) \ 302 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP1(v) + y * 16) 303 304/* Commands and macros for secure memory */ 305#define SM_CMD(v) (v == 1 ? 0x0 : 0x1E4) 306#define SM_STATUS(v) (v == 1 ? 0x8 : 0x1EC) 307#define SM_PERM(v) (v == 1 ? 0x10 : 0x4) 308#define SM_GROUP2(v) ({typeof(v) _v = v; \ 309 _v == 1 ? 0x14 : (_v == 2 ? 0x8 : 0xC); }) 310#define SM_GROUP1(v) ({typeof(v) _v = v; \ 311 _v == 1 ? 0x18 : (_v == 2 ? 0xC : 0x8); }) 312#define CMD_PAGE_ALLOC 0x1 313#define CMD_PAGE_DEALLOC 0x2 314#define CMD_PART_DEALLOC 0x3 315#define CMD_INQUIRY 0x5 316#define CMD_COMPLETE (3 << 14) 317#define PAGE_AVAILABLE 0 318#define PAGE_OWNED (3 << 6) 319#define PAGE(x) (x << 16) 320#define PARTITION(x) (x << 8) 321#define PARTITION_OWNER(x) (0x3 << (x*2)) 322 323/* Address of secure 4kbyte pages */ 324#define SEC_MEM_PAGE0 CAAM_ARB_BASE_ADDR 325#define SEC_MEM_PAGE1 (CAAM_ARB_BASE_ADDR + 0x1000) 326#define SEC_MEM_PAGE2 (CAAM_ARB_BASE_ADDR + 0x2000) 327#define SEC_MEM_PAGE3 (CAAM_ARB_BASE_ADDR + 0x3000) 328 329#ifdef CONFIG_IMX8M 330#define JR_MID (1) /* Matches ATF configuration */ 331#define KS_G1 (0x10000 << JR_MID) /* CAAM only */ 332#define PERM (0xB080) /* CSP, SMAP_LCK, SMAG_LCK, G1_BLOB */ 333#else 334#define JR_MID (2) /* Matches ROM configuration */ 335#define KS_G1 BIT(JR_MID) /* CAAM only */ 336#define PERM (0xB008) /* CSP, SMAP_LCK, SMAG_LCK, G1_BLOB */ 337#endif /* CONFIG_IMX8M */ 338 339/* HAB WRAPPED KEY header */ 340#define WRP_HDR_SIZE 0x08 341#define HDR_TAG 0x81 342#define HDR_PAR 0x41 343/* HAB WRAPPED KEY Data */ 344#define HAB_MOD 0x66 345#define HAB_ALG 0x55 346#define HAB_FLG 0x00 347 348/* Partition and Page IDs */ 349#define PARTITION_1 1 350#define PAGE_1 1 351 352#define ERROR_IN_PAGE_ALLOC 1 353#define ECONSTRJDESC -1 354 355#endif 356 357#define FSL_CAAM_MP_PUBK_BYTES 64 358#define FSL_CAAM_MP_PRVK_BYTES 32 359#define FSL_CAAM_MP_MES_DGST_BYTES 32 360 361#define FSL_CAAM_ORSR_JRa_OFFSET 0x102c 362#define FSL_CAAM_MAX_JR_SIZE 4 363 364/* blob_dek: 365 * Encapsulates the src in a secure blob and stores it dst 366 * @src: reference to the plaintext 367 * @dst: reference to the output adrress 368 * @len: size in bytes of src 369 * @return: 0 on success, error otherwise 370 */ 371int blob_dek(const u8 *src, u8 *dst, u8 len); 372 373int gen_mppubk(u8 *dst); 374 375int sign_mppubk(const u8 *m, int data_size, u8 *dgst, u8 *c, u8 *d); 376 377#if defined(CONFIG_ARCH_C29X) 378int sec_init_idx(uint8_t); 379#endif 380int sec_init(void); 381 382u8 caam_get_era(void); 383#endif 384 385#endif /* __FSL_SEC_H */ 386