From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=APhn=MM=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AB08FC636C8
	for <u-boot@archiver.kernel.org>; Tue, 20 Jul 2021 06:40:39 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 3489561004
	for <u-boot@archiver.kernel.org>; Tue, 20 Jul 2021 06:40:39 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3489561004
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=aspeedtech.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 315A982C54;
	Tue, 20 Jul 2021 08:39:56 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=aspeedtech.com
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
 id 269F182C54; Tue, 20 Jul 2021 08:39:34 +0200 (CEST)
Received: from twspam01.aspeedtech.com (twspam01.aspeedtech.com
 [211.20.114.71])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id B8A7082C44
 for <u-boot@lists.denx.de>; Tue, 20 Jul 2021 08:39:16 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none)
 header.from=aspeedtech.com
Authentication-Results: phobos.denx.de;
 spf=fail smtp.mailfrom=chiawei_wang@aspeedtech.com
Received: from mail.aspeedtech.com ([192.168.0.24])
 by twspam01.aspeedtech.com with ESMTP id 16K6M7u6039596;
 Tue, 20 Jul 2021 14:22:07 +0800 (GMT-8)
 (envelope-from chiawei_wang@aspeedtech.com)
Received: from ChiaWeiWang-PC.aspeed.com (192.168.2.66) by TWMBX02.aspeed.com
 (192.168.0.24) with Microsoft SMTP Server (TLS) id 15.0.1497.2;
 Tue, 20 Jul 2021 14:38:32 +0800
From: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
To: <lukma@denx.de>, <maxims@google.com>, <sjg@chromium.org>,
 <u-boot@lists.denx.de>
CC: <ryan_chen@aspeedtech.com>, <joel@jms.id.au>
Subject: [PATCH v3 08/14] crypto: aspeed: Add AST2600 ARCY support
Date: Tue, 20 Jul 2021 14:38:33 +0800
Message-ID: <20210720063839.1518-9-chiawei_wang@aspeedtech.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210720063839.1518-1-chiawei_wang@aspeedtech.com>
References: <20210720063839.1518-1-chiawei_wang@aspeedtech.com>
MIME-Version: 1.0
Content-Type: text/plain
X-Originating-IP: [192.168.2.66]
X-ClientProxiedBy: TWMBX02.aspeed.com (192.168.0.24) To TWMBX02.aspeed.com
 (192.168.0.24)
X-DNSRBL: 
X-MAIL: twspam01.aspeedtech.com 16K6M7u6039596
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

ARCY is deisnged to accerlerate ECC/RSA digital signature
generation and verification.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 drivers/crypto/aspeed/Kconfig       |  10 ++
 drivers/crypto/aspeed/Makefile      |   1 +
 drivers/crypto/aspeed/aspeed_arcy.c | 182 ++++++++++++++++++++++++++++
 lib/rsa/Kconfig                     |  10 +-
 4 files changed, 202 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/aspeed/aspeed_arcy.c

diff --git a/drivers/crypto/aspeed/Kconfig b/drivers/crypto/aspeed/Kconfig
index 299efc223f..9d896afa8a 100644
--- a/drivers/crypto/aspeed/Kconfig
+++ b/drivers/crypto/aspeed/Kconfig
@@ -10,3 +10,13 @@ config ASPEED_HACE
 
 	 Enabling this allows the use of SHA operations in hardware without requiring the
 	 SHA software implementations. It also improves performance and saves code size.
+
+config ASPEED_ARCY
+	bool "ASPEED RSA and ECC Engine"
+	depends on ASPEED_AST2600
+	help
+	 Select this option to enable a driver for using the RSA/ECC engine in
+	 the ASPEED BMC SoCs.
+
+	 Enabling this allows the use of RSA/ECC operations in hardware without requiring the
+	 software implementations. It also improves performance and saves code size.
diff --git a/drivers/crypto/aspeed/Makefile b/drivers/crypto/aspeed/Makefile
index 84e6bfe82a..8de95eef7e 100644
--- a/drivers/crypto/aspeed/Makefile
+++ b/drivers/crypto/aspeed/Makefile
@@ -1 +1,2 @@
 obj-$(CONFIG_ASPEED_HACE) += aspeed_hace.o
+obj-$(CONFIG_ASPEED_ARCY) += aspeed_arcy.o
diff --git a/drivers/crypto/aspeed/aspeed_arcy.c b/drivers/crypto/aspeed/aspeed_arcy.c
new file mode 100644
index 0000000000..d3da869f83
--- /dev/null
+++ b/drivers/crypto/aspeed/aspeed_arcy.c
@@ -0,0 +1,182 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2021 ASPEED Technology Inc.
+ */
+#include <config.h>
+#include <common.h>
+#include <clk.h>
+#include <dm.h>
+#include <asm/types.h>
+#include <asm/io.h>
+#include <dm/device.h>
+#include <dm/fdtaddr.h>
+#include <linux/delay.h>
+#include <u-boot/rsa-mod-exp.h>
+
+/* ARCY register offsets */
+#define ARCY_CTRL1		0x00
+#define   ARCY_CTRL1_RSA_DMA		BIT(1)
+#define   ARCY_CTRL1_RSA_START		BIT(0)
+#define ARCY_CTRL2		0x44
+#define ARCY_CTRL3		0x48
+#define   ARCY_CTRL3_SRAM_AHB_ACCESS	BIT(8)
+#define   ARCY_CTRL3_ECC_RSA_MODE_MASK	GENMASK(5, 4)
+#define   ARCY_CTRL3_ECC_RSA_MODE_SHIFT	4
+#define ARCY_DMA_DRAM_SADDR	0x4c
+#define ARCY_DMA_DMEM_TADDR	0x50
+#define   ARCY_DMA_DMEM_TADDR_LEN_MASK	GENMASK(15, 0)
+#define   ARCY_DMA_DMEM_TADDR_LEN_SHIFT	0
+#define ARCY_RSA_PARAM		0x58
+#define   ARCY_RSA_PARAM_EXP_MASK	GENMASK(31, 16)
+#define   ARCY_RSA_PARAM_EXP_SHIFT	16
+#define   ARCY_RSA_PARAM_MOD_MASK	GENMASK(15, 0)
+#define   ARCY_RSA_PARAM_MOD_SHIFT	0
+#define ARCY_RSA_INT_EN		0x3f8
+#define   ARCY_RSA_INT_EN_RSA_READY	BIT(2)
+#define   ARCY_RSA_INT_EN_RSA_CMPLT	BIT(1)
+#define ARCY_RSA_INT_STS	0x3fc
+#define   ARCY_RSA_INT_STS_RSA_READY	BIT(2)
+#define   ARCY_RSA_INT_STS_RSA_CMPLT	BIT(1)
+
+/* misc. constant */
+#define ARCY_ECC_MODE	2
+#define ARCY_RSA_MODE	3
+#define ARCY_CTX_BUFSZ	0x600
+
+struct aspeed_arcy {
+	phys_addr_t base;
+	phys_addr_t sram_base; /* internal sram */
+	struct clk clk;
+};
+
+static int aspeed_arcy_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
+			       struct key_prop *prop, uint8_t *out)
+{
+	int i, j;
+	u8 *ctx;
+	u8 *ptr;
+	u32 reg;
+	struct aspeed_arcy *arcy = dev_get_priv(dev);
+
+	ctx = memalign(16, ARCY_CTX_BUFSZ);
+	if (!ctx)
+		return -ENOMEM;
+
+	memset(ctx, 0, ARCY_CTX_BUFSZ);
+
+	ptr = (u8 *)prop->public_exponent;
+	for (i = prop->exp_len - 1, j = 0; i >= 0; --i) {
+		ctx[j] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	ptr = (u8 *)prop->modulus;
+	for (i = (prop->num_bits >> 3) - 1, j = 0; i >= 0; --i) {
+		ctx[j + 16] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	ptr = (u8 *)sig;
+	for (i = sig_len - 1, j = 0; i >= 0; --i) {
+		ctx[j + 32] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	writel((u32)ctx, arcy->base + ARCY_DMA_DRAM_SADDR);
+
+	reg = (((prop->exp_len << 3) << ARCY_RSA_PARAM_EXP_SHIFT) & ARCY_RSA_PARAM_EXP_MASK) |
+		  ((prop->num_bits << ARCY_RSA_PARAM_MOD_SHIFT) & ARCY_RSA_PARAM_MOD_MASK);
+	writel(reg, arcy->base + ARCY_RSA_PARAM);
+
+	reg = (ARCY_CTX_BUFSZ << ARCY_DMA_DMEM_TADDR_LEN_SHIFT) & ARCY_DMA_DMEM_TADDR_LEN_MASK;
+	writel(reg, arcy->base + ARCY_DMA_DMEM_TADDR);
+
+	reg = (ARCY_RSA_MODE << ARCY_CTRL3_ECC_RSA_MODE_SHIFT) & ARCY_CTRL3_ECC_RSA_MODE_MASK;
+	writel(reg, arcy->base + ARCY_CTRL3);
+
+	writel(ARCY_CTRL1_RSA_DMA | ARCY_CTRL1_RSA_START, arcy->base + ARCY_CTRL1);
+
+	/* polling RSA status */
+	while (1) {
+		reg = readl(arcy->base + ARCY_RSA_INT_STS);
+		if ((reg & ARCY_RSA_INT_STS_RSA_READY) && (reg & ARCY_RSA_INT_STS_RSA_CMPLT))
+			break;
+		udelay(20);
+	}
+
+	writel(0x0, arcy->base + ARCY_CTRL1);
+	writel(ARCY_CTRL3_SRAM_AHB_ACCESS, arcy->base + ARCY_CTRL3);
+	udelay(20);
+
+	for (i = (prop->num_bits / 8) - 1, j = 0; i >= 0; --i) {
+		out[i] = readb(arcy->sram_base + (j + 32));
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	return 0;
+}
+
+static int aspeed_arcy_probe(struct udevice *dev)
+{
+	struct aspeed_arcy *arcy = dev_get_priv(dev);
+	int ret;
+
+	ret = clk_get_by_index(dev, 0, &arcy->clk);
+	if (ret < 0) {
+		debug("Can't get clock for %s: %d\n", dev->name, ret);
+		return ret;
+	}
+
+	ret = clk_enable(&arcy->clk);
+	if (ret) {
+		debug("Failed to enable arcy clock (%d)\n", ret);
+		return ret;
+	}
+
+	arcy->base = devfdt_get_addr_index(dev, 0);
+	if (arcy->base == FDT_ADDR_T_NONE) {
+		debug("Failed to get arcy base\n");
+		return arcy->base;
+	}
+
+	arcy->sram_base = devfdt_get_addr_index(dev, 1);
+	if (arcy->sram_base == FDT_ADDR_T_NONE) {
+		debug("Failed to get arcy SRAM base\n");
+		return arcy->sram_base;
+	}
+
+	return ret;
+}
+
+static int aspeed_arcy_remove(struct udevice *dev)
+{
+	struct aspeed_arcy *arcy = dev_get_priv(dev);
+
+	clk_disable(&arcy->clk);
+
+	return 0;
+}
+
+static const struct mod_exp_ops aspeed_arcy_ops = {
+	.mod_exp = aspeed_arcy_mod_exp,
+};
+
+static const struct udevice_id aspeed_arcy_ids[] = {
+	{ .compatible = "aspeed,ast2600-arcy" },
+	{ }
+};
+
+U_BOOT_DRIVER(aspeed_arcy) = {
+	.name = "aspeed_arcy",
+	.id = UCLASS_MOD_EXP,
+	.of_match = aspeed_arcy_ids,
+	.probe = aspeed_arcy_probe,
+	.remove = aspeed_arcy_remove,
+	.priv_auto = sizeof(struct aspeed_arcy),
+	.ops = &aspeed_arcy_ops,
+	.flags = DM_FLAG_PRE_RELOC,
+};
diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index a90d67e5a8..81c0936e58 100644
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -1,7 +1,8 @@
 config RSA
 	bool "Use RSA Library"
 	select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5
-	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
+	select RSA_ASPEED_EXP if ASPEED_ARCY
+	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
 	help
 	  RSA support. This enables the RSA algorithm used for FIT image
 	  verification in U-Boot.
@@ -61,4 +62,11 @@ config RSA_FREESCALE_EXP
 	Enables driver for RSA modular exponentiation using Freescale cryptographic
 	accelerator - CAAM.
 
+config RSA_ASPEED_EXP
+	bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
+	depends on DM && ASPEED_ARCY
+	help
+	Enables driver for RSA modular exponentiation using ASPEED cryptographic
+	accelerator - ARCY
+
 endif
-- 
2.17.1