RE: [PATCH v3 2/2] crypto: caam - OP-TEE firmware support

[Gaurav Jain <gaurav.jain@nxp.com>]

Reviewed-by: Gaurav Jain <gaurav.jain@nxp.com>

> -----Original Message-----
> From: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
> Sent: Wednesday, April 5, 2023 2:38 PM
> To: Horia Geanta <horia.geanta@nxp.com>; Varun Sethi <V.Sethi@nxp.com>;
> Pankaj Gupta <pankaj.gupta@nxp.com>; Gaurav Jain <gaurav.jain@nxp.com>;
> herbert@gondor.apana.org.au; davem@davemloft.net; linux-
> crypto@vger.kernel.org; linux-kernel@vger.kernel.org
> Cc: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
> Subject: [PATCH v3 2/2] crypto: caam - OP-TEE firmware support
> 
> From: Horia GeantA <horia.geanta@nxp.com>
> 
> caam driver needs to be aware of OP-TEE f/w presence, since some things are
> done differently:
> 
> 1. there is no access to controller's register page (note however that some
> registers are aliased in job rings' register pages)
> 
> 2 Due to this, MCFGR[PS] cannot be read and driver assumes MCFGR[PS] = b'0 -
> engine using 32-bit address pointers.
> 
> This is in sync with the fact that:
> -all i.MX SoCs currently use MCFGR[PS] = b'0 -only i.MX OP-TEE use cases don't
> allow access to controller register page
> 
> Signed-off-by: Horia GeantA <horia.geanta@nxp.com>
> Signed-off-by: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
> ---
>  drivers/crypto/caam/ctrl.c    | 23 ++++++++++++++++++++++-
>  drivers/crypto/caam/debugfs.c |  3 +++
>  drivers/crypto/caam/intern.h  |  1 +
>  3 files changed, 26 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c index
> de1f0acdb712..9c5a035e1b96 100644
> --- a/drivers/crypto/caam/ctrl.c
> +++ b/drivers/crypto/caam/ctrl.c
> @@ -633,6 +633,7 @@ static int caam_probe(struct platform_device *pdev)
>  	int pg_size;
>  	int BLOCK_OFFSET = 0;
>  	bool pr_support = false;
> +	bool reg_access = true;
> 
>  	ctrlpriv = devm_kzalloc(&pdev->dev, sizeof(*ctrlpriv), GFP_KERNEL);
>  	if (!ctrlpriv)
> @@ -646,6 +647,17 @@ static int caam_probe(struct platform_device *pdev)
>  	caam_imx = (bool)imx_soc_match;
> 
>  	if (imx_soc_match) {
> +		/*
> +		 * Until Layerscape and i.MX OP-TEE get in sync,
> +		 * only i.MX OP-TEE use cases disallow access to
> +		 * caam page 0 (controller) registers.
> +		 */
> +		np = of_find_compatible_node(NULL, NULL, "linaro,optee-tz");
> +		ctrlpriv->optee_en = !!np;
> +		of_node_put(np);
> +
> +		reg_access = !ctrlpriv->optee_en;
> +
>  		if (!imx_soc_match->data) {
>  			dev_err(dev, "No clock data provided for i.MX SoC");
>  			return -EINVAL;
> @@ -696,7 +708,8 @@ static int caam_probe(struct platform_device *pdev)
>  	caam_little_end = !(bool)(rd_reg32(&perfmon->status) &
>  				  (CSTA_PLEND | CSTA_ALT_PLEND));
>  	comp_params = rd_reg32(&perfmon->comp_parms_ms);
> -	if (comp_params & CTPR_MS_PS && rd_reg32(&ctrl->mcr) &
> MCFGR_LONG_PTR)
> +	if (reg_access && comp_params & CTPR_MS_PS &&
> +	    rd_reg32(&ctrl->mcr) & MCFGR_LONG_PTR)
>  		caam_ptr_sz = sizeof(u64);
>  	else
>  		caam_ptr_sz = sizeof(u32);
> @@ -761,6 +774,9 @@ static int caam_probe(struct platform_device *pdev)
>  	}
>  #endif
> 
> +	if (!reg_access)
> +		goto set_dma_mask;
> +
>  	/*
>  	 * Enable DECO watchdogs and, if this is a PHYS_ADDR_T_64BIT kernel,
>  	 * long pointers in master configuration register.
> @@ -800,6 +816,7 @@ static int caam_probe(struct platform_device *pdev)
>  			      JRSTART_JR1_START | JRSTART_JR2_START |
>  			      JRSTART_JR3_START);
> 
> +set_dma_mask:
>  	ret = dma_set_mask_and_coherent(dev, caam_get_dma_mask(dev));
>  	if (ret) {
>  		dev_err(dev, "dma_set_mask_and_coherent failed (%d)\n", ret);
> @@ -842,6 +859,9 @@ static int caam_probe(struct platform_device *pdev)
>  		return -ENOMEM;
>  	}
> 
> +	if (!reg_access)
> +		goto report_live;
> +
>  	comp_params = rd_reg32(&perfmon->comp_parms_ls);
>  	ctrlpriv->blob_present = !!(comp_params & CTPR_LS_BLOB);
> 
> @@ -944,6 +964,7 @@ static int caam_probe(struct platform_device *pdev)
>  		clrsetbits_32(&ctrl->scfgr, 0, SCFGR_RDBENABLE);
>  	}
> 
> +report_live:
>  	/* NOTE: RTIC detection ought to go here, around Si time */
> 
>  	caam_id = (u64)rd_reg32(&perfmon->caam_id_ms) << 32 | diff --git
> a/drivers/crypto/caam/debugfs.c b/drivers/crypto/caam/debugfs.c index
> b2ef2273298d..6358d3cabf57 100644
> --- a/drivers/crypto/caam/debugfs.c
> +++ b/drivers/crypto/caam/debugfs.c
> @@ -77,6 +77,9 @@ void caam_debugfs_init(struct caam_drv_private *ctrlpriv,
>  	debugfs_create_file("fault_status", 0444, ctrlpriv->ctl,
>  			    &perfmon->status, &caam_fops_u32_ro);
> 
> +	if (ctrlpriv->optee_en)
> +		return;
> +
>  	/* Internal covering keys (useful in non-secure mode only) */
>  	ctrlpriv->ctl_kek_wrap.data = (__force void *)&ctrlpriv->ctrl->kek[0];
>  	ctrlpriv->ctl_kek_wrap.size = KEK_KEY_SIZE * sizeof(u32); diff --git
> a/drivers/crypto/caam/intern.h b/drivers/crypto/caam/intern.h index
> 572cf66c887a..86ed1b91c22d 100644
> --- a/drivers/crypto/caam/intern.h
> +++ b/drivers/crypto/caam/intern.h
> @@ -94,6 +94,7 @@ struct caam_drv_private {
>  	u8 qi_present;		/* Nonzero if QI present in device */
>  	u8 blob_present;	/* Nonzero if BLOB support present in device */
>  	u8 mc_en;		/* Nonzero if MC f/w is active */
> +	u8 optee_en;		/* Nonzero if OP-TEE f/w is active */
>  	int secvio_irq;		/* Security violation interrupt number */
>  	int virt_en;		/* Virtualization enabled in CAAM */
>  	int era;		/* CAAM Era (internal HW revision) */
> --
> 2.25.1