1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * Common internal memory map for some Freescale SoCs 4 * 5 * Copyright 2014 Freescale Semiconductor, Inc. 6 * Copyright 2018, 2021 NXP 7 */ 8 9 #ifndef __FSL_SEC_H 10 #define __FSL_SEC_H 11 12 #include <common.h> 13 #include <asm/io.h> 14 15 #ifdef CONFIG_SYS_FSL_SEC_LE 16 #define sec_in32(a) in_le32((ulong *)(ulong)a) 17 #define sec_out32(a, v) out_le32((ulong *)(ulong)a, v) 18 #define sec_in16(a) in_le16(a) 19 #define sec_clrbits32 clrbits_le32 20 #define sec_setbits32 setbits_le32 21 #elif defined(CONFIG_SYS_FSL_SEC_BE) 22 #define sec_in32(a) in_be32(a) 23 #define sec_out32(a, v) out_be32(a, v) 24 #define sec_in16(a) in_be16(a) 25 #define sec_clrbits32 clrbits_be32 26 #define sec_setbits32 setbits_be32 27 #elif defined(CONFIG_SYS_FSL_HAS_SEC) 28 #error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined 29 #endif 30 31 #define BLOB_SIZE(x) ((x) + 32 + 16) /* Blob buffer size */ 32 33 /* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ 34 #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 35 /* RNG4 TRNG test registers */ 36 struct rng4tst { 37 #define RTMCTL_PRGM 0x00010000 /* 1 -> program mode, 0 -> run mode */ 38 #define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_SC 0 /* use von Neumann data in 39 both entropy shifter and 40 statistical checker */ 41 #define RTMCTL_SAMP_MODE_RAW_ES_SC 1 /* use raw data in both 42 entropy shifter and 43 statistical checker */ 44 #define RTMCTL_SAMP_MODE_VON_NEUMANN_ES_RAW_SC 2 /* use von Neumann data in 45 entropy shifter, raw data 46 in statistical checker */ 47 #define RTMCTL_SAMP_MODE_INVALID 3 /* invalid combination */ 48 u32 rtmctl; /* misc. control register */ 49 u32 rtscmisc; /* statistical check misc. register */ 50 u32 rtpkrrng; /* poker range register */ 51 #ifdef CONFIG_MX6SX 52 #define RTSDCTL_ENT_DLY 12000 53 #else 54 #define RTSDCTL_ENT_DLY 3200 55 #endif 56 #define RTSDCTL_ENT_DLY_MAX 12800 57 union { 58 u32 rtpkrmax; /* PRGM=1: poker max. limit register */ 59 u32 rtpkrsq; /* PRGM=0: poker square calc. result register */ 60 }; 61 #define RTSDCTL_ENT_DLY_SHIFT 16 62 #define RTSDCTL_ENT_DLY_MASK (0xffff << RTSDCTL_ENT_DLY_SHIFT) 63 u32 rtsdctl; /* seed control register */ 64 union { 65 u32 rtsblim; /* PRGM=1: sparse bit limit register */ 66 u32 rttotsam; /* PRGM=0: total samples register */ 67 }; 68 u32 rtfreqmin; /* frequency count min. limit register */ 69 #define RTFRQMAX_DISABLE (1 << 20) 70 union { 71 u32 rtfreqmax; /* PRGM=1: freq. count max. limit register */ 72 u32 rtfreqcnt; /* PRGM=0: freq. count register */ 73 }; 74 u32 rsvd1[40]; 75 #define RDSTA_IF(idx) (0x00000001 << (idx)) 76 #define RDSTA_PR(idx) (0x00000010 << (idx)) 77 #define RDSTA_MASK (RDSTA_PR(1) | RDSTA_PR(0) | RDSTA_IF(1) | RDSTA_IF(0)) 78 #define RDSTA_SKVN 0x40000000 79 u32 rdsta; /*RNG DRNG Status Register*/ 80 u32 rsvd2[15]; 81 }; 82 83 /* Version registers (Era 10+) */ 84 struct version_regs { 85 u32 crca; /* CRCA_VERSION */ 86 u32 afha; /* AFHA_VERSION */ 87 u32 kfha; /* KFHA_VERSION */ 88 u32 pkha; /* PKHA_VERSION */ 89 u32 aesa; /* AESA_VERSION */ 90 u32 mdha; /* MDHA_VERSION */ 91 u32 desa; /* DESA_VERSION */ 92 u32 snw8a; /* SNW8A_VERSION */ 93 u32 snw9a; /* SNW9A_VERSION */ 94 u32 zuce; /* ZUCE_VERSION */ 95 u32 zuca; /* ZUCA_VERSION */ 96 u32 ccha; /* CCHA_VERSION */ 97 u32 ptha; /* PTHA_VERSION */ 98 u32 rng; /* RNG_VERSION */ 99 u32 trng; /* TRNG_VERSION */ 100 u32 aaha; /* AAHA_VERSION */ 101 u32 rsvd[10]; 102 u32 sr; /* SR_VERSION */ 103 u32 dma; /* DMA_VERSION */ 104 u32 ai; /* AI_VERSION */ 105 u32 qi; /* QI_VERSION */ 106 u32 jr; /* JR_VERSION */ 107 u32 deco; /* DECO_VERSION */ 108 }; 109 110 #define CHA_VER_NUM_MASK 0x000000ff 111 #define CHA_VER_MISC_SHIFT 8 112 #define CHA_VER_MISC_MASK 0x0000ff00 113 #define CHA_VER_REV_SHIFT 16 114 #define CHA_VER_REV_MASK 0x00ff0000 115 #define CHA_VER_VID_SHIFT 24 116 #define CHA_VER_VID_MASK 0xff000000 117 118 typedef struct ccsr_sec { 119 u32 res0; 120 u32 mcfgr; /* Master CFG Register */ 121 u8 res1[0x4]; 122 u32 scfgr; 123 struct { 124 u32 ms; /* Job Ring LIODN Register, MS */ 125 u32 ls; /* Job Ring LIODN Register, LS */ 126 } jrliodnr[4]; 127 u8 res2[0x2c]; 128 u32 jrstartr; /* Job Ring Start Register */ 129 struct { 130 u32 ms; /* RTIC LIODN Register, MS */ 131 u32 ls; /* RTIC LIODN Register, LS */ 132 } rticliodnr[4]; 133 u8 res3[0x1c]; 134 u32 decorr; /* DECO Request Register */ 135 struct { 136 u32 ms; /* DECO LIODN Register, MS */ 137 u32 ls; /* DECO LIODN Register, LS */ 138 } decoliodnr[16]; 139 u32 dar; /* DECO Avail Register */ 140 u32 drr; /* DECO Reset Register */ 141 u8 res5[0x4d8]; 142 struct rng4tst rng; /* RNG Registers */ 143 u8 res6[0x780]; 144 struct version_regs vreg; /* version registers since era 10 */ 145 u8 res7[0xa0]; 146 u32 crnr_ms; /* CHA Revision Number Register, MS */ 147 u32 crnr_ls; /* CHA Revision Number Register, LS */ 148 u32 ctpr_ms; /* Compile Time Parameters Register, MS */ 149 u32 ctpr_ls; /* Compile Time Parameters Register, LS */ 150 u8 res8[0x10]; 151 u32 far_ms; /* Fault Address Register, MS */ 152 u32 far_ls; /* Fault Address Register, LS */ 153 u32 falr; /* Fault Address LIODN Register */ 154 u32 fadr; /* Fault Address Detail Register */ 155 u8 res9[0x4]; 156 u32 csta; /* CAAM Status Register */ 157 u32 smpart; /* Secure Memory Partition Parameters */ 158 u32 smvid; /* Secure Memory Version ID */ 159 u32 rvid; /* Run Time Integrity Checking Version ID Reg.*/ 160 u32 ccbvid; /* CHA Cluster Block Version ID Register */ 161 u32 chavid_ms; /* CHA Version ID Register, MS */ 162 u32 chavid_ls; /* CHA Version ID Register, LS */ 163 u32 chanum_ms; /* CHA Number Register, MS */ 164 u32 chanum_ls; /* CHA Number Register, LS */ 165 u32 secvid_ms; /* SEC Version ID Register, MS */ 166 u32 secvid_ls; /* SEC Version ID Register, LS */ 167 #if defined(CONFIG_FSL_LSCH2) || defined(CONFIG_FSL_LSCH3) 168 u8 res10[0x6f020]; 169 #else 170 u8 res10[0x6020]; 171 #endif 172 u32 qilcr_ms; /* Queue Interface LIODN CFG Register, MS */ 173 u32 qilcr_ls; /* Queue Interface LIODN CFG Register, LS */ 174 #if defined(CONFIG_FSL_LSCH2) || defined(CONFIG_FSL_LSCH3) 175 u8 res11[0x8ffd8]; 176 #else 177 u8 res11[0x8fd8]; 178 #endif 179 } ccsr_sec_t; 180 181 #define SEC_CTPR_MS_AXI_LIODN 0x08000000 182 #define SEC_CTPR_MS_QI 0x02000000 183 #define SEC_CTPR_MS_VIRT_EN_INCL 0x00000001 184 #define SEC_CTPR_MS_VIRT_EN_POR 0x00000002 185 #define SEC_RVID_MA 0x0f000000 186 #define SEC_CHANUM_MS_JRNUM_MASK 0xf0000000 187 #define SEC_CHANUM_MS_JRNUM_SHIFT 28 188 #define SEC_CHANUM_MS_DECONUM_MASK 0x0f000000 189 #define SEC_CHANUM_MS_DECONUM_SHIFT 24 190 #define SEC_SECVID_MS_IPID_MASK 0xffff0000 191 #define SEC_SECVID_MS_IPID_SHIFT 16 192 #define SEC_SECVID_MS_MAJ_REV_MASK 0x0000ff00 193 #define SEC_SECVID_MS_MAJ_REV_SHIFT 8 194 #define SEC_CCBVID_ERA_MASK 0xff000000 195 #define SEC_CCBVID_ERA_SHIFT 24 196 #define SEC_SCFGR_RDBENABLE 0x00000400 197 #define SEC_SCFGR_VIRT_EN 0x00008000 198 #define SEC_CHAVID_LS_RNG_SHIFT 16 199 #define SEC_CHAVID_RNG_LS_MASK 0x000f0000 200 201 struct jr_regs { 202 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 203 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 204 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 205 u32 irba_l; 206 u32 irba_h; 207 #else 208 u32 irba_h; 209 u32 irba_l; 210 #endif 211 u32 rsvd1; 212 u32 irs; 213 u32 rsvd2; 214 u32 irsa; 215 u32 rsvd3; 216 u32 irja; 217 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 218 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 219 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 220 u32 orba_l; 221 u32 orba_h; 222 #else 223 u32 orba_h; 224 u32 orba_l; 225 #endif 226 u32 rsvd4; 227 u32 ors; 228 u32 rsvd5; 229 u32 orjr; 230 u32 rsvd6; 231 u32 orsf; 232 u32 rsvd7; 233 u32 jrsta; 234 u32 rsvd8; 235 u32 jrint; 236 u32 jrcfg0; 237 u32 jrcfg1; 238 u32 rsvd9; 239 u32 irri; 240 u32 rsvd10; 241 u32 orwi; 242 u32 rsvd11; 243 u32 jrcr; 244 }; 245 246 /* 247 * Scatter Gather Entry - Specifies the the Scatter Gather Format 248 * related information 249 */ 250 struct sg_entry { 251 #if defined(CONFIG_SYS_FSL_SEC_LE) && \ 252 !(defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 253 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8)) 254 uint32_t addr_lo; /* Memory Address - lo */ 255 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 256 #else 257 uint32_t addr_hi; /* Memory Address of start of buffer - hi */ 258 uint32_t addr_lo; /* Memory Address - lo */ 259 #endif 260 261 uint32_t len_flag; /* Length of the data in the frame */ 262 #define SG_ENTRY_LENGTH_MASK 0x3FFFFFFF 263 #define SG_ENTRY_EXTENSION_BIT 0x80000000 264 #define SG_ENTRY_FINAL_BIT 0x40000000 265 uint32_t bpid_offset; 266 #define SG_ENTRY_BPID_MASK 0x00FF0000 267 #define SG_ENTRY_BPID_SHIFT 16 268 #define SG_ENTRY_OFFSET_MASK 0x00001FFF 269 #define SG_ENTRY_OFFSET_SHIFT 0 270 }; 271 272 #if defined(CONFIG_MX6) || defined(CONFIG_MX7) || \ 273 defined(CONFIG_MX7ULP) || defined(CONFIG_IMX8M) || defined(CONFIG_IMX8) 274 /* Job Ring Base Address */ 275 #define JR_BASE_ADDR(x) (CFG_SYS_FSL_SEC_ADDR + 0x1000 * (x + 1)) 276 /* Secure Memory Offset varies accross versions */ 277 #define SM_V1_OFFSET 0x0f4 278 #define SM_V2_OFFSET 0xa00 279 /*Secure Memory Versioning */ 280 #define SMVID_V2 0x20105 281 #define SM_VERSION(x) ({typeof(x) _x = x; \ 282 _x < SMVID_V2 ? 1 : (_x < 0x20300 ? 2 : 3); }) 283 #define SM_OFFSET(x) (x == 1 ? SM_V1_OFFSET : SM_V2_OFFSET) 284 /* CAAM Job Ring 0 Registers */ 285 /* Secure Memory Partition Owner register */ 286 #define SMCSJR_PO (3 << 6) 287 /* JR Allocation Error */ 288 #define SMCSJR_AERR (3 << 12) 289 /* Secure memory partition 0 page 0 owner register */ 290 #define CAAM_SMPO_0 (CFG_SYS_FSL_SEC_ADDR + 0x1FBC) 291 /* Secure memory command register */ 292 #define CAAM_SMCJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_CMD(v)) 293 /* Secure memory command status register */ 294 #define CAAM_SMCSJR(v, jr) (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_STATUS(v)) 295 /* Secure memory access permissions register */ 296 #define CAAM_SMAPJR(v, jr, y) \ 297 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_PERM(v) + y * 16) 298 /* Secure memory access group 2 register */ 299 #define CAAM_SMAG2JR(v, jr, y) \ 300 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP2(v) + y * 16) 301 /* Secure memory access group 1 register */ 302 #define CAAM_SMAG1JR(v, jr, y) \ 303 (JR_BASE_ADDR(jr) + SM_OFFSET(v) + SM_GROUP1(v) + y * 16) 304 305 /* Commands and macros for secure memory */ 306 #define SM_CMD(v) (v == 1 ? 0x0 : 0x1E4) 307 #define SM_STATUS(v) (v == 1 ? 0x8 : 0x1EC) 308 #define SM_PERM(v) (v == 1 ? 0x10 : 0x4) 309 #define SM_GROUP2(v) ({typeof(v) _v = v; \ 310 _v == 1 ? 0x14 : (_v == 2 ? 0x8 : 0xC); }) 311 #define SM_GROUP1(v) ({typeof(v) _v = v; \ 312 _v == 1 ? 0x18 : (_v == 2 ? 0xC : 0x8); }) 313 #define CMD_PAGE_ALLOC 0x1 314 #define CMD_PAGE_DEALLOC 0x2 315 #define CMD_PART_DEALLOC 0x3 316 #define CMD_INQUIRY 0x5 317 #define CMD_COMPLETE (3 << 14) 318 #define PAGE_AVAILABLE 0 319 #define PAGE_OWNED (3 << 6) 320 #define PAGE(x) (x << 16) 321 #define PARTITION(x) (x << 8) 322 #define PARTITION_OWNER(x) (0x3 << (x*2)) 323 324 /* Address of secure 4kbyte pages */ 325 #define SEC_MEM_PAGE0 CAAM_ARB_BASE_ADDR 326 #define SEC_MEM_PAGE1 (CAAM_ARB_BASE_ADDR + 0x1000) 327 #define SEC_MEM_PAGE2 (CAAM_ARB_BASE_ADDR + 0x2000) 328 #define SEC_MEM_PAGE3 (CAAM_ARB_BASE_ADDR + 0x3000) 329 330 #ifdef CONFIG_IMX8M 331 #define JR_MID (1) /* Matches ATF configuration */ 332 #define KS_G1 (0x10000 << JR_MID) /* CAAM only */ 333 #define PERM (0xB080) /* CSP, SMAP_LCK, SMAG_LCK, G1_BLOB */ 334 #else 335 #define JR_MID (2) /* Matches ROM configuration */ 336 #define KS_G1 BIT(JR_MID) /* CAAM only */ 337 #define PERM (0xB008) /* CSP, SMAP_LCK, SMAG_LCK, G1_BLOB */ 338 #endif /* CONFIG_IMX8M */ 339 340 /* HAB WRAPPED KEY header */ 341 #define WRP_HDR_SIZE 0x08 342 #define HDR_TAG 0x81 343 #define HDR_PAR 0x41 344 /* HAB WRAPPED KEY Data */ 345 #define HAB_MOD 0x66 346 #define HAB_ALG 0x55 347 #define HAB_FLG 0x00 348 349 /* Partition and Page IDs */ 350 #define PARTITION_1 1 351 #define PAGE_1 1 352 353 #define ERROR_IN_PAGE_ALLOC 1 354 #define ECONSTRJDESC -1 355 356 #endif 357 358 #define FSL_CAAM_MP_PUBK_BYTES 64 359 #define FSL_CAAM_MP_PRVK_BYTES 32 360 #define FSL_CAAM_MP_MES_DGST_BYTES 32 361 362 #define FSL_CAAM_ORSR_JRa_OFFSET 0x102c 363 #define FSL_CAAM_MAX_JR_SIZE 4 364 365 /* blob_dek: 366 * Encapsulates the src in a secure blob and stores it dst 367 * @src: reference to the plaintext 368 * @dst: reference to the output adrress 369 * @len: size in bytes of src 370 * @return: 0 on success, error otherwise 371 */ 372 int blob_dek(const u8 *src, u8 *dst, u8 len); 373 374 int gen_mppubk(u8 *dst); 375 376 int sign_mppubk(const u8 *m, int data_size, u8 *dgst, u8 *c, u8 *d); 377 378 #if defined(CONFIG_ARCH_C29X) 379 int sec_init_idx(uint8_t); 380 #endif 381 int sec_init(void); 382 383 u8 caam_get_era(void); 384 #endif 385 386 #endif /* __FSL_SEC_H */ 387