Commit graph

127 commits

Author SHA1 Message Date
Michael Walle
b980f9e259 crypto/fsl: instantiate the RNG with prediciton resistance
If it is already instantiated tear it down first and then reinstanciate
it again with prediction resistance.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:29 +05:30
Michael Walle
c269a970f2 crypto/fsl: don't regenerate secure keys
The secure keys (TDKEK, JDKEK, TDSK) can only be generated once after a
POR. Otherwise the RNG4 will throw an error.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:29 +05:30
Michael Walle
0dc596127c crypto/fsl: support newer SEC modules
Since Era 10, the version registers changed. Add the version registers
and use them on newer modules.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:29 +05:30
Michael Walle
277405b86c crypto/fsl: export caam_get_era()
We need the era in other modules, too. For example, to get the RNG
version.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:29 +05:30
Michael Walle
9b86bf2d14 crypto/fsl: make SEC%u status line consistent
Align the status line with all the other output in U-Boot.

Before the change:
DDR    3.9 GiB (DDR3, 32-bit, CL=11, ECC on)
SEC0: RNG instantiated
WDT:   Started with servicing (60s timeout)

After the change:
DDR    3.9 GiB (DDR3, 32-bit, CL=11, ECC on)
SEC0:  RNG instantiated
WDT:   Started with servicing (60s timeout)

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:28 +05:30
Heinrich Schuchardt
317fff5909 crypto/fsl: unused value in caam_hash_update()
The value 0 assigned to final is overwritten before ever being used.

Remove the assignment.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:28 +05:30
Heinrich Schuchardt
32e4b65d96 crypto/fsl: correct printf() statement.
The sequence of arguments should match the format string.
For printing unsigned numbers we should use %u.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:28 +05:30
Michael Walle
30325c2c4f crypto/fsl: fix unaligned access
On aarch64 running with dcache off, will result in an unaligned access
exception:

   => dcache off
   => hash sha1 $kernel_addr_r 100
   "Synchronous Abort" handler, esr 0x96000061
   elr: 00000000960317d8 lr : 00000000960316a4 (reloc)
   elr: 00000000fbd787d8 lr : 00000000fbd786a4
   [..]

The compiler emits a "stur x1, [x0, #12]". x1 is might just be 32 bit
aligned pointer. Remove the unused u64 element from the union to drop
the minimal alignment to 32 bit. Also remove the union, because it is
no more needed.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
2020-07-27 14:16:28 +05:30
Jan Kiszka
cf2d07f004 drivers: crypto: mod_exp_sw: Re-add DM_FLAG_PRE_RELOC
This driver is safe to use in SPL without relocation. Denying
DM_FLAG_PRE_RELOC prevents its usability for verifying the main U-Boot
or other artifacts from the SPL unless needless enabling the full driver
set (SPL_OF_PLATDATA).

Fixes: 17e1174085 ("drivers: crypto: rsa_mod_exp: avoid DM_FLAG_PRE_RELOC")
CC: Heinrich Schuchardt <xypron.glpk@gmx.de>
CC: Marek Vasut <marex@denx.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2020-05-19 14:01:47 -04:00
Simon Glass
f7ae49fc4f common: Drop log.h from common header
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:18 -04:00
Simon Glass
90526e9fba common: Drop net.h from common header
Move this header out of the common header. Network support is used in
quite a few places but it still does not warrant blanket inclusion.

Note that this net.h header itself has quite a lot in it. It could be
split into the driver-mode support, functions, structures, checksumming,
etc.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:31 -04:00
Heinrich Schuchardt
17e1174085 drivers: crypto: rsa_mod_exp: avoid DM_FLAG_PRE_RELOC
Function rsa_verify_key() is not called before relocation. So there is no
need to load the UCLASS_MOD_EXP drivers before relocation.

This avoid a failure to boot for pine64-lts_defconfig with CONFIG_RSA=y.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16 08:12:32 +02:00
Heinrich Schuchardt
94a8e83a60 crypto: make mod_exp_sw() static
Function mod_exp_sw() is only used via the operators of the uclass.
It is not defined in any include.

Make mod_exp_sw() static.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-25 12:04:36 -05:00
Simon Glass
1eb69ae498 common: Move ARM cache operations out of common.h
These functions are CPU-related and do not use driver model. Move them to
cpu_func.h

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:24:58 -05:00
Simon Glass
6887c5bed9 common: Move some time functions out of common.h
These functions belong in time.h so move them over and add comments.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:23:11 -05:00
T Karthik Reddy
ef92ed26a5 drivers: crypto: rsa_mod_exp: Add manual relocation for ops->mod_exp()
This patch adds manual relocation for Modular Exponentiation if
CONFIG_NEEDS_MANUAL_RELOC is enabled.

Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2019-10-24 13:37:02 +02:00
Breno Matheus Lima
51f1357f34 Revert "drivers/crypto/fsl: assign job-rings to non-TrustZone"
Commit 22191ac353 ("drivers/crypto/fsl: assign job-rings to
 non-TrustZone") breaks HABv4 encrypted boot support in the
following i.MX devices:

- i.MX6UL
- i.MX7S
- i.MX7D
- i.MX7ULP

For preparing a HABv4 encrypted boot image it's necessary to
encapsulate the generated DEK in a blob. In devices listed
above the blob generation function takes into consideration
the Job Ring TrustZone ownership configuration (JROWN_NS)
and can be only decapsulated by the same configuration.

The ROM code expects DEK blobs encapsulated by the Secure World
environments which commonly have JROWN_NS = 0.

As U-Boot is running in Secure World we must have JROWN_NS = 0
so the blobs generated by dek_blob tool can be decapsulated
by the ROM code.

Job-rings assignment is now handled in OP-TEE OS, this commit can
be safely reverted.
https://github.com/OP-TEE/optee_os/pull/2986

This reverts commit 22191ac353.

Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Acked-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
2019-06-11 10:42:48 +02:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Masahiro Yamada
b08c8c4870 libfdt: move headers to <linux/libfdt.h> and <linux/libfdt_env.h>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.

This commit moves the header code:
  include/libfdt.h         -> include/linux/libfdt.h
  include/libfdt_env.h     -> include/linux/libfdt_env.h

and replaces include directives:
  #include <libfdt.h>      -> #include <linux/libfdt.h>
  #include <libfdt_env.h>  -> #include <linux/libfdt_env.h>

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-03-05 10:16:28 -05:00
Lukas Auer
dfaec76029 crypto/fsl: instantiate all rng state handles
Extend the instantiate_rng() function and the corresponding CAAM job
descriptor to instantiate all RNG state handles. This moves the RNG
instantiation code in line with the CAAM kernel driver.

Previously, only the first state handle was instantiated. The second
one was instantiated by the CAAM kernel driver. This works if the
kernel runs in secure mode, but fails in non-secure mode since the
kernel driver uses DEC0 directly instead of over the job ring
interface. Instantiating all RNG state handles in u-boot removes the
need for using DEC0 in the kernel driver, making it possible to use
the CAAM in non-secure mode.

Signed-off-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Tested-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2018-02-09 08:34:34 -08:00
Bryan O'Donoghue
22191ac353 drivers/crypto/fsl: assign job-rings to non-TrustZone
After enabling TrustZone various parts of the CAAM silicon become
inaccessible to non TrustZone contexts. The job-ring registers are designed
to allow non TrustZone contexts like Linux to still submit jobs to CAAM
even after TrustZone has been enabled.

The default job-ring permissions after the BootROM look like this for
job-ring zero.

ms=0x00008001 ls=0x00008001

The MS field is JRaMIDR_MS (job ring MID most significant).

Referring to "Security Reference Manual for i.MX 7Dual and 7Solo
Applications Processors, Rev. 0, 03/2017" section 8.10.4 we see that
JROWN_NS controls whether or not a job-ring is accessible from non
TrustZone.

Bit 15 (TrustZone) is the logical inverse of bit 3 hence the above value of
0x8001 shows that JROWN_NS=0 and TrustZone=1.

Clearly then as soon as TrustZone becomes active the job-ring registers are
no longer accessible from Linux, which is not what we want.

This patch explicitly sets all job-ring registers to JROWN_NS=1 (non
TrustZone) by default and to the Non-Secure MID 001. Both settings are
required to successfully assign a job-ring to non-secure mode. If a piece
of TrustZone firmware requires ownership of job-ring registers it can unset
the JROWN_NS bit itself.

This patch in conjunction with a modification of the Linux kernel to skip
HWRNG initialisation makes CAAM usable to Linux with TrustZone enabled.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Alex Porosanu <alexandru.porosanu@nxp.com>
Cc: Ruchika Gupta <ruchika.gupta@nxp.com>
Cc: Aneesh Bansal <aneesh.bansal@nxp.com>
Link: https://github.com/OP-TEE/optee_os/issues/1408
Link: https://tinyurl.com/yam5gv9a
Tested-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
2018-02-04 12:14:11 +01:00
Breno Lima
d7af2baa49 crypto/fsl: Fix HW accelerated hash commands
The hash command function were not flushing the dcache before passing data
to CAAM/DMA and not invalidating the dcache when getting data back.

Due the data cache incoherency, HW accelerated hash commands used to fail
with CAAM errors like "Invalid KEY Command".

Check if pbuf and pout buffers are properly aligned to the cache line size
and flush/invalidate the memory regions to address this issue.

This solution is based in a previous work from Clemens Gruber in
commit 598e9dccc7 ("crypto/fsl: fix BLOB encapsulation and
decapsulation")

Reported-by: Anatolij Gustschin <agust@denx.de>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2018-01-23 11:21:20 -08:00
Clemens Gruber
598e9dccc7 crypto/fsl: fix BLOB encapsulation and decapsulation
The blob_encap and blob_decap functions were not flushing the dcache
before passing data to CAAM/DMA and not invalidating the dcache when
getting data back.
Therefore, blob encapsulation and decapsulation failed with errors like
the following due to data cache incoherency:
"40000006: DECO: desc idx 0: Invalid KEY command"

To ensure coherency, we require the key_mod, src and dst buffers to be
aligned to the cache line size and flush/invalidate the memory regions.
The same requirements apply to the job descriptor.

Tested on an i.MX6Q board.

Reviewed-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
2018-01-08 08:26:03 -05:00
Clemens Gruber
4c2cf973aa crypto/fsl: fix obj-yy in Makefile
When enabling CONFIG_CMD_BLOB and/or CONFIG_CMD_DEKBLOB, the build fails
with a linker error:
  ...
  LD      u-boot
arch/arm/mach-imx/built-in.o: In function `blob_encap_dek':
/home/clemens/dev/u-boot/arch/arm/mach-imx/cmd_dek.c:46: undefined
reference to `blob_dek'

This is due to an error in the Makefile, resulting in obj-yy/obj-yn/..
and fsl_blob.o is therefore not linked.

Fix it by splitting it up into two obj-y lines.

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
2017-09-04 09:02:07 -04:00
Simon Glass
551c393446 Convert CONFIG_CMD_HASH to Kconfig
This converts the following to Kconfig:
   CONFIG_CMD_HASH

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework slightly, enable on some boards again]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 12:38:15 -04:00
Tom Rini
089df18bfe lib: move hash CONFIG options to Kconfig
Commit 94e3c8c4fd ("crypto/fsl - Add progressive hashing support
using hardware acceleration.") created entries for CONFIG_SHA1,
CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and CONFIG_SHA_PROG_HW_ACCEL.
However, no defconfig has migrated to it.  Complete the move by first
adding additional logic to various Kconfig files to select this when
required and then use the moveconfig tool.  In many cases we can select
these because they are required to implement other drivers.  We also
correct how we include the various hashing algorithms in SPL.

This commit was generated as follows (after Kconfig additions):

[1] tools/moveconfig.py -y SHA1 SHA256 SHA_HW_ACCEL
[2] tools/moveconfig.py -y SHA_PROG_HW_ACCEL

Note:
We cannot move SHA_HW_ACCEL and SHA_PROG_HW_ACCEL simultaneously
because there is dependency between them.

Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Chander Kashyap <k.chander@samsung.com>
Cc: Steve Rae <steve.rae@raedomain.com>
Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Akshay Saraswat <akshay.s@samsung.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 08:36:58 -04:00
Tom Rini
3c476d841d Merge git://git.denx.de/u-boot-fsl-qoriq 2017-04-18 11:36:06 -04:00
xypron.glpk@gmx.de
d1710561b0 drivers/crypto/fsl: remove redundant logical contraint
'A || (!A && B)' is equivalent to 'A || B'.
Let's reduce the complexity of the statement in start_jr0().

The problem was indicated by cppcheck.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: York Sun <york.sun@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-04-18 10:29:25 -04:00
York Sun
4a3ab19322 armv8: ls2080a: Drop macro CONFIG_LS2080A
Use CONFIG_ARCH_LS2080A instead.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
Ruchika Gupta
511fc86d0b arm: ls1046ardb: Add SD secure boot target
- Add SD secure boot target for ls1046ardb.
- Change the u-boot size defined by a macro for copying the main
  U-Boot by SPL to also include the u-boot Secure Boot header size
  as header is appended to u-boot image. So header will also be
  copied from SD to DDR.
- CONFIG_MAX_SPL_SIZE is limited to 90KB. SPL is copied to OCRAM
  (128K) where 32K are reserved for use by boot ROM and 6K for the
  header.
- Reduce the size of CAAM driver for SPL Blobification functions
  and descriptors, that are not required at the time of SPL are
  disabled. Further error code conversion to strings is disabled
  for SPL build.

Signed-off-by: Vinitha Pillai <vinitha.pillai@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-04-17 09:03:30 -07:00
York Sun
90b80386ff crypto: Move CONFIG_SYS_FSL_SEC_LE and _BE to Kconfig
Use Kconfig option to set little- or big-endian access to secure
boot and trust architecture.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-01-04 19:40:19 -05:00
York Sun
2c2e2c9e14 crypto: Move SYS_FSL_SEC_COMPAT into driver Kconfig
Instead of define CONFIG_SYS_FSL_SEC_COMPAT in header files for PowerPC
and ARM SoCs, move it to Kconfig under the driver.

Signed-off-by: York Sun <york.sun@nxp.com>
2017-01-04 19:40:17 -05:00
York Sun
4fd64746b0 powerpc: C29X: Move CONFIG_PPC_C29X to Kconfig option
Replace CONFIG_PPC_C29X with ARCH_C29X in Kconfig and clean up existing
macros.

Signed-off-by: York Sun <york.sun@nxp.com>
2016-11-23 23:42:04 -08:00
Robert P. J. Day
fc0b5948e0 Various, accumulated typos collected from around the tree.
Fix various misspellings of:

 * deprecated
 * partition
 * preceding,preceded
 * preparation
 * its versus it's
 * export
 * existing
 * scenario
 * redundant
 * remaining
 * value
 * architecture

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Jagan Teki <jteki@openedev.com>
Reviewed-by: Stefan Roese <sr@denx.de>
2016-10-06 20:57:40 -04:00
Masahiro Yamada
5d97dff042 treewide: replace #include <asm-generic/errno.h> with <linux/errno.h>
Now, include/linux/errno.h is a wrapper of <asm-generic/errno.h>.
Replace all include directives for <asm-generic/errno.h> with
<linux/errno.h>.

<asm-generic/...> is supposed to be included from <asm/...> when
arch-headers fall back into generic implementation. Generally, they
should not be directly included from .c files.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
[trini: Add drivers/usb/host/xhci-rockchip.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
2016-09-23 22:25:27 -04:00
Masahiro Yamada
1221ce459d treewide: replace #include <asm/errno.h> with <linux/errno.h>
Now, arch/${ARCH}/include/asm/errno.h and include/linux/errno.h have
the same content.  (both just wrap <asm-generic/errno.h>)

Replace all include directives for <asm/errno.h> with <linux/errno.h>.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
[trini: Fixup include/clk.]
Signed-off-by: Tom Rini <trini@konsulko.com>
2016-09-23 17:55:42 -04:00
Sumit Garg
7fe1d6a410 crypto/fsl: Update blob cmd to accept 64bit addresses
Update blob cmd to accept 64bit source, key modifier and destination
addresses. Also correct output result print format for fsl specific
implementation of blob cmd.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-08-02 09:45:39 -07:00
Sumit Garg
7f0a0e4c58 DM: crypto/fsl: Enable rsa DM driver usage before relocation
Enable rsa signature verification in SPL framework before relocation for
verification of main u-boot.

Reviewed-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-26 09:01:21 -07:00
Sumit Garg
8f01397ba7 powerpc/mpc85xx: SECURE BOOT- Enable chain of trust in SPL
As part of Chain of Trust for Secure boot, the SPL U-Boot will validate
the next level U-boot image. Add a new function spl_validate_uboot to
perform the validation.

Enable hardware crypto operations in SPL using SEC block.
In case of Secure Boot, PAMU is not bypassed. For allowing SEC block
access to CPC configured as SRAM, configure PAMU.

Reviewed-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-07-21 11:09:23 -07:00
Robert P. J. Day
62a3b7dd08 Various, unrelated tree-wide typo fixes.
Fix a number of typos, including:

     * "compatble" -> "compatible"
     * "eanbeld" -> "enabled"
     * "envrionment" -> "environment"
     * "FTD" -> "FDT" (for "flattened device tree")
     * "ommitted" -> "omitted"
     * "overriden" -> "overridden"
     * "partiton" -> "partition"
     * "propogate" -> "propagate"
     * "resourse" -> "resource"
     * "rest in piece" -> "rest in peace"
     * "suport" -> "support"
     * "varible" -> "variable"

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
2016-07-16 09:43:12 -04:00
Teddy Reed
51c14cd128 verified-boot: Minimal support for booting U-Boot proper from SPL
This allows a board to configure verified boot within the SPL using
a FIT or FIT with external data. It also allows the SPL to perform
signature verification without needing relocation.

The board configuration will need to add the following feature defines:
CONFIG_SPL_CRYPTO_SUPPORT
CONFIG_SPL_HASH_SUPPORT
CONFIG_SPL_SHA256

In this example, SHA256 is the only selected hashing algorithm.

And the following booleans:
CONFIG_SPL=y
CONFIG_SPL_DM=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SPL_FIT=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_SPL_OF_LIBFDT=y
CONFIG_SPL_FIT_SIGNATURE=y

Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Acked-by: Sumit Garg <sumit.garg@nxp.com>
2016-06-12 13:14:58 -04:00
Alex Porosanu
76394c9c91 crypto/fsl: add support for multiple SEC engines initialization
For SoCs that contain multiple SEC engines, each of them needs
to be initialized (by means of initializing among others the
random number generator).

Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-05-18 08:51:46 -07:00
York Sun
3c1d218a1d armv8: LS2080A: Consolidate LS2080A and LS2085A
LS2080A is the primary SoC, and LS2085A is a personality with AIOP
and DPAA DDR. The RDB and QDS boards support both personality. By
detecting the SVR at runtime, a single image per board can support
both SoCs. It gives users flexibility to swtich SoC without the need
to reprogram the board.

Signed-off-by: York Sun <york.sun@nxp.com>
CC: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
2016-04-06 10:26:46 -07:00
Saksham Jain
8a6f83dcb8 crypto/fsl: Make CAAM transactions cacheable
This commit solves CAAM coherency issue on ls2080. When caches are
enabled and CAAM's DMA's AXI transcations are not made cacheable,
Core reads/writes data from/to caches and CAAM does from main memory.
This forces data flushes to synchronize various data structures. But
even if any data in proximity of these structures is read by core,
these structures again are fetched in caches.

To avoid this problem, either all the data that CAAM accesses can be
made cache line aligned or CAAM transcations can be made cacheable.

So, this commit makes CAAM transcations as write back with write and
read allocate.

Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:22 -07:00
Saksham Jain
69b6a796f7 crypto/fsl: Correct 64-bit write when MMU disabled
When MMU is disabled, 64-bit write must be aligned at 64-bit
boundary. Becaue the memory location is not guaranteed to be 64-bit
aligned, the 64-bit write needs to be split into two 32-bit writes
to avoid the alignment exception.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Signed-off-by: Saksham Jain <saksham.jain@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-29 08:46:22 -07:00
Aneesh Bansal
c4cbd7137d drivers/crypto/fsl: define structures for PDB
Structures are defined for PDB (Protocol Data Blcks) for various
operations. These structure will be used to add PDB data while
creating the PDB descriptors.

Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
CC: Ulises Cardenas <raul.casas@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-21 12:42:11 -07:00
Aneesh Bansal
2959037077 drivers/crypto/fsl: add constructs for protocol descriptors
Construct APIs are added to create Protocol Descriptors for
CAAM block.

Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
CC: Ulises Cardenas <raul.casas@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-21 12:42:11 -07:00
Aneesh Bansal
6178e95978 drivers/crypto/fsl: correct error checking in run_descriptor
When CAAM runs a descriptor and an error occurs, a non-zero
value is set in Output Status Register. The if condition should
check the status for a non-zero value.

Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-03-21 12:42:11 -07:00
Aneesh Bansal
f698e9f39a powerpc/SECURE_BOOT: Add PAMU driver
PAMU driver basic support for usage in Secure Boot.
In secure boot PAMU is not in bypass mode. Hence to use
any peripheral (SEC Job ring in our case), PAMU has to be
configured.

The patch reverts commit 7cad2e38d6.

The Header file pamu.h and few functions in driver have been derived
from Freescale Libos.

Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Aneesh Bansal <aneesh.bansal@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-02-24 08:40:55 -08:00
Ruchika Gupta
7f4736bd65 drivers/crypto/fsl : Allocate output ring with size aligned to CACHELNE SIZE
The output ring needs to be invalidated before enqueuing the job to SEC.
While allocation of space to output ring, it should be taken care that the
size is cacheline size aligned inorder to prevent invalidating valid data.

The patch also correct the method of aligning end of structs while flushing caches

    Since start = align(start_of_struct), it is incorrect to assign
    end = align(start + struct_size). It should instead be,
    end = align(start_of_struct + struct_size).

Signed-off-by: Saksham Jain <saksham@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2016-02-24 08:40:55 -08:00
Ulises Cardenas
f91e65a74e imx: Refactoring CAAM Job Ring structure and Secure Memory for imx7
Refactored data structure for CAAM's job ring and Secure Memory
to support i.MX7.

The new memory map use macros to resolve SM's offset by version.
This will solve the versioning issue caused by the new version of
secure memory of i.MX7

Signed-off-by: Ulises Cardenas <raul.casas@nxp.com>
Reviewed-by: Stefano Babic <sbabic@denx.de>
2016-02-21 11:20:54 +01:00
Aneesh Bansal
3a4800a596 drivers/crypto/fsl: fix endianness issue in RNG
For Setting and clearing the bits in SEC Block registers
sec_clrbits32() and sec_setbits32() are used which work as
per endianness of CAAM block.
So these must be used with SEC register address as argument.
If the value is read in a local variable, then the functions
will not behave correctly where endianness of CAAM and core is
different.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
CC: Alex Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-12-15 08:57:35 +08:00
Aneesh Bansal
f59e69cbd3 crypto/fsl: SEC driver cleanup for 64 bit and endianness
The SEC driver code has been cleaned up to work for 64 bit
physical addresses and systems where endianess of SEC block
is different from the Core.
Changes:
1. Descriptor created on Core is modified as per SEC block
   endianness before the job is submitted.
2. The read/write of physical addresses to Job Rings will
   be depend on endianness of SEC block as 32 bit low and
   high part of the 64 bit address will vary.
3. The 32 bit low and high part of the 64 bit address in
   descriptor will vary depending on endianness of SEC.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-10-29 10:33:57 -07:00
Ruchika Gupta
057c220055 Correct License and Copyright information on few files
gpio.h - Added missing copyright in few files.
rsa-mod-exp.h - Corrected copyright in the file.
fsl_sec.h - Added missing license in files
drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
2015-08-12 20:47:46 -04:00
Masahiro Yamada
0b11dbf705 drivers: hierarchize drivers Kconfig menu
The menuconfig for drivers are getting more and more cluttered
and unreadable because too many entries are displayed in a single
flat menu.  Use hierarchic menu for each category.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Update to apply again in a few places, drop USB hunk]
Signed-off-by: Tom Rini <trini@konsulko.com>
2015-08-12 20:47:44 -04:00
horia.geanta@freescale.com
14d5547cf1 drivers/crypto/fsl: clean-up - use fdt_setprop_u32 helper
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-08-03 12:06:38 -07:00
horia.geanta@freescale.com
3ef2412de6 drivers/crypto/fsl: fix snooping for write transactions
HW coherency won't work properly for CAAM write transactions
if AWCACHE is left to default (POR) value - 4'b0001.
It has to be programmed to 4'b0010.

For platforms that have HW coherency support:
-PPC-based: the update has no effect; CAAM coherency already works
due to the IOMMU (PAMU) driver setting the correct memory coherency
attributes
-ARM-based: the update fixes cache coherency issues,
since IOMMU (SMMU) driver is not programmed to behave similar to PAMU

Fixes: b9eebfade9 ("fsl_sec: Add hardware accelerated SHA256 and SHA1")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-08-03 12:06:38 -07:00
horia.geanta@freescale.com
e5d08b4d60 drivers/crypto/fsl: fix "era" property value on LE platforms
Use fdt_setprop_u32() instead of fdt_setprop().

Fixes: 0181937fa3 ("crypto/fsl: Add fixup for crypto node")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-08-03 12:06:38 -07:00
Alex Porosanu
c406551736 drivers/crypto/fsl: enable raw data instead of von Neumann data
The sampling of the oscillator can be done in multiple modes for
generating the entropy value. By default, this is set to von
Neumann. This patch changes the sampling to raw data, since it
has been discovered that the generated entropy has a better
'quality'.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-08-03 12:06:37 -07:00
Alex Porosanu
026a3f1b7c drivers/crypto/fsl: disable RNG oscillator maximum frequency check
The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the
oscillator, when SEC runs at its maximum frequency. For certain platforms
(f.i. T2080), the oscillator is very fast and thus if the SEC runs at
a lower than normal frequency, the ring oscillator is incorrectly detected
as being out of bounds.

This patch effectively disables the maximum frequency check, by setting a
high enough maximum allowable frequency for the oscillator. The reasoning
behind this is that usually a broken oscillator will run too slow
(i.e. not run at all) rather than run too fast.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-08-03 12:06:37 -07:00
Tom Rini
1c6f6a6ef9 Merge branch 'master' of git://git.denx.de/u-boot-mpc85xx 2015-03-05 20:50:30 -05:00
gaurav rana
ccf288612f rsa : Compile Modular Exponentiation files based on CONFIG_RSA_SOFTWARE_EXP
Remove dependency of rsa_mod_exp from CONFIG_FIT_SIGNATURE.
As rsa modular exponentiation is an independent module
and can be invoked independently.

Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Acked-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-03-05 12:04:59 -08:00
Raul Cardenas
0200020bc2 imx6: Added DEK blob generator command
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.

During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process,  is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.

Commands added
--------------
  dek_blob - encapsulating DEK as a cryptgraphic blob

Commands Syntax
---------------
  dek_blob src dst len

    Encapsulate and create blob of a len-bits DEK at
    address src and store the result at address dst.

Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Nitin Garg <nitin.garg@freescale.com>

Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com>

Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
2015-03-02 09:57:06 +01:00
gaurav rana
94e3c8c4fd crypto/fsl - Add progressive hashing support using hardware acceleration.
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-02-25 13:20:02 -08:00
gaurav rana
7ee8c4795d crypto/fsl: Make function names consistent for blob encapsulation/decapsulation.
This patch does the following:

1. The function names for encapsulation and decapsulation
were inconsitent in freescale's implementation and cmd_blob file.
This patch corrects the issues.
2. The function protopye is also modified to change the length parameter
from u8 to u32 to allow encapsulation and decapsulation of larger images.
3. Modified the description of km paramter in the command usage for better
readability.

Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2015-02-25 13:19:48 -08:00
Ruchika Gupta
34276478f7 DM: crypto/fsl - Add Freescale rsa DM driver
Driver added for RSA Modular Exponentiation using Freescale Hardware
Accelerator CAAM. The driver uses UCLASS_MOD_EXP

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2015-01-29 17:09:58 -07:00
Ruchika Gupta
31d2b4fd90 DM: crypto/rsa_mod_exp: Add rsa Modular Exponentiation DM driver
Add a new rsa uclass for performing modular exponentiation and implement
the software driver basing on this uclass.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2015-01-29 17:09:58 -07:00
Ruchika Gupta
0181937fa3 crypto/fsl: Add fixup for crypto node
Era property is added in the crypto node in device tree.
Move the code to do so from arch/powerpc/mpc8xxx/fdt.c to
drivers/sec/sec.c so that it can be used across arm and
powerpc platforms having crypto node.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
[York Sun: Fix commit message indentation]
Reviewed-by: York Sun <yorksun@freescale.com>
2015-01-23 22:29:14 -06:00
gaurav rana
851c9dbad2 crypto/fsl: Fix RNG instantiation failure.
Corrected the order of arguments in memset in run_descriptor
function. Wrong order of argumnets led to improper initialization
of members of struct type result. This resulted in RNG instantiation
error.

Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2014-12-15 09:16:26 -08:00
Ruchika Gupta
c5de15cbc8 crypto/fsl: Add command for encapsulating/decapsulating blobs
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.

Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.

During decapsulation, the reverse process is performed to get back
the original data.

Commands added
--------------
    blob enc - encapsulating data as a cryptgraphic blob
    blob dec - decapsulating cryptgraphic blob to get the data

Commands Syntax
---------------
	blob enc src dst len km

	Encapsulate and create blob of data $len bytes long
	at address $src and store the result at address $dst.
	$km is the 16 byte key modifier is also required for
	generation/use as key for cryptographic operation. Key
	modifier should be 16 byte long.

	blob dec src dst len km

	Decapsulate the  blob of data at address $src and
	store result of $len byte at addr $dst.
	$km is the 16 byte key modifier is also required for
	generation/use as key for cryptographic operation. Key
	modifier should be 16 byte long.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2014-10-16 14:20:40 -07:00
Ruchika Gupta
b9eebfade9 fsl_sec: Add hardware accelerated SHA256 and SHA1
SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to
enable initialization of this hardware IP.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
2014-10-16 14:17:07 -07:00
Masahiro Yamada
ed36323f6d kconfig: add blank Kconfig files
This would be useful to start moving various config options.

Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
2014-09-24 18:30:28 -04:00
Jeroen Hofstee
2b9912e6a7 includes: move openssl headers to include/u-boot
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.

cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
2014-06-19 11:19:04 -04:00
Przemyslaw Marczak
0bd937248a drivers: crypto: ace_sha: add implementation of hardware based lib rand
This patch adds implementation of rand library based on hardware random
number generator of security subsystem in Exynos SOC.

This library includes:
- srand()  - used for seed hardware block
- rand()   - returns random number
- rand_r() - the same as above with given seed

which depends on CONFIG_EXYNOS_ACE_SHA and CONFIG_LIB_HW_RAND.

Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
cc: Akshay Saraswat <akshay.s@samsung.com>
cc: ARUN MANKUZHI <arun.m@samsung.com>
cc: Minkyu Kang <mk7.kang@samsung.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Tom Rini <trini@ti.com>
Cc: Masahiro Yamada <yamada.m@jp.panasonic.com>
2014-03-28 15:06:31 -04:00
Masahiro Yamada
710f1d3d5f drivers: convert makefiles to Kbuild style
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
2013-10-31 13:26:01 -04:00
Wolfgang Denk
1a4596601f Add GPL-2.0+ SPDX-License-Identifier to source files
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
2013-07-24 09:44:38 -04:00
Akshay Saraswat
acbb1eb772 Exynos: Add hardware accelerated SHA256 and SHA1
SHA-256 and SHA-1 accelerated using ACE hardware.

Signed-off-by: ARUN MANKUZHI <arun.m@samsung.com>
Signed-off-by: Akshay Saraswat <akshay.s@samsung.com>
Acked-by: Simon Glass <sjg@chromium.org>
2013-03-29 20:10:42 +09:00