[PATCH v10 3/7] crypto: caam - determine whether CAAM supports blob encap/decap
Ahmad Fatoum
a.fatoum at pengutronix.de
Fri May 13 14:57:01 UTC 2022
Depending on SoC variant, a CAAM may be available, but with some futures
fused out. The LS1028A (non-E) SoC is one such SoC and while it
indicates BLOB support, BLOB operations will ultimately fail, because
there is no AES support. Add a new blob_present member to reflect
whether both BLOB support and the AES support it depends on is
available.
These will be used in a follow-up commit to allow blob driver
initialization to error out on SoCs without the necessary hardware
support instead of failing at runtime with a cryptic
caam_jr 8020000.jr: 20000b0f: CCB: desc idx 11: : Invalid CHA selected.
Co-developed-by: Michael Walle <michael at walle.cc>
Signed-off-by: Michael Walle <michael at walle.cc>
Tested-by: Michael Walle <michael at walle.cc> # on ls1028a (non-E and E)
Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
v9 -> v10:
- added Michael's Tested-by
- Check for AES support on CAAM era < 10, as LS1046A/LSA1012A have
such CAAMs, which can be partially disabled.
v8 -> v9:
- New patch
To: "Horia Geantă" <horia.geanta at nxp.com>
To: Pankaj Gupta <pankaj.gupta at nxp.com>
To: Herbert Xu <herbert at gondor.apana.org.au>
To: "David S. Miller" <davem at davemloft.net>
Cc: James Bottomley <jejb at linux.ibm.com>
Cc: Jarkko Sakkinen <jarkko at kernel.org>
Cc: Mimi Zohar <zohar at linux.ibm.com>
Cc: David Howells <dhowells at redhat.com>
Cc: James Morris <jmorris at namei.org>
Cc: Eric Biggers <ebiggers at kernel.org>
Cc: "Serge E. Hallyn" <serge at hallyn.com>
Cc: Jan Luebbe <j.luebbe at pengutronix.de>
Cc: David Gstir <david at sigma-star.at>
Cc: Richard Weinberger <richard at nod.at>
Cc: Franck LENORMAND <franck.lenormand at nxp.com>
Cc: Matthias Schiffer <matthias.schiffer at ew.tq-group.com>
Cc: Sumit Garg <sumit.garg at linaro.org>
Cc: Michael Walle <michael at walle.cc>
Cc: John Ernberg <john.ernberg at actia.se>
Cc: linux-integrity at vger.kernel.org
Cc: keyrings at vger.kernel.org
Cc: linux-crypto at vger.kernel.org
Cc: linux-kernel at vger.kernel.org
Cc: linux-security-module at vger.kernel.org
---
drivers/crypto/caam/ctrl.c | 17 +++++++++++++++--
drivers/crypto/caam/intern.h | 1 +
drivers/crypto/caam/regs.h | 4 +++-
3 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/caam/ctrl.c b/drivers/crypto/caam/ctrl.c
index ca0361b2dbb0..38c4d88a9d03 100644
--- a/drivers/crypto/caam/ctrl.c
+++ b/drivers/crypto/caam/ctrl.c
@@ -820,12 +820,25 @@ static int caam_probe(struct platform_device *pdev)
return -ENOMEM;
}
- if (ctrlpriv->era < 10)
+ comp_params = rd_reg32(&ctrl->perfmon.comp_parms_ls);
+ ctrlpriv->blob_present = !!(comp_params & CTPR_LS_BLOB);
+
+ /*
+ * Some SoCs like the LS1028A (non-E) indicate CTPR_LS_BLOB support,
+ * but fail when actually using it due to missing AES support, so
+ * check both here.
+ */
+ if (ctrlpriv->era < 10) {
rng_vid = (rd_reg32(&ctrl->perfmon.cha_id_ls) &
CHA_ID_LS_RNG_MASK) >> CHA_ID_LS_RNG_SHIFT;
- else
+ ctrlpriv->blob_present = ctrlpriv->blob_present &&
+ (rd_reg32(&ctrl->perfmon.cha_num_ls) & CHA_ID_LS_AES_MASK);
+ } else {
rng_vid = (rd_reg32(&ctrl->vreg.rng) & CHA_VER_VID_MASK) >>
CHA_VER_VID_SHIFT;
+ ctrlpriv->blob_present = ctrlpriv->blob_present &&
+ (rd_reg32(&ctrl->vreg.aesa) & CHA_VER_MISC_AES_NUM_MASK);
+ }
/*
* If SEC has RNG version >= 4 and RNG state handle has not been
diff --git a/drivers/crypto/caam/intern.h b/drivers/crypto/caam/intern.h
index 7d45b21bd55a..e92210e2ab76 100644
--- a/drivers/crypto/caam/intern.h
+++ b/drivers/crypto/caam/intern.h
@@ -92,6 +92,7 @@ struct caam_drv_private {
*/
u8 total_jobrs; /* Total Job Rings in device */
u8 qi_present; /* Nonzero if QI present in device */
+ u8 blob_present; /* Nonzero if BLOB support present in device */
u8 mc_en; /* Nonzero if MC f/w is active */
int secvio_irq; /* Security violation interrupt number */
int virt_en; /* Virtualization enabled in CAAM */
diff --git a/drivers/crypto/caam/regs.h b/drivers/crypto/caam/regs.h
index 3738625c0250..66d6dad841bb 100644
--- a/drivers/crypto/caam/regs.h
+++ b/drivers/crypto/caam/regs.h
@@ -320,7 +320,8 @@ struct version_regs {
#define CHA_VER_VID_MASK (0xffull << CHA_VER_VID_SHIFT)
/* CHA Miscellaneous Information - AESA_MISC specific */
-#define CHA_VER_MISC_AES_GCM BIT(1 + CHA_VER_MISC_SHIFT)
+#define CHA_VER_MISC_AES_NUM_MASK GENMASK(7, 0)
+#define CHA_VER_MISC_AES_GCM BIT(1 + CHA_VER_MISC_SHIFT)
/* CHA Miscellaneous Information - PKHA_MISC specific */
#define CHA_VER_MISC_PKHA_NO_CRYPT BIT(7 + CHA_VER_MISC_SHIFT)
@@ -414,6 +415,7 @@ struct caam_perfmon {
#define CTPR_MS_PG_SZ_MASK 0x10
#define CTPR_MS_PG_SZ_SHIFT 4
u32 comp_parms_ms; /* CTPR - Compile Parameters Register */
+#define CTPR_LS_BLOB BIT(1)
u32 comp_parms_ls; /* CTPR - Compile Parameters Register */
u64 rsvd1[2];
--
2.30.2
More information about the Linux-security-module-archive
mailing list