From 337bc26f05e85bf06647a17bad9485a3428c9a2b Mon Sep 17 00:00:00 2001 From: Jim Liu Date: Tue, 17 Jan 2023 16:59:23 +0800 Subject: [PATCH] arm: npcm8xx: add security feature header The NPCM driver can use on npcm7xx/npcm8xx so add npcm8xx header for driver. Signed-off-by: Jim Liu --- arch/arm/include/asm/arch-npcm8xx/aes.h | 53 ++++++++++++++ arch/arm/include/asm/arch-npcm8xx/otp.h | 93 +++++++++++++++++++++++++ arch/arm/include/asm/arch-npcm8xx/rng.h | 43 ++++++++++++ arch/arm/include/asm/arch-npcm8xx/sha.h | 34 +++++++++ 4 files changed, 223 insertions(+) create mode 100644 arch/arm/include/asm/arch-npcm8xx/aes.h create mode 100644 arch/arm/include/asm/arch-npcm8xx/otp.h create mode 100644 arch/arm/include/asm/arch-npcm8xx/rng.h create mode 100644 arch/arm/include/asm/arch-npcm8xx/sha.h diff --git a/arch/arm/include/asm/arch-npcm8xx/aes.h b/arch/arm/include/asm/arch-npcm8xx/aes.h new file mode 100644 index 0000000000..255efcb5ce --- /dev/null +++ b/arch/arm/include/asm/arch-npcm8xx/aes.h @@ -0,0 +1,53 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ + +#ifndef _NPCM_AES_H_ +#define _NPCM_AES_H_ + +#define AES_OP_ENCRYPT 0 +#define AES_OP_DECRYPT 1 +#define SIZE_AES_BLOCK (AES128_KEY_LENGTH) + +struct npcm_aes_regs { + unsigned char reserved_0[0x400]; // 0x000 + unsigned int aes_key_0; // 0x400 + unsigned int aes_key_1; // 0x404 + unsigned int aes_key_2; // 0x408 + unsigned int aes_key_3; // 0x40c + unsigned char reserved_1[0x30]; // 0x410 + unsigned int aes_iv_0; // 0x440 + unsigned char reserved_2[0x1c]; // 0x444 + unsigned int aes_ctr_0; // 0x460 + unsigned char reserved_3[0x0c]; // 0x464 + unsigned int aes_busy; // 0x470 + unsigned char reserved_4[0x04]; // 0x474 + unsigned int aes_sk; // 0x478 + unsigned char reserved_5[0x14]; // 0x47c + unsigned int aes_prev_iv_0; // 0x490 + unsigned char reserved_6[0x0c]; // 0x494 + unsigned int aes_din_dout; // 0x4a0 + unsigned char reserved_7[0x1c]; // 0x4a4 + unsigned int aes_control; // 0x4c0 + unsigned int aes_version; // 0x4c4 + unsigned int aes_hw_flags; // 0x4c8 + unsigned char reserved_8[0x28]; // 0x4cc + unsigned int aes_sw_reset; // 0x4f4 + unsigned char reserved_9[0x08]; // 0x4f8 + unsigned int aes_fifo_data; // 0x500 + unsigned char reserved_10[0xfc]; // 0x504 + unsigned int aes_fifo_status; // 0x600 +}; + +#define AES_BUSY_BIT BIT(0) +#define SW_RESET_BIT BIT(0) +#define AES_SK_BIT BIT(0) + +#define DIN_FIFO_FULL BIT(0) +#define DIN_FIFO_EMPTY BIT(1) +#define DOUT_FIFO_FULL BIT(2) +#define DOUT_FIFO_EMPTY BIT(3) +#define DIN_FIFO_OVERFLOW BIT(4) +#define DOUT_FIFO_UNDERFLOW BIT(5) + +int npcm_aes_select_key(u8 fkeyind); + +#endif diff --git a/arch/arm/include/asm/arch-npcm8xx/otp.h b/arch/arm/include/asm/arch-npcm8xx/otp.h new file mode 100644 index 0000000000..c8d50fb0ad --- /dev/null +++ b/arch/arm/include/asm/arch-npcm8xx/otp.h @@ -0,0 +1,93 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ + +#ifndef _NPCM_OTP_H_ +#define _NPCM_OTP_H_ + +#ifdef CONFIG_ARCH_NPCM8XX +enum { + NPCM_KEY_SA = 0, + NPCM_FUSE_SA = 0, + NPCM_NUM_OF_SA = 1 +}; +#else +enum { + NPCM_KEY_SA = 0, + NPCM_FUSE_SA = 1, + NPCM_NUM_OF_SA = 2 +}; +#endif + +/* arrray images in flash, to program during fisrt boot (offsets in sector) */ +#define SA_KEYS_FLASH_IMAGE_OFFSET (0x000) +#define SA_FUSE_FLASH_IMAGE_OFFSET (0x400) +#define SA_TAG_FLASH_IMAGE_OFFSET (0x800) +/* F U S E I M G S */ +#define SA_TAG_FLASH_IMAGE_VAL {0x46, 0x55, 0x53, 0x45, 0x49, 0x4d, 0x47, 0x53} +#define SA_TAG_FLASH_IMAGE_SIZE (8) + +#define SA_FUSE_FUSTRAP_OFFSET (0x00) +#define SA_FUSE_FUSTRAP_OSECBOOT_MASK (0x00800000) + +struct npcm_otp_regs { + unsigned int fst; + unsigned int faddr; + unsigned int fdata; + unsigned int fcfg; + unsigned int fustrap_fkeyind; + unsigned int fctl; +}; + +#define FST_RDY BIT(0) +#define FST_RDST BIT(1) +#define FST_RIEN BIT(2) + +#ifdef CONFIG_ARCH_NPCM8XX +#define FADDR_BYTEADDR(addr) ((addr) << 3) +#define FADDR_BITPOS(pos) ((pos) << 0) +#define FADDR_VAL(addr, pos) (FADDR_BITPOS(pos) | FADDR_BYTEADDR(addr)) +#define FADDR_IN_PROG BIT(16) +#else +#define FADDR_BYTEADDR(addr) ((addr) << 0) +#define FADDR_BITPOS(pos) ((pos) << 10) +#define FADDR_VAL(addr, pos) (FADDR_BYTEADDR(addr) | FADDR_BITPOS(pos)) +#endif + +#define FDATA_MASK (0xff) + +#define FUSTRAP_O_SECBOOT BIT(23) +#define FCFG_FDIS BIT(31) +#define FKEYIND_KVAL BIT(0) +#define FKEYIND_KSIZE_MASK (0x00000070) +#define FKEYIND_KSIZE_128 (0x4 << 4) +#define FKEYIND_KSIZE_192 (0x5 << 4) +#define FKEYIND_KSIZE_256 (0x6 << 4) +#define FKEYIND_KIND_MASK (0x000c0000) +#define FKEYIND_KIND_KEY(indx) ((indx) << 18) + +/* Program cycle initiation values (sequence of two adjacent writes) */ +#define PROGRAM_ARM 0x1 +#define PROGRAM_INIT 0xBF79E5D0 + +/* Read cycle initiation value */ +#define READ_INIT 0x02 + +/* Value to clean FDATA contents */ +#define FDATA_CLEAN_VALUE 0x01 + +#ifdef CONFIG_ARCH_NPCM8XX +#define NPCM_OTP_ARR_BYTE_SIZE 8192 +#else +#define NPCM_OTP_ARR_BYTE_SIZE 1024 +#endif + +#define MIN_PROGRAM_PULSES 4 +#define MAX_PROGRAM_PULSES 20 + +int fuse_prog_image(u32 bank, uintptr_t address); +int fuse_program_data(u32 bank, u32 word, u8 *data, u32 size); +int npcm_otp_select_key(u8 key_index); +bool npcm_otp_is_fuse_array_disabled(u32 arr); +void npcm_otp_nibble_parity_ecc_encode(u8 *datain, u8 *dataout, u32 size); +void npcm_otp_majority_rule_ecc_encode(u8 *datain, u8 *dataout, u32 size); + +#endif diff --git a/arch/arm/include/asm/arch-npcm8xx/rng.h b/arch/arm/include/asm/arch-npcm8xx/rng.h new file mode 100644 index 0000000000..897e8fea82 --- /dev/null +++ b/arch/arm/include/asm/arch-npcm8xx/rng.h @@ -0,0 +1,43 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ + +#ifndef _NPCM_RNG_H_ +#define _NPCM_RNG_H_ + +struct npcm_rng_regs { + unsigned int rngcs; + unsigned int rngd; + unsigned int rngmode; +}; + +#define RNGCS_RNGE (1 << 0) +#define RNGCS_DVALID (1 << 1) +#define RNGCS_CLKP(range) ((0x0f & (range)) << 2) +#define RNGMODE_M1ROSEL_VAL (0x02) /* Ring Oscillator Select for Method I */ + +/*----------------------------------------------------------------------------*/ +/* Core Domain Clock Frequency Range for the selected value is higher */ +/* than or equal to the actual Core domain clock frequency */ +/*----------------------------------------------------------------------------*/ +enum { + RNG_CLKP_80_100_MHZ = 0x00, /*default */ + RNG_CLKP_60_80_MHZ = 0x01, + RNG_CLKP_50_60_MHZ = 0x02, + RNG_CLKP_40_50_MHZ = 0x03, + RNG_CLKP_30_40_MHZ = 0x04, + RNG_CLKP_25_30_MHZ = 0x05, + RNG_CLKP_20_25_MHZ = 0x06, + RNG_CLKP_5_20_MHZ = 0x07, + RNG_CLKP_2_15_MHZ = 0x08, + RNG_CLKP_9_12_MHZ = 0x09, + RNG_CLKP_7_9_MHZ = 0x0A, + RNG_CLKP_6_7_MHZ = 0x0B, + RNG_CLKP_5_6_MHZ = 0x0C, + RNG_CLKP_4_5_MHZ = 0x0D, + RNG_CLKP_3_4_MHZ = 0x0E, + RNG_NUM_OF_CLKP +}; + +void npcm_rng_init(void); +void npcm_rng_disable(void); + +#endif diff --git a/arch/arm/include/asm/arch-npcm8xx/sha.h b/arch/arm/include/asm/arch-npcm8xx/sha.h new file mode 100644 index 0000000000..ec0ec9ce1f --- /dev/null +++ b/arch/arm/include/asm/arch-npcm8xx/sha.h @@ -0,0 +1,34 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ + +#ifndef _NPCM_SHA_H_ +#define _NPCM_SHA_H_ + +#define HASH_DIG_H_NUM 8 + +/* SHA type */ +enum npcm_sha_type { + npcm_sha_type_sha2 = 0, + npcm_sha_type_sha1, + npcm_sha_type_num +}; + +struct npcm_sha_regs { + unsigned int hash_data_in; + unsigned char hash_ctr_sts; + unsigned char reserved_0[0x03]; + unsigned char hash_cfg; + unsigned char reserved_1[0x03]; + unsigned char hash_ver; + unsigned char reserved_2[0x13]; + unsigned int hash_dig[HASH_DIG_H_NUM]; +}; + +#define HASH_CTR_STS_SHA_EN BIT(0) +#define HASH_CTR_STS_SHA_BUSY BIT(1) +#define HASH_CTR_STS_SHA_RST BIT(2) +#define HASH_CFG_SHA1_SHA2 BIT(0) + +int npcm_sha_calc(u8 type, const u8 *buf, u32 len, u8 *digest); +int npcm_sha_selftest(u8 type); + +#endif -- 2.39.5