feat(intel): support FCS commands with SiPSVC V3 framework
Support all the FCS(FPGA Crypto Service) commands with
SiPSVC verson3 framework.
Change-Id: I1dfb95aaddf7111325ce0082eb26f7a201001141
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@altera.com>
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index 6bb70e0..f92678f 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2020-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -88,12 +89,22 @@
#define FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE 52U
#define FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE 29U
-#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U
-#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U
-#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07
-#define FCS_CRYPTO_ECB_MODE 0x00
-#define FCS_CRYPTO_CBC_MODE 0x01
-#define FCS_CRYPTO_CTR_MODE 0x02
+#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U
+#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U
+#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07
+#define FCS_CRYPTO_ECB_MODE 0x00
+#define FCS_CRYPTO_CBC_MODE 0x01
+#define FCS_CRYPTO_CTR_MODE 0x02
+#define FCS_CRYPTO_GCM_MODE 0x03
+#define FCS_CRYPTO_GCM_GHASH_MODE 0x04
+
+#define FCS_HKDF_REQUEST_DATA_SIZE 512U
+#define FCS_HKDF_KEY_OBJ_MAX_SIZE 352U
+#define FCS_HKDF_KEY_DATA_SIZE 168U
+#define FCS_HKDF_STEP0_1_KEY_OBJ_SIZE_BITS 384U
+#define FCS_HKDF_STEP2_KEY_OBJ_SIZE_BITS 256U
+#define FCS_HKDF_INPUT_BLOCK_SIZE 80U
+#define FCS_HKDF_SHA2_384_KEY_DATA_SIZE 48U
/* FCS Payload Structure */
typedef struct fcs_rng_payload_t {
@@ -183,10 +194,12 @@
uint32_t *mbox_error);
int intel_fcs_random_number_gen_ext(uint32_t session_id, uint32_t context_id,
uint32_t size, uint32_t *send_id);
-uint32_t intel_fcs_send_cert(uint64_t addr, uint64_t size,
+uint32_t intel_fcs_send_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint64_t addr, uint64_t size,
uint32_t *send_id);
uint32_t intel_fcs_get_provision_data(uint32_t *send_id);
-uint32_t intel_fcs_cntr_set_preauth(uint8_t counter_type,
+uint32_t intel_fcs_cntr_set_preauth(uint32_t smc_fid, uint32_t trans_id,
+ uint8_t counter_type,
int32_t counter_value,
uint32_t test_bit,
uint32_t *mbox_error);
@@ -198,14 +211,18 @@
uint32_t dst_addr, uint32_t dst_size,
uint32_t *send_id);
-int intel_fcs_encryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_encryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint32_t dst_addr, uint32_t *dst_size,
- uint32_t *mbox_error);
-int intel_fcs_decryption_ext(uint32_t sesion_id, uint32_t context_id,
+ uint32_t *mbox_error, uint32_t smmu_src_addr,
+ uint32_t smmu_dst_addr);
+int intel_fcs_decryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t sesion_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint32_t dst_addr, uint32_t *dst_size,
- uint32_t *mbox_error);
+ uint32_t *mbox_error, uint64_t owner_id,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr);
int intel_fcs_sigma_teardown(uint32_t session_id, uint32_t *mbox_error);
int intel_fcs_chip_id(uint32_t *id_low, uint32_t *id_high, uint32_t *mbox_error);
@@ -218,9 +235,10 @@
uint32_t intel_fcs_get_rom_patch_sha384(uint64_t addr, uint64_t *ret_size,
uint32_t *mbox_error);
-int intel_fcs_create_cert_on_reload(uint32_t cert_request,
- uint32_t *mbox_error);
-int intel_fcs_get_attestation_cert(uint32_t cert_request, uint64_t dst_addr,
+int intel_fcs_create_cert_on_reload(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint32_t *mbox_error);
+int intel_fcs_get_attestation_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint64_t dst_addr,
uint32_t *dst_size, uint32_t *mbox_error);
int intel_fcs_open_crypto_service_session(uint32_t *session_id,
@@ -242,10 +260,12 @@
int intel_fcs_get_digest_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_get_digest_update_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_get_digest_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
- uint8_t is_finalised, uint32_t *mbox_error);
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t smmu_src_addr);
int intel_fcs_get_digest_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
@@ -255,11 +275,12 @@
int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_mac_verify_update_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_mac_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t data_size, uint8_t is_finalised,
- uint32_t *mbox_error);
+ uint32_t *mbox_error, uint64_t smmu_src_addr);
int intel_fcs_mac_verify_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
@@ -269,7 +290,8 @@
int intel_fcs_ecdsa_hash_sign_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_hash_sign_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sign_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -277,7 +299,8 @@
int intel_fcs_ecdsa_hash_sig_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -286,11 +309,12 @@
uint32_t context_id, uint32_t key_id,
uint32_t param_size, uint64_t param_data,
uint32_t *mbox_error);
-int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint64_t smmu_src_addr);
int intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(uint32_t session_id,
uint32_t context_id, uint32_t src_addr,
uint32_t src_size, uint64_t dst_addr,
@@ -301,11 +325,12 @@
uint32_t context_id, uint32_t key_id,
uint32_t param_size, uint64_t param_data,
uint32_t *mbox_error);
-int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr);
int intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(uint32_t session_id,
uint32_t context_id, uint32_t src_addr,
uint32_t src_size, uint64_t dst_addr,
@@ -316,14 +341,16 @@
int intel_fcs_ecdsa_get_pubkey_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
int intel_fcs_ecdh_request_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdh_request_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdh_request_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -331,10 +358,16 @@
int intel_fcs_aes_crypt_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint64_t param_addr,
uint32_t param_size, uint32_t *mbox_error);
-int intel_fcs_aes_crypt_update_finalize(uint32_t session_id,
- uint32_t context_id, uint64_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t dst_size, uint8_t is_finalised,
- uint32_t *send_id);
+int intel_fcs_aes_crypt_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint64_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t dst_size,
+ uint32_t aad_size, uint8_t is_finalised,
+ uint32_t *send_id, uint64_t smmu_src_addr,
+ uint64_t smmu_dst_addr);
+int intel_fcs_hkdf_request(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t step_type,
+ uint32_t mac_mode, uint32_t src_addr,
+ uint32_t key_uid, uint32_t op_key_size);
#endif /* SOCFPGA_FCS_H */
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index ab24dec..e29fe87 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -194,7 +194,7 @@
/*
* Increase if there is new SMC function ID being added
*/
-#define SIP_SVC_VERSION_MINOR 0
+#define SIP_SVC_VERSION_MINOR 1
/* Structure Definitions */
@@ -261,7 +261,17 @@
#define ALTERA_SIP_SMC_ASYNC_RESP_POLL (0x420000C8)
#define ALTERA_SIP_SMC_ASYNC_RESP_POLL_ON_INTR (0x420000C9)
-/* Hardware monitor */
+/* QSPI related commands */
+#define ALTERA_SIP_SMC_ASYNC_QSPI_OPEN (0x420000CC)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_CLOSE (0x420000CD)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_SET_CS (0x420000CE)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_ERASE (0x420000CF)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_WRITE (0x420000D0)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_READ (0x420000D1)
+#define ALTERA_SIP_SMC_ASYNC_GET_DEVICE_IDENTITY (0x420000D2)
+#define ALTERA_SIP_SMC_ASYNC_GET_IDCODE (0x420000D3)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_GET_DEV_INFO (0x420000D4)
+
#define ALTERA_SIP_SMC_ASYNC_HWMON_READTEMP (0x420000E8)
#define ALTERA_SIP_SMC_ASYNC_HWMON_READVOLT (0x420000E9)
@@ -325,9 +335,9 @@
#define ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_INIT (0x42000162)
#define ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE (0x42000163)
#define ALTERA_SIP_SMC_ASYNC_FCS_SDM_REMAPPER_CONFIG (0x42000164)
-#define ALTERA_SIP_SMC_ASYNC_FCS_MCTP (0x42000165)
+#define ALTERA_SIP_SMC_ASYNC_MCTP_MSG (0x42000165)
#define ALTERA_SIP_SMC_ASYNC_FCS_HKDF_REQUEST (0x42000166)
-
+#define ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CS_KEY (0x42000167)
#define GET_CLIENT_ID(x) (((x) & 0xF0) >> 4)
#define GET_JOB_ID(x) ((x) & 0x0F)
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index 91df934..b9c7b59 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -1,13 +1,15 @@
/*
* Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <arch_helpers.h>
+#include <common/debug.h>
#include <lib/mmio.h>
+#include "socfpga_plat_def.h"
#include "socfpga_fcs.h"
#include "socfpga_mailbox.h"
#include "socfpga_sip_svc.h"
@@ -23,6 +25,267 @@
static fcs_crypto_service_data fcs_ecdsa_get_pubkey_param;
static fcs_crypto_service_data fcs_ecdh_request_param;
+uint8_t fcs_send_cert_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, status_word %d\n",
+ __func__, resp->err_code, resp->resp_data[0]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cntr_set_preauth_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x\n", __func__, resp->err_code);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_get_attest_cert_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_hkdf_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+
+ INFO("MBOX: %s: mbox_err 0x%x, hkdf_status 0x%x\n", __func__,
+ resp->err_code, resp->resp_data[0]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_create_cert_reload_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x\n", __func__, resp->err_code);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_get_digest_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_mac_verify_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d, verify_result 0x%x\n",
+ __func__, resp->err_code,
+ resp->rcvd_resp_len * MBOX_WORD_BYTE,
+ resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_hash_sign_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, len_words %d\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_hash_sig_verify_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, [3] 0x%x\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_aes_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_data_sign_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_sdos_crypto_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ /* Encrypted/Decrypted data size written to the destination buffer */
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_get_public_key_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %u\n",
+ __func__, resp->err_code,
+ resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_data_sig_verify_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret 0x%x\n",
+ __func__, resp->err_code, resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_ecdh_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, len_words %d\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
bool is_size_4_bytes_aligned(uint32_t size)
{
if ((size % MBOX_WORD_BYTE) != 0U) {
@@ -155,7 +418,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-uint32_t intel_fcs_send_cert(uint64_t addr, uint64_t size,
+uint32_t intel_fcs_send_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint64_t addr, uint64_t size,
uint32_t *send_id)
{
int status;
@@ -168,7 +432,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd_async(send_id, MBOX_CMD_VAB_SRC_CERT,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_SEND_CERTIFICATE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_CMD_VAB_SRC_CERT,
+ (uint32_t *) addr,
+ size / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_send_cert_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd_async(send_id, MBOX_CMD_VAB_SRC_CERT,
(uint32_t *)addr, size / MBOX_WORD_BYTE,
CMD_DIRECT);
@@ -195,7 +469,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-uint32_t intel_fcs_cntr_set_preauth(uint8_t counter_type, int32_t counter_value,
+uint32_t intel_fcs_cntr_set_preauth(uint32_t smc_fid, uint32_t trans_id,
+ uint8_t counter_type, int32_t counter_value,
uint32_t test_bit, uint32_t *mbox_error)
{
int status;
@@ -230,7 +505,18 @@
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_CNTR_SET_PREAUTH,
+
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CNTR_SET_PREAUTH) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_CNTR_SET_PREAUTH,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cntr_set_preauth_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_CNTR_SET_PREAUTH,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, NULL, NULL);
@@ -317,14 +603,18 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_encryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_encryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
- uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error)
+ uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr)
{
int status;
uint32_t payload_size;
uint32_t resp_len = FCS_CRYPTION_RESP_WORD_SIZE;
uint32_t resp_data[FCS_CRYPTION_RESP_WORD_SIZE] = {0U};
+ uint32_t src_addr_sdm = src_addr;
+ uint32_t dst_addr_sdm = dst_addr;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -339,19 +629,35 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = smmu_src_addr;
+ dst_addr_sdm = smmu_dst_addr;
+#endif
+
fcs_encrypt_ext_payload payload = {
session_id,
context_id,
FCS_CRYPTION_CRYPTO_HEADER,
- src_addr,
+ src_addr_sdm,
src_size,
- dst_addr,
+ dst_addr_sdm,
*dst_size
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ENCRYPT_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ENCRYPT_REQ,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_sdos_crypto_request_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ENCRYPT_REQ,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, resp_data, &resp_len);
@@ -371,15 +677,20 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_decryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_decryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
- uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error)
+ uint32_t dst_addr, uint32_t *dst_size,
+ uint32_t *mbox_error, uint64_t owner_id,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr)
{
int status;
uintptr_t id_offset;
uint32_t payload_size;
uint32_t resp_len = FCS_CRYPTION_RESP_WORD_SIZE;
uint32_t resp_data[FCS_CRYPTION_RESP_WORD_SIZE] = {0U};
+ uint32_t src_addr_sdm = src_addr;
+ uint32_t dst_addr_sdm = dst_addr;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -394,6 +705,12 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = smmu_src_addr;
+ dst_addr_sdm = smmu_dst_addr;
+#endif
+
inv_dcache_range(src_addr, src_size); /* flush cache before mmio read to avoid reading old values */
id_offset = src_addr + FCS_OWNER_ID_OFFSET;
fcs_decrypt_ext_payload payload = {
@@ -402,15 +719,25 @@
FCS_CRYPTION_CRYPTO_HEADER,
{mmio_read_32(id_offset),
mmio_read_32(id_offset + MBOX_WORD_BYTE)},
- src_addr,
+ src_addr_sdm,
src_size,
- dst_addr,
+ dst_addr_sdm,
*dst_size
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_DECRYPT_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_DECRYPT_REQ,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_sdos_crypto_request_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_DECRYPT_REQ,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, resp_data, &resp_len);
@@ -567,7 +894,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_get_attestation_cert(uint32_t cert_request, uint64_t dst_addr,
+int intel_fcs_get_attestation_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint64_t dst_addr,
uint32_t *dst_size, uint32_t *mbox_error)
{
int status;
@@ -586,7 +914,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_GET_ATTESTATION_CERT,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_ATTESTATION_CERT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_GET_ATTESTATION_CERT,
+ (uint32_t *) &cert_request,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_get_attest_cert_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_GET_ATTESTATION_CERT,
(uint32_t *) &cert_request, 1U, CMD_CASUAL,
(uint32_t *) dst_addr, &ret_size);
@@ -601,8 +939,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_create_cert_on_reload(uint32_t cert_request,
- uint32_t *mbox_error)
+int intel_fcs_create_cert_on_reload(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint32_t *mbox_error)
{
int status;
@@ -615,7 +953,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_CREATE_CERT_ON_RELOAD,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CERT_ON_RELOAD) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_CREATE_CERT_ON_RELOAD,
+ (uint32_t *) &cert_request,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_create_cert_reload_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_CREATE_CERT_ON_RELOAD,
(uint32_t *) &cert_request, 1U, CMD_CASUAL,
NULL, NULL);
@@ -851,11 +1199,12 @@
mbox_error);
}
-int intel_fcs_get_digest_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error)
+int intel_fcs_get_digest_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -928,12 +1277,29 @@
i++;
}
/* Data source address and size */
+
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = src_size;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_GET_DIGEST_REQ,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_GET_DIGEST_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_get_digest_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_GET_DIGEST_REQ,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &resp_len);
@@ -1061,11 +1427,12 @@
mbox_error);
}
-int intel_fcs_mac_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error)
+int intel_fcs_mac_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -1149,8 +1516,13 @@
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
i++;
}
+
/* Data source address and size */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = (uint32_t)smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = data_size;
i++;
@@ -1171,7 +1543,18 @@
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_MAC_VERIFY_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_mac_verify_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &resp_len);
@@ -1336,7 +1719,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_hash_sign_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sign_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -1407,7 +1791,17 @@
i += src_size / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIGN_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_HASH_SIGN_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_hash_sign_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIGN_REQ,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1435,7 +1829,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -1451,8 +1846,8 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- if (fcs_ecdsa_hash_sig_verify_param.session_id != session_id ||
- fcs_ecdsa_hash_sig_verify_param.context_id != context_id) {
+ if ((fcs_ecdsa_hash_sig_verify_param.session_id != session_id) ||
+ (fcs_ecdsa_hash_sig_verify_param.context_id != context_id)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -1508,7 +1903,18 @@
i += (src_size / MBOX_WORD_BYTE);
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_hash_sig_verify_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1537,11 +1943,12 @@
mbox_error);
}
-int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error)
+int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint64_t smmu_src_addr)
{
int status;
int i;
@@ -1608,11 +2015,27 @@
}
/* Data source address and size */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = (uint32_t)smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = src_size;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID,
+
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_data_sign_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ, payload,
i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1737,11 +2160,12 @@
mbox_error);
}
-int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error)
+int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -1825,7 +2249,12 @@
}
/* Data source address and size */
+ /* On the Agilex5 platform, the SMMU remapped address is used */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = data_size;
i++;
@@ -1846,7 +2275,18 @@
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
- status = mailbox_send_cmd(MBOX_JOB_ID,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_data_sig_verify_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY, payload, i,
CMD_CASUAL, (uint32_t *) dst_addr, &resp_len);
@@ -2010,7 +2450,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
{
@@ -2054,7 +2495,18 @@
INTEL_SIP_SMC_FCS_ECC_ALGO_MASK;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_GET_PUBKEY,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_GET_PUBKEY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_get_public_key_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
+ MBOX_FCS_ECDSA_GET_PUBKEY,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &ret_size);
@@ -2082,7 +2534,8 @@
mbox_error);
}
-int intel_fcs_ecdh_request_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdh_request_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -2098,7 +2551,6 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
-
if (fcs_ecdh_request_param.session_id != session_id ||
fcs_ecdh_request_param.context_id != context_id) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -2110,10 +2562,9 @@
}
dst_size_check = *dst_size;
- if ((dst_size_check > FCS_MAX_DATA_SIZE ||
- dst_size_check < FCS_MIN_DATA_SIZE) ||
- (src_size > FCS_MAX_DATA_SIZE ||
- src_size < FCS_MIN_DATA_SIZE)) {
+
+ if ((dst_size_check > FCS_MAX_DATA_SIZE || dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE || src_size < FCS_MIN_DATA_SIZE)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2150,7 +2601,17 @@
(void *) pubkey, src_size / MBOX_WORD_BYTE);
i += src_size / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDH_REQUEST,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDH_REQUEST,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_ecdh_request_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDH_REQUEST,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -2189,13 +2650,19 @@
}
/*
- * Check if not ECB, CBC and CTR mode, addr ptr is NULL.
- * Return "Reject" status
+ * Check if not ECB, CBC and CTR, GCM and GCM-GHASH mode (only for Agilex5),
+ * addr ptr is NULL. Return "Reject" status
*/
if ((param_addr_ptr == NULL) ||
- (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_ECB_MODE) &&
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CBC_MODE) &&
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CTR_MODE))) {
+ (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_ECB_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CBC_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CTR_MODE)
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_GCM_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_GCM_GHASH_MODE)
+#endif
+ )){
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2204,7 +2671,9 @@
* Check CBC/CTR here and limit to size 28 bytes
*/
if ((((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CBC_MODE) ||
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE)) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE) ||
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_GCM_MODE) ||
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_GCM_GHASH_MODE)) &&
(param_size > FCS_CRYPTO_CBC_CTR_BUFFER_SIZE)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2235,17 +2704,21 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_aes_crypt_update_finalize(uint32_t session_id,
- uint32_t context_id, uint64_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t dst_size, uint8_t is_finalised,
- uint32_t *send_id)
+int intel_fcs_aes_crypt_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint64_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t dst_size,
+ uint32_t aad_size, uint8_t is_finalised,
+ uint32_t *send_id, uint64_t smmu_src_addr,
+ uint64_t smmu_dst_addr)
{
int status;
int i;
uint32_t flag;
uint32_t crypto_header;
uint32_t fcs_aes_crypt_payload[FCS_AES_CMD_MAX_WORD_SIZE];
+ uint32_t src_addr_sdm = (uint32_t)src_addr;
+ uint32_t dst_addr_sdm = (uint32_t)dst_addr;
if (fcs_aes_init_payload.session_id != session_id ||
fcs_aes_init_payload.context_id != context_id) {
@@ -2297,7 +2770,7 @@
i++;
if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
- FCS_CS_FIELD_FLAG_INIT) {
+ (FCS_CS_FIELD_FLAG_INIT)) {
fcs_aes_crypt_payload[i] = fcs_aes_init_payload.key_id;
i++;
@@ -2314,18 +2787,41 @@
i += fcs_aes_init_payload.param_size / MBOX_WORD_BYTE;
}
- fcs_aes_crypt_payload[i] = (uint32_t) src_addr;
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = (uint32_t)smmu_src_addr;
+ dst_addr_sdm = (uint32_t)smmu_dst_addr;
+#endif
+
+ fcs_aes_crypt_payload[i] = src_addr_sdm;
i++;
fcs_aes_crypt_payload[i] = src_size;
i++;
- fcs_aes_crypt_payload[i] = (uint32_t) dst_addr;
+ fcs_aes_crypt_payload[i] = dst_addr_sdm;
i++;
fcs_aes_crypt_payload[i] = dst_size;
i++;
- status = mailbox_send_cmd_async(send_id, MBOX_FCS_AES_CRYPT_REQ,
- fcs_aes_crypt_payload, i,
- CMD_INDIRECT);
+ /* Additional Authenticated Data size */
+ if (aad_size > 0) {
+ fcs_aes_crypt_payload[i] = aad_size;
+ i++;
+ }
+
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_AES_CRYPT_REQ,
+ fcs_aes_crypt_payload,
+ i,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_cs_aes_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd_async(send_id, MBOX_FCS_AES_CRYPT_REQ,
+ fcs_aes_crypt_payload, i, CMD_INDIRECT);
+
if (is_finalised != 0U) {
memset((void *)&fcs_aes_init_payload, 0,
@@ -2338,3 +2834,77 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+
+int intel_fcs_hkdf_request(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t step_type,
+ uint32_t mac_mode, uint32_t src_addr,
+ uint32_t key_uid, uint32_t op_key_size)
+{
+ int status;
+ uint32_t i = 0;
+ uintptr_t inputdata;
+ uint32_t payload[FCS_HKDF_REQUEST_DATA_SIZE] = {0U};
+
+ if (!is_address_in_ddr_range(src_addr, FCS_HKDF_REQUEST_DATA_SIZE)) {
+ ERROR("MBOX: %s: source addr not in the DDR range\n", __func__);
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ /* Prepare command payload */
+
+ /* Session ID */
+ payload[i] = session_id;
+ i++;
+
+ /* Reserved, 8 bytes */
+ payload[i] = 0;
+ i++;
+
+ payload[i] = 0;
+ i++;
+
+ /* HKDF step type */
+ payload[i] = step_type;
+ i++;
+
+ /* MAC mode/PRF */
+ payload[i] = mac_mode;
+ i++;
+
+ /* Complete input data, 1st input data len + its data + 2nd input data len + its data. */
+ inputdata = src_addr;
+ memcpy_s((uint8_t *)&payload[i], FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t),
+ (uint8_t *)inputdata, FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t));
+
+ i += FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t);
+
+ /* Key UID */
+ payload[i] = key_uid;
+ i++;
+
+ /* Pointer to size of output key object */
+ inputdata = inputdata + FCS_HKDF_KEY_DATA_SIZE;
+
+ /* Output Key object */
+ memcpy_s(&payload[i], op_key_size / sizeof(uint32_t), (void *)inputdata,
+ op_key_size / sizeof(uint32_t));
+
+ i += op_key_size / sizeof(uint32_t);
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_HKDF_REQUEST,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_hkdf_request_cb,
+ NULL,
+ 0U);
+
+ if (status < 0) {
+ ERROR("MBOX: %s: status %d\n", __func__, status);
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
diff --git a/plat/intel/soc/common/socfpga_sip_svc.c b/plat/intel/soc/common/socfpga_sip_svc.c
index 703a778..6fc2907 100644
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@@ -802,6 +802,20 @@
#endif
#if SIP_SVC_V3
+uint8_t sip_smc_cmd_cb_ret2(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ /* Returns 3 SMC arguments for SMC_RET3 */
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
uint8_t sip_smc_cmd_cb_ret3(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
{
uint8_t ret_args_len = 0U;
@@ -817,6 +831,41 @@
return ret_args_len;
}
+uint8_t sip_smc_ret_nbytes_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t sip_smc_get_chipid_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0%x, data[0] 0x%x, data[1] 0x%x\n",
+ __func__, resp->err_code, resp->resp_data[0], resp->resp_data[1]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+ ret_args[ret_args_len++] = resp->resp_data[1];
+
+ return ret_args_len;
+}
+
static uintptr_t smc_ret(void *handle, uint32_t *ret_args, uint32_t ret_args_len)
{
switch (ret_args_len) {
@@ -860,14 +909,27 @@
u_register_t flags)
{
int status = 0;
+ uint32_t mbox_error = 0U;
+ u_register_t x5, x6, x7, x8, x9, x10, x11;
- VERBOSE("MBOX: SVC-V3: x0 0x%x, x1 0x%lx, x2 0x%lx, x3 0x%lx, x4 0x%lx\n",
- smc_fid, x1, x2, x3, x4);
+ /* Get all the SMC call arguments */
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ x8 = SMC_GET_GP(handle, CTX_GPREG_X8);
+ x9 = SMC_GET_GP(handle, CTX_GPREG_X9);
+ x10 = SMC_GET_GP(handle, CTX_GPREG_X10);
+ x11 = SMC_GET_GP(handle, CTX_GPREG_X11);
+
+ INFO("MBOX: SVC_V3: x0 0x%x, x1 0x%lx, x2 0x%lx, x3 0x%lx, x4 0x%lx, x5 0x%lx\n",
+ smc_fid, x1, x2, x3, x4, x5);
+ INFO("MBOX: SVC_V3: x6 0x%lx, x7 0x%lx, x8 0x%lx, x9 0x%lx, x10 0x%lx x11 0x%lx\n",
+ x6, x7, x8, x9, x10, x11);
switch (smc_fid) {
case ALTERA_SIP_SMC_ASYNC_RESP_POLL:
{
- uint32_t ret_args[8] = {0}; /* X0 to X7 return arguments */
+ uint32_t ret_args[8] = {0};
uint32_t ret_args_len;
status = mailbox_response_poll_v3(GET_CLIENT_ID(x1),
@@ -883,6 +945,7 @@
case ALTERA_SIP_SMC_ASYNC_RESP_POLL_ON_INTR:
{
+ /* TBD: Here now we don't need these CID and JID?? */
uint8_t client_id = 0U;
uint8_t job_id = 0U;
uint64_t trans_id_bitmap[4] = {0U};
@@ -896,6 +959,204 @@
break;
}
+ case ALTERA_SIP_SMC_ASYNC_GET_DEVICE_IDENTITY:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_DEVICEID,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x2,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_GET_IDCODE:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_IDCODE,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_OPEN:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_OPEN,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_CLOSE:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_CLOSE,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_SET_CS:
+ {
+ uint32_t cmd_data = 0U;
+ uint32_t chip_sel = (uint32_t)x2;
+ uint32_t comb_addr_mode = (uint32_t)x3;
+ uint32_t ext_dec_mode = (uint32_t)x4;
+
+ cmd_data = (chip_sel << MBOX_QSPI_SET_CS_OFFSET) |
+ (comb_addr_mode << MBOX_QSPI_SET_CS_CA_OFFSET) |
+ (ext_dec_mode << MBOX_QSPI_SET_CS_MODE_OFFSET);
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_SET_CS,
+ &cmd_data,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_ERASE:
+ {
+ uint32_t qspi_addr = (uint32_t)x2;
+ uint32_t qspi_nwords = (uint32_t)x3;
+
+ /* QSPI address offset to start erase, must be 4K aligned */
+ if (MBOX_IS_4K_ALIGNED(qspi_addr)) {
+ ERROR("MBOX: 0x%x: QSPI address not 4K aligned\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ /* Number of words to erase, multiples of 0x400 or 4K */
+ if (qspi_nwords % MBOX_QSPI_ERASE_SIZE_GRAN) {
+ ERROR("MBOX: 0x%x: Given words not in multiples of 4K\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ uint32_t cmd_data[2] = {qspi_addr, qspi_nwords};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_ERASE,
+ cmd_data,
+ sizeof(cmd_data) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_WRITE:
+ {
+ uint32_t *qspi_payload = (uint32_t *)x2;
+ uint32_t qspi_total_nwords = (((uint32_t)x3) / MBOX_WORD_BYTE);
+ uint32_t qspi_addr = qspi_payload[0];
+ uint32_t qspi_nwords = qspi_payload[1];
+
+ if (!MBOX_IS_WORD_ALIGNED(qspi_addr)) {
+ ERROR("MBOX: 0x%x: Given address is not WORD aligned\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ if (qspi_nwords > MBOX_QSPI_RW_MAX_WORDS) {
+ ERROR("MBOX: 0x%x: Number of words exceeds max limit\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_WRITE,
+ qspi_payload,
+ qspi_total_nwords,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_READ:
+ {
+ uint32_t qspi_addr = (uint32_t)x2;
+ uint32_t qspi_nwords = (((uint32_t)x4) / MBOX_WORD_BYTE);
+
+ if (qspi_nwords > MBOX_QSPI_RW_MAX_WORDS) {
+ ERROR("MBOX: 0x%x: Number of words exceeds max limit\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ uint32_t cmd_data[2] = {qspi_addr, qspi_nwords};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_READ,
+ cmd_data,
+ sizeof(cmd_data) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x3,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_GET_DEV_INFO:
+ {
+ uint32_t *dst_addr = (uint32_t *)x2;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_GET_DEV_INFO,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)dst_addr,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
case ALTERA_SIP_SMC_ASYNC_HWMON_READVOLT:
case ALTERA_SIP_SMC_ASYNC_HWMON_READTEMP:
{
@@ -909,13 +1170,461 @@
&channel,
1U,
MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_RANDOM_NUMBER_EXT:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t context_id = (uint32_t)x3;
+ uint64_t ret_random_addr = (uint64_t)x4;
+ uint32_t random_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+ uint32_t crypto_header = 0U;
+
+ if ((random_len > (FCS_RANDOM_EXT_MAX_WORD_SIZE * MBOX_WORD_BYTE)) ||
+ (random_len == 0U) ||
+ (!is_size_4_bytes_aligned(random_len))) {
+ ERROR("MBOX: 0x%x is rejected\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ crypto_header = ((FCS_CS_FIELD_FLAG_INIT | FCS_CS_FIELD_FLAG_FINALIZE) <<
+ FCS_CS_FIELD_FLAG_OFFSET);
+ fcs_rng_payload payload = {session_id, context_id,
+ crypto_header, random_len};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_RANDOM_GEN,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_random_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_PROVISION_DATA:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_GET_PROVISION,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x2,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CNTR_SET_PREAUTH:
+ {
+ status = intel_fcs_cntr_set_preauth(smc_fid, x1, x2, x3,
+ x4, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CHIP_ID:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_CHIPID,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_get_chipid_cb,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_ATTESTATION_CERT:
+ {
+ status = intel_fcs_get_attestation_cert(smc_fid, x1, x2, x3,
+ (uint32_t *) &x4, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CERT_ON_RELOAD:
+ {
+ status = intel_fcs_create_cert_on_reload(smc_fid, x1,
+ x2, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT:
+ {
+ if (x4 == FCS_MODE_ENCRYPT) {
+ status = intel_fcs_encryption_ext(smc_fid, x1, x2, x3,
+ x5, x6, x7, (uint32_t *) &x8,
+ &mbox_error, x10, x11);
+ } else if (x4 == FCS_MODE_DECRYPT) {
+ status = intel_fcs_decryption_ext(smc_fid, x1, x2, x3,
+ x5, x6, x7, (uint32_t *) &x8,
+ &mbox_error, x9, x10, x11);
+ } else {
+ ERROR("MBOX: 0x%x: Wrong crypto mode\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_SEND_CERTIFICATE:
+ {
+ status = intel_fcs_send_cert(smc_fid, x1, x2, x3, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_OPEN_CS_SESSION:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_OPEN_CS_SESSION,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CLOSE_CS_SESSION:
+ {
+ uint32_t session_id = (uint32_t)x2;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_CLOSE_CS_SESSION,
+ &session_id,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_IMPORT_CS_KEY:
+ {
+ uint64_t key_addr = x2;
+ uint32_t key_len_words = (uint32_t)x3 / MBOX_WORD_BYTE;
+
+ if ((key_len_words > FCS_CS_KEY_OBJ_MAX_WORD_SIZE) ||
+ (!is_address_in_ddr_range(key_addr, key_len_words * 4))) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range or key len exceeds\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_IMPORT_CS_KEY,
+ (uint32_t *)key_addr,
+ key_len_words,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CS_KEY:
+ {
+ uint64_t key_addr = x2;
+ uint32_t key_len_words = (uint32_t)x3 / MBOX_WORD_BYTE;
+
+ if (!is_address_in_ddr_range(key_addr, key_len_words * 4)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_CREATE_CS_KEY,
+ (uint32_t *)key_addr,
+ key_len_words,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_EXPORT_CS_KEY:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+ uint64_t ret_key_addr = (uint64_t)x4;
+ uint32_t key_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+
+ if (!is_address_in_ddr_range(ret_key_addr, key_len)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_EXPORT_CS_KEY,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_key_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_REMOVE_CS_KEY:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_REMOVE_CS_KEY,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
sip_smc_cmd_cb_ret3,
NULL,
0);
+ SMC_RET1(handle, status);
+ }
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_CS_KEY_INFO:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+ uint64_t ret_key_addr = (uint64_t)x4;
+ uint32_t key_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+
+ if (!is_address_in_ddr_range(ret_key_addr, key_len)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_GET_CS_KEY_INFO,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_key_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_INIT:
+ {
+ status = intel_fcs_aes_crypt_init(x2, x3, x4, x5,
+ x6, &mbox_error);
SMC_RET1(handle, status);
}
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE:
+ {
+ uint32_t job_id = 0U;
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, x7, x8, is_final,
+ &job_id, x9, x10);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_INIT:
+ {
+ status = intel_fcs_get_digest_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_get_digest_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, (uint32_t *) &x7,
+ is_final, &mbox_error, x8);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_INIT:
+ {
+ status = intel_fcs_mac_verify_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, (uint32_t *) &x7, x8,
+ is_final, &mbox_error, x9);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_INIT:
+ {
+ status = intel_fcs_ecdsa_hash_sign_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_hash_sign_finalize(smc_fid, x1, x2, x3,
+ x4, x5, x6, (uint32_t *) &x7,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_INIT:
+ {
+ status = intel_fcs_ecdsa_sha2_data_sign_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE)
+ ? true : false;
+
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ x1, x2, x3, x4, x5, x6, (uint32_t *) &x7,
+ is_final, &mbox_error, x8);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_INIT:
+ {
+ status = intel_fcs_ecdsa_hash_sig_verify_init(x2, x3, x4, x5,
+ x6, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_hash_sig_verify_finalize(smc_fid, x1,
+ x2, x3, x4, x5, x6, (uint32_t *) &x7,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT:
+ {
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_init(x2, x3, x4,
+ x5, x6, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE:
+ {
+ bool is_final = (smc_fid ==
+ ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
+ smc_fid, x1, x2, x3, x4, x5, x6,
+ (uint32_t *) &x7, x8, is_final,
+ &mbox_error, x9);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_INIT:
+ {
+ status = intel_fcs_ecdsa_get_pubkey_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_get_pubkey_finalize(smc_fid, x1, x2, x3,
+ x4, (uint32_t *) &x5, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_INIT:
+ {
+ status = intel_fcs_ecdh_request_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE:
+ {
+ uint32_t dest_size = (uint32_t)x7;
+
+ NOTICE("MBOX: %s, %d: x7 0x%x, dest_size 0x%x\n",
+ __func__, __LINE__, (uint32_t)x7, dest_size);
+
+ status = intel_fcs_ecdh_request_finalize(smc_fid, x1, x2, x3,
+ x4, x5, x6, (uint32_t *) &dest_size,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_MCTP_MSG:
+ {
+ uint32_t *src_addr = (uint32_t *)x2;
+ uint32_t src_size = (uint32_t)x3;
+ uint32_t *dst_addr = (uint32_t *)x4;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_MCTP_MSG,
+ src_addr,
+ src_size / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ dst_addr,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_HKDF_REQUEST:
+ {
+ status = intel_fcs_hkdf_request(smc_fid, x1, x2, x3, x4, x5, x6,
+ x7);
+ SMC_RET1(handle, status);
+ }
+
default:
return socfpga_sip_handler(smc_fid, x1, x2, x3, x4,
cookie, handle, flags);
@@ -1117,11 +1826,11 @@
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
if (x3 == FCS_MODE_DECRYPT) {
- status = intel_fcs_decryption_ext(x1, x2, x4, x5, x6,
- (uint32_t *) &x7, &mbox_error);
+ status = intel_fcs_decryption_ext(smc_fid, 0, x1, x2, x4, x5, x6,
+ (uint32_t *) &x7, &mbox_error, 0, 0, 0);
} else if (x3 == FCS_MODE_ENCRYPT) {
- status = intel_fcs_encryption_ext(x1, x2, x4, x5, x6,
- (uint32_t *) &x7, &mbox_error);
+ status = intel_fcs_encryption_ext(smc_fid, 0, x1, x2, x4, x5, x6,
+ (uint32_t *) &x7, &mbox_error, 0, 0);
} else {
status = INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -1139,7 +1848,7 @@
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_SEND_CERTIFICATE:
- status = intel_fcs_send_cert(x1, x2, &send_id);
+ status = intel_fcs_send_cert(smc_fid, 0, x1, x2, &send_id);
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_GET_PROVISION_DATA:
@@ -1147,7 +1856,7 @@
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_CNTR_SET_PREAUTH:
- status = intel_fcs_cntr_set_preauth(x1, x2, x3,
+ status = intel_fcs_cntr_set_preauth(smc_fid, 0, x1, x2, x3,
&mbox_error);
SMC_RET2(handle, status, mbox_error);
@@ -1182,12 +1891,12 @@
SMC_RET4(handle, status, mbox_error, x3, x4);
case INTEL_SIP_SMC_FCS_GET_ATTESTATION_CERT:
- status = intel_fcs_get_attestation_cert(x1, x2,
+ status = intel_fcs_get_attestation_cert(smc_fid, 0, x1, x2,
(uint32_t *) &x3, &mbox_error);
SMC_RET4(handle, status, mbox_error, x2, x3);
case INTEL_SIP_SMC_FCS_CREATE_CERT_ON_RELOAD:
- status = intel_fcs_create_cert_on_reload(x1, &mbox_error);
+ status = intel_fcs_create_cert_on_reload(smc_fid, 0, x1, &mbox_error);
SMC_RET2(handle, status, mbox_error);
case INTEL_SIP_SMC_FCS_OPEN_CS_SESSION:
@@ -1226,17 +1935,17 @@
case INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, false,
- &mbox_error);
+ status = intel_fcs_get_digest_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, true,
- &mbox_error);
+ status = intel_fcs_get_digest_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_UPDATE:
@@ -1265,18 +1974,18 @@
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
- status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, x7,
- false, &mbox_error);
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, x7, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
- status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, x7,
- true, &mbox_error);
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, x7, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_UPDATE:
@@ -1306,17 +2015,17 @@
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(x1, x2,
- x3, x4, x5, (uint32_t *) &x6, false,
- &mbox_error);
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ 0, x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ false, &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(x1, x2,
- x3, x4, x5, (uint32_t *) &x6, true,
- &mbox_error);
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ 0, x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ true, &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_UPDATE:
@@ -1344,8 +2053,9 @@
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_hash_sign_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, &mbox_error);
+ status = intel_fcs_ecdsa_hash_sign_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6,
+ &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_INIT:
@@ -1357,8 +2067,9 @@
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_hash_sig_verify_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, &mbox_error);
+ status = intel_fcs_ecdsa_hash_sig_verify_finalize(smc_fid, 0, x1,
+ x2, x3, x4, x5, (uint32_t *) &x6,
+ &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT:
@@ -1372,8 +2083,9 @@
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
- x1, x2, x3, x4, x5, (uint32_t *) &x6,
- x7, false, &mbox_error);
+ smc_fid, 0, x1, x2, x3, x4, x5,
+ (uint32_t *) &x6, x7, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_UPDATE:
@@ -1399,8 +2111,9 @@
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
- x1, x2, x3, x4, x5, (uint32_t *) &x6,
- x7, true, &mbox_error);
+ smc_fid, 0, x1, x2, x3, x4, x5,
+ (uint32_t *) &x6, x7, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_INIT:
@@ -1410,8 +2123,9 @@
SMC_RET2(handle, status, mbox_error);
case INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE:
- status = intel_fcs_ecdsa_get_pubkey_finalize(x1, x2, x3,
- (uint32_t *) &x4, &mbox_error);
+ status = intel_fcs_ecdsa_get_pubkey_finalize(
+ INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE, 0,
+ x1, x2, x3, (uint32_t *) &x4, &mbox_error);
SMC_RET4(handle, status, mbox_error, x3, x4);
case INTEL_SIP_SMC_FCS_ECDH_REQUEST_INIT:
@@ -1423,7 +2137,7 @@
case INTEL_SIP_SMC_FCS_ECDH_REQUEST_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdh_request_finalize(x1, x2, x3,
+ status = intel_fcs_ecdh_request_finalize(smc_fid, 0, x1, x2, x3,
x4, x5, (uint32_t *) &x6, &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
@@ -1436,15 +2150,15 @@
case INTEL_SIP_SMC_FCS_AES_CRYPT_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_aes_crypt_update_finalize(x1, x2, x3, x4,
- x5, x6, false, &send_id);
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, x6, 0, false, &send_id, 0, 0);
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_AES_CRYPT_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_aes_crypt_update_finalize(x1, x2, x3, x4,
- x5, x6, true, &send_id);
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, x6, 0, true, &send_id, 0, 0);
SMC_RET1(handle, status);
#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5