Olivier Deprez | 5ac897f | 2020-01-09 10:45:52 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved. |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 3 | * Copyright (c) 2019-2020, NVIDIA CORPORATION. All rights reserved. |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 4 | * |
| 5 | * SPDX-License-Identifier: BSD-3-Clause |
| 6 | */ |
| 7 | |
| 8 | #include <assert.h> |
| 9 | #include <errno.h> |
| 10 | #include <stdbool.h> |
| 11 | |
| 12 | #include <arch_helpers.h> |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 13 | #include <bpmp_ipc.h> |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 14 | #include <common/debug.h> |
| 15 | #include <drivers/delay_timer.h> |
| 16 | #include <lib/mmio.h> |
| 17 | #include <lib/psci/psci.h> |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 18 | #include <se.h> |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 19 | #include <tegra_platform.h> |
| 20 | |
| 21 | #include "se_private.h" |
| 22 | |
| 23 | /******************************************************************************* |
| 24 | * Constants and Macros |
| 25 | ******************************************************************************/ |
Varun Wadekar | 7a37315 | 2020-03-22 15:58:02 -0700 | [diff] [blame] | 26 | #define ERR_STATUS_SW_CLEAR U(0xFFFFFFFF) |
| 27 | #define INT_STATUS_SW_CLEAR U(0xFFFFFFFF) |
| 28 | #define MAX_TIMEOUT_MS U(1000) /* Max. timeout of 1s */ |
| 29 | #define NUM_SE_REGS_TO_SAVE U(4) |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 30 | |
Jeetesh Burman | dbcc95c | 2018-07-06 20:03:38 +0530 | [diff] [blame] | 31 | #define BYTES_IN_WORD U(4) |
| 32 | #define SHA256_MAX_HASH_RESULT U(7) |
| 33 | #define SHA256_DST_SIZE U(32) |
| 34 | #define SHA_FIRST_OP U(1) |
| 35 | #define MAX_SHA_ENGINE_CHUNK_SIZE U(0xFFFFFF) |
| 36 | #define SHA256_MSG_LENGTH_ONETIME U(0xFFFF) |
| 37 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 38 | /******************************************************************************* |
| 39 | * Data structure and global variables |
| 40 | ******************************************************************************/ |
| 41 | static uint32_t se_regs[NUM_SE_REGS_TO_SAVE]; |
| 42 | |
| 43 | /* |
| 44 | * Check that SE operation has completed after kickoff. |
| 45 | * |
| 46 | * This function is invoked after an SE operation has been started, |
| 47 | * and it checks the following conditions: |
| 48 | * |
| 49 | * 1. SE_STATUS = IDLE |
| 50 | * 2. AHB bus data transfer is complete. |
| 51 | * 3. SE_ERR_STATUS is clean. |
| 52 | */ |
| 53 | static bool tegra_se_is_operation_complete(void) |
| 54 | { |
| 55 | uint32_t val = 0, timeout = 0, sha_status, aes_status; |
| 56 | int32_t ret = 0; |
| 57 | bool se_is_busy, txn_has_errors, txn_successful; |
| 58 | |
| 59 | /* |
| 60 | * Poll the status register to check if the operation |
| 61 | * completed. |
| 62 | */ |
| 63 | do { |
| 64 | val = tegra_se_read_32(CTX_SAVE_AUTO_STATUS); |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 65 | se_is_busy = ((val & CTX_SAVE_AUTO_SE_BUSY) != 0U); |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 66 | |
| 67 | /* sleep until SE finishes */ |
| 68 | if (se_is_busy) { |
| 69 | mdelay(1); |
| 70 | timeout++; |
| 71 | } |
| 72 | |
| 73 | } while (se_is_busy && (timeout < MAX_TIMEOUT_MS)); |
| 74 | |
| 75 | /* any transaction errors? */ |
| 76 | txn_has_errors = (tegra_se_read_32(SHA_ERR_STATUS) != 0U) || |
| 77 | (tegra_se_read_32(AES0_ERR_STATUS) != 0U); |
| 78 | |
| 79 | /* transaction successful? */ |
| 80 | sha_status = tegra_se_read_32(SHA_INT_STATUS) & SHA_SE_OP_DONE; |
| 81 | aes_status = tegra_se_read_32(AES0_INT_STATUS) & AES0_SE_OP_DONE; |
| 82 | txn_successful = (sha_status == SHA_SE_OP_DONE) && |
| 83 | (aes_status == AES0_SE_OP_DONE); |
| 84 | |
| 85 | if ((timeout == MAX_TIMEOUT_MS) || txn_has_errors || !txn_successful) { |
| 86 | ERROR("%s: Atomic context save operation failed!\n", |
| 87 | __func__); |
| 88 | ret = -ECANCELED; |
| 89 | } |
| 90 | |
| 91 | return (ret == 0); |
| 92 | } |
| 93 | |
| 94 | /* |
| 95 | * Wait for SE engine to be idle and clear any pending interrupts, before |
| 96 | * starting the next SE operation. |
| 97 | */ |
| 98 | static bool tegra_se_is_ready(void) |
| 99 | { |
| 100 | int32_t ret = 0; |
| 101 | uint32_t val = 0, timeout = 0; |
| 102 | bool se_is_ready; |
| 103 | |
| 104 | /* Wait for previous operation to finish */ |
| 105 | do { |
| 106 | val = tegra_se_read_32(CTX_SAVE_AUTO_STATUS); |
| 107 | se_is_ready = (val == CTX_SAVE_AUTO_SE_READY); |
| 108 | |
| 109 | /* sleep until SE is ready */ |
| 110 | if (!se_is_ready) { |
| 111 | mdelay(1); |
| 112 | timeout++; |
| 113 | } |
| 114 | |
| 115 | } while (!se_is_ready && (timeout < MAX_TIMEOUT_MS)); |
| 116 | |
| 117 | if (timeout == MAX_TIMEOUT_MS) { |
| 118 | ERROR("%s: SE is not ready!\n", __func__); |
| 119 | ret = -ETIMEDOUT; |
| 120 | } |
| 121 | |
| 122 | /* Clear any pending interrupts from previous operation */ |
| 123 | tegra_se_write_32(AES0_INT_STATUS, INT_STATUS_SW_CLEAR); |
| 124 | tegra_se_write_32(AES1_INT_STATUS, INT_STATUS_SW_CLEAR); |
| 125 | tegra_se_write_32(RSA_INT_STATUS, INT_STATUS_SW_CLEAR); |
| 126 | tegra_se_write_32(SHA_INT_STATUS, INT_STATUS_SW_CLEAR); |
| 127 | |
| 128 | /* Clear error status for each engine seen from current port */ |
| 129 | tegra_se_write_32(AES0_ERR_STATUS, ERR_STATUS_SW_CLEAR); |
| 130 | tegra_se_write_32(AES1_ERR_STATUS, ERR_STATUS_SW_CLEAR); |
| 131 | tegra_se_write_32(RSA_ERR_STATUS, ERR_STATUS_SW_CLEAR); |
| 132 | tegra_se_write_32(SHA_ERR_STATUS, ERR_STATUS_SW_CLEAR); |
| 133 | |
| 134 | return (ret == 0); |
| 135 | } |
| 136 | |
| 137 | /* |
| 138 | * During System Suspend, this handler triggers the hardware context |
| 139 | * save operation. |
| 140 | */ |
| 141 | static int32_t tegra_se_save_context(void) |
| 142 | { |
| 143 | int32_t ret = -ECANCELED; |
| 144 | |
| 145 | /* |
| 146 | * 1. Ensure all SE Driver including RNG1/PKA1 are shut down. |
| 147 | * TSEC/R5s are powergated/idle. All tasks on SE1~SE4, RNG1, |
| 148 | * PKA1 are wrapped up. SE0 is ready for use. |
| 149 | * 2. Clear interrupt/error in SE0 status register. |
| 150 | * 3. Scrub SE0 register to avoid false failure for illegal |
| 151 | * configuration. Probably not needed, dependent on HW |
| 152 | * implementation. |
| 153 | * 4. Check SE is ready for HW CTX_SAVE by polling |
| 154 | * SE_CTX_SAVE_AUTO_STATUS.SE_READY. |
| 155 | * |
| 156 | * Steps 1-4 are executed by tegra_se_is_ready(). |
| 157 | * |
| 158 | * 5. Issue context save command. |
| 159 | * 6. Check SE is busy with CTX_SAVE, the command in step5 was not |
| 160 | * dropped for ongoing traffic in any of SE port/engine. |
| 161 | * 7. Poll SE register or wait for SE APB interrupt for task completion |
| 162 | * a. Polling: Read SE_CTX_SAVE_AUTO_STATUS.BUSY till it reports IDLE |
| 163 | * b. Interrupt: After receiving interrupt from SE APB, read |
| 164 | * SE_CTX_SAVE_AUTO_STATUS.BUSY till it reports IDLE. |
| 165 | * 8. Check AES0 and SHA ERR_STATUS to ensure no error case. |
| 166 | * 9. Check AES0 and SHA INT_STATUS to ensure operation has successfully |
| 167 | * completed. |
| 168 | * |
| 169 | * Steps 6-9 are executed by tegra_se_is_operation_complete(). |
| 170 | */ |
| 171 | if (tegra_se_is_ready()) { |
| 172 | |
| 173 | /* Issue context save command */ |
| 174 | tegra_se_write_32(AES0_OPERATION, SE_OP_CTX_SAVE); |
| 175 | |
| 176 | /* Wait for operation to finish */ |
| 177 | if (tegra_se_is_operation_complete()) { |
| 178 | ret = 0; |
| 179 | } |
| 180 | } |
| 181 | |
Jeetesh Burman | dbcc95c | 2018-07-06 20:03:38 +0530 | [diff] [blame] | 182 | return ret; |
| 183 | } |
| 184 | |
| 185 | /* |
| 186 | * Check that SE operation has completed after kickoff |
| 187 | * This function is invoked after an SE operation has been started, |
| 188 | * and it checks the following conditions: |
| 189 | * 1. SE0_INT_STATUS = SE0_OP_DONE |
| 190 | * 2. SE0_STATUS = IDLE |
| 191 | * 3. SE0_ERR_STATUS is clean. |
| 192 | */ |
| 193 | static int32_t tegra_se_sha256_hash_operation_complete(void) |
| 194 | { |
| 195 | uint32_t val = 0U; |
| 196 | |
| 197 | /* Poll the SE interrupt register to ensure H/W operation complete */ |
| 198 | val = tegra_se_read_32(SE0_INT_STATUS_REG_OFFSET); |
| 199 | while (SE0_INT_OP_DONE(val) == SE0_INT_OP_DONE_CLEAR) { |
| 200 | val = tegra_se_read_32(SE0_INT_STATUS_REG_OFFSET); |
| 201 | if (SE0_INT_OP_DONE(val) != SE0_INT_OP_DONE_CLEAR) { |
| 202 | break; |
| 203 | } |
| 204 | } |
| 205 | |
| 206 | /* Poll the SE status idle to ensure H/W operation complete */ |
| 207 | val = tegra_se_read_32(SE0_SHA_STATUS_0); |
| 208 | while (val != SE0_SHA_STATUS_IDLE) { |
| 209 | val = tegra_se_read_32(SE0_SHA_STATUS_0); |
| 210 | if (val == SE0_SHA_STATUS_IDLE) { |
| 211 | break; |
| 212 | } |
| 213 | } |
| 214 | |
| 215 | /* Ensure that no errors are thrown during operation */ |
| 216 | val = tegra_se_read_32(SE0_ERR_STATUS_REG_OFFSET); |
| 217 | if (val != 0U) { |
| 218 | ERROR("%s: error during SE operation! 0x%x", __func__, |
| 219 | val); |
| 220 | return -ENOTSUP; |
| 221 | } |
| 222 | |
| 223 | return 0; |
| 224 | } |
| 225 | |
| 226 | /* |
| 227 | * Security engine primitive normal operations |
| 228 | */ |
| 229 | static int32_t tegra_se_start_normal_operation(uint64_t src_addr, |
| 230 | uint32_t nbytes, uint32_t last_buf, uint32_t src_len_inbytes) |
| 231 | { |
| 232 | uint32_t val = 0U; |
| 233 | uint32_t src_in_lo; |
| 234 | uint32_t src_in_msb; |
| 235 | uint32_t src_in_hi; |
| 236 | int32_t ret = 0; |
| 237 | |
| 238 | if ((src_addr == 0ULL) || (nbytes == 0U)) |
| 239 | return -EINVAL; |
| 240 | |
| 241 | src_in_lo = (uint32_t)src_addr; |
| 242 | src_in_msb = (uint32_t)((src_addr >> 32U) & 0xFFU); |
| 243 | src_in_hi = ((src_in_msb << SE0_IN_HI_ADDR_HI_0_MSB_SHIFT) | |
| 244 | (nbytes & MAX_SHA_ENGINE_CHUNK_SIZE)); |
| 245 | |
| 246 | /* set SRC_IN_ADDR_LO and SRC_IN_ADDR_HI*/ |
| 247 | tegra_se_write_32(SE0_IN_ADDR, src_in_lo); |
| 248 | tegra_se_write_32(SE0_IN_HI_ADDR_HI, src_in_hi); |
| 249 | |
| 250 | val = tegra_se_read_32(SE0_INT_STATUS_REG_OFFSET); |
| 251 | if (val > 0U) { |
| 252 | tegra_se_write_32(SE0_INT_STATUS_REG_OFFSET, 0x0U); |
| 253 | } |
| 254 | |
| 255 | /* Enable SHA interrupt for SE0 Operation */ |
| 256 | tegra_se_write_32(SE0_SHA_INT_ENABLE, 0x1aU); |
| 257 | |
| 258 | /* flush to DRAM for SE to use the updated contents */ |
| 259 | flush_dcache_range(src_addr, src_len_inbytes); |
| 260 | |
| 261 | /* Start SHA256 operation */ |
| 262 | if (last_buf == 1U) { |
| 263 | tegra_se_write_32(SE0_OPERATION_REG_OFFSET, SE0_OP_START | |
| 264 | SE0_UNIT_OPERATION_PKT_LASTBUF_FIELD); |
| 265 | } else { |
| 266 | tegra_se_write_32(SE0_OPERATION_REG_OFFSET, SE0_OP_START); |
| 267 | } |
| 268 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 269 | return ret; |
| 270 | } |
| 271 | |
Jeetesh Burman | dbcc95c | 2018-07-06 20:03:38 +0530 | [diff] [blame] | 272 | static int32_t tegra_se_calculate_sha256_hash(uint64_t src_addr, |
| 273 | uint32_t src_len_inbyte) |
| 274 | { |
| 275 | uint32_t val, last_buf, i; |
| 276 | int32_t ret = 0; |
| 277 | uint32_t operations; |
| 278 | uint64_t src_len_inbits; |
| 279 | uint32_t len_bits_msb; |
| 280 | uint32_t len_bits_lsb; |
| 281 | uint32_t number_of_operations, max_bytes, bytes_left, remaining_bytes; |
| 282 | |
| 283 | if (src_len_inbyte > MAX_SHA_ENGINE_CHUNK_SIZE) { |
| 284 | ERROR("SHA input chunk size too big: 0x%x\n", src_len_inbyte); |
| 285 | return -EINVAL; |
| 286 | } |
| 287 | |
| 288 | if (src_addr == 0ULL) { |
| 289 | return -EINVAL; |
| 290 | } |
| 291 | |
| 292 | /* number of bytes per operation */ |
| 293 | max_bytes = (SHA256_HASH_SIZE_BYTES * SHA256_MSG_LENGTH_ONETIME); |
| 294 | |
| 295 | src_len_inbits = (uint32_t)(src_len_inbyte * 8U); |
| 296 | len_bits_msb = (uint32_t)(src_len_inbits >> 32U); |
| 297 | len_bits_lsb = (uint32_t)src_len_inbits; |
| 298 | |
| 299 | /* program SE0_CONFIG for SHA256 operation */ |
| 300 | val = (uint32_t)(SE0_CONFIG_ENC_ALG_SHA | SE0_CONFIG_ENC_MODE_SHA256 | |
| 301 | SE0_CONFIG_DEC_ALG_NOP | SE0_CONFIG_DST_HASHREG); |
| 302 | tegra_se_write_32(SE0_SHA_CONFIG, val); |
| 303 | |
| 304 | /* set SE0_SHA_MSG_LENGTH registers */ |
| 305 | tegra_se_write_32(SE0_SHA_MSG_LENGTH_0, len_bits_lsb); |
| 306 | tegra_se_write_32(SE0_SHA_MSG_LEFT_0, len_bits_lsb); |
| 307 | tegra_se_write_32(SE0_SHA_MSG_LENGTH_1, len_bits_msb); |
| 308 | |
| 309 | /* zero out unused SE0_SHA_MSG_LENGTH and SE0_SHA_MSG_LEFT */ |
| 310 | tegra_se_write_32(SE0_SHA_MSG_LENGTH_2, 0U); |
| 311 | tegra_se_write_32(SE0_SHA_MSG_LENGTH_3, 0U); |
| 312 | tegra_se_write_32(SE0_SHA_MSG_LEFT_1, 0U); |
| 313 | tegra_se_write_32(SE0_SHA_MSG_LEFT_2, 0U); |
| 314 | tegra_se_write_32(SE0_SHA_MSG_LEFT_3, 0U); |
| 315 | |
| 316 | number_of_operations = (src_len_inbyte / max_bytes); |
| 317 | remaining_bytes = (src_len_inbyte % max_bytes); |
| 318 | if (remaining_bytes > 0U) { |
| 319 | number_of_operations += 1U; |
| 320 | } |
| 321 | |
| 322 | /* |
| 323 | * 1. Operations == 1: program SE0_SHA_TASK register to initiate SHA256 |
| 324 | * hash generation by setting |
| 325 | * 1(SE0_SHA_CONFIG_HW_INIT_HASH) to SE0_SHA_TASK |
| 326 | * and start SHA256-normal operation. |
| 327 | * 2. 1 < Operations < number_of_operations: program SE0_SHA_TASK to |
| 328 | * 0(SE0_SHA_CONFIG_HW_INIT_HASH_DISABLE) to load |
| 329 | * intermediate SHA256 digest result from |
| 330 | * HASH_RESULT register to continue SHA256 |
| 331 | * generation and start SHA256-normal operation. |
| 332 | * 3. Operations == number_of_operations: continue with step 2 and set |
| 333 | * max_bytes to bytes_left to process final |
| 334 | * hash-result generation and start SHA256-normal |
| 335 | * operation. |
| 336 | */ |
| 337 | bytes_left = src_len_inbyte; |
| 338 | for (operations = 1U; operations <= number_of_operations; |
| 339 | operations++) { |
| 340 | if (operations == SHA_FIRST_OP) { |
| 341 | val = SE0_SHA_CONFIG_HW_INIT_HASH; |
| 342 | } else { |
| 343 | /* Load intermediate SHA digest result to |
| 344 | * SHA:HASH_RESULT(0..7) to continue the SHA |
| 345 | * calculation and tell the SHA engine to use it. |
| 346 | */ |
| 347 | for (i = 0U; (i / BYTES_IN_WORD) <= |
| 348 | SHA256_MAX_HASH_RESULT; i += BYTES_IN_WORD) { |
| 349 | val = tegra_se_read_32(SE0_SHA_HASH_RESULT_0 + |
| 350 | i); |
| 351 | tegra_se_write_32(SE0_SHA_HASH_RESULT_0 + i, |
| 352 | val); |
| 353 | } |
| 354 | val = SE0_SHA_CONFIG_HW_INIT_HASH_DISABLE; |
| 355 | if (len_bits_lsb <= (max_bytes * 8U)) { |
| 356 | len_bits_lsb = (remaining_bytes * 8U); |
| 357 | } else { |
| 358 | len_bits_lsb -= (max_bytes * 8U); |
| 359 | } |
| 360 | tegra_se_write_32(SE0_SHA_MSG_LEFT_0, len_bits_lsb); |
| 361 | } |
| 362 | tegra_se_write_32(SE0_SHA_TASK_CONFIG, val); |
| 363 | |
| 364 | max_bytes = (SHA256_HASH_SIZE_BYTES * |
| 365 | SHA256_MSG_LENGTH_ONETIME); |
| 366 | if (bytes_left < max_bytes) { |
| 367 | max_bytes = bytes_left; |
| 368 | last_buf = 1U; |
| 369 | } else { |
| 370 | bytes_left = bytes_left - max_bytes; |
| 371 | last_buf = 0U; |
| 372 | } |
| 373 | /* start operation */ |
| 374 | ret = tegra_se_start_normal_operation(src_addr, max_bytes, |
| 375 | last_buf, src_len_inbyte); |
| 376 | if (ret != 0) { |
| 377 | ERROR("Error during SE operation! 0x%x", ret); |
| 378 | return -EINVAL; |
| 379 | } |
| 380 | } |
| 381 | |
| 382 | return ret; |
| 383 | } |
| 384 | |
| 385 | static int32_t tegra_se_save_sha256_pmc_scratch(void) |
| 386 | { |
| 387 | uint32_t val = 0U, hash_offset = 0U, scratch_offset = 0U; |
| 388 | int32_t ret; |
| 389 | |
| 390 | /* Check SE0 operation status */ |
| 391 | ret = tegra_se_sha256_hash_operation_complete(); |
| 392 | if (ret != 0) { |
| 393 | ERROR("SE operation complete Failed! 0x%x", ret); |
| 394 | return ret; |
| 395 | } |
| 396 | |
| 397 | for (scratch_offset = SECURE_SCRATCH_TZDRAM_SHA256_HASH_START; |
| 398 | scratch_offset <= SECURE_SCRATCH_TZDRAM_SHA256_HASH_END; |
| 399 | scratch_offset += BYTES_IN_WORD) { |
| 400 | val = tegra_se_read_32(SE0_SHA_HASH_RESULT_0 + hash_offset); |
| 401 | mmio_write_32((uint32_t)(TEGRA_SCRATCH_BASE + scratch_offset), |
| 402 | val); |
| 403 | hash_offset += BYTES_IN_WORD; |
| 404 | } |
| 405 | return 0; |
| 406 | } |
| 407 | |
| 408 | /* |
| 409 | * Handler to generate SHA256 and save HASH-result to pmc-scratch register |
| 410 | */ |
| 411 | int32_t tegra_se_calculate_save_sha256(uint64_t src_addr, |
| 412 | uint32_t src_len_inbyte) |
| 413 | { |
| 414 | uint32_t security; |
| 415 | int32_t val = 0; |
| 416 | |
| 417 | /* Set SE_SOFT_SETTINGS=SE_SECURE to prevent NS process to change SE |
| 418 | * registers. |
| 419 | */ |
| 420 | security = tegra_se_read_32(SE0_SECURITY); |
| 421 | tegra_se_write_32(SE0_SECURITY, security | SE0_SECURITY_SE_SOFT_SETTING); |
| 422 | |
| 423 | /* Bootrom enable IN_ID bit in SE0_SHA_GSCID_0 register during SC7-exit, causing |
| 424 | * SE0 ignores SE0 operation, and therefore failure of 2nd iteration of SC7 cycle. |
| 425 | */ |
| 426 | tegra_se_write_32(SE0_SHA_GSCID_0, 0x0U); |
| 427 | |
| 428 | /* Calculate SHA256 of BL31 */ |
| 429 | val = tegra_se_calculate_sha256_hash(src_addr, src_len_inbyte); |
| 430 | if (val != 0) { |
| 431 | ERROR("%s: SHA256 generation failed\n", __func__); |
| 432 | return val; |
| 433 | } |
| 434 | |
| 435 | /* |
| 436 | * Reset SE_SECURE to previous value. |
| 437 | */ |
| 438 | tegra_se_write_32(SE0_SECURITY, security); |
| 439 | |
| 440 | /* copy sha256_dst to PMC Scratch register */ |
| 441 | val = tegra_se_save_sha256_pmc_scratch(); |
| 442 | if (val != 0) { |
| 443 | ERROR("%s: SE0 status Error.\n", __func__); |
| 444 | } |
| 445 | |
| 446 | return val; |
| 447 | } |
| 448 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 449 | /* |
| 450 | * Handler to power down the SE hardware blocks - SE, RNG1 and PKA1. This |
| 451 | * needs to be called only during System Suspend. |
| 452 | */ |
| 453 | int32_t tegra_se_suspend(void) |
| 454 | { |
| 455 | int32_t ret = 0; |
| 456 | |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 457 | /* initialise communication channel with BPMP */ |
| 458 | assert(tegra_bpmp_ipc_init() == 0); |
| 459 | |
| 460 | /* Enable SE clock before SE context save */ |
Varun Wadekar | e55c27b | 2018-09-13 08:47:43 -0700 | [diff] [blame] | 461 | ret = tegra_bpmp_ipc_enable_clock(TEGRA194_CLK_SE); |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 462 | assert(ret == 0); |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 463 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 464 | /* save SE registers */ |
| 465 | se_regs[0] = mmio_read_32(TEGRA_SE0_BASE + SE0_MUTEX_WATCHDOG_NS_LIMIT); |
| 466 | se_regs[1] = mmio_read_32(TEGRA_SE0_BASE + SE0_AES0_ENTROPY_SRC_AGE_CTRL); |
| 467 | se_regs[2] = mmio_read_32(TEGRA_RNG1_BASE + RNG1_MUTEX_WATCHDOG_NS_LIMIT); |
| 468 | se_regs[3] = mmio_read_32(TEGRA_PKA1_BASE + PKA1_MUTEX_WATCHDOG_NS_LIMIT); |
| 469 | |
| 470 | /* Save SE context. The BootROM restores it during System Resume */ |
| 471 | ret = tegra_se_save_context(); |
| 472 | if (ret != 0) { |
| 473 | ERROR("%s: context save failed (%d)\n", __func__, ret); |
| 474 | } |
| 475 | |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 476 | /* Disable SE clock after SE context save */ |
Varun Wadekar | e55c27b | 2018-09-13 08:47:43 -0700 | [diff] [blame] | 477 | ret = tegra_bpmp_ipc_disable_clock(TEGRA194_CLK_SE); |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 478 | assert(ret == 0); |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 479 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 480 | return ret; |
| 481 | } |
| 482 | |
| 483 | /* |
| 484 | * Handler to power up the SE hardware block(s) during System Resume. |
| 485 | */ |
| 486 | void tegra_se_resume(void) |
| 487 | { |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 488 | int32_t ret = 0; |
| 489 | |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 490 | /* initialise communication channel with BPMP */ |
| 491 | assert(tegra_bpmp_ipc_init() == 0); |
| 492 | |
| 493 | /* Enable SE clock before SE context restore */ |
Varun Wadekar | e55c27b | 2018-09-13 08:47:43 -0700 | [diff] [blame] | 494 | ret = tegra_bpmp_ipc_enable_clock(TEGRA194_CLK_SE); |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 495 | assert(ret == 0); |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 496 | |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 497 | /* |
| 498 | * When TZ takes over after System Resume, TZ should first reconfigure |
| 499 | * SE_MUTEX_WATCHDOG_NS_LIMIT, PKA1_MUTEX_WATCHDOG_NS_LIMIT, |
| 500 | * RNG1_MUTEX_WATCHDOG_NS_LIMIT and SE_ENTROPY_SRC_AGE_CTRL before |
| 501 | * other operations. |
| 502 | */ |
| 503 | mmio_write_32(TEGRA_SE0_BASE + SE0_MUTEX_WATCHDOG_NS_LIMIT, se_regs[0]); |
| 504 | mmio_write_32(TEGRA_SE0_BASE + SE0_AES0_ENTROPY_SRC_AGE_CTRL, se_regs[1]); |
| 505 | mmio_write_32(TEGRA_RNG1_BASE + RNG1_MUTEX_WATCHDOG_NS_LIMIT, se_regs[2]); |
| 506 | mmio_write_32(TEGRA_PKA1_BASE + PKA1_MUTEX_WATCHDOG_NS_LIMIT, se_regs[3]); |
steven kao | e579606 | 2018-01-02 19:09:04 -0800 | [diff] [blame] | 507 | |
| 508 | /* Disable SE clock after SE context restore */ |
Varun Wadekar | e55c27b | 2018-09-13 08:47:43 -0700 | [diff] [blame] | 509 | ret = tegra_bpmp_ipc_disable_clock(TEGRA194_CLK_SE); |
Varun Wadekar | 35cc90a | 2018-05-25 15:22:58 -0700 | [diff] [blame] | 510 | assert(ret == 0); |
Steven Kao | 530b217 | 2017-06-23 16:18:58 +0800 | [diff] [blame] | 511 | } |