diff mbox series

[v5,2/5] dt-bindings: arm: fsl: add imx-se-fw binding doc

Message ID 20240712-imx-se-if-v5-2-66a79903a872@nxp.com (mailing list archive)
State Superseded
Headers show
Series Changes in v5: | expand

Commit Message

Pankaj Gupta July 12, 2024, 6:19 a.m. UTC
The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
creates an embedded secure enclave within the SoC boundary to enable
features like:
- HSM
- SHE
- V2X

Secure-Enclave(s) communication interface are typically via message
unit, i.e., based on mailbox linux kernel driver. This driver enables
communication ensuring well defined message sequence protocol between
Application Core and enclave's firmware.

Driver configures multiple misc-device on the MU, for multiple
user-space applications, to be able to communicate over single MU.

It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.

Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
---
 .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 111 +++++++++++++++++++++
 1 file changed, 111 insertions(+)

Comments

Rob Herring July 12, 2024, 6:03 p.m. UTC | #1
On Fri, Jul 12, 2024 at 11:49:57AM +0530, Pankaj Gupta wrote:
> The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
> creates an embedded secure enclave within the SoC boundary to enable
> features like:
> - HSM
> - SHE
> - V2X
> 
> Secure-Enclave(s) communication interface are typically via message
> unit, i.e., based on mailbox linux kernel driver. This driver enables
> communication ensuring well defined message sequence protocol between
> Application Core and enclave's firmware.
> 
> Driver configures multiple misc-device on the MU, for multiple
> user-space applications, to be able to communicate over single MU.
> 
> It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
> 
> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> ---
>  .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 111 +++++++++++++++++++++
>  1 file changed, 111 insertions(+)
> 
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> new file mode 100644
> index 000000000000..bd99505de6e6
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> @@ -0,0 +1,111 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/firmware/fsl,imx-se.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave
> +
> +maintainers:
> +  - Pankaj Gupta <pankaj.gupta@nxp.com>
> +
> +description: |
> +  NXP's SoC may contain one or multiple embedded secure-enclave HW
> +  IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s)
> +  enables features like
> +    - Hardware Security Module (HSM),
> +    - Security Hardware Extension (SHE), and
> +    - Vehicular to Anything (V2X)
> +
> +  Communication interface to the secure-enclaves is based on the
> +  messaging unit(s).
> +
> +properties:
> +  $nodename:
> +    pattern: "firmware@[0-9a-f]+$"
> +
> +  compatible:
> +    enum:
> +      - fsl,imx8ulp-se
> +      - fsl,imx93-se
> +      - fsl,imx95-se
> +
> +  reg:
> +    maxItems: 1
> +    description: Identifier of the communication interface to secure-enclave.

I don't understand what this is. How does someone determine what the 
value should be? Are there constraints on the values?

> +
> +  mboxes:
> +    items:
> +      - description: mailbox phandle to send message to se firmware

"mailbox phandle to " is redundant. Drop.

> +      - description: mailbox phandle to receive message from se firmware
> +
> +  mbox-names:
> +    description: two names are to be listed, one for rx and other one for tx.
> +      The name can be any of the below list.

I think this can be dropped. The schema says all this.

> +    items:
> +      - const: tx
> +      - const: rx
> +
> +  memory-region:
> +    items:
> +      - description: The phandle to the reserved external memory, the only
> +          accessible memoryregion to secure enclave(SE) firmware. It is an
> +          optional property based on compatible.
> +          (see bindings/reserved-memory/reserved-memory.txt)

Drop. 'maxItems: 1' is sufficient.

> +
> +  sram:
> +    items:
> +      - description: It is an optional property based on compatible.

Drop. 'maxItems: 1' is sufficient.

> +
> +required:
> +  - compatible
> +  - reg
> +  - mboxes
> +  - mbox-names
> +
> +allOf:
> +  # memory-region
> +  - if:
> +      properties:
> +        compatible:
> +          contains:
> +            enum:
> +              - fsl,imx8ulp-se
> +              - fsl,imx93-se
> +    then:
> +      required:
> +        - memory-region
> +    else:
> +      properties:
> +        memory-region: false
> +
> +  # sram
> +  - if:
> +      properties:
> +        compatible:
> +          contains:
> +            enum:
> +              - fsl,imx8ulp-se
> +    then:
> +      required:
> +        - sram
> +
> +    else:
> +      properties:
> +        sram: false
> +
> +additionalProperties: false
> +
> +examples:
> +  - |
> +    firmware {
> +      #address-cells = <1>;
> +      #size-cells = <0>;
> +      firmware@0 {
> +        compatible = "fsl,imx95-se";
> +        reg = <0x0>;
> +        mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>;
> +        mbox-names = "tx", "rx";
> +      };
> +    };
> +...
> 
> -- 
> 2.34.1
>
Pankaj Gupta July 15, 2024, 7:56 a.m. UTC | #2
> -----Original Message-----
> From: Rob Herring <robh@kernel.org>
> Sent: Friday, July 12, 2024 11:34 PM
> To: Pankaj Gupta <pankaj.gupta@nxp.com>
> Cc: Jonathan Corbet <corbet@lwn.net>; Krzysztof Kozlowski
> <krzk+dt@kernel.org>; Conor Dooley <conor+dt@kernel.org>; Shawn Guo
> <shawnguo@kernel.org>; Sascha Hauer <s.hauer@pengutronix.de>;
> Pengutronix Kernel Team <kernel@pengutronix.de>; Fabio Estevam
> <festevam@gmail.com>; linux-doc@vger.kernel.org; linux-
> kernel@vger.kernel.org; devicetree@vger.kernel.org; imx@lists.linux.dev;
> linux-arm-kernel@lists.infradead.org
> Subject: [EXT] Re: [PATCH v5 2/5] dt-bindings: arm: fsl: add imx-se-fw binding
> doc
> 
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
> 
> 
> On Fri, Jul 12, 2024 at 11:49:57AM +0530, Pankaj Gupta wrote:
> > The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
> > creates an embedded secure enclave within the SoC boundary to enable
> > features like:
> > - HSM
> > - SHE
> > - V2X
> >
> > Secure-Enclave(s) communication interface are typically via message
> > unit, i.e., based on mailbox linux kernel driver. This driver enables
> > communication ensuring well defined message sequence protocol between
> > Application Core and enclave's firmware.
> >
> > Driver configures multiple misc-device on the MU, for multiple
> > user-space applications, to be able to communicate over single MU.
> >
> > It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
> >
> > Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> > ---
> >  .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 111
> +++++++++++++++++++++
> >  1 file changed, 111 insertions(+)
> >
> > diff --git
> > a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > new file mode 100644
> > index 000000000000..bd99505de6e6
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > @@ -0,0 +1,111 @@
> > +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) %YAML 1.2
> > +---
> > +$id:
> >
> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdevi
> > +cetree.org%2Fschemas%2Ffirmware%2Ffsl%2Cimx-
> se.yaml%23&data=05%7C02%7
> >
> +Cpankaj.gupta%40nxp.com%7Cf1bfd437edfe4dcc6c0b08dca29d0434%7C6
> 86ea1d3
> >
> +bc2b4c6fa92cd99c5c301635%7C0%7C0%7C638564042462565488%7CUn
> known%7CTWF
> >
> +pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
> XVCI6
> >
> +Mn0%3D%7C0%7C%7C%7C&sdata=Uxa8Cb3W5imjH%2FZGUEaGGO4VYFO
> oeVwzJmeFd6SbJ
> > +TU%3D&reserved=0
> > +$schema:
> >
> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdevi
> > +cetree.org%2Fmeta-
> schemas%2Fcore.yaml%23&data=05%7C02%7Cpankaj.gupta%
> >
> +40nxp.com%7Cf1bfd437edfe4dcc6c0b08dca29d0434%7C686ea1d3bc2b4c
> 6fa92cd9
> >
> +9c5c301635%7C0%7C0%7C638564042462575447%7CUnknown%7CTWF
> pbGZsb3d8eyJWI
> >
> +joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7
> C0%7C%
> >
> +7C%7C&sdata=bhF5HZ655JjWQCaTu3BP5rd1kXZLSb8PKNsle7aWRq4%3D&
> reserved=0
> > +
> > +title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave
> > +
> > +maintainers:
> > +  - Pankaj Gupta <pankaj.gupta@nxp.com>
> > +
> > +description: |
> > +  NXP's SoC may contain one or multiple embedded secure-enclave HW
> > +  IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s)
> > +  enables features like
> > +    - Hardware Security Module (HSM),
> > +    - Security Hardware Extension (SHE), and
> > +    - Vehicular to Anything (V2X)
> > +
> > +  Communication interface to the secure-enclaves is based on the
> > + messaging unit(s).
> > +
> > +properties:
> > +  $nodename:
> > +    pattern: "firmware@[0-9a-f]+$"
> > +
> > +  compatible:
> > +    enum:
> > +      - fsl,imx8ulp-se
> > +      - fsl,imx93-se
> > +      - fsl,imx95-se
> > +
> > +  reg:
> > +    maxItems: 1
> > +    description: Identifier of the communication interface to secure-enclave.
> 
> I don't understand what this is. How does someone determine what the value
> should be? Are there constraints on the values?

I will remove this. This was added to differentiate between multiple firmware nodes.

In case of the i.MX95 SoC, which has multiple firmware nodes, I proposed to make the following changes in .dtsi file:
        firmware@0 {
                compatible = "fsl,imx95-se-fw";
                mbox-names = "tx", "rx";
                mboxes = <&elemu3 0 0>,
                         <&elemu3 1 0>;
        };

        firmware@1 {
                compatible = "fsl,imx95-se-fw";
                mbox-names = "tx", "rx";
                mboxes = <&elemu4 0 0>,
                         <&elemu4 1 0>;
        };

> 
> > +
> > +  mboxes:
> > +    items:
> > +      - description: mailbox phandle to send message to se firmware
> 
> "mailbox phandle to " is redundant. Drop.
> 
Accepted.

> > +      - description: mailbox phandle to receive message from se
> > + firmware
> > +
> > +  mbox-names:
> > +    description: two names are to be listed, one for rx and other one for tx.
> > +      The name can be any of the below list.
> 
> I think this can be dropped. The schema says all this.
> 
Accepted.
Complete description will be removed"

> > +    items:
> > +      - const: tx
> > +      - const: rx
> > +
> > +  memory-region:
> > +    items:
> > +      - description: The phandle to the reserved external memory, the only
> > +          accessible memoryregion to secure enclave(SE) firmware. It is an
> > +          optional property based on compatible.
> > +          (see bindings/reserved-memory/reserved-memory.txt)
> 
> Drop. 'maxItems: 1' is sufficient.
Accepted.
> 
> > +
> > +  sram:
> > +    items:
> > +      - description: It is an optional property based on compatible.
> 
> Drop. 'maxItems: 1' is sufficient.
> 
> > +
> > +required:
> > +  - compatible
> > +  - reg
> > +  - mboxes
> > +  - mbox-names
> > +
> > +allOf:
> > +  # memory-region
> > +  - if:
> > +      properties:
> > +        compatible:
> > +          contains:
> > +            enum:
> > +              - fsl,imx8ulp-se
> > +              - fsl,imx93-se
> > +    then:
> > +      required:
> > +        - memory-region
> > +    else:
> > +      properties:
> > +        memory-region: false
> > +
> > +  # sram
> > +  - if:
> > +      properties:
> > +        compatible:
> > +          contains:
> > +            enum:
> > +              - fsl,imx8ulp-se
> > +    then:
> > +      required:
> > +        - sram
> > +
> > +    else:
> > +      properties:
> > +        sram: false
> > +
> > +additionalProperties: false
> > +
> > +examples:
> > +  - |
> > +    firmware {
> > +      #address-cells = <1>;
> > +      #size-cells = <0>;
> > +      firmware@0 {
> > +        compatible = "fsl,imx95-se";
> > +        reg = <0x0>;
> > +        mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>;
> > +        mbox-names = "tx", "rx";
> > +      };
> > +    };
> > +...
> >
> > --
> > 2.34.1
> >
Pankaj Gupta July 18, 2024, 5:11 a.m. UTC | #3
Hi Rob,

In case of the i.MX95 SoC, which has multiple firmware nodes, two firmware nodes need to be differentiated.

Is it correct if the following entries were added later, without 'reg'?

         firmware@0 {
                 compatible = "fsl,imx95-se-fw";
                 mbox-names = "tx", "rx";
                 mboxes = <&elemu3 0 0>,
                          <&elemu3 1 0>;
         };
 
         firmware@1 {
                 compatible = "fsl,imx95-se-fw";
                 mbox-names = "tx", "rx";
                 mboxes = <&elemu4 0 0>,
                          <&elemu4 1 0>;
         };


Regards
Pankaj

> -----Original Message-----
> From: Pankaj Gupta
> Sent: Monday, July 15, 2024 1:26 PM
> To: Rob Herring <robh@kernel.org>
> Cc: Jonathan Corbet <corbet@lwn.net>; Krzysztof Kozlowski
> <krzk+dt@kernel.org>; Conor Dooley <conor+dt@kernel.org>; Shawn Guo
> <shawnguo@kernel.org>; Sascha Hauer <s.hauer@pengutronix.de>;
> Pengutronix Kernel Team <kernel@pengutronix.de>; Fabio Estevam
> <festevam@gmail.com>; linux-doc@vger.kernel.org; linux-
> kernel@vger.kernel.org; devicetree@vger.kernel.org; imx@lists.linux.dev;
> linux-arm-kernel@lists.infradead.org
> Subject: RE: [EXT] Re: [PATCH v5 2/5] dt-bindings: arm: fsl: add imx-se-fw
> binding doc
> 
> 
> 
> > -----Original Message-----
> > From: Rob Herring <robh@kernel.org>
> > Sent: Friday, July 12, 2024 11:34 PM
> > To: Pankaj Gupta <pankaj.gupta@nxp.com>
> > Cc: Jonathan Corbet <corbet@lwn.net>; Krzysztof Kozlowski
> > <krzk+dt@kernel.org>; Conor Dooley <conor+dt@kernel.org>; Shawn Guo
> > <shawnguo@kernel.org>; Sascha Hauer <s.hauer@pengutronix.de>;
> > Pengutronix Kernel Team <kernel@pengutronix.de>; Fabio Estevam
> > <festevam@gmail.com>; linux-doc@vger.kernel.org; linux-
> > kernel@vger.kernel.org; devicetree@vger.kernel.org;
> > imx@lists.linux.dev; linux-arm-kernel@lists.infradead.org
> > Subject: [EXT] Re: [PATCH v5 2/5] dt-bindings: arm: fsl: add imx-se-fw
> > binding doc
> >
> > Caution: This is an external email. Please take care when clicking
> > links or opening attachments. When in doubt, report the message using
> > the 'Report this email' button
> >
> >
> > On Fri, Jul 12, 2024 at 11:49:57AM +0530, Pankaj Gupta wrote:
> > > The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X
> > > etc., creates an embedded secure enclave within the SoC boundary to
> > > enable features like:
> > > - HSM
> > > - SHE
> > > - V2X
> > >
> > > Secure-Enclave(s) communication interface are typically via message
> > > unit, i.e., based on mailbox linux kernel driver. This driver
> > > enables communication ensuring well defined message sequence
> > > protocol between Application Core and enclave's firmware.
> > >
> > > Driver configures multiple misc-device on the MU, for multiple
> > > user-space applications, to be able to communicate over single MU.
> > >
> > > It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
> > >
> > > Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> > > ---
> > >  .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 111
> > +++++++++++++++++++++
> > >  1 file changed, 111 insertions(+)
> > >
> > > diff --git
> > > a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > > b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > > new file mode 100644
> > > index 000000000000..bd99505de6e6
> > > --- /dev/null
> > > +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
> > > @@ -0,0 +1,111 @@
> > > +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) %YAML 1.2
> > > +---
> > > +$id:
> > >
> >
> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdevi
> > > +cetree.org%2Fschemas%2Ffirmware%2Ffsl%2Cimx-
> > se.yaml%23&data=05%7C02%7
> > >
> >
> +Cpankaj.gupta%40nxp.com%7Cf1bfd437edfe4dcc6c0b08dca29d0434%7C6
> > 86ea1d3
> > >
> >
> +bc2b4c6fa92cd99c5c301635%7C0%7C0%7C638564042462565488%7CUn
> > known%7CTWF
> > >
> >
> +pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
> > XVCI6
> > >
> >
> +Mn0%3D%7C0%7C%7C%7C&sdata=Uxa8Cb3W5imjH%2FZGUEaGGO4VYFO
> > oeVwzJmeFd6SbJ
> > > +TU%3D&reserved=0
> > > +$schema:
> > >
> >
> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdevi
> > > +cetree.org%2Fmeta-
> > schemas%2Fcore.yaml%23&data=05%7C02%7Cpankaj.gupta%
> > >
> >
> +40nxp.com%7Cf1bfd437edfe4dcc6c0b08dca29d0434%7C686ea1d3bc2b4c
> > 6fa92cd9
> > >
> >
> +9c5c301635%7C0%7C0%7C638564042462575447%7CUnknown%7CTWF
> > pbGZsb3d8eyJWI
> > >
> >
> +joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7
> > C0%7C%
> > >
> >
> +7C%7C&sdata=bhF5HZ655JjWQCaTu3BP5rd1kXZLSb8PKNsle7aWRq4%3D&
> > reserved=0
> > > +
> > > +title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave
> > > +
> > > +maintainers:
> > > +  - Pankaj Gupta <pankaj.gupta@nxp.com>
> > > +
> > > +description: |
> > > +  NXP's SoC may contain one or multiple embedded secure-enclave HW
> > > +  IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s)
> > > +  enables features like
> > > +    - Hardware Security Module (HSM),
> > > +    - Security Hardware Extension (SHE), and
> > > +    - Vehicular to Anything (V2X)
> > > +
> > > +  Communication interface to the secure-enclaves is based on the
> > > + messaging unit(s).
> > > +
> > > +properties:
> > > +  $nodename:
> > > +    pattern: "firmware@[0-9a-f]+$"
> > > +
> > > +  compatible:
> > > +    enum:
> > > +      - fsl,imx8ulp-se
> > > +      - fsl,imx93-se
> > > +      - fsl,imx95-se
> > > +
> > > +  reg:
> > > +    maxItems: 1
> > > +    description: Identifier of the communication interface to secure-
> enclave.
> >
> > I don't understand what this is. How does someone determine what the
> > value should be? Are there constraints on the values?
> 
> I will remove this. This was added to differentiate between multiple firmware
> nodes.
> 
> In case of the i.MX95 SoC, which has multiple firmware nodes, I proposed to
> make the following changes in .dtsi file:
>         firmware@0 {
>                 compatible = "fsl,imx95-se-fw";
>                 mbox-names = "tx", "rx";
>                 mboxes = <&elemu3 0 0>,
>                          <&elemu3 1 0>;
>         };
> 
>         firmware@1 {
>                 compatible = "fsl,imx95-se-fw";
>                 mbox-names = "tx", "rx";
>                 mboxes = <&elemu4 0 0>,
>                          <&elemu4 1 0>;
>         };
> 
> >
> > > +
> > > +  mboxes:
> > > +    items:
> > > +      - description: mailbox phandle to send message to se firmware
> >
> > "mailbox phandle to " is redundant. Drop.
> >
> Accepted.
> 
> > > +      - description: mailbox phandle to receive message from se
> > > + firmware
> > > +
> > > +  mbox-names:
> > > +    description: two names are to be listed, one for rx and other one for tx.
> > > +      The name can be any of the below list.
> >
> > I think this can be dropped. The schema says all this.
> >
> Accepted.
> Complete description will be removed"
> 
> > > +    items:
> > > +      - const: tx
> > > +      - const: rx
> > > +
> > > +  memory-region:
> > > +    items:
> > > +      - description: The phandle to the reserved external memory, the only
> > > +          accessible memoryregion to secure enclave(SE) firmware. It is an
> > > +          optional property based on compatible.
> > > +          (see bindings/reserved-memory/reserved-memory.txt)
> >
> > Drop. 'maxItems: 1' is sufficient.
> Accepted.
> >
> > > +
> > > +  sram:
> > > +    items:
> > > +      - description: It is an optional property based on compatible.
> >
> > Drop. 'maxItems: 1' is sufficient.
> >
> > > +
> > > +required:
> > > +  - compatible
> > > +  - reg
> > > +  - mboxes
> > > +  - mbox-names
> > > +
> > > +allOf:
> > > +  # memory-region
> > > +  - if:
> > > +      properties:
> > > +        compatible:
> > > +          contains:
> > > +            enum:
> > > +              - fsl,imx8ulp-se
> > > +              - fsl,imx93-se
> > > +    then:
> > > +      required:
> > > +        - memory-region
> > > +    else:
> > > +      properties:
> > > +        memory-region: false
> > > +
> > > +  # sram
> > > +  - if:
> > > +      properties:
> > > +        compatible:
> > > +          contains:
> > > +            enum:
> > > +              - fsl,imx8ulp-se
> > > +    then:
> > > +      required:
> > > +        - sram
> > > +
> > > +    else:
> > > +      properties:
> > > +        sram: false
> > > +
> > > +additionalProperties: false
> > > +
> > > +examples:
> > > +  - |
> > > +    firmware {
> > > +      #address-cells = <1>;
> > > +      #size-cells = <0>;
> > > +      firmware@0 {
> > > +        compatible = "fsl,imx95-se";
> > > +        reg = <0x0>;
> > > +        mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>;
> > > +        mbox-names = "tx", "rx";
> > > +      };
> > > +    };
> > > +...
> > >
> > > --
> > > 2.34.1
> > >
Pankaj Gupta July 19, 2024, 10:08 a.m. UTC | #4
Hi Conor,

> > > > +properties:
> > > > +  $nodename:
> > > > +    pattern: "firmware@[0-9a-f]+$"

As part of removing the reg property, it is required to remove the variable node name as well.

> > > > +
> > > > +additionalProperties: false
> > > > +
> > > > +examples:
> > > > +  - |
> > > > +    firmware {
Since node name "firmware" is a very generic name and broad reference. 
It is a request to revisit the last suggestion to replace it with any one of the below close suggestions:

- se (Stands for secure enclave, already mentioned in the description).
- senclave (like sram: secure-ram)
- senclave-firmware
- se-fw

Kindly suggest.

Thanks.

> > > > +      compatible = "fsl,imx95-se";
> > > > +      mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>;
> > > > +      mbox-names = "tx", "rx";
> > > > +    };
> > > > +...
> > > >
> > > > --
> > > > 2.34.1
> > > >
diff mbox series

Patch

diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
new file mode 100644
index 000000000000..bd99505de6e6
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
@@ -0,0 +1,111 @@ 
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/firmware/fsl,imx-se.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave
+
+maintainers:
+  - Pankaj Gupta <pankaj.gupta@nxp.com>
+
+description: |
+  NXP's SoC may contain one or multiple embedded secure-enclave HW
+  IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s)
+  enables features like
+    - Hardware Security Module (HSM),
+    - Security Hardware Extension (SHE), and
+    - Vehicular to Anything (V2X)
+
+  Communication interface to the secure-enclaves is based on the
+  messaging unit(s).
+
+properties:
+  $nodename:
+    pattern: "firmware@[0-9a-f]+$"
+
+  compatible:
+    enum:
+      - fsl,imx8ulp-se
+      - fsl,imx93-se
+      - fsl,imx95-se
+
+  reg:
+    maxItems: 1
+    description: Identifier of the communication interface to secure-enclave.
+
+  mboxes:
+    items:
+      - description: mailbox phandle to send message to se firmware
+      - description: mailbox phandle to receive message from se firmware
+
+  mbox-names:
+    description: two names are to be listed, one for rx and other one for tx.
+      The name can be any of the below list.
+    items:
+      - const: tx
+      - const: rx
+
+  memory-region:
+    items:
+      - description: The phandle to the reserved external memory, the only
+          accessible memoryregion to secure enclave(SE) firmware. It is an
+          optional property based on compatible.
+          (see bindings/reserved-memory/reserved-memory.txt)
+
+  sram:
+    items:
+      - description: It is an optional property based on compatible.
+
+required:
+  - compatible
+  - reg
+  - mboxes
+  - mbox-names
+
+allOf:
+  # memory-region
+  - if:
+      properties:
+        compatible:
+          contains:
+            enum:
+              - fsl,imx8ulp-se
+              - fsl,imx93-se
+    then:
+      required:
+        - memory-region
+    else:
+      properties:
+        memory-region: false
+
+  # sram
+  - if:
+      properties:
+        compatible:
+          contains:
+            enum:
+              - fsl,imx8ulp-se
+    then:
+      required:
+        - sram
+
+    else:
+      properties:
+        sram: false
+
+additionalProperties: false
+
+examples:
+  - |
+    firmware {
+      #address-cells = <1>;
+      #size-cells = <0>;
+      firmware@0 {
+        compatible = "fsl,imx95-se";
+        reg = <0x0>;
+        mboxes = <&ele_mu0 0 0>, <&ele_mu0 1 0>;
+        mbox-names = "tx", "rx";
+      };
+    };
+...