From patchwork Thu Mar 1 13:58:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Benjamin Gaignard X-Patchwork-Id: 10251497 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id BFBBC60365 for ; Thu, 1 Mar 2018 13:59:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ACF94206AC for ; Thu, 1 Mar 2018 13:59:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9D9CD20856; Thu, 1 Mar 2018 13:59:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A7E3F205F7 for ; Thu, 1 Mar 2018 13:59:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=DEzuCQgmdhppwRwv9s/4E6oLV2TNNZvXE2ge7t3Rplg=; b=F1Tgus673g701ntGjc7e74viOh iqCRXquQU8Url0IgLu6+Me8HwzXP4A6jB86Dy+51GY3CplrASOTCInLH3bb2zTTMJ2WXsj64CCxJy TZRP/EKLqOSSHIyjyDrqfBm+mTVFO/UoGxrc+TqPIkvw5vnFlOuBM6Sn6BVsHzDbP0vk+p+YecngM 9sWGYqBBGVzR0y5r6H9Z8MD/cTU1HPHi89F9sA8ug8M+FytyIQLIPT6kIR2HSnjNnAcaOL+6nBaOA 0fSML/TX05LsMqPj914c0QfBVe4ST2rWhCNtBr6lJkIXk1IOhPCr3Db5BAWXRUHaDBfvJL1Vsop0W 8l3wMZNA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1erOkO-0007Ce-9h; Thu, 01 Mar 2018 13:59:48 +0000 Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243]) by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1erOjE-0006X3-LG for linux-arm-kernel@lists.infradead.org; Thu, 01 Mar 2018 13:58:42 +0000 Received: by mail-wm0-x243.google.com with SMTP id i3so10512433wmi.4 for ; Thu, 01 Mar 2018 05:58:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TJsBp47ihLuevHNM+JR5gQ3nrfOCnkx2UaaHNCzVIvk=; b=T0Olvte7VSHZIdxm/rFHZDVV0n4NFkF88QVhZkrLnWroz9tqsy+J9vVVlOVg1If8WQ RvFyYoxxBQ+bvCbEil6Xse1M2vc2J8qWQvs9DyLo6h4Nz3yA0o40KXirPnl0loOYJVtP uaLT7yh0yukk3HAKGO+8shA7DxAMO7P1cgiLA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TJsBp47ihLuevHNM+JR5gQ3nrfOCnkx2UaaHNCzVIvk=; b=O1cUobDwB6sAVPaLpQRKe69jn0ynP4FIFksQvY7W2UdBszELL+tHQ4656gl+DBWIYK dNpxqyBKK2o8c5XbgIo01Yy9oAbTwGM/NYBFyZ3e+oW5pZ1PUGseOARIbv48uwTkiEyc JP0J7QkxRMXqt3m1+yv/XTsYQcIGgvhfFKqSVud1ueL/Br1JkIBWTHaUC/5tF3pZaVeP cVDYDXqNbQKH+umP17Yu72sqDhrO4mwIpus/BganIp1gML9tT03bDmNAIPPnep7HYklX SQp0O4wF5iiBmiDv+iaqb3bOcBdSx9ZlAYscgq0d13bkQ6ReGB6QBgRvtZfr3ebyVaNs /H0g== X-Gm-Message-State: AElRT7GBiy03bjBzjwpKo1Udzpk1lE44dOLzijggOXff0PyDOSRgJxQY nzWgNsE9FcMaa3IAqgQhNhRnYaDmbZU6+w== X-Google-Smtp-Source: AG47ELuI/8tK1N5lmTHCXttXBvHzBvXOJ4DPHp7c8uSYXeniD1ih9AJqJC0b8AgMV532a19FW4q7+A== X-Received: by 10.28.23.143 with SMTP id 137mr1963593wmx.153.1519912706361; Thu, 01 Mar 2018 05:58:26 -0800 (PST) Received: from lmecxl0911.lme.st.com ([80.215.14.109]) by smtp.gmail.com with ESMTPSA id e6sm3826304wra.67.2018.03.01.05.58.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 01 Mar 2018 05:58:25 -0800 (PST) From: Benjamin Gaignard X-Google-Original-From: Benjamin Gaignard To: robh+dt@kernel.org, mark.rutland@arm.com, mcoquelin.stm32@gmail.com, alexandre.torgue@st.com, robin.murphy@arm.com, arnd@arndb.de, loic.pallardy@st.com Subject: [PATCH v2 2/2] ARM: mach-stm32: Add Extended TrustZone Protection driver Date: Thu, 1 Mar 2018 14:58:06 +0100 Message-Id: <20180301135806.19982-3-benjamin.gaignard@st.com> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180301135806.19982-1-benjamin.gaignard@st.com> References: <20180301135806.19982-1-benjamin.gaignard@st.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180301_055836_788389_80A2E147 X-CRM114-Status: GOOD ( 23.07 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Benjamin Gaignard MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Extended TrustZone Protection (ETZPC) driver checks that the hardware block is accessible to non-secure world. If not it will disable the device tree node by updated it status property. Split between secure and non-secure hardware blocks is done at early boot stage so the driver only needs to read the status (2 bits) for each of the block. Hardware blocks status bits location in the registers is computed from the index of the device phandle in the list. To avoid to bind a device which will not be accessible ETZPC driver must be probed early, at least before platform driver, so just after core initialisation. Signed-off-by: Benjamin Gaignard --- arch/arm/mach-stm32/Kconfig | 7 +++ arch/arm/mach-stm32/Makefile | 1 + arch/arm/mach-stm32/stm32-etzpc.c | 116 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 124 insertions(+) create mode 100644 arch/arm/mach-stm32/stm32-etzpc.c diff --git a/arch/arm/mach-stm32/Kconfig b/arch/arm/mach-stm32/Kconfig index 5bc7f5ab61cd..a3ef308642be 100644 --- a/arch/arm/mach-stm32/Kconfig +++ b/arch/arm/mach-stm32/Kconfig @@ -44,6 +44,13 @@ config MACH_STM32MP157 bool "STMicroelectronics STM32MP157" default y +config STM32_ETZPC + bool "STM32 Extended TrustZone Protection" + depends on MACH_STM32MP157 + help + Select y to enable STM32 Extended TrustZone Protection + Controller (ETZPC) + endif # ARMv7-A endif diff --git a/arch/arm/mach-stm32/Makefile b/arch/arm/mach-stm32/Makefile index bd0b7b5d6e9d..2e1e729a68c9 100644 --- a/arch/arm/mach-stm32/Makefile +++ b/arch/arm/mach-stm32/Makefile @@ -1 +1,2 @@ obj-y += board-dt.o +obj-$(CONFIG_STM32_ETZPC) += stm32-etzpc.o diff --git a/arch/arm/mach-stm32/stm32-etzpc.c b/arch/arm/mach-stm32/stm32-etzpc.c new file mode 100644 index 000000000000..ea966b7d519a --- /dev/null +++ b/arch/arm/mach-stm32/stm32-etzpc.c @@ -0,0 +1,116 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) STMicroelectronics 2018 - All Rights Reserved + * Author: Benjamin Gaignard for STMicroelectronics. + */ +#include +#include +#include +#include +#include + +#define ETZPC_DECPROT0 0x10 +#define ETZPC_IP_VER 0x3F4 + +#define IP_VER_MP1 0x00000020 + +#define DECPROT_MASK 0x03 +#define NB_PROT_PER_REG 0x10 +#define DECPROT_NB_BITS 2 + +static void __init stm32_etzpc_update_status(struct device_node *np) +{ + struct property *prop; + + prop = kzalloc(sizeof(*prop), GFP_KERNEL); + if (!prop) + return; + + prop->name = "status"; + prop->value = "disabled"; + prop->length = strlen((char *)prop->value)+1; + + of_update_property(np, prop); + + pr_err("%s status doesn't match ETZPC status\n", of_node_full_name(np)); +} + +static bool __init stm32_etzpc_is_secured(void __iomem *base, int index) +{ + u32 status; + int offset = (index / NB_PROT_PER_REG) * sizeof(u32); + int shift = (index % NB_PROT_PER_REG) * DECPROT_NB_BITS; + + status = readl(base + ETZPC_DECPROT0 + offset); + status &= DECPROT_MASK << shift; + + return (status != DECPROT_MASK << shift); +} + +static const struct of_device_id stm32_etzpc_of_match[] = { + { + .compatible = "st,stm32mp1-etzpc", + }, + { /* end node */ }, +}; +MODULE_DEVICE_TABLE(of, stm32_etzpc_of_match); + +static int __init stm32_etzpc_probe(struct device_node *np, + const struct of_device_id *match) +{ + struct of_phandle_iterator it; + void __iomem *base; + int version, index = 0, ret = 0; + + base = of_iomap(np, 0); + if (IS_ERR(base)) + return PTR_ERR(base); + + version = readl(base + ETZPC_IP_VER); + if (version != IP_VER_MP1) { + pr_err("Wrong ETZPC version\n"); + ret = -EINVAL; + goto failed; + } + + of_for_each_phandle(&it, ret, np, "protected-devices", NULL, 0) { + if (of_device_is_available(it.node) && + stm32_etzpc_is_secured(base, index)) + stm32_etzpc_update_status(it.node); + + index++; + } + +failed: + iounmap(base); + return ret; +} + +/* + * stm32_etzpc_init need to be called before starting to probe + * platform drivers to be able check the status of each protected devices + * that's why it is tagged as postcore_initcall + */ +static int __init stm32_etzpc_init(void) +{ + struct device_node *np; + const struct of_device_id *m; + int ret; + + np = of_find_matching_node_and_match(NULL, stm32_etzpc_of_match, &m); + + if (!np) + return -ENODEV; + + if (!of_device_is_available(np)) { + of_node_put(np); + return -ENODEV; + } + + ret = stm32_etzpc_probe(np, m); + + of_node_put(np); + + return ret; +} +postcore_initcall(stm32_etzpc_init);