diff mbox series

[v2,2/5] dt-bindings: arm: fsl: add imx-se-fw binding doc

Message ID 20240523-imx-se-if-v2-2-5a6fd189a539@nxp.com (mailing list archive)
State New, archived
Headers show
Series Communication Interface to NXP secure-enclave HW IP like Edgelock Enclave | expand

Commit Message

Pankaj Gupta May 23, 2024, 10:49 a.m. UTC
The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
creates an embedded secure enclave within the SoC boundary to enable
features like:
- HSM
- SHE
- V2X

Secure-Enclave(s) communication interface are typically via message
unit, i.e., based on mailbox linux kernel driver. This driver enables
communication ensuring well defined message sequence protocol between
Application Core and enclave's firmware.

Driver configures multiple misc-device on the MU, for multiple
user-space applications, to be able to communicate over single MU.

It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.

Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
---
 .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 154 +++++++++++++++++++++
 1 file changed, 154 insertions(+)

Comments

Rob Herring (Arm) May 23, 2024, 12:25 p.m. UTC | #1
On Thu, 23 May 2024 16:19:33 +0530, Pankaj Gupta wrote:
> The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
> creates an embedded secure enclave within the SoC boundary to enable
> features like:
> - HSM
> - SHE
> - V2X
> 
> Secure-Enclave(s) communication interface are typically via message
> unit, i.e., based on mailbox linux kernel driver. This driver enables
> communication ensuring well defined message sequence protocol between
> Application Core and enclave's firmware.
> 
> Driver configures multiple misc-device on the MU, for multiple
> user-space applications, to be able to communicate over single MU.
> 
> It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
> 
> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> ---
>  .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 154 +++++++++++++++++++++
>  1 file changed, 154 insertions(+)
> 

My bot found errors running 'make dt_binding_check' on your patch:

yamllint warnings/errors:

dtschema/dtc warnings/errors:
Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb: /example-2/firmware/v2x-if@0: failed to match any schema with compatible: ['fsl,imx95-v2x']
Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb: /example-2/firmware/v2x-if@1: failed to match any schema with compatible: ['fsl,imx95-v2x']
Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb: /example-2/firmware/v2x-if@2: failed to match any schema with compatible: ['fsl,imx95-v2x']

doc reference errors (make refcheckdocs):

See https://patchwork.ozlabs.org/project/devicetree-bindings/patch/20240523-imx-se-if-v2-2-5a6fd189a539@nxp.com

The base for the series is generally the latest rc1. A different dependency
should be noted in *this* patch.

If you already ran 'make dt_binding_check' and didn't see the above
error(s), then make sure 'yamllint' is installed and dt-schema is up to
date:

pip3 install dtschema --upgrade

Please check and re-submit after running the above command yourself. Note
that DT_SCHEMA_FILES can be set to your schema file to speed up checking
your schema. However, it must be unset to test all examples with your schema.
Pankaj Gupta May 23, 2024, 12:30 p.m. UTC | #2
> -----Original Message-----
> From: Rob Herring (Arm) <robh@kernel.org>
> Sent: Thursday, May 23, 2024 5:55 PM
> To: Pankaj Gupta <pankaj.gupta@nxp.com>
> Cc: linux-doc@vger.kernel.org; Jonathan Corbet <corbet@lwn.net>; Krzysztof
> Kozlowski <krzk+dt@kernel.org>; imx@lists.linux.dev; Shawn Guo
> <shawnguo@kernel.org>; Fabio Estevam <festevam@gmail.com>; linux-
> kernel@vger.kernel.org; Sascha Hauer <s.hauer@pengutronix.de>; linux-arm-
> kernel@lists.infradead.org; devicetree@vger.kernel.org; Rob Herring
> <robh+dt@kernel.org>; Conor Dooley <conor+dt@kernel.org>; Krzysztof
> Kozlowski <krzysztof.kozlowski+dt@linaro.org>; Pengutronix Kernel Team
> <kernel@pengutronix.de>
> Subject: [EXT] Re: [PATCH v2 2/5] dt-bindings: arm: fsl: add imx-se-fw binding
> doc
> 
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
> 
> 
> On Thu, 23 May 2024 16:19:33 +0530, Pankaj Gupta wrote:
> > The NXP security hardware IP(s) like: i.MX EdgeLock Enclave, V2X etc.,
> > creates an embedded secure enclave within the SoC boundary to enable
> > features like:
> > - HSM
> > - SHE
> > - V2X
> >
> > Secure-Enclave(s) communication interface are typically via message
> > unit, i.e., based on mailbox linux kernel driver. This driver enables
> > communication ensuring well defined message sequence protocol between
> > Application Core and enclave's firmware.
> >
> > Driver configures multiple misc-device on the MU, for multiple
> > user-space applications, to be able to communicate over single MU.
> >
> > It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
> >
> > Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> > ---
> >  .../devicetree/bindings/firmware/fsl,imx-se.yaml   | 154
> +++++++++++++++++++++
> >  1 file changed, 154 insertions(+)
> >
> 
> My bot found errors running 'make dt_binding_check' on your patch:
> 
> yamllint warnings/errors:
> 
> dtschema/dtc warnings/errors:
> Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb:
> /example-2/firmware/v2x-if@0: failed to match any schema with compatible:
> ['fsl,imx95-v2x']
> Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb:
> /example-2/firmware/v2x-if@1: failed to match any schema with compatible:
> ['fsl,imx95-v2x']
> Documentation/devicetree/bindings/firmware/fsl,imx-se.example.dtb:
> /example-2/firmware/v2x-if@2: failed to match any schema with compatible:
> ['fsl,imx95-v2x']
> 
> doc reference errors (make refcheckdocs):
> 
> See
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpatchw
> ork.ozlabs.org%2Fproject%2Fdevicetree-bindings%2Fpatch%2F20240523-
> imx-se-if-v2-2-
> 5a6fd189a539%40nxp.com&data=05%7C02%7Cpankaj.gupta%40nxp.com%7
> C102225d4215b49f9e1e308dc7b2370cd%7C686ea1d3bc2b4c6fa92cd99c5c3
> 01635%7C0%7C0%7C638520639343681926%7CUnknown%7CTWFpbGZsb3d
> 8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%
> 3D%7C0%7C%7C%7C&sdata=BO%2FhtixA%2ByKfjN2UZdas2VzEj9Aoq1I%2F%
> 2FH7m5pLAqPc%3D&reserved=0
> 
> The base for the series is generally the latest rc1. A different dependency
> should be noted in *this* patch.
> 
> If you already ran 'make dt_binding_check' and didn't see the above error(s),
> then make sure 'yamllint' is installed and dt-schema is up to
> date:
> 
> pip3 install dtschema --upgrade

I have updated this. But still not able to see the above error.

But, I know why it coming. Following change will fix it.

In the compatible properties:
+  compatible:
+    enum:
+      - fsl,imx8ulp-ele
+      - fsl,imx93-ele
-      - fsl,imx95-ele
+      - fsl,imx95-v2x


Will correct in v3.
> 
> Please check and re-submit after running the above command yourself. Note
> that DT_SCHEMA_FILES can be set to your schema file to speed up checking
> your schema. However, it must be unset to test all examples with your
> schema.
diff mbox series

Patch

diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
new file mode 100644
index 000000000000..b27f84db6f91
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se.yaml
@@ -0,0 +1,154 @@ 
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/firmware/fsl,imx-se.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: NXP i.MX HW Secure Enclave(s) EdgeLock Enclave
+
+maintainers:
+  - Pankaj Gupta <pankaj.gupta@nxp.com>
+
+description: |
+  NXP's SoC may contain one or multiple embedded secure-enclave HW
+  IP(s) like i.MX EdgeLock Enclave, V2X etc. These NXP's HW IP(s)
+  enables features like
+    - Hardware Security Module (HSM),
+    - Security Hardware Extension (SHE), and
+    - Vehicular to Anything (V2X)
+
+  Communication interface to the secure-enclaves is based on the
+  messaging unit(s).
+
+properties:
+  $nodename:
+    pattern: "^[0-9a-z]*-if@[0-9a-f]+$"
+
+  compatible:
+    enum:
+      - fsl,imx8ulp-ele
+      - fsl,imx93-ele
+      - fsl,imx95-ele
+
+  reg:
+    maxItems: 1
+    description: Identifier of the communication interface to secure-enclave.
+
+  mboxes:
+    description: contain a list of phandles to mailboxes.
+    items:
+      - description: Specify the mailbox used to send message to se firmware
+      - description: Specify the mailbox used to receive message from se firmware
+
+  mbox-names:
+    items:
+      - const: tx
+      - const: rx
+      - const: txdb
+      - const: rxdb
+    minItems: 2
+
+  memory-region:
+    description: contains a list of phandles to reserved external memory.
+    items:
+      - description: It is used by secure-enclave firmware. It is an optional
+          property based on compatible and identifier to communication interface.
+          (see bindings/reserved-memory/reserved-memory.txt)
+
+  sram:
+    description: contains a list of phandles to sram.
+    $ref: /schemas/types.yaml#/definitions/phandle-array
+    items:
+      - description: Phandle to the device SRAM. It is an optional property
+          based on compatible and identifier to communication interface.
+
+allOf:
+  # memory-region
+  - if:
+      properties:
+        compatible:
+          contains:
+            enum:
+              - fsl,imx8ulp-ele
+              - fsl,imx93-ele
+    then:
+      required:
+        - memory-region
+    else:
+      not:
+        required:
+          - memory-region
+
+  # sram
+  - if:
+      properties:
+        compatible:
+          contains:
+            enum:
+              - fsl,imx8ulp-ele
+    then:
+      required:
+        - sram
+    else:
+      not:
+        required:
+          - sram
+
+required:
+  - compatible
+  - reg
+  - mboxes
+  - mbox-names
+
+additionalProperties: false
+
+examples:
+  - |
+    firmware {
+      #address-cells = <1>;
+      #size-cells = <0>;
+      ele-if@0 {
+        compatible = "fsl,imx8ulp-ele";
+        reg = <0x0>;
+        mboxes = <&s4muap 0 0>, <&s4muap 1 0>;
+        mbox-names = "tx", "rx";
+        sram = <&sram0>;
+        memory-region = <&ele_reserved>;
+      };
+    };
+  - |
+    firmware {
+      #address-cells = <1>;
+      #size-cells = <0>;
+      ele-if@0 {
+        compatible = "fsl,imx93-ele";
+        reg = <0x0>;
+        mboxes = <&s4muap 0 0>, <&s4muap 1 0>;
+        mbox-names = "tx", "rx";
+        memory-region = <&ele_reserved>;
+      };
+    };
+  - |
+    firmware {
+      #address-cells = <1>;
+      #size-cells = <0>;
+      v2x-if@0 {
+        compatible = "fsl,imx95-v2x";
+        reg = <0x0>;
+        mboxes = <&v2x_mu 0 0>, <&v2x_mu 1 0>;
+        mbox-names = "tx", "rx";
+      };
+      v2x-if@1 {
+        compatible = "fsl,imx95-v2x";
+        reg = <0x1>;
+        mboxes = <&v2x_mu6 0 0>, <&v2x_mu6 1 0>;
+        mbox-names = "txdb", "rxdb";
+      };
+      v2x-if@2 {
+        compatible = "fsl,imx95-v2x";
+        reg = <0x2>;
+        mboxes = <&v2x_mu7 0 0>, <&v2x_mu7 1 0>;
+        mbox-names = "tx", "rx";
+      };
+    };
+...