#define TEMPMON_HW_ANADIG_TEMPSENSE_TRIM_TOG_T_MUX_ADDR_SHIFT 29
#define TEMPMON_HW_ANADIG_TEMPSENSE_TRIM_TOG_T_MUX_ADDR(x) (((uint32_t)(((uint32_t)(x))<<TEMPMON_HW_ANADIG_TEMPSENSE_TRIM_TOG_T_MUX_ADDR_SHIFT))&TEMPMON_HW_ANADIG_TEMPSENSE_TRIM_TOG_T_MUX_ADDR_MASK)
+#define MXC_CCM_CCGR36_CAAM_DOMAIN3_OFFSET 12
+#define MXC_CCM_CCGR36_CAAM_DOMAIN3_MASK (3 << MXC_CCM_CCGR36_CAAM_DOMAIN3_OFFSET)
+#define MXC_CCM_CCGR36_CAAM_DOMAIN2_OFFSET 8
+#define MXC_CCM_CCGR36_CAAM_DOMAIN2_MASK (3 << MXC_CCM_CCGR36_CAAM_DOMAIN2_OFFSET)
+#define MXC_CCM_CCGR36_CAAM_DOMAIN1_OFFSET 4
+#define MXC_CCM_CCGR36_CAAM_DOMAIN1_MASK (3 << MXC_CCM_CCGR36_CAAM_DOMAIN1_OFFSET)
+#define MXC_CCM_CCGR36_CAAM_DOMAIN0_OFFSET 0
+#define MXC_CCM_CCGR36_CAAM_DOMAIN0_MASK (3 << MXC_CCM_CCGR36_CAAM_DOMAIN0_OFFSET)
#define CCM_GPR(i) (CCM_BASE_ADDR + CCM_GPR0_OFFSET + 0x10 * (i))
#define CCM_OBSERVE(i) (CCM_BASE_ADDR + CCM_OBSERVE0_OFFSET + 0x10 * (i))
Implements the 'fitupd' command, which allows to automatically
store software updates present on a TFTP server in NOR Flash
+config CMD_FSL_CAAM_KB
+ bool "Freescale i.MX CAAM command"
+ help
+ Implement the "caam" command to generate DEK blob for one block of data
+ or decap the DEK blob to its original data.
+
config CMD_THOR_DOWNLOAD
bool "thor - TIZEN 'thor' download"
help
obj-$(CONFIG_CMD_FPGA) += fpga.o
obj-$(CONFIG_CMD_FPGAD) += fpgad.o
obj-$(CONFIG_CMD_FS_GENERIC) += fs.o
+obj-$(CONFIG_CMD_FSL_CAAM_KB) += cmd_fsl_caam.o
obj-$(CONFIG_CMD_FUSE) += fuse.o
obj-$(CONFIG_CMD_GETTIME) += gettime.o
obj-$(CONFIG_CMD_GPIO) += gpio.o
--- /dev/null
+/*
+ * Copyright (C) 2012-2016 Freescale Semiconductor, Inc.
+ *
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+
+#include <common.h>
+#include <command.h>
+#include <fsl_caam.h>
+
+static int do_caam(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+
+ int ret, i;
+
+ if (argc < 2)
+ return CMD_RET_USAGE;
+
+ if (strcmp(argv[1], "genblob") == 0) {
+
+ if (argc != 5)
+ return CMD_RET_USAGE;
+
+ void *data_addr;
+ void *blob_addr;
+ int size;
+
+ data_addr = (void *)simple_strtoul(argv[2], NULL, 16);
+ blob_addr = (void *)simple_strtoul(argv[3], NULL, 16);
+ size = simple_strtoul(argv[4], NULL, 10);
+ if (size <= 48)
+ return CMD_RET_USAGE;
+
+ caam_open();
+ ret = caam_gen_blob((uint32_t)data_addr, (uint32_t)blob_addr, (uint32_t)size);
+
+ if(ret != SUCCESS){
+ printf("Error during blob decap operation: 0x%d\n",ret);
+ return 0;
+ }
+
+ /* Print the generated DEK blob */
+ printf("DEK blob is available at 0x%08X and equals:\n",(unsigned int)blob_addr);
+ for(i=0;i<size;i++)
+ printf("%02X ",((uint8_t *)blob_addr)[i]);
+ printf("\n\n");
+
+
+ return 1;
+
+ }
+
+ else if (strcmp(argv[1], "decap") == 0){
+
+ if (argc != 5)
+ return CMD_RET_USAGE;
+
+ void *blob_addr;
+ void *data_addr;
+ int size;
+
+ blob_addr = (void *)simple_strtoul(argv[2], NULL, 16);
+ data_addr = (void *)simple_strtoul(argv[3], NULL, 16);
+ size = simple_strtoul(argv[4], NULL, 10);
+ if (size <= 48)
+ return CMD_RET_USAGE;
+
+ caam_open();
+ ret = caam_decap_blob((uint32_t)(data_addr), (uint32_t)(blob_addr), (uint32_t)size);
+ if(ret != SUCCESS)
+ printf("Error during blob decap operation: 0x%d\n",ret);
+ else {
+ printf("Success, blob decap at SM PAGE1 original data is:\n");
+ int i = 0;
+ for (i = 0; i < size; i++) {
+ printf("0x%x ",*(unsigned char*)(data_addr+i));
+ if (i % 16 == 0)
+ printf("\n");
+ }
+ printf("\n");
+ }
+
+ return 1;
+ }
+
+ return CMD_RET_USAGE;
+}
+
+U_BOOT_CMD(
+ caam, 5, 1, do_caam,
+ "Freescale i.MX CAAM command",
+ "caam genblob data_addr blob_addr data_size\n \
+ caam decap blobaddr data_addr data_size\n \
+ \n "
+ );
# http://www.samsung.com
obj-$(CONFIG_EXYNOS_ACE_SHA) += ace_sha.o
+obj-$(CONFIG_FSL_CAAM_KB) += fsl_caam.o
obj-y += rsa_mod_exp/
obj-y += fsl/
--- /dev/null
+/*
+ * Copyright (c) 2012-2016, Freescale Semiconductor, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * o Redistributions of source code must retain the above copyright notice, this list
+ * of conditions and the following disclaimer.
+ *
+ * o Redistributions in binary form must reproduce the above copyright notice, this
+ * list of conditions and the following disclaimer in the documentation and/or
+ * other materials provided with the distribution.
+ *
+ * o Neither the name of Freescale Semiconductor, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <common.h>
+#include <asm/io.h>
+#include <asm/arch/crm_regs.h>
+#include "fsl_caam_internal.h"
+#include <fsl_caam.h>
+
+/*---------- Global variables ----------*/
+/* Input job ring - single entry input ring */
+uint32_t g_input_ring[JOB_RING_ENTRIES] = {0};
+
+
+/* Output job ring - single entry output ring (consists of two words) */
+uint32_t g_output_ring[2*JOB_RING_ENTRIES] = {0, 0};
+
+uint32_t decap_dsc[] =
+{
+ DECAP_BLOB_DESC1,
+ DECAP_BLOB_DESC2,
+ DECAP_BLOB_DESC3,
+ DECAP_BLOB_DESC4,
+ DECAP_BLOB_DESC5,
+ DECAP_BLOB_DESC6,
+ DECAP_BLOB_DESC7,
+ DECAP_BLOB_DESC8,
+ DECAP_BLOB_DESC9
+};
+
+uint32_t encap_dsc[] =
+{
+ ENCAP_BLOB_DESC1,
+ ENCAP_BLOB_DESC2,
+ ENCAP_BLOB_DESC3,
+ ENCAP_BLOB_DESC4,
+ ENCAP_BLOB_DESC5,
+ ENCAP_BLOB_DESC6,
+ ENCAP_BLOB_DESC7,
+ ENCAP_BLOB_DESC8,
+ ENCAP_BLOB_DESC9
+};
+
+uint32_t hwrng_dsc[6] = {0};
+uint32_t rng_inst_dsc[] =
+{
+ RNG_INST_DESC1,
+ RNG_INST_DESC2,
+ RNG_INST_DESC3,
+ RNG_INST_DESC4,
+ RNG_INST_DESC5,
+ RNG_INST_DESC6,
+ RNG_INST_DESC7,
+ RNG_INST_DESC8,
+ RNG_INST_DESC9
+};
+
+static uint8_t skeymod[] = {
+ 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
+};
+
+
+/* arm v7 need 64 align */
+#define ALIGN_MASK 0xffffffc0
+
+/*!
+ * Secure memory run command.
+ *
+ * @param sec_mem_cmd Secure memory command register
+ * @return cmd_status Secure memory command status register
+ */
+uint32_t secmem_set_cmd_1(uint32_t sec_mem_cmd)
+{
+ uint32_t temp_reg;
+ __raw_writel(sec_mem_cmd, CAAM_SMCJR0);
+ do {
+ temp_reg = __raw_readl(CAAM_SMCSJR0);
+ } while(temp_reg & CMD_COMPLETE);
+
+ return temp_reg;
+}
+
+
+/*!
+ * Use CAAM to decapsulate a blob to secure memory.
+ * Such blob of secret key cannot be read once decrypted,
+ * but can still be used for enc/dec operation of user's data.
+ *
+ * @param blob_addr Location address of the blob.
+ *
+ * @return SUCCESS or ERROR_XXX
+ */
+uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size)
+{
+ uint32_t ret = SUCCESS;
+
+ /* Buffer that holds blob */
+
+
+ /* TODO: Fix Hardcoded Descriptor */
+ decap_dsc[0] = (uint32_t)0xB0800008;
+ decap_dsc[1] = (uint32_t)0x14400010;
+ decap_dsc[2] = (uint32_t)skeymod;
+ decap_dsc[3] = (uint32_t)0xF0000000 | (0x0000ffff & (size+48) );
+ decap_dsc[4] = blob_addr;
+ decap_dsc[5] = (uint32_t)0xF8000000 | (0x0000ffff & (size));
+ decap_dsc[6] = (uint32_t)(uint8_t*)plain_text;
+ decap_dsc[7] = (uint32_t)0x860D0000;
+
+/* uncomment when using descriptor from "fsl_caam_internal.h"
+ does not use key modifier. */
+
+ /* Run descriptor with result written to blob buffer */
+ /* Add job to input ring */
+ g_input_ring[0] = (uint32_t)decap_dsc;
+
+ flush_dcache_range((uint32_t)blob_addr & ALIGN_MASK,
+ (((uint32_t)blob_addr + 2 * size + 64) & ALIGN_MASK));
+ flush_dcache_range((uint32_t)plain_text & ALIGN_MASK,
+ (((uint32_t)plain_text + 2 * size + 64) & ALIGN_MASK));
+ flush_dcache_range((uint32_t)decap_dsc & ALIGN_MASK,
+ ((uint32_t)decap_dsc & ALIGN_MASK) + 128);
+ flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK,
+ ((uint32_t)g_input_ring & ALIGN_MASK) + 128);
+
+ invalidate_dcache_range((uint32_t)decap_dsc & ALIGN_MASK,
+ ((uint32_t)decap_dsc & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)g_input_ring & ALIGN_MASK,
+ ((uint32_t)g_input_ring & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)blob_addr & ALIGN_MASK,
+ (((uint32_t)blob_addr + 2 * size + 64) & ALIGN_MASK));
+ invalidate_dcache_range((uint32_t)plain_text & ALIGN_MASK,
+ (((uint32_t)plain_text + 2 * size + 64) & ALIGN_MASK));
+ /* Increment jobs added */
+ __raw_writel(1, CAAM_IRJAR0);
+
+ /* Wait for job ring to complete the job: 1 completed job expected */
+ while(__raw_readl(CAAM_ORSFR0) != 1);
+
+ // TODO: check if Secure memory is cacheable.
+ flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK,
+ ((uint32_t)g_output_ring & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)g_output_ring & ALIGN_MASK,
+ ((uint32_t)g_output_ring & ALIGN_MASK) + 128);
+ /* check that descriptor address is the one expected in the output ring */
+ if(g_output_ring[0] == (uint32_t)decap_dsc)
+ {
+ /* check if any error is reported in the output ring */
+ if ((g_output_ring[1] & JOB_RING_STS) != 0)
+ {
+ printf("Error: blob decap job completed with errors 0x%X\n",
+ g_output_ring[1]);
+ }
+ }
+ else
+ {
+ printf("Error: blob decap job output ring descriptor address does" \
+ " not match\n");
+ }
+
+
+ /* Remove job from Job Ring Output Queue */
+ __raw_writel(1, CAAM_ORJRR0);
+
+ return ret;
+}
+
+/*!
+ * Use CAAM to generate a blob.
+ *
+ * @param plain_data_addr Location address of the plain data.
+ * @param blob_addr Location address of the blob.
+ *
+ * @return SUCCESS or ERROR_XXX
+ */
+uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t size)
+{
+ uint32_t ret = SUCCESS;
+
+ /* Buffer to hold the resulting blob */
+ uint8_t *blob = (uint8_t *)blob_addr;
+
+ /* initialize the blob array */
+ memset(blob,0,size);
+
+
+ /* TODO: Fix Hardcoded Descriptor */
+ encap_dsc[0] = (uint32_t)0xB0800008;
+ encap_dsc[1] = (uint32_t)0x14400010;
+ encap_dsc[2] = (uint32_t)skeymod;
+ encap_dsc[3] = (uint32_t)0xF0000000 | (0x0000ffff & (size));
+ encap_dsc[4] = (uint32_t)plain_data_addr;
+ encap_dsc[5] = (uint32_t)0xF8000000 | (0x0000ffff & (size+48));
+ encap_dsc[6] = (uint32_t)blob;
+ encap_dsc[7] = (uint32_t)0x870D0000;
+
+ /* Run descriptor with result written to blob buffer */
+ /* Add job to input ring */
+ g_input_ring[0] = (uint32_t)encap_dsc;
+
+ flush_dcache_range((uint32_t)plain_data_addr & ALIGN_MASK,
+ (((uint32_t)plain_data_addr + 2 * size + 64) & ALIGN_MASK));
+ flush_dcache_range((uint32_t)encap_dsc & ALIGN_MASK,
+ ((uint32_t)encap_dsc & ALIGN_MASK) + 128);
+ flush_dcache_range((uint32_t)blob & ALIGN_MASK,
+ (((uint32_t)blob + 2 * size + 64) & ALIGN_MASK));
+ flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK,
+ ((uint32_t)g_input_ring & ALIGN_MASK) + 128);
+
+ invalidate_dcache_range((uint32_t)blob & ALIGN_MASK,
+ (((uint32_t)blob + 2 * size + 64) & ALIGN_MASK));
+ /* Increment jobs added */
+ __raw_writel(1, CAAM_IRJAR0);
+
+ /* Wait for job ring to complete the job: 1 completed job expected */
+ while(__raw_readl(CAAM_ORSFR0) != 1);
+
+ // flush cache
+ flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK,
+ ((uint32_t)g_output_ring & ALIGN_MASK) + 128);
+ /* check that descriptor address is the one expected in the output ring */
+ if(g_output_ring[0] == (uint32_t)encap_dsc)
+ {
+ /* check if any error is reported in the output ring */
+ if ((g_output_ring[1] & JOB_RING_STS) != 0)
+ {
+ printf("Error: blob encap job completed with errors 0x%X\n",
+ g_output_ring[1]);
+ }
+ }
+ else
+ {
+ printf("Error: blob encap job output ring descriptor address does" \
+ " not match\n");
+ }
+
+ /* Remove job from Job Ring Output Queue */
+ __raw_writel(1, CAAM_ORJRR0);
+
+ return ret;
+}
+
+uint32_t caam_hwrng(uint8_t *output_ptr, uint32_t output_len) {
+ uint32_t ret = SUCCESS;
+
+ /* Buffer to hold the resulting output*/
+ uint8_t *output = (uint8_t *)output_ptr;
+
+ /* initialize the output array */
+ memset(output,0,output_len);
+
+ int n = 0;
+ hwrng_dsc[n++] = (uint32_t)0xB0800004;
+ hwrng_dsc[n++] = (uint32_t)0x82500000;
+ hwrng_dsc[n++] = (uint32_t)0x60340000| (0x0000ffff & output_len);
+ hwrng_dsc[n++] = (uint32_t)output;
+
+ /* Run descriptor with result written to blob buffer */
+ /* Add job to input ring */
+ // flush cache
+ g_input_ring[0] = (uint32_t)hwrng_dsc;
+
+ flush_dcache_range((uint32_t)hwrng_dsc & ALIGN_MASK,
+ ((uint32_t)hwrng_dsc & ALIGN_MASK) + 128);
+ flush_dcache_range((uint32_t)g_input_ring & ALIGN_MASK,
+ ((uint32_t)g_input_ring & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)hwrng_dsc & ALIGN_MASK,
+ ((uint32_t)hwrng_dsc & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)g_input_ring & ALIGN_MASK,
+ ((uint32_t)g_input_ring & ALIGN_MASK) + 128);
+ invalidate_dcache_range((uint32_t)output & ALIGN_MASK,
+ (((uint32_t)output + 2 * output_len + 64) & ALIGN_MASK));
+ /* Increment jobs added */
+ __raw_writel(1, CAAM_IRJAR0);
+
+ /* Wait for job ring to complete the job: 1 completed job expected */
+ size_t timeout = 100000;
+ while(__raw_readl(CAAM_ORSFR0) != 1 && timeout--);
+ flush_dcache_range((uint32_t)g_output_ring & ALIGN_MASK,
+ ((uint32_t)g_output_ring & ALIGN_MASK) + 128);
+
+ /* check that descriptor address is the one expected in the output ring */
+ if(g_output_ring[0] == (uint32_t)hwrng_dsc) {
+ /* check if any error is reported in the output ring */
+ if ((g_output_ring[1] & JOB_RING_STS) != 0) {
+ printf("Error: RNG job completed with errors 0x%X\n",
+ g_output_ring[1]);
+ ret = -1;
+ }
+ } else {
+ printf("Error: RNG output ring descriptor address does" \
+ " not match\n");
+ ret = -1;
+
+ }
+
+ /* Remove job from Job Ring Output Queue */
+ __raw_writel(1, CAAM_ORJRR0);
+
+ return ret;
+}
+
+/*!
+ * Initialize the CAAM.
+ *
+ */
+void caam_open(void)
+{
+ uint32_t temp_reg;
+ //uint32_t addr;
+
+ /* switch on the clock */
+#if defined(CONFIG_MX6)
+ struct mxc_ccm_reg *mxc_ccm = (struct mxc_ccm_reg *)CCM_BASE_ADDR;
+ temp_reg = __raw_readl(&mxc_ccm->CCGR0);
+ temp_reg |= MXC_CCM_CCGR0_CAAM_SECURE_MEM_MASK |
+ MXC_CCM_CCGR0_CAAM_WRAPPER_ACLK_MASK |
+ MXC_CCM_CCGR0_CAAM_WRAPPER_IPG_MASK;
+ __raw_writel(temp_reg, &mxc_ccm->CCGR0);
+#elif defined(CONFIG_MX7)
+ HW_CCM_CCGR_SET(36, MXC_CCM_CCGR36_CAAM_DOMAIN0_MASK);
+#endif
+
+ /* MID for CAAM - already done by HAB in ROM during preconfigure,
+ * That is JROWN for JR0/1 = 1 (TZ, Secure World, ARM)
+ * JRNSMID and JRSMID for JR0/1 = 2 (TZ, Secure World, CAAM)
+ *
+ * However, still need to initialize Job Rings as these are torn
+ * down by HAB for each command
+ */
+
+ /* Initialize job ring addresses */
+ __raw_writel((uint32_t)g_input_ring, CAAM_IRBAR0); // input ring address
+ __raw_writel((uint32_t)g_output_ring, CAAM_ORBAR0); // output ring address
+
+ /* Initialize job ring sizes to 1 */
+ __raw_writel(JOB_RING_ENTRIES, CAAM_IRSR0);
+ __raw_writel(JOB_RING_ENTRIES, CAAM_ORSR0);
+
+ /* HAB disables interrupts for JR0 so do the same here */
+ temp_reg = __raw_readl(CAAM_JRCFGR0_LS) | JRCFG_LS_IMSK;
+ __raw_writel(temp_reg, CAAM_JRCFGR0_LS);
+
+ /********* Initialize and instantiate the RNG *******************/
+ /* if RNG already instantiated then skip it */
+ if ((__raw_readl(CAAM_RDSTA) & RDSTA_IF0) != RDSTA_IF0)
+ {
+ /* Enter TRNG Program mode */
+ __raw_writel(RTMCTL_PGM, CAAM_RTMCTL);
+
+ /* Set OSC_DIV field to TRNG */
+ temp_reg = __raw_readl(CAAM_RTMCTL) | (RNG_TRIM_OSC_DIV << 2);
+ __raw_writel(temp_reg, CAAM_RTMCTL);
+
+ /* Set delay */
+ __raw_writel(((RNG_TRIM_ENT_DLY << 16) | 0x09C4), CAAM_RTSDCTL);
+ __raw_writel((RNG_TRIM_ENT_DLY >> 1), CAAM_RTFRQMIN);
+ __raw_writel((RNG_TRIM_ENT_DLY << 4), CAAM_RTFRQMAX);
+
+ /* Resume TRNG Run mode */
+ temp_reg = __raw_readl(CAAM_RTMCTL) ^ RTMCTL_PGM;
+ __raw_writel(temp_reg, CAAM_RTMCTL);
+
+ /* Clear the ERR bit in RTMCTL if set. The TRNG error can occur when the
+ * RNG clock is not within 1/2x to 8x the system clock.
+ * This error is possible if ROM code does not initialize the system PLLs
+ * immediately after PoR.
+ */
+ temp_reg = __raw_readl(CAAM_RTMCTL) | RTMCTL_ERR;
+ __raw_writel(temp_reg, CAAM_RTMCTL);
+
+ /* Run descriptor to instantiate the RNG */
+ /* Add job to input ring */
+ g_input_ring[0] = (uint32_t)rng_inst_dsc;
+
+ flush_dcache_range((uint32_t)g_input_ring & 0xffffffe0,
+ ((uint32_t)g_input_ring & 0xffffffe0) + 128);
+ /* Increment jobs added */
+ __raw_writel(1, CAAM_IRJAR0);
+
+ /* Wait for job ring to complete the job: 1 completed job expected */
+ while(__raw_readl(CAAM_ORSFR0) != 1);
+
+
+ invalidate_dcache_range((uint32_t)g_output_ring & 0xffffffe0,
+ ((uint32_t)g_output_ring & 0xffffffe0) + 128);
+
+ /* check that descriptor address is the one expected in the out ring */
+ if(g_output_ring[0] == (uint32_t)rng_inst_dsc)
+ {
+ /* check if any error is reported in the output ring */
+ if ((g_output_ring[1] & JOB_RING_STS) != 0)
+ {
+ printf("Error: RNG instantiation errors g_output_ring[1]: 0x%X\n"
+ , g_output_ring[1]);
+ printf("RTMCTL 0x%X\n", __raw_readl(CAAM_RTMCTL));
+ printf("RTSTATUS 0x%X\n", __raw_readl(CAAM_RTSTATUS));
+ printf("RTSTA 0x%X\n", __raw_readl(CAAM_RDSTA));
+ }
+ }
+ else
+ {
+ printf("Error: RNG job output ring descriptor address does " \
+ "not match: 0x%X != 0x%X \n", g_output_ring[0], rng_inst_dsc[0]);
+ }
+
+ /* ensure that the RNG was correctly instantiated */
+ temp_reg = __raw_readl(CAAM_RDSTA);
+ if (temp_reg != (RDSTA_IF0 | RDSTA_SKVN))
+ {
+ printf("Error: RNG instantiation failed 0x%X\n", temp_reg);
+ }
+ /* Remove job from Job Ring Output Queue */
+ __raw_writel(1, CAAM_ORJRR0);
+ }
+ return;
+}
--- /dev/null
+/*
+ * Copyright (c) 2012-2016, Freescale Semiconductor, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * o Redistributions of source code must retain the above copyright notice, this list
+ * of conditions and the following disclaimer.
+ *
+ * o Redistributions in binary form must reproduce the above copyright notice, this
+ * list of conditions and the following disclaimer in the documentation and/or
+ * other materials provided with the distribution.
+ *
+ * o Neither the name of Freescale Semiconductor, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __CAAM_INTERNAL_H__
+#define __CAAM_INTERNAL_H__
+
+/* 4kbyte pages */
+#define CAAM_SEC_RAM_START_ADDR CAAM_ARB_BASE_ADDR
+
+#define SEC_MEM_PAGE0 CAAM_SEC_RAM_START_ADDR
+#define SEC_MEM_PAGE1 (CAAM_SEC_RAM_START_ADDR + 0x1000)
+#define SEC_MEM_PAGE2 (CAAM_SEC_RAM_START_ADDR + 0x2000)
+#define SEC_MEM_PAGE3 (CAAM_SEC_RAM_START_ADDR + 0x3000)
+
+/* Configuration and special key registers */
+#define CAAM_MCFGR CONFIG_SYS_FSL_SEC_ADDR + 0x0004
+#define CAAM_SCFGR CONFIG_SYS_FSL_SEC_ADDR + 0x000c
+#define CAAM_JR0MIDR CONFIG_SYS_FSL_SEC_ADDR + 0x0010
+#define CAAM_JR1MIDR CONFIG_SYS_FSL_SEC_ADDR + 0x0018
+#define CAAM_DECORR CONFIG_SYS_FSL_SEC_ADDR + 0x009c
+#define CAAM_DECO0MID CONFIG_SYS_FSL_SEC_ADDR + 0x00a0
+#define CAAM_DAR CONFIG_SYS_FSL_SEC_ADDR + 0x0120
+#define CAAM_DRR CONFIG_SYS_FSL_SEC_ADDR + 0x0124
+#define CAAM_JDKEKR CONFIG_SYS_FSL_SEC_ADDR + 0x0400
+#define CAAM_TDKEKR CONFIG_SYS_FSL_SEC_ADDR + 0x0420
+#define CAAM_TDSKR CONFIG_SYS_FSL_SEC_ADDR + 0x0440
+#define CAAM_SKNR CONFIG_SYS_FSL_SEC_ADDR + 0x04e0
+#define CAAM_SMSTA CONFIG_SYS_FSL_SEC_ADDR + 0x0FB4
+#define CAAM_STA CONFIG_SYS_FSL_SEC_ADDR + 0x0FD4
+#define CAAM_SMPO_0 CONFIG_SYS_FSL_SEC_ADDR + 0x1FBC
+
+/* RNG registers */
+#define CAAM_RTMCTL CONFIG_SYS_FSL_SEC_ADDR + 0x0600
+#define CAAM_RTSDCTL CONFIG_SYS_FSL_SEC_ADDR + 0x0610
+#define CAAM_RTFRQMIN CONFIG_SYS_FSL_SEC_ADDR + 0x0618
+#define CAAM_RTFRQMAX CONFIG_SYS_FSL_SEC_ADDR + 0x061C
+#define CAAM_RTSTATUS CONFIG_SYS_FSL_SEC_ADDR + 0x063C
+#define CAAM_RDSTA CONFIG_SYS_FSL_SEC_ADDR + 0x06C0
+
+/* Job Ring 0 registers */
+#define CAAM_IRBAR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1004
+#define CAAM_IRSR0 CONFIG_SYS_FSL_SEC_ADDR + 0x100c
+#define CAAM_IRSAR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1014
+#define CAAM_IRJAR0 CONFIG_SYS_FSL_SEC_ADDR + 0x101c
+#define CAAM_ORBAR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1024
+#define CAAM_ORSR0 CONFIG_SYS_FSL_SEC_ADDR + 0x102c
+#define CAAM_ORJRR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1034
+#define CAAM_ORSFR0 CONFIG_SYS_FSL_SEC_ADDR + 0x103c
+#define CAAM_JRSTAR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1044
+#define CAAM_JRINTR0 CONFIG_SYS_FSL_SEC_ADDR + 0x104c
+#define CAAM_JRCFGR0_MS CONFIG_SYS_FSL_SEC_ADDR + 0x1050
+#define CAAM_JRCFGR0_LS CONFIG_SYS_FSL_SEC_ADDR + 0x1054
+#define CAAM_IRRIR0 CONFIG_SYS_FSL_SEC_ADDR + 0x105c
+#define CAAM_ORWIR0 CONFIG_SYS_FSL_SEC_ADDR + 0x1064
+#define CAAM_JRCR0 CONFIG_SYS_FSL_SEC_ADDR + 0x106c
+#define CAAM_SMCJR0 CONFIG_SYS_FSL_SEC_ADDR + 0x10f4
+#define CAAM_SMCSJR0 CONFIG_SYS_FSL_SEC_ADDR + 0x10fc
+#define CAAM_SMAPJR0(y) (CONFIG_SYS_FSL_SEC_ADDR + 0x1104 + y*16)
+#define CAAM_SMAG2JR0(y) (CONFIG_SYS_FSL_SEC_ADDR + 0x1108 + y*16)
+#define CAAM_SMAG1JR0(y) (CONFIG_SYS_FSL_SEC_ADDR + 0x110C + y*16)
+#define CAAM_SMAPJR0_PRTN1 CONFIG_SYS_FSL_SEC_ADDR + 0x1114
+#define CAAM_SMAG2JR0_PRTN1 CONFIG_SYS_FSL_SEC_ADDR + 0x1118
+#define CAAM_SMAG1JR0_PRTN1 CONFIG_SYS_FSL_SEC_ADDR + 0x111c
+#define CAAM_SMPO CONFIG_SYS_FSL_SEC_ADDR + 0x1fbc
+
+#define JRCFG_LS_IMSK 0x00000001 /* Interrupt Mask */
+#define JR_MID 2 /* Matches ROM configuration */
+#define KS_G1 (1 << JR_MID) /* CAAM only */
+#define PERM 0x0000B008 /* Clear on release,
+ * lock SMAP
+ * lock SMAG
+ * group 1 Blob
+ */
+
+#define CMD_PAGE_ALLOC 0x1
+#define CMD_PAGE_DEALLOC 0x2
+#define CMD_PART_DEALLOC 0x3
+#define CMD_INQUIRY 0x5
+#define PAGE(x) (x << 16)
+#define PARTITION(x) (x << 8)
+
+#define SMCSJR_AERR (3 << 12)
+#define SMCSJR_CERR (3 << 14)
+#define CMD_COMPLETE (3 << 14)
+
+#define SMCSJR_PO (3 << 6)
+#define PAGE_AVAILABLE 0
+#define PAGE_OWNED (3 << 6)
+
+#define PARTITION_OWNER(x) (0x3 << (x*2))
+
+#define CAAM_BUSY_MASK 0x00000001 /* BUSY from status reg */
+#define CAAM_IDLE_MASK 0x00000002 /* IDLE from status reg */
+
+#define JOB_RING_ENTRIES 1
+#define JOB_RING_STS (0xF << 28)
+
+/** OSC_DIV in RNG trim fuses */
+#define RNG_TRIM_OSC_DIV 0
+/** ENT_DLY multiplier in RNG trim fuses */
+//#define RNG_TRIM_ENT_DLY 200*4
+#define RNG_TRIM_ENT_DLY 3200
+
+#define RTMCTL_PGM (1 << 16)
+#define RTMCTL_ERR (1 << 12)
+#define RDSTA_IF0 1
+#define RDSTA_SKVN (1 << 30)
+
+typedef enum {
+ PAGE_0,
+ PAGE_1,
+ PAGE_2,
+ PAGE_3,
+} page_num_e;
+
+typedef enum {
+ PARTITION_0,
+ PARTITION_1,
+ PARTITION_2,
+ PARTITION_3,
+ PARTITION_4,
+ PARTITION_5,
+ PARTITION_6,
+ PARTITION_7,
+} partition_num_e;
+
+/*****************************************
+ *----- Blob decapsulate descriptor -----*
+ *****************************************/
+/* 1. Header
+ *
+ * 1011 0000 1000 0000 0000 0000 0000 1001
+ * |||| | ||||
+ * ++++-+-- Header ++++-- 9 words in descriptor
+ */
+#define DECAP_BLOB_DESC1 0xB0800009
+
+/* 2. Load command KEY 2 immediate
+ *
+ * 0001 0100 1100 0000 0000 1100 0000 1000
+ * |||| ||| |||| |||| |||| |||| |||| ||||
+ * |||| ||| |||| |||| |||| |||| ++++-++++-- Length
+ * |||| ||| |||| |||| ++++-++++-- Offset
+ * |||| ||| |+++-++++-- DST (Destination Register) Key2
+ * |||| ||| +-- IMM (Immediate flag)
+ * |||| |++-- class 2
+ * ++++-+-- Load command
+ */
+#define DECAP_BLOB_DESC2 0x14C00C08
+
+/* 3. 8 bytes for load command above - aad data
+ *
+ * 0000 0000 0001 0000 0101 0101 0110 0110
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| |||| |||| ++++-++++-- CCM Mode
+ * |||| |||| |||| |||| ++++-++++-- AES
+ * |||| |||| ++++-++++-- Length
+ * ++++-++++-- Flag
+ */
+#define DECAP_BLOB_DESC3 0x00105566
+#define DECAP_BLOB_DESC4 0x00000000
+
+/* 5. SEQ In Ptr
+ *
+ * 1111 0000 0000 0000 0000 0000 0100 0000
+ * |||| | |||| |||| |||| ||||
+ * |||| | ++++-++++-++++-++++-- Length in bytes (64)
+ * ++++-+-- Seq In Ptr
+ */
+#define DECAP_BLOB_DESC5 0xF0000400
+//#define DECAP_BLOB_DESC5 0xF0000040
+
+/* 6. Pointer for above SEQ In ptr command */
+/* Address is provided during run time */
+#define DECAP_BLOB_DESC6 0x00000000
+
+/* 7. SEQ Out Ptr
+ *
+ * 1111 1000 0000 0000 0000 0000 0001 0000
+ * |||| | |||| |||| |||| ||||
+ * |||| | ++++-++++-++++-++++-- Length in bytes (16)
+ * ++++-+-- Seq In Ptr
+ */
+#define DECAP_BLOB_DESC7 0xF80003d0
+//#define DECAP_BLOB_DESC7 0xF8000010
+
+/* 8. Pointer for above SEQ Out ptr command */
+/* Address could be changed during run time */
+#define DECAP_BLOB_DESC8 SEC_MEM_PAGE1
+
+/* 9. Protocol
+ *
+ * 1000 0110 0000 1101 0000 0000 0000 1000
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| ++++-++++-++++-++++-- Proto Info = sec mem blob
+ * |||| |||| ++++-++++-- Protocol ID = Blob
+ * |||| |+++-- Optype - decapsulation protocol
+ * ++++-+-- Seq In Ptr
+ */
+#define DECAP_BLOB_DESC9 0x860D0008
+
+/*****************************************
+ *----- Blob encapsulate descriptor -----*
+ *****************************************/
+/* Blob Header
+ *
+ * 1011 0000 1000 0000 0000 0000 0000 1001
+ * |||| | |
+ * ++++-+-- Header +-- 9 words in descriptor
+ */
+#define ENCAP_BLOB_DESC1 0xB0800009
+
+/* 2. Load command KEY 2 immediate
+ *
+ * 0001 0100 1100 0000 0000 1100 0000 1000
+ * |||| ||| |||| |||| |||| |||| |||| ||||
+ * |||| ||| |||| |||| |||| |||| ++++-++++-- Length
+ * |||| ||| |||| |||| ++++-++++-- Offset
+ * |||| ||| |+++-++++-- DST (Destination Register) Key2
+ * |||| ||| +-- IMM (Immediate flag)
+ * |||| |++-- class 2
+ * ++++-+-- Load command
+ */
+#define ENCAP_BLOB_DESC2 0x14C00C08
+
+/* 3. 8 bytes for load command above - aad data
+ *
+ * 0000 0000 0001 0000 0101 0101 0110 0110
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| |||| |||| ++++-++++-- CCM Mode
+ * |||| |||| |||| |||| ++++-++++-- AES
+ * |||| |||| ++++-++++-- Length
+ * ++++-++++-- Flag
+ */
+#define ENCAP_BLOB_DESC3 0x00105566
+#define ENCAP_BLOB_DESC4 0x00000000
+
+/* 5. SEQ In Ptr
+ *
+ * 1111 0000 0000 0000 0000 0000 0001 0000
+ * |||| | |||| |||| |||| ||||
+ * |||| | ++++-++++-++++-++++-- Length in bytes (16)
+ * ++++-+-- Seq In Ptr
+ */
+#define ENCAP_BLOB_DESC5 0xF00003d0
+//#define ENCAP_BLOB_DESC5 0xF0000010
+
+/* 6. Pointer for above SEQ In ptr command */
+/* Address could be changed during run time */
+#define ENCAP_BLOB_DESC6 SEC_MEM_PAGE1
+
+/* 7. SEQ Out Ptr
+ *
+ * 1111 1000 0000 0000 0000 0000 0100 0000
+ * |||| | |||| |||| |||| ||||
+ * |||| | ++++-++++-++++-++++-- Length in bytes (64)
+ * ++++-+-- Seq Out Ptr
+ */
+#define ENCAP_BLOB_DESC7 0xF8000400
+//#define ENCAP_BLOB_DESC7 0xF8000040
+
+/* 8. Pointer for above SEQ Out ptr command */
+/* Address is provided during run time */
+#define ENCAP_BLOB_DESC8 0x00000000
+
+/* 9. Protocol
+ *
+ * 1000 0111 0000 1101 0000 0000 0000 1000
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| ++++-++++-++++-++++-- Proto Info = sec mem blob
+ * |||| |||| ++++-++++-- Protocol ID = Blob
+ * |||| |+++-- Optype - encapsulation protocol
+ * ++++-+-- Seq In Ptr
+ */
+#define ENCAP_BLOB_DESC9 0x870D0008
+
+/****************************************
+ *----- Data encryption descriptor -----*
+ ****************************************/
+/* 1. Header
+ *
+ * 1011 0000 1000 0000 0000 0000 0000 1000
+ * |||| | | ||||
+ * ++++-+-- Header +-++++-- 8 words in descriptor
+ */
+#define ENCRYPT_DESC1 0xB0800008
+
+/* 2. Load AES-128 key from secure memory
+ *
+ * 0010 0010 0000 0000 0000 0000 0001 0000
+ * |||| | | |||| |||| |||| ||||
+ * |||| | | ++++-++++-++++-++++-- 16 bytes
+ * |||| | +-- Load FIFO with data for Class 1 CHA
+ * ++++-+-- FIFO Load
+ */
+#define ENCRYPT_DESC2 0x02200010
+
+/* 3. Pointer to key data in secure memory */
+/* Address is provided during run time */
+#define ENCRYPT_DESC3 0x00000000
+
+/* 4. Algorith Operation - Decrypt with ECB mode
+ *
+ * 1000 0010 0001 0000 0000 0010 0000 1101
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| |||| |||| |||| |||+-- Encrypt
+ * |||| |||| |||| |||| |||| |||| |||| ++-- Initialize/Finalize
+ * |||| |||| |||| |||| ---+-++++-++++-- ECB mode
+ * |||| |||| ++++-++++-- AES
+ * |||| |+++-- Optype: Class 1 algorithm
+ * ++++-+-- ALGORITHM OP.
+ */
+#define ENCRYPT_DESC4 0x8210020D
+
+/* 5. Load 16 bytes of message data
+ *
+ * 0010 0010 0001 0010 0000 0000 0001 0000
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| ++++-++++-++++-++++-- Msg Length = 16Bytes
+ * |||| |||| ||++-++++-- Input data type: Msg data LC1=1
+ * |||| |||| |+-- EXT: No extended length
+ * |||| |||| +-- IMM: data begins at the location pointed to by the next word
+ * |||| |||++-SGT/VLF: FIFO Load-Pointer points to actual data
+ * |||| |++-- Load FIFO with data for Class 1 CHA
+ * ++++-+-- FIFO Load
+ */
+#define ENCRYPT_DESC5 0x22120010
+
+/* 6. Pointer to plain text test vector message */
+/* Address is provided during run time */
+#define ENCRYPT_DESC6 0x00000000
+
+/* 7. FIFO STORE - encrypted result.
+ * 0110 0000 0011 0000 0000 0000 0001 0000
+ * |||| |||| |||| |||| |||| |||| |||| ||||
+ * |||| |||| |||| |||| ++++-++++-++++-++++-- Length = 16Bytes
+ * |||| |||| ||++-++++-- Output data type: Msg Data
+ * |||| |||| |+-- EXT: No extended length
+ * |||| |||| +-- CONT: No continue
+ * |||| |||+-- SGT/VLF: Pointer points to actual data
+ * |||| |++-- AUX: None
+ * ++++-+-- FIFO Store
+ */
+#define ENCRYPT_DESC7 0x60300010
+
+/* 8. Pointer to ciphered text buffer */
+/* Address is provided during run time */
+#define ENCRYPT_DESC8 0x00000000
+
+/*********************************************************************
+ *----- Descriptor to instantiate RNG in non-deterministic mode -----*
+ *********************************************************************/
+// Header
+#define RNG_INST_DESC1 0xB0800009
+// Class 1 context load for personalization string, 8bytes
+#define RNG_INST_DESC2 0x12A00008
+// 8 bytes of personalization string (8-byte UID + zeros)
+#define RNG_INST_DESC3 0x01020304
+#define RNG_INST_DESC4 0x05060708
+// Instantiate State Handle 0 using entropy from TRNG
+// without prediction resistance
+#define RNG_INST_DESC5 0x82500404
+// Wait for Class 1 done
+#define RNG_INST_DESC6 0xA2000001
+// Immediate 4 byte load to clear written register
+#define RNG_INST_DESC7 0x10880004
+// Clear primary mode bit
+#define RNG_INST_DESC8 0x00000001
+// Generate secure keys without prediction resistance
+#define RNG_INST_DESC9 0x82501000
+
+#endif /* __CAAM_INTERNAL_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2012-2016, Freescale Semiconductor, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * o Redistributions of source code must retain the above copyright notice, this list
+ * of conditions and the following disclaimer.
+ *
+ * o Redistributions in binary form must reproduce the above copyright notice, this
+ * list of conditions and the following disclaimer in the documentation and/or
+ * other materials provided with the distribution.
+ *
+ * o Neither the name of Freescale Semiconductor, Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __CAAM_H__
+#define __CAAM_H__
+
+//! @name Error codes
+//@{
+#if !defined(SUCCESS)
+#define SUCCESS (0)
+#endif
+
+#define ERROR_IN_PAGE_ALLOC (1)
+
+
+////////////////////////////////////////////////////////////////////////////////
+//! @brief Enable and initialize the CAAM driver.
+//!
+//! This function enables the clock to the CAAM. It initializes the RNG, and
+//! instantiate it to allow generation of key for blob.
+//!
+////////////////////////////////////////////////////////////////////////////////
+void caam_open(void);
+
+////////////////////////////////////////////////////////////////////////////////
+//! @brief Generate a blob of a secure key.
+//!
+//! @param[in] plain_data_addr Location address of the plain text data.
+//! @param[in] blob_addr Location address of the blob.
+//! @param[in] size Size in bytes of the data to encrypt.
+//!
+//! @return SUCCESS
+//! @return ERROR_XXX
+////////////////////////////////////////////////////////////////////////////////
+uint32_t caam_gen_blob(uint32_t plain_data_addr, uint32_t blob_addr, uint32_t size);
+
+////////////////////////////////////////////////////////////////////////////////
+//! @brief Decapsulate a blob of a secure key.
+//!
+//! @param[in] blob_addr Location address of the blob.
+//!
+//! @return SUCCESS
+//! @return ERROR_XXX
+////////////////////////////////////////////////////////////////////////////////
+uint32_t caam_decap_blob(uint32_t plain_text, uint32_t blob_addr, uint32_t size);
+uint32_t caam_hwrng(uint8_t *output_ptr, uint32_t output_len);
+
+#endif /* __CAAM_H__ */
projects / u-boot.git / commitdiff