[PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled

Michael Walle-2
On all newer Layerscape SoCs, the crypto module is just partially
disabled on non-E parts. Thus it doesn't make sense to completely remove
the node. Linux will figure out what is there and what is not.

Just remove it for older SoCs, where the module is indeed completely
disabled on non-E parts.

Signed-off-by: Michael Walle <[hidden email]>
---
Changes since v1:
 - properly filter on SoC. Thanks to Horia's mail. See
   https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael@.../#2457448

 arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 3b43afb25c..acd25d4825 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
 }
 #endif
 
+/*
+ * If it is a non-E part the crypto is disabled on the following SoCs:
+ *  - LS1043A
+ *  - LS1088A
+ *  - LS2088A
+ * and their personalities.
+ *
+ * On all other SoC they are just partially disabled, that means that the
+ * following is still working:
+ *  - hashing (using MDHA - message digest hash accelerator)
+ *  - random number generation (using RNG4)
+ *  - cyclic redundancy checking (using CRCA)
+ *  - runtime integrity checker (RTIC)
+ *
+ * The linux driver will figure out what is available and what is not.
+ * Therefore, we just remove the crypto node on the SoCs which has no crypto
+ * support at all.
+ */
+static bool crypto_is_disabled(unsigned int svr)
+{
+ if (IS_E_PROCESSOR(svr))
+ return false;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
+ return true;
+
+ return false;
+}
+
 void ft_cpu_setup(void *blob, struct bd_info *bd)
 {
  struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
  unsigned int svr = gur_in32(&gur->svr);
 
  /* delete crypto node if not on an E-processor */
- if (!IS_E_PROCESSOR(svr))
+ if (crypto_is_disabled(svr))
  fdt_fixup_crypto_node(blob, 0);
 #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
  else {
--
2.20.1

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled

Iuliana Prodan
Michael Walle-2 wrote
> On all newer Layerscape SoCs, the crypto module is just partially
> disabled on non-E parts. Thus it doesn't make sense to completely remove
> the node. Linux will figure out what is there and what is not.
>
> Just remove it for older SoCs, where the module is indeed completely
> disabled on non-E parts.
>
> Signed-off-by: Michael Walle &lt;

> michael@

> &gt;
> ---
> Changes since v1:
>  - properly filter on SoC. Thanks to Horia's mail. See
>    https://patchwork.ozlabs.org/project/uboot/patch/

> 20200602150904.1997-1-michael@

> /#2457448
>
>  arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
>  1 file changed, 36 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> index 3b43afb25c..acd25d4825 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
>  }
>  #endif
>  
> +/*
> + * If it is a non-E part the crypto is disabled on the following SoCs:
> + *  - LS1043A
> + *  - LS1088A
> + *  - LS2088A
> + * and their personalities.
> + *
> + * On all other SoC they are just partially disabled, that means that the
> + * following is still working:
> + *  - hashing (using MDHA - message digest hash accelerator)
> + *  - random number generation (using RNG4)
> + *  - cyclic redundancy checking (using CRCA)
> + *  - runtime integrity checker (RTIC)
> + *
> + * The linux driver will figure out what is available and what is not.
> + * Therefore, we just remove the crypto node on the SoCs which has no
> crypto
> + * support at all.
> + */
> +static bool crypto_is_disabled(unsigned int svr)
> +{
> + if (IS_E_PROCESSOR(svr))
> + return false;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
> + return true;
> +
>
> These ifs can be put into a switch like
> switch (SVR_SOC_VER(svr)) {
> case SVR_LS1043A:
> case SVR_LS1088A:
> case SVR_LS2088A:
> return true;
>        }
>
> + return false;
> +}
> +
>  void ft_cpu_setup(void *blob, struct bd_info *bd)
>  {
>   struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
>   unsigned int svr = gur_in32(&gur->svr);
>  
>   /* delete crypto node if not on an E-processor */
> - if (!IS_E_PROCESSOR(svr))
> + if (crypto_is_disabled(svr))
>   fdt_fixup_crypto_node(blob, 0);
>  #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
>   else {
> --
> 2.20.1





--
Sent from: http://u-boot.10912.n7.nabble.com/
Reply | Threaded
Open this post in threaded view
|

RE: [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled

Priyanka Jain (OSS)
In reply to this post by Michael Walle-2
>-----Original Message-----
>From: U-Boot <[hidden email]> On Behalf Of Michael Walle
>Sent: Monday, August 10, 2020 8:24 PM
>To: [hidden email]
>Cc: Priyanka Jain <[hidden email]>; Horia Geanta
><[hidden email]>; Michael Walle <[hidden email]>
>Subject: [PATCH v2] armv8: layerscape: don't remove crypto node if just
>partially disabled
>
>On all newer Layerscape SoCs, the crypto module is just partially disabled on
>non-E parts. Thus it doesn't make sense to completely remove the node. Linux
>will figure out what is there and what is not.
>
>Just remove it for older SoCs, where the module is indeed completely disabled
>on non-E parts.
>
>Signed-off-by: Michael Walle <[hidden email]>
>---
>Changes since v1:
> - properly filter on SoC. Thanks to Horia's mail. See
>   https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-
>[hidden email]/#2457448
>
> arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
> 1 file changed, 36 insertions(+), 1 deletion(-)
>
>diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>index 3b43afb25c..acd25d4825 100644
>--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>@@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)  }  #endif
>
>+/*
>+ * If it is a non-E part the crypto is disabled on the following SoCs:
>+ *  - LS1043A
>+ *  - LS1088A
>+ *  - LS2088A
>+ * and their personalities.
>+ *
>+ * On all other SoC they are just partially disabled, that means that
>+the
>+ * following is still working:
>+ *  - hashing (using MDHA - message digest hash accelerator)
>+ *  - random number generation (using RNG4)
>+ *  - cyclic redundancy checking (using CRCA)
>+ *  - runtime integrity checker (RTIC)
>+ *
>+ * The linux driver will figure out what is available and what is not.
>+ * Therefore, we just remove the crypto node on the SoCs which has no
>+crypto
>+ * support at all.
>+ */
>+static bool crypto_is_disabled(unsigned int svr) {
>+ if (IS_E_PROCESSOR(svr))
>+ return false;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
>+ return true;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
>+ return true;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
>+ return true;
>+
>+ return false;
>+}
>+
> void ft_cpu_setup(void *blob, struct bd_info *bd)  {
> struct ccsr_gur __iomem *gur = (void
>*)(CONFIG_SYS_FSL_GUTS_ADDR);
> unsigned int svr = gur_in32(&gur->svr);
>
> /* delete crypto node if not on an E-processor */
>- if (!IS_E_PROCESSOR(svr))
>+ if (crypto_is_disabled(svr))
> fdt_fixup_crypto_node(blob, 0);
> #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
> else {
>--
>2.20.1
Horia,

Kindly help to review this patch.

Regards
Priyanka

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled

Horia Geantă-2
In reply to this post by Michael Walle-2
On 8/10/2020 5:54 PM, Michael Walle wrote:
> On all newer Layerscape SoCs, the crypto module is just partially
> disabled on non-E parts. Thus it doesn't make sense to completely remove
> the node. Linux will figure out what is there and what is not.
>
Could add a clarification here, saying "partially disabled" means that
only export-controlled ciphers are disabled.

> Just remove it for older SoCs, where the module is indeed completely
> disabled on non-E parts.
>
> Signed-off-by: Michael Walle <[hidden email]>
> ---
> Changes since v1:
>  - properly filter on SoC. Thanks to Horia's mail. See
>    https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael@.../#2457448
>
>  arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
>  1 file changed, 36 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> index 3b43afb25c..acd25d4825 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
>  }
>  #endif
>  
> +/*
> + * If it is a non-E part the crypto is disabled on the following SoCs:
> + *  - LS1043A
> + *  - LS1088A
> + *  - LS2088A
I've missed LS2080A.

> + * and their personalities.
> + *
> + * On all other SoC they are just partially disabled, that means that the
                       ^ it is (assuming "crypto" is the subject)
> + * following is still working:
> + *  - hashing (using MDHA - message digest hash accelerator)
> + *  - random number generation (using RNG4)
> + *  - cyclic redundancy checking (using CRCA)
> + *  - runtime integrity checker (RTIC)
> + *
> + * The linux driver will figure out what is available and what is not.
> + * Therefore, we just remove the crypto node on the SoCs which has no crypto
                                                                  ^ have

> + * support at all.
> + */
> +static bool crypto_is_disabled(unsigned int svr)
> +{
> + if (IS_E_PROCESSOR(svr))
> + return false;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
> + return true;
> +
> + return false;
> +}
> +
>  void ft_cpu_setup(void *blob, struct bd_info *bd)
>  {
>   struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
>   unsigned int svr = gur_in32(&gur->svr);
>  
>   /* delete crypto node if not on an E-processor */
> - if (!IS_E_PROCESSOR(svr))
> + if (crypto_is_disabled(svr))
>   fdt_fixup_crypto_node(blob, 0);
>  #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
>   else {
>