[PATCH v3] armv8: layerscape: don't remove crypto node if just partially disabled

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH v3] armv8: layerscape: don't remove crypto node if just partially disabled

Michael Walle-2
On all newer Layerscape SoCs, only the export-controlled ciphers of the
crypto module are disabled on non-E parts. Thus it doesn't make sense to
completely remove the node. Linux will figure out what is there and what
is not.

Just remove it for older SoCs, where the module is indeed completely
disabled on non-E parts.

Signed-off-by: Michael Walle <[hidden email]>
---
Changes since v2:
 - clearified "partially disabled"
 - fixed typos
 - added LS2080A to the "completely disabled list"

Changes since v1:
 - properly filter on SoC. Thanks to Horia's mail. See
   https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael@.../#2457448

 arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 41 ++++++++++++++++++++++++-
 1 file changed, 40 insertions(+), 1 deletion(-)

diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 7400b2cf29..6d3391db3b 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -437,13 +437,52 @@ __weak void fdt_fixup_ecam(void *blob)
 }
 #endif
 
+/*
+ * If it is a non-E part the crypto is disabled on the following SoCs:
+ *  - LS1043A
+ *  - LS1088A
+ *  - LS2080A
+ *  - LS2088A
+ * and their personalities.
+ *
+ * On all other SoCs just the export-controlled ciphers are disabled, that
+ * means that the following is still working:
+ *  - hashing (using MDHA - message digest hash accelerator)
+ *  - random number generation (using RNG4)
+ *  - cyclic redundancy checking (using CRCA)
+ *  - runtime integrity checker (RTIC)
+ *
+ * The linux driver will figure out what is available and what is not.
+ * Therefore, we just remove the crypto node on the SoCs which have no crypto
+ * support at all.
+ */
+static bool crypto_is_disabled(unsigned int svr)
+{
+ if (IS_E_PROCESSOR(svr))
+ return false;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2080A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
+ return true;
+
+ return false;
+}
+
 void ft_cpu_setup(void *blob, struct bd_info *bd)
 {
  struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
  unsigned int svr = gur_in32(&gur->svr);
 
  /* delete crypto node if not on an E-processor */
- if (!IS_E_PROCESSOR(svr))
+ if (crypto_is_disabled(svr))
  fdt_fixup_crypto_node(blob, 0);
 #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
  else {
--
2.20.1

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH v3] armv8: layerscape: don't remove crypto node if just partially disabled

Horia Geantă-2
On 10/16/2020 8:38 PM, Michael Walle wrote:
> On all newer Layerscape SoCs, only the export-controlled ciphers of the
> crypto module are disabled on non-E parts. Thus it doesn't make sense to
> completely remove the node. Linux will figure out what is there and what
> is not.
>
> Just remove it for older SoCs, where the module is indeed completely
> disabled on non-E parts.
>
> Signed-off-by: Michael Walle <[hidden email]>
Reviewed-by: Horia Geantă <[hidden email]>

Thanks,
Horia