arm/mach-omap2/omap-secure.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * OMAP Secure API infrastructure.
0004  *
0005  * Copyright (C) 2011 Texas Instruments, Inc.
0006  *  Santosh Shilimkar <santosh.shilimkar@ti.com>
0007  * Copyright (C) 2012 Ivaylo Dimitrov <freemangordon@abv.bg>
0008  * Copyright (C) 2013 Pali Rohár <pali@kernel.org>
0009  */
0010
0011 #include <linux/arm-smccc.h>
0012 #include <linux/cpu_pm.h>
0013 #include <linux/kernel.h>
0014 #include <linux/init.h>
0015 #include <linux/io.h>
0016 #include <linux/memblock.h>
0017 #include <linux/of.h>
0018
0019 #include <asm/cacheflush.h>
0020 #include <asm/memblock.h>
0021
0022 #include "common.h"
0023 #include "omap-secure.h"
0024 #include "soc.h"
0025
0026 static phys_addr_t omap_secure_memblock_base;
0027
0028 bool optee_available;
0029
0030 #define OMAP_SIP_SMC_STD_CALL_VAL(func_num) \
0031     ARM_SMCCC_CALL_VAL(ARM_SMCCC_STD_CALL, ARM_SMCCC_SMC_32, \
0032     ARM_SMCCC_OWNER_SIP, (func_num))
0033
0034 static void __init omap_optee_init_check(void)
0035 {
0036     struct device_node *np;
0037
0038     /*
0039      * We only check that the OP-TEE node is present and available. The
0040      * OP-TEE kernel driver is not needed for the type of interaction made
0041      * with OP-TEE here so the driver's status is not checked.
0042      */
0043     np = of_find_node_by_path("/firmware/optee");
0044     if (np && of_device_is_available(np))
0045         optee_available = true;
0046     of_node_put(np);
0047 }
0048
0049 /**
0050  * omap_sec_dispatcher: Routine to dispatch low power secure
0051  * service routines
0052  * @idx: The HAL API index
0053  * @flag: The flag indicating criticality of operation
0054  * @nargs: Number of valid arguments out of four.
0055  * @arg1, arg2, arg3 args4: Parameters passed to secure API
0056  *
0057  * Return the non-zero error value on failure.
0058  */
0059 u32 omap_secure_dispatcher(u32 idx, u32 flag, u32 nargs, u32 arg1, u32 arg2,
0060                              u32 arg3, u32 arg4)
0061 {
0062     static u32 buf[NR_CPUS][5];
0063     u32 *param;
0064     int cpu;
0065     u32 ret;
0066
0067     cpu = get_cpu();
0068     param = buf[cpu];
0069
0070     param[0] = nargs;
0071     param[1] = arg1;
0072     param[2] = arg2;
0073     param[3] = arg3;
0074     param[4] = arg4;
0075
0076     /*
0077      * Secure API needs physical address
0078      * pointer for the parameters
0079      */
0080     flush_cache_all();
0081     outer_clean_range(__pa(param), __pa(param + 5));
0082     ret = omap_smc2(idx, flag, __pa(param));
0083
0084     put_cpu();
0085
0086     return ret;
0087 }
0088
0089 void omap_smccc_smc(u32 fn, u32 arg)
0090 {
0091     struct arm_smccc_res res;
0092
0093     arm_smccc_smc(OMAP_SIP_SMC_STD_CALL_VAL(fn), arg,
0094               0, 0, 0, 0, 0, 0, &res);
0095     WARN(res.a0, "Secure function call 0x%08x failed\n", fn);
0096 }
0097
0098 void omap_smc1(u32 fn, u32 arg)
0099 {
0100     /*
0101      * If this platform has OP-TEE installed we use ARM SMC calls
0102      * otherwise fall back to the OMAP ROM style calls.
0103      */
0104     if (optee_available)
0105         omap_smccc_smc(fn, arg);
0106     else
0107         _omap_smc1(fn, arg);
0108 }
0109
0110 /* Allocate the memory to save secure ram */
0111 int __init omap_secure_ram_reserve_memblock(void)
0112 {
0113     u32 size = OMAP_SECURE_RAM_STORAGE;
0114
0115     size = ALIGN(size, SECTION_SIZE);
0116     omap_secure_memblock_base = arm_memblock_steal(size, SECTION_SIZE);
0117
0118     return 0;
0119 }
0120
0121 phys_addr_t omap_secure_ram_mempool_base(void)
0122 {
0123     return omap_secure_memblock_base;
0124 }
0125
0126 #if defined(CONFIG_ARCH_OMAP3) && defined(CONFIG_PM)
0127 u32 omap3_save_secure_ram(void *addr, int size)
0128 {
0129     static u32 param[5];
0130     u32 ret;
0131
0132     if (size != OMAP3_SAVE_SECURE_RAM_SZ)
0133         return OMAP3_SAVE_SECURE_RAM_SZ;
0134
0135     param[0] = 4;       /* Number of arguments */
0136     param[1] = __pa(addr);  /* Physical address for saving */
0137     param[2] = 0;
0138     param[3] = 1;
0139     param[4] = 1;
0140
0141     ret = save_secure_ram_context(__pa(param));
0142
0143     return ret;
0144 }
0145 #endif
0146
0147 /**
0148  * rx51_secure_dispatcher: Routine to dispatch secure PPA API calls
0149  * @idx: The PPA API index
0150  * @process: Process ID
0151  * @flag: The flag indicating criticality of operation
0152  * @nargs: Number of valid arguments out of four.
0153  * @arg1, arg2, arg3 args4: Parameters passed to secure API
0154  *
0155  * Return the non-zero error value on failure.
0156  *
0157  * NOTE: rx51_secure_dispatcher differs from omap_secure_dispatcher because
0158  *       it calling omap_smc3() instead omap_smc2() and param[0] is nargs+1
0159  */
0160 u32 rx51_secure_dispatcher(u32 idx, u32 process, u32 flag, u32 nargs,
0161                u32 arg1, u32 arg2, u32 arg3, u32 arg4)
0162 {
0163     static u32 param[5];
0164     u32 ret;
0165
0166     param[0] = nargs+1; /* RX-51 needs number of arguments + 1 */
0167     param[1] = arg1;
0168     param[2] = arg2;
0169     param[3] = arg3;
0170     param[4] = arg4;
0171
0172     /*
0173      * Secure API needs physical address
0174      * pointer for the parameters
0175      */
0176     local_irq_disable();
0177     local_fiq_disable();
0178     flush_cache_all();
0179     outer_clean_range(__pa(param), __pa(param + 5));
0180     ret = omap_smc3(idx, process, flag, __pa(param));
0181     flush_cache_all();
0182     local_fiq_enable();
0183     local_irq_enable();
0184
0185     return ret;
0186 }
0187
0188 /**
0189  * rx51_secure_update_aux_cr: Routine to modify the contents of Auxiliary Control Register
0190  *  @set_bits: bits to set in ACR
0191  *  @clr_bits: bits to clear in ACR
0192  *
0193  * Return the non-zero error value on failure.
0194 */
0195 u32 rx51_secure_update_aux_cr(u32 set_bits, u32 clear_bits)
0196 {
0197     u32 acr;
0198
0199     /* Read ACR */
0200     asm volatile ("mrc p15, 0, %0, c1, c0, 1" : "=r" (acr));
0201     acr &= ~clear_bits;
0202     acr |= set_bits;
0203
0204     return rx51_secure_dispatcher(RX51_PPA_WRITE_ACR,
0205                       0,
0206                       FLAG_START_CRITICAL,
0207                       1, acr, 0, 0, 0);
0208 }
0209
0210 /**
0211  * rx51_secure_rng_call: Routine for HW random generator
0212  */
0213 u32 rx51_secure_rng_call(u32 ptr, u32 count, u32 flag)
0214 {
0215     return rx51_secure_dispatcher(RX51_PPA_HWRNG,
0216                       0,
0217                       NO_FLAG,
0218                       3, ptr, count, flag, 0);
0219 }
0220
0221 void __init omap_secure_init(void)
0222 {
0223     omap_optee_init_check();
0224 }
0225
0226 /*
0227  * Dummy dispatcher call after core OSWR and MPU off. Updates the ROM return
0228  * address after MMU has been re-enabled after CPU1 has been woken up again.
0229  * Otherwise the ROM code will attempt to use the earlier physical return
0230  * address that got set with MMU off when waking up CPU1. Only used on secure
0231  * devices.
0232  */
0233 static int cpu_notifier(struct notifier_block *nb, unsigned long cmd, void *v)
0234 {
0235     switch (cmd) {
0236     case CPU_CLUSTER_PM_EXIT:
0237         omap_secure_dispatcher(OMAP4_PPA_SERVICE_0,
0238                        FLAG_START_CRITICAL,
0239                        0, 0, 0, 0, 0);
0240         break;
0241     default:
0242         break;
0243     }
0244
0245     return NOTIFY_OK;
0246 }
0247
0248 static struct notifier_block secure_notifier_block = {
0249     .notifier_call = cpu_notifier,
0250 };
0251
0252 static int __init secure_pm_init(void)
0253 {
0254     if (omap_type() == OMAP2_DEVICE_TYPE_GP || !soc_is_omap44xx())
0255         return 0;
0256
0257     cpu_pm_register_notifier(&secure_notifier_block);
0258
0259     return 0;
0260 }
0261 omap_arch_initcall(secure_pm_init);