From 84e0fb403d2271a858799776a410ecc070422f66 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Mon, 29 Sep 2014 11:14:35 +0530 Subject: powerpc/P1010RDB:Update RESET_VECTOR_ADDRESS for 768KB u-boot size U-boot binary size has been increased from 512KB to 768KB. So update CONFIG_RESET_VECTOR_ADDRESS to reflect the same for P1010 SPI Flash Secure boot target. Signed-off-by: Ruchika Gupta [York Sun: Modified subject to P1010RDB] Reviewed-by: York Sun --- include/configs/P1010RDB.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h index a373990e5d..321932781b 100644 --- a/include/configs/P1010RDB.h +++ b/include/configs/P1010RDB.h @@ -53,7 +53,7 @@ #ifdef CONFIG_SECURE_BOOT #define CONFIG_RAMBOOT_SPIFLASH #define CONFIG_SYS_TEXT_BASE 0x11000000 -#define CONFIG_RESET_VECTOR_ADDRESS 0x1107fffc +#define CONFIG_RESET_VECTOR_ADDRESS 0x110bfffc #else #define CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT #define CONFIG_SPL_DRIVERS_MISC_SUPPORT -- cgit From 48ef0d2a1002d3da0bf7ed13d0959bcbf782c792 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Tue, 9 Sep 2014 11:50:30 +0530 Subject: fsl_sec : Move SEC CCSR definition to common include Freescale SEC controller has been used for mpc8xxx. It will be used for ARM-based SoC as well. This patch moves the CCSR defintion of SEC to common include Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/fsl_sec.h | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 include/fsl_sec.h (limited to 'include') diff --git a/include/fsl_sec.h b/include/fsl_sec.h new file mode 100644 index 0000000000..b31999f659 --- /dev/null +++ b/include/fsl_sec.h @@ -0,0 +1,88 @@ +/* + * Common internal memory map for some Freescale SoCs + * + * Copyright 2014 Freescale Semiconductor, Inc. + * + */ + +#ifndef __FSL_SEC_H +#define __FSL_SEC_H + +#include +#include + +/* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ +#if CONFIG_SYS_FSL_SEC_COMPAT >= 4 +typedef struct ccsr_sec { + u32 res0; + u32 mcfgr; /* Master CFG Register */ + u8 res1[0x4]; + u32 scfgr; + struct { + u32 ms; /* Job Ring LIODN Register, MS */ + u32 ls; /* Job Ring LIODN Register, LS */ + } jrliodnr[4]; + u8 res2[0x2c]; + u32 jrstartr; /* Job Ring Start Register */ + struct { + u32 ms; /* RTIC LIODN Register, MS */ + u32 ls; /* RTIC LIODN Register, LS */ + } rticliodnr[4]; + u8 res3[0x1c]; + u32 decorr; /* DECO Request Register */ + struct { + u32 ms; /* DECO LIODN Register, MS */ + u32 ls; /* DECO LIODN Register, LS */ + } decoliodnr[8]; + u8 res4[0x40]; + u32 dar; /* DECO Avail Register */ + u32 drr; /* DECO Reset Register */ + u8 res5[0xe78]; + u32 crnr_ms; /* CHA Revision Number Register, MS */ + u32 crnr_ls; /* CHA Revision Number Register, LS */ + u32 ctpr_ms; /* Compile Time Parameters Register, MS */ + u32 ctpr_ls; /* Compile Time Parameters Register, LS */ + u8 res6[0x10]; + u32 far_ms; /* Fault Address Register, MS */ + u32 far_ls; /* Fault Address Register, LS */ + u32 falr; /* Fault Address LIODN Register */ + u32 fadr; /* Fault Address Detail Register */ + u8 res7[0x4]; + u32 csta; /* CAAM Status Register */ + u8 res8[0x8]; + u32 rvid; /* Run Time Integrity Checking Version ID Reg.*/ + u32 ccbvid; /* CHA Cluster Block Version ID Register */ + u32 chavid_ms; /* CHA Version ID Register, MS */ + u32 chavid_ls; /* CHA Version ID Register, LS */ + u32 chanum_ms; /* CHA Number Register, MS */ + u32 chanum_ls; /* CHA Number Register, LS */ + u32 secvid_ms; /* SEC Version ID Register, MS */ + u32 secvid_ls; /* SEC Version ID Register, LS */ + u8 res9[0x6020]; + u32 qilcr_ms; /* Queue Interface LIODN CFG Register, MS */ + u32 qilcr_ls; /* Queue Interface LIODN CFG Register, LS */ + u8 res10[0x8fd8]; +} ccsr_sec_t; + +#define SEC_CTPR_MS_AXI_LIODN 0x08000000 +#define SEC_CTPR_MS_QI 0x02000000 +#define SEC_CTPR_MS_VIRT_EN_INCL 0x00000001 +#define SEC_CTPR_MS_VIRT_EN_POR 0x00000002 +#define SEC_RVID_MA 0x0f000000 +#define SEC_CHANUM_MS_JRNUM_MASK 0xf0000000 +#define SEC_CHANUM_MS_JRNUM_SHIFT 28 +#define SEC_CHANUM_MS_DECONUM_MASK 0x0f000000 +#define SEC_CHANUM_MS_DECONUM_SHIFT 24 +#define SEC_SECVID_MS_IPID_MASK 0xffff0000 +#define SEC_SECVID_MS_IPID_SHIFT 16 +#define SEC_SECVID_MS_MAJ_REV_MASK 0x0000ff00 +#define SEC_SECVID_MS_MAJ_REV_SHIFT 8 +#define SEC_CCBVID_ERA_MASK 0xff000000 +#define SEC_CCBVID_ERA_SHIFT 24 +#define SEC_SCFGR_RDBENABLE 0x00000400 +#define SEC_SCFGR_VIRT_EN 0x00008000 +#define SEC_CHAVID_LS_RNG_SHIFT 16 +#define SEC_CHAVID_RNG_LS_MASK 0x000f0000 +#endif + +#endif /* __FSL_SEC_H */ -- cgit From 028dbb8db1d18c5835ab34659f9ef7a516571524 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Tue, 9 Sep 2014 11:50:31 +0530 Subject: fsl_sec : Change accessor function to take care of endianness SEC registers can be of type Little Endian or big Endian depending upon Freescale SoC. Here SoC defines the register type of SEC IP. So update acessor functions with common SEC acessor functions to take care both type of endianness. Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/fsl_sec.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'include') diff --git a/include/fsl_sec.h b/include/fsl_sec.h index b31999f659..a11f58dc81 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -11,6 +11,22 @@ #include #include +#ifdef CONFIG_SYS_FSL_SEC_LE +#define sec_in32(a) in_le32(a) +#define sec_out32(a, v) out_le32(a, v) +#define sec_in16(a) in_le16(a) +#define sec_clrbits32 clrbits_le32 +#define sec_setbits32 setbits_le32 +#elif defined(CONFIG_SYS_FSL_SEC_BE) +#define sec_in32(a) in_be32(a) +#define sec_out32(a, v) out_be32(a, v) +#define sec_in16(a) in_be16(a) +#define sec_clrbits32 clrbits_be32 +#define sec_setbits32 setbits_be32 +#else +#error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined +#endif + /* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 typedef struct ccsr_sec { -- cgit From b9eebfade974c86c8ddef64793649374c9876242 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Wed, 15 Oct 2014 11:35:30 +0530 Subject: fsl_sec: Add hardware accelerated SHA256 and SHA1 SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam. The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to enable initialization of this hardware IP. Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/fsl_sec.h | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'include') diff --git a/include/fsl_sec.h b/include/fsl_sec.h index a11f58dc81..2a26d85ee8 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -99,6 +99,51 @@ typedef struct ccsr_sec { #define SEC_SCFGR_VIRT_EN 0x00008000 #define SEC_CHAVID_LS_RNG_SHIFT 16 #define SEC_CHAVID_RNG_LS_MASK 0x000f0000 + +#define CONFIG_JRSTARTR_JR0 0x00000001 + +struct jr_regs { +#ifdef CONFIG_SYS_FSL_SEC_LE + u32 irba_l; + u32 irba_h; +#else + u32 irba_h; + u32 irba_l; +#endif + u32 rsvd1; + u32 irs; + u32 rsvd2; + u32 irsa; + u32 rsvd3; + u32 irja; +#ifdef CONFIG_SYS_FSL_SEC_LE + u32 orba_l; + u32 orba_h; +#else + u32 orba_h; + u32 orba_l; +#endif + u32 rsvd4; + u32 ors; + u32 rsvd5; + u32 orjr; + u32 rsvd6; + u32 orsf; + u32 rsvd7; + u32 jrsta; + u32 rsvd8; + u32 jrint; + u32 jrcfg0; + u32 jrcfg1; + u32 rsvd9; + u32 irri; + u32 rsvd10; + u32 orwi; + u32 rsvd11; + u32 jrcr; +}; + +int sec_init(void); #endif #endif /* __FSL_SEC_H */ -- cgit From 737537ef0c9622114cf1a48208abf048df1b2005 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Wed, 15 Oct 2014 11:35:31 +0530 Subject: mpc85xx: configs - Add hash command in freescale platforms Enable CAAM in platforms supporting the hardware block. Hash command enabled along with hardware accelerated support for SHA-1 and SHA-256 for platforms which have CAAM block. Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/configs/B4860QDS.h | 7 +++++++ include/configs/BSC9131RDB.h | 7 +++++++ include/configs/BSC9132QDS.h | 7 +++++++ include/configs/C29XPCIE.h | 7 +++++++ include/configs/P1010RDB.h | 7 +++++++ include/configs/P2041RDB.h | 7 +++++++ include/configs/T1040QDS.h | 7 +++++++ include/configs/T104xRDB.h | 7 +++++++ include/configs/T208xQDS.h | 7 +++++++ include/configs/T208xRDB.h | 7 +++++++ include/configs/T4240QDS.h | 7 +++++++ include/configs/T4240RDB.h | 7 +++++++ include/configs/corenet_ds.h | 7 +++++++ 13 files changed, 91 insertions(+) (limited to 'include') diff --git a/include/configs/B4860QDS.h b/include/configs/B4860QDS.h index 9063c57b40..32233c1f3d 100644 --- a/include/configs/B4860QDS.h +++ b/include/configs/B4860QDS.h @@ -82,6 +82,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCIE1 /* PCIE controler 1 */ #define CONFIG_FSL_PCI_INIT /* Use common FSL init code */ @@ -759,6 +760,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_CMD_NET #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * USB */ diff --git a/include/configs/BSC9131RDB.h b/include/configs/BSC9131RDB.h index 56a3e94868..bc5af526c5 100644 --- a/include/configs/BSC9131RDB.h +++ b/include/configs/BSC9131RDB.h @@ -55,6 +55,7 @@ #define CONFIG_BOOKE /* BOOKE */ #define CONFIG_E500 /* BOOKE e500 family */ #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_FSL_LAW /* Use common FSL init code */ #define CONFIG_TSEC_ENET @@ -382,6 +383,12 @@ extern unsigned long get_sdram_size(void); #define CONFIG_KGDB_BAUDRATE 230400 /* speed to run kgdb serial port */ #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + #define CONFIG_USB_EHCI #ifdef CONFIG_USB_EHCI diff --git a/include/configs/BSC9132QDS.h b/include/configs/BSC9132QDS.h index aeded6d85b..7be1a023e3 100644 --- a/include/configs/BSC9132QDS.h +++ b/include/configs/BSC9132QDS.h @@ -78,6 +78,7 @@ #define CONFIG_BOOKE /* BOOKE */ #define CONFIG_E500 /* BOOKE e500 family */ #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_SYS_HAS_SERDES /* common SERDES init code */ #define CONFIG_PCI /* Enable PCI/PCIE */ @@ -598,6 +599,12 @@ combinations. this should be removed later #define CONFIG_DOS_PARTITION #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/C29XPCIE.h b/include/configs/C29XPCIE.h index 715616d544..5d11278f03 100644 --- a/include/configs/C29XPCIE.h +++ b/include/configs/C29XPCIE.h @@ -86,6 +86,7 @@ #define CONFIG_BOOKE /* BOOKE */ #define CONFIG_E500 /* BOOKE e500 family */ #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_SYS_HAS_SERDES /* common SERDES init code */ #define CONFIG_PCI /* Enable PCI/PCIE */ @@ -506,6 +507,12 @@ #define CONFIG_CMD_SETEXPR #define CONFIG_CMD_REGINFO +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h index 321932781b..f58fba28f0 100644 --- a/include/configs/P1010RDB.h +++ b/include/configs/P1010RDB.h @@ -170,6 +170,7 @@ #define CONFIG_BOOKE /* BOOKE */ #define CONFIG_E500 /* BOOKE e500 family */ #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_SYS_HAS_SERDES /* common SERDES init code */ #define CONFIG_PCI /* Enable PCI/PCIE */ @@ -832,6 +833,12 @@ extern unsigned long get_sdram_size(void); #define CONFIG_DOS_PARTITION #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/P2041RDB.h b/include/configs/P2041RDB.h index 16f7525def..bab0e1e72f 100644 --- a/include/configs/P2041RDB.h +++ b/include/configs/P2041RDB.h @@ -49,6 +49,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_ELBC /* Has Enhanced localbus controller */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCIE1 /* PCIE controler 1 */ #define CONFIG_PCIE2 /* PCIE controler 2 */ @@ -647,6 +648,12 @@ unsigned long get_board_sys_clk(unsigned long dummy); #define CONFIG_DOS_PARTITION #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/T1040QDS.h b/include/configs/T1040QDS.h index a781ba327a..273919375f 100644 --- a/include/configs/T1040QDS.h +++ b/include/configs/T1040QDS.h @@ -58,6 +58,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCI_INDIRECT_BRIDGE #define CONFIG_PCIE1 /* PCIE controler 1 */ @@ -716,6 +717,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_CMD_NET #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/T104xRDB.h b/include/configs/T104xRDB.h index 5e2c100d93..eb2ca73454 100644 --- a/include/configs/T104xRDB.h +++ b/include/configs/T104xRDB.h @@ -113,6 +113,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCI_INDIRECT_BRIDGE #define CONFIG_PCIE1 /* PCIE controler 1 */ @@ -731,6 +732,12 @@ #define CONFIG_CMD_NET #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/T208xQDS.h b/include/configs/T208xQDS.h index 395472be2b..2268dd6383 100644 --- a/include/configs/T208xQDS.h +++ b/include/configs/T208xQDS.h @@ -44,6 +44,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_FSL_LAW /* Use common FSL init code */ #define CONFIG_ENV_OVERWRITE @@ -777,6 +778,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_CMD_NET #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/T208xRDB.h b/include/configs/T208xRDB.h index e5936c7817..b896d74bc1 100644 --- a/include/configs/T208xRDB.h +++ b/include/configs/T208xRDB.h @@ -37,6 +37,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_FSL_LAW /* Use common FSL init code */ #define CONFIG_ENV_OVERWRITE @@ -736,6 +737,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_CMD_NET #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ diff --git a/include/configs/T4240QDS.h b/include/configs/T4240QDS.h index ca9724720d..e5d3f04a5f 100644 --- a/include/configs/T4240QDS.h +++ b/include/configs/T4240QDS.h @@ -15,6 +15,7 @@ #define CONFIG_FSL_SATA_V2 #define CONFIG_PCIE4 +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_ICS307_REFCLK_HZ 25000000 /* ICS307 ref clk freq */ @@ -506,6 +507,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_PHY_GIGE /* Include GbE speed/duplex detection */ #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * USB */ diff --git a/include/configs/T4240RDB.h b/include/configs/T4240RDB.h index 183255d283..4381c61f59 100644 --- a/include/configs/T4240RDB.h +++ b/include/configs/T4240RDB.h @@ -47,6 +47,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_IFC /* Enable IFC Support */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCIE1 /* PCIE controler 1 */ #define CONFIG_PCIE2 /* PCIE controler 2 */ @@ -668,6 +669,12 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_DOS_PARTITION #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + #define CONFIG_BOOTDELAY 10 /* -1 disables auto-boot */ #define __USB_PHY_TYPE utmi diff --git a/include/configs/corenet_ds.h b/include/configs/corenet_ds.h index 12b32967b4..ea0363a771 100644 --- a/include/configs/corenet_ds.h +++ b/include/configs/corenet_ds.h @@ -57,6 +57,7 @@ #define CONFIG_SYS_FSL_CPC /* Corenet Platform Cache */ #define CONFIG_SYS_NUM_CPC CONFIG_NUM_DDR_CONTROLLERS #define CONFIG_FSL_ELBC /* Has Enhanced localbus controller */ +#define CONFIG_FSL_CAAM /* Enable SEC/CAAM */ #define CONFIG_PCI /* Enable PCI/PCIE */ #define CONFIG_PCIE1 /* PCIE controler 1 */ #define CONFIG_PCIE2 /* PCIE controler 2 */ @@ -648,6 +649,12 @@ #define CONFIG_DOS_PARTITION #endif +/* Hash command with SHA acceleration supported in hardware */ +#ifdef CONFIG_FSL_CAAM +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL +#endif + /* * Miscellaneous configurable options */ -- cgit From 4ba4a095da4f7d38270ee22cc1a1ce64fa47d009 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Wed, 15 Oct 2014 11:39:06 +0530 Subject: ls102x: configs - Add hash command in freescale LS1 platforms Hardware accelerated support for SHA-1 and SHA-256 has been added. Hash command enabled along with hardware accelerated support for SHA-1 and SHA-256 for platforms which have CAAM block. Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/configs/ls1021aqds.h | 7 +++++++ include/configs/ls1021atwr.h | 8 ++++++++ 2 files changed, 15 insertions(+) (limited to 'include') diff --git a/include/configs/ls1021aqds.h b/include/configs/ls1021aqds.h index bb47813345..139583fea1 100644 --- a/include/configs/ls1021aqds.h +++ b/include/configs/ls1021aqds.h @@ -69,6 +69,7 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_SYS_HAS_SERDES +#define CONFIG_FSL_CAAM /* Enable CAAM */ /* * IFC Definitions */ @@ -388,4 +389,10 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_OF_BOARD_SETUP #define CONFIG_CMD_BOOTZ +#define CONFIG_MISC_INIT_R + +/* Hash command with SHA acceleration supported in hardware */ +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL + #endif diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h index 45b2272ff5..ebe5daef60 100644 --- a/include/configs/ls1021atwr.h +++ b/include/configs/ls1021atwr.h @@ -48,6 +48,8 @@ #define CONFIG_SYS_HAS_SERDES +#define CONFIG_FSL_CAAM /* Enable CAAM */ + /* * IFC Definitions */ @@ -288,4 +290,10 @@ #define CONFIG_OF_BOARD_SETUP #define CONFIG_CMD_BOOTZ +#define CONFIG_MISC_INIT_R + +/* Hash command with SHA acceleration supported in hardware */ +#define CONFIG_CMD_HASH +#define CONFIG_SHA_HW_ACCEL + #endif -- cgit From c5de15cbc8a8c87ae9f104e958ee6a374a145724 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Tue, 7 Oct 2014 15:46:20 +0530 Subject: crypto/fsl: Add command for encapsulating/decapsulating blobs Freescale's SEC block has built-in Blob Protocol which provides a method for protecting user-defined data across system power cycles. SEC block protects data in a data structure called a Blob, which provides both confidentiality and integrity protection. Encapsulating data as a blob Each time that the Blob Protocol is used to protect data, a different randomly generated key is used to encrypt the data. This random key is itself encrypted using a key which is derived from SoC's non volatile secret key and a 16 bit Key identifier. The resulting encrypted key along with encrypted data is called a blob. The non volatile secure key is available for use only during secure boot. During decapsulation, the reverse process is performed to get back the original data. Commands added -------------- blob enc - encapsulating data as a cryptgraphic blob blob dec - decapsulating cryptgraphic blob to get the data Commands Syntax --------------- blob enc src dst len km Encapsulate and create blob of data $len bytes long at address $src and store the result at address $dst. $km is the 16 byte key modifier is also required for generation/use as key for cryptographic operation. Key modifier should be 16 byte long. blob dec src dst len km Decapsulate the blob of data at address $src and store result of $len byte at addr $dst. $km is the 16 byte key modifier is also required for generation/use as key for cryptographic operation. Key modifier should be 16 byte long. Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/fsl_sec.h | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/fsl_sec.h b/include/fsl_sec.h index 2a26d85ee8..aa850a3bf1 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -29,6 +29,36 @@ /* Security Engine Block (MS = Most Sig., LS = Least Sig.) */ #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 +/* RNG4 TRNG test registers */ +struct rng4tst { +#define RTMCTL_PRGM 0x00010000 /* 1 -> program mode, 0 -> run mode */ + u32 rtmctl; /* misc. control register */ + u32 rtscmisc; /* statistical check misc. register */ + u32 rtpkrrng; /* poker range register */ +#define RTSDCTL_ENT_DLY_MIN 1200 +#define RTSDCTL_ENT_DLY_MAX 12800 + union { + u32 rtpkrmax; /* PRGM=1: poker max. limit register */ + u32 rtpkrsq; /* PRGM=0: poker square calc. result register */ + }; +#define RTSDCTL_ENT_DLY_SHIFT 16 +#define RTSDCTL_ENT_DLY_MASK (0xffff << RTSDCTL_ENT_DLY_SHIFT) + u32 rtsdctl; /* seed control register */ + union { + u32 rtsblim; /* PRGM=1: sparse bit limit register */ + u32 rttotsam; /* PRGM=0: total samples register */ + }; + u32 rtfreqmin; /* frequency count min. limit register */ + union { + u32 rtfreqmax; /* PRGM=1: freq. count max. limit register */ + u32 rtfreqcnt; /* PRGM=0: freq. count register */ + }; + u32 rsvd1[40]; +#define RNG_STATE0_HANDLE_INSTANTIATED 0x00000001 + u32 rdsta; /*RNG DRNG Status Register*/ + u32 rsvd2[15]; +}; + typedef struct ccsr_sec { u32 res0; u32 mcfgr; /* Master CFG Register */ @@ -53,7 +83,9 @@ typedef struct ccsr_sec { u8 res4[0x40]; u32 dar; /* DECO Avail Register */ u32 drr; /* DECO Reset Register */ - u8 res5[0xe78]; + u8 res5[0x4d8]; + struct rng4tst rng; /* RNG Registers */ + u8 res11[0x8a0]; u32 crnr_ms; /* CHA Revision Number Register, MS */ u32 crnr_ls; /* CHA Revision Number Register, LS */ u32 ctpr_ms; /* Compile Time Parameters Register, MS */ -- cgit From 789490b6c0c56ed803555d2f9ecc7b35ae49a90c Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Tue, 7 Oct 2014 15:48:46 +0530 Subject: mpc85xx: configs - Enable blob command in freescale platforms Enable blob commands for platforms having SEC 4.0 or greater for secure boot scenarios Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/configs/B4860QDS.h | 4 ++++ include/configs/BSC9132QDS.h | 4 ++++ include/configs/P1010RDB.h | 4 ++++ include/configs/P2041RDB.h | 4 ++++ include/configs/T1040QDS.h | 1 + include/configs/T104xRDB.h | 1 + include/configs/T208xQDS.h | 1 + include/configs/T208xRDB.h | 1 + include/configs/T4240QDS.h | 4 ++++ include/configs/T4240RDB.h | 1 + include/configs/corenet_ds.h | 4 ++++ 11 files changed, 29 insertions(+) (limited to 'include') diff --git a/include/configs/B4860QDS.h b/include/configs/B4860QDS.h index 32233c1f3d..dc1a9bc1ef 100644 --- a/include/configs/B4860QDS.h +++ b/include/configs/B4860QDS.h @@ -920,4 +920,8 @@ unsigned long get_board_ddr_clk(void); #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ diff --git a/include/configs/BSC9132QDS.h b/include/configs/BSC9132QDS.h index 7be1a023e3..989363c0fb 100644 --- a/include/configs/BSC9132QDS.h +++ b/include/configs/BSC9132QDS.h @@ -711,4 +711,8 @@ combinations. this should be removed later #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ diff --git a/include/configs/P1010RDB.h b/include/configs/P1010RDB.h index f58fba28f0..d378dbd1a1 100644 --- a/include/configs/P1010RDB.h +++ b/include/configs/P1010RDB.h @@ -963,4 +963,8 @@ extern unsigned long get_sdram_size(void); #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ diff --git a/include/configs/P2041RDB.h b/include/configs/P2041RDB.h index bab0e1e72f..2e11aaa13c 100644 --- a/include/configs/P2041RDB.h +++ b/include/configs/P2041RDB.h @@ -750,4 +750,8 @@ unsigned long get_board_sys_clk(unsigned long dummy); #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ diff --git a/include/configs/T1040QDS.h b/include/configs/T1040QDS.h index 273919375f..1d0664ddf6 100644 --- a/include/configs/T1040QDS.h +++ b/include/configs/T1040QDS.h @@ -825,6 +825,7 @@ unsigned long get_board_ddr_clk(void); #ifdef CONFIG_SECURE_BOOT #include +#define CONFIG_CMD_BLOB #endif #endif /* __CONFIG_H */ diff --git a/include/configs/T104xRDB.h b/include/configs/T104xRDB.h index eb2ca73454..2bb86e40ca 100644 --- a/include/configs/T104xRDB.h +++ b/include/configs/T104xRDB.h @@ -872,6 +872,7 @@ #ifdef CONFIG_SECURE_BOOT #include +#define CONFIG_CMD_BLOB #endif #endif /* __CONFIG_H */ diff --git a/include/configs/T208xQDS.h b/include/configs/T208xQDS.h index 2268dd6383..27333589af 100644 --- a/include/configs/T208xQDS.h +++ b/include/configs/T208xQDS.h @@ -916,6 +916,7 @@ unsigned long get_board_ddr_clk(void); #ifdef CONFIG_SECURE_BOOT #include +#define CONFIG_CMD_BLOB #undef CONFIG_CMD_USB #endif diff --git a/include/configs/T208xRDB.h b/include/configs/T208xRDB.h index b896d74bc1..400d979643 100644 --- a/include/configs/T208xRDB.h +++ b/include/configs/T208xRDB.h @@ -875,6 +875,7 @@ unsigned long get_board_ddr_clk(void); #ifdef CONFIG_SECURE_BOOT #include +#define CONFIG_CMD_BLOB #undef CONFIG_CMD_USB #endif diff --git a/include/configs/T4240QDS.h b/include/configs/T4240QDS.h index e5d3f04a5f..1e0f5ece09 100644 --- a/include/configs/T4240QDS.h +++ b/include/configs/T4240QDS.h @@ -632,4 +632,8 @@ unsigned long get_board_ddr_clk(void); #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ diff --git a/include/configs/T4240RDB.h b/include/configs/T4240RDB.h index 4381c61f59..13f4bd3c53 100644 --- a/include/configs/T4240RDB.h +++ b/include/configs/T4240RDB.h @@ -758,6 +758,7 @@ unsigned long get_board_ddr_clk(void); * which is anyways not used in Secure Environment. */ #undef CONFIG_CMD_USB +#define CONFIG_CMD_BLOB #endif #endif /* __CONFIG_H */ diff --git a/include/configs/corenet_ds.h b/include/configs/corenet_ds.h index ea0363a771..72b7efa509 100644 --- a/include/configs/corenet_ds.h +++ b/include/configs/corenet_ds.h @@ -752,4 +752,8 @@ #include +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif /* __CONFIG_H */ -- cgit From ba4740205d22d31da289f5b6b2f8db7d27896f40 Mon Sep 17 00:00:00 2001 From: Ruchika Gupta Date: Tue, 7 Oct 2014 15:48:47 +0530 Subject: ls102x: Add support for secure boot and enable blob command Signed-off-by: Ruchika Gupta Reviewed-by: York Sun --- include/configs/ls1021aqds.h | 4 ++++ include/configs/ls1021atwr.h | 4 ++++ 2 files changed, 8 insertions(+) (limited to 'include') diff --git a/include/configs/ls1021aqds.h b/include/configs/ls1021aqds.h index 139583fea1..42214262f4 100644 --- a/include/configs/ls1021aqds.h +++ b/include/configs/ls1021aqds.h @@ -395,4 +395,8 @@ unsigned long get_board_ddr_clk(void); #define CONFIG_CMD_HASH #define CONFIG_SHA_HW_ACCEL +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif diff --git a/include/configs/ls1021atwr.h b/include/configs/ls1021atwr.h index ebe5daef60..5868287057 100644 --- a/include/configs/ls1021atwr.h +++ b/include/configs/ls1021atwr.h @@ -296,4 +296,8 @@ #define CONFIG_CMD_HASH #define CONFIG_SHA_HW_ACCEL +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_CMD_BLOB +#endif + #endif -- cgit