u-boot.git/drivers/crypto/fsl, branch v2016.01 Unnamed repository; edit this file 'description' to name the repository. drivers/crypto/fsl: fix endianness issue in RNG 2015-12-15T00:57:35+00:00 Aneesh Bansal aneesh.bansal@freescale.com 2015-12-08T08:24:30+00:00 3a4800a5968f689788d70f7decb000a3d3e1a2f4 For Setting and clearing the bits in SEC Block registers sec_clrbits32() and sec_setbits32() are used which work as per endianness of CAAM block. So these must be used with SEC register address as argument. If the value is read in a local variable, then the functions will not behave correctly where endianness of CAAM and core is different. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> CC: Alex Porosanu <alexandru.porosanu@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
For Setting and clearing the bits in SEC Block registers
sec_clrbits32() and sec_setbits32() are used which work as
per endianness of CAAM block.
So these must be used with SEC register address as argument.
If the value is read in a local variable, then the functions
will not behave correctly where endianness of CAAM and core is
different.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
CC: Alex Porosanu <alexandru.porosanu@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
crypto/fsl: SEC driver cleanup for 64 bit and endianness 2015-10-29T17:33:57+00:00 Aneesh Bansal aneesh.bansal@freescale.com 2015-10-29T17:28:03+00:00 f59e69cbd38ff297a07687ba28437c257cd5757c The SEC driver code has been cleaned up to work for 64 bit physical addresses and systems where endianess of SEC block is different from the Core. Changes: 1. Descriptor created on Core is modified as per SEC block endianness before the job is submitted. 2. The read/write of physical addresses to Job Rings will be depend on endianness of SEC block as 32 bit low and high part of the 64 bit address will vary. 3. The 32 bit low and high part of the 64 bit address in descriptor will vary depending on endianness of SEC. Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
The SEC driver code has been cleaned up to work for 64 bit
physical addresses and systems where endianess of SEC block
is different from the Core.
Changes:
1. Descriptor created on Core is modified as per SEC block
   endianness before the job is submitted.
2. The read/write of physical addresses to Job Rings will
   be depend on endianness of SEC block as 32 bit low and
   high part of the 64 bit address will vary.
3. The 32 bit low and high part of the 64 bit address in
   descriptor will vary depending on endianness of SEC.

Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
Correct License and Copyright information on few files 2015-08-13T00:47:46+00:00 Ruchika Gupta ruchika.gupta@freescale.com 2015-07-27T03:37:39+00:00 057c2200557e187a47f2c10af6c0b2db9bf88df3 gpio.h - Added missing copyright in few files. rsa-mod-exp.h - Corrected copyright in the file. fsl_sec.h - Added missing license in files drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> 
gpio.h - Added missing copyright in few files.
rsa-mod-exp.h - Corrected copyright in the file.
fsl_sec.h - Added missing license in files
drivers/crypto/fsl/Makefile - Removed the incomplete GPLv2 license and replaced it with GPLv2+ license

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
drivers/crypto/fsl: clean-up - use fdt_setprop_u32 helper 2015-08-03T19:06:38+00:00 horia.geanta@freescale.com horia.geanta@freescale.com 2015-07-08T14:24:58+00:00 14d5547cf158c18bc340f01424e011b0802a6bb0 Signed-off-by: Horia Geantă <horia.geanta@freescale.com> Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
drivers/crypto/fsl: fix snooping for write transactions 2015-08-03T19:06:38+00:00 horia.geanta@freescale.com horia.geanta@freescale.com 2015-07-08T14:24:57+00:00 3ef2412de6680c751abd39047cadff7e052a0f51 HW coherency won't work properly for CAAM write transactions if AWCACHE is left to default (POR) value - 4'b0001. It has to be programmed to 4'b0010. For platforms that have HW coherency support: -PPC-based: the update has no effect; CAAM coherency already works due to the IOMMU (PAMU) driver setting the correct memory coherency attributes -ARM-based: the update fixes cache coherency issues, since IOMMU (SMMU) driver is not programmed to behave similar to PAMU Fixes: b9eebfade974c ("fsl_sec: Add hardware accelerated SHA256 and SHA1") Signed-off-by: Horia Geantă <horia.geanta@freescale.com> Reviewed-by: Aneesh Bansal <aneesh.bansal@freescale.com> Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com> Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
HW coherency won't work properly for CAAM write transactions
if AWCACHE is left to default (POR) value - 4'b0001.
It has to be programmed to 4'b0010.

For platforms that have HW coherency support:
-PPC-based: the update has no effect; CAAM coherency already works
due to the IOMMU (PAMU) driver setting the correct memory coherency
attributes
-ARM-based: the update fixes cache coherency issues,
since IOMMU (SMMU) driver is not programmed to behave similar to PAMU

Fixes: b9eebfade974c ("fsl_sec: Add hardware accelerated SHA256 and SHA1")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Aneesh Bansal <aneesh.bansal@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
drivers/crypto/fsl: fix "era" property value on LE platforms 2015-08-03T19:06:38+00:00 horia.geanta@freescale.com horia.geanta@freescale.com 2015-07-08T14:24:56+00:00 e5d08b4d601d4060609b162f437327c823b00947 Use fdt_setprop_u32() instead of fdt_setprop(). Fixes: 0181937fa371a ("crypto/fsl: Add fixup for crypto node") Signed-off-by: Horia Geantă <horia.geanta@freescale.com> Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com> Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
Use fdt_setprop_u32() instead of fdt_setprop().

Fixes: 0181937fa371a ("crypto/fsl: Add fixup for crypto node")
Signed-off-by: Horia Geantă <horia.geanta@freescale.com>
Reviewed-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
drivers/crypto/fsl: enable raw data instead of von Neumann data 2015-08-03T19:06:37+00:00 Alex Porosanu alexandru.porosanu@freescale.com 2015-05-05T13:48:35+00:00 c4065517362ae9132ceaaec4103ed5ad6c9cfe92 The sampling of the oscillator can be done in multiple modes for generating the entropy value. By default, this is set to von Neumann. This patch changes the sampling to raw data, since it has been discovered that the generated entropy has a better 'quality'. Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com> Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
The sampling of the oscillator can be done in multiple modes for
generating the entropy value. By default, this is set to von
Neumann. This patch changes the sampling to raw data, since it
has been discovered that the generated entropy has a better
'quality'.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
drivers/crypto/fsl: disable RNG oscillator maximum frequency check 2015-08-03T19:06:37+00:00 Alex Porosanu alexandru.porosanu@freescale.com 2015-05-05T13:48:33+00:00 026a3f1b7ca487bbce632060b8ca9193bb9edf87 The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the oscillator, when SEC runs at its maximum frequency. For certain platforms (f.i. T2080), the oscillator is very fast and thus if the SEC runs at a lower than normal frequency, the ring oscillator is incorrectly detected as being out of bounds. This patch effectively disables the maximum frequency check, by setting a high enough maximum allowable frequency for the oscillator. The reasoning behind this is that usually a broken oscillator will run too slow (i.e. not run at all) rather than run too fast. Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com> Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com> Reviewed-by: York Sun <yorksun@freescale.com> 
The rtfrqmax & rtfrqmin set the bounds of the expected frequency of the
oscillator, when SEC runs at its maximum frequency. For certain platforms
(f.i. T2080), the oscillator is very fast and thus if the SEC runs at
a lower than normal frequency, the ring oscillator is incorrectly detected
as being out of bounds.

This patch effectively disables the maximum frequency check, by setting a
high enough maximum allowable frequency for the oscillator. The reasoning
behind this is that usually a broken oscillator will run too slow
(i.e. not run at all) rather than run too fast.

Signed-off-by: Alex Porosanu <alexandru.porosanu@freescale.com>
Acked-by: Ruchika Gupta<ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
imx6: Added DEK blob generator command 2015-03-02T08:57:06+00:00 Raul Cardenas Ulises.Cardenas@freescale.com 2015-02-27T17:22:06+00:00 0200020bc2b8192c31dc57c600865267f51bface Freescale's SEC block has built-in Data Encryption Key(DEK) Blob Protocol which provides a method for protecting a DEK for non-secure memory storage. SEC block protects data in a data structure called a Secret Key Blob, which provides both confidentiality and integrity protection. Every time the blob encapsulation is executed, a AES-256 key is randomly generated to encrypt the DEK. This key is encrypted with the OTP Secret key from SoC. The resulting blob consists of the encrypted AES-256 key, the encrypted DEK, and a 16-bit MAC. During decapsulation, the reverse process is performed to get back the original DEK. A caveat to the blob decapsulation process, is that the DEK is decrypted in secure-memory and can only be read by FSL SEC HW. The DEK is used to decrypt data during encrypted boot. Commands added -------------- dek_blob - encapsulating DEK as a cryptgraphic blob Commands Syntax --------------- dek_blob src dst len Encapsulate and create blob of a len-bits DEK at address src and store the result at address dst. Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com> Signed-off-by: Nitin Garg <nitin.garg@freescale.com> Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com> Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com> 
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.

During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process,  is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.

Commands added
--------------
  dek_blob - encapsulating DEK as a cryptgraphic blob

Commands Syntax
---------------
  dek_blob src dst len

    Encapsulate and create blob of a len-bits DEK at
    address src and store the result at address dst.

Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Nitin Garg <nitin.garg@freescale.com>

Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com>

Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
crypto/fsl - Add progressive hashing support using hardware acceleration. 2015-02-25T21:20:02+00:00 gaurav rana gaurav.rana@freescale.com 2015-02-20T07:21:46+00:00 94e3c8c4fd7bfe395fa467973cd647551d6d98c7 Currently only normal hashing is supported using hardware acceleration. Added support for progressive hashing using hardware. Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com> CC: Simon Glass <sjg@chromium.org> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: York Sun <yorksun@freescale.com> 
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>