[U-Boot] [RESEND PATCH v3 0/2] Fix CAAM for TrustZone enable for warp7
V3: - Changed location of sec_init() from warp.c::board_init() to soc.c::arch_misc_init() which will allow any i.MX7 which defines CONFIG_FSL_CAAM to forget about running sec_init().
V2: - Add an explicit assignment of JRMID when setting job-ring ownership Required on my reference part where the JRMID field is not set on the third job-ring
V1: This series is the u-boot fix to a problem we encountered when enabling OPTEE/TrustZone on the WaRP7. The symptom is once TrustZone is activated the first page of CAAM registers becomes read-only, read-zero from the perspective of Linux and other non TrustZone contexts.
Offlining the problem with Peng Fan[1] we eventually came to realise the problem could be worked around by
1. Making Linux skip RNG initialisation - a set of patches should be hitting LKML to do just that.
2. Initialising the RNG either from u-boot or OPTEE. In this case u-boot is the right place to-do that because there's upstream code in u-boot that just works. Patch #2 does that for the WaRP7.
3. Ensuring the job-ring registers are assigned to the non TrustZone mode. On the i.MX7 after the BootROM runs the job-ring registers are assigned to TrustZone. Patch #1 does that for all CAAM hardware.
On point #3 this ordinarily isn't a problem because unless TrustZone is activated the restrictions on the job-ring registers don't kick in, its only after enabling TrustZone that Linux will loose access to the job-ring registers.
Finally should OPTEE or another TEE want to do things with the job-ring registers it will have sufficient privilege to assign whichever job-ring registers it wants to OPTEE/TEE but will naturally then have to arbitrate with Linux to inform the Kernel CAAM driver which job-ring registers it can and cannot access.
That arbitration process is for a future putative OPTEE/TEE CAAM driver to solve and is out of scope of this patchset.
[1] Thanks for all of your help BTW - Peng, there's no way this would be working without you giving direction on how.
Bryan O'Donoghue (2): drivers/crypto/fsl: assign job-rings to non-TrustZone imx: mx7: run sec_init for CAAM RNG
arch/arm/mach-imx/mx7/soc.c | 4 ++++ drivers/crypto/fsl/jr.c | 9 +++++++++ drivers/crypto/fsl/jr.h | 2 ++ 3 files changed, 15 insertions(+)
After enabling TrustZone various parts of the CAAM silicon become inaccessible to non TrustZone contexts. The job-ring registers are designed to allow non TrustZone contexts like Linux to still submit jobs to CAAM even after TrustZone has been enabled.
The default job-ring permissions after the BootROM look like this for job-ring zero.
ms=0x00008001 ls=0x00008001
The MS field is JRaMIDR_MS (job ring MID most significant).
Referring to "Security Reference Manual for i.MX 7Dual and 7Solo Applications Processors, Rev. 0, 03/2017" section 8.10.4 we see that JROWN_NS controls whether or not a job-ring is accessible from non TrustZone.
Bit 15 (TrustZone) is the logical inverse of bit 3 hence the above value of 0x8001 shows that JROWN_NS=0 and TrustZone=1.
Clearly then as soon as TrustZone becomes active the job-ring registers are no longer accessible from Linux, which is not what we want.
This patch explicitly sets all job-ring registers to JROWN_NS=1 (non TrustZone) by default and to the Non-Secure MID 001. Both settings are required to successfully assign a job-ring to non-secure mode. If a piece of TrustZone firmware requires ownership of job-ring registers it can unset the JROWN_NS bit itself.
This patch in conjunction with a modification of the Linux kernel to skip HWRNG initialisation makes CAAM usable to Linux with TrustZone enabled.
Signed-off-by: Bryan O'Donoghue bryan.odonoghue@linaro.org Cc: Fabio Estevam fabio.estevam@nxp.com Cc: Peng Fan peng.fan@nxp.com Cc: Alex Porosanu alexandru.porosanu@nxp.com Cc: Ruchika Gupta ruchika.gupta@nxp.com Cc: Aneesh Bansal aneesh.bansal@nxp.com Link: https://github.com/OP-TEE/optee_os/issues/1408 Link: https://tinyurl.com/yam5gv9a Tested-by: Lukas Auer lukas.auer@aisec.fraunhofer.de --- drivers/crypto/fsl/jr.c | 9 +++++++++ drivers/crypto/fsl/jr.h | 2 ++ 2 files changed, 11 insertions(+)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index a6dad01..34bd070 100644 --- a/drivers/crypto/fsl/jr.c +++ b/drivers/crypto/fsl/jr.c @@ -579,6 +579,8 @@ int sec_init_idx(uint8_t sec_idx) { ccsr_sec_t *sec = (void *)SEC_ADDR(sec_idx); uint32_t mcr = sec_in32(&sec->mcfgr); + uint32_t jrown_ns; + int i; int ret = 0;
#ifdef CONFIG_FSL_CORENET @@ -634,6 +636,13 @@ int sec_init_idx(uint8_t sec_idx) #endif #endif
+ /* Set ownership of job rings to non-TrustZone mode by default */ + for (i = 0; i < ARRAY_SIZE(sec->jrliodnr); i++) { + jrown_ns = sec_in32(&sec->jrliodnr[i].ms); + jrown_ns |= JROWN_NS | JRMID_NS; + sec_out32(&sec->jrliodnr[i].ms, jrown_ns); + } + ret = jr_init(sec_idx); if (ret < 0) { printf("SEC initialization failed\n"); diff --git a/drivers/crypto/fsl/jr.h b/drivers/crypto/fsl/jr.h index f546226..ef515e7 100644 --- a/drivers/crypto/fsl/jr.h +++ b/drivers/crypto/fsl/jr.h @@ -34,6 +34,8 @@ #define JRNSLIODN_MASK 0x0fff0000 #define JRSLIODN_SHIFT 0 #define JRSLIODN_MASK 0x00000fff +#define JROWN_NS 0x00000008 +#define JRMID_NS 0x00000001
#define JQ_DEQ_ERR -1 #define JQ_DEQ_TO_ERR -2
-----Original Message----- From: Bryan O'Donoghue [mailto:bryan.odonoghue@linaro.org] Sent: Friday, January 26, 2018 5:55 PM To: u-boot@lists.denx.de; trini@konsulko.com Cc: Peng Fan peng.fan@nxp.com; Fabio Estevam fabio.estevam@nxp.com; lukas.auer@aisec.fraunhofer.de; Bryan O'Donoghue bryan.odonoghue@linaro.org; Alexandru Porosanu alexandru.porosanu@nxp.com; Ruchika Gupta ruchika.gupta@nxp.com; Aneesh Bansal aneesh.bansal@nxp.com Subject: [RESEND PATCH v3 1/2] drivers/crypto/fsl: assign job-rings to non- TrustZone
After enabling TrustZone various parts of the CAAM silicon become inaccessible to non TrustZone contexts. The job-ring registers are designed to allow non TrustZone contexts like Linux to still submit jobs to CAAM even after TrustZone has been enabled.
The default job-ring permissions after the BootROM look like this for job-ring zero.
ms=0x00008001 ls=0x00008001
The MS field is JRaMIDR_MS (job ring MID most significant).
Referring to "Security Reference Manual for i.MX 7Dual and 7Solo Applications Processors, Rev. 0, 03/2017" section 8.10.4 we see that JROWN_NS controls whether or not a job-ring is accessible from non TrustZone.
Bit 15 (TrustZone) is the logical inverse of bit 3 hence the above value of 0x8001 shows that JROWN_NS=0 and TrustZone=1.
Clearly then as soon as TrustZone becomes active the job-ring registers are no longer accessible from Linux, which is not what we want.
This patch explicitly sets all job-ring registers to JROWN_NS=1 (non TrustZone) by default and to the Non-Secure MID 001. Both settings are required to successfully assign a job-ring to non-secure mode. If a piece of TrustZone firmware requires ownership of job-ring registers it can unset the JROWN_NS bit itself.
This patch in conjunction with a modification of the Linux kernel to skip HWRNG initialisation makes CAAM usable to Linux with TrustZone enabled.
Signed-off-by: Bryan O'Donoghue bryan.odonoghue@linaro.org Cc: Fabio Estevam fabio.estevam@nxp.com Cc: Peng Fan peng.fan@nxp.com Cc: Alex Porosanu alexandru.porosanu@nxp.com Cc: Ruchika Gupta ruchika.gupta@nxp.com Cc: Aneesh Bansal aneesh.bansal@nxp.com Link: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.c om%2FOP- TEE%2Foptee_os%2Fissues%2F1408&data=02%7C01%7Cruchika.gupta%40nxp.c om%7C1fe21d0a12d34d7722c008d564b7cb4d%7C686ea1d3bc2b4c6fa92cd99c5 c301635%7C0%7C0%7C636525662918265016&sdata=Nt5Fu2LYXDq95Rlv7N5Ns w45tO%2Fw3nDcbQF%2BOPRP7PI%3D&reserved=0 Link: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftinyurl.c om%2Fyam5gv9a&data=02%7C01%7Cruchika.gupta%40nxp.com%7C1fe21d0a12 d34d7722c008d564b7cb4d%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C1 %7C636525662918265016&sdata=BypstfduS%2FVyPaeEQCj1hyx5RRSF690SbLaxZ j74KPo%3D&reserved=0 Tested-by: Lukas Auer lukas.auer@aisec.fraunhofer.de
Reviewed-by: Ruchika Gupta ruchika.gupta@nxp.com
This patch adds a sec_init call into arch_misc_init(). Doing so in conjunction with the patch "drivers/crypto/fsl: assign job-rings to non-TrustZone" enables use of the CAAM in Linux when OPTEE/TrustZone is active.
u-boot will initialise the RNG and assign ownership of the job-ring registers to a non-TrustZone context. With recent changes by Lukas Auer to fully initialize the RNG in sec_init() this means that u-boot will hand-off the CAAM in a state that Linux then can use the CAAM without touching the reserved DECO registers.
This change is safe both for the OPTEE/TrustZone boot path and the regular non-OPTEE/TrustZone boot path.
Signed-off-by: Bryan O'Donoghue bryan.odonoghue@linaro.org Cc: Fabio Estevam fabio.estevam@nxp.com Cc: Peng Fan peng.fan@nxp.com Cc: Marco Franchi marco.franchi@nxp.com Cc: Vanessa Maegima vanessa.maegima@nxp.com Cc: Stefano Babic sbabic@denx.de Cc: Lukas Auer lukas.auer@aisec.fraunhofer.de --- arch/arm/mach-imx/mx7/soc.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach-imx/mx7/soc.c index d160e80..9023540 100644 --- a/arch/arm/mach-imx/mx7/soc.c +++ b/arch/arm/mach-imx/mx7/soc.c @@ -262,6 +262,10 @@ int arch_misc_init(void) env_set("soc", "imx7s"); #endif
+#ifdef CONFIG_FSL_CAAM + sec_init(); +#endif + return 0; } #endif
On Fri, 2018-01-26 at 12:24 +0000, Bryan O'Donoghue wrote:
This patch adds a sec_init call into arch_misc_init(). Doing so in conjunction with the patch "drivers/crypto/fsl: assign job-rings to non-TrustZone" enables use of the CAAM in Linux when OPTEE/TrustZone is active.
u-boot will initialise the RNG and assign ownership of the job-ring registers to a non-TrustZone context. With recent changes by Lukas Auer to fully initialize the RNG in sec_init() this means that u-boot will hand-off the CAAM in a state that Linux then can use the CAAM without touching the reserved DECO registers.
This change is safe both for the OPTEE/TrustZone boot path and the regular non-OPTEE/TrustZone boot path.
Signed-off-by: Bryan O'Donoghue bryan.odonoghue@linaro.org Cc: Fabio Estevam fabio.estevam@nxp.com Cc: Peng Fan peng.fan@nxp.com Cc: Marco Franchi marco.franchi@nxp.com Cc: Vanessa Maegima vanessa.maegima@nxp.com Cc: Stefano Babic sbabic@denx.de Cc: Lukas Auer lukas.auer@aisec.fraunhofer.de
arch/arm/mach-imx/mx7/soc.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach- imx/mx7/soc.c index d160e80..9023540 100644 --- a/arch/arm/mach-imx/mx7/soc.c +++ b/arch/arm/mach-imx/mx7/soc.c @@ -262,6 +262,10 @@ int arch_misc_init(void) env_set("soc", "imx7s"); #endif
+#ifdef CONFIG_FSL_CAAM
- sec_init();
+#endif
- return 0;
} #endif
I get an implicit declaration warning for sec_init() with this patch due to a missing include for fsl_sec.h.
Other than that CAAM works on my imx7d board in non-secure mode (the driver probes successfully and I can use it with openssl speed).
Tested-by: Lukas Auer lukas.auer@aisec.fraunhofer.de
participants (3)
-
Auer, Lukas -
Bryan O'Donoghue -
Ruchika Gupta