From: Rob Herring <robh@kernel.org>
To: Pankaj Gupta <pankaj.gupta@nxp.com>
Cc: shawnguo@kernel.org, s.hauer@pengutronix.de,
kernel@pengutronix.de, clin@suse.com, conor+dt@kernel.org,
pierre.gondois@arm.com, ping.bai@nxp.com, xiaoning.wang@nxp.com,
wei.fang@nxp.com, peng.fan@nxp.com, haibo.chen@nxp.com,
festevam@gmail.com, linux-imx@nxp.com, davem@davemloft.net,
krzysztof.kozlowski+dt@linaro.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
linux-kernel@vger.kernel.org, gaurav.jain@nxp.com,
alexander.stein@ew.tq-group.com, sahil.malhotra@nxp.com,
aisheng.dong@nxp.com, V.Sethi@nxp.com
Subject: Re: [PATCH v5 01/11] dt-bindings: arm: fsl: add imx-se-fw binding doc
Date: Wed, 23 Aug 2023 07:43:40 -0500 [thread overview]
Message-ID: <20230823124340.GA2022486-robh@kernel.org> (raw)
In-Reply-To: <20230823073330.1712721-2-pankaj.gupta@nxp.com>
On Wed, Aug 23, 2023 at 01:03:20PM +0530, Pankaj Gupta wrote:
> The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> secure enclave within the SoC boundary to enable features like
> - HSM
> - SHE
> - V2X
>
> Communicates via message unit with linux kernel. This driver
> is enables communication ensuring well defined message sequence
> protocol between Application Core and enclave's firmware.
>
> Driver configures multiple misc-device on the MU, for multiple
> user-space applications can communicate on single MU.
>
> It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> ---
v5? Where's the changelog for *this* patch?
> .../bindings/firmware/fsl,imx-se-fw.yaml | 121 ++++++++++++++++++
> 1 file changed, 121 insertions(+)
> create mode 100644 Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
>
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> new file mode 100644
> index 000000000000..f7230f93e56d
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> @@ -0,0 +1,121 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/firmware/fsl,imx-se-fw.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX EdgeLock Enclave Firmware (ELEFW)
> +
> +maintainers:
> + - Pankaj Gupta <pankaj.gupta@nxp.com>
> +
> +description:
> + The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> + secure enclave within the SoC boundary to enable features like
> + - HSM
> + - SHE
> + - V2X
> +
> + It uses message unit to communicate and coordinate to pass messages
> + (e.g., data, status and control) through its interfaces.
> +
> + This driver configures multiple misc-devices on the MU, to exchange
> + messages from User-space application and NXP's Edgelocke Enclave firmware.
> + The driver ensures that the messages must follow the following protocol
> + defined.
> +
> + Non-Secure + Secure
> + |
> + |
> + +---------+ +-------------+ |
> + | ele_mu.c+<---->+imx-mailbox.c| |
> + | | | mailbox.c +<-->+------+ +------+
> + +---+-----+ +-------------+ | MU X +<-->+ ELE |
> + | +------+ +------+
> + +----------------+ |
> + | | |
> + v v |
> + logical logical |
> + receiver waiter |
> + + + |
> + | | |
> + | | |
> + | +----+------+ |
> + | | | |
> + | | | |
> + device_ctx device_ctx device_ctx |
> + |
> + User 0 User 1 User Y |
> + +------+ +------+ +------+ |
> + |misc.c| |misc.c| |misc.c| |
> + kernel space +------+ +------+ +------+ |
> + |
> + +------------------------------------------------------ |
> + | | | |
> + userspace /dev/ele_muXch0 | | |
> + /dev/ele_muXch1 | |
> + /dev/ele_muXchY |
> + |
> +
> + When a user sends a command to the firmware, it registers its device_ctx
> + as waiter of a response from firmware.
> +
> + A user can be registered as receiver of command from the ELE.
> + Create char devices in /dev as channels of the form /dev/ele_muXchY with X
> + the id of the driver and Y for each users. It allows to send and receive
> + messages to the NXP EdgeLock Enclave IP firmware on NXP SoC, where current
> + possible value, i.e., supported SoC(s) are imx8ulp, imx93.
Looks like a bunch of Linux details which don't belong in the binding.
Why do you need your own custom interface to userspace? No one else has
a similar feature in their platforms? Something like virtio or rpmsg
doesn't work?
> +
> +properties:
> + compatible:
> + enum:
> + - fsl,imx8ulp-se-fw
> + - fsl,imx93-se-fw
> +
> + mboxes:
> + description:
> + All MU channels must be within the same MU instance. Cross instances are
> + not allowed. Users need to ensure that used MU instance does not conflict
> + with other execution environments.
> + items:
> + - description: TX0 MU channel
> + - description: RX0 MU channel
> +
> + mbox-names:
> + items:
> + - const: tx
> + - const: rx
> +
> + fsl,mu-did:
> + $ref: /schemas/types.yaml#/definitions/uint32
> + description:
> + By design, Domain is a clean separated processing island with separate power,
> + clocking and peripheral; but with a tightly integrated bus fabric for efficient
> + communication. The Domain to which this message-unit is associated, is identified
> + via Domain ID or did.
> +
> + sram-pool:
I believe 'sram' is the somewhat standard property to refer to an SRAM
region.
> + items:
> + - description: SRAM memory instance.
Used for what?
> +
> + memory-region:
> + items:
> + - description: Reserved memory region that can be accessed by firmware. Used for
> + exchanging the buffers between driver and firmware.
> +
> +required:
> + - compatible
> + - mboxes
> + - mbox-names
> + - mu-id
> +
> +additionalProperties: false
> +
> +examples:
> + - |
> + ele_fw: se-fw {
> + compatible = "fsl,imx8ulp-se-fw";
> + mbox-names = "tx", "rx";
> + mboxes = <&s4muap 0 0>, <&s4muap 1 0>;
> + fsl,mu-id = <2>;
> + };
> --
> 2.34.1
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Rob Herring <robh@kernel.org>
To: Pankaj Gupta <pankaj.gupta@nxp.com>
Cc: shawnguo@kernel.org, s.hauer@pengutronix.de,
kernel@pengutronix.de, clin@suse.com, conor+dt@kernel.org,
pierre.gondois@arm.com, ping.bai@nxp.com, xiaoning.wang@nxp.com,
wei.fang@nxp.com, peng.fan@nxp.com, haibo.chen@nxp.com,
festevam@gmail.com, linux-imx@nxp.com, davem@davemloft.net,
krzysztof.kozlowski+dt@linaro.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
linux-kernel@vger.kernel.org, gaurav.jain@nxp.com,
alexander.stein@ew.tq-group.com, sahil.malhotra@nxp.com,
aisheng.dong@nxp.com, V.Sethi@nxp.com
Subject: Re: [PATCH v5 01/11] dt-bindings: arm: fsl: add imx-se-fw binding doc
Date: Wed, 23 Aug 2023 07:43:40 -0500 [thread overview]
Message-ID: <20230823124340.GA2022486-robh@kernel.org> (raw)
In-Reply-To: <20230823073330.1712721-2-pankaj.gupta@nxp.com>
On Wed, Aug 23, 2023 at 01:03:20PM +0530, Pankaj Gupta wrote:
> The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> secure enclave within the SoC boundary to enable features like
> - HSM
> - SHE
> - V2X
>
> Communicates via message unit with linux kernel. This driver
> is enables communication ensuring well defined message sequence
> protocol between Application Core and enclave's firmware.
>
> Driver configures multiple misc-device on the MU, for multiple
> user-space applications can communicate on single MU.
>
> It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> ---
v5? Where's the changelog for *this* patch?
> .../bindings/firmware/fsl,imx-se-fw.yaml | 121 ++++++++++++++++++
> 1 file changed, 121 insertions(+)
> create mode 100644 Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
>
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> new file mode 100644
> index 000000000000..f7230f93e56d
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> @@ -0,0 +1,121 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/firmware/fsl,imx-se-fw.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX EdgeLock Enclave Firmware (ELEFW)
> +
> +maintainers:
> + - Pankaj Gupta <pankaj.gupta@nxp.com>
> +
> +description:
> + The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> + secure enclave within the SoC boundary to enable features like
> + - HSM
> + - SHE
> + - V2X
> +
> + It uses message unit to communicate and coordinate to pass messages
> + (e.g., data, status and control) through its interfaces.
> +
> + This driver configures multiple misc-devices on the MU, to exchange
> + messages from User-space application and NXP's Edgelocke Enclave firmware.
> + The driver ensures that the messages must follow the following protocol
> + defined.
> +
> + Non-Secure + Secure
> + |
> + |
> + +---------+ +-------------+ |
> + | ele_mu.c+<---->+imx-mailbox.c| |
> + | | | mailbox.c +<-->+------+ +------+
> + +---+-----+ +-------------+ | MU X +<-->+ ELE |
> + | +------+ +------+
> + +----------------+ |
> + | | |
> + v v |
> + logical logical |
> + receiver waiter |
> + + + |
> + | | |
> + | | |
> + | +----+------+ |
> + | | | |
> + | | | |
> + device_ctx device_ctx device_ctx |
> + |
> + User 0 User 1 User Y |
> + +------+ +------+ +------+ |
> + |misc.c| |misc.c| |misc.c| |
> + kernel space +------+ +------+ +------+ |
> + |
> + +------------------------------------------------------ |
> + | | | |
> + userspace /dev/ele_muXch0 | | |
> + /dev/ele_muXch1 | |
> + /dev/ele_muXchY |
> + |
> +
> + When a user sends a command to the firmware, it registers its device_ctx
> + as waiter of a response from firmware.
> +
> + A user can be registered as receiver of command from the ELE.
> + Create char devices in /dev as channels of the form /dev/ele_muXchY with X
> + the id of the driver and Y for each users. It allows to send and receive
> + messages to the NXP EdgeLock Enclave IP firmware on NXP SoC, where current
> + possible value, i.e., supported SoC(s) are imx8ulp, imx93.
Looks like a bunch of Linux details which don't belong in the binding.
Why do you need your own custom interface to userspace? No one else has
a similar feature in their platforms? Something like virtio or rpmsg
doesn't work?
> +
> +properties:
> + compatible:
> + enum:
> + - fsl,imx8ulp-se-fw
> + - fsl,imx93-se-fw
> +
> + mboxes:
> + description:
> + All MU channels must be within the same MU instance. Cross instances are
> + not allowed. Users need to ensure that used MU instance does not conflict
> + with other execution environments.
> + items:
> + - description: TX0 MU channel
> + - description: RX0 MU channel
> +
> + mbox-names:
> + items:
> + - const: tx
> + - const: rx
> +
> + fsl,mu-did:
> + $ref: /schemas/types.yaml#/definitions/uint32
> + description:
> + By design, Domain is a clean separated processing island with separate power,
> + clocking and peripheral; but with a tightly integrated bus fabric for efficient
> + communication. The Domain to which this message-unit is associated, is identified
> + via Domain ID or did.
> +
> + sram-pool:
I believe 'sram' is the somewhat standard property to refer to an SRAM
region.
> + items:
> + - description: SRAM memory instance.
Used for what?
> +
> + memory-region:
> + items:
> + - description: Reserved memory region that can be accessed by firmware. Used for
> + exchanging the buffers between driver and firmware.
> +
> +required:
> + - compatible
> + - mboxes
> + - mbox-names
> + - mu-id
> +
> +additionalProperties: false
> +
> +examples:
> + - |
> + ele_fw: se-fw {
> + compatible = "fsl,imx8ulp-se-fw";
> + mbox-names = "tx", "rx";
> + mboxes = <&s4muap 0 0>, <&s4muap 1 0>;
> + fsl,mu-id = <2>;
> + };
> --
> 2.34.1
>
next prev parent reply other threads:[~2023-08-23 12:44 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-23 7:33 [PATCH v5 00/11] firmware: imx: NXP Secure-Enclave FW Driver Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 01/11] dt-bindings: arm: fsl: add imx-se-fw binding doc Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 8:28 ` Rob Herring
2023-08-23 8:28 ` Rob Herring
2023-08-23 10:42 ` [EXT] " Pankaj Gupta
2023-08-23 10:42 ` Pankaj Gupta
2023-08-23 12:43 ` Rob Herring [this message]
2023-08-23 12:43 ` Rob Herring
2023-08-24 18:45 ` Krzysztof Kozlowski
2023-08-24 18:45 ` Krzysztof Kozlowski
2023-08-24 19:23 ` Greg Kroah-Hartman
2023-08-24 19:23 ` Greg Kroah-Hartman
2023-08-28 6:00 ` [EXT] " Varun Sethi
2023-08-28 6:00 ` Varun Sethi
2023-08-28 6:55 ` Krzysztof Kozlowski
2023-08-28 6:55 ` Krzysztof Kozlowski
2023-08-28 9:14 ` Varun Sethi
2023-08-28 9:14 ` Varun Sethi
[not found] ` <DU2PR04MB86302A2639CA64D8DF08BF0495E3A@DU2PR04MB8630.eurprd04.prod.outlook.com>
2023-08-25 7:56 ` Varun Sethi
2023-08-25 7:56 ` Varun Sethi
2023-08-23 7:33 ` [PATCH v5 02/11] arm64: dts: imx8ulp-evk: added nxp secure enclave firmware Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 03/11] arm64: dts: imx8ulp-evk: reserved mem-ranges to constrain ele_fw dma-range Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 04/11] arm64: dts: imx93-11x11-evk: added nxp secure enclave fw Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 05/11] arm64: dts: imx93-11x11-evk: reserved mem-ranges to constrain ele_fw dma-range Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 06/11] firmware: imx: add driver for NXP EdgeLock Enclave Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-24 18:31 ` Krzysztof Kozlowski
2023-08-24 18:31 ` Krzysztof Kozlowski
2023-08-25 10:22 ` Stefan Wahren
2023-08-25 10:22 ` Stefan Wahren
2023-08-25 15:16 ` Conor Dooley
2023-08-25 15:16 ` Conor Dooley
2023-08-23 7:33 ` [PATCH v5 07/11] firmware: imx: init-fw api exchange on imx93 Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-24 18:35 ` Krzysztof Kozlowski
2023-08-24 18:35 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 08/11] firmware: imx: enable trng Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-24 18:23 ` Krzysztof Kozlowski
2023-08-24 18:23 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 09/11] firmware: imx: enclave-fw: add handling for save/restore IMEM region Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-24 18:37 ` Krzysztof Kozlowski
2023-08-24 18:37 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 10/11] firmware: imx: enclave api to read-common-fuses Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
2023-08-24 18:38 ` Krzysztof Kozlowski
2023-08-24 18:38 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 11/11] MAINTAINERS: Added maintainer details Pankaj Gupta
2023-08-23 7:33 ` Pankaj Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230823124340.GA2022486-robh@kernel.org \
--to=robh@kernel.org \
--cc=V.Sethi@nxp.com \
--cc=aisheng.dong@nxp.com \
--cc=alexander.stein@ew.tq-group.com \
--cc=clin@suse.com \
--cc=conor+dt@kernel.org \
--cc=davem@davemloft.net \
--cc=devicetree@vger.kernel.org \
--cc=festevam@gmail.com \
--cc=gaurav.jain@nxp.com \
--cc=haibo.chen@nxp.com \
--cc=kernel@pengutronix.de \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pankaj.gupta@nxp.com \
--cc=peng.fan@nxp.com \
--cc=pierre.gondois@arm.com \
--cc=ping.bai@nxp.com \
--cc=s.hauer@pengutronix.de \
--cc=sahil.malhotra@nxp.com \
--cc=shawnguo@kernel.org \
--cc=wei.fang@nxp.com \
--cc=xiaoning.wang@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.