From: Rob Herring <robh@kernel.org>
To: Pankaj Gupta <pankaj.gupta@nxp.com>
Cc: shawnguo@kernel.org, s.hauer@pengutronix.de,
kernel@pengutronix.de, clin@suse.com, conor+dt@kernel.org,
pierre.gondois@arm.com, ping.bai@nxp.com, xiaoning.wang@nxp.com,
wei.fang@nxp.com, peng.fan@nxp.com, haibo.chen@nxp.com,
festevam@gmail.com, linux-imx@nxp.com, davem@davemloft.net,
krzysztof.kozlowski+dt@linaro.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
linux-kernel@vger.kernel.org, gaurav.jain@nxp.com,
alexander.stein@ew.tq-group.com, sahil.malhotra@nxp.com,
aisheng.dong@nxp.com, V.Sethi@nxp.com
Subject: Re: [PATCH v5 01/11] dt-bindings: arm: fsl: add imx-se-fw binding doc
Date: Wed, 23 Aug 2023 07:43:40 -0500 [thread overview]
Message-ID: <20230823124340.GA2022486-robh@kernel.org> (raw)
In-Reply-To: <20230823073330.1712721-2-pankaj.gupta@nxp.com>
On Wed, Aug 23, 2023 at 01:03:20PM +0530, Pankaj Gupta wrote:
> The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> secure enclave within the SoC boundary to enable features like
> - HSM
> - SHE
> - V2X
>
> Communicates via message unit with linux kernel. This driver
> is enables communication ensuring well defined message sequence
> protocol between Application Core and enclave's firmware.
>
> Driver configures multiple misc-device on the MU, for multiple
> user-space applications can communicate on single MU.
>
> It exists on some i.MX processors. e.g. i.MX8ULP, i.MX93 etc.
>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
> ---
v5? Where's the changelog for *this* patch?
> .../bindings/firmware/fsl,imx-se-fw.yaml | 121 ++++++++++++++++++
> 1 file changed, 121 insertions(+)
> create mode 100644 Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
>
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> new file mode 100644
> index 000000000000..f7230f93e56d
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/firmware/fsl,imx-se-fw.yaml
> @@ -0,0 +1,121 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/firmware/fsl,imx-se-fw.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX EdgeLock Enclave Firmware (ELEFW)
> +
> +maintainers:
> + - Pankaj Gupta <pankaj.gupta@nxp.com>
> +
> +description:
> + The NXP's i.MX EdgeLock Enclave, a HW IP creating an embedded
> + secure enclave within the SoC boundary to enable features like
> + - HSM
> + - SHE
> + - V2X
> +
> + It uses message unit to communicate and coordinate to pass messages
> + (e.g., data, status and control) through its interfaces.
> +
> + This driver configures multiple misc-devices on the MU, to exchange
> + messages from User-space application and NXP's Edgelocke Enclave firmware.
> + The driver ensures that the messages must follow the following protocol
> + defined.
> +
> + Non-Secure + Secure
> + |
> + |
> + +---------+ +-------------+ |
> + | ele_mu.c+<---->+imx-mailbox.c| |
> + | | | mailbox.c +<-->+------+ +------+
> + +---+-----+ +-------------+ | MU X +<-->+ ELE |
> + | +------+ +------+
> + +----------------+ |
> + | | |
> + v v |
> + logical logical |
> + receiver waiter |
> + + + |
> + | | |
> + | | |
> + | +----+------+ |
> + | | | |
> + | | | |
> + device_ctx device_ctx device_ctx |
> + |
> + User 0 User 1 User Y |
> + +------+ +------+ +------+ |
> + |misc.c| |misc.c| |misc.c| |
> + kernel space +------+ +------+ +------+ |
> + |
> + +------------------------------------------------------ |
> + | | | |
> + userspace /dev/ele_muXch0 | | |
> + /dev/ele_muXch1 | |
> + /dev/ele_muXchY |
> + |
> +
> + When a user sends a command to the firmware, it registers its device_ctx
> + as waiter of a response from firmware.
> +
> + A user can be registered as receiver of command from the ELE.
> + Create char devices in /dev as channels of the form /dev/ele_muXchY with X
> + the id of the driver and Y for each users. It allows to send and receive
> + messages to the NXP EdgeLock Enclave IP firmware on NXP SoC, where current
> + possible value, i.e., supported SoC(s) are imx8ulp, imx93.
Looks like a bunch of Linux details which don't belong in the binding.
Why do you need your own custom interface to userspace? No one else has
a similar feature in their platforms? Something like virtio or rpmsg
doesn't work?
> +
> +properties:
> + compatible:
> + enum:
> + - fsl,imx8ulp-se-fw
> + - fsl,imx93-se-fw
> +
> + mboxes:
> + description:
> + All MU channels must be within the same MU instance. Cross instances are
> + not allowed. Users need to ensure that used MU instance does not conflict
> + with other execution environments.
> + items:
> + - description: TX0 MU channel
> + - description: RX0 MU channel
> +
> + mbox-names:
> + items:
> + - const: tx
> + - const: rx
> +
> + fsl,mu-did:
> + $ref: /schemas/types.yaml#/definitions/uint32
> + description:
> + By design, Domain is a clean separated processing island with separate power,
> + clocking and peripheral; but with a tightly integrated bus fabric for efficient
> + communication. The Domain to which this message-unit is associated, is identified
> + via Domain ID or did.
> +
> + sram-pool:
I believe 'sram' is the somewhat standard property to refer to an SRAM
region.
> + items:
> + - description: SRAM memory instance.
Used for what?
> +
> + memory-region:
> + items:
> + - description: Reserved memory region that can be accessed by firmware. Used for
> + exchanging the buffers between driver and firmware.
> +
> +required:
> + - compatible
> + - mboxes
> + - mbox-names
> + - mu-id
> +
> +additionalProperties: false
> +
> +examples:
> + - |
> + ele_fw: se-fw {
> + compatible = "fsl,imx8ulp-se-fw";
> + mbox-names = "tx", "rx";
> + mboxes = <&s4muap 0 0>, <&s4muap 1 0>;
> + fsl,mu-id = <2>;
> + };
> --
> 2.34.1
>
next prev parent reply other threads:[~2023-08-23 12:43 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-23 7:33 [PATCH v5 00/11] firmware: imx: NXP Secure-Enclave FW Driver Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 01/11] dt-bindings: arm: fsl: add imx-se-fw binding doc Pankaj Gupta
2023-08-23 8:28 ` Rob Herring
2023-08-23 10:42 ` [EXT] " Pankaj Gupta
2023-08-23 12:43 ` Rob Herring [this message]
2023-08-24 18:45 ` Krzysztof Kozlowski
2023-08-24 19:23 ` Greg Kroah-Hartman
2023-08-28 6:00 ` [EXT] " Varun Sethi
2023-08-28 6:55 ` Krzysztof Kozlowski
2023-08-28 9:14 ` Varun Sethi
[not found] ` <DU2PR04MB86302A2639CA64D8DF08BF0495E3A@DU2PR04MB8630.eurprd04.prod.outlook.com>
2023-08-25 7:56 ` Varun Sethi
2023-08-23 7:33 ` [PATCH v5 02/11] arm64: dts: imx8ulp-evk: added nxp secure enclave firmware Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 03/11] arm64: dts: imx8ulp-evk: reserved mem-ranges to constrain ele_fw dma-range Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 04/11] arm64: dts: imx93-11x11-evk: added nxp secure enclave fw Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 05/11] arm64: dts: imx93-11x11-evk: reserved mem-ranges to constrain ele_fw dma-range Pankaj Gupta
2023-08-23 7:33 ` [PATCH v5 06/11] firmware: imx: add driver for NXP EdgeLock Enclave Pankaj Gupta
2023-08-24 18:31 ` Krzysztof Kozlowski
2023-08-25 10:22 ` Stefan Wahren
2023-08-25 15:16 ` Conor Dooley
2023-08-23 7:33 ` [PATCH v5 07/11] firmware: imx: init-fw api exchange on imx93 Pankaj Gupta
2023-08-24 18:35 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 08/11] firmware: imx: enable trng Pankaj Gupta
2023-08-24 18:23 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 09/11] firmware: imx: enclave-fw: add handling for save/restore IMEM region Pankaj Gupta
2023-08-24 18:37 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 10/11] firmware: imx: enclave api to read-common-fuses Pankaj Gupta
2023-08-24 18:38 ` Krzysztof Kozlowski
2023-08-23 7:33 ` [PATCH v5 11/11] MAINTAINERS: Added maintainer details Pankaj Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230823124340.GA2022486-robh@kernel.org \
--to=robh@kernel.org \
--cc=V.Sethi@nxp.com \
--cc=aisheng.dong@nxp.com \
--cc=alexander.stein@ew.tq-group.com \
--cc=clin@suse.com \
--cc=conor+dt@kernel.org \
--cc=davem@davemloft.net \
--cc=devicetree@vger.kernel.org \
--cc=festevam@gmail.com \
--cc=gaurav.jain@nxp.com \
--cc=haibo.chen@nxp.com \
--cc=kernel@pengutronix.de \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pankaj.gupta@nxp.com \
--cc=peng.fan@nxp.com \
--cc=pierre.gondois@arm.com \
--cc=ping.bai@nxp.com \
--cc=s.hauer@pengutronix.de \
--cc=sahil.malhotra@nxp.com \
--cc=shawnguo@kernel.org \
--cc=wei.fang@nxp.com \
--cc=xiaoning.wang@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).