From: Pankaj Gupta <pankaj.gupta@nxp.com>
To: shawnguo@kernel.org, s.hauer@pengutronix.de,
kernel@pengutronix.de, clin@suse.com, conor+dt@kernel.org,
pierre.gondois@arm.com, festevam@gmail.com, linux-imx@nxp.com,
davem@davemloft.net, robh+dt@kernel.org,
krzysztof.kozlowski+dt@linaro.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
linux-kernel@vger.kernel.org, gaurav.jain@nxp.com,
alexander.stein@ew.tq-group.com, V.Sethi@nxp.com
Cc: Pankaj Gupta <pankaj.gupta@nxp.com>
Subject: [PATCH v6 01/11] Documentation/firmware: added imx/se-fw to other_interfaces
Date: Wed, 27 Sep 2023 23:23:51 +0530 [thread overview]
Message-ID: <20230927175401.1962733-2-pankaj.gupta@nxp.com> (raw)
In-Reply-To: <20230927175401.1962733-1-pankaj.gupta@nxp.com>
Documented i.MX SoC's Service layer and C_DEV driver for SoC(s)
enabled with hardware IP for secure-enclaves like:
- edgelock enclave on i.MX93 & i.MX8ULP
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
---
.../driver-api/firmware/other_interfaces.rst | 67 +++++++++++++++++++
1 file changed, 67 insertions(+)
diff --git a/Documentation/driver-api/firmware/other_interfaces.rst b/Documentation/driver-api/firmware/other_interfaces.rst
index 06ac89adaafb..1d21b88ef20e 100644
--- a/Documentation/driver-api/firmware/other_interfaces.rst
+++ b/Documentation/driver-api/firmware/other_interfaces.rst
@@ -49,3 +49,70 @@ of the requests on to a secure monitor (EL3).
.. kernel-doc:: drivers/firmware/stratix10-svc.c
:export:
+
+NXP i.MX Secure Enclave Enabled SoC Service layer and C_DEV driver
+------------------------------------------------------------------
+The NXP's i.MX HW IP like EdgeLock-Enclave, creating an embedded secure
+enclave within the SoC boundary to enable features like
+ - HSM
+ - SHE
+ - V2X
+
+SoC enabled with the NXP i.MX secure enclave IP(s) like EdgeLock-Enclave(ELE),
+are: i.MX93, i.MX8ULP.
+
+This driver exposes two interfaces:
+- service layer: This layer takes the two mutex locks:
+ "mu_cmd_lock" is taken to ensure one service is processed at a time. This
+ lock is not unlocked, till one service processing is complete. Multiple
+ messages can be exchanged with FW as part of one service processing.
+ "mu_lock" is taken to ensure one message is sent over MU at a time. This
+ lock is unlocked, post sending the message.
+
+- c_dev:
+ This driver configures multiple misc-devices on the MU, to exchange
+ messages from User-space application and NXP's Edgelocke Enclave firmware.
+ The driver ensures that the messages must follow the following protocol
+ defined.
+
+ Non-Secure + Secure
+ |
+ |
+ +---------+ +-------------+ |
+ | se_fw.c +<---->+imx-mailbox.c| |
+ | | | mailbox.c +<-->+------+ +------+
+ +---+-----+ +-------------+ | MU X +<-->+ ELE |
+ | +------+ +------+
+ +----------------+ |
+ | | |
+ v v |
+ logical logical |
+ receiver waiter |
+ + + |
+ | | |
+ | | |
+ | +----+------+ |
+ | | | |
+ | | | |
+ device_ctx device_ctx device_ctx |
+ |
+ User 0 User 1 User Y |
+ +------+ +------+ +------+ |
+ |misc.c| |misc.c| |misc.c| |
+ kernel space +------+ +------+ +------+ |
+ |
+ +------------------------------------------------------ |
+ | | | |
+ userspace /dev/ele_muXch0 | | |
+ /dev/ele_muXch1 | |
+ /dev/ele_muXchY |
+ |
+
+When a user sends a command to the firmware, it registers its device_ctx
+as waiter of a response from firmware.
+
+Enclave's Firmware owns the storage management, over linux filesystem.
+For this c_dev provisions a dedicated slave device called "receiver".
+
+.. kernel-doc:: drivers/firmware/imx/se_fw.c
+ :export:
--
2.34.1
next prev parent reply other threads:[~2023-09-27 12:26 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-27 17:53 [PATCH v6 00/11] firmware: imx: NXP Secure-Enclave FW Driver Pankaj Gupta
2023-09-27 17:53 ` Pankaj Gupta [this message]
2023-09-27 17:53 ` [PATCH v6 02/11] dt-bindings: arm: fsl: add imx-se-fw binding doc Pankaj Gupta
2023-09-28 18:51 ` Rob Herring
2023-10-04 4:10 ` [EXT] " Pankaj Gupta
2023-10-04 6:36 ` Krzysztof Kozlowski
2023-10-26 11:23 ` Pankaj Gupta
2023-10-26 13:55 ` Conor Dooley
2023-10-27 7:08 ` Krzysztof Kozlowski
2023-09-27 17:53 ` [PATCH v6 03/11] arm64: dts: imx8ulp-evk: added nxp secure enclave firmware Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 04/11] arm64: dts: imx8ulp-evk: reserved mem-ranges to constrain ele_fw dma-range Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 05/11] arm64: dts: imx93-11x11-evk: added nxp secure enclave fw Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 06/11] arm64: dts: imx93-11x11-evk: reserved mem-ranges Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 07/11] firmware: imx: add driver for NXP EdgeLock Enclave Pankaj Gupta
2023-10-04 6:40 ` Krzysztof Kozlowski
2023-10-26 11:18 ` [EXT] " Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 08/11] firmware: imx: init-fw api exchange on imx93 Pankaj Gupta
2023-09-27 17:53 ` [PATCH v6 09/11] firmware: imx: enable trng Pankaj Gupta
2023-10-01 5:25 ` kernel test robot
2023-09-27 17:54 ` [PATCH v6 10/11] firmware: imx: enclave-fw: add handling for save/restore IMEM region Pankaj Gupta
2023-09-27 17:54 ` [PATCH v6 11/11] MAINTAINERS: Added maintainer details Pankaj Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230927175401.1962733-2-pankaj.gupta@nxp.com \
--to=pankaj.gupta@nxp.com \
--cc=V.Sethi@nxp.com \
--cc=alexander.stein@ew.tq-group.com \
--cc=clin@suse.com \
--cc=conor+dt@kernel.org \
--cc=davem@davemloft.net \
--cc=devicetree@vger.kernel.org \
--cc=festevam@gmail.com \
--cc=gaurav.jain@nxp.com \
--cc=kernel@pengutronix.de \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pierre.gondois@arm.com \
--cc=robh+dt@kernel.org \
--cc=s.hauer@pengutronix.de \
--cc=shawnguo@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).