* [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled
@ 2020-08-10 14:54 Michael Walle
2020-09-01 14:08 ` Iuliana Prodan
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Michael Walle @ 2020-08-10 14:54 UTC (permalink / raw)
To: u-boot
On all newer Layerscape SoCs, the crypto module is just partially
disabled on non-E parts. Thus it doesn't make sense to completely remove
the node. Linux will figure out what is there and what is not.
Just remove it for older SoCs, where the module is indeed completely
disabled on non-E parts.
Signed-off-by: Michael Walle <michael@walle.cc>
---
Changes since v1:
- properly filter on SoC. Thanks to Horia's mail. See
https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael at walle.cc/#2457448
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
1 file changed, 36 insertions(+), 1 deletion(-)
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
index 3b43afb25c..acd25d4825 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
@@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
}
#endif
+/*
+ * If it is a non-E part the crypto is disabled on the following SoCs:
+ * - LS1043A
+ * - LS1088A
+ * - LS2088A
+ * and their personalities.
+ *
+ * On all other SoC they are just partially disabled, that means that the
+ * following is still working:
+ * - hashing (using MDHA - message digest hash accelerator)
+ * - random number generation (using RNG4)
+ * - cyclic redundancy checking (using CRCA)
+ * - runtime integrity checker (RTIC)
+ *
+ * The linux driver will figure out what is available and what is not.
+ * Therefore, we just remove the crypto node on the SoCs which has no crypto
+ * support at all.
+ */
+static bool crypto_is_disabled(unsigned int svr)
+{
+ if (IS_E_PROCESSOR(svr))
+ return false;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
+ return true;
+
+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
+ return true;
+
+ return false;
+}
+
void ft_cpu_setup(void *blob, struct bd_info *bd)
{
struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
unsigned int svr = gur_in32(&gur->svr);
/* delete crypto node if not on an E-processor */
- if (!IS_E_PROCESSOR(svr))
+ if (crypto_is_disabled(svr))
fdt_fixup_crypto_node(blob, 0);
#if CONFIG_SYS_FSL_SEC_COMPAT >= 4
else {
--
2.20.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled
2020-08-10 14:54 [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled Michael Walle
@ 2020-09-01 14:08 ` Iuliana Prodan
2020-09-23 13:53 ` Priyanka Jain
2020-10-16 16:27 ` Horia Geantă
2 siblings, 0 replies; 4+ messages in thread
From: Iuliana Prodan @ 2020-09-01 14:08 UTC (permalink / raw)
To: u-boot
Michael Walle-2 wrote
> On all newer Layerscape SoCs, the crypto module is just partially
> disabled on non-E parts. Thus it doesn't make sense to completely remove
> the node. Linux will figure out what is there and what is not.
>
> Just remove it for older SoCs, where the module is indeed completely
> disabled on non-E parts.
>
> Signed-off-by: Michael Walle <
> michael@
> >
> ---
> Changes since v1:
> - properly filter on SoC. Thanks to Horia's mail. See
> https://patchwork.ozlabs.org/project/uboot/patch/
> 20200602150904.1997-1-michael@
> /#2457448
>
> arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
> 1 file changed, 36 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> index 3b43afb25c..acd25d4825 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
> }
> #endif
>
> +/*
> + * If it is a non-E part the crypto is disabled on the following SoCs:
> + * - LS1043A
> + * - LS1088A
> + * - LS2088A
> + * and their personalities.
> + *
> + * On all other SoC they are just partially disabled, that means that the
> + * following is still working:
> + * - hashing (using MDHA - message digest hash accelerator)
> + * - random number generation (using RNG4)
> + * - cyclic redundancy checking (using CRCA)
> + * - runtime integrity checker (RTIC)
> + *
> + * The linux driver will figure out what is available and what is not.
> + * Therefore, we just remove the crypto node on the SoCs which has no
> crypto
> + * support at all.
> + */
> +static bool crypto_is_disabled(unsigned int svr)
> +{
> + if (IS_E_PROCESSOR(svr))
> + return false;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
> + return true;
> +
>
> These ifs can be put into a switch like
> switch (SVR_SOC_VER(svr)) {
> case SVR_LS1043A:
> case SVR_LS1088A:
> case SVR_LS2088A:
> return true;
> }
>
> + return false;
> +}
> +
> void ft_cpu_setup(void *blob, struct bd_info *bd)
> {
> struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
> unsigned int svr = gur_in32(&gur->svr);
>
> /* delete crypto node if not on an E-processor */
> - if (!IS_E_PROCESSOR(svr))
> + if (crypto_is_disabled(svr))
> fdt_fixup_crypto_node(blob, 0);
> #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
> else {
> --
> 2.20.1
--
Sent from: http://u-boot.10912.n7.nabble.com/
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled
2020-08-10 14:54 [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled Michael Walle
2020-09-01 14:08 ` Iuliana Prodan
@ 2020-09-23 13:53 ` Priyanka Jain
2020-10-16 16:27 ` Horia Geantă
2 siblings, 0 replies; 4+ messages in thread
From: Priyanka Jain @ 2020-09-23 13:53 UTC (permalink / raw)
To: u-boot
>-----Original Message-----
>From: U-Boot <u-boot-bounces@lists.denx.de> On Behalf Of Michael Walle
>Sent: Monday, August 10, 2020 8:24 PM
>To: u-boot at lists.denx.de
>Cc: Priyanka Jain <priyanka.jain@nxp.com>; Horia Geanta
><horia.geanta@nxp.com>; Michael Walle <michael@walle.cc>
>Subject: [PATCH v2] armv8: layerscape: don't remove crypto node if just
>partially disabled
>
>On all newer Layerscape SoCs, the crypto module is just partially disabled on
>non-E parts. Thus it doesn't make sense to completely remove the node. Linux
>will figure out what is there and what is not.
>
>Just remove it for older SoCs, where the module is indeed completely disabled
>on non-E parts.
>
>Signed-off-by: Michael Walle <michael@walle.cc>
>---
>Changes since v1:
> - properly filter on SoC. Thanks to Horia's mail. See
> https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-
>michael at walle.cc/#2457448
>
> arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
> 1 file changed, 36 insertions(+), 1 deletion(-)
>
>diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>index 3b43afb25c..acd25d4825 100644
>--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
>@@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob) } #endif
>
>+/*
>+ * If it is a non-E part the crypto is disabled on the following SoCs:
>+ * - LS1043A
>+ * - LS1088A
>+ * - LS2088A
>+ * and their personalities.
>+ *
>+ * On all other SoC they are just partially disabled, that means that
>+the
>+ * following is still working:
>+ * - hashing (using MDHA - message digest hash accelerator)
>+ * - random number generation (using RNG4)
>+ * - cyclic redundancy checking (using CRCA)
>+ * - runtime integrity checker (RTIC)
>+ *
>+ * The linux driver will figure out what is available and what is not.
>+ * Therefore, we just remove the crypto node on the SoCs which has no
>+crypto
>+ * support at all.
>+ */
>+static bool crypto_is_disabled(unsigned int svr) {
>+ if (IS_E_PROCESSOR(svr))
>+ return false;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
>+ return true;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
>+ return true;
>+
>+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
>+ return true;
>+
>+ return false;
>+}
>+
> void ft_cpu_setup(void *blob, struct bd_info *bd) {
> struct ccsr_gur __iomem *gur = (void
>*)(CONFIG_SYS_FSL_GUTS_ADDR);
> unsigned int svr = gur_in32(&gur->svr);
>
> /* delete crypto node if not on an E-processor */
>- if (!IS_E_PROCESSOR(svr))
>+ if (crypto_is_disabled(svr))
> fdt_fixup_crypto_node(blob, 0);
> #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
> else {
>--
>2.20.1
Horia,
Kindly help to review this patch.
Regards
Priyanka
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled
2020-08-10 14:54 [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled Michael Walle
2020-09-01 14:08 ` Iuliana Prodan
2020-09-23 13:53 ` Priyanka Jain
@ 2020-10-16 16:27 ` Horia Geantă
2 siblings, 0 replies; 4+ messages in thread
From: Horia Geantă @ 2020-10-16 16:27 UTC (permalink / raw)
To: u-boot
On 8/10/2020 5:54 PM, Michael Walle wrote:
> On all newer Layerscape SoCs, the crypto module is just partially
> disabled on non-E parts. Thus it doesn't make sense to completely remove
> the node. Linux will figure out what is there and what is not.
>
Could add a clarification here, saying "partially disabled" means that
only export-controlled ciphers are disabled.
> Just remove it for older SoCs, where the module is indeed completely
> disabled on non-E parts.
>
> Signed-off-by: Michael Walle <michael@walle.cc>
> ---
> Changes since v1:
> - properly filter on SoC. Thanks to Horia's mail. See
> https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael at walle.cc/#2457448
>
> arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++-
> 1 file changed, 36 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> index 3b43afb25c..acd25d4825 100644
> --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c
> @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob)
> }
> #endif
>
> +/*
> + * If it is a non-E part the crypto is disabled on the following SoCs:
> + * - LS1043A
> + * - LS1088A
> + * - LS2088A
I've missed LS2080A.
> + * and their personalities.
> + *
> + * On all other SoC they are just partially disabled, that means that the
^ it is (assuming "crypto" is the subject)
> + * following is still working:
> + * - hashing (using MDHA - message digest hash accelerator)
> + * - random number generation (using RNG4)
> + * - cyclic redundancy checking (using CRCA)
> + * - runtime integrity checker (RTIC)
> + *
> + * The linux driver will figure out what is available and what is not.
> + * Therefore, we just remove the crypto node on the SoCs which has no crypto
^ have
> + * support at all.
> + */
> +static bool crypto_is_disabled(unsigned int svr)
> +{
> + if (IS_E_PROCESSOR(svr))
> + return false;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A)))
> + return true;
> +
> + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A)))
> + return true;
> +
> + return false;
> +}
> +
> void ft_cpu_setup(void *blob, struct bd_info *bd)
> {
> struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
> unsigned int svr = gur_in32(&gur->svr);
>
> /* delete crypto node if not on an E-processor */
> - if (!IS_E_PROCESSOR(svr))
> + if (crypto_is_disabled(svr))
> fdt_fixup_crypto_node(blob, 0);
> #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
> else {
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-10-16 16:27 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-10 14:54 [PATCH v2] armv8: layerscape: don't remove crypto node if just partially disabled Michael Walle
2020-09-01 14:08 ` Iuliana Prodan
2020-09-23 13:53 ` Priyanka Jain
2020-10-16 16:27 ` Horia Geantă
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox