| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Zp--Co8teXBO95QO@pengutronix.de>
Date: Tue, 23 Jul 2024 16:28:26 +0200
From: Sascha Hauer <s.hauer@...gutronix.de>
To: Pankaj Gupta <pankaj.gupta@....com>
Cc: Jonathan Corbet <corbet@....net>, Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>, Shawn Guo <shawnguo@...nel.org>,
Pengutronix Kernel Team <kernel@...gutronix.de>,
Fabio Estevam <festevam@...il.com>,
Rob Herring <robh+dt@...nel.org>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
imx@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v6 4/5] firmware: imx: add driver for NXP EdgeLock Enclave
On Mon, Jul 22, 2024 at 10:21:39AM +0530, Pankaj Gupta wrote:
> NXP hardware IP(s) for secure-enclaves like Edgelock Enclave(ELE),
> are embedded in the SoC to support the features like HSM, SHE & V2X,
> using message based communication interface.
>
> The secure enclave FW communicates on a dedicated messaging unit(MU)
> based interface(s) with application core, where kernel is running.
> It exists on specific i.MX processors. e.g. i.MX8ULP, i.MX93.
>
> This patch adds the driver for communication interface to secure-enclave,
> for exchanging messages with NXP secure enclave HW IP(s) like EdgeLock
> Enclave (ELE) from Kernel-space, used by kernel management layers like
> - DM-Crypt.
>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@....com>
> ---
> drivers/firmware/imx/Kconfig | 12 +
> drivers/firmware/imx/Makefile | 2 +
> drivers/firmware/imx/ele_base_msg.c | 274 +++++++++++++++++++
> drivers/firmware/imx/ele_base_msg.h | 95 +++++++
> drivers/firmware/imx/ele_common.c | 264 ++++++++++++++++++
> drivers/firmware/imx/ele_common.h | 44 +++
> drivers/firmware/imx/se_ctrl.c | 528 ++++++++++++++++++++++++++++++++++++
> drivers/firmware/imx/se_ctrl.h | 87 ++++++
> include/linux/firmware/imx/se_api.h | 14 +
> 9 files changed, 1320 insertions(+)
>
> diff --git a/drivers/firmware/imx/Kconfig b/drivers/firmware/imx/Kconfig
> index 183613f82a11..0f6877a24f0b 100644
> --- a/drivers/firmware/imx/Kconfig
> +++ b/drivers/firmware/imx/Kconfig
> @@ -22,3 +22,15 @@ config IMX_SCU
>
> This driver manages the IPC interface between host CPU and the
> SCU firmware running on M4.
> +
> +config IMX_SEC_ENCLAVE
> + tristate "i.MX Embedded Secure Enclave - EdgeLock Enclave Firmware driver."
> + depends on IMX_MBOX && ARCH_MXC && ARM64
> + default m if ARCH_MXC
> +
> + help
> + It is possible to use APIs exposed by the iMX Secure Enclave HW IP called:
> + - EdgeLock Enclave Firmware (for i.MX8ULP, i.MX93),
> + like base, HSM, V2X & SHE using the SAB protocol via the shared Messaging
> + Unit. This driver exposes these interfaces via a set of file descriptors
> + allowing to configure shared memory, send and receive messages.
> diff --git a/drivers/firmware/imx/Makefile b/drivers/firmware/imx/Makefile
> index 8f9f04a513a8..aa9033e0e9e3 100644
> --- a/drivers/firmware/imx/Makefile
> +++ b/drivers/firmware/imx/Makefile
> @@ -1,3 +1,5 @@
> # SPDX-License-Identifier: GPL-2.0
> obj-$(CONFIG_IMX_DSP) += imx-dsp.o
> obj-$(CONFIG_IMX_SCU) += imx-scu.o misc.o imx-scu-irq.o rm.o imx-scu-soc.o
> +sec_enclave-objs = se_ctrl.o ele_common.o ele_base_msg.o
> +obj-${CONFIG_IMX_SEC_ENCLAVE} += sec_enclave.o
> diff --git a/drivers/firmware/imx/ele_base_msg.c b/drivers/firmware/imx/ele_base_msg.c
> new file mode 100644
> index 000000000000..7f16184a8b10
> --- /dev/null
> +++ b/drivers/firmware/imx/ele_base_msg.c
> @@ -0,0 +1,274 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright 2024 NXP
> + */
> +
> +#include <linux/types.h>
> +
> +#include <linux/completion.h>
> +#include <linux/dma-mapping.h>
> +#include <linux/genalloc.h>
> +
> +#include "ele_base_msg.h"
> +#include "ele_common.h"
> +
> +int ele_get_info(struct device *dev, struct ele_dev_info *s_info)
I still think it's a bad idea to use some arbitrary struct device * as
context pointer here. Users will be confused which device is expected
here and bad things happen in case it's the wrong one.
You should rather implement some ele_get() function which returns some
pointer to be used as a context pointer here.
> +int ele_service_swap(struct device *dev,
> + phys_addr_t addr,
> + u32 addr_size, u16 flag)
> +{
> + struct se_if_priv *priv = dev_get_drvdata(dev);
> + struct se_api_msg *tx_msg __free(kfree) = NULL;
> + struct se_api_msg *rx_msg __free(kfree) = NULL;
> + int ret = 0;
> +
> + if (!priv) {
> + ret = -EINVAL;
> + goto exit;
> + }
> +
> + tx_msg = kzalloc(ELE_SERVICE_SWAP_REQ_MSG_SZ, GFP_KERNEL);
> + if (!tx_msg) {
> + ret = -ENOMEM;
> + goto exit;
> + }
> +
> + rx_msg = kzalloc(ELE_SERVICE_SWAP_RSP_MSG_SZ, GFP_KERNEL);
> + if (!rx_msg) {
> + ret = -ENOMEM;
> + goto exit;
> + }
> + priv->rx_msg_sz = ELE_SERVICE_SWAP_RSP_MSG_SZ;
> +
> + ret = se_fill_cmd_msg_hdr(priv,
> + (struct se_msg_hdr *)&tx_msg->header,
> + ELE_SERVICE_SWAP_REQ,
> + ELE_SERVICE_SWAP_REQ_MSG_SZ, true);
> + if (ret)
> + goto exit;
> +
> + tx_msg->data[0] = flag;
> + tx_msg->data[1] = addr_size;
> + tx_msg->data[2] = ELE_NONE_VAL;
> + tx_msg->data[3] = lower_32_bits(addr);
addr could be a 64bit address. Either handle this properly or return an
error when addr doesn't fit into 32bit.
> +int ele_fw_authenticate(struct device *dev, phys_addr_t addr)
> +{
> + struct se_if_priv *priv = dev_get_drvdata(dev);
> + struct se_api_msg *tx_msg __free(kfree) = NULL;
> + struct se_api_msg *rx_msg __free(kfree) = NULL;
> + int ret = 0;
> +
> + if (!priv) {
> + ret = -EINVAL;
> + goto exit;
> + }
> +
> + tx_msg = kzalloc(ELE_FW_AUTH_REQ_SZ, GFP_KERNEL);
> + if (!tx_msg) {
> + ret = -ENOMEM;
> + goto exit;
> + }
> +
> + rx_msg = kzalloc(ELE_FW_AUTH_RSP_MSG_SZ, GFP_KERNEL);
> + if (!rx_msg) {
> + ret = -ENOMEM;
> + goto exit;
> + }
> + priv->rx_msg_sz = ELE_FW_AUTH_RSP_MSG_SZ;
> +
> + ret = se_fill_cmd_msg_hdr(priv,
> + (struct se_msg_hdr *)&tx_msg->header,
> + ELE_FW_AUTH_REQ,
> + ELE_FW_AUTH_REQ_SZ,
> + true);
> + if (ret)
> + goto exit;
> +
> + tx_msg->data[1] = upper_32_bits(addr);
> + tx_msg->data[0] = lower_32_bits(addr);
> + tx_msg->data[2] = addr;
Same here.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Powered by blists - more mailing lists