1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * OMAP Secure API infrastructure.
4 *
5 * Copyright (C) 2011 Texas Instruments, Inc.
6 * Santosh Shilimkar <santosh.shilimkar@ti.com>
7 * Copyright (C) 2012 Ivaylo Dimitrov <freemangordon@abv.bg>
8 * Copyright (C) 2013 Pali Rohár <pali@kernel.org>
9 */
10
11 #include <linux/arm-smccc.h>
12 #include <linux/cpu_pm.h>
13 #include <linux/kernel.h>
14 #include <linux/init.h>
15 #include <linux/io.h>
16 #include <linux/memblock.h>
17 #include <linux/of.h>
18
19 #include <asm/cacheflush.h>
20 #include <asm/memblock.h>
21
22 #include "common.h"
23 #include "omap-secure.h"
24 #include "soc.h"
25
26 static phys_addr_t omap_secure_memblock_base;
27
28 bool optee_available;
29
30 #define OMAP_SIP_SMC_STD_CALL_VAL(func_num) \
31 ARM_SMCCC_CALL_VAL(ARM_SMCCC_STD_CALL, ARM_SMCCC_SMC_32, \
32 ARM_SMCCC_OWNER_SIP, (func_num))
33
omap_optee_init_check(void)34 static void __init omap_optee_init_check(void)
35 {
36 struct device_node *np;
37
38 /*
39 * We only check that the OP-TEE node is present and available. The
40 * OP-TEE kernel driver is not needed for the type of interaction made
41 * with OP-TEE here so the driver's status is not checked.
42 */
43 np = of_find_node_by_path("/firmware/optee");
44 if (np && of_device_is_available(np))
45 optee_available = true;
46 of_node_put(np);
47 }
48
49 /**
50 * omap_sec_dispatcher: Routine to dispatch low power secure
51 * service routines
52 * @idx: The HAL API index
53 * @flag: The flag indicating criticality of operation
54 * @nargs: Number of valid arguments out of four.
55 * @arg1, arg2, arg3 args4: Parameters passed to secure API
56 *
57 * Return the non-zero error value on failure.
58 */
omap_secure_dispatcher(u32 idx,u32 flag,u32 nargs,u32 arg1,u32 arg2,u32 arg3,u32 arg4)59 u32 omap_secure_dispatcher(u32 idx, u32 flag, u32 nargs, u32 arg1, u32 arg2,
60 u32 arg3, u32 arg4)
61 {
62 u32 ret;
63 u32 param[5];
64
65 param[0] = nargs;
66 param[1] = arg1;
67 param[2] = arg2;
68 param[3] = arg3;
69 param[4] = arg4;
70
71 /*
72 * Secure API needs physical address
73 * pointer for the parameters
74 */
75 flush_cache_all();
76 outer_clean_range(__pa(param), __pa(param + 5));
77 ret = omap_smc2(idx, flag, __pa(param));
78
79 return ret;
80 }
81
omap_smccc_smc(u32 fn,u32 arg)82 void omap_smccc_smc(u32 fn, u32 arg)
83 {
84 struct arm_smccc_res res;
85
86 arm_smccc_smc(OMAP_SIP_SMC_STD_CALL_VAL(fn), arg,
87 0, 0, 0, 0, 0, 0, &res);
88 WARN(res.a0, "Secure function call 0x%08x failed\n", fn);
89 }
90
omap_smc1(u32 fn,u32 arg)91 void omap_smc1(u32 fn, u32 arg)
92 {
93 /*
94 * If this platform has OP-TEE installed we use ARM SMC calls
95 * otherwise fall back to the OMAP ROM style calls.
96 */
97 if (optee_available)
98 omap_smccc_smc(fn, arg);
99 else
100 _omap_smc1(fn, arg);
101 }
102
103 /* Allocate the memory to save secure ram */
omap_secure_ram_reserve_memblock(void)104 int __init omap_secure_ram_reserve_memblock(void)
105 {
106 u32 size = OMAP_SECURE_RAM_STORAGE;
107
108 size = ALIGN(size, SECTION_SIZE);
109 omap_secure_memblock_base = arm_memblock_steal(size, SECTION_SIZE);
110
111 return 0;
112 }
113
omap_secure_ram_mempool_base(void)114 phys_addr_t omap_secure_ram_mempool_base(void)
115 {
116 return omap_secure_memblock_base;
117 }
118
119 #if defined(CONFIG_ARCH_OMAP3) && defined(CONFIG_PM)
omap3_save_secure_ram(void __iomem * addr,int size)120 u32 omap3_save_secure_ram(void __iomem *addr, int size)
121 {
122 u32 ret;
123 u32 param[5];
124
125 if (size != OMAP3_SAVE_SECURE_RAM_SZ)
126 return OMAP3_SAVE_SECURE_RAM_SZ;
127
128 param[0] = 4; /* Number of arguments */
129 param[1] = __pa(addr); /* Physical address for saving */
130 param[2] = 0;
131 param[3] = 1;
132 param[4] = 1;
133
134 ret = save_secure_ram_context(__pa(param));
135
136 return ret;
137 }
138 #endif
139
140 /**
141 * rx51_secure_dispatcher: Routine to dispatch secure PPA API calls
142 * @idx: The PPA API index
143 * @process: Process ID
144 * @flag: The flag indicating criticality of operation
145 * @nargs: Number of valid arguments out of four.
146 * @arg1, arg2, arg3 args4: Parameters passed to secure API
147 *
148 * Return the non-zero error value on failure.
149 *
150 * NOTE: rx51_secure_dispatcher differs from omap_secure_dispatcher because
151 * it calling omap_smc3() instead omap_smc2() and param[0] is nargs+1
152 */
rx51_secure_dispatcher(u32 idx,u32 process,u32 flag,u32 nargs,u32 arg1,u32 arg2,u32 arg3,u32 arg4)153 u32 rx51_secure_dispatcher(u32 idx, u32 process, u32 flag, u32 nargs,
154 u32 arg1, u32 arg2, u32 arg3, u32 arg4)
155 {
156 u32 ret;
157 u32 param[5];
158
159 param[0] = nargs+1; /* RX-51 needs number of arguments + 1 */
160 param[1] = arg1;
161 param[2] = arg2;
162 param[3] = arg3;
163 param[4] = arg4;
164
165 /*
166 * Secure API needs physical address
167 * pointer for the parameters
168 */
169 local_irq_disable();
170 local_fiq_disable();
171 flush_cache_all();
172 outer_clean_range(__pa(param), __pa(param + 5));
173 ret = omap_smc3(idx, process, flag, __pa(param));
174 flush_cache_all();
175 local_fiq_enable();
176 local_irq_enable();
177
178 return ret;
179 }
180
181 /**
182 * rx51_secure_update_aux_cr: Routine to modify the contents of Auxiliary Control Register
183 * @set_bits: bits to set in ACR
184 * @clr_bits: bits to clear in ACR
185 *
186 * Return the non-zero error value on failure.
187 */
rx51_secure_update_aux_cr(u32 set_bits,u32 clear_bits)188 u32 rx51_secure_update_aux_cr(u32 set_bits, u32 clear_bits)
189 {
190 u32 acr;
191
192 /* Read ACR */
193 asm volatile ("mrc p15, 0, %0, c1, c0, 1" : "=r" (acr));
194 acr &= ~clear_bits;
195 acr |= set_bits;
196
197 return rx51_secure_dispatcher(RX51_PPA_WRITE_ACR,
198 0,
199 FLAG_START_CRITICAL,
200 1, acr, 0, 0, 0);
201 }
202
203 /**
204 * rx51_secure_rng_call: Routine for HW random generator
205 */
rx51_secure_rng_call(u32 ptr,u32 count,u32 flag)206 u32 rx51_secure_rng_call(u32 ptr, u32 count, u32 flag)
207 {
208 return rx51_secure_dispatcher(RX51_PPA_HWRNG,
209 0,
210 NO_FLAG,
211 3, ptr, count, flag, 0);
212 }
213
omap_secure_init(void)214 void __init omap_secure_init(void)
215 {
216 omap_optee_init_check();
217 }
218
219 /*
220 * Dummy dispatcher call after core OSWR and MPU off. Updates the ROM return
221 * address after MMU has been re-enabled after CPU1 has been woken up again.
222 * Otherwise the ROM code will attempt to use the earlier physical return
223 * address that got set with MMU off when waking up CPU1. Only used on secure
224 * devices.
225 */
cpu_notifier(struct notifier_block * nb,unsigned long cmd,void * v)226 static int cpu_notifier(struct notifier_block *nb, unsigned long cmd, void *v)
227 {
228 switch (cmd) {
229 case CPU_CLUSTER_PM_EXIT:
230 omap_secure_dispatcher(OMAP4_PPA_SERVICE_0,
231 FLAG_START_CRITICAL,
232 0, 0, 0, 0, 0);
233 break;
234 default:
235 break;
236 }
237
238 return NOTIFY_OK;
239 }
240
241 static struct notifier_block secure_notifier_block = {
242 .notifier_call = cpu_notifier,
243 };
244
secure_pm_init(void)245 static int __init secure_pm_init(void)
246 {
247 if (omap_type() == OMAP2_DEVICE_TYPE_GP || !soc_is_omap44xx())
248 return 0;
249
250 cpu_pm_register_notifier(&secure_notifier_block);
251
252 return 0;
253 }
254 omap_arch_initcall(secure_pm_init);
255