Message ID | 20200810145414.24467-1-michael@walle.cc |
---|---|
State | Superseded |
Delegated to: | Priyanka Jain |
Headers | show |
Series | [v2] armv8: layerscape: don't remove crypto node if just partially disabled | expand |
Michael Walle-2 wrote > On all newer Layerscape SoCs, the crypto module is just partially > disabled on non-E parts. Thus it doesn't make sense to completely remove > the node. Linux will figure out what is there and what is not. > > Just remove it for older SoCs, where the module is indeed completely > disabled on non-E parts. > > Signed-off-by: Michael Walle < > michael@ > > > --- > Changes since v1: > - properly filter on SoC. Thanks to Horia's mail. See > https://patchwork.ozlabs.org/project/uboot/patch/ > 20200602150904.1997-1-michael@ > /#2457448 > > arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++- > 1 file changed, 36 insertions(+), 1 deletion(-) > > diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > index 3b43afb25c..acd25d4825 100644 > --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob) > } > #endif > > +/* > + * If it is a non-E part the crypto is disabled on the following SoCs: > + * - LS1043A > + * - LS1088A > + * - LS2088A > + * and their personalities. > + * > + * On all other SoC they are just partially disabled, that means that the > + * following is still working: > + * - hashing (using MDHA - message digest hash accelerator) > + * - random number generation (using RNG4) > + * - cyclic redundancy checking (using CRCA) > + * - runtime integrity checker (RTIC) > + * > + * The linux driver will figure out what is available and what is not. > + * Therefore, we just remove the crypto node on the SoCs which has no > crypto > + * support at all. > + */ > +static bool crypto_is_disabled(unsigned int svr) > +{ > + if (IS_E_PROCESSOR(svr)) > + return false; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A))) > + return true; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A))) > + return true; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A))) > + return true; > + > > These ifs can be put into a switch like > switch (SVR_SOC_VER(svr)) { > case SVR_LS1043A: > case SVR_LS1088A: > case SVR_LS2088A: > return true; > } > > + return false; > +} > + > void ft_cpu_setup(void *blob, struct bd_info *bd) > { > struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); > unsigned int svr = gur_in32(&gur->svr); > > /* delete crypto node if not on an E-processor */ > - if (!IS_E_PROCESSOR(svr)) > + if (crypto_is_disabled(svr)) > fdt_fixup_crypto_node(blob, 0); > #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 > else { > -- > 2.20.1 -- Sent from: http://u-boot.10912.n7.nabble.com/
>-----Original Message----- >From: U-Boot <u-boot-bounces@lists.denx.de> On Behalf Of Michael Walle >Sent: Monday, August 10, 2020 8:24 PM >To: u-boot@lists.denx.de >Cc: Priyanka Jain <priyanka.jain@nxp.com>; Horia Geanta ><horia.geanta@nxp.com>; Michael Walle <michael@walle.cc> >Subject: [PATCH v2] armv8: layerscape: don't remove crypto node if just >partially disabled > >On all newer Layerscape SoCs, the crypto module is just partially disabled on >non-E parts. Thus it doesn't make sense to completely remove the node. Linux >will figure out what is there and what is not. > >Just remove it for older SoCs, where the module is indeed completely disabled >on non-E parts. > >Signed-off-by: Michael Walle <michael@walle.cc> >--- >Changes since v1: > - properly filter on SoC. Thanks to Horia's mail. See > https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1- >michael@walle.cc/#2457448 > > arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++- > 1 file changed, 36 insertions(+), 1 deletion(-) > >diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c >b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c >index 3b43afb25c..acd25d4825 100644 >--- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c >+++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c >@@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob) } #endif > >+/* >+ * If it is a non-E part the crypto is disabled on the following SoCs: >+ * - LS1043A >+ * - LS1088A >+ * - LS2088A >+ * and their personalities. >+ * >+ * On all other SoC they are just partially disabled, that means that >+the >+ * following is still working: >+ * - hashing (using MDHA - message digest hash accelerator) >+ * - random number generation (using RNG4) >+ * - cyclic redundancy checking (using CRCA) >+ * - runtime integrity checker (RTIC) >+ * >+ * The linux driver will figure out what is available and what is not. >+ * Therefore, we just remove the crypto node on the SoCs which has no >+crypto >+ * support at all. >+ */ >+static bool crypto_is_disabled(unsigned int svr) { >+ if (IS_E_PROCESSOR(svr)) >+ return false; >+ >+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A))) >+ return true; >+ >+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A))) >+ return true; >+ >+ if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A))) >+ return true; >+ >+ return false; >+} >+ > void ft_cpu_setup(void *blob, struct bd_info *bd) { > struct ccsr_gur __iomem *gur = (void >*)(CONFIG_SYS_FSL_GUTS_ADDR); > unsigned int svr = gur_in32(&gur->svr); > > /* delete crypto node if not on an E-processor */ >- if (!IS_E_PROCESSOR(svr)) >+ if (crypto_is_disabled(svr)) > fdt_fixup_crypto_node(blob, 0); > #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 > else { >-- >2.20.1 Horia, Kindly help to review this patch. Regards Priyanka
On 8/10/2020 5:54 PM, Michael Walle wrote: > On all newer Layerscape SoCs, the crypto module is just partially > disabled on non-E parts. Thus it doesn't make sense to completely remove > the node. Linux will figure out what is there and what is not. > Could add a clarification here, saying "partially disabled" means that only export-controlled ciphers are disabled. > Just remove it for older SoCs, where the module is indeed completely > disabled on non-E parts. > > Signed-off-by: Michael Walle <michael@walle.cc> > --- > Changes since v1: > - properly filter on SoC. Thanks to Horia's mail. See > https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael@walle.cc/#2457448 > > arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++- > 1 file changed, 36 insertions(+), 1 deletion(-) > > diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > index 3b43afb25c..acd25d4825 100644 > --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c > @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob) > } > #endif > > +/* > + * If it is a non-E part the crypto is disabled on the following SoCs: > + * - LS1043A > + * - LS1088A > + * - LS2088A I've missed LS2080A. > + * and their personalities. > + * > + * On all other SoC they are just partially disabled, that means that the ^ it is (assuming "crypto" is the subject) > + * following is still working: > + * - hashing (using MDHA - message digest hash accelerator) > + * - random number generation (using RNG4) > + * - cyclic redundancy checking (using CRCA) > + * - runtime integrity checker (RTIC) > + * > + * The linux driver will figure out what is available and what is not. > + * Therefore, we just remove the crypto node on the SoCs which has no crypto ^ have > + * support at all. > + */ > +static bool crypto_is_disabled(unsigned int svr) > +{ > + if (IS_E_PROCESSOR(svr)) > + return false; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A))) > + return true; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A))) > + return true; > + > + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A))) > + return true; > + > + return false; > +} > + > void ft_cpu_setup(void *blob, struct bd_info *bd) > { > struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); > unsigned int svr = gur_in32(&gur->svr); > > /* delete crypto node if not on an E-processor */ > - if (!IS_E_PROCESSOR(svr)) > + if (crypto_is_disabled(svr)) > fdt_fixup_crypto_node(blob, 0); > #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 > else { >
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c index 3b43afb25c..acd25d4825 100644 --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c @@ -437,13 +437,48 @@ __weak void fdt_fixup_ecam(void *blob) } #endif +/* + * If it is a non-E part the crypto is disabled on the following SoCs: + * - LS1043A + * - LS1088A + * - LS2088A + * and their personalities. + * + * On all other SoC they are just partially disabled, that means that the + * following is still working: + * - hashing (using MDHA - message digest hash accelerator) + * - random number generation (using RNG4) + * - cyclic redundancy checking (using CRCA) + * - runtime integrity checker (RTIC) + * + * The linux driver will figure out what is available and what is not. + * Therefore, we just remove the crypto node on the SoCs which has no crypto + * support at all. + */ +static bool crypto_is_disabled(unsigned int svr) +{ + if (IS_E_PROCESSOR(svr)) + return false; + + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1043A))) + return true; + + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS1088A))) + return true; + + if (IS_SVR_DEV(svr, SVR_DEV(SVR_LS2088A))) + return true; + + return false; +} + void ft_cpu_setup(void *blob, struct bd_info *bd) { struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); unsigned int svr = gur_in32(&gur->svr); /* delete crypto node if not on an E-processor */ - if (!IS_E_PROCESSOR(svr)) + if (crypto_is_disabled(svr)) fdt_fixup_crypto_node(blob, 0); #if CONFIG_SYS_FSL_SEC_COMPAT >= 4 else {
On all newer Layerscape SoCs, the crypto module is just partially disabled on non-E parts. Thus it doesn't make sense to completely remove the node. Linux will figure out what is there and what is not. Just remove it for older SoCs, where the module is indeed completely disabled on non-E parts. Signed-off-by: Michael Walle <michael@walle.cc> --- Changes since v1: - properly filter on SoC. Thanks to Horia's mail. See https://patchwork.ozlabs.org/project/uboot/patch/20200602150904.1997-1-michael@walle.cc/#2457448 arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 37 ++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-)