Commit cd1bb431 authored by Mark Allyn's avatar Mark Allyn Committed by Greg Kroah-Hartman

Staging: sep: Upstream revision 3 of the security processor kernel driver

Upstream revision 3 of the security processor kernel driver;
now located in drivers/staging

This revision adds an initial TODO file

This driver no longer requires to have the firmware compiled in
it with the CONFIG_EXTRA_FIRMWARE configuration option.

Furthermore, we now have the right to distribute the firmware
binaries.

This is the Linux kernel driver for the Security Processor, which is
a hardware device the provides cryptographic, secure storage, and
key management services.

Please be aware that this patch does not contain any encryption
algorithm. It only transports data to and from user space
applications to the security processor.
Signed-off-by: default avatarMark Allyn <mark.a.allyn@intel.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 249c033c
...@@ -135,5 +135,7 @@ source "drivers/staging/hv/Kconfig" ...@@ -135,5 +135,7 @@ source "drivers/staging/hv/Kconfig"
source "drivers/staging/vme/Kconfig" source "drivers/staging/vme/Kconfig"
source "drivers/staging/sep/Kconfig"
endif # !STAGING_EXCLUDE_BUILD endif # !STAGING_EXCLUDE_BUILD
endif # STAGING endif # STAGING
...@@ -49,3 +49,4 @@ obj-$(CONFIG_USB_CPC) += cpc-usb/ ...@@ -49,3 +49,4 @@ obj-$(CONFIG_USB_CPC) += cpc-usb/
obj-$(CONFIG_FB_UDL) += udlfb/ obj-$(CONFIG_FB_UDL) += udlfb/
obj-$(CONFIG_HYPERV) += hv/ obj-$(CONFIG_HYPERV) += hv/
obj-$(CONFIG_VME_BUS) += vme/ obj-$(CONFIG_VME_BUS) += vme/
obj-$(CONFIG_DX_SEP) += sep/
config DX_SEP
tristate "Discretix SEP driver"
depends on MRST
default y
help
Discretix SEP driver
If unsure say M. The compiled module will be
called sep_driver.ko
EXTRA_CFLAGS += -DLITTLE__ENDIAN -DDX_CC5_SEP_PLAT -DCRYS_NO_EXT_IF_MODE_SUPPORT
obj-$(CONFIG_DX_SEP) := sep_driver.o
sep_driver-objs := sep_main_mod.o sep_ext_with_pci_driver.o
Todo's so far (from Alan Cox)
- Fix firmware loading
- Get firmware into firmware git tree
- Review and tidy each algorithm function
- Check whether it can be plugged into any of the kernel crypto API
interfaces
- Do something about the magic shared memory interface and replace it
with something saner (in Linux terms)
This diff is collapsed.
/*
*
* sep_driver_config.h - Security Processor Driver configuration
*
* Copyright(c) 2009 Intel Corporation. All rights reserved.
* Copyright(c) 2009 Discretix. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* CONTACTS:
*
* Mark Allyn mark.a.allyn@intel.com
*
* CHANGES:
*
* 2009.06.26 Initial publish
*
*/
#ifndef __SEP_DRIVER_CONFIG_H__
#define __SEP_DRIVER_CONFIG_H__
/*--------------------------------------
DRIVER CONFIGURATION FLAGS
-------------------------------------*/
/* if flag is on , then the driver is running in polling and
not interrupt mode */
#define SEP_DRIVER_POLLING_MODE 1
/* flag which defines if the shared area address should be
reconfiged (send to SEP anew) during init of the driver */
#define SEP_DRIVER_RECONFIG_MESSAGE_AREA 0
/* the mode for running on the ARM1172 Evaluation platform (flag is 1) */
#define SEP_DRIVER_ARM_DEBUG_MODE 0
/*-------------------------------------------
INTERNAL DATA CONFIGURATION
-------------------------------------------*/
/* flag for the input array */
#define SEP_DRIVER_IN_FLAG 0
/* flag for output array */
#define SEP_DRIVER_OUT_FLAG 1
/* maximum number of entries in one LLI tables */
#define SEP_DRIVER_ENTRIES_PER_TABLE_IN_SEP 8
/*--------------------------------------------------------
SHARED AREA memory total size is 36K
it is divided is following:
SHARED_MESSAGE_AREA 8K }
}
STATIC_POOL_AREA 4K } MAPPED AREA ( 24 K)
}
DATA_POOL_AREA 12K }
SYNCHRONIC_DMA_TABLES_AREA 5K
FLOW_DMA_TABLES_AREA 4K
SYSTEM_MEMORY_AREA 3k
SYSTEM_MEMORY total size is 3k
it is divided as following:
TIME_MEMORY_AREA 8B
-----------------------------------------------------------*/
/*
the maximum length of the message - the rest of the message shared
area will be dedicated to the dma lli tables
*/
#define SEP_DRIVER_MAX_MESSAGE_SIZE_IN_BYTES (8 * 1024)
/* the size of the message shared area in pages */
#define SEP_DRIVER_MESSAGE_SHARED_AREA_SIZE_IN_BYTES (8 * 1024)
/* the size of the data pool static area in pages */
#define SEP_DRIVER_STATIC_AREA_SIZE_IN_BYTES (4 * 1024)
/* the size of the data pool shared area size in pages */
#define SEP_DRIVER_DATA_POOL_SHARED_AREA_SIZE_IN_BYTES (12 * 1024)
/* the size of the message shared area in pages */
#define SEP_DRIVER_SYNCHRONIC_DMA_TABLES_AREA_SIZE_IN_BYTES (1024 * 5)
/* the size of the data pool shared area size in pages */
#define SEP_DRIVER_FLOW_DMA_TABLES_AREA_SIZE_IN_BYTES (1024 * 4)
/* system data (time, caller id etc') pool */
#define SEP_DRIVER_SYSTEM_DATA_MEMORY_SIZE_IN_BYTES 100
/* area size that is mapped - we map the MESSAGE AREA, STATIC POOL and
DATA POOL areas. area must be module 4k */
#define SEP_DRIVER_MMMAP_AREA_SIZE (1024 * 24)
/*-----------------------------------------------
offsets of the areas starting from the shared area start address
*/
/* message area offset */
#define SEP_DRIVER_MESSAGE_AREA_OFFSET_IN_BYTES 0
/* static pool area offset */
#define SEP_DRIVER_STATIC_AREA_OFFSET_IN_BYTES \
(SEP_DRIVER_MESSAGE_SHARED_AREA_SIZE_IN_BYTES)
/* data pool area offset */
#define SEP_DRIVER_DATA_POOL_AREA_OFFSET_IN_BYTES \
(SEP_DRIVER_STATIC_AREA_OFFSET_IN_BYTES + \
SEP_DRIVER_STATIC_AREA_SIZE_IN_BYTES)
/* synhronic dma tables area offset */
#define SEP_DRIVER_SYNCHRONIC_DMA_TABLES_AREA_OFFSET_IN_BYTES \
(SEP_DRIVER_DATA_POOL_AREA_OFFSET_IN_BYTES + \
SEP_DRIVER_DATA_POOL_SHARED_AREA_SIZE_IN_BYTES)
/* sep driver flow dma tables area offset */
#define SEP_DRIVER_FLOW_DMA_TABLES_AREA_OFFSET_IN_BYTES \
(SEP_DRIVER_SYNCHRONIC_DMA_TABLES_AREA_OFFSET_IN_BYTES + \
SEP_DRIVER_SYNCHRONIC_DMA_TABLES_AREA_SIZE_IN_BYTES)
/* system memory offset in bytes */
#define SEP_DRIVER_SYSTEM_DATA_MEMORY_OFFSET_IN_BYTES \
(SEP_DRIVER_FLOW_DMA_TABLES_AREA_OFFSET_IN_BYTES + \
SEP_DRIVER_FLOW_DMA_TABLES_AREA_SIZE_IN_BYTES)
/* offset of the time area */
#define SEP_DRIVER_SYSTEM_TIME_MEMORY_OFFSET_IN_BYTES \
(SEP_DRIVER_SYSTEM_DATA_MEMORY_OFFSET_IN_BYTES)
/* start physical address of the SEP registers memory in HOST */
#define SEP_IO_MEM_REGION_START_ADDRESS 0x80000000
/* size of the SEP registers memory region in HOST (for now 100 registers) */
#define SEP_IO_MEM_REGION_SIZE (2 * 0x100000)
/* define the number of IRQ for SEP interrupts */
#define SEP_DIRVER_IRQ_NUM 1
/* maximum number of add buffers */
#define SEP_MAX_NUM_ADD_BUFFERS 100
/* number of flows */
#define SEP_DRIVER_NUM_FLOWS 4
/* maximum number of entries in flow table */
#define SEP_DRIVER_MAX_FLOW_NUM_ENTRIES_IN_TABLE 25
/* offset of the num entries in the block length entry of the LLI */
#define SEP_NUM_ENTRIES_OFFSET_IN_BITS 24
/* offset of the interrupt flag in the block length entry of the LLI */
#define SEP_INT_FLAG_OFFSET_IN_BITS 31
/* mask for extracting data size from LLI */
#define SEP_TABLE_DATA_SIZE_MASK 0xFFFFFF
/* mask for entries after being shifted left */
#define SEP_NUM_ENTRIES_MASK 0x7F
/* default flow id */
#define SEP_FREE_FLOW_ID 0xFFFFFFFF
/* temp flow id used during cretiong of new flow until receiving
real flow id from sep */
#define SEP_TEMP_FLOW_ID (SEP_DRIVER_NUM_FLOWS + 1)
/* maximum add buffers message length in bytes */
#define SEP_MAX_ADD_MESSAGE_LENGTH_IN_BYTES (7 * 4)
/* maximum number of concurrent virtual buffers */
#define SEP_MAX_VIRT_BUFFERS_CONCURRENT 100
/* the token that defines the start of time address */
#define SEP_TIME_VAL_TOKEN 0x12345678
/* DEBUG LEVEL MASKS */
#define SEP_DEBUG_LEVEL_BASIC 0x1
#define SEP_DEBUG_LEVEL_REGISTERS 0x2
#define SEP_DEBUG_LEVEL_EXTENDED 0x4
/* FUNCTIONAL MACROS */
/* debug macro without paramaters */
#define DEBUG_PRINT_0(DEBUG_LEVEL , info) \
do { \
if (DEBUG_LEVEL & sepDebug) \
printk(KERN_WARNING info); \
} while (0)
/* debug macro with 1 paramater */
#define DEBUG_PRINT_1(DEBUG_LEVEL , info , param1) \
do { \
if (DEBUG_LEVEL & sepDebug) \
printk(KERN_WARNING info, param1); \
} while (0)
/* debug macro with 2 paramaters */
#define DEBUG_PRINT_2(DEBUG_LEVEL, info, param1, param2) \
do { \
if (DEBUG_LEVEL & sepDebug) \
printk(KERN_WARNING info , param1, param2); \
} while (0)
/* debug macro with 3 paramaters */
#define DEBUG_PRINT_3(DEBUG_LEVEL, info, param1, param2, param3) \
do { \
if (DEBUG_LEVEL & sepDebug) \
printk(KERN_WARNING info , param1, param2 , param3); \
} while (0)
/* debug macro with 4 paramaters */
#define DEBUG_PRINT_4(DEBUG_LEVEL, info, param1, param2, param3, param4) \
do { \
if (DEBUG_LEVEL & sepDebug) \
printk(KERN_WARNING info, param1, param2, param3, param4); \
} while (0)
#if 0
/* write register macro with option for debug print */
#define SEP_WRITE_REGISTER(address, value) \
do { \
if (sepDebug & SEP_DEBUG_LEVEL_REGISTERS) \
printk(KERN_WARNING "Write Register: address %lu value %lu\n", \
(unsigned long)(address), (unsigned long)(value)); \
writel((value), (void *)(address)); \
} while (0)
/* read register macro with option for debug print */
#define SEP_READ_REGISTER(address , value) \
do { \
(value) = readl((void *)(address)); \
if (sepDebug & SEP_DEBUG_LEVEL_REGISTERS) \
printk(KERN_WARNING "Read Register: address %lu value %lu\n", \
(address), (value)); \
} while (0)
#else
#if 1
#define SEP_WRITE_REGISTER(address, value) writel((value), (void *)(address))
#define SEP_READ_REGISTER(address, value) (value) = readl((void *)(address))
#endif
#endif
#if 0
#define SEP_WRITE_ROM(address, value) writel((value), (void *)(address))
#define SEP_WRITE_REGISTER(address, value) \
do { \
unsigned long i; \
for (i = 0; i < 1000; i++); \
writel((value), (void *)(address)); \
} while (0)
#define SEP_READ_REGISTER(address , value) \
do { \
unsigned long i; \
for (i = 0; i < 1000; i++); \
(value) = readl((void *) (address)); \
} while (0)
#endif
/* wait for SRAM write complete(indirect write */
#define SEP_WAIT_SRAM_WRITE_COMPLETE() \
do { \
unsigned long reg_val; \
do { \
SEP_READ_REGISTER(g_sep_reg_base_address + \
HW_SRAM_DATA_READY_REG_ADDR, (reg_val)); \
} while (!(reg_val & 0x1)); \
} while (0)
#endif
/*
*
* sep_driver_ext_api.h - Security Processor Driver external api definitions
*
* Copyright(c) 2009 Intel Corporation. All rights reserved.
* Copyright(c) 2009 Discretix. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59
* Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* CONTACTS:
*
* Mark Allyn mark.a.allyn@intel.com
*
* CHANGES:
*
* 2009.06.26 Initial publish
*
*/
#ifndef __SEP_DRIVER_EXT_API_H__
#define __SEP_DRIVER_EXT_API_H__
/* shared variables */
extern int sepDebug;
extern unsigned long g_sep_reg_base_address;
/*
this function loads the ROM code in SEP (needed only in the debug mode on FPGA)
*/
void sep_load_rom_code(void);
/*
This functions locks the area of the resident and cache sep code (if possible)
*/
void sep_lock_cache_resident_area(void);
/*
This functions copies the cache and resident from their source location into
destination memory, which is external to Linux VM and is given as physical
address
*/
int sep_copy_cache_resident_to_area(unsigned long src_cache_addr,
unsigned long cache_size_in_bytes,
unsigned long src_resident_addr,
unsigned long resident_size_in_bytes,
unsigned long *dst_new_cache_addr_ptr,
unsigned long *dst_new_resident_addr_ptr);
/*
This functions maps and allocates the shared area on the external
RAM (device) The input is shared_area_size - the size of the memory
to allocate. The outputs are kernel_shared_area_addr_ptr - the kerenl
address of the mapped and allocated shared area, and
phys_shared_area_addr_ptr - the physical address of the shared area
*/
int sep_map_and_alloc_shared_area(unsigned long shared_area_size,
unsigned long *kernel_shared_area_addr_ptr,
unsigned long *phys_shared_area_addr_ptr);
/*
This functions unmaps and deallocates the shared area on the external
RAM (device) The input is shared_area_size - the size of the memory to
deallocate,kernel_shared_area_addr_ptr - the kernel address of the
mapped and allocated shared area,phys_shared_area_addr_ptr - the physical
address of the shared area
*/
void sep_unmap_and_free_shared_area(unsigned long shared_area_size,
unsigned long kernel_shared_area_addr,
unsigned long phys_shared_area_addr);
/*
This functions returns the physical address inside shared area according
to the virtual address. It can be either on the externa RAM device
(ioremapped), or on the system RAM
*/
unsigned long sep_shared_area_virt_to_phys(unsigned long virt_address);
/*
This functions returns the vitrual address inside shared area according
to the physical address. It can be either on the externa RAM device
(ioremapped), or on the system RAM This implementation is for the external RAM
*/
unsigned long sep_shared_area_phys_to_virt(unsigned long phys_address);
/*
This function registers th driver to the device
subsystem (either PCI, USB, etc)
*/
int sep_register_driver_to_device(void);
#endif /*__SEP_DRIVER_EXT_API_H__*/
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment