secvio.c
7.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
/*
* SNVS Security Violation Handler
* Copyright (C) 2012-2015 Freescale Semiconductor, Inc., All Rights Reserved
*/
#include <linux/of_address.h>
#include <linux/of_irq.h>
#include "compat.h"
#include "intern.h"
#include "secvio.h"
#include "regs.h"
/*
* These names are associated with each violation handler.
* The source names were taken from MX6, and are based on recommendations
* for most common SoCs.
*/
static const u8 *violation_src_name[] = {
"CAAM Internal Security Violation",
"JTAG Alarm",
"Watchdog",
"(reserved)",
"External Boot",
"External Tamper Detect",
};
/* These names help describe security monitor state for the console */
static const u8 *snvs_ssm_state_name[] = {
"init",
"hard fail",
"(undef:2)",
"soft fail",
"(undef:4)",
"(undef:5)",
"(undef:6)",
"(undef:7)",
"transition",
"check",
"(undef:10)",
"non-secure",
"(undef:12)",
"trusted",
"(undef:14)",
"secure",
};
/* Top-level security violation interrupt */
static irqreturn_t snvs_secvio_interrupt(int irq, void *snvsdev)
{
struct device *dev = snvsdev;
struct snvs_secvio_drv_private *svpriv = dev_get_drvdata(dev);
/* Check the HP secvio status register */
svpriv->irqcause = rd_reg32(&svpriv->svregs->hp.secvio_status) &
HP_SECVIOST_SECVIOMASK;
if (!svpriv->irqcause)
return IRQ_NONE;
/* Now ACK cause */
setbits32(&svpriv->svregs->hp.secvio_status, svpriv->irqcause);
/* And run deferred service */
preempt_disable();
tasklet_schedule(&svpriv->irqtask[smp_processor_id()]);
preempt_enable();
return IRQ_HANDLED;
}
/* Deferred service handler. Tasklet arg is simply the SNVS dev */
static void snvs_secvio_dispatch(unsigned long indev)
{
struct device *dev = (struct device *)indev;
struct snvs_secvio_drv_private *svpriv = dev_get_drvdata(dev);
unsigned long flags;
int i;
/* Look through stored causes, call each handler if exists */
for (i = 0; i < MAX_SECVIO_SOURCES; i++)
if (svpriv->irqcause & (1 << i)) {
spin_lock_irqsave(&svpriv->svlock, flags);
svpriv->intsrc[i].handler(dev, i,
svpriv->intsrc[i].ext);
spin_unlock_irqrestore(&svpriv->svlock, flags);
};
/* Re-enable now-serviced interrupts */
setbits32(&svpriv->svregs->hp.secvio_intcfg, svpriv->irqcause);
}
/*
* Default cause handler, used in lieu of an application-defined handler.
* All it does at this time is print a console message. It could force a halt.
*/
static void snvs_secvio_default(struct device *dev, u32 cause, void *ext)
{
struct snvs_secvio_drv_private *svpriv = dev_get_drvdata(dev);
dev_err(dev, "Unhandled Security Violation Interrupt %d = %s\n",
cause, svpriv->intsrc[cause].intname);
}
/*
* Install an application-defined handler for a specified cause
* Arguments:
* - dev points to SNVS-owning device
* - cause interrupt source cause
* - handler application-defined handler, gets called with dev
* source cause, and locally-defined handler argument
* - cause_description points to a string to override the default cause
* name, this can be used as an alternate for error
* messages and such. If left NULL, the default
* description string is used.
* - ext pointer to any extra data needed by the handler.
*/
int snvs_secvio_install_handler(struct device *dev, enum secvio_cause cause,
void (*handler)(struct device *dev, u32 cause,
void *ext),
u8 *cause_description, void *ext)
{
unsigned long flags;
struct snvs_secvio_drv_private *svpriv;
svpriv = dev_get_drvdata(dev);
if ((handler == NULL) || (cause > SECVIO_CAUSE_SOURCE_5))
return -EINVAL;
spin_lock_irqsave(&svpriv->svlock, flags);
svpriv->intsrc[cause].handler = handler;
if (cause_description != NULL)
svpriv->intsrc[cause].intname = cause_description;
if (ext != NULL)
svpriv->intsrc[cause].ext = ext;
spin_unlock_irqrestore(&svpriv->svlock, flags);
return 0;
}
EXPORT_SYMBOL(snvs_secvio_install_handler);
/*
* Remove an application-defined handler for a specified cause (and, by
* implication, restore the "default".
* Arguments:
* - dev points to SNVS-owning device
* - cause interrupt source cause
*/
int snvs_secvio_remove_handler(struct device *dev, enum secvio_cause cause)
{
unsigned long flags;
struct snvs_secvio_drv_private *svpriv;
svpriv = dev_get_drvdata(dev);
if (cause > SECVIO_CAUSE_SOURCE_5)
return -EINVAL;
spin_lock_irqsave(&svpriv->svlock, flags);
svpriv->intsrc[cause].intname = violation_src_name[cause];
svpriv->intsrc[cause].handler = snvs_secvio_default;
svpriv->intsrc[cause].ext = NULL;
spin_unlock_irqrestore(&svpriv->svlock, flags);
return 0;
}
EXPORT_SYMBOL(snvs_secvio_remove_handler);
static int snvs_secvio_remove(struct platform_device *pdev)
{
struct device *svdev;
struct snvs_secvio_drv_private *svpriv;
int i;
svdev = &pdev->dev;
svpriv = dev_get_drvdata(svdev);
/* Set all sources to nonfatal */
wr_reg32(&svpriv->svregs->hp.secvio_intcfg, 0);
/* Remove tasklets and release interrupt */
for_each_possible_cpu(i)
tasklet_kill(&svpriv->irqtask[i]);
free_irq(svpriv->irq, svdev);
iounmap(svpriv->svregs);
kfree(svpriv);
return 0;
}
static int snvs_secvio_probe(struct platform_device *pdev)
{
struct device *svdev;
struct snvs_secvio_drv_private *svpriv;
struct device_node *np, *npirq;
struct snvs_full __iomem *snvsregs;
int i, error;
u32 hpstate;
svpriv = kzalloc(sizeof(struct snvs_secvio_drv_private), GFP_KERNEL);
if (!svpriv)
return -ENOMEM;
svdev = &pdev->dev;
dev_set_drvdata(svdev, svpriv);
svpriv->pdev = pdev;
np = pdev->dev.of_node;
npirq = of_find_compatible_node(NULL, NULL, "fsl,imx6q-caam-secvio");
if (!npirq) {
dev_err(svdev, "can't identify secvio interrupt\n");
kfree(svpriv);
return -EINVAL;
}
svpriv->irq = irq_of_parse_and_map(npirq, 0);
if (svpriv->irq <= 0) {
kfree(svpriv);
return -EINVAL;
}
snvsregs = of_iomap(np, 0);
if (!snvsregs) {
dev_err(svdev, "register mapping failed\n");
return -ENOMEM;
}
svpriv->svregs = (struct snvs_full __force *)snvsregs;
/* Device data set up. Now init interrupt source descriptions */
for (i = 0; i < MAX_SECVIO_SOURCES; i++) {
svpriv->intsrc[i].intname = violation_src_name[i];
svpriv->intsrc[i].handler = snvs_secvio_default;
}
/* Connect main handler */
for_each_possible_cpu(i)
tasklet_init(&svpriv->irqtask[i], snvs_secvio_dispatch,
(unsigned long)svdev);
error = request_irq(svpriv->irq, snvs_secvio_interrupt,
IRQF_SHARED, "snvs-secvio", svdev);
if (error) {
dev_err(svdev, "can't connect secvio interrupt\n");
irq_dispose_mapping(svpriv->irq);
svpriv->irq = 0;
iounmap(svpriv->svregs);
kfree(svpriv);
return -EINVAL;
}
/*
* Configure all sources as fatal violations except LP section,
* source #5 (typically used as an external tamper detect), and
* source #3 (typically unused). Whenever the transition to
* secure mode has occurred, these will now be "fatal" violations
*/
wr_reg32(&svpriv->svregs->hp.secvio_intcfg,
HP_SECVIO_INTEN_SRC4 | HP_SECVIO_INTEN_SRC2 |
HP_SECVIO_INTEN_SRC1 | HP_SECVIO_INTEN_SRC0);
hpstate = (rd_reg32(&svpriv->svregs->hp.status) &
HP_STATUS_SSM_ST_MASK) >> HP_STATUS_SSM_ST_SHIFT;
dev_info(svdev, "violation handlers armed - %s state\n",
snvs_ssm_state_name[hpstate]);
return 0;
}
static struct of_device_id snvs_secvio_match[] = {
{
.compatible = "fsl,imx6q-caam-snvs",
},
{},
};
MODULE_DEVICE_TABLE(of, snvs_secvio_match);
static struct platform_driver snvs_secvio_driver = {
.driver = {
.name = "snvs-secvio",
.owner = THIS_MODULE,
.of_match_table = snvs_secvio_match,
},
.probe = snvs_secvio_probe,
.remove = snvs_secvio_remove,
};
module_platform_driver(snvs_secvio_driver);
MODULE_LICENSE("Dual BSD/GPL");
MODULE_DESCRIPTION("FSL SNVS Security Violation Handler");
MODULE_AUTHOR("Freescale Semiconductor - MCU");