diff options
Diffstat (limited to 'include/linux/mxc_scc_driver.h')
| -rw-r--r-- | include/linux/mxc_scc_driver.h | 1031 |
1 files changed, 1031 insertions, 0 deletions
diff --git a/include/linux/mxc_scc_driver.h b/include/linux/mxc_scc_driver.h new file mode 100644 index 000000000000..a2f808cb3c53 --- /dev/null +++ b/include/linux/mxc_scc_driver.h @@ -0,0 +1,1031 @@ + +/* + * Copyright 2004-2010 Freescale Semiconductor, Inc. All Rights Reserved. + */ + +/* + * The code contained herein is licensed under the GNU General Public + * License. You may obtain a copy of the GNU General Public License + * Version 2 or later at the following locations: + * + * http://www.opensource.org/licenses/gpl-license.html + * http://www.gnu.org/copyleft/gpl.html + */ + +#ifndef __ASM_ARCH_MXC_SCC_DRIVER_H__ +#define __ASM_ARCH_MXC_SCC_DRIVER_H__ + +/* Start marker for C++ compilers */ +#ifdef __cplusplus +extern "C" { +#endif + +/* + * NAMING CONVENTIONS + * ================== + * (A note to maintainers and other interested parties) + * + * Use scc_ or SCC_ prefix for 'high-level' interface routines and the types + * passed to those routines. Try to avoid #defines in these interfaces. + * + * Use SMN_ or SCM_ prefix for the #defines used with scc_read_register() and + * scc_write_register, or values passed/retrieved from those routines. + */ + +/*! + * @defgroup MXCSCC SCC Driver + * + * @ingroup MXCSECDRVRS + */ + +/*! + * @file arch-mxc/mxc_scc_driver.h + * + * @brief (Header file to use the SCC driver.) + * + * The SCC driver will only be available to other kernel modules. That is, + * there will be no node file in /dev, no way for a user-mode program to access + * the driver, no way for a user program to access the device directly. + * + * With the exception of #scc_monitor_security_failure(), all routines are + * 'synchronous', i.e. they will not return to their caller until the requested + * action is complete, or fails to complete. Some of these functions could + * take quite a while to perform, depending upon the request. + * + * Routines are provided to: + * @li encrypt or decrypt secrets - #scc_crypt() + * @li trigger a security-violation alarm - #scc_set_sw_alarm() + * @li get configuration and version information - #scc_get_configuration() + * @li zeroize memory - #scc_zeroize_memories() + * @li Work on wrapped and stored secret values: #scc_alloc_slot(), + * #scc_dealloc_slot(), scc_load_slot(), #scc_decrypt_slot(), + * #scc_encrypt_slot(), #scc_get_slot_info() + + * @li monitor the Security Failure alarm - #scc_monitor_security_failure() + * @li stop monitoring Security Failure alarm - + * #scc_stop_monitoring_security_failure() + * @li write registers of the SCC - #scc_write_register() + * @li read registers of the SCC - #scc_read_register() + * + * The driver does not allow "storage" of data in either the Red or Black + * memories. Any decrypted secret is returned to the user, and if the user + * wants to use it at a later point, the encrypted form must again be passed + * to the driver, and it must be decrypted again. + * + * The SCC encrypts and decrypts using Triple DES with an internally stored + * key. When the SCC is in Secure mode, it uses its secret, unique-per-chip + * key. When it is in Non-Secure mode, it uses a default key. This ensures + * that secrets stay secret if the SCC is not in Secure mode. + * + * Not all functions that could be provided in a 'high level' manner have been + * implemented. Among the missing are interfaces to the ASC/AIC components and + * the timer functions. These and other features must be accessed through + * #scc_read_register() and #scc_write_register(), using the @c \#define values + * provided. + * + * Here is a glossary of acronyms used in the SCC driver documentation: + * - CBC - Cipher Block Chaining. A method of performing a block cipher. + * Each block is encrypted using some part of the result of the previous + * block's encryption. It needs an 'initialization vector' to seed the + * operation. + * - ECB - Electronic Code Book. A method of performing a block cipher. + * With a given key, a given block will always encrypt to the same value. + * - DES - Data Encryption Standard. (8-byte) Block cipher algorithm which + * uses 56-bit keys. In SCC, this key is constant and unique to the device. + * SCC uses the "triple DES" form of this algorithm. + * - AIC - Algorithm Integrity Checker. + * - ASC - Algorithm Sequence Checker. + * - SMN - Security Monitor. The part of the SCC responsible for monitoring + * for security problems and notifying the CPU and other PISA components. + * - SCM - Secure Memory. The part of the SCC which handles the cryptography. + * - SCC - Security Controller. Central security mechanism for PISA. + * - PISA - Platform-Independent Security Architecture. + */ + +/* Temporarily define compile-time flags to make Doxygen happy. */ +#ifdef DOXYGEN_HACK +/*! @defgroup scccompileflags SCC Driver compile-time flags + * + * These preprocessor flags should be set, if desired, in a makefile so + * that they show up on the compiler command line. + */ +/*! @addtogroup scccompileflags */ + +/*! @{ */ +/*! + * Compile-time flag to change @ref smnregs and @ref scmregs + * offset values for the SCC's implementation on the MX.21 board. + * + * This must also be set properly for any code which calls the + * scc_read_register() or scc_write_register() functions or references the + * register offsets. + */ +#define TAHITI +/*! @} */ +#undef TAHITI + +#endif /* DOXYGEN_HACK */ + +/*! Major Version of the driver. Used for + scc_configuration->driver_major_version */ +#define SCC_DRIVER_MAJOR_VERSION_1 1 +/*! Old Minor Version of the driver. */ +#define SCC_DRIVER_MINOR_VERSION_0 0 +/*! Old Minor Version of the driver. */ +#define SCC_DRIVER_MINOR_VERSION_4 4 +/*! Old Minor Version of the driver. */ +#define SCC_DRIVER_MINOR_VERSION_5 5 +/*! Old Minor Version of the driver. */ +#define SCC_DRIVER_MINOR_VERSION_6 6 +/*! Minor Version of the driver. Used for + scc_configuration->driver_minor_version */ +#define SCC_DRIVER_MINOR_VERSION_8 8 + + +/*! + * @typedef scc_return_t + */ +/*! Common status return values from SCC driver functions. */ + typedef enum scc_return_t { + SCC_RET_OK = 0, /*!< Function succeeded */ + SCC_RET_FAIL, /*!< Non-specific failure */ + SCC_RET_VERIFICATION_FAILED, /*!< Decrypt validation failed */ + SCC_RET_TOO_MANY_FUNCTIONS, /*!< At maximum registered functions */ + SCC_RET_BUSY, /*!< SCC is busy and cannot handle request */ + SCC_RET_INSUFFICIENT_SPACE, /*!< Encryption or decryption failed because + @c count_out_bytes says that @c data_out is + too small to hold the value. */ + } scc_return_t; + +/*! + * Configuration information about SCC and the driver. + * + * This struct/typedef contains information from the SCC and the driver to + * allow the user of the driver to determine the size of the SCC's memories and + * the version of the SCC and the driver. + */ + typedef struct scc_config_t { + int driver_major_version; /*!< Major version of the SCC driver code */ + int driver_minor_version; /*!< Minor version of the SCC driver code */ + int scm_version; /*!< Version from SCM Configuration register */ + int smn_version; /*!< Version from SMN Status register */ + int block_size_bytes; /*!< Number of bytes per block of RAM; also + block size of the crypto algorithm. */ + int black_ram_size_blocks; /*!< Number of blocks of Black RAM */ + int red_ram_size_blocks; /*!< Number of blocks of Red RAM */ + } scc_config_t; + +/*! + * @typedef scc_enc_dec_t + */ +/*! + * Determine whether SCC will run its cryptographic + * function as an encryption or decryption. Used as an argument to + * #scc_crypt(). + */ + typedef enum scc_enc_dec_t { + SCC_ENCRYPT, /*!< Encrypt (from Red to Black) */ + SCC_DECRYPT /*!< Decrypt (from Black to Red) */ + } scc_enc_dec_t; + +/* + * @typedef scc_crypto_mode_t + */ +/*! + * Determine whether SCC will run its cryptographic function in ECB (electronic + * codebook) or CBC (cipher-block chaining) mode. Used as an argument to + * #scc_crypt(). + */ + typedef enum scc_crypto_mode_t { + SCC_ECB_MODE, /*!< Electronic Codebook Mode */ + SCC_CBC_MODE /*!< Cipher Block Chaining Mode */ + } scc_crypto_mode_t; + +/*! + * @typedef scc_verify_t + */ +/*! + * Tell the driver whether it is responsible for verifying the integrity of a + * secret. During an encryption, using other than #SCC_VERIFY_MODE_NONE will + * cause a check value to be generated and appended to the plaintext before + * encryption. During decryption, the check value will be verified after + * decryption, and then stripped from the message. + */ + typedef enum scc_verify_t { + /*! No verification value added or checked. Input plaintext data must be + * be a multiple of the blocksize (#scc_get_configuration()). */ + SCC_VERIFY_MODE_NONE, + /*! Driver will generate/validate a 2-byte CCITT CRC. Input plaintext will + be padded to a multiple of the blocksize, adding 3-10 bytes to the + resulting output ciphertext. Upon decryption, this padding will be + stripped, and the CRC will be verified. */ + SCC_VERIFY_MODE_CCITT_CRC + } scc_verify_t; + +/*! + * Determine if the given credentials match that of the key slot. + * + * @param[in] owner_id A value which will control access to the slot. + * @param[in] slot Key Slot to query + * @param[in] access_len Length of the key + * + * @return 0 on success, non-zero on failure. See #scc_return_t. + */ + scc_return_t + scc_verify_slot_access(uint64_t owner_id, uint32_t slot, + uint32_t access_len); + +/*! + * Retrieve configuration information from the SCC. + * + * This function always succeeds. + * + * @return A pointer to the configuration information. This is a pointer to + * static memory and must not be freed. The values never change, and + * the return value will never be null. + */ + extern scc_config_t *scc_get_configuration(void); + +/*! + * Zeroize Red and Black memories of the SCC. This will start the Zeroizing + * process. The routine will return when the memories have zeroized or failed + * to do so. The driver will poll waiting for this to occur, so this + * routine must not be called from interrupt level. Some future version of + * driver may elect instead to sleep. + * + * @return 0 or error if initialization fails. + */ + extern scc_return_t scc_zeroize_memories(void); + +/*! + * Perform a Triple DES encryption or decryption operation. + * + * This routine will cause the SCM to perform an encryption or decryption with + * its internal key. If the SCC's #SMN_STATUS register shows that the SCC is + * in #SMN_STATE_SECURE, then the Secret Key will be used. If it is + * #SMN_STATE_NON_SECURE (or health check), then the Default Key will be used. + * + * This function will perform in a variety of ways, depending upon the values + * of @c direction, @c crypto_mode, and @c check_mode. If + * #SCC_VERIFY_MODE_CCITT_CRC mode is requested, upon successful completion, + * the @c count_in_bytes will be different from the returned value of @c + * count_out_bytes. This is because the two-byte CRC and some amount of + * padding (at least one byte) will either be added or stripped. + * + * This function will not return until the SCC has performed the operation (or + * reported failure to do so). It must therefore not be called from interrupt + * level. In the current version, it will poll the SCC for completion. In + * future versions, it may sleep. + * + * @param[in] count_in_bytes The number of bytes to move through the crypto + * function. Must be greater than zero. + * + * @param[in] data_in Pointer to the array of bytes to be used as input + * to the crypto function. + * + * @param[in] init_vector Pointer to the block-sized (8 byte) array of + * bytes which form the initialization vector for + * this operation. A non-null value is required + * when @c crypto_mode has the value #SCC_CBC_MODE; + * the value is ignored in #SCC_ECB_MODE. + * + * @param[in] direction Direct the driver to perform encryption or + * decryption. + * + * @param[in] crypto_mode Run the crypto function in ECB or CBC mode. + * + * @param[in] check_mode During encryption, generate and append a check + * value to the plaintext and pad the resulting + * data. During decryption, validate the plaintext + * with that check value and remove the padding. + * + * @param[in,out] count_out_bytes On input, the number of bytes available for + * copying to @c data_out. On return, the number of + * bytes copied to @c data_out. + * + * @param[out] data_out Pointer to the array of bytes that are where the + * output of the crypto function are to be placed. + * For encryption, this must be able to hold a + * longer ciphertext than the plaintext message at + * @c data_in. The driver will append a 'pad' of + * 1-8 bytes to the message, and if @c check_mode is + * used, additional bytes may be added, the number + * depending upon the type of check being requested. + * + * @return 0 on success, non-zero on failure. See #scc_return_t. + * + * @internal + * This function will verify SCC state and the functions parameters. It will + * acquire the crypto lock, and set up some SCC registers and variables common + * to encryption and decryption. A rough check will be made to verify that + * enough space is available in @c count_out_bytes. Upon success, either the + * #scc_encrypt or #scc_decrypt routine will be called to do the actual work. + * The crypto lock will then be released. + */ +extern scc_return_t scc_crypt(unsigned long count_in_bytes, + const uint8_t *data_in, + const uint8_t *init_vector, + scc_enc_dec_t direction, + scc_crypto_mode_t crypto_mode, + scc_verify_t check_mode, + uint8_t *data_out, + unsigned long *count_out_bytes); + + +/*! + * Allocate a key slot for a stored key (or other stored value). + * + * This feature is to allow decrypted secret values to be kept in RED RAM. + * This can all visibility of the data only by Sahara. + * + * @param value_size_bytes Size, in bytes, of RED key/value. Currently only + * a size up to 32 bytes is supported. + * + * @param owner_id A value which will control access to the slot. + * It must be passed into to any subsequent calls to + * use the assigned slot. + * + * @param[out] slot The slot number for the key. + * + * @return 0 on success, non-zero on failure. See #scc_return_t. + */ + extern scc_return_t scc_alloc_slot(uint32_t value_size_bytes, + uint64_t owner_id, uint32_t *slot); + +/*! + * Deallocate the key slot of a stored key or secret value. + * + * @param owner_id The id which owns the @c slot. + * + * @param slot The slot number for the key. + + * @return 0 on success, non-zero on failure. See #scc_return_t. + */ + extern scc_return_t scc_dealloc_slot(uint64_t owner_id, uint32_t slot); + +/*! + * Load a value into a slot. + * + * @param owner_id Value of owner of slot + * @param slot Handle of slot + * @param key_data Data to load into the slot + * @param key_length Length, in bytes, of @c key_data to copy to SCC. + * + * @return SCC_RET_OK on success. SCC_RET_FAIL will be returned if slot + * specified cannot be accessed for any reason, or SCC_RET_INSUFFICIENT_SPACE + * if @c key_length exceeds the size of the slot. + */ + extern scc_return_t scc_load_slot(uint64_t owner_id, uint32_t slot, + const uint8_t *key_data, + uint32_t key_length); +/*! + * Read a value from a slot. + * + * @param owner_id Value of owner of slot + * @param slot Handle of slot + * @param key_length Length, in bytes, of @c key_data to copy from SCC. + * @param key_data Location to write the key + * + * @return SCC_RET_OK on success. SCC_RET_FAIL will be returned if slot + * specified cannot be accessed for any reason, or SCC_RET_INSUFFICIENT_SPACE + * if @c key_length exceeds the size of the slot. + */ + extern scc_return_t scc_read_slot(uint64_t owner_id, uint32_t slot, + uint32_t key_length, + uint8_t *key_data); + +/*! + * Allocate a key slot to fit the requested size. + * + * @param owner_id Value of owner of slot + * @param slot Handle of slot + * @param length Length, in bytes, of @c black_data + * @param black_data Location to store result of encrypting RED data in slot + * + * @return SCC_RET_OK on success, SCC_RET_FAIL if slot specified cannot be + * accessed for any reason. + */ + extern scc_return_t scc_encrypt_slot(uint64_t owner_id, uint32_t slot, + uint32_t length, + uint8_t *black_data); + +/*! + * Decrypt some black data and leave result in the slot. + * + * @param owner_id Value of owner of slot + * @param slot Handle of slot + * @param length Length, in bytes, of @c black_data + * @param black_data Location of data to dencrypt and store in slot + * + * @return SCC_RET_OK on success, SCC_RET_FAIL if slot specified cannot be + * accessed for any reason. + */ + extern scc_return_t scc_decrypt_slot(uint64_t owner_id, uint32_t slot, + uint32_t length, + const uint8_t *black_data); + +/*! + * Get attributes of data in RED slot. + * + * @param owner_id The id which owns the @c slot. + * + * @param slot The slot number for the key. + * + * @param[out] address Physical address of RED value. + * + * @param[out] value_size_bytes Length, in bytes, of RED value, + * or NULL if unneeded.. + * + * @param[out] slot_size_bytes Length, in bytes, of slot size, + * or NULL if unneeded.. + * + * @return 0 on success, non-zero on failure. See #scc_return_t. + */ + extern scc_return_t scc_get_slot_info(uint64_t owner_id, uint32_t slot, + uint32_t *address, + uint32_t *value_size_bytes, + uint32_t *slot_size_bytes); + +/*! + * Signal a software alarm to the SCC. This will take the SCC and other PISA + * parts out of Secure mode and into Security Failure mode. The SCC will stay + * in failed mode until a reboot. + * + * @internal + * If the SCC is not already in fail state, simply write the + * #SMN_COMMAND_SET_SOFTWARE_ALARM bit in #SMN_COMMAND. Since there is no + * reason to wait for the interrupt to bounce back, simply act as though + * one did. + */ + extern void scc_set_sw_alarm(void); + +/*! + * This routine will register a function to be called should a Security Failure + * be signalled by the SCC (Security Monitor). + * + * The callback function may be called from interrupt level, it may be called + * from some process' task. It should therefore not take a long time to + * perform its operation, and it may not sleep. + * + * @param callback_func Function pointer to routine which will receive + * notification of the security failure. + * @return 0 if function was successfully registered, non-zero on + * failure. See #scc_return_t. + * + * @internal + * There is a fixed global static array which keeps track of the requests to + * monitor the failure. + * + * Add @c callback_func to the first empty slot in #scc_callbacks[]. If there + * is no room, return #SCC_RET_TOO_MANY_FUNCTIONS. + */ + extern scc_return_t scc_monitor_security_failure(void + callback_func(void)); + +/*! + * This routine will deregister a function previously registered with + * #scc_monitor_security_failure(). + * + * @param callback_func Function pointer to routine previously registered with + * #scc_stop_monitoring_security_failure(). + */ + extern void scc_stop_monitoring_security_failure(void + callback_func(void)); + +/*! + * Read value from an SCC register. + * The offset will be checked for validity (range) as well as whether it is + * accessible (e.g. not busy, not in failed state) at the time of the call. + * + * @param[in] register_offset The (byte) offset within the SCC block + * of the register to be queried. See + * @ref scmregs and @ref smnregs. + * @param[out] value Pointer to where value from the register + * should be placed. + * @return 0 if OK, non-zero on error. See #scc_return_t. + * + * @internal + * Verify that the register_offset is a) valid, b) refers to a readable + * register, and c) the SCC is in a state which would allow a read of this + * register. + */ + extern scc_return_t scc_read_register(int register_offset, + uint32_t *value); + +/*! + * Write a new value into an SCC register. + * The offset will be checked for validity (range) as well as whether it is + * accessible (e.g. not busy, not in failed state) at the time of the call. + * + * @param[in] register_offset The (byte) offset within the SCC block + * of the register to be modified. See + * @ref scmregs and @ref smnregs. + * @param[in] value The value to store into the register. + * @return 0 if OK, non-zero on error. See #scc_return_t. + * + * @internal + * Verify that the register_offset is a) valid, b) refers to a writeable + * register, and c) the SCC is in a state which would allow a write to this + * register. + */ + extern scc_return_t scc_write_register(int register_offset, + uint32_t value); + +/* + * NOTE TO MAINTAINERS + * + * All of the doxygen comments for the register offset values are in this the + * following comment section. Any changes to register names or definitions + * must be reflected in this section and in both the TAHITI and non-TAHITI + *version of the memory map. + */ + +/*! + * @defgroup scmregs SCM Registers + * + * These values are offsets into the SCC for the Secure Memory + * (SCM) registers. They are used in the @c register_offset parameter of + * #scc_read_register() and #scc_write_register(). + */ +/*! @addtogroup scmregs */ +/*! @{ */ +/*! @def SCM_RED_START + * Starting block offset in red memory for cipher function. */ + +/*! @def SCM_BLACK_START + * Starting block offset in black memory for cipher function. */ + +/*! @def SCM_LENGTH + * Number of blocks to process during cipher function */ + +/*! @def SCM_CONTROL + * SCM Control register. + * See @ref scmcontrolregdefs "SCM Control Register definitions" for details. + */ + +/*! @def SCM_STATUS + * SCM Status register. + * See @ref scmstatusregdefs "SCM Status Register Definitions" for details. + */ + +/*! @def SCM_ERROR_STATUS + * SCM Error Status Register. + * See @ref scmerrstatdefs "SCM Error Status Register definitions" for + * details. */ + +/*! @def SCM_INTERRUPT_CTRL + * SCM Interrupt Control Register. + * See @ref scminterruptcontroldefs "SCM Interrupt Control Register definitions" + * for details. + */ + +/*! @def SCM_CONFIGURATION + * SCM Configuration Register. + * See @ref scmconfigdefs "SCM Configuration Register Definitions" for + * details. + */ + +/*! @def SCM_INIT_VECTOR_0 + * Upper Half of the Initialization Vector */ + +/*! @def SCM_INIT_VECTOR_1 + * Lower Half of the Initialization Vector */ + +/*! @def SCM_RED_MEMORY + * Starting location of first block of Red memory */ + +/*! @def SCM_BLACK_MEMORY + * Starting location of first block of Black memory */ + + /*! @} *//* end of SCM group */ + +/*! + * @defgroup smnregs SMN Registers + * + * These values are offsets into the SCC for the Security Monitor + * (SMN) registers. They are used in the @c register_offset parameter of the + * #scc_read_register() and #scc_write_register(). + */ +/*! @addtogroup smnregs */ +/*! @{ */ +/*! @def SMN_STATUS + * Status register for SMN. + * See @ref smnstatusregdefs "SMN Status Register definitions" for further + * information. + */ + +/*! @def SMN_COMMAND + * Command register for SMN. See + * @ref smncommandregdefs "Command Register Definitions" for further + * information. + */ + +/*! @def SMN_SEQUENCE_START + * Sequence Start register for ASC. See #SMN_SEQUENCE_START_MASK + */ + +/*! @def SMN_SEQUENCE_END + * Sequence End register for ASC. See #SMN_SEQUENCE_CHECK_MASK + */ + +/*! @def SMN_SEQUENCE_CHECK + * Sequence Check register for ASC. See #SMN_SEQUENCE_END_MASK + */ + +/*! @def SMN_BIT_COUNT + * Bit Bank Repository for AIC. See #SMN_BIT_COUNT_MASK + */ + +/*! @def SMN_BITBANK_INC_SIZE + * Bit Bank Increment Size for AIC. See #SMN_BITBANK_INC_SIZE_MASK + */ + +/*! @def SMN_BITBANK_DECREMENT + * Bit Bank Decrement for AIC. See #SMN_BITBANK_DECREMENT_MASK + */ + +/*! @def SMN_COMPARE_SIZE + * Compare Size register for Plaintext/Ciphertext checker. See + * #SMN_COMPARE_SIZE_MASK */ + +/*! @def SMN_PLAINTEXT_CHECK + * Plaintext Check register for Plaintext/Ciphertext checker. + */ + +/*! @def SMN_CIPHERTEXT_CHECK + * Ciphertext Check register for Plaintext/Ciphertext checker. + */ + +/*! @def SMN_TIMER_IV + * Timer Initial Value register + */ + +/*! @def SMN_TIMER_CONTROL + * Timer Control register. + * See @ref smntimercontroldefs "SMN Timer Control Register definitions". + */ + +/*! @def SMN_DEBUG_DETECT_STAT + * Debug Detector Status Register + * See @ref smndbgdetdefs "SMN Debug Detector Status Register"for definitions. + */ + +/*! @def SMN_TIMER + * Current value of the Timer Register + */ + + /*! @} *//* end of SMN group */ + +/* + * SCC MEMORY MAP + * + */ + +/* SCM registers */ +#define SCM_RED_START 0x00000000 /* read/write */ +#define SCM_BLACK_START 0x00000004 /* read/write */ +#define SCM_LENGTH 0x00000008 /* read/write */ +#define SCM_CONTROL 0x0000000C /* read/write */ +#define SCM_STATUS 0x00000010 /* read only */ +#define SCM_ERROR_STATUS 0x00000014 /* read/write */ +#define SCM_INTERRUPT_CTRL 0x00000018 /* read/write */ +#define SCM_CONFIGURATION 0x0000001C /* read only */ +#define SCM_INIT_VECTOR_0 0x00000020 /* read/write */ +#define SCM_INIT_VECTOR_1 0x00000024 /* read/write */ +#define SCM_RED_MEMORY 0x00000400 /* read/write */ +#define SCM_BLACK_MEMORY 0x00000800 /* read/write */ + +/* SMN Registers */ +#define SMN_STATUS 0x00001000 /* read/write */ +#define SMN_COMMAND 0x00001004 /* read/write */ +#define SMN_SEQUENCE_START 0x00001008 /* read/write */ +#define SMN_SEQUENCE_END 0x0000100C /* read/write */ +#define SMN_SEQUENCE_CHECK 0x00001010 /* read/write */ +#define SMN_BIT_COUNT 0x00001014 /* read only */ +#define SMN_BITBANK_INC_SIZE 0x00001018 /* read/write */ +#define SMN_BITBANK_DECREMENT 0x0000101C /* write only */ +#define SMN_COMPARE_SIZE 0x00001020 /* read/write */ +#define SMN_PLAINTEXT_CHECK 0x00001024 /* read/write */ +#define SMN_CIPHERTEXT_CHECK 0x00001028 /* read/write */ +#define SMN_TIMER_IV 0x0000102C /* read/write */ +#define SMN_TIMER_CONTROL 0x00001030 /* read/write */ +#define SMN_DEBUG_DETECT_STAT 0x00001034 /* read/write */ +#define SMN_TIMER 0x00001038 /* read only */ + +/*! Total address space of the SCC, in bytes */ +#define SCC_ADDRESS_RANGE 0x103c + +/*! + * @defgroup smnstatusregdefs SMN Status Register definitions (SMN_STATUS) + */ +/*! @addtogroup smnstatusregdefs */ +/*! @{ */ +/*! SMN version id. */ +#define SMN_STATUS_VERSION_ID_MASK 0xfc000000 +/*! number of bits to shift #SMN_STATUS_VERSION_ID_MASK to get it to LSB */ +#define SMN_STATUS_VERSION_ID_SHIFT 26 +/*! Cacheable access to SMN attempted. */ +#define SMN_STATUS_CACHEABLE_ACCESS 0x02000000 +/*! Illegal bus master access attempted. */ +#define SMN_STATUS_ILLEGAL_MASTER 0x01000000 +/*! Scan mode entered/exited since last reset. */ +#define SMN_STATUS_SCAN_EXIT 0x00800000 +/*! Unaligned access attempted. */ +#define SMN_STATUS_UNALIGNED_ACCESS 0x00400000 +/*! Bad byte offset access attempted. */ +#define SMN_STATUS_BYTE_ACCESS 0x00200000 +/*! Illegal address access attempted. */ +#define SMN_STATUS_ILLEGAL_ADDRESS 0x00100000 +/*! User access attempted. */ +#define SMN_STATUS_USER_ACCESS 0x00080000 +/*! SCM is using DEFAULT key. */ +#define SMN_STATUS_DEFAULT_KEY 0x00040000 +/*! SCM detects weak or bad key. */ +#define SMN_STATUS_BAD_KEY 0x00020000 +/*! Illegal access to SCM detected. */ +#define SMN_STATUS_ILLEGAL_ACCESS 0x00010000 +/*! Internal error detected in SCM. */ +#define SMN_STATUS_SCM_ERROR 0x00008000 +/*! SMN has an outstanding interrupt. */ +#define SMN_STATUS_SMN_STATUS_IRQ 0x00004000 +/*! Software Alarm was triggered. */ +#define SMN_STATUS_SOFTWARE_ALARM 0x00002000 +/*! Timer has expired. */ +#define SMN_STATUS_TIMER_ERROR 0x00001000 +/*! Plaintext/Ciphertext compare failed. */ +#define SMN_STATUS_PC_ERROR 0x00000800 +/*! Bit Bank detected overflow or underflow */ +#define SMN_STATUS_BITBANK_ERROR 0x00000400 +/*! Algorithm Sequence Check failed. */ +#define SMN_STATUS_ASC_ERROR 0x00000200 +/*! Security Policy Block detected error. */ +#define SMN_STATUS_SECURITY_POLICY_ERROR 0x00000100 +/*! At least one Debug signal is active. */ +#define SMN_STATUS_DEBUG_ACTIVE 0x00000080 +/*! SCM failed to zeroize its memory. */ +#define SMN_STATUS_ZEROIZE_FAIL 0x00000040 +/*! Processor booted from internal ROM. */ +#define SMN_STATUS_INTERNAL_BOOT 0x00000020 +/*! SMN's internal state. */ +#define SMN_STATUS_STATE_MASK 0x0000001F +/*! Number of bits to shift #SMN_STATUS_STATE_MASK to get it to LSB. */ +#define SMN_STATUS_STATE_SHIFT 0 +/*! @} */ + +/*! + * @defgroup sccscmstates SMN Model Secure State Controller States (SMN_STATE_MASK) + */ +/*! @addtogroup sccscmstates */ +/*! @{ */ +/*! This is the first state of the SMN after power-on reset */ +#define SMN_STATE_START 0x0 +/*! The SMN is zeroizing its RAM during reset */ +#define SMN_STATE_ZEROIZE_RAM 0x5 +/*! SMN has passed internal checks, and is waiting for Software check-in */ +#define SMN_STATE_HEALTH_CHECK 0x6 +/*! Fatal Security Violation. SMN is locked, SCM is inoperative. */ +#define SMN_STATE_FAIL 0x9 +/*! SCC is in secure state. SCM is using secret key. */ +#define SMN_STATE_SECURE 0xA +/*! Due to non-fatal error, device is not secure. SCM is using default key. */ +#define SMN_STATE_NON_SECURE 0xC +/*! @} */ + +/*! + * @defgroup scmconfigdefs SCM Configuration Register definitions (SCM_CONFIGURATION) + **/ +/*! @addtogroup scmconfigdefs */ +/*! @{ */ +/*! Version number of the Secure Memory. */ +#define SCM_CFG_VERSION_ID_MASK 0xf8000000 +/*! Number of bits to shift #SCM_CFG_VERSION_ID_MASK to get it to LSB. */ +#define SCM_CFG_VERSION_ID_SHIFT 27 +/*! Version one value for SCC configuration */ +#define SCM_VERSION_1 1 +/*! Size, in blocks, of Red memory. */ +#define SCM_CFG_BLACK_SIZE_MASK 0x07fe0000 +/*! Number of bits to shift #SCM_CFG_BLACK_SIZE_MASK to get it to LSB. */ +#define SCM_CFG_BLACK_SIZE_SHIFT 17 +/*! Size, in blocks, of Black memory. */ +#define SCM_CFG_RED_SIZE_MASK 0x0001ff80 +/*! Number of bits to shift #SCM_CFG_RED_SIZE_MASK to get it to LSB. */ +#define SCM_CFG_RED_SIZE_SHIFT 7 +/*! Number of bytes per block. */ +#define SCM_CFG_BLOCK_SIZE_MASK 0x0000007f +/*! Number of bits to shift #SCM_CFG_BLOCK_SIZE_MASK to get it to LSB. */ +#define SCM_CFG_BLOCK_SIZE_SHIFT 0 +/*! @} */ + +/*! + * @defgroup smncommandregdefs SMN Command Register Definitions (SMN_COMMAND) + */ +/*! @addtogroup smncommandregdefs */ +/*! @{ */ +#define SMN_COMMAND_ZEROS_MASK 0xffffff70 /*!< These bits are unimplemented + or reserved */ +#define SMN_COMMAND_TAMPER_LOCK 0x10 /*!< Lock Tamper Detect Bit */ +#define SMN_COMMAND_CLEAR_INTERRUPT 0x8 /*!< Clear SMN Interrupt */ +#define SMN_COMMAND_CLEAR_BIT_BANK 0x4 /*!< Clear SMN Bit Bank */ +#define SMN_COMMAND_ENABLE_INTERRUPT 0x2 /*!< Enable SMN Interrupts */ +#define SMN_COMMAND_SET_SOFTWARE_ALARM 0x1 /*!< Set Software Alarm */ +/*! @} */ + +/*! + * @defgroup smntimercontroldefs SMN Timer Control Register definitions (SMN_TIMER_CONTROL) + */ +/*! @addtogroup smntimercontroldefs */ +/*! @{ */ +/*! These bits are reserved or zero */ +#define SMN_TIMER_CTRL_ZEROS_MASK 0xfffffffc +/*! Load the timer from #SMN_TIMER_IV */ +#define SMN_TIMER_LOAD_TIMER 0x2 +/*! Setting to zero stops the Timer */ +#define SMN_TIMER_STOP_MASK 0x1 +/*! Setting this value starts the timer */ +#define SMN_TIMER_START_TIMER 0x1 +/*! @} */ + +/*! + * @defgroup scminterruptcontroldefs SCM Interrupt Control Register definitions (SCM_INTERRUPT_CTRL) + * + * These are the bit definitions for the #SCM_INTERRUPT_CTRL register. + */ +/*! @addtogroup scminterruptcontroldefs */ +/*! @{ */ +/*! Clear SCM memory */ +#define SCM_INTERRUPT_CTRL_ZEROIZE_MEMORY 0x4 +/*! Clear outstanding SCM interrupt */ +#define SCM_INTERRUPT_CTRL_CLEAR_INTERRUPT 0x2 +/*! Inhibit SCM interrupts */ +#define SCM_INTERRUPT_CTRL_MASK_INTERRUPTS 0x1 +/*! @} */ + +/*! + * @defgroup scmcontrolregdefs SCM Control Register definitions (SCM_CONTROL). + * These values are used with the #SCM_CONTROL register. + */ +/*! @addtogroup scmcontrolregdefs */ +/*! @{ */ +/*! These bits are zero or reserved */ +#define SCM_CONTROL_ZEROS_MASK 0xfffffff8 +/*! Setting this will start encrypt/decrypt */ +#define SCM_CONTROL_START_CIPHER 0x04 +/*! CBC/ECB flag. + * See @ref scmchainmodedefs "Chaining Mode bit definitions." + */ +#define SCM_CONTROL_CHAINING_MODE_MASK 0x02 +/*! Encrypt/decrypt choice. + * See @ref scmciphermodedefs "Cipher Mode bit definitions." */ +#define SCM_CONTROL_CIPHER_MODE_MASK 0x01 +/*! @} */ + +/*! + * @defgroup scmchainmodedefs SCM_CHAINING_MODE_MASK - Bit definitions + */ +/*! @addtogroup scmchainmodedefs */ +/*! @{ */ +#define SCM_CBC_MODE 0x2 /*!< Cipher block chaining */ +#define SCM_ECB_MODE 0x0 /*!< Electronic codebook. */ +/*! @} */ + +/* Bit definitions in the SCM_CIPHER_MODE_MASK */ +/*! + * @defgroup scmciphermodedefs SCM_CIPHER_MODE_MASK - Bit definitions + */ +/*! @{ */ +#define SCM_DECRYPT_MODE 0x1 /*!< decrypt from black to red memory */ +#define SCM_ENCRYPT_MODE 0x0 /*!< encrypt from red to black memory */ +/*! @} */ + +/*! + * @defgroup scmstatusregdefs SCM Status Register (SCM_STATUS). + * Bit and field definitions of the SCM_STATUS register. + */ +/*! @addtogroup scmstatusregdefs */ +/*! @{ */ +/*! These bits are zero or reserved */ +#define SCM_STATUS_ZEROS_MASK 0xffffe000 +/*! Ciphering failed due to length error. */ +#define SCM_STATUS_LENGTH_ERROR 0x1000 +/*! SMN has stopped blocking access to the SCM */ +#define SCM_STATUS_BLOCK_ACCESS_REMOVED 0x0800 +/*! Ciphering done. */ +#define SCM_STATUS_CIPHERING_DONE 0x0400 +/*! Zeroizing done. */ +#define SCM_STATUS_ZEROIZING_DONE 0x0200 +/*! SCM wants attention. Interrupt status is available. */ +#define SCM_STATUS_INTERRUPT_STATUS 0x0100 +/*! Secret Key is in use. */ +#define SCM_STATUS_SECRET_KEY 0x0080 +/*! Secret Key is in use. Deprecated. Use #SCM_STATUS_SECRET_KEY. */ +#define SCM_STATUS_DEFAULT_KEY 0x0080 +/*! Internal error to SCM. */ +#define SCM_STATUS_INTERNAL_ERROR 0x0040 +/*! Secret key is not valid. */ +#define SCM_STATUS_BAD_SECRET_KEY 0x0020 +/*! Failed to zeroize memory. */ +#define SCM_STATUS_ZEROIZE_FAILED 0x0010 +/*! SMN is blocking access to Secure Memory. */ +#define SCM_STATUS_SMN_BLOCKING_ACCESS 0x0008 +/*! SCM is current encrypting or decrypting data. */ +#define SCM_STATUS_CIPHERING 0x0004 +/*! SCM is currently zeroizing data. */ +#define SCM_STATUS_ZEROIZING 0x0002 +/*! SCM is busy and access to memory is blocked. */ +#define SCM_STATUS_BUSY 0x0001 +/*! @} */ + +/*! + * @defgroup scmerrstatdefs SCM Error Status Register (SCM_ERROR_STATUS) + * + * These definitions are associated with the SCM Error Status Register + * (SCM_ERROR_STATUS). + */ +/*! @addtogroup scmerrstatdefs */ +/*! @{ */ +/*! These bits are zero or reserved */ +#define SCM_ERR_ZEROS_MASK 0xffffc000 +/*! Cacheable access to SCM was attempted */ +#define SCM_ERR_CACHEABLE_ACCESS 0x2000 +/*! Access attempted by illegal bus master */ +#define SCM_ERR_ILLEGAL_MASTER 0x1000 +/*! Unaligned access attempted */ +#define SCM_ERR_UNALIGNED_ACCESS 0x0800 +/*! Byte or half-word access attempted */ +#define SCM_ERR_BYTE_ACCESS 0x0400 +/*! Illegal address attempted */ +#define SCM_ERR_ILLEGAL_ADDRESS 0x0200 +/*! User access attempted */ +#define SCM_ERR_USER_ACCESS 0x0100 +/*! Access attempted while SCM was using default key */ +#define SCM_ERR_SECRET_KEY_IN_USE 0x0080 +/*! Access attempted while SCM had internal error */ +#define SCM_ERR_INTERNAL_ERROR 0x0040 +/*! Access attempted while SCM was detecting Bad Key */ +#define SCM_ERR_BAD_SECRET_KEY 0x0020 +/*! The SCM failed to Zeroize memory */ +#define SCM_ERR_ZEROIZE_FAILED 0x0010 +/*! Access attempted while SMN was Blocking Access */ +#define SCM_ERR_SMN_BLOCKING_ACCESS 0x0008 +/*! Access attempted while SCM was CIPHERING */ +#define SCM_ERR_CIPHERING 0x0004 +/*! Access attempted while SCM was ZEROIZING */ +#define SCM_ERR_ZEROIZING 0x0002 +/*! Access attempted while SCM was BUSY */ +#define SCM_ERR_BUSY 0x0001 +/*! @} */ + +/*! + * @defgroup smndbgdetdefs SMN Debug Detector Status Register + * (SCM_DEBUG_DETECT_STAT) + */ +/*! @addtogroup smndbgdetdefs */ +/*! @{ */ +#define SMN_DBG_ZEROS_MASK 0xfffff000 /*!< These bits are zero or reserved */ +#define SMN_DBG_D12 0x0800 /*!< Error detected on Debug Port D12 */ +#define SMN_DBG_D11 0x0400 /*!< Error detected on Debug Port D11 */ +#define SMN_DBG_D10 0x0200 /*!< Error detected on Debug Port D10 */ +#define SMN_DBG_D9 0x0100 /*!< Error detected on Debug Port D9 */ +#define SMN_DBG_D8 0x0080 /*!< Error detected on Debug Port D8 */ +#define SMN_DBG_D7 0x0040 /*!< Error detected on Debug Port D7 */ +#define SMN_DBG_D6 0x0020 /*!< Error detected on Debug Port D6 */ +#define SMN_DBG_D5 0x0010 /*!< Error detected on Debug Port D5 */ +#define SMN_DBG_D4 0x0008 /*!< Error detected on Debug Port D4 */ +#define SMN_DBG_D3 0x0004 /*!< Error detected on Debug Port D3 */ +#define SMN_DBG_D2 0x0002 /*!< Error detected on Debug Port D2 */ +#define SMN_DBG_D1 0x0001 /*!< Error detected on Debug Port D1 */ +/*! @} */ + +/*! Mask for the usable bits of the Sequence Start Register + (#SMN_SEQUENCE_START) */ +#define SMN_SEQUENCE_START_MASK 0x0000ffff + +/*! Mask for the usable bits of the Sequence End Register + (#SMN_SEQUENCE_END) */ +#define SMN_SEQUENCE_END_MASK 0x0000ffff + +/*! Mask for the usable bits of the Sequence Check Register + (#SMN_SEQUENCE_CHECK) */ +#define SMN_SEQUENCE_CHECK_MASK 0x0000ffff + +/*! Mask for the usable bits of the Bit Counter Register + (#SMN_BIT_COUNT) */ +#define SMN_BIT_COUNT_MASK 0x000007ff + +/*! Mask for the usable bits of the Bit Bank Increment Size Register + (#SMN_BITBANK_INC_SIZE) */ +#define SMN_BITBANK_INC_SIZE_MASK 0x000007ff + +/*! Mask for the usable bits of the Bit Bank Decrement Register + (#SMN_BITBANK_DECREMENT) */ +#define SMN_BITBANK_DECREMENT_MASK 0x000007ff + +/*! Mask for the usable bits of the Compare Size Register + (#SMN_COMPARE_SIZE) */ +#define SMN_COMPARE_SIZE_MASK 0x0000003f + +/* Close out marker for C++ compilers */ +#ifdef __cplusplus +} +#endif +#endif /* __ASM_ARCH_MXC_SCC_DRIVER_H__ */ |