mbox series

[v3,0/5] Add Tegra Security Engine driver

Message ID 20240109091708.66977-1-akhilrajeev@nvidia.com
Headers show
Series Add Tegra Security Engine driver | expand

Message

Akhil R Jan. 9, 2024, 9:17 a.m. UTC 
Add support for Tegra Security Engine which can accelerates various
crypto algorithms. The Engine has two separate instances within for
AES and HASH algorithms respectively.

The driver registers two crypto engines - one for AES and another for
HASH algorithms and these operate independently and both uses the host1x
bus. Additionally, it provides  hardware-assisted key protection for up to
15 symmetric keys which it can use for the cipher operations.

v2->v3:
* Update compatible in driver and device trees.
* Remove extra new lines and symbols in binding doc.
v1->v2:
* Update probe errors with 'dev_err_probe'.
* Clean up function prototypes and redundant prints.
* Remove readl/writel wrappers.
* Fix test bot warnings.

Akhil R (5):
  dt-bindings: crypto: Add Tegra Security Engine
  gpu: host1x: Add Tegra SE to SID table
  crypto: tegra: Add Tegra Security Engine driver
  arm64: defconfig: Enable Tegra Security Engine
  arm64: tegra: Add Tegra Security Engine DT nodes

 .../crypto/nvidia,tegra234-se-aes.yaml        |   53 +
 .../crypto/nvidia,tegra234-se-hash.yaml       |   53 +
 MAINTAINERS                                   |    5 +
 arch/arm64/boot/dts/nvidia/tegra234.dtsi      |   16 +
 arch/arm64/configs/defconfig                  |    1 +
 drivers/crypto/Kconfig                        |    8 +
 drivers/crypto/Makefile                       |    1 +
 drivers/crypto/tegra/Makefile                 |    9 +
 drivers/crypto/tegra/tegra-se-aes.c           | 1932 +++++++++++++++++
 drivers/crypto/tegra/tegra-se-hash.c          | 1022 +++++++++
 drivers/crypto/tegra/tegra-se-key.c           |  155 ++
 drivers/crypto/tegra/tegra-se-main.c          |  439 ++++
 drivers/crypto/tegra/tegra-se.h               |  569 +++++
 drivers/gpu/host1x/dev.c                      |   24 +
 14 files changed, 4287 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-aes.yaml
 create mode 100644 Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-hash.yaml
 create mode 100644 drivers/crypto/tegra/Makefile
 create mode 100644 drivers/crypto/tegra/tegra-se-aes.c
 create mode 100644 drivers/crypto/tegra/tegra-se-hash.c
 create mode 100644 drivers/crypto/tegra/tegra-se-key.c
 create mode 100644 drivers/crypto/tegra/tegra-se-main.c
 create mode 100644 drivers/crypto/tegra/tegra-se.h

Comments

Akhil R Jan. 11, 2024, 12:03 p.m. UTC | #1 
> On 09/01/2024 10:17, Akhil R wrote:
> > Add DT binding document for Tegra Security Engine.
> > The AES and HASH algorithms are handled independently by separate
> > engines within the Security Engine. These engines are registered
> > as two separate crypto engine drivers.
> >
> 
> ...
> 
> > +required:
> > +  - compatible
> > +  - reg
> > +  - clocks
> > +  - iommus
> > +
> > +additionalProperties: false
> > +
> > +examples:
> > +  - |
> > +    #include <dt-bindings/interrupt-controller/arm-gic.h>
> 
> This does not look used.
> 
> > +    #include <dt-bindings/memory/tegra234-mc.h>
> > +    #include <dt-bindings/clock/tegra234-clock.h>
> > +
> > +    crypto@15820000 {
> > +        compatible = "nvidia,tegra234-se-aes";
> > +        reg = <0x15820000 0x10000>;
> > +        clocks = <&bpmp TEGRA234_CLK_SE>;
> > +        iommus = <&smmu TEGRA234_SID_SES_SE1>;
> > +        dma-coherent;
> > +    };
> > +...
> > diff --git a/Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-
> hash.yaml b/Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-
> hash.yaml
> > new file mode 100644
> > index 000000000000..7fb32568756d
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-
> hash.yaml
> > @@ -0,0 +1,53 @@
> > +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> > +%YAML 1.2
> > +---
> > +$id: http://devicetree.org/schemas/crypto/nvidia,tegra234-se-hash.yaml#
> > +$schema: http://devicetree.org/meta-schemas/core.yaml#
> > +
> > +title: NVIDIA Tegra Security Engine for HASH algorithms
> > +
> > +description:
> > +  The Tegra Security HASH Engine accelerates the following HASH functions -
> > +  SHA1, SHA224, SHA256, SHA384, SHA512, SHA3-224, SHA3-256, SHA3-384,
> SHA3-512
> > +  HMAC(SHA224), HMAC(SHA256), HMAC(SHA384), HMAC(SHA512)
> > +
> > +maintainers:
> > +  - Akhil R <akhilrajeev@nvidia.com>
> > +
> > +properties:
> > +  compatible:
> > +    const: nvidia,tegra234-se-hash
> > +
> > +  reg:
> > +    maxItems: 1
> > +
> > +  clocks:
> > +    maxItems: 1
> > +
> > +  iommus:
> > +    maxItems: 1
> > +
> > +  dma-coherent: true
> > +
> > +required:
> > +  - compatible
> > +  - reg
> > +  - clocks
> > +  - iommus
> > +
> > +additionalProperties: false
> > +
> > +examples:
> > +  - |
> > +    #include <dt-bindings/interrupt-controller/arm-gic.h>
> 
> This does not look used.
> 
> > +    #include <dt-bindings/memory/tegra234-mc.h>
> > +    #include <dt-bindings/clock/tegra234-clock.h>
> > +
> 
> With both above fixed:
> 
> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
> 
> 
> ---
> 
> This is an automated instruction, just in case, because many review tags
> are being ignored. If you know the process, you can skip it (please do
> not feel offended by me posting it here - no bad intentions intended).
> If you do not know the process, here is a short explanation:
> 
> Please add Acked-by/Reviewed-by/Tested-by tags when posting new
> versions, under or above your Signed-off-by tag. Tag is "received", when
> provided in a message replied to you on the mailing list. Tools like b4
> can help here. However, there's no need to repost patches *only* to add
> the tags. The upstream maintainer will do that for tags received on the
> version they apply.
> 
> https://elixir.bootlin.com/linux/v6.5-
> rc3/source/Documentation/process/submitting-patches.rst#L577
> 

Thanks. Noted. Will update them.

Best Regards,
Akhil