From patchwork Mon Mar 8 05:44:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Manivannan Sadhasivam X-Patchwork-Id: 395569 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5692FC43381 for ; Mon, 8 Mar 2021 05:46:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 14C60651F1 for ; Mon, 8 Mar 2021 05:46:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234625AbhCHFp1 (ORCPT ); Mon, 8 Mar 2021 00:45:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234615AbhCHFpO (ORCPT ); Mon, 8 Mar 2021 00:45:14 -0500 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A7EBC061760 for ; Sun, 7 Mar 2021 21:45:14 -0800 (PST) Received: by mail-pg1-x529.google.com with SMTP id o10so5725802pgg.4 for ; Sun, 07 Mar 2021 21:45:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=0vZpb9y8MutMaka6YLswZQUFtbMSrJ0Y46Hxti/8tHM=; b=BJ/nj+3l8mDnLcnBxLlfarOq64qe5GCTAGyv452RcjzDzQpB4tYWS6+XYTFp1wDjLg iekeoQ8giTKMDsFCXfSNVD0QgoGyu/K42d7mJXVvz2aZnWHm/gNU14zW/Y3R7m5YsN3h fd7WoXMP/NspTSfDlYrON5Hdlbrys7rnjkhYIunH2u2usjqGZ3LVdW0ymxcqrvobyp93 UvbWKUzzalTAkVeIqkca95kXND+bReJeQoPRoLuOgzOD2pqaupg7xO76WXBfkXBWfOsj LEIpVyb42vMZL1lLkvnY0ikFcr64g4HTqfIZseiRA1pZfYXuyiUcX6jbIpEDNbTM5rL6 NjSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=0vZpb9y8MutMaka6YLswZQUFtbMSrJ0Y46Hxti/8tHM=; b=D4tTxAO89mm/6eRN9FtieqO9CnPSsltW/wlVD2qUZkvY1WIoqrWA1Y/xR4nggRHjYo E+CZJ2eWQALkWGvXGaSuglx5C10k2H/1aeV1V+UIo1ZHyfCzNXwcuus6oLPD6lLbrHpW GjWiTzE3vHMmSTLyI904IzP9UqaxL/6Lj2m/Yk8RFBTFSb90Qfs2zAF5E2DH0SapVQtJ k4m9jJ1D4H4+T0KN1FxqLx3gkB89X/eXSqT8htw73LxsCIZDvdqDe4pSwI9RXP+hBj0v RRw4x08I6TlxP/E1We9nA52IK9v+aXwnTF5CEtkmNoAMwr4oRO6cot9M7L8sPXBtPyQY qf/g== X-Gm-Message-State: AOAM531mvO5nGOdSGKyLIbRIWydUoy25D5F2dBumXKR/YKyOoK3luQo7 H+tzDEMpF82iJnEhrcdQUcMf X-Google-Smtp-Source: ABdhPJzu4JCu5Md6ryj1ZYan4yE9jY/7uorHkfnhX/Zx7RM8Yyi0ijeyH/Uqm+yzonvi8XTt8PV6Fw== X-Received: by 2002:a05:6a00:1493:b029:1ef:a5e:ae7 with SMTP id v19-20020a056a001493b02901ef0a5e0ae7mr20047950pfu.61.1615182313824; Sun, 07 Mar 2021 21:45:13 -0800 (PST) Received: from localhost.localdomain ([2409:4072:6e84:fef9:1070:d306:6d0e:bf6b]) by smtp.gmail.com with ESMTPSA id y29sm4331506pfp.206.2021.03.07.21.45.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 07 Mar 2021 21:45:13 -0800 (PST) From: Manivannan Sadhasivam To: miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com, robh+dt@kernel.org Cc: linux-arm-msm@vger.kernel.org, devicetree@vger.kernel.org, linux-mtd@lists.infradead.org, linux-kernel@vger.kernel.org, boris.brezillon@collabora.com, Daniele.Palmas@telit.com, bjorn.andersson@linaro.org, Manivannan Sadhasivam Subject: [PATCH v4 2/3] dt-bindings: mtd: Add a property to declare secure regions in NAND chips Date: Mon, 8 Mar 2021 11:14:46 +0530 Message-Id: <20210308054447.28418-3-manivannan.sadhasivam@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210308054447.28418-1-manivannan.sadhasivam@linaro.org> References: <20210308054447.28418-1-manivannan.sadhasivam@linaro.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-arm-msm@vger.kernel.org On a typical end product, a vendor may choose to secure some regions in the NAND memory which are supposed to stay intact between FW upgrades. The access to those regions will be blocked by a secure element like Trustzone. So the normal world software like Linux kernel should not touch these regions (including reading). So let's add a property for declaring such secure regions so that the drivers can skip touching them. Signed-off-by: Manivannan Sadhasivam --- Documentation/devicetree/bindings/mtd/nand-controller.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Documentation/devicetree/bindings/mtd/nand-controller.yaml b/Documentation/devicetree/bindings/mtd/nand-controller.yaml index d0e422f4b3e0..15a674bedca3 100644 --- a/Documentation/devicetree/bindings/mtd/nand-controller.yaml +++ b/Documentation/devicetree/bindings/mtd/nand-controller.yaml @@ -143,6 +143,13 @@ patternProperties: Ready/Busy pins. Active state refers to the NAND ready state and should be set to GPIOD_ACTIVE_HIGH unless the signal is inverted. + secure-regions: + $ref: /schemas/types.yaml#/definitions/uint32-matrix + description: + Regions in the NAND chip which are protected using a secure element + like Trustzone. This property contains the start address and size of + the secure regions present. + required: - reg From patchwork Mon Mar 8 05:44:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Manivannan Sadhasivam X-Patchwork-Id: 395570 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5271FC433E9 for ; Mon, 8 Mar 2021 05:46:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 23103651EE for ; Mon, 8 Mar 2021 05:46:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234607AbhCHFp1 (ORCPT ); Mon, 8 Mar 2021 00:45:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56818 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234617AbhCHFpW (ORCPT ); Mon, 8 Mar 2021 00:45:22 -0500 Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C1E6C061760 for ; Sun, 7 Mar 2021 21:45:22 -0800 (PST) Received: by mail-pj1-x102b.google.com with SMTP id kx1so2402034pjb.3 for ; Sun, 07 Mar 2021 21:45:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=CKfXA4DMfTR++O8eVm8Qy2CjPVyIzCtorOINkgAd8zQ=; b=qtNe7skTOZCl/HAWrplXkqfCuqoipUM1zBUhn4J/ju39z6M6o54BBdrFrTcPoxbEvA igtfJ+H7kRENdIl2PreWOajeae1i4hM+5V6x17GxWusJiF+BeNTvAz3IfyW7ilSYh80b T5gvWfKUg7rP165PPG8pLoMQZVUvqInHM+2grfzxdLiJ8K+6Mp/hHI1WWBb3Lmr+FWPC 3t3vWcu7oJGuB/OrWi6k9NY98zKyKmocleVWFY3dlKN879/xrHgWQE0pdAftCZpmYPIn Wg8QLJLWvRmAhGKgQMDmk1dllSGBY7y84uaOux3/6jZAOknJUFGSju9L4jR0U4zBJyzF nfQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=CKfXA4DMfTR++O8eVm8Qy2CjPVyIzCtorOINkgAd8zQ=; b=UJQtY5Y3aYA9wS41QIw5px6qlhUqnhuvXeYMo5C/h3qkgcyuWSF8YjtTM4WK/T45D0 O+eL2tx/NCxNMKMaCoTqRyoM3hQ3jAFKs/y7UJQDLt4LUJLCxhRvUFiWHJZovD6jgPY0 lo9K+zJlmMpm6dqoJGJi506CTyneMFvXBhT5P+vWC+8mretN1Bz9nR0OZIpNTvNss8Pe UbQnmAOOJoH/Ib6XHs81u6fbet1jEZVce8XnhYRiOR2qK6oZCmfBM6r2pi+4pBfZcFgw dH/ZZ6mYOm8EoSnxWmnR3t3fHncoMZherPM+p7Ar/aKLmtm82pXMfSzdmnhIOlqFxVi4 2x8g== X-Gm-Message-State: AOAM530YLoWKU2Zazito1DEyVRhvFOyUVnq0oJ13C85DXA48IvL2sgyJ eKSmJOC++UWZ2qdcfu4y3+Lk X-Google-Smtp-Source: ABdhPJy3s2EW2HDu8TBo426fJHK+00ides4OrOK/T4EBL31MtALIkZKuPAX37x6aGfIF5/4NvfswRQ== X-Received: by 2002:a17:90a:31cf:: with SMTP id j15mr22329179pjf.41.1615182321795; Sun, 07 Mar 2021 21:45:21 -0800 (PST) Received: from localhost.localdomain ([2409:4072:6e84:fef9:1070:d306:6d0e:bf6b]) by smtp.gmail.com with ESMTPSA id y29sm4331506pfp.206.2021.03.07.21.45.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 07 Mar 2021 21:45:21 -0800 (PST) From: Manivannan Sadhasivam To: miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com, robh+dt@kernel.org Cc: linux-arm-msm@vger.kernel.org, devicetree@vger.kernel.org, linux-mtd@lists.infradead.org, linux-kernel@vger.kernel.org, boris.brezillon@collabora.com, Daniele.Palmas@telit.com, bjorn.andersson@linaro.org, Manivannan Sadhasivam Subject: [PATCH v4 3/3] mtd: rawnand: qcom: Add support for secure regions in NAND memory Date: Mon, 8 Mar 2021 11:14:47 +0530 Message-Id: <20210308054447.28418-4-manivannan.sadhasivam@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210308054447.28418-1-manivannan.sadhasivam@linaro.org> References: <20210308054447.28418-1-manivannan.sadhasivam@linaro.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-arm-msm@vger.kernel.org On a typical end product, a vendor may choose to secure some regions in the NAND memory which are supposed to stay intact between FW upgrades. The access to those regions will be blocked by a secure element like Trustzone. So the normal world software like Linux kernel should not touch these regions (including reading). The regions are declared using a NAND chip DT property, "secure-regions". So let's make use of this property and skip access to the secure regions present in a system. Signed-off-by: Manivannan Sadhasivam --- drivers/mtd/nand/raw/qcom_nandc.c | 72 +++++++++++++++++++++++++++---- 1 file changed, 63 insertions(+), 9 deletions(-) diff --git a/drivers/mtd/nand/raw/qcom_nandc.c b/drivers/mtd/nand/raw/qcom_nandc.c index 87c23bb320bf..8027f7cb32be 100644 --- a/drivers/mtd/nand/raw/qcom_nandc.c +++ b/drivers/mtd/nand/raw/qcom_nandc.c @@ -431,6 +431,11 @@ struct qcom_nand_controller { * @cfg0, cfg1, cfg0_raw..: NANDc register configurations needed for * ecc/non-ecc mode for the current nand flash * device + * + * @sec_regions: Array representing the secure regions in the + * NAND chip + * + * @nr_sec_regions: Number of secure regions in the NAND chip */ struct qcom_nand_host { struct nand_chip chip; @@ -453,6 +458,9 @@ struct qcom_nand_host { u32 ecc_bch_cfg; u32 clrflashstatus; u32 clrreadstatus; + + u32 *sec_regions; + u8 nr_sec_regions; }; /* @@ -662,16 +670,27 @@ static void nandc_set_reg(struct qcom_nand_controller *nandc, int offset, } /* helper to configure address register values */ -static void set_address(struct qcom_nand_host *host, u16 column, int page) +static int set_address(struct qcom_nand_host *host, u16 column, int page) { struct nand_chip *chip = &host->chip; struct qcom_nand_controller *nandc = get_qcom_nand_controller(chip); + u32 offs = page << chip->page_shift; + int i, j; + + /* Skip touching the secure regions if present */ + for (i = 0, j = 0; i < host->nr_sec_regions; i++, j += 2) { + if (offs >= host->sec_regions[j] && + (offs <= host->sec_regions[j] + host->sec_regions[j + 1])) + return -EIO; + } if (chip->options & NAND_BUSWIDTH_16) column >>= 1; nandc_set_reg(nandc, NAND_ADDR0, page << 16 | column); nandc_set_reg(nandc, NAND_ADDR1, page >> 16 & 0xff); + + return 0; } /* @@ -1491,13 +1510,13 @@ static void qcom_nandc_command(struct nand_chip *chip, unsigned int command, WARN_ON(column != 0); host->use_ecc = true; - set_address(host, 0, page_addr); + ret = set_address(host, 0, page_addr); update_rw_regs(host, ecc->steps, true); break; case NAND_CMD_SEQIN: WARN_ON(column != 0); - set_address(host, 0, page_addr); + ret = set_address(host, 0, page_addr); break; case NAND_CMD_PAGEPROG: @@ -1615,7 +1634,10 @@ qcom_nandc_read_cw_raw(struct mtd_info *mtd, struct nand_chip *chip, host->use_ecc = false; clear_bam_transaction(nandc); - set_address(host, host->cw_size * cw, page); + ret = set_address(host, host->cw_size * cw, page); + if (ret) + return ret; + update_rw_regs(host, 1, true); config_nand_page_read(nandc); @@ -1943,7 +1965,10 @@ static int copy_last_cw(struct qcom_nand_host *host, int page) /* prepare a clean read buffer */ memset(nandc->data_buffer, 0xff, size); - set_address(host, host->cw_size * (ecc->steps - 1), page); + ret = set_address(host, host->cw_size * (ecc->steps - 1), page); + if (ret) + return ret; + update_rw_regs(host, 1, true); config_nand_single_cw_page_read(nandc, host->use_ecc); @@ -2005,12 +2030,16 @@ static int qcom_nandc_read_oob(struct nand_chip *chip, int page) struct qcom_nand_host *host = to_qcom_nand_host(chip); struct qcom_nand_controller *nandc = get_qcom_nand_controller(chip); struct nand_ecc_ctrl *ecc = &chip->ecc; + int ret; clear_read_regs(nandc); clear_bam_transaction(nandc); host->use_ecc = true; - set_address(host, 0, page); + ret = set_address(host, 0, page); + if (ret) + return ret; + update_rw_regs(host, ecc->steps, true); return read_page_ecc(host, NULL, chip->oob_poi, page); @@ -2188,7 +2217,10 @@ static int qcom_nandc_write_oob(struct nand_chip *chip, int page) mtd_ooblayout_get_databytes(mtd, nandc->data_buffer + data_size, oob, 0, mtd->oobavail); - set_address(host, host->cw_size * (ecc->steps - 1), page); + ret = set_address(host, host->cw_size * (ecc->steps - 1), page); + if (ret) + return ret; + update_rw_regs(host, 1, false); config_nand_page_write(nandc); @@ -2267,7 +2299,10 @@ static int qcom_nandc_block_markbad(struct nand_chip *chip, loff_t ofs) /* prepare write */ host->use_ecc = false; - set_address(host, host->cw_size * (ecc->steps - 1), page); + ret = set_address(host, host->cw_size * (ecc->steps - 1), page); + if (ret) + return ret; + update_rw_regs(host, 1, false); config_nand_page_write(nandc); @@ -2830,7 +2865,8 @@ static int qcom_nand_host_init_and_register(struct qcom_nand_controller *nandc, struct nand_chip *chip = &host->chip; struct mtd_info *mtd = nand_to_mtd(chip); struct device *dev = nandc->dev; - int ret; + struct property *prop; + int ret, length, nr_elem; ret = of_property_read_u32(dn, "reg", &host->cs); if (ret) { @@ -2872,6 +2908,24 @@ static int qcom_nand_host_init_and_register(struct qcom_nand_controller *nandc, /* set up initial status value */ host->status = NAND_STATUS_READY | NAND_STATUS_WP; + /* + * Look for secure regions in the NAND chip. These regions are supposed + * to be protected by a secure element like Trustzone. So the read/write + * accesses to these regions will be blocked in the runtime by this + * driver. + */ + prop = of_find_property(dn, "secure-regions", &length); + if (prop) { + nr_elem = length / sizeof(u32); + host->nr_sec_regions = nr_elem / 2; + + host->sec_regions = devm_kcalloc(dev, nr_elem, sizeof(u32), GFP_KERNEL); + if (!host->sec_regions) + return -ENOMEM; + + of_property_read_u32_array(dn, "secure-regions", host->sec_regions, nr_elem); + } + ret = nand_scan(chip, 1); if (ret) return ret;