1*fac71e4eSEmmanuel Vadot# SPDX-License-Identifier: GPL-2.0 2*fac71e4eSEmmanuel Vadot# Copyright (C) 2008-2011 Freescale Semiconductor Inc. 3*fac71e4eSEmmanuel Vadot%YAML 1.2 4*fac71e4eSEmmanuel Vadot--- 5*fac71e4eSEmmanuel Vadot$id: http://devicetree.org/schemas/crypto/fsl,sec-v4.0.yaml# 6*fac71e4eSEmmanuel Vadot$schema: http://devicetree.org/meta-schemas/core.yaml# 7*fac71e4eSEmmanuel Vadot 8*fac71e4eSEmmanuel Vadottitle: Freescale SEC 4 9*fac71e4eSEmmanuel Vadot 10*fac71e4eSEmmanuel Vadotmaintainers: 11*fac71e4eSEmmanuel Vadot - '"Horia Geantă" <horia.geanta@nxp.com>' 12*fac71e4eSEmmanuel Vadot - Pankaj Gupta <pankaj.gupta@nxp.com> 13*fac71e4eSEmmanuel Vadot - Gaurav Jain <gaurav.jain@nxp.com> 14*fac71e4eSEmmanuel Vadot 15*fac71e4eSEmmanuel Vadotdescription: | 16*fac71e4eSEmmanuel Vadot NOTE: the SEC 4 is also known as Freescale's Cryptographic Accelerator 17*fac71e4eSEmmanuel Vadot Accelerator and Assurance Module (CAAM). 18*fac71e4eSEmmanuel Vadot 19*fac71e4eSEmmanuel Vadot SEC 4 h/w can process requests from 2 types of sources. 20*fac71e4eSEmmanuel Vadot 1. DPAA Queue Interface (HW interface between Queue Manager & SEC 4). 21*fac71e4eSEmmanuel Vadot 2. Job Rings (HW interface between cores & SEC 4 registers). 22*fac71e4eSEmmanuel Vadot 23*fac71e4eSEmmanuel Vadot High Speed Data Path Configuration: 24*fac71e4eSEmmanuel Vadot 25*fac71e4eSEmmanuel Vadot HW interface between QM & SEC 4 and also BM & SEC 4, on DPAA-enabled parts 26*fac71e4eSEmmanuel Vadot such as the P4080. The number of simultaneous dequeues the QI can make is 27*fac71e4eSEmmanuel Vadot equal to the number of Descriptor Controller (DECO) engines in a particular 28*fac71e4eSEmmanuel Vadot SEC version. E.g., the SEC 4.0 in the P4080 has 5 DECOs and can thus 29*fac71e4eSEmmanuel Vadot dequeue from 5 subportals simultaneously. 30*fac71e4eSEmmanuel Vadot 31*fac71e4eSEmmanuel Vadot Job Ring Data Path Configuration: 32*fac71e4eSEmmanuel Vadot 33*fac71e4eSEmmanuel Vadot Each JR is located on a separate 4k page, they may (or may not) be made visible 34*fac71e4eSEmmanuel Vadot in the memory partition devoted to a particular core. The P4080 has 4 JRs, so 35*fac71e4eSEmmanuel Vadot up to 4 JRs can be configured; and all 4 JRs process requests in parallel. 36*fac71e4eSEmmanuel Vadot 37*fac71e4eSEmmanuel Vadotproperties: 38*fac71e4eSEmmanuel Vadot compatible: 39*fac71e4eSEmmanuel Vadot oneOf: 40*fac71e4eSEmmanuel Vadot - items: 41*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4 42*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0 43*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 44*fac71e4eSEmmanuel Vadot - items: 45*fac71e4eSEmmanuel Vadot - enum: 46*fac71e4eSEmmanuel Vadot - fsl,imx6ul-caam 47*fac71e4eSEmmanuel Vadot - fsl,sec-v5.0 48*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 49*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 50*fac71e4eSEmmanuel Vadot 51*fac71e4eSEmmanuel Vadot reg: 52*fac71e4eSEmmanuel Vadot maxItems: 1 53*fac71e4eSEmmanuel Vadot 54*fac71e4eSEmmanuel Vadot ranges: 55*fac71e4eSEmmanuel Vadot maxItems: 1 56*fac71e4eSEmmanuel Vadot 57*fac71e4eSEmmanuel Vadot '#address-cells': 58*fac71e4eSEmmanuel Vadot enum: [1, 2] 59*fac71e4eSEmmanuel Vadot 60*fac71e4eSEmmanuel Vadot '#size-cells': 61*fac71e4eSEmmanuel Vadot enum: [1, 2] 62*fac71e4eSEmmanuel Vadot 63*fac71e4eSEmmanuel Vadot clocks: 64*fac71e4eSEmmanuel Vadot minItems: 1 65*fac71e4eSEmmanuel Vadot maxItems: 4 66*fac71e4eSEmmanuel Vadot 67*fac71e4eSEmmanuel Vadot clock-names: 68*fac71e4eSEmmanuel Vadot minItems: 1 69*fac71e4eSEmmanuel Vadot maxItems: 4 70*fac71e4eSEmmanuel Vadot items: 71*fac71e4eSEmmanuel Vadot enum: [mem, aclk, ipg, emi_slow] 72*fac71e4eSEmmanuel Vadot 73*fac71e4eSEmmanuel Vadot dma-coherent: true 74*fac71e4eSEmmanuel Vadot 75*fac71e4eSEmmanuel Vadot interrupts: 76*fac71e4eSEmmanuel Vadot maxItems: 1 77*fac71e4eSEmmanuel Vadot 78*fac71e4eSEmmanuel Vadot fsl,sec-era: 79*fac71e4eSEmmanuel Vadot description: Defines the 'ERA' of the SEC device. 80*fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 81*fac71e4eSEmmanuel Vadot 82*fac71e4eSEmmanuel VadotpatternProperties: 83*fac71e4eSEmmanuel Vadot '^jr@[0-9a-f]+$': 84*fac71e4eSEmmanuel Vadot type: object 85*fac71e4eSEmmanuel Vadot additionalProperties: false 86*fac71e4eSEmmanuel Vadot description: 87*fac71e4eSEmmanuel Vadot Job Ring (JR) Node. Defines data processing interface to SEC 4 across the 88*fac71e4eSEmmanuel Vadot peripheral bus for purposes of processing cryptographic descriptors. The 89*fac71e4eSEmmanuel Vadot specified address range can be made visible to one (or more) cores. The 90*fac71e4eSEmmanuel Vadot interrupt defined for this node is controlled within the address range of 91*fac71e4eSEmmanuel Vadot this node. 92*fac71e4eSEmmanuel Vadot 93*fac71e4eSEmmanuel Vadot properties: 94*fac71e4eSEmmanuel Vadot compatible: 95*fac71e4eSEmmanuel Vadot oneOf: 96*fac71e4eSEmmanuel Vadot - items: 97*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-job-ring 98*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-job-ring 99*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 100*fac71e4eSEmmanuel Vadot - items: 101*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-job-ring 102*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 103*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 104*fac71e4eSEmmanuel Vadot 105*fac71e4eSEmmanuel Vadot reg: 106*fac71e4eSEmmanuel Vadot maxItems: 1 107*fac71e4eSEmmanuel Vadot 108*fac71e4eSEmmanuel Vadot interrupts: 109*fac71e4eSEmmanuel Vadot maxItems: 1 110*fac71e4eSEmmanuel Vadot 111*fac71e4eSEmmanuel Vadot fsl,liodn: 112*fac71e4eSEmmanuel Vadot description: 113*fac71e4eSEmmanuel Vadot Specifies the LIODN to be used in conjunction with the ppid-to-liodn 114*fac71e4eSEmmanuel Vadot table that specifies the PPID to LIODN mapping. Needed if the PAMU is 115*fac71e4eSEmmanuel Vadot used. Value is a 12 bit value where value is a LIODN ID for this JR. 116*fac71e4eSEmmanuel Vadot This property is normally set by boot firmware. 117*fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 118*fac71e4eSEmmanuel Vadot maximum: 0xfff 119*fac71e4eSEmmanuel Vadot 120*fac71e4eSEmmanuel Vadot '^rtic@[0-9a-f]+$': 121*fac71e4eSEmmanuel Vadot type: object 122*fac71e4eSEmmanuel Vadot additionalProperties: false 123*fac71e4eSEmmanuel Vadot description: 124*fac71e4eSEmmanuel Vadot Run Time Integrity Check (RTIC) Node. Defines a register space that 125*fac71e4eSEmmanuel Vadot contains up to 5 sets of addresses and their lengths (sizes) that will be 126*fac71e4eSEmmanuel Vadot checked at run time. After an initial hash result is calculated, these 127*fac71e4eSEmmanuel Vadot addresses are checked by HW to monitor any change. If any memory is 128*fac71e4eSEmmanuel Vadot modified, a Security Violation is triggered (see SNVS definition). 129*fac71e4eSEmmanuel Vadot 130*fac71e4eSEmmanuel Vadot properties: 131*fac71e4eSEmmanuel Vadot compatible: 132*fac71e4eSEmmanuel Vadot oneOf: 133*fac71e4eSEmmanuel Vadot - items: 134*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-rtic 135*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-rtic 136*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic 137*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic 138*fac71e4eSEmmanuel Vadot 139*fac71e4eSEmmanuel Vadot reg: 140*fac71e4eSEmmanuel Vadot maxItems: 1 141*fac71e4eSEmmanuel Vadot 142*fac71e4eSEmmanuel Vadot ranges: 143*fac71e4eSEmmanuel Vadot maxItems: 1 144*fac71e4eSEmmanuel Vadot 145*fac71e4eSEmmanuel Vadot interrupts: 146*fac71e4eSEmmanuel Vadot maxItems: 1 147*fac71e4eSEmmanuel Vadot 148*fac71e4eSEmmanuel Vadot '#address-cells': 149*fac71e4eSEmmanuel Vadot const: 1 150*fac71e4eSEmmanuel Vadot 151*fac71e4eSEmmanuel Vadot '#size-cells': 152*fac71e4eSEmmanuel Vadot const: 1 153*fac71e4eSEmmanuel Vadot 154*fac71e4eSEmmanuel Vadot patternProperties: 155*fac71e4eSEmmanuel Vadot '^rtic-[a-z]@[0-9a-f]+$': 156*fac71e4eSEmmanuel Vadot type: object 157*fac71e4eSEmmanuel Vadot additionalProperties: false 158*fac71e4eSEmmanuel Vadot description: 159*fac71e4eSEmmanuel Vadot Run Time Integrity Check (RTIC) Memory Node defines individual RTIC 160*fac71e4eSEmmanuel Vadot memory regions that are used to perform run-time integrity check of 161*fac71e4eSEmmanuel Vadot memory areas that should not modified. The node defines a register 162*fac71e4eSEmmanuel Vadot that contains the memory address & length (combined) and a second 163*fac71e4eSEmmanuel Vadot register that contains the hash result in big endian format. 164*fac71e4eSEmmanuel Vadot 165*fac71e4eSEmmanuel Vadot properties: 166*fac71e4eSEmmanuel Vadot compatible: 167*fac71e4eSEmmanuel Vadot oneOf: 168*fac71e4eSEmmanuel Vadot - items: 169*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-rtic-memory 170*fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-rtic-memory 171*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic-memory 172*fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic-memory 173*fac71e4eSEmmanuel Vadot 174*fac71e4eSEmmanuel Vadot reg: 175*fac71e4eSEmmanuel Vadot items: 176*fac71e4eSEmmanuel Vadot - description: RTIC memory address 177*fac71e4eSEmmanuel Vadot - description: RTIC hash result 178*fac71e4eSEmmanuel Vadot 179*fac71e4eSEmmanuel Vadot fsl,liodn: 180*fac71e4eSEmmanuel Vadot description: 181*fac71e4eSEmmanuel Vadot Specifies the LIODN to be used in conjunction with the 182*fac71e4eSEmmanuel Vadot ppid-to-liodn table that specifies the PPID to LIODN mapping. 183*fac71e4eSEmmanuel Vadot Needed if the PAMU is used. Value is a 12 bit value where value 184*fac71e4eSEmmanuel Vadot is a LIODN ID for this JR. This property is normally set by boot 185*fac71e4eSEmmanuel Vadot firmware. 186*fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 187*fac71e4eSEmmanuel Vadot maximum: 0xfff 188*fac71e4eSEmmanuel Vadot 189*fac71e4eSEmmanuel Vadot fsl,rtic-region: 190*fac71e4eSEmmanuel Vadot description: 191*fac71e4eSEmmanuel Vadot Specifies the HW address (36 bit address) for this region 192*fac71e4eSEmmanuel Vadot followed by the length of the HW partition to be checked; 193*fac71e4eSEmmanuel Vadot the address is represented as a 64 bit quantity followed 194*fac71e4eSEmmanuel Vadot by a 32 bit length. 195*fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32-array 196*fac71e4eSEmmanuel Vadot 197*fac71e4eSEmmanuel Vadotrequired: 198*fac71e4eSEmmanuel Vadot - compatible 199*fac71e4eSEmmanuel Vadot - reg 200*fac71e4eSEmmanuel Vadot - ranges 201*fac71e4eSEmmanuel Vadot 202*fac71e4eSEmmanuel VadotadditionalProperties: false 203*fac71e4eSEmmanuel Vadot 204*fac71e4eSEmmanuel Vadotexamples: 205*fac71e4eSEmmanuel Vadot - | 206*fac71e4eSEmmanuel Vadot crypto@300000 { 207*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0"; 208*fac71e4eSEmmanuel Vadot #address-cells = <1>; 209*fac71e4eSEmmanuel Vadot #size-cells = <1>; 210*fac71e4eSEmmanuel Vadot reg = <0x300000 0x10000>; 211*fac71e4eSEmmanuel Vadot ranges = <0 0x300000 0x10000>; 212*fac71e4eSEmmanuel Vadot interrupts = <92 2>; 213*fac71e4eSEmmanuel Vadot 214*fac71e4eSEmmanuel Vadot jr@1000 { 215*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 216*fac71e4eSEmmanuel Vadot reg = <0x1000 0x1000>; 217*fac71e4eSEmmanuel Vadot interrupts = <88 2>; 218*fac71e4eSEmmanuel Vadot }; 219*fac71e4eSEmmanuel Vadot 220*fac71e4eSEmmanuel Vadot jr@2000 { 221*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 222*fac71e4eSEmmanuel Vadot reg = <0x2000 0x1000>; 223*fac71e4eSEmmanuel Vadot interrupts = <89 2>; 224*fac71e4eSEmmanuel Vadot }; 225*fac71e4eSEmmanuel Vadot 226*fac71e4eSEmmanuel Vadot jr@3000 { 227*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 228*fac71e4eSEmmanuel Vadot reg = <0x3000 0x1000>; 229*fac71e4eSEmmanuel Vadot interrupts = <90 2>; 230*fac71e4eSEmmanuel Vadot }; 231*fac71e4eSEmmanuel Vadot 232*fac71e4eSEmmanuel Vadot jr@4000 { 233*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 234*fac71e4eSEmmanuel Vadot reg = <0x4000 0x1000>; 235*fac71e4eSEmmanuel Vadot interrupts = <91 2>; 236*fac71e4eSEmmanuel Vadot }; 237*fac71e4eSEmmanuel Vadot 238*fac71e4eSEmmanuel Vadot rtic@6000 { 239*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic"; 240*fac71e4eSEmmanuel Vadot #address-cells = <1>; 241*fac71e4eSEmmanuel Vadot #size-cells = <1>; 242*fac71e4eSEmmanuel Vadot reg = <0x6000 0x100>; 243*fac71e4eSEmmanuel Vadot ranges = <0x0 0x6100 0xe00>; 244*fac71e4eSEmmanuel Vadot 245*fac71e4eSEmmanuel Vadot rtic-a@0 { 246*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 247*fac71e4eSEmmanuel Vadot reg = <0x00 0x20>, <0x100 0x80>; 248*fac71e4eSEmmanuel Vadot }; 249*fac71e4eSEmmanuel Vadot 250*fac71e4eSEmmanuel Vadot rtic-b@20 { 251*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 252*fac71e4eSEmmanuel Vadot reg = <0x20 0x20>, <0x200 0x80>; 253*fac71e4eSEmmanuel Vadot }; 254*fac71e4eSEmmanuel Vadot 255*fac71e4eSEmmanuel Vadot rtic-c@40 { 256*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 257*fac71e4eSEmmanuel Vadot reg = <0x40 0x20>, <0x300 0x80>; 258*fac71e4eSEmmanuel Vadot }; 259*fac71e4eSEmmanuel Vadot 260*fac71e4eSEmmanuel Vadot rtic-d@60 { 261*fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 262*fac71e4eSEmmanuel Vadot reg = <0x60 0x20>, <0x500 0x80>; 263*fac71e4eSEmmanuel Vadot }; 264*fac71e4eSEmmanuel Vadot }; 265*fac71e4eSEmmanuel Vadot }; 266*fac71e4eSEmmanuel Vadot... 267