1fac71e4eSEmmanuel Vadot# SPDX-License-Identifier: GPL-2.0 2fac71e4eSEmmanuel Vadot# Copyright (C) 2008-2011 Freescale Semiconductor Inc. 3fac71e4eSEmmanuel Vadot%YAML 1.2 4fac71e4eSEmmanuel Vadot--- 5fac71e4eSEmmanuel Vadot$id: http://devicetree.org/schemas/crypto/fsl,sec-v4.0.yaml# 6fac71e4eSEmmanuel Vadot$schema: http://devicetree.org/meta-schemas/core.yaml# 7fac71e4eSEmmanuel Vadot 8fac71e4eSEmmanuel Vadottitle: Freescale SEC 4 9fac71e4eSEmmanuel Vadot 10fac71e4eSEmmanuel Vadotmaintainers: 11fac71e4eSEmmanuel Vadot - '"Horia Geantă" <horia.geanta@nxp.com>' 12fac71e4eSEmmanuel Vadot - Pankaj Gupta <pankaj.gupta@nxp.com> 13fac71e4eSEmmanuel Vadot - Gaurav Jain <gaurav.jain@nxp.com> 14fac71e4eSEmmanuel Vadot 15fac71e4eSEmmanuel Vadotdescription: | 16fac71e4eSEmmanuel Vadot NOTE: the SEC 4 is also known as Freescale's Cryptographic Accelerator 17fac71e4eSEmmanuel Vadot Accelerator and Assurance Module (CAAM). 18fac71e4eSEmmanuel Vadot 19fac71e4eSEmmanuel Vadot SEC 4 h/w can process requests from 2 types of sources. 20fac71e4eSEmmanuel Vadot 1. DPAA Queue Interface (HW interface between Queue Manager & SEC 4). 21fac71e4eSEmmanuel Vadot 2. Job Rings (HW interface between cores & SEC 4 registers). 22fac71e4eSEmmanuel Vadot 23fac71e4eSEmmanuel Vadot High Speed Data Path Configuration: 24fac71e4eSEmmanuel Vadot 25fac71e4eSEmmanuel Vadot HW interface between QM & SEC 4 and also BM & SEC 4, on DPAA-enabled parts 26fac71e4eSEmmanuel Vadot such as the P4080. The number of simultaneous dequeues the QI can make is 27fac71e4eSEmmanuel Vadot equal to the number of Descriptor Controller (DECO) engines in a particular 28fac71e4eSEmmanuel Vadot SEC version. E.g., the SEC 4.0 in the P4080 has 5 DECOs and can thus 29fac71e4eSEmmanuel Vadot dequeue from 5 subportals simultaneously. 30fac71e4eSEmmanuel Vadot 31fac71e4eSEmmanuel Vadot Job Ring Data Path Configuration: 32fac71e4eSEmmanuel Vadot 33fac71e4eSEmmanuel Vadot Each JR is located on a separate 4k page, they may (or may not) be made visible 34fac71e4eSEmmanuel Vadot in the memory partition devoted to a particular core. The P4080 has 4 JRs, so 35fac71e4eSEmmanuel Vadot up to 4 JRs can be configured; and all 4 JRs process requests in parallel. 36fac71e4eSEmmanuel Vadot 37fac71e4eSEmmanuel Vadotproperties: 38fac71e4eSEmmanuel Vadot compatible: 39fac71e4eSEmmanuel Vadot oneOf: 40fac71e4eSEmmanuel Vadot - items: 41fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4 42fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0 43fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 44fac71e4eSEmmanuel Vadot - items: 45fac71e4eSEmmanuel Vadot - enum: 46fac71e4eSEmmanuel Vadot - fsl,imx6ul-caam 47fac71e4eSEmmanuel Vadot - fsl,sec-v5.0 48fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 49fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0 50fac71e4eSEmmanuel Vadot 51fac71e4eSEmmanuel Vadot reg: 52fac71e4eSEmmanuel Vadot maxItems: 1 53fac71e4eSEmmanuel Vadot 54fac71e4eSEmmanuel Vadot ranges: 55fac71e4eSEmmanuel Vadot maxItems: 1 56fac71e4eSEmmanuel Vadot 57fac71e4eSEmmanuel Vadot '#address-cells': 58fac71e4eSEmmanuel Vadot enum: [1, 2] 59fac71e4eSEmmanuel Vadot 60fac71e4eSEmmanuel Vadot '#size-cells': 61fac71e4eSEmmanuel Vadot enum: [1, 2] 62fac71e4eSEmmanuel Vadot 63fac71e4eSEmmanuel Vadot clocks: 64fac71e4eSEmmanuel Vadot minItems: 1 65fac71e4eSEmmanuel Vadot maxItems: 4 66fac71e4eSEmmanuel Vadot 67fac71e4eSEmmanuel Vadot clock-names: 68fac71e4eSEmmanuel Vadot minItems: 1 69fac71e4eSEmmanuel Vadot maxItems: 4 70fac71e4eSEmmanuel Vadot items: 71fac71e4eSEmmanuel Vadot enum: [mem, aclk, ipg, emi_slow] 72fac71e4eSEmmanuel Vadot 73fac71e4eSEmmanuel Vadot dma-coherent: true 74fac71e4eSEmmanuel Vadot 75fac71e4eSEmmanuel Vadot interrupts: 76fac71e4eSEmmanuel Vadot maxItems: 1 77fac71e4eSEmmanuel Vadot 78fac71e4eSEmmanuel Vadot fsl,sec-era: 79fac71e4eSEmmanuel Vadot description: Defines the 'ERA' of the SEC device. 80fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 81fac71e4eSEmmanuel Vadot 82fac71e4eSEmmanuel VadotpatternProperties: 83fac71e4eSEmmanuel Vadot '^jr@[0-9a-f]+$': 84fac71e4eSEmmanuel Vadot type: object 85fac71e4eSEmmanuel Vadot additionalProperties: false 86fac71e4eSEmmanuel Vadot description: 87fac71e4eSEmmanuel Vadot Job Ring (JR) Node. Defines data processing interface to SEC 4 across the 88fac71e4eSEmmanuel Vadot peripheral bus for purposes of processing cryptographic descriptors. The 89fac71e4eSEmmanuel Vadot specified address range can be made visible to one (or more) cores. The 90fac71e4eSEmmanuel Vadot interrupt defined for this node is controlled within the address range of 91fac71e4eSEmmanuel Vadot this node. 92fac71e4eSEmmanuel Vadot 93fac71e4eSEmmanuel Vadot properties: 94fac71e4eSEmmanuel Vadot compatible: 95fac71e4eSEmmanuel Vadot oneOf: 96fac71e4eSEmmanuel Vadot - items: 97fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-job-ring 98fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-job-ring 99fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 100fac71e4eSEmmanuel Vadot - items: 101fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-job-ring 102fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 103fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-job-ring 104fac71e4eSEmmanuel Vadot 105fac71e4eSEmmanuel Vadot reg: 106fac71e4eSEmmanuel Vadot maxItems: 1 107fac71e4eSEmmanuel Vadot 108fac71e4eSEmmanuel Vadot interrupts: 109fac71e4eSEmmanuel Vadot maxItems: 1 110fac71e4eSEmmanuel Vadot 111fac71e4eSEmmanuel Vadot fsl,liodn: 112fac71e4eSEmmanuel Vadot description: 113fac71e4eSEmmanuel Vadot Specifies the LIODN to be used in conjunction with the ppid-to-liodn 114fac71e4eSEmmanuel Vadot table that specifies the PPID to LIODN mapping. Needed if the PAMU is 115fac71e4eSEmmanuel Vadot used. Value is a 12 bit value where value is a LIODN ID for this JR. 116fac71e4eSEmmanuel Vadot This property is normally set by boot firmware. 117fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 118fac71e4eSEmmanuel Vadot maximum: 0xfff 119fac71e4eSEmmanuel Vadot 120fac71e4eSEmmanuel Vadot '^rtic@[0-9a-f]+$': 121fac71e4eSEmmanuel Vadot type: object 122fac71e4eSEmmanuel Vadot additionalProperties: false 123fac71e4eSEmmanuel Vadot description: 124fac71e4eSEmmanuel Vadot Run Time Integrity Check (RTIC) Node. Defines a register space that 125fac71e4eSEmmanuel Vadot contains up to 5 sets of addresses and their lengths (sizes) that will be 126fac71e4eSEmmanuel Vadot checked at run time. After an initial hash result is calculated, these 127fac71e4eSEmmanuel Vadot addresses are checked by HW to monitor any change. If any memory is 128fac71e4eSEmmanuel Vadot modified, a Security Violation is triggered (see SNVS definition). 129fac71e4eSEmmanuel Vadot 130fac71e4eSEmmanuel Vadot properties: 131fac71e4eSEmmanuel Vadot compatible: 132fac71e4eSEmmanuel Vadot oneOf: 133fac71e4eSEmmanuel Vadot - items: 134fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-rtic 135fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-rtic 136fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic 137fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic 138fac71e4eSEmmanuel Vadot 139fac71e4eSEmmanuel Vadot reg: 140*b2d2a78aSEmmanuel Vadot items: 141*b2d2a78aSEmmanuel Vadot - description: RTIC control and status register space. 142*b2d2a78aSEmmanuel Vadot - description: RTIC recoverable error indication register space. 143*b2d2a78aSEmmanuel Vadot minItems: 1 144fac71e4eSEmmanuel Vadot 145fac71e4eSEmmanuel Vadot ranges: 146fac71e4eSEmmanuel Vadot maxItems: 1 147fac71e4eSEmmanuel Vadot 148fac71e4eSEmmanuel Vadot interrupts: 149fac71e4eSEmmanuel Vadot maxItems: 1 150fac71e4eSEmmanuel Vadot 151fac71e4eSEmmanuel Vadot '#address-cells': 152fac71e4eSEmmanuel Vadot const: 1 153fac71e4eSEmmanuel Vadot 154fac71e4eSEmmanuel Vadot '#size-cells': 155fac71e4eSEmmanuel Vadot const: 1 156fac71e4eSEmmanuel Vadot 157fac71e4eSEmmanuel Vadot patternProperties: 158fac71e4eSEmmanuel Vadot '^rtic-[a-z]@[0-9a-f]+$': 159fac71e4eSEmmanuel Vadot type: object 160fac71e4eSEmmanuel Vadot additionalProperties: false 161fac71e4eSEmmanuel Vadot description: 162fac71e4eSEmmanuel Vadot Run Time Integrity Check (RTIC) Memory Node defines individual RTIC 163fac71e4eSEmmanuel Vadot memory regions that are used to perform run-time integrity check of 164fac71e4eSEmmanuel Vadot memory areas that should not modified. The node defines a register 165fac71e4eSEmmanuel Vadot that contains the memory address & length (combined) and a second 166fac71e4eSEmmanuel Vadot register that contains the hash result in big endian format. 167fac71e4eSEmmanuel Vadot 168fac71e4eSEmmanuel Vadot properties: 169fac71e4eSEmmanuel Vadot compatible: 170fac71e4eSEmmanuel Vadot oneOf: 171fac71e4eSEmmanuel Vadot - items: 172fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.4-rtic-memory 173fac71e4eSEmmanuel Vadot - const: fsl,sec-v5.0-rtic-memory 174fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic-memory 175fac71e4eSEmmanuel Vadot - const: fsl,sec-v4.0-rtic-memory 176fac71e4eSEmmanuel Vadot 177fac71e4eSEmmanuel Vadot reg: 178fac71e4eSEmmanuel Vadot items: 179fac71e4eSEmmanuel Vadot - description: RTIC memory address 180fac71e4eSEmmanuel Vadot - description: RTIC hash result 181fac71e4eSEmmanuel Vadot 182fac71e4eSEmmanuel Vadot fsl,liodn: 183fac71e4eSEmmanuel Vadot description: 184fac71e4eSEmmanuel Vadot Specifies the LIODN to be used in conjunction with the 185fac71e4eSEmmanuel Vadot ppid-to-liodn table that specifies the PPID to LIODN mapping. 186fac71e4eSEmmanuel Vadot Needed if the PAMU is used. Value is a 12 bit value where value 187fac71e4eSEmmanuel Vadot is a LIODN ID for this JR. This property is normally set by boot 188fac71e4eSEmmanuel Vadot firmware. 189fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32 190fac71e4eSEmmanuel Vadot maximum: 0xfff 191fac71e4eSEmmanuel Vadot 192fac71e4eSEmmanuel Vadot fsl,rtic-region: 193fac71e4eSEmmanuel Vadot description: 194fac71e4eSEmmanuel Vadot Specifies the HW address (36 bit address) for this region 195fac71e4eSEmmanuel Vadot followed by the length of the HW partition to be checked; 196fac71e4eSEmmanuel Vadot the address is represented as a 64 bit quantity followed 197fac71e4eSEmmanuel Vadot by a 32 bit length. 198fac71e4eSEmmanuel Vadot $ref: /schemas/types.yaml#/definitions/uint32-array 199fac71e4eSEmmanuel Vadot 200fac71e4eSEmmanuel Vadotrequired: 201fac71e4eSEmmanuel Vadot - compatible 202fac71e4eSEmmanuel Vadot - reg 203fac71e4eSEmmanuel Vadot - ranges 204fac71e4eSEmmanuel Vadot 205fac71e4eSEmmanuel VadotadditionalProperties: false 206fac71e4eSEmmanuel Vadot 207fac71e4eSEmmanuel Vadotexamples: 208fac71e4eSEmmanuel Vadot - | 209fac71e4eSEmmanuel Vadot crypto@300000 { 210fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0"; 211fac71e4eSEmmanuel Vadot #address-cells = <1>; 212fac71e4eSEmmanuel Vadot #size-cells = <1>; 213fac71e4eSEmmanuel Vadot reg = <0x300000 0x10000>; 214fac71e4eSEmmanuel Vadot ranges = <0 0x300000 0x10000>; 215fac71e4eSEmmanuel Vadot interrupts = <92 2>; 216fac71e4eSEmmanuel Vadot 217fac71e4eSEmmanuel Vadot jr@1000 { 218fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 219fac71e4eSEmmanuel Vadot reg = <0x1000 0x1000>; 220fac71e4eSEmmanuel Vadot interrupts = <88 2>; 221fac71e4eSEmmanuel Vadot }; 222fac71e4eSEmmanuel Vadot 223fac71e4eSEmmanuel Vadot jr@2000 { 224fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 225fac71e4eSEmmanuel Vadot reg = <0x2000 0x1000>; 226fac71e4eSEmmanuel Vadot interrupts = <89 2>; 227fac71e4eSEmmanuel Vadot }; 228fac71e4eSEmmanuel Vadot 229fac71e4eSEmmanuel Vadot jr@3000 { 230fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 231fac71e4eSEmmanuel Vadot reg = <0x3000 0x1000>; 232fac71e4eSEmmanuel Vadot interrupts = <90 2>; 233fac71e4eSEmmanuel Vadot }; 234fac71e4eSEmmanuel Vadot 235fac71e4eSEmmanuel Vadot jr@4000 { 236fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-job-ring"; 237fac71e4eSEmmanuel Vadot reg = <0x4000 0x1000>; 238fac71e4eSEmmanuel Vadot interrupts = <91 2>; 239fac71e4eSEmmanuel Vadot }; 240fac71e4eSEmmanuel Vadot 241fac71e4eSEmmanuel Vadot rtic@6000 { 242fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic"; 243fac71e4eSEmmanuel Vadot #address-cells = <1>; 244fac71e4eSEmmanuel Vadot #size-cells = <1>; 245fac71e4eSEmmanuel Vadot reg = <0x6000 0x100>; 246fac71e4eSEmmanuel Vadot ranges = <0x0 0x6100 0xe00>; 247fac71e4eSEmmanuel Vadot 248fac71e4eSEmmanuel Vadot rtic-a@0 { 249fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 250fac71e4eSEmmanuel Vadot reg = <0x00 0x20>, <0x100 0x80>; 251fac71e4eSEmmanuel Vadot }; 252fac71e4eSEmmanuel Vadot 253fac71e4eSEmmanuel Vadot rtic-b@20 { 254fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 255fac71e4eSEmmanuel Vadot reg = <0x20 0x20>, <0x200 0x80>; 256fac71e4eSEmmanuel Vadot }; 257fac71e4eSEmmanuel Vadot 258fac71e4eSEmmanuel Vadot rtic-c@40 { 259fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 260fac71e4eSEmmanuel Vadot reg = <0x40 0x20>, <0x300 0x80>; 261fac71e4eSEmmanuel Vadot }; 262fac71e4eSEmmanuel Vadot 263fac71e4eSEmmanuel Vadot rtic-d@60 { 264fac71e4eSEmmanuel Vadot compatible = "fsl,sec-v4.0-rtic-memory"; 265fac71e4eSEmmanuel Vadot reg = <0x60 0x20>, <0x500 0x80>; 266fac71e4eSEmmanuel Vadot }; 267fac71e4eSEmmanuel Vadot }; 268fac71e4eSEmmanuel Vadot }; 269fac71e4eSEmmanuel Vadot... 270