[v5,2/2] nvmem: sec-qfprom: Add Qualcomm secure QFPROM support

Message ID 20230724083849.8277-3-quic_kbajaj@quicinc.com
State New
Headers
Series nvmem: sec-qfprom: Add Qualcomm secure QFPROM support |

Commit Message

Komal Bajaj July 24, 2023, 8:38 a.m. UTC
  For some of the Qualcomm SoC's, it is possible that
some of the fuse regions or entire qfprom region is
protected from non-secure access. In such situations,
Linux will have to use secure calls to read the region.
With that motivation, add secure qfprom driver.

Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
---
 drivers/nvmem/Kconfig      |  13 +++++
 drivers/nvmem/Makefile     |   2 +
 drivers/nvmem/sec-qfprom.c | 101 +++++++++++++++++++++++++++++++++++++
 3 files changed, 116 insertions(+)
 create mode 100644 drivers/nvmem/sec-qfprom.c

--
2.40.1
  

Comments

Bjorn Andersson July 26, 2023, 6:17 a.m. UTC | #1
On Mon, Jul 24, 2023 at 02:08:49PM +0530, Komal Bajaj wrote:
> For some of the Qualcomm SoC's, it is possible that
> some of the fuse regions or entire qfprom region is
> protected from non-secure access. In such situations,
> Linux will have to use secure calls to read the region.
> With that motivation, add secure qfprom driver.
> 
> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>

Reviewed-by: Bjorn Andersson <andersson@kernel.org>

Regards,
Bjorn
  
Mukesh Ojha July 27, 2023, 6:39 a.m. UTC | #2
Hi,

Some questions, may not need to be addressed if the reason is
known

On 7/24/2023 2:08 PM, Komal Bajaj wrote:
> For some of the Qualcomm SoC's, it is possible that
> some of the fuse regions or entire qfprom region is
> protected from non-secure access. In such situations,
> Linux will have to use secure calls to read the region.
> With that motivation, add secure qfprom driver.
> 
> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
> ---
>   drivers/nvmem/Kconfig      |  13 +++++
>   drivers/nvmem/Makefile     |   2 +
>   drivers/nvmem/sec-qfprom.c | 101 +++++++++++++++++++++++++++++++++++++
>   3 files changed, 116 insertions(+)
>   create mode 100644 drivers/nvmem/sec-qfprom.c
> 
> diff --git a/drivers/nvmem/Kconfig b/drivers/nvmem/Kconfig
> index b291b27048c7..764fc5feb26c 100644
> --- a/drivers/nvmem/Kconfig
> +++ b/drivers/nvmem/Kconfig
> @@ -216,6 +216,19 @@ config NVMEM_QCOM_QFPROM
>   	  This driver can also be built as a module. If so, the module
>   	  will be called nvmem_qfprom.
> 
> +config NVMEM_QCOM_SEC_QFPROM
> +        tristate "QCOM SECURE QFPROM Support"
> +        depends on ARCH_QCOM || COMPILE_TEST
> +        depends on HAS_IOMEM
> +        depends on OF
> +        select QCOM_SCM
> +        help
> +          Say y here to enable secure QFPROM support. The secure QFPROM provides access
> +          functions for QFPROM data to rest of the drivers via nvmem interface.
> +
> +          This driver can also be built as a module. If so, the module will be called
> +          nvmem_sec_qfprom.
> +
>   config NVMEM_RAVE_SP_EEPROM
>   	tristate "Rave SP EEPROM Support"
>   	depends on RAVE_SP_CORE
> diff --git a/drivers/nvmem/Makefile b/drivers/nvmem/Makefile
> index f82431ec8aef..e248d3daadf3 100644
> --- a/drivers/nvmem/Makefile
> +++ b/drivers/nvmem/Makefile
> @@ -44,6 +44,8 @@ obj-$(CONFIG_NVMEM_NINTENDO_OTP)	+= nvmem-nintendo-otp.o
>   nvmem-nintendo-otp-y			:= nintendo-otp.o
>   obj-$(CONFIG_NVMEM_QCOM_QFPROM)		+= nvmem_qfprom.o
>   nvmem_qfprom-y				:= qfprom.o
> +obj-$(CONFIG_NVMEM_QCOM_SEC_QFPROM)	+= nvmem_sec_qfprom.o
> +nvmem_sec_qfprom-y			:= sec-qfprom.o

Are we just doing this for just renaming the object ?

>   obj-$(CONFIG_NVMEM_RAVE_SP_EEPROM)	+= nvmem-rave-sp-eeprom.o
>   nvmem-rave-sp-eeprom-y			:= rave-sp-eeprom.o
>   obj-$(CONFIG_NVMEM_RMEM) 		+= nvmem-rmem.o
> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
> new file mode 100644
> index 000000000000..bc68053b7d94
> --- /dev/null
> +++ b/drivers/nvmem/sec-qfprom.c
> @@ -0,0 +1,101 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights reserved.
> + */
> +
> +#include <linux/firmware/qcom/qcom_scm.h>
> +#include <linux/mod_devicetable.h>
> +#include <linux/nvmem-provider.h>
> +#include <linux/platform_device.h>
> +#include <linux/pm_runtime.h>
> +
> +/**
> + * struct sec_qfprom - structure holding secure qfprom attributes
> + *
> + * @base: starting physical address for secure qfprom corrected address space.
> + * @dev: qfprom device structure.
> + */
> +struct sec_qfprom {
> +	phys_addr_t base;
> +	struct device *dev;
> +};
> +
> +static int sec_qfprom_reg_read(void *context, unsigned int reg, void *_val, size_t bytes)
> +{
> +	struct sec_qfprom *priv = context;
> +	unsigned int i;
> +	u8 *val = _val;
> +	u32 read_val;
> +	u8 *tmp;
> +
> +	for (i = 0; i < bytes; i++, reg++) {
> +		if (i == 0 || reg % 4 == 0) {
> +			if (qcom_scm_io_readl(priv->base + (reg & ~3), &read_val)) {
> +				dev_err(priv->dev, "Couldn't access fuse register\n");
> +				return -EINVAL;
> +			}
> +			tmp = (u8 *)&read_val;
> +		}
> +
> +		val[i] = tmp[reg & 3];
> +	}

Getting secure read from fuse region is fine here, since we have to read
4 byte from trustzone, but this restriction of reading is also there
for sm8{4|5}50 soc's where byte by byte reading is protected and 
granularity set to 4 byte (qfprom_reg_read() in drivers/nvmem/qfprom.c)
is will result in abort, in  that case this function need to export this
logic.

> +
> +	return 0;
> +}
> +
> +static int sec_qfprom_probe(struct platform_device *pdev)
> +{
> +	struct nvmem_config econfig = {
> +		.name = "sec-qfprom",
> +		.stride = 1,
> +		.word_size = 1,
> +		.id = NVMEM_DEVID_AUTO,
> +		.reg_read = sec_qfprom_reg_read,
> +	};
> +	struct device *dev = &pdev->dev;
> +	struct nvmem_device *nvmem;
> +	struct sec_qfprom *priv;
> +	struct resource *res;
> +	int ret;
> +
> +	priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
> +	if (!priv)
> +		return -ENOMEM;
> +
> +	res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
> +	if (!res)
> +		return -EINVAL;
> +
> +	priv->base = res->start;
> +
> +	econfig.size = resource_size(res);
> +	econfig.dev = dev;
> +	econfig.priv = priv;
> +
> +	priv->dev = dev;
> +
> +	ret = devm_pm_runtime_enable(dev);
> +	if (ret)
> +		return ret;
> +
> +	nvmem = devm_nvmem_register(dev, &econfig);
> +
> +	return PTR_ERR_OR_ZERO(nvmem);
> +}
> +
> +static const struct of_device_id sec_qfprom_of_match[] = {
> +	{ .compatible = "qcom,sec-qfprom" },
> +	{/* sentinel */},
> +};
> +MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
> +
> +static struct platform_driver qfprom_driver = {
> +	.probe = sec_qfprom_probe,

Why don't we have remove/remove_new callbacks?
Same comment apply for drivers/nvmem/qfprom.c

> +	.driver = {
> +		.name = "qcom_sec_qfprom",
> +		.of_match_table = sec_qfprom_of_match,
> +	},
> +};
> +module_platform_driver(qfprom_driver);
> +MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
> +MODULE_LICENSE("GPL");
> --
> 2.40.1
> 

-Mukesh
  
Srinivas Kandagatla July 27, 2023, 10:44 a.m. UTC | #3
On 24/07/2023 09:38, Komal Bajaj wrote:
> For some of the Qualcomm SoC's, it is possible that
> some of the fuse regions or entire qfprom region is
> protected from non-secure access. In such situations,
> Linux will have to use secure calls to read the region.
> With that motivation, add secure qfprom driver.
> 
> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
> ---
>   drivers/nvmem/Kconfig      |  13 +++++
>   drivers/nvmem/Makefile     |   2 +
>   drivers/nvmem/sec-qfprom.c | 101 +++++++++++++++++++++++++++++++++++++
>   3 files changed, 116 insertions(+)
>   create mode 100644 drivers/nvmem/sec-qfprom.c
> 

> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
> new file mode 100644
> index 000000000000..bc68053b7d94
> --- /dev/null
> +++ b/drivers/nvmem/sec-qfprom.c
> @@ -0,0 +1,101 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights reserved.
> + */
> +
> +#include <linux/firmware/qcom/qcom_scm.h>
> +#include <linux/mod_devicetable.h>
> +#include <linux/nvmem-provider.h>
> +#include <linux/platform_device.h>
> +#include <linux/pm_runtime.h>

> +
> +static int sec_qfprom_probe(struct platform_device *pdev)
> +{
> +	struct nvmem_config econfig = {
> +		.name = "sec-qfprom",
> +		.stride = 1,
> +		.word_size = 1,
> +		.id = NVMEM_DEVID_AUTO,
> +		.reg_read = sec_qfprom_reg_read,
> +	};
> +	struct device *dev = &pdev->dev;
> +	struct nvmem_device *nvmem;
> +	struct sec_qfprom *priv;
> +	struct resource *res;
> +	int ret;
> +
> +	priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
> +	if (!priv)
> +		return -ENOMEM;
> +
> +	res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
> +	if (!res)
> +		return -EINVAL;
> +
> +	priv->base = res->start;
> +
> +	econfig.size = resource_size(res);
> +	econfig.dev = dev;
> +	econfig.priv = priv;
> +
> +	priv->dev = dev;
> +
> +	ret = devm_pm_runtime_enable(dev);
> +	if (ret)
> +		return ret;

Any reason why we need to enable pm runtime for this driver? As Am not 
seeing any pm runtime handlers or users in this driver.


--srini
> +
> +	nvmem = devm_nvmem_register(dev, &econfig);
> +
> +	return PTR_ERR_OR_ZERO(nvmem);
> +}
> +
> +static const struct of_device_id sec_qfprom_of_match[] = {
> +	{ .compatible = "qcom,sec-qfprom" },
> +	{/* sentinel */},
> +};
> +MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
> +
> +static struct platform_driver qfprom_driver = {
> +	.probe = sec_qfprom_probe,
> +	.driver = {
> +		.name = "qcom_sec_qfprom",
> +		.of_match_table = sec_qfprom_of_match,
> +	},
> +};
> +module_platform_driver(qfprom_driver);
> +MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
> +MODULE_LICENSE("GPL");
> --
> 2.40.1
>
  
Mukesh Ojha July 27, 2023, 1:26 p.m. UTC | #4
On 7/27/2023 12:09 PM, Mukesh Ojha wrote:
> Hi,
> 
> Some questions, may not need to be addressed if the reason is
> known
> 
> On 7/24/2023 2:08 PM, Komal Bajaj wrote:
>> For some of the Qualcomm SoC's, it is possible that
>> some of the fuse regions or entire qfprom region is
>> protected from non-secure access. In such situations,
>> Linux will have to use secure calls to read the region.
>> With that motivation, add secure qfprom driver.
>>
>> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
>> ---
>>   drivers/nvmem/Kconfig      |  13 +++++
>>   drivers/nvmem/Makefile     |   2 +
>>   drivers/nvmem/sec-qfprom.c | 101 +++++++++++++++++++++++++++++++++++++
>>   3 files changed, 116 insertions(+)
>>   create mode 100644 drivers/nvmem/sec-qfprom.c
>>
>> diff --git a/drivers/nvmem/Kconfig b/drivers/nvmem/Kconfig
>> index b291b27048c7..764fc5feb26c 100644
>> --- a/drivers/nvmem/Kconfig
>> +++ b/drivers/nvmem/Kconfig
>> @@ -216,6 +216,19 @@ config NVMEM_QCOM_QFPROM
>>         This driver can also be built as a module. If so, the module
>>         will be called nvmem_qfprom.
>>
>> +config NVMEM_QCOM_SEC_QFPROM
>> +        tristate "QCOM SECURE QFPROM Support"
>> +        depends on ARCH_QCOM || COMPILE_TEST
>> +        depends on HAS_IOMEM
>> +        depends on OF
>> +        select QCOM_SCM
>> +        help
>> +          Say y here to enable secure QFPROM support. The secure 
>> QFPROM provides access
>> +          functions for QFPROM data to rest of the drivers via nvmem 
>> interface.
>> +
>> +          This driver can also be built as a module. If so, the 
>> module will be called
>> +          nvmem_sec_qfprom.
>> +
>>   config NVMEM_RAVE_SP_EEPROM
>>       tristate "Rave SP EEPROM Support"
>>       depends on RAVE_SP_CORE
>> diff --git a/drivers/nvmem/Makefile b/drivers/nvmem/Makefile
>> index f82431ec8aef..e248d3daadf3 100644
>> --- a/drivers/nvmem/Makefile
>> +++ b/drivers/nvmem/Makefile
>> @@ -44,6 +44,8 @@ obj-$(CONFIG_NVMEM_NINTENDO_OTP)    += 
>> nvmem-nintendo-otp.o
>>   nvmem-nintendo-otp-y            := nintendo-otp.o
>>   obj-$(CONFIG_NVMEM_QCOM_QFPROM)        += nvmem_qfprom.o
>>   nvmem_qfprom-y                := qfprom.o
>> +obj-$(CONFIG_NVMEM_QCOM_SEC_QFPROM)    += nvmem_sec_qfprom.o
>> +nvmem_sec_qfprom-y            := sec-qfprom.o
> 
> Are we just doing this for just renaming the object ?
> 
>>   obj-$(CONFIG_NVMEM_RAVE_SP_EEPROM)    += nvmem-rave-sp-eeprom.o
>>   nvmem-rave-sp-eeprom-y            := rave-sp-eeprom.o
>>   obj-$(CONFIG_NVMEM_RMEM)         += nvmem-rmem.o
>> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
>> new file mode 100644
>> index 000000000000..bc68053b7d94
>> --- /dev/null
>> +++ b/drivers/nvmem/sec-qfprom.c
>> @@ -0,0 +1,101 @@
>> +// SPDX-License-Identifier: GPL-2.0-only
>> +/*
>> + * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights 
>> reserved.
>> + */
>> +
>> +#include <linux/firmware/qcom/qcom_scm.h>
>> +#include <linux/mod_devicetable.h>
>> +#include <linux/nvmem-provider.h>
>> +#include <linux/platform_device.h>
>> +#include <linux/pm_runtime.h>
>> +
>> +/**
>> + * struct sec_qfprom - structure holding secure qfprom attributes
>> + *
>> + * @base: starting physical address for secure qfprom corrected 
>> address space.
>> + * @dev: qfprom device structure.
>> + */
>> +struct sec_qfprom {
>> +    phys_addr_t base;
>> +    struct device *dev;
>> +};
>> +
>> +static int sec_qfprom_reg_read(void *context, unsigned int reg, void 
>> *_val, size_t bytes)
>> +{
>> +    struct sec_qfprom *priv = context;
>> +    unsigned int i;
>> +    u8 *val = _val;
>> +    u32 read_val;
>> +    u8 *tmp;
>> +
>> +    for (i = 0; i < bytes; i++, reg++) {
>> +        if (i == 0 || reg % 4 == 0) {
>> +            if (qcom_scm_io_readl(priv->base + (reg & ~3), &read_val)) {
>> +                dev_err(priv->dev, "Couldn't access fuse register\n");
>> +                return -EINVAL;
>> +            }
>> +            tmp = (u8 *)&read_val;
>> +        }
>> +
>> +        val[i] = tmp[reg & 3];
>> +    }
> 
> Getting secure read from fuse region is fine here, since we have to read
> 4 byte from trustzone, but this restriction of reading is also there
> for sm8{4|5}50 soc's where byte by byte reading is protected and 
> granularity set to 4 byte (qfprom_reg_read() in drivers/nvmem/qfprom.c)
> is will result in abort, in  that case this function need to export this
> logic.
> 
>> +
>> +    return 0;
>> +}
>> +
>> +static int sec_qfprom_probe(struct platform_device *pdev)
>> +{
>> +    struct nvmem_config econfig = {
>> +        .name = "sec-qfprom",
>> +        .stride = 1,
>> +        .word_size = 1,
>> +        .id = NVMEM_DEVID_AUTO,
>> +        .reg_read = sec_qfprom_reg_read,
>> +    };
>> +    struct device *dev = &pdev->dev;
>> +    struct nvmem_device *nvmem;
>> +    struct sec_qfprom *priv;
>> +    struct resource *res;
>> +    int ret;
>> +
>> +    priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
>> +    if (!priv)
>> +        return -ENOMEM;
>> +
>> +    res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
>> +    if (!res)
>> +        return -EINVAL;
>> +
>> +    priv->base = res->start;
>> +
>> +    econfig.size = resource_size(res);
>> +    econfig.dev = dev;
>> +    econfig.priv = priv;
>> +
>> +    priv->dev = dev;
>> +
>> +    ret = devm_pm_runtime_enable(dev);
>> +    if (ret)
>> +        return ret;
>> +
>> +    nvmem = devm_nvmem_register(dev, &econfig);
>> +
>> +    return PTR_ERR_OR_ZERO(nvmem);
>> +}
>> +
>> +static const struct of_device_id sec_qfprom_of_match[] = {
>> +    { .compatible = "qcom,sec-qfprom" },
>> +    {/* sentinel */},
>> +};
>> +MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
>> +
>> +static struct platform_driver qfprom_driver = {
>> +    .probe = sec_qfprom_probe,
> 
> Why don't we have remove/remove_new callbacks?
> Same comment apply for drivers/nvmem/qfprom.c

Ignore this comment; Something new learnt with devm_* api
implementation.

-Mukesh
> 
>> +    .driver = {
>> +        .name = "qcom_sec_qfprom",
>> +        .of_match_table = sec_qfprom_of_match,
>> +    },
>> +};
>> +module_platform_driver(qfprom_driver);
>> +MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
>> +MODULE_LICENSE("GPL");
>> -- 
>> 2.40.1
>>
> 
> -Mukesh
  
Mukesh Ojha July 28, 2023, 8:25 a.m. UTC | #5
On 7/27/2023 4:14 PM, Srinivas Kandagatla wrote:
> 
> 
> On 24/07/2023 09:38, Komal Bajaj wrote:
>> For some of the Qualcomm SoC's, it is possible that
>> some of the fuse regions or entire qfprom region is
>> protected from non-secure access. In such situations,
>> Linux will have to use secure calls to read the region.
>> With that motivation, add secure qfprom driver.
>>
>> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
>> ---
>>   drivers/nvmem/Kconfig      |  13 +++++
>>   drivers/nvmem/Makefile     |   2 +
>>   drivers/nvmem/sec-qfprom.c | 101 +++++++++++++++++++++++++++++++++++++
>>   3 files changed, 116 insertions(+)
>>   create mode 100644 drivers/nvmem/sec-qfprom.c
>>
> 
>> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
>> new file mode 100644
>> index 000000000000..bc68053b7d94
>> --- /dev/null
>> +++ b/drivers/nvmem/sec-qfprom.c
>> @@ -0,0 +1,101 @@
>> +// SPDX-License-Identifier: GPL-2.0-only
>> +/*
>> + * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights 
>> reserved.
>> + */
>> +
>> +#include <linux/firmware/qcom/qcom_scm.h>
>> +#include <linux/mod_devicetable.h>
>> +#include <linux/nvmem-provider.h>
>> +#include <linux/platform_device.h>
>> +#include <linux/pm_runtime.h>
> 
>> +
>> +static int sec_qfprom_probe(struct platform_device *pdev)
>> +{
>> +    struct nvmem_config econfig = {
>> +        .name = "sec-qfprom",
>> +        .stride = 1,
>> +        .word_size = 1,
>> +        .id = NVMEM_DEVID_AUTO,
>> +        .reg_read = sec_qfprom_reg_read,
>> +    };
>> +    struct device *dev = &pdev->dev;
>> +    struct nvmem_device *nvmem;
>> +    struct sec_qfprom *priv;
>> +    struct resource *res;
>> +    int ret;
>> +
>> +    priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
>> +    if (!priv)
>> +        return -ENOMEM;
>> +
>> +    res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
>> +    if (!res)
>> +        return -EINVAL;
>> +
>> +    priv->base = res->start;
>> +
>> +    econfig.size = resource_size(res);
>> +    econfig.dev = dev;
>> +    econfig.priv = priv;
>> +
>> +    priv->dev = dev;
>> +
>> +    ret = devm_pm_runtime_enable(dev);
>> +    if (ret)
>> +        return ret;
> 
> Any reason why we need to enable pm runtime for this driver? As Am not 
> seeing any pm runtime handlers or users in this driver.

Thanks..
Yes, it is not needed as of now..
looks like, it got inherited from qfprom.c by mistake.

Same need to be corrected in Device tree, if any
unnecessary reference is there related to this..

-Mukesh
> 
> 
> --srini
>> +
>> +    nvmem = devm_nvmem_register(dev, &econfig);
>> +
>> +    return PTR_ERR_OR_ZERO(nvmem);
>> +}
>> +
>> +static const struct of_device_id sec_qfprom_of_match[] = {
>> +    { .compatible = "qcom,sec-qfprom" },
>> +    {/* sentinel */},
>> +};
>> +MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
>> +
>> +static struct platform_driver qfprom_driver = {
>> +    .probe = sec_qfprom_probe,
>> +    .driver = {
>> +        .name = "qcom_sec_qfprom",
>> +        .of_match_table = sec_qfprom_of_match,
>> +    },
>> +};
>> +module_platform_driver(qfprom_driver);
>> +MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
>> +MODULE_LICENSE("GPL");
>> -- 
>> 2.40.1
>>
  
Bjorn Andersson July 31, 2023, 4:35 p.m. UTC | #6
On Thu, Jul 27, 2023 at 12:09:07PM +0530, Mukesh Ojha wrote:
> On 7/24/2023 2:08 PM, Komal Bajaj wrote:
[..]
> > diff --git a/drivers/nvmem/Makefile b/drivers/nvmem/Makefile
> > index f82431ec8aef..e248d3daadf3 100644
> > --- a/drivers/nvmem/Makefile
> > +++ b/drivers/nvmem/Makefile
> > @@ -44,6 +44,8 @@ obj-$(CONFIG_NVMEM_NINTENDO_OTP)	+= nvmem-nintendo-otp.o
> >   nvmem-nintendo-otp-y			:= nintendo-otp.o
> >   obj-$(CONFIG_NVMEM_QCOM_QFPROM)		+= nvmem_qfprom.o
> >   nvmem_qfprom-y				:= qfprom.o
> > +obj-$(CONFIG_NVMEM_QCOM_SEC_QFPROM)	+= nvmem_sec_qfprom.o
> > +nvmem_sec_qfprom-y			:= sec-qfprom.o
> 
> Are we just doing this for just renaming the object ?
> 

Correct.

> >   obj-$(CONFIG_NVMEM_RAVE_SP_EEPROM)	+= nvmem-rave-sp-eeprom.o
> >   nvmem-rave-sp-eeprom-y			:= rave-sp-eeprom.o
> >   obj-$(CONFIG_NVMEM_RMEM) 		+= nvmem-rmem.o
> > diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
[..]
> > +static int sec_qfprom_reg_read(void *context, unsigned int reg, void *_val, size_t bytes)
> > +{
> > +	struct sec_qfprom *priv = context;
> > +	unsigned int i;
> > +	u8 *val = _val;
> > +	u32 read_val;
> > +	u8 *tmp;
> > +
> > +	for (i = 0; i < bytes; i++, reg++) {
> > +		if (i == 0 || reg % 4 == 0) {
> > +			if (qcom_scm_io_readl(priv->base + (reg & ~3), &read_val)) {
> > +				dev_err(priv->dev, "Couldn't access fuse register\n");
> > +				return -EINVAL;
> > +			}
> > +			tmp = (u8 *)&read_val;
> > +		}
> > +
> > +		val[i] = tmp[reg & 3];
> > +	}
> 
> Getting secure read from fuse region is fine here, since we have to read
> 4 byte from trustzone, but this restriction of reading is also there
> for sm8{4|5}50 soc's where byte by byte reading is protected and granularity
> set to 4 byte (qfprom_reg_read() in drivers/nvmem/qfprom.c)
> is will result in abort, in  that case this function need to export this
> logic.
> 

If qfprom needs similar treatment, then let's land this first and then
consider generalizing (i.e. move to some library code) this - or if
infeasible, just fix qfprom_reg_read().

Regards,
Bjorn
  
Komal Bajaj Aug. 1, 2023, 6:10 a.m. UTC | #7
On 7/31/2023 10:05 PM, Bjorn Andersson wrote:
> On Thu, Jul 27, 2023 at 12:09:07PM +0530, Mukesh Ojha wrote:
>> On 7/24/2023 2:08 PM, Komal Bajaj wrote:
> [..]
>>> diff --git a/drivers/nvmem/Makefile b/drivers/nvmem/Makefile
>>> index f82431ec8aef..e248d3daadf3 100644
>>> --- a/drivers/nvmem/Makefile
>>> +++ b/drivers/nvmem/Makefile
>>> @@ -44,6 +44,8 @@ obj-$(CONFIG_NVMEM_NINTENDO_OTP)	+= nvmem-nintendo-otp.o
>>>    nvmem-nintendo-otp-y			:= nintendo-otp.o
>>>    obj-$(CONFIG_NVMEM_QCOM_QFPROM)		+= nvmem_qfprom.o
>>>    nvmem_qfprom-y				:= qfprom.o
>>> +obj-$(CONFIG_NVMEM_QCOM_SEC_QFPROM)	+= nvmem_sec_qfprom.o
>>> +nvmem_sec_qfprom-y			:= sec-qfprom.o
>> Are we just doing this for just renaming the object ?
>>
> Correct.
>
>>>    obj-$(CONFIG_NVMEM_RAVE_SP_EEPROM)	+= nvmem-rave-sp-eeprom.o
>>>    nvmem-rave-sp-eeprom-y			:= rave-sp-eeprom.o
>>>    obj-$(CONFIG_NVMEM_RMEM) 		+= nvmem-rmem.o
>>> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
> [..]
>>> +static int sec_qfprom_reg_read(void *context, unsigned int reg, void *_val, size_t bytes)
>>> +{
>>> +	struct sec_qfprom *priv = context;
>>> +	unsigned int i;
>>> +	u8 *val = _val;
>>> +	u32 read_val;
>>> +	u8 *tmp;
>>> +
>>> +	for (i = 0; i < bytes; i++, reg++) {
>>> +		if (i == 0 || reg % 4 == 0) {
>>> +			if (qcom_scm_io_readl(priv->base + (reg & ~3), &read_val)) {
>>> +				dev_err(priv->dev, "Couldn't access fuse register\n");
>>> +				return -EINVAL;
>>> +			}
>>> +			tmp = (u8 *)&read_val;
>>> +		}
>>> +
>>> +		val[i] = tmp[reg & 3];
>>> +	}
>> Getting secure read from fuse region is fine here, since we have to read
>> 4 byte from trustzone, but this restriction of reading is also there
>> for sm8{4|5}50 soc's where byte by byte reading is protected and granularity
>> set to 4 byte (qfprom_reg_read() in drivers/nvmem/qfprom.c)
>> is will result in abort, in  that case this function need to export this
>> logic.
>>
> If qfprom needs similar treatment, then let's land this first and then
> consider generalizing (i.e. move to some library code) this - or if
> infeasible, just fix qfprom_reg_read().

Agree, I will implement this logic into qfprom driver (into 
qfprom_reg_read() ) in a separate patch.

Thanks
Komal
>
> Regards,
> Bjorn
  
Komal Bajaj Aug. 1, 2023, 6:11 a.m. UTC | #8
On 7/28/2023 1:55 PM, Mukesh Ojha wrote:
>
>
> On 7/27/2023 4:14 PM, Srinivas Kandagatla wrote:
>>
>>
>> On 24/07/2023 09:38, Komal Bajaj wrote:
>>> For some of the Qualcomm SoC's, it is possible that
>>> some of the fuse regions or entire qfprom region is
>>> protected from non-secure access. In such situations,
>>> Linux will have to use secure calls to read the region.
>>> With that motivation, add secure qfprom driver.
>>>
>>> Signed-off-by: Komal Bajaj <quic_kbajaj@quicinc.com>
>>> ---
>>>   drivers/nvmem/Kconfig      |  13 +++++
>>>   drivers/nvmem/Makefile     |   2 +
>>>   drivers/nvmem/sec-qfprom.c | 101 
>>> +++++++++++++++++++++++++++++++++++++
>>>   3 files changed, 116 insertions(+)
>>>   create mode 100644 drivers/nvmem/sec-qfprom.c
>>>
>>
>>> diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
>>> new file mode 100644
>>> index 000000000000..bc68053b7d94
>>> --- /dev/null
>>> +++ b/drivers/nvmem/sec-qfprom.c
>>> @@ -0,0 +1,101 @@
>>> +// SPDX-License-Identifier: GPL-2.0-only
>>> +/*
>>> + * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights 
>>> reserved.
>>> + */
>>> +
>>> +#include <linux/firmware/qcom/qcom_scm.h>
>>> +#include <linux/mod_devicetable.h>
>>> +#include <linux/nvmem-provider.h>
>>> +#include <linux/platform_device.h>
>>> +#include <linux/pm_runtime.h>
>>
>>> +
>>> +static int sec_qfprom_probe(struct platform_device *pdev)
>>> +{
>>> +    struct nvmem_config econfig = {
>>> +        .name = "sec-qfprom",
>>> +        .stride = 1,
>>> +        .word_size = 1,
>>> +        .id = NVMEM_DEVID_AUTO,
>>> +        .reg_read = sec_qfprom_reg_read,
>>> +    };
>>> +    struct device *dev = &pdev->dev;
>>> +    struct nvmem_device *nvmem;
>>> +    struct sec_qfprom *priv;
>>> +    struct resource *res;
>>> +    int ret;
>>> +
>>> +    priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
>>> +    if (!priv)
>>> +        return -ENOMEM;
>>> +
>>> +    res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
>>> +    if (!res)
>>> +        return -EINVAL;
>>> +
>>> +    priv->base = res->start;
>>> +
>>> +    econfig.size = resource_size(res);
>>> +    econfig.dev = dev;
>>> +    econfig.priv = priv;
>>> +
>>> +    priv->dev = dev;
>>> +
>>> +    ret = devm_pm_runtime_enable(dev);
>>> +    if (ret)
>>> +        return ret;
>>
>> Any reason why we need to enable pm runtime for this driver? As Am 
>> not seeing any pm runtime handlers or users in this driver.
>
> Thanks..
> Yes, it is not needed as of now..
> looks like, it got inherited from qfprom.c by mistake.
>
> Same need to be corrected in Device tree, if any
> unnecessary reference is there related to this..

Thanks for pointing it out.
Will drop it in the next patch series.

Thanks
Komal

>
> -Mukesh
>>
>>
>> --srini
>>> +
>>> +    nvmem = devm_nvmem_register(dev, &econfig);
>>> +
>>> +    return PTR_ERR_OR_ZERO(nvmem);
>>> +}
>>> +
>>> +static const struct of_device_id sec_qfprom_of_match[] = {
>>> +    { .compatible = "qcom,sec-qfprom" },
>>> +    {/* sentinel */},
>>> +};
>>> +MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
>>> +
>>> +static struct platform_driver qfprom_driver = {
>>> +    .probe = sec_qfprom_probe,
>>> +    .driver = {
>>> +        .name = "qcom_sec_qfprom",
>>> +        .of_match_table = sec_qfprom_of_match,
>>> +    },
>>> +};
>>> +module_platform_driver(qfprom_driver);
>>> +MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
>>> +MODULE_LICENSE("GPL");
>>> -- 
>>> 2.40.1
>>>
  

Patch

diff --git a/drivers/nvmem/Kconfig b/drivers/nvmem/Kconfig
index b291b27048c7..764fc5feb26c 100644
--- a/drivers/nvmem/Kconfig
+++ b/drivers/nvmem/Kconfig
@@ -216,6 +216,19 @@  config NVMEM_QCOM_QFPROM
 	  This driver can also be built as a module. If so, the module
 	  will be called nvmem_qfprom.

+config NVMEM_QCOM_SEC_QFPROM
+        tristate "QCOM SECURE QFPROM Support"
+        depends on ARCH_QCOM || COMPILE_TEST
+        depends on HAS_IOMEM
+        depends on OF
+        select QCOM_SCM
+        help
+          Say y here to enable secure QFPROM support. The secure QFPROM provides access
+          functions for QFPROM data to rest of the drivers via nvmem interface.
+
+          This driver can also be built as a module. If so, the module will be called
+          nvmem_sec_qfprom.
+
 config NVMEM_RAVE_SP_EEPROM
 	tristate "Rave SP EEPROM Support"
 	depends on RAVE_SP_CORE
diff --git a/drivers/nvmem/Makefile b/drivers/nvmem/Makefile
index f82431ec8aef..e248d3daadf3 100644
--- a/drivers/nvmem/Makefile
+++ b/drivers/nvmem/Makefile
@@ -44,6 +44,8 @@  obj-$(CONFIG_NVMEM_NINTENDO_OTP)	+= nvmem-nintendo-otp.o
 nvmem-nintendo-otp-y			:= nintendo-otp.o
 obj-$(CONFIG_NVMEM_QCOM_QFPROM)		+= nvmem_qfprom.o
 nvmem_qfprom-y				:= qfprom.o
+obj-$(CONFIG_NVMEM_QCOM_SEC_QFPROM)	+= nvmem_sec_qfprom.o
+nvmem_sec_qfprom-y			:= sec-qfprom.o
 obj-$(CONFIG_NVMEM_RAVE_SP_EEPROM)	+= nvmem-rave-sp-eeprom.o
 nvmem-rave-sp-eeprom-y			:= rave-sp-eeprom.o
 obj-$(CONFIG_NVMEM_RMEM) 		+= nvmem-rmem.o
diff --git a/drivers/nvmem/sec-qfprom.c b/drivers/nvmem/sec-qfprom.c
new file mode 100644
index 000000000000..bc68053b7d94
--- /dev/null
+++ b/drivers/nvmem/sec-qfprom.c
@@ -0,0 +1,101 @@ 
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * Copyright (c) 2023, Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+
+#include <linux/firmware/qcom/qcom_scm.h>
+#include <linux/mod_devicetable.h>
+#include <linux/nvmem-provider.h>
+#include <linux/platform_device.h>
+#include <linux/pm_runtime.h>
+
+/**
+ * struct sec_qfprom - structure holding secure qfprom attributes
+ *
+ * @base: starting physical address for secure qfprom corrected address space.
+ * @dev: qfprom device structure.
+ */
+struct sec_qfprom {
+	phys_addr_t base;
+	struct device *dev;
+};
+
+static int sec_qfprom_reg_read(void *context, unsigned int reg, void *_val, size_t bytes)
+{
+	struct sec_qfprom *priv = context;
+	unsigned int i;
+	u8 *val = _val;
+	u32 read_val;
+	u8 *tmp;
+
+	for (i = 0; i < bytes; i++, reg++) {
+		if (i == 0 || reg % 4 == 0) {
+			if (qcom_scm_io_readl(priv->base + (reg & ~3), &read_val)) {
+				dev_err(priv->dev, "Couldn't access fuse register\n");
+				return -EINVAL;
+			}
+			tmp = (u8 *)&read_val;
+		}
+
+		val[i] = tmp[reg & 3];
+	}
+
+	return 0;
+}
+
+static int sec_qfprom_probe(struct platform_device *pdev)
+{
+	struct nvmem_config econfig = {
+		.name = "sec-qfprom",
+		.stride = 1,
+		.word_size = 1,
+		.id = NVMEM_DEVID_AUTO,
+		.reg_read = sec_qfprom_reg_read,
+	};
+	struct device *dev = &pdev->dev;
+	struct nvmem_device *nvmem;
+	struct sec_qfprom *priv;
+	struct resource *res;
+	int ret;
+
+	priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
+	if (!priv)
+		return -ENOMEM;
+
+	res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
+	if (!res)
+		return -EINVAL;
+
+	priv->base = res->start;
+
+	econfig.size = resource_size(res);
+	econfig.dev = dev;
+	econfig.priv = priv;
+
+	priv->dev = dev;
+
+	ret = devm_pm_runtime_enable(dev);
+	if (ret)
+		return ret;
+
+	nvmem = devm_nvmem_register(dev, &econfig);
+
+	return PTR_ERR_OR_ZERO(nvmem);
+}
+
+static const struct of_device_id sec_qfprom_of_match[] = {
+	{ .compatible = "qcom,sec-qfprom" },
+	{/* sentinel */},
+};
+MODULE_DEVICE_TABLE(of, sec_qfprom_of_match);
+
+static struct platform_driver qfprom_driver = {
+	.probe = sec_qfprom_probe,
+	.driver = {
+		.name = "qcom_sec_qfprom",
+		.of_match_table = sec_qfprom_of_match,
+	},
+};
+module_platform_driver(qfprom_driver);
+MODULE_DESCRIPTION("Qualcomm Secure QFPROM driver");
+MODULE_LICENSE("GPL");