crypto: aspeed: Add AST2600 ACRY support

ACRY is designed to accelerate ECC/RSA digital signature
generation and verification.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>

diff --git a/drivers/crypto/aspeed/Kconfig b/drivers/crypto/aspeed/Kconfig
index 471c06f..9bf3171 100644 (file)
--- a/drivers/crypto/aspeed/Kconfig
+++ b/drivers/crypto/aspeed/Kconfig
@@ -8,3 +8,13 @@ config ASPEED_HACE
          Enabling this allows the use of SHA operations in hardware without
          requiring the SHA software implementations. It also improves performance
          and saves code size.
+
+config ASPEED_ACRY
+       bool "ASPEED RSA and ECC Engine"
+       depends on ASPEED_AST2600
+       help
+        Select this option to enable a driver for using the RSA/ECC engine in
+        the ASPEED BMC SoCs.
+
+        Enabling this allows the use of RSA/ECC operations in hardware without requiring the
+        software implementations. It also improves performance and saves code size.

diff --git a/drivers/crypto/aspeed/Makefile b/drivers/crypto/aspeed/Makefile
index 84e6bfe..58b55fc 100644 (file)
--- a/drivers/crypto/aspeed/Makefile
+++ b/drivers/crypto/aspeed/Makefile
@@ -1 +1,2 @@
 obj-$(CONFIG_ASPEED_HACE) += aspeed_hace.o
+obj-$(CONFIG_ASPEED_ACRY) += aspeed_acry.o

diff --git a/drivers/crypto/aspeed/aspeed_acry.c b/drivers/crypto/aspeed/aspeed_acry.c
new file mode 100644 (file)
index 0000000..c28cdf3
--- /dev/null
+++ b/drivers/crypto/aspeed/aspeed_acry.c
@@ -0,0 +1,190 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2021 ASPEED Technology Inc.
+ */
+#include <config.h>
+#include <common.h>
+#include <clk.h>
+#include <dm.h>
+#include <asm/types.h>
+#include <asm/io.h>
+#include <dm/device.h>
+#include <dm/fdtaddr.h>
+#include <linux/delay.h>
+#include <u-boot/rsa-mod-exp.h>
+
+/* ACRY register offsets */
+#define ACRY_CTRL1             0x00
+#define   ACRY_CTRL1_RSA_DMA           BIT(1)
+#define   ACRY_CTRL1_RSA_START         BIT(0)
+#define ACRY_CTRL2             0x44
+#define ACRY_CTRL3             0x48
+#define   ACRY_CTRL3_SRAM_AHB_ACCESS   BIT(8)
+#define   ACRY_CTRL3_ECC_RSA_MODE_MASK GENMASK(5, 4)
+#define   ACRY_CTRL3_ECC_RSA_MODE_SHIFT        4
+#define ACRY_DMA_DRAM_SADDR    0x4c
+#define ACRY_DMA_DMEM_TADDR    0x50
+#define   ACRY_DMA_DMEM_TADDR_LEN_MASK GENMASK(15, 0)
+#define   ACRY_DMA_DMEM_TADDR_LEN_SHIFT        0
+#define ACRY_RSA_PARAM         0x58
+#define   ACRY_RSA_PARAM_EXP_MASK      GENMASK(31, 16)
+#define   ACRY_RSA_PARAM_EXP_SHIFT     16
+#define   ACRY_RSA_PARAM_MOD_MASK      GENMASK(15, 0)
+#define   ACRY_RSA_PARAM_MOD_SHIFT     0
+#define ACRY_RSA_INT_EN                0x3f8
+#define   ACRY_RSA_INT_EN_RSA_READY    BIT(2)
+#define   ACRY_RSA_INT_EN_RSA_CMPLT    BIT(1)
+#define ACRY_RSA_INT_STS       0x3fc
+#define   ACRY_RSA_INT_STS_RSA_READY   BIT(2)
+#define   ACRY_RSA_INT_STS_RSA_CMPLT   BIT(1)
+
+/* misc. constant */
+#define ACRY_ECC_MODE  2
+#define ACRY_RSA_MODE  3
+#define ACRY_CTX_BUFSZ 0x600
+
+struct aspeed_acry {
+       phys_addr_t base;
+       phys_addr_t sram_base; /* internal sram */
+       struct clk clk;
+};
+
+static int aspeed_acry_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
+                              struct key_prop *prop, uint8_t *out)
+{
+       int i, j;
+       u8 *ctx;
+       u8 *ptr;
+       u32 reg;
+       struct aspeed_acry *acry = dev_get_priv(dev);
+
+       ctx = memalign(16, ACRY_CTX_BUFSZ);
+       if (!ctx)
+               return -ENOMEM;
+
+       memset(ctx, 0, ACRY_CTX_BUFSZ);
+
+       ptr = (u8 *)prop->public_exponent;
+       for (i = prop->exp_len - 1, j = 0; i >= 0; --i) {
+               ctx[j] = ptr[i];
+               j++;
+               j = (j % 16) ? j : j + 32;
+       }
+
+       ptr = (u8 *)prop->modulus;
+       for (i = (prop->num_bits >> 3) - 1, j = 0; i >= 0; --i) {
+               ctx[j + 16] = ptr[i];
+               j++;
+               j = (j % 16) ? j : j + 32;
+       }
+
+       ptr = (u8 *)sig;
+       for (i = sig_len - 1, j = 0; i >= 0; --i) {
+               ctx[j + 32] = ptr[i];
+               j++;
+               j = (j % 16) ? j : j + 32;
+       }
+
+       writel((u32)ctx, acry->base + ACRY_DMA_DRAM_SADDR);
+
+       reg = (((prop->exp_len << 3) << ACRY_RSA_PARAM_EXP_SHIFT) & ACRY_RSA_PARAM_EXP_MASK) |
+                 ((prop->num_bits << ACRY_RSA_PARAM_MOD_SHIFT) & ACRY_RSA_PARAM_MOD_MASK);
+       writel(reg, acry->base + ACRY_RSA_PARAM);
+
+       reg = (ACRY_CTX_BUFSZ << ACRY_DMA_DMEM_TADDR_LEN_SHIFT) & ACRY_DMA_DMEM_TADDR_LEN_MASK;
+       writel(reg, acry->base + ACRY_DMA_DMEM_TADDR);
+
+       reg = (ACRY_RSA_MODE << ACRY_CTRL3_ECC_RSA_MODE_SHIFT) & ACRY_CTRL3_ECC_RSA_MODE_MASK;
+       writel(reg, acry->base + ACRY_CTRL3);
+
+       writel(ACRY_CTRL1_RSA_DMA | ACRY_CTRL1_RSA_START, acry->base + ACRY_CTRL1);
+
+       /* polling RSA status */
+       while (1) {
+               reg = readl(acry->base + ACRY_RSA_INT_STS);
+               if ((reg & ACRY_RSA_INT_STS_RSA_READY) && (reg & ACRY_RSA_INT_STS_RSA_CMPLT)) {
+                       writel(reg, ACRY_RSA_INT_STS);
+                       break;
+               }
+               udelay(20);
+       }
+
+       /* grant SRAM access permission to CPU */
+       writel(0x0, acry->base + ACRY_CTRL1);
+       writel(ACRY_CTRL3_SRAM_AHB_ACCESS, acry->base + ACRY_CTRL3);
+       udelay(20);
+
+       for (i = (prop->num_bits / 8) - 1, j = 0; i >= 0; --i) {
+               out[i] = readb(acry->sram_base + (j + 32));
+               j++;
+               j = (j % 16) ? j : j + 32;
+       }
+
+       /* return SRAM access permission to ACRY */
+       writel(0, acry->base + ACRY_CTRL3);
+
+       free(ctx);
+
+       return 0;
+}
+
+static int aspeed_acry_probe(struct udevice *dev)
+{
+       struct aspeed_acry *acry = dev_get_priv(dev);
+       int ret;
+
+       ret = clk_get_by_index(dev, 0, &acry->clk);
+       if (ret < 0) {
+               debug("Can't get clock for %s: %d\n", dev->name, ret);
+               return ret;
+       }
+
+       ret = clk_enable(&acry->clk);
+       if (ret) {
+               debug("Failed to enable acry clock (%d)\n", ret);
+               return ret;
+       }
+
+       acry->base = devfdt_get_addr_index(dev, 0);
+       if (acry->base == FDT_ADDR_T_NONE) {
+               debug("Failed to get acry base\n");
+               return acry->base;
+       }
+
+       acry->sram_base = devfdt_get_addr_index(dev, 1);
+       if (acry->sram_base == FDT_ADDR_T_NONE) {
+               debug("Failed to get acry SRAM base\n");
+               return acry->sram_base;
+       }
+
+       return ret;
+}
+
+static int aspeed_acry_remove(struct udevice *dev)
+{
+       struct aspeed_acry *acry = dev_get_priv(dev);
+
+       clk_disable(&acry->clk);
+
+       return 0;
+}
+
+static const struct mod_exp_ops aspeed_acry_ops = {
+       .mod_exp = aspeed_acry_mod_exp,
+};
+
+static const struct udevice_id aspeed_acry_ids[] = {
+       { .compatible = "aspeed,ast2600-acry" },
+       { }
+};
+
+U_BOOT_DRIVER(aspeed_acry) = {
+       .name = "aspeed_acry",
+       .id = UCLASS_MOD_EXP,
+       .of_match = aspeed_acry_ids,
+       .probe = aspeed_acry_probe,
+       .remove = aspeed_acry_remove,
+       .priv_auto = sizeof(struct aspeed_acry),
+       .ops = &aspeed_acry_ops,
+       .flags = DM_FLAG_PRE_RELOC,
+};

diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index 469596a..be9775b 100644 (file)
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -1,7 +1,8 @@
 config RSA
        bool "Use RSA Library"
        select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX7ULP && !ARCH_MX6 && !ARCH_MX5
-       select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
+       select RSA_ASPEED_EXP if ASPEED_ACRY
+       select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
        help
          RSA support. This enables the RSA algorithm used for FIT image
          verification in U-Boot.
@@ -62,4 +63,11 @@ config RSA_FREESCALE_EXP
        Enables driver for RSA modular exponentiation using Freescale cryptographic
        accelerator - CAAM.
 
+config RSA_ASPEED_EXP
+       bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
+       depends on DM && ASPEED_ACRY
+       help
+       Enables driver for RSA modular exponentiation using ASPEED cryptographic
+       accelerator - ACRY
+
 endif