Re: [PATCH v12 1/5] Documentation/firmware: add imx/se to other_interfaces

["Ivan T. Ivanov" <iivanov@xxxxxxx>]

Hi,

On 01-20 22:22, Pankaj Gupta wrote:
> 
> Documents i.MX SoC's Service layer and C_DEV driver for selected SoC(s)
> that contains the NXP hardware IP(s) for Secure Enclaves(se) like:
> - NXP EdgeLock Enclave on i.MX93 & i.MX8ULP
> 
> Signed-off-by: Pankaj Gupta <pankaj.gupta@xxxxxxx>
> ---
>  .../driver-api/firmware/other_interfaces.rst       | 121 +++++++++++++++++++++
>  1 file changed, 121 insertions(+)
> 

<snip>

> +
> +- c_dev:
> +  This layer offers character device contexts, created as '/dev/<se>_mux_chx'.
> +  Using these multiple device contexts that are getting multiplexed over a single MU,
> +  userspace application(s) can call fops like write/read to send the command message,
> +  and read back the command response message to/from Firmware.
> +  fops like read & write use the above defined service layer API(s) to communicate with
> +  Firmware.
> +
> +  Misc-device(/dev/<se>_mux_chn) synchronization protocol:
> +
> +                                Non-Secure               +   Secure
> +                                                         |
> +                                                         |
> +                  +---------+      +-------------+       |
> +                  | se_fw.c +<---->+imx-mailbox.c|       |
> +                  |         |      |  mailbox.c  +<-->+------+    +------+
> +                  +---+-----+      +-------------+    | MU X +<-->+ ELE |
> +                      |                               +------+    +------+
> +                      +----------------+                 |
> +                      |                |                 |
> +                      v                v                 |
> +                  logical           logical              |
> +                  receiver          waiter               |
> +                     +                 +                 |
> +                     |                 |                 |
> +                     |                 |                 |
> +                     |            +----+------+          |
> +                     |            |           |          |
> +                     |            |           |          |
> +              device_ctx     device_ctx     device_ctx   |
> +                                                         |
> +                User 0        User 1       User Y        |
> +                +------+      +------+     +------+      |
> +                |misc.c|      |misc.c|     |misc.c|      |
> + kernel space   +------+      +------+     +------+      |
> +                                                         |
> + +------------------------------------------------------ |
> +                    |             |           |          |
> + userspace     /dev/ele_muXch0    |           |          |
> +                          /dev/ele_muXch1     |          |
> +                                        /dev/ele_muXchY  |
> +                                                         |

I tried these patches on FRDM i.MX 93 board using this
devicetree excerpt:

	ele_if0: secure-enclave {
		compatible = "fsl,imx93-se";
		mbox-names = "tx", "rx";
		mboxes = <&s4muap 0 0>,
			<&s4muap 1 0>;
		memory-region = <&ele_reserved>;
	};

	ele_reserved: ele-reserved@a4120000 {
		compatible = "shared-dma-pool";
		reg = <0 0xa4120000 0 0x100000>;
		no-map;
	};

Unfortunately I do not see these device nodes, but only /dev/hsm0_ch0.

...
fsl-se secure-enclave: i.MX secure-enclave: hsm0 interface to firmware, configured.
...

This matches SE_TYPE_STR_HSM, so perhaps documentation needs updating.

Then I build imx-secure-enclave user space tools. I have to update device
nodes ELE_MU_HSM_PATH_xxx to match what c_dev exports, hopefully I
patched it in the right place :-)

Unfortunately just starting  nvm_daemon gives me following kernel
crash [1].

Please could you point me to the proper instruction how to test this?

Thank you,
Ivan

---
# ./usr/bin/nvm_daemon  ./etc/file ./etc/ 0

[  597.387002][    C0] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010
[  597.396866][    C0] Mem abort info:
[  597.400347][    C0]   ESR = 0x0000000096000006
[  597.404775][    C0]   EC = 0x25: DABT (current EL), IL = 32 bits
[  597.410764][    C0]   SET = 0, FnV = 0
[  597.414499][    C0]   EA = 0, S1PTW = 0
[  597.418321][    C0]   FSC = 0x06: level 2 translation fault
[  597.423877][    C0] Data abort info:
[  597.427438][    C0]   ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000
[  597.433600][    C0]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[  597.439329][    C0]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[  597.445318][    C0] user pgtable: 4k pages, 48-bit VAs, pgdp=00000000a04ac000
[  597.452433][    C0] [0000000000000010] pgd=08000000a04b0003, p4d=08000000a04b0003, pud=08000000a04b3003, pmd=0000000000000000
[  597.463728][    C0] Internal error: Oops: 0000000096000006 [#1] SMP
[  597.469985][    C0] Modules linked in: af_packet trusted caam_jr caamhash_desc caamalg_desc caam error crypto_engine asn1_encoder authenc libdes btnxpuart snd_soc_fsl_asoc_card snd_soc_imx_audmux snd_soc_simple_card_utils snd_ac97_codec snd_soc_fsl_sai bluetooth fsl_imx9_ddr_perf imx_pcm_dma snd_soc_fsl_utils qoriq_thermal ecdh_generic rfkill snd_soc_fsl_mqs flexcan snd_soc_core snd_compress can_dev optee sec_enclave(OE) imx_rproc ac97_bus ffa_core snd_pcm_dmaengine tee snd_pcm snd_timer snd soundcore nls_iso8859_1 nls_cp437 vfat fat uio_pdrv_genirq fuse dmi_sysfs ip_tables x_tables spidev mmc_block rpmb_core tcpci tcpm typec rtc_pcf2127 crct10dif_ce pca9450_regulator ci_hdrc_imx 8021q ci_hdrc ghash_ce usb_otg_fsm garp gf128mul ulpi mrp sm4 sha2_ce udc_core sha256_arm64 pwrseq_simple roles ehci_hcd sha1_ce dwmac_imx usbcore phy_generic gpio_keys usb_common nvmem_imx_ocotp_ele usbmisc_imx sdhci_esdhc_imx stmmac_platform sdhci_pltfm stmmac cqhci sdhci pwm_imx_tpm mmc_core pcs_xpcs i2c_imx_lpi2c phylink spi_fsl_lpspi imx7ulp_wdt
[  597.470224][    C0]  fsl_edma fixed overlay btrfs blake2b_generic xor xor_neon raid6_pq libcrc32c sunrpc dm_mirror dm_region_hash dm_log dm_mod be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi sd_mod sg scsi_mod scsi_common br_netfilter bridge stp llc efivarfs aes_neon_bs aes_neon_blk aes_ce_blk aes_ce_cipher
[  597.595841][    C0] Supported: No, Unreleased kernel
[  597.600794][    C0] CPU: 0 UID: 0 PID: 1912 Comm: nvm_daemon Tainted: G           OE        6.12.0-g6dd51d0 #1  (unreleased) 1bbfa4b46f0796a1c0b0abee639edd3b3230f00f
[  597.617891][    C0] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[  597.623877][    C0] Hardware name: fsl NXP i.MX93 11X11 FRDM board/NXP i.MX93 11X11 FRDM board, BIOS 2024.04-00004-g27baba14a58-dirty 04/01/2024
[  597.636801][    C0] pstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  597.644443][    C0] pc : se_if_rx_callback+0xa8/0x1f0 [sec_enclave]
[  597.650709][    C0] lr : mbox_chan_received_data+0x24/0x40
[  597.656187][    C0] sp : ffff800080003e20
[  597.660182][    C0] x29: ffff800080003e20 x28: ffff000085e60080 x27: 000000000000001b
[  597.667999][    C0] x26: ffff0000e89f388c x25: 0000000000000004 x24: ffff0000996a4ac8
[  597.675816][    C0] x23: ffff0000a43e3810 x22: ffff0000996a4ac8 x21: ffff0000996a4a80
[  597.683634][    C0] x20: 000000000000000c x19: ffff0000e89f3880 x18: 0000000000000000
[  597.691451][    C0] x17: ffff80007d89b000 x16: ffff800080000000 x15: 0000000000000000
[  597.699268][    C0] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000
[  597.707086][    C0] x11: 0000000000000040 x10: ffff0000801fab30 x9 : ffff800080cbfbfc
[  597.714903][    C0] x8 : ffff000080400948 x7 : 0000000000000000 x6 : 0000000000000000
[  597.722720][    C0] x5 : 0000000000000008 x4 : 000000000000000c x3 : 00000000e1100307
[  597.730538][    C0] x2 : 0000000000000000 x1 : ffff80007bb5fb98 x0 : ffff0000a43e3810
[  597.738356][    C0] Call trace:
[  597.741485][    C0]  se_if_rx_callback+0xa8/0x1f0 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[  597.750957][    C0]  mbox_chan_received_data+0x24/0x40
[  597.756087][    C0]  imx_mu_specific_rx+0x1ec/0x280
[  597.760958][    C0]  imx_mu_isr+0x314/0x340
[  597.765135][    C0]  __handle_irq_event_percpu+0x58/0x240
[  597.770526][    C0]  handle_irq_event+0x54/0xd0
[  597.775041][    C0]  handle_fasteoi_irq+0xac/0x1e0
[  597.779825][    C0]  handle_irq_desc+0x48/0x70
[  597.784254][    C0]  generic_handle_domain_irq+0x24/0x40
[  597.789549][    C0]  gic_handle_irq+0x11c/0x260
[  597.794073][    C0]  call_on_irq_stack+0x24/0x30
[  597.798684][    C0]  do_interrupt_handler+0x88/0xa0
[  597.803554][    C0]  el1_interrupt+0x44/0xd0
[  597.807818][    C0]  el1h_64_irq_handler+0x18/0x30
[  597.812602][    C0]  el1h_64_irq+0x7c/0x80
[  597.816684][    C0]  _raw_spin_unlock_irq+0x14/0x70
[  597.821555][    C0]  wait_for_completion_interruptible+0x28/0x50
[  597.827544][    C0]  ele_msg_rcv+0xa0/0x100 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[  597.836488][    C0]  se_if_fops_read+0xc8/0x1f0 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[  597.845779][    C0]  vfs_read+0xcc/0x320
[  597.849696][    C0]  ksys_read+0x78/0x120
[  597.853691][    C0]  __arm64_sys_read+0x24/0x40
[  597.858207][    C0]  invoke_syscall+0x70/0x100
[  597.862644][    C0]  el0_svc_common.constprop.0+0x48/0xf0
[  597.868034][    C0]  do_el0_svc+0x24/0x40
[  597.872038][    C0]  el0_svc+0x3c/0x170
[  597.875869][    C0]  el0t_64_sync_handler+0x120/0x130
[  597.880913][    C0]  el0t_64_sync+0x1a8/0x1b0
[  597.885258][    C0] Code: b9400263 2a1403e4 f0fffe61 912e6021 (f9400842)
[  597.892035][    C0] ---[ end trace 0000000000000000 ]---
[  597.897330][    C0] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[  597.904878][    C0] SMP: stopping secondary CPUs
[  597.909521][    C0] Kernel Offset: disabled
[  597.913691][    C0] CPU features: 0x0,0000000c,00000004,00280928,4201721b
[  597.920468][    C0] Memory Limit: none
[  597.924205][    C0] Rebooting in 90 seconds..