Hi Horia,
Job Rings can be set to be exclusively used by TrustZone which makes
the access to those rings only possible from Secure World. This
access
separation is defined by setting bits in CAAM JRxDID_MS register.
Once
reserved to be owned by TrustZone, this Job Ring becomes unavailable
for the Kernel. This reservation is performed early in the boot
process, even before the Kernel starts, which leads to
unavailability
of the HW at the probing stage. Moreover, the reservation can be
done
for any Job Ring and is not under control of the Kernel.
Current implementation lists Job Rings as child nodes of CAAM
driver,
and tries to perform probing on those regardless of whether JR HW is
accessible or not.
This leads to the following error while probing:
[ 1.509894] caam 30900000.crypto: job rings = 3, qi = 0
[ 1.525201] caam_jr 30901000.jr: failed to flush job ring 0
[ 1.525214] caam_jr: probe of 30901000.jr failed with error -5
Implement a dynamic mechanism to identify which Job Ring is actually
marked as owned by TrustZone, and fail the probing of those child
nodes with -ENODEV.
For other reviewers/maintainers: I'm still not sure this is the way
to go. Instead
one can let u-boot fix up the device tree and remove or disable the
JR node if its
not available.
Just as further clarification: this patch is intended to accommodate
for cases where
JR is claimed in S world at the boot and not available for Kernel. It
does not account
for fully dynamic cases, where JRs can be reclaimed between S <-> NS
Worlds
during runtime. It rather accounts for situation when any arbitrary JR
can be reserved
by any software entity before Kernel starts without a need to disable
nodes at
compile time.
I prefer f/w to fix the DT before passing it to the kernel,
either by adding the "secure-status" property (set explicitly to
"disabled")
or by removing the job ring node(s) that are reserved.
OP-TEE already uses the first option. We should probably pick this up.
Ah, nice:
Documentation/devicetree/bindings/arm/secure.txt
If I understand this correctly, if optee reserves a JR it will set the
secure-status to okay and status to disabled. (There is still a missing
link, how u-boot will then be passed this modified device tree, I might
miss something here.)
But what about the HAB, if I understand Andrey correct, then JR0 will
already be marked as "S world only" (or at least no EL3 program will
release it again). To me it looks like then either JR0 should be
(1) hardcoded to secure-status = "okay", status = "disabled", or (2)
u-boot SPL (or TF-A) should return it to NS world (and optee might
take it over again).
The reason I am supporting relying on DT and consequently avoiding
registers
is that accessing page 0 in the caam register space from Non-secure
world
should be avoided when caam is managed by Secure world (e.g. OP-TEE)
or a Secure Enclave (e.g. SECO).
Unfortunately support for HW-enforced access control for caam register
space
is not that great / fine-grained, with the exception of more recent
parts
like i.MX8MP and i.MX8ULP.
-michael