Support Agilex5 B0 jtag id for fpga reconfig.
Change-Id: I4efb5a046a0f11009a1f08412ff0e48f376c94e1
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Currently the FPGA reconfig status only return a single error status
which make the debugging of FPGA reconfiguration hard.
This patch is to expose the error status, major error code and
minor error code, for the FPGA reconfig to upper layer app.
Change-Id: I2fc68e30b45ff137f3e52f9569fdf2eaf2ca94ee
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
This change is to add in new Mailbox CMD to SDM for MPFE isolation.
Change-Id: I52c84dc227e1c8edbded63c699ded63e431d9af2
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
This is for SMMU and Remapper enabled/disabled for
Linux FCS feature. The JTAG ID is to determine which
Agilex5 model shall be implemented.
Change-Id: Ib10d0062de8f6e27413af3dd271d97b9c2e5c079
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
This patch is to add in missing ECC register (INITSTAT)
Change-Id: Iecf03dc9597ec2884901c132fb9cef7e90ab06a0
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Linux RSU receive QSPI device info from SDM and report to user about
the device info.
Change-Id: Ib41692c9c4888c745a48a0609396aef0ca7fe25b
Signed-off-by: Kah Jing Lee <kah.jing.lee@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
* changes:
feat(intel): support QSPI ECC Linux for Agilex
feat(intel): support QSPI ECC Linux for N5X
feat(intel): support QSPI ECC Linux for Stratix10
feat(intel): add in QSPI ECC for Linux
Add QSPI ECC new opcodes for Linux to access to SDM register
Change-Id: I548e30340320ae2c2c9d60d20b218ee844516d64
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Add QSPI ECC new opcodes for Linux to access to SDM register
Change-Id: If9ac35afdddb91db6bad6b474060cd001f6d89e6
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Remap base address for SDM to access DRAM.
Change-Id: If064bd1ff4571d3217b136d9b5ebbfdecb68231e
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Linux RAS shall handle the SEU error received from SDM and report
an error message to user
Change-Id: I89181a388063ce9bd6f56b45b1851ccb08582437
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Update DDR range checking for Agilex when total max size of
DRAM_BASE and DRAM_SIZE overflow unsigned 64bit.
Change-Id: Iaecfa5daae48da0af46cc1831d10c0e6a79613c2
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
This patch is used to enable mailbox and SMC support
for Agilex5 SoC FPGA.
1. Enabled mailbox and SMC support.
2. Updated product name -> Agilex5
3. Updated register address based on y22ww52.2 RTL
4. Updated TSN register base address
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I152bee5668b96ef599ded09945167f27a71f23fe
Add smc function id for intel_rsu_update() in sip_svc_v2. For temporarily
saving the RSU application image address before a cold reset is
issued.
Signed-off-by: Mahesh Rao <mahesh.rao@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I43bc7bd5aa5fa9238bceba1d826bf0a34ff87adb
This patch is to restructure system manager. Move platform dependent
MACROs to individual platform system manager. Common system manager will
remain for those common declaration only.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I2f52d3eaf47716f7dfc636bbf1a23d68a04f39cb
Add checking on the size of source data does not exceed source size
when using memcpy and memset.
Add checking on the size of source data in FPGA Crypto Service does
not exceed the maximum of expected data size and does not meet the
minimum of expected data size.
Signed-off-by: Phui Kei Wong <phui.kei.wong@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Idb18f05c18d9142fbe703c3f4075341d179d8bad
Enable SEU ERR read interfaces for non-secure world to read out SEU status
for DDR.
SEU ERR SMC opcode updated to 0xC2000099
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I0618dfcdc86a7c1e0c8047b7214d369866dd2281
Add 2 more mailbox error return status for FCS_DECRYPTION when sending
mailbox command to SDM
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ifff4faa397232cc0080f9fca6f6948ac305915c4
This patch is to extend support SMMU in FCS GET_DIGEST, MAC_VERIFY,
ECDSA_SHA2_DATA_SIGNING and ECDSA_SHA2_DATA_SIGNATURE_VERIFY.
It also will change to use asynchronous mailbox send command to improve
fcs_client timing performance.
Increase the SIP_SVC_VERSION_MAJOR because SMMU support is not backward
compatible.
Increase the SIP_SVC_VERSION_MINOR because 8 news function IDs are
introduced.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I15e619e246531b065451f9b201646f3c50e26307
Remove high level logic hardware channel checking on HWMON
TEMP and VOLT read.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I9102b7b4334cb95f0b622c498a6569328f534d42
This patch is to fix configuration status command now returns
the result based on the last config start command made to the
runtime software. The status type can be either:
- NO_REQUEST (default)
- RECONFIGURATION
- BITSTREAM_AUTH
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I1ce4b7b4c741d88de88778f8fbed7dfe83a39fbc
This patch is to add flash dcache after return
response in INTEL_SIP_SMC_MBOX_SEND_CMD.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ie9451e352f2b7c41ebb44a1f6be9da35f4600fb9
This patch is to extend to support large file size
for SHA2/HMAC get digest and verifying. The large
file will be split into smaller chunk and send using
initialize, update and finalize staging method.
Signed-off-by: Yuslaimi, Alif Zakuan <alif.zakuan.yuslaimi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I1815deeb61287b32c3e77c5ac1b547b79ef12674
This patch is to extend to support large file size
for SHA-2 ECDSA data signing and signature verifying.
The large file will be split into smaller chunk and
send using initialize, update and finalize staging method.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: If277b2b375a404fe44b0858006c8ba6316a5ce23
This patch is to extend to support large file size
for AES encryption and decryption. The large file
will be split into smaller chunk and send using
initialize, update and finalize staging method.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ie2ceaf247e0d7082aad84faf399fbd18d129c36a
A separated SMC function ID of non-mailbox command
is introduced for the new format of SMC protocol.
The new format of SMC procotol will be started
using by Zephyr.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I01cff2739364b1bda2ebb9507ddbcef6095f5d29
Update to support maximum (4092 bytes) response data size.
And, clean up the intel_smc_service_completed function to
directly write the response data to addr to avoid additional
copy.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I0a230e73c563d22e6999ad3473587b07382dacfe
Supporting the command to send digital signature verification
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpool 256 and, Branpool 384
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ic86f531bfe7cc7606699f2b064ac677aaf806a76
Supporting the command to send digital signature signing
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpool 256 and, Branpool 384
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I12cf0f1ceaf07c33a110eae398d3ad82a9b13d38
This command sends the request on generating a share secret on
Diffie-Hellman key exchange.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ic7c8470cf036ea8c17bf87401f49936950b3e1d6
This command support ECC based signature verification on a blob.
Supported ECC algorithm are NISP P-256, NISP P-384, Brainpool 256
and Brainpool 384.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I7f43d2a69bbe6693ec1bb90f32b817cf00f9f5ae
This command support ECC based signing on a blob. Supported ECC algorithm
are NISP P-256, NISP P-384, Brainpool 256 and Brainpool 384.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I82f95ddafa6b62f8cd882fce9a3e63e469c85067
To support the ECDSA feature and send the command
as a request to get the public key
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I9d7bb5b6ab8ef7d4f3ceb21ff0068baf3175a1ac
Extends existing Secure Data Object Service (SDOS) encryption and
decryption mailbox command to include session id and context id. The
new format requires an opened crypto service session.
A separated SMC function ID is introduced for the new format and it is
only supported by Agilex.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I2627750e8337c1af66217e9cb45981a9e06e7d19
Enable Support for AES Crypt Service to send request
to encrypt or decrypt a blob. Command will send a memory
location that SDM will read and also memory location that
SDM will write back after encryption or decryption operation.
Response will be sent back after the crypto operation is done,
and data is written back to the destination
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I86ea4ff64dda2fbb1000591e30fa8cb2640ce954
This command sends request on checking the integrity and authenticity
of a blob by comparing the calculated MAC with tagged MAC. The
comparison result will be returned in response.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ifefdf67f088d7612d2ec2459d71faf2ec8181222
This command is to request the SHA-2 hash digest on a blob.
If input has a key, the output shall be key-hash digest.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I08cb82d89a8e8f7bfe04f5f01e079ea49fe38cf5
The random number generation (RNG) mailbox command format
is updated to extends the support to upto 4080 bytes random
number generation. The new RNG format requires an opened
crypto service session.
A separated SMC function ID is introduced for the new RNG
format and it is only supported by Agilex.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I3f044a3c01ff7cb50be4705e2c1f982bf6f61432
Support crypto service key operation mailbox commands through SMC.
Crypto service key operation begin by sending an open crypto service
session request to SDM firmware. Once successfully open the session,
send crypto service key management commands (import, export, remove
and get key info) with the associated session id to SDM firmware.
The crypto service key is required before perform any crypto service
(encryption, signing, etc). Last, close the session after finishes
crypto service. All crypto service keys associated with this session
will be erased by SDM firmware.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I02406533f38b9607eb1ec7e1395b9dc2d084a9e3
Support crypto service open and close session mailbox commands through
SMC.
Crypto service support begin by sending an open crypto service session
request to SDM firmware. Last, close the session after finishes crypto
service. All crypto service parameters with this session will be erased
by SDM firmware.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I48968498bbd6f2e71791f4ed38dd5f369e171082
This patch extends the functionality of FPGA Crypto Services (FCS) to
support FPGA Attestation feature in Agilex device.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I3c2e29d2fa04d394e9f65d8143d7f4e57389cd02
This patch will introduce a generic error code (0x3ff)
to be used in case where Secure Device Manager (SDM)
mailbox request is not failing (returns OK with no error
code) but BL31 instead wants to return error/reject
to the calling software. This value aligns with generic
error code implemented in SDM for consistency.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I9894c7df8897fff9aa80970940a6f3f6bfa30bb7
Allows non-secure software to access FPGA Crypto Services (FCS)
through secure monitor calls (SMC).
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I805b3f650abf5e118e2c55e469866d5d0ca68048
Extend the functionality of FPGA Crypto Service
(FCS) to support FPGA single certificate feature
so that the counter value can be updated with
only one preauthorized certificate
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ibde87e4ee46367cf7f27f7bb0172838ab8766340
This is to extend the functionality of FPGA Crypto Service (FCS)
to support FPGA Attestation feature in Stratix 10 device.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ib15783383dc9a06a2f0dc6dc1786f44b89f32cb1
This change is to re-align HPS cryption logic with
underlying Secure Device Manager's (SDM) mailbox API.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I8fc90982d3cddceaf401c1a112ff8e20861bf4c5
