[PATCH v7 01/11] Documentation/firmware: added imx/se-fw to other_interfaces

From: Pankaj Gupta
Date: Mon Oct 30 2023 - 06:00:39 EST

Next message: Pankaj Gupta: "[PATCH v7 02/11] dt-bindings: arm: fsl: add imx-se-fw binding doc"
Previous message: Pankaj Gupta: "[PATCH v7 00/11] firmware: imx: NXP Secure-Enclave FW Driver"
In reply to: Pankaj Gupta: "[PATCH v7 00/11] firmware: imx: NXP Secure-Enclave FW Driver"
Next in thread: Krzysztof Kozlowski: "Re: [PATCH v7 01/11] Documentation/firmware: added imx/se-fw to other_interfaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Documented i.MX SoC's Service layer and C_DEV driver for SoC(s)
enabled with hardware IP for secure-enclaves like:
- edgelock enclave on i.MX93 & i.MX8ULP

Signed-off-by: Pankaj Gupta <pankaj.gupta@xxxxxxx>
---
.../driver-api/firmware/other_interfaces.rst | 67 +++++++++++++++++++
1 file changed, 67 insertions(+)

diff --git a/Documentation/driver-api/firmware/other_interfaces.rst b/Documentation/driver-api/firmware/other_interfaces.rst
index 06ac89adaafb..1d21b88ef20e 100644
--- a/Documentation/driver-api/firmware/other_interfaces.rst
+++ b/Documentation/driver-api/firmware/other_interfaces.rst
@@ -49,3 +49,70 @@ of the requests on to a secure monitor (EL3).

.. kernel-doc:: drivers/firmware/stratix10-svc.c
:export:
+
+NXP i.MX Secure Enclave Enabled SoC Service layer and C_DEV driver
+------------------------------------------------------------------
+The NXP's i.MX HW IP like EdgeLock-Enclave, creating an embedded secure
+enclave within the SoC boundary to enable features like
+ - HSM
+ - SHE
+ - V2X
+
+SoC enabled with the NXP i.MX secure enclave IP(s) like EdgeLock-Enclave(ELE),
+are: i.MX93, i.MX8ULP.
+
+This driver exposes two interfaces:
+- service layer: This layer takes the two mutex locks:
+ "mu_cmd_lock" is taken to ensure one service is processed at a time. This
+ lock is not unlocked, till one service processing is complete. Multiple
+ messages can be exchanged with FW as part of one service processing.
+ "mu_lock" is taken to ensure one message is sent over MU at a time. This
+ lock is unlocked, post sending the message.
+
+- c_dev:
+ This driver configures multiple misc-devices on the MU, to exchange
+ messages from User-space application and NXP's Edgelocke Enclave firmware.
+ The driver ensures that the messages must follow the following protocol
+ defined.
+
+ Non-Secure + Secure
+ |
+ |
+ +---------+ +-------------+ |
+ | se_fw.c +<---->+imx-mailbox.c| |
+ | | | mailbox.c +<-->+------+ +------+
+ +---+-----+ +-------------+ | MU X +<-->+ ELE |
+ | +------+ +------+
+ +----------------+ |
+ | | |
+ v v |
+ logical logical |
+ receiver waiter |
+ + + |
+ | | |
+ | | |
+ | +----+------+ |
+ | | | |
+ | | | |
+ device_ctx device_ctx device_ctx |
+ |
+ User 0 User 1 User Y |
+ +------+ +------+ +------+ |
+ |misc.c| |misc.c| |misc.c| |
+ kernel space +------+ +------+ +------+ |
+ |
+ +------------------------------------------------------ |
+ | | | |
+ userspace /dev/ele_muXch0 | | |
+ /dev/ele_muXch1 | |
+ /dev/ele_muXchY |
+ |
+
+When a user sends a command to the firmware, it registers its device_ctx
+as waiter of a response from firmware.
+
+Enclave's Firmware owns the storage management, over linux filesystem.
+For this c_dev provisions a dedicated slave device called "receiver".
+
+.. kernel-doc:: drivers/firmware/imx/se_fw.c
+ :export:
--
2.34.1

Next message: Pankaj Gupta: "[PATCH v7 02/11] dt-bindings: arm: fsl: add imx-se-fw binding doc"
Previous message: Pankaj Gupta: "[PATCH v7 00/11] firmware: imx: NXP Secure-Enclave FW Driver"
In reply to: Pankaj Gupta: "[PATCH v7 00/11] firmware: imx: NXP Secure-Enclave FW Driver"
Next in thread: Krzysztof Kozlowski: "Re: [PATCH v7 01/11] Documentation/firmware: added imx/se-fw to other_interfaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]