Commit db484534 authored by Siva Durga Prasad Paladugu's avatar Siva Durga Prasad Paladugu
Browse files

zynqmp: Add ATF support for Data blob encryption and decryption



This patch adds ATF support for AES data blob encrypt/decrypt.
ATF establishes a path to send the address of the structure
to the xilsecure, so that it will pick addresses of the data
and performs the requested operation (encrypt/decrypt) and puts
the result in load address.

where structure contains
- Data blob src address
- load address
- IV address
- Key address - this will actual key addr in case of KUP
		else it will be zero.
- Data-size
- Aes-op type
- KeySrc
Signed-off-by: default avatarKalyani Akula <kalyani.akula@xilinx.com>
Signed-off-by: default avatarSiva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
parent 976c2680
...@@ -601,6 +601,30 @@ enum pm_ret_status pm_secure_rsaaes(uint32_t address_low, ...@@ -601,6 +601,30 @@ enum pm_ret_status pm_secure_rsaaes(uint32_t address_low,
return pm_ipi_send_sync(primary_proc, payload, NULL, 0); return pm_ipi_send_sync(primary_proc, payload, NULL, 0);
} }
/**
* pm_aes_engine() - Aes data blob encryption/decryption
* This function provides access to the xilsecure library to
* encrypt/decrypt data blobs.
*
* address_low: lower 32-bit address of the AesParams structure
*
* address_high: higher 32-bit address of the AesParams structure
*
* value: Returned output value
*
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_aes_engine(uint32_t address_high,
uint32_t address_low,
uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
/* Send request to the PMU */
PM_PACK_PAYLOAD3(payload, PM_SECURE_AES, address_high, address_low);
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
/** /**
* pm_pinctrl_request() - Request Pin from firmware * pm_pinctrl_request() - Request Pin from firmware
* @pin Pin number to request * @pin Pin number to request
......
...@@ -172,5 +172,8 @@ enum pm_ret_status pm_fpga_read(uint32_t reg_numframes, ...@@ -172,5 +172,8 @@ enum pm_ret_status pm_fpga_read(uint32_t reg_numframes,
uint32_t address_high, uint32_t address_high,
uint32_t readback_type, uint32_t readback_type,
uint32_t *value); uint32_t *value);
enum pm_ret_status pm_aes_engine(uint32_t address_high,
uint32_t address_low,
uint32_t *value);
#endif /* _PM_API_SYS_H_ */ #endif /* _PM_API_SYS_H_ */
...@@ -91,6 +91,7 @@ enum pm_api_id { ...@@ -91,6 +91,7 @@ enum pm_api_id {
PM_SECURE_IMAGE, PM_SECURE_IMAGE,
/* FPGA PL Readback */ /* FPGA PL Readback */
PM_FPGA_READ, PM_FPGA_READ,
PM_SECURE_AES,
PM_API_MAX PM_API_MAX
}; };
......
...@@ -555,6 +555,14 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3, ...@@ -555,6 +555,14 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32); SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32);
} }
case PM_SECURE_AES:
{
uint32_t value;
ret = pm_aes_engine(pm_arg[0], pm_arg[1], &value);
SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32);
}
default: default:
WARN("Unimplemented PM Service Call: 0x%x\n", smc_fid); WARN("Unimplemented PM Service Call: 0x%x\n", smc_fid);
SMC_RET1(handle, SMC_UNK); SMC_RET1(handle, SMC_UNK);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment