Functions | |
scc_config_t * | scc_get_configuration (void) |
scc_return_t | scc_zeroize_memories (void) |
void | scc_set_sw_alarm (void) |
scc_return_t | scc_monitor_security_failure (void callback_func(void)) |
void | scc_stop_monitoring_security_failure (void callback_func(void)) |
scc_return_t | scc_read_register (int register_offset, uint32_t *value) |
scc_return_t | scc_write_register (int register_offset, uint32_t value) |
OS_DEV_ISR (scc_irq) | |
static int | offset_within_smn (uint32_t register_offset) |
static int | offset_within_scm (uint32_t register_offset) |
Variables | |
static struct platform_driver | mxcscc_driver |
This is the driver code for the Security Controller version 2 (SCC2). It's interaction with the Linux kernel is from calls to scc_init() when the driver is loaded, and scc_cleanup() should the driver be unloaded. The driver uses locking and (task-sleep/task-wakeup) functions from the kernel. It also registers itself to handle the interrupt line(s) from the SCC. New to this version of the driver is an interface providing access to the secure partitions. This is in turn exposed to the API user through the fsl_shw_smalloc() series of functions. Other drivers in the kernel may use the remaining API functions to get at the services of the SCC. The main service provided is the Secure Memory, which allows encoding and decoding of secrets with a per-chip secret key.
The SCC is single-threaded, and so is this module. When the scc_crypt() routine is called, it will lock out other accesses to the function. If another task is already in the module, the subsequent caller will spin on a lock waiting for the other access to finish.
Note that long crypto operations could cause a task to spin for a while, preventing other kernel work (other than interrupt processing) to get done.
The external (kernel module) interface is through the following functions:
All other functions are internal to the driver.
static int offset_within_scm | ( | uint32_t | register_offset | ) | [inline, static] |
Check that the offset is with the bounds of the SCM register set.
[in] | register_offset | Register offset of SCM |
static int offset_within_smn | ( | uint32_t | register_offset | ) | [inline, static] |
Check that the offset is with the bounds of the SMN register set.
[in] | register_offset | register offset of SMN. |
OS_DEV_ISR | ( | scc_irq | ) |
This is the interrupt handler for the SCC.
This function checks the SMN Status register to see whether it generated the interrupt, then it checks the SCM Status register to see whether it needs attention.
If an SMN Interrupt is active, then the SCC state set to failure, and scc_perform_callbacks() is invoked to notify any interested parties.
The SCM Interrupt should be masked, as this driver uses polling to determine when the SCM has completed a crypto or zeroing operation. Therefore, if the interrupt is active, the driver will just clear the interrupt and (re)mask.
References IRQ_RETVAL, os_dev_get_irq, os_dev_isr_return, SCC_READ_REGISTER, scc_update_state(), SCC_WRITE_REGISTER, SCM_INTERRUPT_CTRL, SCM_INTERRUPT_CTRL_CLEAR_INTERRUPT, SCM_INTERRUPT_CTRL_MASK_INTERRUPTS, SCM_STATUS, SMN_COMMAND, SMN_COMMAND_CLEAR_INTERRUPT, and SMN_STATUS_SMN_STATUS_IRQ.
scc_config_t* scc_get_configuration | ( | void | ) |
Retrieve configuration information from the SCC.
This function always succeeds.
References scc_availability, scc_init(), and SCC_STATUS_INITIAL.
scc_return_t scc_monitor_security_failure | ( | void | callback_funcvoid | ) |
This routine will register a function to be called should a Security Failure be signalled by the SCC (Security Monitor).
The callback function may be called from interrupt level, it may be called from some process' task. It should therefore not take a long time to perform its operation, and it may not sleep.
callback_func | Function pointer to routine which will receive notification of the security failure. |
References os_lock_save_context, os_unlock_restore_context, scc_availability, scc_callbacks, scc_callbacks_lock, scc_init(), and SCC_STATUS_INITIAL.
scc_return_t scc_read_register | ( | int | register_offset, | |
uint32_t * | value | |||
) |
Read value from an SCC register. The offset will be checked for validity (range) as well as whether it is accessible (e.g. not busy, not in failed state) at the time of the call.
[in] | register_offset | The (byte) offset within the SCC block of the register to be queried. See SCM Registers and SMN Registers. |
[out] | value | Pointer to where value from the register should be placed. |
References check_register_accessible(), check_register_offset(), scc_availability, scc_init(), SCC_READ_REGISTER, SCC_STATUS_INITIAL, SCC_STATUS_UNIMPLEMENTED, and scc_update_state().
void scc_set_sw_alarm | ( | void | ) |
Signal a software alarm to the SCC. This will take the SCC and other PISA parts out of Secure mode and into Security Failure mode. The SCC will stay in failed mode until a reboot.
References scc_availability, scc_init(), scc_perform_callbacks(), SCC_STATUS_FAILED, SCC_STATUS_INITIAL, SCC_STATUS_OK, scc_update_state(), SCC_WRITE_REGISTER, and SMN_COMMAND_SET_SOFTWARE_ALARM.
void scc_stop_monitoring_security_failure | ( | void | callback_funcvoid | ) |
This routine will deregister a function previously registered with scc_monitor_security_failure().
callback_func | Function pointer to routine previously registered with scc_stop_monitoring_security_failure(). |
References os_lock_save_context, os_unlock_restore_context, scc_availability, scc_callbacks, scc_callbacks_lock, scc_init(), and SCC_STATUS_INITIAL.
scc_return_t scc_write_register | ( | int | register_offset, | |
uint32_t | value | |||
) |
Write a new value into an SCC register. The offset will be checked for validity (range) as well as whether it is accessible (e.g. not busy, not in failed state) at the time of the call.
[in] | register_offset | The (byte) offset within the SCC block of the register to be modified. See SCM Registers and SMN Registers. |
[in] | value | The value to store into the register. |
References check_register_accessible(), check_register_offset(), scc_availability, scc_init(), SCC_READ_REGISTER, SCC_STATUS_INITIAL, SCC_STATUS_UNIMPLEMENTED, scc_update_state(), and SCC_WRITE_REGISTER.
scc_return_t scc_zeroize_memories | ( | void | ) |
Zeroize Red and Black memories of the SCC. This will start the Zeroizing process. The routine will return when the memories have zeroized or failed to do so. The driver will poll waiting for this to occur, so this routine must not be called from interrupt level. Some future version of driver may elect instead to sleep.
struct platform_driver mxcscc_driver [static] |
{ .driver = { .name = SCC_DRIVER_NAME, }, .probe = scc_dev_probe, .remove = scc_dev_remove, .suspend = scc_suspend, .resume = scc_resume, }
Linux Driver definition
© Freescale Semiconductor, Inc., 2007.
All rights reserved. Freescale Confidential Proprietary NDA Required |
![]() |