10 Commits

Author SHA1 Message Date
Olof Johansson
115484216b mvebu drivers for 5.14 (part 1)
Make the turris mox rwtm firmware more generic for Armada 3700 SoCs
 -----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQQYqXDMF3cvSLY+g9cLBhiOFHI71QUCYM7/HQAKCRALBhiOFHI7
 1d1YAJ9WfxE3M0KhsvFQ/9wo4cniPTSMuACgou49J9SIZTQ95fZ9GGdZGy7BKe4=
 =0Qm0
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQJDBAABCgAtFiEElf+HevZ4QCAJmMQ+jBrnPN6EHHcFAmDT5pQPHG9sb2ZAbGl4
 b20ubmV0AAoJEIwa5zzehBx3/DAP+wVANvRuHerjlPKiQRWAFqzKvy/31vigr5In
 CBdOPcz70BvFDZKZmbC1eRf2mRUznDxZwT2u/E6pbqqJ//+Vz0qY68nX8u9/Dmxj
 nUXPvlF/YqE5NQGZ4UKlReA4p+/IYrjguXd1vIrmEX1iqj8hn4PfGdsNN4r9wZeP
 TDir1ILweAMpiabUF2NP/p5StKKDWPuAoNKDq7nUssqsI0C33SfzWyMO4s1lZYd2
 WkfPR9p1t3baoYOArVr4CZHDwk//R0Hh3cFTVqoNR531BpOo29jvaLSarprBxhiQ
 /CcgRoq8Sar8SXkS5kKFrdNZjEbflJRbq07k8PJSasIYt52qqz6kA7soXwPA/2Ie
 xiYJLaoLCwX0dyf7hsHSIgBZHNq3FCmsVRqrb25nImw6kReBQKLQODogU7RudbOe
 +hELQDjOtcRvJzsIruXcJ1Y1e3TGjXiYv+tXOySLpq3ivWGrCLwF28B1g8raINrR
 W0bPQo62UUHmLBUxizIQn5h9lGz+znPisWjvzaMyQyLAaWZ3/tps77VfbxWaDGuA
 rbaxveHU4WLHmW2eGBqVJW2UQf/D082NBM4z9wyY+aCZ7Lex3r6UQAK1xEdxp0/1
 VELQg+R+8+U3U8DY/vzH3FLLf+Xbu1h235J0+0HB9GEyaO0ihoM1CCXJpxGwbnMd
 GAIIBg9I
 =S+hO
 -----END PGP SIGNATURE-----

Merge tag 'mvebu-drivers-5.14-1' of git://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu into arm/drivers

mvebu drivers for 5.14 (part 1)

Make the turris mox rwtm firmware more generic for Armada 3700 SoCs

* tag 'mvebu-drivers-5.14-1' of git://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu:
  firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware compatible string

Link: https://lore.kernel.org/r/87bl802a2d.fsf@BL-laptop
Signed-off-by: Olof Johansson <olof@lixom.net>
2021-06-23 18:57:40 -07:00
Pali Rohár
90ae47215d firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware compatible string
Add more generic compatible string 'marvell,armada-3700-rwtm-firmware' for
this driver, since it can also be used on other Armada 3720 devices.

Current compatible string 'cznic,turris-mox-rwtm' is kept for backward
compatibility.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2021-06-17 15:02:35 +02:00
Pali Rohár
fae2016099 firmware: turris-mox-rwtm: show message about HWRNG registration
Currently it is hard to determinate if on Armada 3720 device is HWRNG
by running kernel accessible or not. So print information message into
dmesg when HWRNG is available and registration was successful.

Fixes: 389711b37493 ("firmware: Add Turris Mox rWTM firmware driver")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2021-06-17 14:55:09 +02:00
Pali Rohár
2eab59cf0d firmware: turris-mox-rwtm: fail probing when firmware does not support hwrng
When Marvell's rWTM firmware, which does not support the GET_RANDOM
command, is used, kernel prints an error message
  hwrng: no data available
every 10 seconds.

Fail probing of this driver if the rWTM firmware does not support the
GET_RANDOM command.

Fixes: 389711b37493 ("firmware: Add Turris Mox rWTM firmware driver")
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <kabel@kernel.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2021-06-17 14:54:06 +02:00
Marek Behún
72f9988894 firmware: turris-mox-rwtm: report failures better
Report a notice level message if a command is not supported by the rWTM
firmware.

This should not be an error, merely a notice, because the firmware can
be used on boards that do not have manufacturing information burned.

Fixes: 389711b37493 ("firmware: Add Turris Mox rWTM firmware driver")
Signed-off-by: Marek Behún <kabel@kernel.org>
Reviewed-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2021-06-17 14:53:03 +02:00
Marek Behún
e34e60253d firmware: turris-mox-rwtm: fix reply status decoding function
The status decoding function mox_get_status() currently contains an
incorrect check: if the error status is not MBOX_STS_SUCCESS, it always
returns -EIO, so the comparison to MBOX_STS_FAIL is never executed and
we don't get the actual error code sent by the firmware.

Fix this.

Signed-off-by: Marek Behún <kabel@kernel.org>
Reviewed-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Fixes: 389711b37493 ("firmware: Add Turris Mox rWTM firmware driver")
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2021-06-17 14:51:06 +02:00
Marek Behún
b37c384843 treewide: change my e-mail address, fix my name
Change my e-mail address to kabel@kernel.org, and fix my name in
non-code parts (add diacritical mark).

Link: https://lkml.kernel.org/r/20210325171123.28093-2-kabel@kernel.org
Signed-off-by: Marek Behún <kabel@kernel.org>
Cc: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jassi Brar <jassisinghbrar@gmail.com>
Cc: Linus Walleij <linus.walleij@linaro.org>
Cc: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2021-04-09 14:54:23 -07:00
Marek Behún
50524d787d firmware: turris-mox-rwtm: support ECDSA signatures via debugfs
The firmware on Turris MOX secure processor offers signing messages
with ECDSA private key stored in protected OTP memory.

The optimal solution would be to register an akcipher provider via
kernel's crypto API, but crypto API does not yet support accessing
akcipher API from userspace (and probably won't for some time, see
https://www.spinics.net/lists/linux-crypto/msg38388.html).

At first I tried to put this via standard sysfs API, but the way I
designed it is not compatible with sysfs's standard "one file per
attribute".

This patch therefore adds support for accessing this signature
generation mechanism via debugfs. Since CZ.NIC's Turris MOX is the only
user of this module, the potential future change to akcipher API should
not cause problems, since we can just change our userspace software then.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2020-07-18 22:35:01 +02:00
Dan Carpenter
e8acad4d83 firmware: turris-mox-rwtm: small white space cleanup
This patch deletes a stray tab.

Cc: Gregory CLEMENT <gregory.clement@bootlin.com>
Cc: Colin King <colin.king@canonical.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
2020-01-08 10:35:23 +01:00
Marek Behún
389711b374 firmware: Add Turris Mox rWTM firmware driver
This adds a driver to communicate with the firmware running on the
secure processor of the Turris Mox router, enabling the kernel to
retrieve true random numbers from the Entropy Bit Generator and to read
some information burned into eFuses when device was manufactured:

and to
sign messages with the ECDSA private key burned into each Turris Mox
device when manufacturing.

This also adds support to read other information burned into eFuses:
 - serial number
 - board version
 - MAC addresses
 - RAM size
 - ECDSA public key (this is not read directly from eFuses, rather it
   is computed by the firmware as pair to the burned private key)

The source code of the firmware is open source and can be found at
https://gitlab.labs.nic.cz/turris/mox-boot-builder/tree/master/wtmi

The firmware is also able to, on demand, sign messages with the burned
ECDSA private key, but since Linux's akcipher API is not yet stable
(and therefore not exposed to userspace via netlink), this functionality
is not supported yet.

Link: https://lore.kernel.org/r/20190822014318.19478-3-marek.behun@nic.cz
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-09-04 17:32:13 +02:00