mbox series

[v4,00/11] dmaengine: qcom: bam_dma: add cmd descriptor support

Message ID 20240909092632.2776160-1-quic_mdalam@quicinc.com
Headers show
Series dmaengine: qcom: bam_dma: add cmd descriptor support | expand

Message

Md Sadre Alam Sept. 9, 2024, 9:26 a.m. UTC
Requirements:
  In QCE crypto driver we are accessing the crypto engine registers 
  directly via CPU read/write. Trust Zone could possibly to perform some
  crypto operations simultaneously, a race condition will be created and
  this could result in undefined behavior.

  To avoid this behavior we need to use BAM HW LOCK/UNLOCK feature on BAM 
  pipes, and this LOCK/UNLOCK will be set via sending a command descriptor,
  where the HLOS/TZ QCE crypto driver prepares a command descriptor with a
  dummy write operation on one of the QCE crypto engine register and pass
  the LOCK/UNLOCK flag along with it.

  This feature tested with tcrypt.ko and "libkcapi" with all the AES 
  algorithm supported by QCE crypto engine. Tested on IPQ9574 and 
  qcm6490.LE chipset.

  insmod tcrypt.ko mode=101
  insmod tcrypt.ko mode=102
  insmod tcrypt.ko mode=155
  insmod tcrypt.ko mode=180
  insmod tcrypt.ko mode=181
  insmod tcrypt.ko mode=182
  insmod tcrypt.ko mode=185
  insmod tcrypt.ko mode=186
  insmod tcrypt.ko mode=212
  insmod tcrypt.ko mode=216
  insmod tcrypt.ko mode=403
  insmod tcrypt.ko mode=404
  insmod tcrypt.ko mode=500
  insmod tcrypt.ko mode=501
  insmod tcrypt.ko mode=502
  insmod tcrypt.ko mode=600
  insmod tcrypt.ko mode=601
  insmod tcrypt.ko mode=602

  Encryption command line:
 ./kcapi -x 1 -e -c "cbc(aes)" -k
 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -i
 7fbc02ebf5b93322329df9bfccb635af -p 48981da18e4bb9ef7e2e3162d16b1910
 * 8b19050f66582cb7f7e4b6c873819b71
 *
 Decryption command line:
 * $ ./kcapi -x 1 -c "cbc(aes)" -k
 3023b2418ea59a841757dcf07881b3a8def1c97b659a4dad -i
 95aa5b68130be6fcf5cabe7d9f898a41 -q c313c6b50145b69a77b33404cb422598
 * 836de0065f9d6f6a3dd2c53cd17e33a

 * $ ./kcapi -x 3 -c sha256 -p 38f86d
 * cc42f645c5aa76ac3154b023359b665375fc3ae42f025fe961fb0f65205ad70e
 * $ ./kcapi -x 3 -c sha256 -p bbb300ac5eda9d
 * 61f7b48577a613fbdfe0d6d90b49985e07a42c99e7a439b6efb76d5ec71b3d30

 ./kcapi -x 12 -c "hmac(sha256)" -k
 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b -i
 000102030405060708090a0b0c -p f0f1f2f3f4f5f6f7f8f9 -b 42
 *
 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf3400720
 8d5b887185865

 Paraller test with two different EE's (Execution Environment)

 EE1 (Trust Zone)                          EE2 (HLOS)

 There is a TZ application which    "libkcapi" or "tcrypt.ko" will run in 
 will do continuous enc/dec with     continuous loop to do enc/dec with 
 different AES algorithm supported   different algorithm supported QCE
 by QCE crypto engine.     	     crypto engine. 

1) dummy write with LOCK bit set    1) dummy write with LOCK bit set                        
2) bam will lock all other pipes    2) bam will lock all other pipes which
   which not belongs to current	       not belongs to current EE's, i.e tz 
   EE's, i.e HLOS pipe and keep        pipe and keep handling current
   handling current pipe only.         pipe only. 
                                    3) hlos prepare data descriptor and               
3) tz prepare data descriptor          submit to CE5
   and submit to CE5                4) dummy write with UNLOCK bit set
4) dummy write with UNLOCK bit      5) bam will release all the locked 
   set                                 pipes
5) bam will release all the locked
   pipes                   

 Upon encountering a descriptor with Lock bit set, the BAM will lock all
 other pipes not related to the current pipe group, and keep handling the 
 current pipe only until it sees the Un-Lock set (then it will release all
 locked pipes). The actual locking is done on the new descriptor fetching
 for publishing, i.e. locked pipe will not fetch new descriptors even if 
 it got event/events adding more descriptors for this pipe.


v4:
  * Added feature description and test hardware
    with test command
  * Fixed patch version numbering
  * Dropped dt-binding patch
  * Dropped device tree changes
  * Added BAM_SW_VERSION register read
  * Handled the error path for the api dma_map_resource()
    in probe
  * updated the commit messages for batter redability
  * Squash the change where qce_bam_acquire_lock() and
    qce_bam_release_lock() api got introduce to the change where
    the lock/unlock flag get introced
  * changed cover letter subject heading to
    "dmaengine: qcom: bam_dma: add cmd descriptor support"
  * Added the very initial post for BAM lock/unlock patch link
    as v1 to track this feature

v3:
  * https://lore.kernel.org/lkml/183d4f5e-e00a-8ef6-a589-f5704bc83d4a@quicinc.com/
  * Addressed all the comments from v2
  * Added the dt-binding
  * Fix alignment issue
  * Removed type casting from qce_write_reg_dma()
    and qce_read_reg_dma()
  * Removed qce_bam_txn = dma->qce_bam_txn; line from
    qce_alloc_bam_txn() api and directly returning
    dma->qce_bam_txn

v2:
  * https://lore.kernel.org/lkml/20231214114239.2635325-1-quic_mdalam@quicinc.com/
  * Initial set of patches for cmd descriptor support
  * Add client driver to use BAM lock/unlock feature
  * Added register read/write via BAM in QCE Crypto driver
    to use BAM lock/unlock feature

v1:
  * https://lore.kernel.org/all/1608215842-15381-1-git-send-email-mdalam@codeaurora.org/
  * Initial support for LOCK/UNLOCK in bam_dma driver


Md Sadre Alam (11):
  dmaengine: qcom: bam_dma: Add bam_sw_version register read
  dmaengine: qcom: bam_dma: add LOCK & UNLOCK flag support
  crypto: qce - Add support for crypto address read
  crypto: qce - Add bam dma support for crypto register r/w
  crypto: qce - Convert register r/w for skcipher via BAM/DMA
  crypto: qce - Convert register r/w for sha via BAM/DMA
  crypto: qce - Convert register r/w for aead via BAM/DMA
  crypto: qce - Add LOCK and UNLOCK flag support
  crypto: qce - Add support for lock/unlock in skcipher
  crypto: qce - Add support for lock/unlock in sha
  crypto: qce - Add support for lock/unlock in aead

 drivers/crypto/qce/aead.c     |   4 +
 drivers/crypto/qce/common.c   | 141 +++++++++++++++------
 drivers/crypto/qce/core.c     |  14 +-
 drivers/crypto/qce/core.h     |  12 ++
 drivers/crypto/qce/dma.c      | 232 ++++++++++++++++++++++++++++++++++
 drivers/crypto/qce/dma.h      |  26 +++-
 drivers/crypto/qce/sha.c      |   4 +
 drivers/crypto/qce/skcipher.c |   4 +
 drivers/dma/qcom/bam_dma.c    |  33 ++++-
 include/linux/dmaengine.h     |   6 +
 10 files changed, 431 insertions(+), 45 deletions(-)