imx6: Added DEK blob generator command

Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.

During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process,  is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.

Commands added
--------------
  dek_blob - encapsulating DEK as a cryptgraphic blob

Commands Syntax
---------------
  dek_blob src dst len

    Encapsulate and create blob of a len-bits DEK at
    address src and store the result at address dst.

Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Nitin Garg <nitin.garg@freescale.com>

Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com>

Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com>

1 files changed, 27 insertions, 4 deletions

diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c
index f9d49388345..f99d59480c8 100644
--- a/drivers/crypto/fsl/jr.c
+++ b/drivers/crypto/fsl/jr.c
@@ -90,11 +90,13 @@ static int jr_init(void)
 	jr.liodn = DEFAULT_JR_LIODN;
 #endif
 	jr.size = JR_SIZE;
-	jr.input_ring = (dma_addr_t *)malloc(JR_SIZE * sizeof(dma_addr_t));
+	jr.input_ring = (dma_addr_t *)memalign(ARCH_DMA_MINALIGN,
+				JR_SIZE * sizeof(dma_addr_t));
 	if (!jr.input_ring)
 		return -1;
 	jr.output_ring =
-	    (struct op_ring *)malloc(JR_SIZE * sizeof(struct op_ring));
+	    (struct op_ring *)memalign(ARCH_DMA_MINALIGN,
+				JR_SIZE * sizeof(struct op_ring));
 	if (!jr.output_ring)
 		return -1;
 
@@ -163,13 +165,23 @@ static int jr_enqueue(uint32_t *desc_addr,
 	    CIRC_SPACE(jr.head, jr.tail, jr.size) <= 0)
 		return -1;
 
-	jr.input_ring[head] = desc_phys_addr;
 	jr.info[head].desc_phys_addr = desc_phys_addr;
 	jr.info[head].desc_addr = (uint32_t)desc_addr;
 	jr.info[head].callback = (void *)callback;
 	jr.info[head].arg = arg;
 	jr.info[head].op_done = 0;
 
+	unsigned long start = (unsigned long)&jr.info[head] &
+					~(ARCH_DMA_MINALIGN - 1);
+	unsigned long end = ALIGN(start + sizeof(struct jr_info),
+					ARCH_DMA_MINALIGN);
+	flush_dcache_range(start, end);
+
+	jr.input_ring[head] = desc_phys_addr;
+	start = (unsigned long)&jr.input_ring[head] & ~(ARCH_DMA_MINALIGN - 1);
+	end = ALIGN(start + sizeof(dma_addr_t), ARCH_DMA_MINALIGN);
+	flush_dcache_range(start, end);
+
 	jr.head = (head + 1) & (jr.size - 1);
 
 	sec_out32(&regs->irja, 1);
@@ -187,6 +199,13 @@ static int jr_dequeue(void)
 	void *arg = NULL;
 
 	while (sec_in32(&regs->orsf) && CIRC_CNT(jr.head, jr.tail, jr.size)) {
+		unsigned long start = (unsigned long)jr.output_ring &
+					~(ARCH_DMA_MINALIGN - 1);
+		unsigned long end = ALIGN(start +
+					  sizeof(struct op_ring)*JR_SIZE,
+					  ARCH_DMA_MINALIGN);
+		invalidate_dcache_range(start, end);
+
 		found = 0;
 
 		dma_addr_t op_desc = jr.output_ring[jr.tail].desc;
@@ -333,13 +352,17 @@ static int instantiate_rng(void)
 
 	memset(&op, 0, sizeof(struct result));
 
-	desc = malloc(sizeof(int) * 6);
+	desc = memalign(ARCH_DMA_MINALIGN, sizeof(uint32_t) * 6);
 	if (!desc) {
 		printf("cannot allocate RNG init descriptor memory\n");
 		return -1;
 	}
 
 	inline_cnstr_jobdesc_rng_instantiation(desc);
+	int size = roundup(sizeof(uint32_t) * 6, ARCH_DMA_MINALIGN);
+	flush_dcache_range((unsigned long)desc,
+			   (unsigned long)desc + size);
+
 	ret = run_descriptor_jr(desc);
 
 	if (ret)