zynqmp: Add ATF support for Data blob encryption and decryption

This patch adds ATF support for AES data blob encrypt/decrypt.
ATF establishes a path to send the address of the structure
to the xilsecure, so that it will pick addresses of the data
and performs the requested operation (encrypt/decrypt) and puts
the result in load address.

where structure contains
- Data blob src address
- load address
- IV address
- Key address - this will actual key addr in case of KUP
		else it will be zero.
- Data-size
- Aes-op type
- KeySrc

Signed-off-by: Kalyani Akula <[email protected]>
Signed-off-by: Siva Durga Prasad Paladugu <[email protected]>

diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
index 18c6cd73432275931cd9e8864ab77c39d6091a96..e85b2cee338b09883799bf7a98d5e59525d260de 100644 (file)
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
@@ -601,6 +601,30 @@ enum pm_ret_status pm_secure_rsaaes(uint32_t address_low,
        return pm_ipi_send_sync(primary_proc, payload, NULL, 0);
 }
 
+/**
+ * pm_aes_engine() - Aes data blob encryption/decryption
+ * This function provides access to the xilsecure library to
+ * encrypt/decrypt data blobs.
+ *
+ * address_low: lower 32-bit address of the AesParams structure
+ *
+ * address_high: higher 32-bit address of the AesParams structure
+ *
+ * value:        Returned output value
+ *
+ * @return       Returns status, either success or error+reason
+ */
+enum pm_ret_status pm_aes_engine(uint32_t address_high,
+                                uint32_t address_low,
+                                uint32_t *value)
+{
+       uint32_t payload[PAYLOAD_ARG_CNT];
+
+       /* Send request to the PMU */
+       PM_PACK_PAYLOAD3(payload, PM_SECURE_AES, address_high, address_low);
+       return pm_ipi_send_sync(primary_proc, payload, value, 1);
+}
+
 /**
  * pm_pinctrl_request() - Request Pin from firmware
  * @pin                Pin number to request

diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
index 3726e8569c13df2f9f03273fe7c5aabec8a01cc2..1c9255e6f8dc88bdbac6839e473ff35c4c4413a2 100644 (file)
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
@@ -172,5 +172,8 @@ enum pm_ret_status pm_fpga_read(uint32_t reg_numframes,
                                uint32_t address_high,
                                uint32_t readback_type,
                                uint32_t *value);
+enum pm_ret_status pm_aes_engine(uint32_t address_high,
+                                uint32_t address_low,
+                                uint32_t  *value);
 
 #endif /* _PM_API_SYS_H_ */

diff --git a/plat/xilinx/zynqmp/pm_service/pm_defs.h b/plat/xilinx/zynqmp/pm_service/pm_defs.h
index 0775bf9e68d8e24570c2393bc94a0e61a1e411cf..1fbf6eed94c8352156661d25a181f18b255ad0de 100644 (file)
--- a/plat/xilinx/zynqmp/pm_service/pm_defs.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_defs.h
@@ -91,6 +91,7 @@ enum pm_api_id {
        PM_SECURE_IMAGE,
        /* FPGA PL Readback */
        PM_FPGA_READ,
+       PM_SECURE_AES,
        PM_API_MAX
 };
 

diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
index 92b7b3e83989a0c708fd8659cc8624d716ae216d..7790c979dfbeb405632d89e09cbd959a343ef91a 100644 (file)
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
@@ -555,6 +555,14 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
                SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32);
        }
 
+       case PM_SECURE_AES:
+       {
+               uint32_t value;
+
+               ret = pm_aes_engine(pm_arg[0], pm_arg[1], &value);
+               SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32);
+       }
+
        default:
                WARN("Unimplemented PM Service Call: 0x%x\n", smc_fid);
                SMC_RET1(handle, SMC_UNK);