From d62625563213b516c6238e970f31d07d20bbe19e Mon Sep 17 00:00:00 2001
From: Anson Huang <Anson.Huang@nxp.com>
Date: Mon, 8 Apr 2019 12:39:31 +0800
Subject: MLK-21393 soc: imx: update SCFW API

This patch updates SCFW API to v1.7, based on below commit:

252281d48647 ("SCF-105: Update wiki.")

Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
Reviewed-by: Bai Ping <ping.bai@nxp.com>
---
 include/soc/imx8/sc/svc/misc/api.h | 15 +++++++++
 include/soc/imx8/sc/svc/rm/api.h   | 63 +++++++++++++++++++++++++++++++++-----
 include/soc/imx8/sc/svc/seco/api.h | 50 ++++++++++++++++++++++++++++++
 include/soc/imx8/sc/types.h        |  3 +-
 4 files changed, 123 insertions(+), 8 deletions(-)

(limited to 'include/soc/imx8')

diff --git a/include/soc/imx8/sc/svc/misc/api.h b/include/soc/imx8/sc/svc/misc/api.h
index d5e9bfa35f26..9cbeb4da654e 100644
--- a/include/soc/imx8/sc/svc/misc/api.h
+++ b/include/soc/imx8/sc/svc/misc/api.h
@@ -508,6 +508,21 @@ void sc_misc_get_boot_dev(sc_ipc_t ipc, sc_rsrc_t *dev);
  */
 sc_err_t sc_misc_get_boot_type(sc_ipc_t ipc, sc_misc_bt_t *type);
 
+/*!
+ * This function returns the boot container index.
+ *
+ * @param[in]     ipc         IPC handle
+ * @param[out]    idx         pointer to return index
+ *
+ * Return \a idx = 1 for first container, 2 for second.
+ *
+ * @return Returns and error code (SC_ERR_NONE = success).
+ *
+ * Return errors code:
+ * - SC_ERR_UNAVAILABLE if index not passed by ROM
+ */
+sc_err_t sc_misc_get_boot_container(sc_ipc_t ipc, uint8_t *idx);
+
 /*!
  * This function returns the current status of the ON/OFF button.
  *
diff --git a/include/soc/imx8/sc/svc/rm/api.h b/include/soc/imx8/sc/svc/rm/api.h
index 0491c8d8f844..faaa8d062053 100644
--- a/include/soc/imx8/sc/svc/rm/api.h
+++ b/include/soc/imx8/sc/svc/rm/api.h
@@ -140,12 +140,21 @@ typedef uint8_t sc_rm_perm_t;
  * - SC_ERR_UNAVAILABLE if partition table is full (no more allocation space)
  *
  * Marking as non-secure prevents subsequent functions from configuring masters in this
- * partition to assert the secure signal. If restricted then the new partition is limited
- * in what functions it can call, especially those associated with managing partitions.
+ * partition to assert the secure signal. Basically, if TrustZone SW is used, the Cortex-A
+ * cores and peripherals the TZ SW will use should be in a secure partition. Almost all
+ * other partitions (for a non-secure OS or M4 cores) should be in non-secure partitions.
+ *
+ * Isolated should be true for almost all partitions. The exception is the non-secure
+ * partition for a Cortex-A core used to run a non-secure OS. This isn't isolated by
+ * domain but is instead isolated by the TZ security hardware.
+ *
+ * If restricted then the new partition is limited in what functions it can call,
+ * especially those associated with managing partitions.
  *
  * The grant option is usually used to isolate a bus master's traffic to specific
  * memory without isolating the peripheral interface of the master or the API
- * controls of that master.
+ * controls of that master. This is only used when creating a sub-partition with
+ * no CPU. It's useful to separate out a master and the memory it uses.
  */
 sc_err_t sc_rm_partition_alloc(sc_ipc_t ipc, sc_rm_pt_t *pt, sc_bool_t secure,
 	sc_bool_t isolated, sc_bool_t restricted, sc_bool_t grant, sc_bool_t coherent);
@@ -317,6 +326,12 @@ sc_err_t sc_rm_move_all(sc_ipc_t ipc, sc_rm_pt_t pt_src, sc_rm_pt_t pt_dst,
  *                            assigned
  * @param[in]     resource    resource to assign
  *
+ * This function assigned a resource to a partition. This partition is then
+ * the owner. All resources always have an owner (one owner). The owner
+ * has various rights to make API calls affecting the resource. Ownership
+ * does not imply access to the peripheral itself (that is based on access
+ * rights).
+ *
  * @return Returns an error code (SC_ERR_NONE = success).
  *
  * This action resets the resource's master and peripheral attributes.
@@ -367,6 +382,12 @@ sc_err_t sc_rm_set_resource_movable(sc_ipc_t ipc, sc_rsrc_t resource_fst,
  * @param[in]     resource    resource to use to identify subsystem
  * @param[in]     movable     movable flag (SC_TRUE is movable)
  *
+ * A subsystem is a physical grouping within the chip of related resources;
+ * this is SoC specific. This function is used to optimize moving resource
+ * for these groupings, for instance, an M4 core and its associated resources.
+ * The list of subsystems and associated resources can be found in the
+ * SoC-specific API document [Resources](@ref RESOURCES) chapter.
+ *
  * @return Returns an error code (SC_ERR_NONE = success).
  *
  * Return errors:
@@ -396,9 +417,13 @@ sc_err_t sc_rm_set_subsys_rsrc_movable(sc_ipc_t ipc, sc_rsrc_t resource,
  * - SC_ERR_NOACCESS if caller's partition is not a parent of the resource owner,
  * - SC_ERR_LOCKED if the owning partition is locked
  *
- * This function configures how the HW isolation will see bus transactions
- * from the specified master. Note the security attribute will only be
- * changed if the caller's partition is secure.
+ * Masters are IP blocks that generate bus transactions. This function configures
+ * how the isolation HW will define these bus transactions from the specified master.
+ * Note the security attribute will only be changed if the caller's partition is
+ * secure.
+ *
+ * Note an IP block can be both a master and peripheral (have both a programming model
+ * and generate bus transactions).
  */
 sc_err_t sc_rm_set_master_attributes(sc_ipc_t ipc, sc_rsrc_t resource,
 	sc_rm_spa_t sa, sc_rm_spa_t pa, sc_bool_t smmu_bypass);
@@ -444,9 +469,15 @@ sc_err_t sc_rm_set_master_sid(sc_ipc_t ipc, sc_rsrc_t resource,
  * - SC_ERR_LOCKED if the owning partition is locked
  * - SC_ERR_LOCKED if the \a pt is confidential and the caller isn't \a pt
  *
- * This function configures how the HW isolation will restrict access to a
+ * Peripherals are IP blocks that have a programming model that can be
+ * accessed.
+ *
+ * This function configures how the isolation HW will restrict access to a
  * peripheral based on the attributes of a transaction from bus master. It
  * also allows the access permissions of SC_R_SYSTEM to be set.
+ *
+ * Note an IP block can be both a master and peripheral (have both a programming
+ * model and generate bus transactions).
  */
 sc_err_t sc_rm_set_peripheral_permissions(sc_ipc_t ipc, sc_rsrc_t resource,
 	sc_rm_pt_t pt, sc_rm_perm_t perm);
@@ -486,6 +517,10 @@ sc_err_t sc_rm_get_resource_owner(sc_ipc_t ipc, sc_rsrc_t resource,
  * @param[in]     ipc         IPC handle
  * @param[in]     resource    resource to check
  *
+ * Masters are IP blocks that generate bus transactions. Note an IP block
+ * can be both a master and peripheral (have both a programming model
+ * and generate bus transactions).
+ *
  * @return Returns a boolean (SC_TRUE if the resource is a bus master).
  *
  * If \a resource is out of range then SC_FALSE is returned.
@@ -498,6 +533,10 @@ sc_bool_t sc_rm_is_resource_master(sc_ipc_t ipc, sc_rsrc_t resource);
  * @param[in]     ipc         IPC handle
  * @param[in]     resource    resource to check
  *
+ * Peripherals are IP blocks that have a programming model that can be
+ * accessed. Note an IP block can be both a master and peripheral (have
+ * both a programming model and generate bus transactions)
+ *
  * @return Returns a boolean (SC_TRUE if the resource is a peripheral).
  *
  * If \a resource is out of range then SC_FALSE is returned.
@@ -676,6 +715,12 @@ sc_err_t sc_rm_assign_memreg(sc_ipc_t ipc, sc_rm_pt_t pt, sc_rm_mr_t mr);
  *                            applied for
  * @param[in]     perm        permissions to apply to \a mr for \a pt
  *
+ * This function assigned a memory region to a partition. This partition is then
+ * the owner. All regions always have an owner (one owner). The owner
+ * has various rights to make API calls affecting the region. Ownership
+ * does not imply access to the memory itself (that is based on access
+ * rights).
+ *
  * @return Returns an error code (SC_ERR_NONE = success).
  *
  * Return errors:
@@ -754,6 +799,10 @@ sc_err_t sc_rm_assign_pad(sc_ipc_t ipc, sc_rm_pt_t pt, sc_pad_t pad);
  * @param[in]     pad_lst     last pad for which flag should be set
  * @param[in]     movable     movable flag (SC_TRUE is movable)
  *
+ * This function assigned a pad to a partition. This partition is then
+ * the owner. All pads always have an owner (one owner). The owner
+ * has various rights to make API calls affecting the pad.
+ *
  * @return Returns an error code (SC_ERR_NONE = success).
  *
  * Return errors:
diff --git a/include/soc/imx8/sc/svc/seco/api.h b/include/soc/imx8/sc/svc/seco/api.h
index 54c911a32ae9..505587358b49 100644
--- a/include/soc/imx8/sc/svc/seco/api.h
+++ b/include/soc/imx8/sc/svc/seco/api.h
@@ -38,6 +38,15 @@
 #define SC_SECO_AUTH_HDMI_RX_FW         5U   /* HDMI RX Firmware */
 /*@}*/
 
+/*!
+ * @name Defines for seco_rng_stat_t
+ */
+/*@{*/
+#define SC_SECO_RNG_STAT_UNAVAILABLE    0U  /* Unable to initialize the RNG */
+#define SC_SECO_RNG_STAT_INPROGRESS     1U  /* Initialization is on-going */
+#define SC_SECO_RNG_STAT_READY          2U  /* Initialized */
+/*@}*/
+
 /* Types */
 
 /*!
@@ -45,6 +54,11 @@
  */
 typedef uint8_t sc_seco_auth_cmd_t;
 
+/*!
+ * This type is used to return the RNG initialization status.
+ */
+typedef uint32_t sc_seco_rng_stat_t;
+
 /* Functions */
 
 /*!
@@ -504,6 +518,42 @@ sc_err_t sc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
  */
 sc_err_t sc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr);
 
+
+/*!
+ * This function applies a patch.
+ *
+ * @param[in]     ipc         IPC handle
+ * @param[in]     addr        address of message block
+ *
+ * @return Returns and error code (SC_ERR_NONE = success).
+ *
+ * Return errors codes:
+ * - SC_ERR_UNAVAILABLE if SECO not available
+ *
+ * Note \a addr must be a pointer to a signed message block.
+ *
+ * See the Security Reference Manual (SRM) for more info.
+ */
+sc_err_t sc_seco_patch(sc_ipc_t ipc, sc_faddr_t addr);
+
+/*!
+ * This function starts the random number generator.
+ *
+ * @param[in]     ipc         IPC handle
+ * @param[out]    status      pointer to return state of RNG
+ *
+ * @return Returns and error code (SC_ERR_NONE = success).
+ *
+ * Return errors codes:
+ * - SC_ERR_UNAVAILABLE if SECO not available
+ *
+ * The RNG is started automatically after all CPUs are booted. This
+ * function can be used to start earlier and to check the status.
+ *
+ * See the Security Reference Manual (SRM) for more info.
+ */
+sc_err_t sc_seco_start_rng(sc_ipc_t ipc, sc_seco_rng_stat_t *status);
+
 /* @} */
 
 #endif /* SC_SECO_API_H */
diff --git a/include/soc/imx8/sc/types.h b/include/soc/imx8/sc/types.h
index 4d287c0ba02c..6c7704e9d81b 100644
--- a/include/soc/imx8/sc/types.h
+++ b/include/soc/imx8/sc/types.h
@@ -26,6 +26,7 @@
 /*@{*/
 #define SC_32KHZ            32768U   /* 32KHz */
 #define SC_10MHZ         10000000U   /* 10MHz */
+#define SC_16MHZ         16000000U   /* 16MHz */
 #define SC_20MHZ         20000000U   /* 20MHz */
 #define SC_25MHZ         25000000U   /* 25MHz */
 #define SC_27MHZ         27000000U   /* 27MHz */
@@ -205,7 +206,7 @@
 #define SC_R_DC_0_BLIT2           21U
 #define SC_R_DC_0_BLIT_OUT        22U
 #define SC_R_PERF                 23U
-#define SC_R_UNUSED5              24U
+#define SC_R_USB_1_PHY            24U
 #define SC_R_DC_0_WARP            25U
 #define SC_R_UNUSED7              26U
 #define SC_R_UNUSED8              27U
-- 
cgit v1.2.3