From: Oliver Schinagl <[email protected]>
After a little vacation I had time to address the last few issues and adapted
per request. After a long talk with Greg we decided that after finding some
issues with binary attribute groups that don't currently work with sysfs yet
this micro-driver falls back to the old manual way for now.
Greg said he would clean up all the drivers after his new sysfs patches land
and to ease the conversion I left a few /* fixme */ markers.
Oliver
Changes from v4:
* Added sun7i (A20) support, also tested on Cubieboard 2.0 and OlinuXino A20
* prepare source for move to binary attribute groups
* Removed useless internal braces
* Dropped DRV_NAME from dvb_dvb
* Add and pass struct using platform_[gs]et_drvdata()
* Add Documentation!
* Reviewed-by: Tomasz Figa <[email protected]>
Changes from v3:
* Cleanup comments
* Remove last byte masking and useless casting, the C standard guarntees
we are ok
* Removed some complexity from sid_read, thanks to Russel
* Replace dev_info with dev_dbg reducing the verbosity
* Removed driver version
* Reorderd variable declrations based on usage, return value always last
* Removed all goto in exchange for return, due to popular request
* Reduced line count by removing extra lines
Changes from v2:
* Removed the global pointer, we can change that when the need for external
access arises
* Fixed header inclusions
* Corrected if guards. There where some crude mistakes there
* Changed offset to an unsigned int so we don't have to worry about negatives
* Cleaned up variable declarations
* Changed ret value, ENXIO (No device/io) as that better matches a missing dt
* Made the loading informercial print version so it is somewhat usefull
Changes from v1:
* Rename the sys-fs exported key to eeprom, since it really a read-only eeprom
* Removed mention of sun[67]i since we haven't tested those
* Fixed up mistakes in comments
* Removed PAGE_SIZE references, since this is a binary only driver
* Removed lookup table and calculate offsets better
* Use proper endianess
* Add the SID to seed the kernel entropy pool
* Rewrite probe to use platform_get_resource/devm_ioremap_resource instead
The Allwinner A-series of SoC's have efuses exposed via registers to read the
factory programmed e-fuses. These should in theory be programmable but this is
still to be confirmed. It does appear that these fuses are unique enough to be
used as serial numbers, RSA keys, generate MAC addresses from etc. If it turns
out to be user programmable, the use obviously increases. Allwinner did use the
fuses initially to determine the chip-type.
This driver supports all currently known chips based on datasheets and 'dumped'
drivers that we have so far, the dts is only implemented for known chips.
It has been tested on a Cubieboard 1
This is my very first driver so please try to be gentle
Oliver Schinagl (2):
Initial support for Allwinner's Security ID fuses
Add sunxi-sid to dts for sun4i, sun5i and sun7i
Documentation/ABI/stable/sysfs-driver-sunxi-sid | 22 +++
.../bindings/misc/allwinner,sunxi-sid.txt | 16 ++
arch/arm/boot/dts/sun4i-a10.dtsi | 5 +
arch/arm/boot/dts/sun5i-a13.dtsi | 5 +
arch/arm/boot/dts/sun7i-a20.dtsi | 6 +
drivers/misc/eeprom/Kconfig | 19 +++
drivers/misc/eeprom/Makefile | 1 +
drivers/misc/eeprom/sunxi_sid.c | 177 +++++++++++++++++++++
8 files changed, 251 insertions(+)
create mode 100644 Documentation/ABI/stable/sysfs-driver-sunxi-sid
create mode 100644 Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
create mode 100644 drivers/misc/eeprom/sunxi_sid.c
--
1.8.1.5
From: Oliver Schinagl <[email protected]>
This patch shall add support for the sunxi-sid driver to the device
table for sun4i, sun5i and sun7i.
Signed-off-by: Oliver Schinagl <[email protected]>
---
arch/arm/boot/dts/sun4i-a10.dtsi | 5 +++++
arch/arm/boot/dts/sun5i-a13.dtsi | 5 +++++
arch/arm/boot/dts/sun7i-a20.dtsi | 6 ++++++
3 files changed, 16 insertions(+)
diff --git a/arch/arm/boot/dts/sun4i-a10.dtsi b/arch/arm/boot/dts/sun4i-a10.dtsi
index b2bd6e1..179e024 100644
--- a/arch/arm/boot/dts/sun4i-a10.dtsi
+++ b/arch/arm/boot/dts/sun4i-a10.dtsi
@@ -267,6 +267,11 @@
reg = <0x01c20c90 0x10>;
};
+ sid: eeprom@01c23800 {
+ compatible = "allwinner,sun4i-sid";
+ reg = <0x01c23800 0x10>;
+ };
+
uart0: serial@01c28000 {
compatible = "snps,dw-apb-uart";
reg = <0x01c28000 0x400>;
diff --git a/arch/arm/boot/dts/sun5i-a13.dtsi b/arch/arm/boot/dts/sun5i-a13.dtsi
index 7363211..999fdb3 100644
--- a/arch/arm/boot/dts/sun5i-a13.dtsi
+++ b/arch/arm/boot/dts/sun5i-a13.dtsi
@@ -223,6 +223,11 @@
reg = <0x01c20c90 0x10>;
};
+ sid: eeprom@01c23800 {
+ compatible = "allwinner,sun4i-sid";
+ reg = <0x01c23800 0x10>;
+ };
+
uart1: serial@01c28400 {
compatible = "snps,dw-apb-uart";
reg = <0x01c28400 0x400>;
diff --git a/arch/arm/boot/dts/sun7i-a20.dtsi b/arch/arm/boot/dts/sun7i-a20.dtsi
index fb81e78..bcf32b4 100644
--- a/arch/arm/boot/dts/sun7i-a20.dtsi
+++ b/arch/arm/boot/dts/sun7i-a20.dtsi
@@ -217,6 +217,12 @@
reg = <0x01c20c90 0x10>;
};
+ sid: eeprom@01c23800 {
+ compatible = "allwinner,sun7i-sid";
+ reg = <0x01c23800 0x200>;
+ };
+
+
uart0: serial@01c28000 {
compatible = "snps,dw-apb-uart";
reg = <0x01c28000 0x400>;
--
1.8.1.5
From: Oliver Schinagl <[email protected]>
Allwinner has electric fuses (efuse) on their line of chips. This driver
reads those fuses, seeds the kernel entropy and exports them as a sysfs
node.
These fuses are most likly to be programmed at the factory, encoding
things like Chip ID, some sort of serial number etc and appear to be
reasonable unique.
While in theory, these should be writeable by the user, it will probably
be inconvinient to do so. Allwinner recommends that a certain input pin,
labeled 'efuse_vddq', be connected to GND. To write these fuses however,
a 2.5 V programming voltage needs to be applied to this pin.
Even so, they can still be used to generate a board-unique mac from,
board unique RSA key and seed the kernel RNG.
On sun7i additional storage is available, this is initially used for an
UEFI BOOT key, Secure JTAG key, HDMI-HDCP key and vendor specific keys.
Currently supported are the following known chips:
Allwinner sun4i (A10)
Allwinner sun5i (A10s, A13)
Allwinner sun7i (A20)
Signed-off-by: Oliver Schinagl <[email protected]>
---
Documentation/ABI/stable/sysfs-driver-sunxi-sid | 22 +++
.../bindings/misc/allwinner,sunxi-sid.txt | 16 ++
drivers/misc/eeprom/Kconfig | 19 +++
drivers/misc/eeprom/Makefile | 1 +
drivers/misc/eeprom/sunxi_sid.c | 177 +++++++++++++++++++++
5 files changed, 235 insertions(+)
create mode 100644 Documentation/ABI/stable/sysfs-driver-sunxi-sid
create mode 100644 Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
create mode 100644 drivers/misc/eeprom/sunxi_sid.c
diff --git a/Documentation/ABI/stable/sysfs-driver-sunxi-sid b/Documentation/ABI/stable/sysfs-driver-sunxi-sid
new file mode 100644
index 0000000..b04ec05
--- /dev/null
+++ b/Documentation/ABI/stable/sysfs-driver-sunxi-sid
@@ -0,0 +1,22 @@
+What: /sys/devices/soc.0/1c23800.eeprom/eeprom
+Date: August 2013
+Contact: Oliver Schinagl <[email protected]>
+Description: read-only access to the SID (Security-ID) on current
+ A-series SoC's from Allwinner. Currently supports A10, A10s, A13
+ and A20 CPU's. The earlier A1x series of SoCs exports 16 bytes,
+ whereas the newer A20 SoC exposes 512 bytes split into sections.
+ Besides the 16 bytes of SID, there's also an SJTAG area,
+ HDMI-HDCP key and some custom keys. Below a quick overview, for
+ details see the user manual:
+ 0x000 128 bit root-key (sun[457]i)
+ 0x010 128 bit boot-key (sun7i)
+ 0x020 64 bit security-jtag-key (sun7i)
+ 0x028 16 bit key configuration (sun7i)
+ 0x02b 16 bit custom-vendor-key (sun7i)
+ 0x02c 320 bit low general key (sun7i)
+ 0x040 32 bit read-control access (sun7i)
+ 0x064 224 bit low general key (sun7i)
+ 0x080 2304 bit HDCP-key (sun7i)
+ 0x1a0 768 bit high general key (sun7i)
+Users: any user space application which wants to read the SID on
+ Allwinner's A-series of CPU's.
diff --git a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
new file mode 100644
index 0000000..2103a44
--- /dev/null
+++ b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
@@ -0,0 +1,16 @@
+Allwinner sunxi-sid
+
+Required properties:
+- compatible: "allwinner,sun4i-sid" or "allwinner,sun7i-sid".
+- reg: Should contain registers location and length
+
+Example for sun4i:
+ sid@01c23800 {
+ compatible = "allwinner,sun4i-sid";
+ reg = <0x01c23800 0x10>
+ };
+Example for sun7i
+ sid@01c23800 {
+ compatible = "allwinner,sun7i-sid";
+ reg = <0x01c23800 0x200>
+ };
diff --git a/drivers/misc/eeprom/Kconfig b/drivers/misc/eeprom/Kconfig
index 04f2e1f..bc6a14c 100644
--- a/drivers/misc/eeprom/Kconfig
+++ b/drivers/misc/eeprom/Kconfig
@@ -96,4 +96,23 @@ config EEPROM_DIGSY_MTC_CFG
If unsure, say N.
+config EEPROM_SUNXI_SID
+ tristate "Allwinner sunxi security ID support"
+ depends on ARCH_SUNXI && SYSFS
+ help
+ This is a driver for the 'security ID' available on various Allwinner
+ devices.
+ Currently supported are:
+ sun4i (A10)
+ sun5i (A10s, A13)
+ sun7i (A20)
+
+ Due to the potential risks involved with changing e-fuses,
+ this driver is read-only
+
+ For more information visit http://linux-sunxi.org/SID
+
+ This driver can also be built as a module. If so, the module
+ will be called sunxi_sid.
+
endmenu
diff --git a/drivers/misc/eeprom/Makefile b/drivers/misc/eeprom/Makefile
index fc1e81d..9507aec 100644
--- a/drivers/misc/eeprom/Makefile
+++ b/drivers/misc/eeprom/Makefile
@@ -4,4 +4,5 @@ obj-$(CONFIG_EEPROM_LEGACY) += eeprom.o
obj-$(CONFIG_EEPROM_MAX6875) += max6875.o
obj-$(CONFIG_EEPROM_93CX6) += eeprom_93cx6.o
obj-$(CONFIG_EEPROM_93XX46) += eeprom_93xx46.o
+obj-$(CONFIG_EEPROM_SUNXI_SID) += sunxi_sid.o
obj-$(CONFIG_EEPROM_DIGSY_MTC_CFG) += digsy_mtc_eeprom.o
diff --git a/drivers/misc/eeprom/sunxi_sid.c b/drivers/misc/eeprom/sunxi_sid.c
new file mode 100644
index 0000000..6fac205
--- /dev/null
+++ b/drivers/misc/eeprom/sunxi_sid.c
@@ -0,0 +1,177 @@
+/*
+ * Copyright (c) 2013 Oliver Schinagl <[email protected]>
+ * http://www.linux-sunxi.org
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * This driver exposes the Allwinner security ID, efuses exported in byte-
+ * sized chunks.
+ */
+
+#include <linux/compiler.h>
+#include <linux/device.h>
+#include <linux/err.h>
+#include <linux/export.h>
+#include <linux/fs.h>
+#include <linux/init.h>
+#include <linux/io.h>
+#include <linux/kernel.h>
+#include <linux/kobject.h>
+#include <linux/module.h>
+#include <linux/of_device.h>
+#include <linux/platform_device.h>
+#include <linux/random.h>
+#include <linux/slab.h>
+#include <linux/stat.h>
+#include <linux/sysfs.h>
+#include <linux/types.h>
+
+#define DRV_NAME "sunxi-sid"
+
+struct sunxi_sid_data {
+ void __iomem *reg_base;
+ unsigned int keysize;
+};
+
+/* We read the entire key, due to a 32 bit read alignment requirement. Since we
+ * want to return the requested byte, this resuls in somewhat slower code and
+ * uses 4 times more reads as needed but keeps code simpler. Since the SID is
+ * only very rarly probed, this is not really an issue.
+ */
+static u8 sunxi_sid_read_byte(const struct sunxi_sid_data *sid_data,
+ const unsigned int offset)
+{
+ u32 sid_key;
+
+ if (offset >= sid_data->keysize)
+ return 0;
+
+ sid_key = ioread32be(sid_data->reg_base + round_down(offset, 4));
+ sid_key >>= (offset % 4) * 8;
+
+ return sid_key; /* Only return the last byte */
+}
+
+static ssize_t sid_read(struct file *fd, struct kobject *kobj,
+ struct bin_attribute *attr, char *buf,
+ loff_t pos, size_t size)
+{
+ struct platform_device *pdev;
+ struct sunxi_sid_data *sid_data;
+ int i;
+
+ pdev = to_platform_device(kobj_to_dev(kobj));
+ sid_data = platform_get_drvdata(pdev);
+
+ if (pos < 0 || pos >= sid_data->keysize)
+ return 0;
+ if (size > sid_data->keysize - pos)
+ size = sid_data->keysize - pos;
+
+ for (i = 0; i < size; i++)
+ buf[i] = sunxi_sid_read_byte(sid_data, pos + i);
+
+ return i;
+}
+
+static struct bin_attribute sid_bin_attr = {
+ .attr = { .name = "eeprom", .mode = S_IRUGO, },
+ .read = sid_read,
+};
+
+static struct bin_attribute *sunxi_sid_bin_attrs[] = {
+ &sid_bin_attr,
+ NULL,
+};
+
+static const struct attribute_group sunxi_sid_group = {
+ .bin_attrs = sunxi_sid_bin_attrs,
+};
+
+static const struct attribute_group *sunxi_sid_groups[] = {
+ &sunxi_sid_group,
+ NULL,
+};
+
+static int sunxi_sid_remove(struct platform_device *pdev)
+{
+ struct sunxi_sid_data *sid_data;
+
+ device_remove_bin_file(&pdev->dev, &sid_bin_attr); /* fixme */
+ sid_data = platform_get_drvdata(pdev);
+ devm_kfree(&pdev->dev, sid_data);
+ dev_dbg(&pdev->dev, "driver unloaded\n");
+
+ return 0;
+}
+
+static const struct of_device_id sunxi_sid_of_match[] = {
+ { .compatible = "allwinner,sun4i-sid", .data = (void *)16},
+ { .compatible = "allwinner,sun7i-sid", .data = (void *)512},
+ {/* sentinel */},
+};
+MODULE_DEVICE_TABLE(of, sunxi_sid_of_match);
+
+static int __init sunxi_sid_probe(struct platform_device *pdev)
+{
+ struct sunxi_sid_data *sid_data;
+ struct resource *res;
+ const struct of_device_id *of_dev_id;
+ u8 *entropy;
+ unsigned int i;
+
+ sid_data = devm_kzalloc(&pdev->dev, sizeof(struct sunxi_sid_data),
+ GFP_KERNEL);
+ if (!sid_data)
+ return -ENOMEM;
+
+ res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
+ sid_data->reg_base = devm_ioremap_resource(&pdev->dev, res);
+ if (IS_ERR(sid_data->reg_base))
+ return PTR_ERR(sid_data->reg_base);
+
+ of_dev_id = of_match_device(sunxi_sid_of_match, &pdev->dev);
+ if (!of_dev_id)
+ return -ENODEV;
+ sid_data->keysize = (int)of_dev_id->data;
+
+ platform_set_drvdata(pdev, sid_data);
+
+ sid_bin_attr.size = sid_data->keysize; /* ugly */
+ if (device_create_bin_file(&pdev->dev, &sid_bin_attr)) /* fixme */
+ return -ENODEV;
+
+ entropy = kzalloc(sizeof(u8) * sid_data->keysize, GFP_KERNEL);
+ for (i = 0; i < sid_data->keysize; i++)
+ entropy[i] = sunxi_sid_read_byte(sid_data, i);
+ add_device_randomness(entropy, sid_data->keysize);
+ kfree(entropy);
+
+ dev_dbg(&pdev->dev, "loaded\n");
+
+ return 0;
+}
+
+static struct platform_driver sunxi_sid_driver = {
+ .probe = sunxi_sid_probe,
+ .remove = sunxi_sid_remove,
+ .driver = {
+ .name = DRV_NAME,
+ .owner = THIS_MODULE,
+ .of_match_table = sunxi_sid_of_match,
+ /* .groups = sunxi_sid_groups, proper way */
+ },
+};
+module_platform_driver(sunxi_sid_driver);
+
+MODULE_AUTHOR("Oliver Schinagl <[email protected]>");
+MODULE_DESCRIPTION("Allwinner sunxi security id driver");
+MODULE_LICENSE("GPL");
--
1.8.1.5
Hi Oliver,
Please prefix your patch with "ARM: sunxi: dt:"
On Tue, Aug 27, 2013 at 04:13:05PM +0200, [email protected] wrote:
> From: Oliver Schinagl <[email protected]>
>
> This patch shall add support for the sunxi-sid driver to the device
> table for sun4i, sun5i and sun7i.
^ tree ^ A10, A13 and A20
>
> Signed-off-by: Oliver Schinagl <[email protected]>
> ---
> arch/arm/boot/dts/sun4i-a10.dtsi | 5 +++++
> arch/arm/boot/dts/sun5i-a13.dtsi | 5 +++++
> arch/arm/boot/dts/sun7i-a20.dtsi | 6 ++++++
> 3 files changed, 16 insertions(+)
>
> diff --git a/arch/arm/boot/dts/sun4i-a10.dtsi b/arch/arm/boot/dts/sun4i-a10.dtsi
> index b2bd6e1..179e024 100644
> --- a/arch/arm/boot/dts/sun4i-a10.dtsi
> +++ b/arch/arm/boot/dts/sun4i-a10.dtsi
> @@ -267,6 +267,11 @@
> reg = <0x01c20c90 0x10>;
> };
>
> + sid: eeprom@01c23800 {
> + compatible = "allwinner,sun4i-sid";
> + reg = <0x01c23800 0x10>;
> + };
> +
> uart0: serial@01c28000 {
> compatible = "snps,dw-apb-uart";
> reg = <0x01c28000 0x400>;
> diff --git a/arch/arm/boot/dts/sun5i-a13.dtsi b/arch/arm/boot/dts/sun5i-a13.dtsi
> index 7363211..999fdb3 100644
> --- a/arch/arm/boot/dts/sun5i-a13.dtsi
> +++ b/arch/arm/boot/dts/sun5i-a13.dtsi
> @@ -223,6 +223,11 @@
> reg = <0x01c20c90 0x10>;
> };
>
> + sid: eeprom@01c23800 {
> + compatible = "allwinner,sun4i-sid";
> + reg = <0x01c23800 0x10>;
> + };
> +
> uart1: serial@01c28400 {
> compatible = "snps,dw-apb-uart";
> reg = <0x01c28400 0x400>;
> diff --git a/arch/arm/boot/dts/sun7i-a20.dtsi b/arch/arm/boot/dts/sun7i-a20.dtsi
> index fb81e78..bcf32b4 100644
> --- a/arch/arm/boot/dts/sun7i-a20.dtsi
> +++ b/arch/arm/boot/dts/sun7i-a20.dtsi
> @@ -217,6 +217,12 @@
> reg = <0x01c20c90 0x10>;
> };
>
> + sid: eeprom@01c23800 {
> + compatible = "allwinner,sun7i-sid";
I'd prefer to have sun7i-a20-sid here. We usually mention the soc name
as well in the compatible when it's not the good ol' A10.
> + reg = <0x01c23800 0x200>;
> + };
> +
> +
Drop the extra line
Thanks,
Maxime
> uart0: serial@01c28000 {
> compatible = "snps,dw-apb-uart";
> reg = <0x01c28000 0x400>;
> --
> 1.8.1.5
>
--
Maxime Ripard, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
On Tue, Aug 27, 2013 at 04:13:04PM +0200, [email protected] wrote:
> From: Oliver Schinagl <[email protected]>
>
> Allwinner has electric fuses (efuse) on their line of chips. This driver
> reads those fuses, seeds the kernel entropy and exports them as a sysfs
> node.
>
> These fuses are most likly to be programmed at the factory, encoding
^ likely
> things like Chip ID, some sort of serial number etc and appear to be
> reasonable unique.
> While in theory, these should be writeable by the user, it will probably
> be inconvinient to do so. Allwinner recommends that a certain input pin,
> labeled 'efuse_vddq', be connected to GND. To write these fuses however,
> a 2.5 V programming voltage needs to be applied to this pin.
>
> Even so, they can still be used to generate a board-unique mac from,
> board unique RSA key and seed the kernel RNG.
>
> On sun7i additional storage is available, this is initially used for an
> UEFI BOOT key, Secure JTAG key, HDMI-HDCP key and vendor specific keys.
>
> Currently supported are the following known chips:
> Allwinner sun4i (A10)
> Allwinner sun5i (A10s, A13)
Speaking of which, any reason why you didn't add the A10s support in
your second patch?
> Allwinner sun7i (A20)
>
> Signed-off-by: Oliver Schinagl <[email protected]>
> ---
> Documentation/ABI/stable/sysfs-driver-sunxi-sid | 22 +++
> .../bindings/misc/allwinner,sunxi-sid.txt | 16 ++
> drivers/misc/eeprom/Kconfig | 19 +++
> drivers/misc/eeprom/Makefile | 1 +
> drivers/misc/eeprom/sunxi_sid.c | 177 +++++++++++++++++++++
> 5 files changed, 235 insertions(+)
> create mode 100644 Documentation/ABI/stable/sysfs-driver-sunxi-sid
> create mode 100644 Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
> create mode 100644 drivers/misc/eeprom/sunxi_sid.c
>
> diff --git a/Documentation/ABI/stable/sysfs-driver-sunxi-sid b/Documentation/ABI/stable/sysfs-driver-sunxi-sid
> new file mode 100644
> index 0000000..b04ec05
> --- /dev/null
> +++ b/Documentation/ABI/stable/sysfs-driver-sunxi-sid
I'm not sure this should go to the stable directory directly. Greg?
Isn't it suppose to go through testing/ before making it to stable/ ?
> @@ -0,0 +1,22 @@
> +What: /sys/devices/soc.0/1c23800.eeprom/eeprom
^ and ^
are dynamic and depends on the number of instances of your driver, (in
this case) the base address of the device, the name of the root node in
the device tree, etc. so I wouldn't hardcode that in the documentation.
Sotheming like /sys/devices/*/<our-device>/eeprom maybe?
> +Date: August 2013
> +Contact: Oliver Schinagl <[email protected]>
> +Description: read-only access to the SID (Security-ID) on current
> + A-series SoC's from Allwinner. Currently supports A10, A10s, A13
> + and A20 CPU's. The earlier A1x series of SoCs exports 16 bytes,
> + whereas the newer A20 SoC exposes 512 bytes split into sections.
> + Besides the 16 bytes of SID, there's also an SJTAG area,
> + HDMI-HDCP key and some custom keys. Below a quick overview, for
> + details see the user manual:
> + 0x000 128 bit root-key (sun[457]i)
> + 0x010 128 bit boot-key (sun7i)
> + 0x020 64 bit security-jtag-key (sun7i)
> + 0x028 16 bit key configuration (sun7i)
> + 0x02b 16 bit custom-vendor-key (sun7i)
> + 0x02c 320 bit low general key (sun7i)
> + 0x040 32 bit read-control access (sun7i)
> + 0x064 224 bit low general key (sun7i)
> + 0x080 2304 bit HDCP-key (sun7i)
> + 0x1a0 768 bit high general key (sun7i)
> +Users: any user space application which wants to read the SID on
> + Allwinner's A-series of CPU's.
> diff --git a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
> new file mode 100644
> index 0000000..2103a44
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt
> @@ -0,0 +1,16 @@
> +Allwinner sunxi-sid
> +
> +Required properties:
> +- compatible: "allwinner,sun4i-sid" or "allwinner,sun7i-sid".
> +- reg: Should contain registers location and length
> +
> +Example for sun4i:
> + sid@01c23800 {
> + compatible = "allwinner,sun4i-sid";
> + reg = <0x01c23800 0x10>
> + };
> +Example for sun7i
> + sid@01c23800 {
> + compatible = "allwinner,sun7i-sid";
> + reg = <0x01c23800 0x200>
> + };
> diff --git a/drivers/misc/eeprom/Kconfig b/drivers/misc/eeprom/Kconfig
> index 04f2e1f..bc6a14c 100644
> --- a/drivers/misc/eeprom/Kconfig
> +++ b/drivers/misc/eeprom/Kconfig
> @@ -96,4 +96,23 @@ config EEPROM_DIGSY_MTC_CFG
>
> If unsure, say N.
>
> +config EEPROM_SUNXI_SID
> + tristate "Allwinner sunxi security ID support"
> + depends on ARCH_SUNXI && SYSFS
> + help
> + This is a driver for the 'security ID' available on various Allwinner
> + devices.
> + Currently supported are:
> + sun4i (A10)
> + sun5i (A10s, A13)
> + sun7i (A20)
I'm not sure I like the currently supported driver list to be in
Kconfig. That means that you'll have to duplicate in with the driver and
the Documentation, I'm not sure it's worth it.
> + Due to the potential risks involved with changing e-fuses,
> + this driver is read-only
> +
> + For more information visit http://linux-sunxi.org/SID
And I'm not very eager about putting URL there either. If the domain
name ever has to changed, or the wiki page changes, or whatever, you're
screwed.
> + This driver can also be built as a module. If so, the module
> + will be called sunxi_sid.
> +
> endmenu
> diff --git a/drivers/misc/eeprom/Makefile b/drivers/misc/eeprom/Makefile
> index fc1e81d..9507aec 100644
> --- a/drivers/misc/eeprom/Makefile
> +++ b/drivers/misc/eeprom/Makefile
> @@ -4,4 +4,5 @@ obj-$(CONFIG_EEPROM_LEGACY) += eeprom.o
> obj-$(CONFIG_EEPROM_MAX6875) += max6875.o
> obj-$(CONFIG_EEPROM_93CX6) += eeprom_93cx6.o
> obj-$(CONFIG_EEPROM_93XX46) += eeprom_93xx46.o
> +obj-$(CONFIG_EEPROM_SUNXI_SID) += sunxi_sid.o
> obj-$(CONFIG_EEPROM_DIGSY_MTC_CFG) += digsy_mtc_eeprom.o
> diff --git a/drivers/misc/eeprom/sunxi_sid.c b/drivers/misc/eeprom/sunxi_sid.c
> new file mode 100644
> index 0000000..6fac205
> --- /dev/null
> +++ b/drivers/misc/eeprom/sunxi_sid.c
> @@ -0,0 +1,177 @@
> +/*
> + * Copyright (c) 2013 Oliver Schinagl <[email protected]>
> + * http://www.linux-sunxi.org
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * This driver exposes the Allwinner security ID, efuses exported in byte-
> + * sized chunks.
> + */
> +
> +#include <linux/compiler.h>
> +#include <linux/device.h>
> +#include <linux/err.h>
> +#include <linux/export.h>
> +#include <linux/fs.h>
> +#include <linux/init.h>
> +#include <linux/io.h>
> +#include <linux/kernel.h>
> +#include <linux/kobject.h>
> +#include <linux/module.h>
> +#include <linux/of_device.h>
> +#include <linux/platform_device.h>
> +#include <linux/random.h>
> +#include <linux/slab.h>
> +#include <linux/stat.h>
> +#include <linux/sysfs.h>
> +#include <linux/types.h>
> +
> +#define DRV_NAME "sunxi-sid"
> +
> +struct sunxi_sid_data {
> + void __iomem *reg_base;
> + unsigned int keysize;
> +};
> +
> +/* We read the entire key, due to a 32 bit read alignment requirement. Since we
> + * want to return the requested byte, this resuls in somewhat slower code and
> + * uses 4 times more reads as needed but keeps code simpler. Since the SID is
> + * only very rarly probed, this is not really an issue.
> + */
> +static u8 sunxi_sid_read_byte(const struct sunxi_sid_data *sid_data,
> + const unsigned int offset)
> +{
> + u32 sid_key;
> +
> + if (offset >= sid_data->keysize)
> + return 0;
> +
> + sid_key = ioread32be(sid_data->reg_base + round_down(offset, 4));
> + sid_key >>= (offset % 4) * 8;
> +
> + return sid_key; /* Only return the last byte */
> +}
> +
> +static ssize_t sid_read(struct file *fd, struct kobject *kobj,
> + struct bin_attribute *attr, char *buf,
> + loff_t pos, size_t size)
> +{
> + struct platform_device *pdev;
> + struct sunxi_sid_data *sid_data;
> + int i;
> +
> + pdev = to_platform_device(kobj_to_dev(kobj));
> + sid_data = platform_get_drvdata(pdev);
> +
> + if (pos < 0 || pos >= sid_data->keysize)
> + return 0;
> + if (size > sid_data->keysize - pos)
> + size = sid_data->keysize - pos;
> +
> + for (i = 0; i < size; i++)
> + buf[i] = sunxi_sid_read_byte(sid_data, pos + i);
> +
> + return i;
> +}
> +
> +static struct bin_attribute sid_bin_attr = {
> + .attr = { .name = "eeprom", .mode = S_IRUGO, },
> + .read = sid_read,
> +};
> +
> +static struct bin_attribute *sunxi_sid_bin_attrs[] = {
> + &sid_bin_attr,
> + NULL,
> +};
> +
> +static const struct attribute_group sunxi_sid_group = {
> + .bin_attrs = sunxi_sid_bin_attrs,
> +};
> +
> +static const struct attribute_group *sunxi_sid_groups[] = {
> + &sunxi_sid_group,
> + NULL,
> +};
> +
> +static int sunxi_sid_remove(struct platform_device *pdev)
> +{
> + struct sunxi_sid_data *sid_data;
> +
> + device_remove_bin_file(&pdev->dev, &sid_bin_attr); /* fixme */
> + sid_data = platform_get_drvdata(pdev);
> + devm_kfree(&pdev->dev, sid_data);
> + dev_dbg(&pdev->dev, "driver unloaded\n");
> +
> + return 0;
> +}
> +
> +static const struct of_device_id sunxi_sid_of_match[] = {
> + { .compatible = "allwinner,sun4i-sid", .data = (void *)16},
> + { .compatible = "allwinner,sun7i-sid", .data = (void *)512},
> + {/* sentinel */},
> +};
> +MODULE_DEVICE_TABLE(of, sunxi_sid_of_match);
> +
> +static int __init sunxi_sid_probe(struct platform_device *pdev)
> +{
> + struct sunxi_sid_data *sid_data;
> + struct resource *res;
> + const struct of_device_id *of_dev_id;
> + u8 *entropy;
> + unsigned int i;
> +
> + sid_data = devm_kzalloc(&pdev->dev, sizeof(struct sunxi_sid_data),
> + GFP_KERNEL);
> + if (!sid_data)
> + return -ENOMEM;
> +
> + res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
> + sid_data->reg_base = devm_ioremap_resource(&pdev->dev, res);
> + if (IS_ERR(sid_data->reg_base))
> + return PTR_ERR(sid_data->reg_base);
> +
> + of_dev_id = of_match_device(sunxi_sid_of_match, &pdev->dev);
> + if (!of_dev_id)
> + return -ENODEV;
> + sid_data->keysize = (int)of_dev_id->data;
> +
> + platform_set_drvdata(pdev, sid_data);
> +
> + sid_bin_attr.size = sid_data->keysize; /* ugly */
Ugly? Why?
> + if (device_create_bin_file(&pdev->dev, &sid_bin_attr)) /* fixme */
And what is there to fix here?
For these two comments, either explain what you find so ugly/broken so
that someone reading your code can get what is wrong, or just remove
them, because keeping them like that is just confusing.
Maxime
> + return -ENODEV;
> +
> + entropy = kzalloc(sizeof(u8) * sid_data->keysize, GFP_KERNEL);
> + for (i = 0; i < sid_data->keysize; i++)
> + entropy[i] = sunxi_sid_read_byte(sid_data, i);
> + add_device_randomness(entropy, sid_data->keysize);
> + kfree(entropy);
> +
> + dev_dbg(&pdev->dev, "loaded\n");
> +
> + return 0;
> +}
> +
> +static struct platform_driver sunxi_sid_driver = {
> + .probe = sunxi_sid_probe,
> + .remove = sunxi_sid_remove,
> + .driver = {
> + .name = DRV_NAME,
> + .owner = THIS_MODULE,
> + .of_match_table = sunxi_sid_of_match,
> + /* .groups = sunxi_sid_groups, proper way */
> + },
> +};
> +module_platform_driver(sunxi_sid_driver);
> +
> +MODULE_AUTHOR("Oliver Schinagl <[email protected]>");
> +MODULE_DESCRIPTION("Allwinner sunxi security id driver");
> +MODULE_LICENSE("GPL");
> --
> 1.8.1.5
>
--
Maxime Ripard, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com