[linux-6.6.y] LoongArch: Add LoongArch security engine driver support

[AaronDot]

Add LoongArch security engine driver support

Summary by Sourcery

Add support for the LoongArch security engine by introducing a new driver and updating the device tree bindings to include the Loongson SE module. This enables cryptographic operations and secure communication channels on LoongArch platforms.

New Features:

• Introduce a new driver for the LoongArch security engine, providing support for various cryptographic operations and secure communication channels.

Enhancements:

• Add support for the Loongson SE module in the device tree bindings, allowing for proper configuration and integration with the system.

Documentation:

• Include documentation for the Loongson SE module in the device tree bindings, detailing the properties and requirements for integration.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request adds support for the LoongArch security engine driver by introducing new driver files, updating the Makefile and Kconfig, and adding device tree bindings.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Add LoongArch security engine driver implementation.	Implemented the core driver logic for the LoongArch security engine. Defined various command and interrupt handling functions. Initialized and managed hardware resources and memory. Implemented channel initialization and deinitialization functions. Added support for sending and receiving commands through the security engine.	drivers/char/loongson_se.c
Add support for LoongArch SDF (Secure Data Flow) driver.	Implemented the SDF driver logic for handling secure data flow operations. Defined file operations for reading and writing data. Managed session handles and command processing. Implemented synchronization mechanisms for command processing.	drivers/char/lsse_sdf_cdev.c
Add header file for LoongArch security engine.	Defined constants and structures for the security engine. Provided function prototypes for channel operations.	arch/loongarch/include/asm/se.h
Update Makefile and Kconfig to include new drivers.	Added entries for the LoongArch security engine and SDF drivers in the Makefile. Updated Kconfig to include configuration options for the new drivers.	drivers/char/Makefile drivers/char/Kconfig
Add device tree bindings for LoongArch security engine.	Created a YAML file for device tree bindings of the LoongArch security engine. Defined properties such as compatible, reg, and interrupts.	Documentation/devicetree/bindings/security/loongson_se/se.yaml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!
• Generate a plan of action for an issue: Comment @sourcery-ai plan on
  an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[deepin-ci-robot]

Hi @AaronDot. Thanks for your PR.

I'm waiting for a deepin-community member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[sourcery-ai]

Hey @AaronDot - I've reviewed your changes - here's some feedback:

Overall Comments:

• Consider adding a comment block at the beginning of drivers/char/loongson_se.c to describe the purpose of the driver.
• It might be helpful to add a comment explaining the purpose of the lsse_sdf_cdev.c driver.

Here's what I looked at during the review

• 🟡 General issues: 3 issues found
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟡 Complexity: 2 issues found
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion (typo): Typo in function name 'se_send_requeset'.

Consider renaming the function to 'se_send_request' (and updating all its call sites) to avoid confusion.

Suggested implementation:

static int se_send_request(struct loongson_se *se,

Make sure to search for all occurrences of "se_send_requeset" in the file and/or project and update them to "se_send_request" to ensure consistency and avoid linker errors.

[sourcery-ai]

nitpick (typo): Typo in error message string.

Replace 'bot' with 'not' for clarity.

Suggested change

	pr_err("SE has bot been initialized\n");
	pr_err("SE has not been initialized\n");

[sourcery-ai]

suggestion (bug_risk): Ignoring return value of dma_set_mask_and_coherent.

Consider checking the return value to handle potential failures, ensuring the DMA configuration succeeds.

Suggested change

	dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(64));
	err = dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(64));
	if (err)
	return err;

[sourcery-ai]

issue (complexity): Consider refactoring the retry logic in se_send_genl_cmd to use a for-loop instead of goto statements.

Consider refactoring the retry logic in se_send_genl_cmd into a simple loop. For example, you could replace the goto-based retries with a for-loop as shown below:

static int se_send_genl_cmd(struct loongson_se *se, struct se_mailbox_data *req,
                              struct se_mailbox_data *res, int retry)
{
    int err = 0, cnt;

    for (cnt = 0; cnt < retry; cnt++) {
        dev_dbg(se->dev, "%d time send cmd 0x%x\n", cnt + 1, req->u.gcmd.cmd);

        err = se_send_requeset(se, req);
        if (err)
            continue;

        if (!wait_for_completion_timeout(&se->cmd_completion,
                                            msecs_to_jiffies(0x1000))) {
            se_enable_int(se, req->int_bit);
            continue;
        }

        err = loongson_se_get_res(se, req->int_bit, req->u.gcmd.cmd, res);
        if (err || res->u.res.cmd_ret) {
            se_enable_int(se, req->int_bit);
            continue;
        }
        break;
    }

    if (cnt >= retry)
        err = -ETIMEDOUT;

    se_enable_int(se, req->int_bit);
    return err;
}

This approach reduces nesting and improves readability while keeping the functionality intact.

[sourcery-ai]

issue (complexity): Consider abstracting repeated logic into helper functions to simplify the code flow.

Consider abstracting repeated error–cleanup and user/kernel copy logic into helper routines to simplify the intertwined flow. For example, you can encapsulate the copy logic into an inline function rather than duplicating copy/ memcpy decisions:

static inline int copy_data(void *dest, const void *src, size_t count, bool is_user)
{
    if (is_user)
        return copy_from_user(dest, src, count) ? -EFAULT : 0;
    memcpy(dest, src, count);
    return 0;
}

Then in your send/recv functions, replace:

if (user) {
    ret = copy_from_user(se->se_ch->data_buffer, buf, count);
    if (ret) {
        ret = -EFAULT;
        goto out_unlock;
    }
    /* ... */
} else
    memcpy(se->se_ch->data_buffer, buf, count);

with:

ret = copy_data(se->se_ch->data_buffer, buf, count, user);
if (ret)
    goto out_unlock;

Similarly, consolidate error paths by abstracting common cleanup work into a single helper function rather than interleaving goto labels. For example, an inline unlock-and-return function:

static inline int unlock_and_return(struct mutex *lock, int ret)
{
    mutex_unlock(lock);
    return ret;
}

Then replace patterns like:

if (ret) {
    mutex_unlock(&se->data_lock);
    return ret;
}

with:

if (ret)
    return unlock_and_return(&se->data_lock, ret);

These small focused changes reduce nesting and interleaved goto statements while keeping all functionality intact.

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: sourcery-ai[bot]
Once this PR has been reviewed and has the lgtm label, please assign opsiff for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment