From 49abdfd8cececb91a4bc7e7b29a30c09dce461c7 Mon Sep 17 00:00:00 2001
From: Lionel Debieve <lionel.debieve@st.com>
Date: Fri, 6 Dec 2019 12:42:20 +0100
Subject: [PATCH] feat(st): disable authentication based on part_number

STM32MP15xA and STM32MP15xD chip part numbers don't
support the secure boot.
All functions linked to secure boot must not be used
and signed binaries are not allowed on such chip.

Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Change-Id: I5b85f322f5eb3b64415e1819bd00fb2c99f20695
---
 plat/st/common/include/stm32mp_common.h |  1 +
 plat/st/common/stm32mp_auth.c           |  5 +++++
 plat/st/stm32mp1/bl2_plat_setup.c       | 11 +++++++----
 plat/st/stm32mp1/stm32mp1_private.c     | 21 +++++++++++++++++++++
 4 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/plat/st/common/include/stm32mp_common.h b/plat/st/common/include/stm32mp_common.h
index cc06f5cb2..a13e9e582 100644
--- a/plat/st/common/include/stm32mp_common.h
+++ b/plat/st/common/include/stm32mp_common.h
@@ -21,6 +21,7 @@ uint16_t stm32mp_get_boot_itf_selected(void);
 
 bool stm32mp_is_single_core(void);
 bool stm32mp_is_closed_device(void);
+bool stm32mp_is_auth_supported(void);
 
 /* Return the base address of the DDR controller */
 uintptr_t stm32mp_ddrctrl_base(void);
diff --git a/plat/st/common/stm32mp_auth.c b/plat/st/common/stm32mp_auth.c
index 744201cd1..97fbffa2e 100644
--- a/plat/st/common/stm32mp_auth.c
+++ b/plat/st/common/stm32mp_auth.c
@@ -46,6 +46,11 @@ int stm32mp_auth_image(boot_api_image_header_t *header, uintptr_t buffer)
 		INFO("Check signature on Open device\n");
 	}
 
+	if (auth_ops == NULL) {
+		ERROR("Device doesn't support image authentication\n");
+		return -EOPNOTSUPP;
+	}
+
 	ret = mmap_add_dynamic_region(STM32MP_ROM_BASE, STM32MP_ROM_BASE,
 				      STM32MP_ROM_SIZE_2MB_ALIGNED, MT_CODE | MT_SECURE);
 	if (ret != 0) {
diff --git a/plat/st/stm32mp1/bl2_plat_setup.c b/plat/st/stm32mp1/bl2_plat_setup.c
index 13ba5abd6..a5a4c1c21 100644
--- a/plat/st/stm32mp1/bl2_plat_setup.c
+++ b/plat/st/stm32mp1/bl2_plat_setup.c
@@ -333,11 +333,14 @@ skip_console_init:
 
 	stm32_iwdg_refresh();
 
-	stm32mp1_auth_ops.check_key = boot_context->bootrom_ecdsa_check_key;
-	stm32mp1_auth_ops.verify_signature =
-		boot_context->bootrom_ecdsa_verify_signature;
+	if (stm32mp_is_auth_supported()) {
+		stm32mp1_auth_ops.check_key =
+			boot_context->bootrom_ecdsa_check_key;
+		stm32mp1_auth_ops.verify_signature =
+			boot_context->bootrom_ecdsa_verify_signature;
 
-	stm32mp_init_auth(&stm32mp1_auth_ops);
+		stm32mp_init_auth(&stm32mp1_auth_ops);
+	}
 
 	stm32mp1_arch_security_setup();
 
diff --git a/plat/st/stm32mp1/stm32mp1_private.c b/plat/st/stm32mp1/stm32mp1_private.c
index 075d1d7fa..51569758a 100644
--- a/plat/st/stm32mp1/stm32mp1_private.c
+++ b/plat/st/stm32mp1/stm32mp1_private.c
@@ -443,6 +443,27 @@ bool stm32mp_is_closed_device(void)
 	return (value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE;
 }
 
+/* Return true when device supports secure boot */
+bool stm32mp_is_auth_supported(void)
+{
+	bool supported = false;
+
+	switch (get_part_number()) {
+	case STM32MP151C_PART_NB:
+	case STM32MP151F_PART_NB:
+	case STM32MP153C_PART_NB:
+	case STM32MP153F_PART_NB:
+	case STM32MP157C_PART_NB:
+	case STM32MP157F_PART_NB:
+		supported = true;
+		break;
+	default:
+		break;
+	}
+
+	return supported;
+}
+
 uint32_t stm32_iwdg_get_instance(uintptr_t base)
 {
 	switch (base) {