feat(st): disable authentication based on part_number

STM32MP15xA and STM32MP15xD chip part numbers don't support the secure boot. All functions linked to secure boot must not be used and signed binaries are not allowed on such chip. Signed-off-by: Lionel Debieve <lionel.debieve@st.com> Change-Id: I5b85f322f5eb3b64415e1819bd00fb2c99f20695
2025-04-16 17:44:19 +00:00 · 2019-12-06 12:42:20 +01:00 · 2019-12-06 12:42:20 +01:00 · 49abdfd8ce
commit 49abdfd8ce
parent 884a65064a
4 changed files with 34 additions and 4 deletions
--- a/plat/st/common/include/stm32mp_common.h
+++ b/plat/st/common/include/stm32mp_common.h
@ -21,6 +21,7 @@ uint16_t stm32mp_get_boot_itf_selected(void);

 bool stm32mp_is_single_core(void);
 bool stm32mp_is_closed_device(void);
+bool stm32mp_is_auth_supported(void);

 /* Return the base address of the DDR controller */
 uintptr_t stm32mp_ddrctrl_base(void);
--- a/plat/st/common/stm32mp_auth.c
+++ b/plat/st/common/stm32mp_auth.c
@ -46,6 +46,11 @@ int stm32mp_auth_image(boot_api_image_header_t *header, uintptr_t buffer)
 		INFO("Check signature on Open device\n");
 	}

+	if (auth_ops == NULL) {
+		ERROR("Device doesn't support image authentication\n");
+		return -EOPNOTSUPP;
+	}
+
 	ret = mmap_add_dynamic_region(STM32MP_ROM_BASE, STM32MP_ROM_BASE,
 				      STM32MP_ROM_SIZE_2MB_ALIGNED, MT_CODE | MT_SECURE);
 	if (ret != 0) {
--- a/plat/st/stm32mp1/bl2_plat_setup.c
+++ b/plat/st/stm32mp1/bl2_plat_setup.c
@ -333,11 +333,14 @@ skip_console_init:

 	stm32_iwdg_refresh();

-	stm32mp1_auth_ops.check_key = boot_context->bootrom_ecdsa_check_key;
-	stm32mp1_auth_ops.verify_signature =
-		boot_context->bootrom_ecdsa_verify_signature;
+	if (stm32mp_is_auth_supported()) {
+		stm32mp1_auth_ops.check_key =
+			boot_context->bootrom_ecdsa_check_key;
+		stm32mp1_auth_ops.verify_signature =
+			boot_context->bootrom_ecdsa_verify_signature;

-	stm32mp_init_auth(&stm32mp1_auth_ops);
+		stm32mp_init_auth(&stm32mp1_auth_ops);
+	}

 	stm32mp1_arch_security_setup();

--- a/plat/st/stm32mp1/stm32mp1_private.c
+++ b/plat/st/stm32mp1/stm32mp1_private.c
@ -443,6 +443,27 @@ bool stm32mp_is_closed_device(void)
 	return (value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE;
 }

+/* Return true when device supports secure boot */
+bool stm32mp_is_auth_supported(void)
+{
+	bool supported = false;
+
+	switch (get_part_number()) {
+	case STM32MP151C_PART_NB:
+	case STM32MP151F_PART_NB:
+	case STM32MP153C_PART_NB:
+	case STM32MP153F_PART_NB:
+	case STM32MP157C_PART_NB:
+	case STM32MP157F_PART_NB:
+		supported = true;
+		break;
+	default:
+		break;
+	}
+
+	return supported;
+}
+
 uint32_t stm32_iwdg_get_instance(uintptr_t base)
 {
 	switch (base) {