Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-16 01:24:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge changes from topic "st-bsec-otp" into integration

Browse source 
* changes:
  feat(stm32mp2-fdts): add board ID OTP in STM32MP257F-EV1
  feat(stm32mp2-fdts): add OTP nodes in STM32MP251 SoC DT file
  fix(stm32mp2): add missing include
  feat(st): do not directly call BSEC functions in common code
  feat(st): use stm32_get_otp_value_from_idx() in BL31
  refactor(st): update test for closed chip
  refactor(st-bsec): improve BSEC driver
  refactor(st): use dashes for BSEC node names
This commit is contained in:
Manish Pandey 2024-01-23 12:54:09 +01:00 committed by TrustedFirmware Code Review
commit e6a0994c02
25 changed files with 333 additions and 395 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

330
drivers/st/bsec/bsec2.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2017-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -21,15 +21,26 @@
#define BSEC_IP_VERSION_2_0 U(0x20)
#define BSEC_IP_ID_2 U(0x100032)
/*
* IP configuration
*/
#define BSEC_OTP_MASK GENMASK(4, 0)
#define BSEC_OTP_BANK_SHIFT 5
#define BSEC_TIMEOUT_VALUE U(0xFFFF)
#define OTP_ACCESS_SIZE (round_up(OTP_MAX_SIZE, __WORD_BIT) / __WORD_BIT)
static uint32_t otp_nsec_access[OTP_ACCESS_SIZE] __unused;
static uint32_t otp_nsec_access[OTP_ACCESS_SIZE] __maybe_unused;
static uint32_t bsec_shadow_register(uint32_t otp);
static uint32_t bsec_power_safmem(bool power);
static uint32_t bsec_get_version(void);
static uint32_t bsec_get_id(void);
static uint32_t bsec_get_status(void);
static uint32_t bsec_read_permanent_lock(uint32_t otp, bool *value);
/* BSEC access protection */
static spinlock_t bsec_spinlock;
static uintptr_t bsec_base;
static void bsec_lock(void)
{
@ -47,7 +58,7 @@ static void bsec_unlock(void)
static bool is_otp_invalid_mode(void)
{
bool ret = ((bsec_get_status() & BSEC_MODE_INVALID) == BSEC_MODE_INVALID);
bool ret = ((bsec_get_status() & BSEC_OTP_STATUS_INVALID) == BSEC_OTP_STATUS_INVALID);
if (ret) {
ERROR("OTP mode is OTP-INVALID\n");
@ -163,7 +174,7 @@ static void bsec_late_init(void)
panic();
}
assert(bsec_base == bsec_info.base);
assert(bsec_info.base == BSEC_BASE);
bsec_dt_otp_nsec_access(fdt, node);
}
@ -177,6 +188,11 @@ static uint32_t otp_bank_offset(uint32_t otp)
sizeof(uint32_t);
}
static uint32_t otp_bit_mask(uint32_t otp)
{
return BIT(otp & BSEC_OTP_MASK);
}
/*
* bsec_check_error: check BSEC error status.
* otp: OTP number.
@ -186,10 +202,10 @@ static uint32_t otp_bank_offset(uint32_t otp)
*/
static uint32_t bsec_check_error(uint32_t otp, bool check_disturbed)
{
uint32_t bit = BIT(otp & BSEC_OTP_MASK);
uint32_t bit = otp_bit_mask(otp);
uint32_t bank = otp_bank_offset(otp);
if ((mmio_read_32(bsec_base + BSEC_ERROR_OFF + bank) & bit) != 0U) {
if ((mmio_read_32(BSEC_BASE + BSEC_ERROR_OFF + bank) & bit) != 0U) {
return BSEC_ERROR;
}
@ -197,7 +213,7 @@ static uint32_t bsec_check_error(uint32_t otp, bool check_disturbed)
return BSEC_OK;
}
if ((mmio_read_32(bsec_base + BSEC_DISTURBED_OFF + bank) & bit) != 0U) {
if ((mmio_read_32(BSEC_BASE + BSEC_DISTURBED_OFF + bank) & bit) != 0U) {
return BSEC_DISTURBED;
}
@ -210,14 +226,12 @@ static uint32_t bsec_check_error(uint32_t otp, bool check_disturbed)
*/
uint32_t bsec_probe(void)
{
bsec_base = BSEC_BASE;
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
}
if ((((bsec_get_version() & BSEC_IPVR_MSK) != BSEC_IP_VERSION_1_1) &&
((bsec_get_version() & BSEC_IPVR_MSK) != BSEC_IP_VERSION_2_0)) ||
if (((bsec_get_version() != BSEC_IP_VERSION_1_1) &&
(bsec_get_version() != BSEC_IP_VERSION_2_0)) ||
(bsec_get_id() != BSEC_IP_ID_2)) {
panic();
}
@ -228,103 +242,12 @@ uint32_t bsec_probe(void)
return BSEC_OK;
}
/*
* bsec_get_base: return BSEC base address.
*/
uint32_t bsec_get_base(void)
{
return bsec_base;
}
/*
* bsec_set_config: enable and configure BSEC.
* cfg: pointer to param structure used to set register.
* return value: BSEC_OK if no error.
*/
uint32_t bsec_set_config(struct bsec_config *cfg)
{
uint32_t value;
uint32_t result;
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
}
value = ((((uint32_t)cfg->freq << BSEC_CONF_FRQ_SHIFT) &
BSEC_CONF_FRQ_MASK) |
(((uint32_t)cfg->pulse_width << BSEC_CONF_PRG_WIDTH_SHIFT) &
BSEC_CONF_PRG_WIDTH_MASK) |
(((uint32_t)cfg->tread << BSEC_CONF_TREAD_SHIFT) &
BSEC_CONF_TREAD_MASK));
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_CONF_OFF, value);
bsec_unlock();
result = bsec_power_safmem((bool)cfg->power &
BSEC_CONF_POWER_UP_MASK);
if (result != BSEC_OK) {
return result;
}
value = ((((uint32_t)cfg->upper_otp_lock << UPPER_OTP_LOCK_SHIFT) &
UPPER_OTP_LOCK_MASK) |
(((uint32_t)cfg->den_lock << DENREG_LOCK_SHIFT) &
DENREG_LOCK_MASK) |
(((uint32_t)cfg->prog_lock << GPLOCK_LOCK_SHIFT) &
GPLOCK_LOCK_MASK));
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_LOCK_OFF, value);
bsec_unlock();
return BSEC_OK;
}
/*
* bsec_get_config: return config parameters set in BSEC registers.
* cfg: config param return.
* return value: BSEC_OK if no error.
*/
uint32_t bsec_get_config(struct bsec_config *cfg)
{
uint32_t value;
if (cfg == NULL) {
return BSEC_INVALID_PARAM;
}
value = mmio_read_32(bsec_base + BSEC_OTP_CONF_OFF);
cfg->power = (uint8_t)((value & BSEC_CONF_POWER_UP_MASK) >>
BSEC_CONF_POWER_UP_SHIFT);
cfg->freq = (uint8_t)((value & BSEC_CONF_FRQ_MASK) >>
BSEC_CONF_FRQ_SHIFT);
cfg->pulse_width = (uint8_t)((value & BSEC_CONF_PRG_WIDTH_MASK) >>
BSEC_CONF_PRG_WIDTH_SHIFT);
cfg->tread = (uint8_t)((value & BSEC_CONF_TREAD_MASK) >>
BSEC_CONF_TREAD_SHIFT);
value = mmio_read_32(bsec_base + BSEC_OTP_LOCK_OFF);
cfg->upper_otp_lock = (uint8_t)((value & UPPER_OTP_LOCK_MASK) >>
UPPER_OTP_LOCK_SHIFT);
cfg->den_lock = (uint8_t)((value & DENREG_LOCK_MASK) >>
DENREG_LOCK_SHIFT);
cfg->prog_lock = (uint8_t)((value & GPLOCK_LOCK_MASK) >>
GPLOCK_LOCK_SHIFT);
return BSEC_OK;
}
/*
* bsec_shadow_register: copy SAFMEM OTP to BSEC data.
* otp: OTP number.
* return value: BSEC_OK if no error.
*/
uint32_t bsec_shadow_register(uint32_t otp)
static uint32_t bsec_shadow_register(uint32_t otp)
{
uint32_t result;
bool value;
@ -345,7 +268,7 @@ uint32_t bsec_shadow_register(uint32_t otp)
otp);
}
if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) {
if ((bsec_get_status() & BSEC_OTP_STATUS_PWRON) == 0U) {
result = bsec_power_safmem(true);
if (result != BSEC_OK) {
@ -357,9 +280,9 @@ uint32_t bsec_shadow_register(uint32_t otp)
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF, otp | BSEC_READ);
mmio_write_32(BSEC_BASE + BSEC_OTP_CTRL_OFF, otp | BSEC_READ);
while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) {
while ((bsec_get_status() & BSEC_OTP_STATUS_BUSY) != 0U) {
;
}
@ -392,7 +315,7 @@ uint32_t bsec_read_otp(uint32_t *val, uint32_t otp)
return BSEC_INVALID_PARAM;
}
*val = mmio_read_32(bsec_base + BSEC_OTP_DATA_OFF +
*val = mmio_read_32(BSEC_BASE + BSEC_OTP_DATA_OFF +
(otp * sizeof(uint32_t)));
return BSEC_OK;
@ -427,7 +350,7 @@ uint32_t bsec_write_otp(uint32_t val, uint32_t otp)
/* Ensure integrity of each register access sequence */
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_DATA_OFF +
mmio_write_32(BSEC_BASE + BSEC_OTP_DATA_OFF +
(otp * sizeof(uint32_t)), val);
bsec_unlock();
@ -470,12 +393,11 @@ uint32_t bsec_program_otp(uint32_t val, uint32_t otp)
return BSEC_PROG_FAIL;
}
if ((mmio_read_32(bsec_base + BSEC_OTP_LOCK_OFF) &
BIT(BSEC_LOCK_PROGRAM)) != 0U) {
if ((mmio_read_32(BSEC_BASE + BSEC_OTP_LOCK_OFF) & GPLOCK_LOCK_MASK) != 0U) {
WARN("BSEC: GPLOCK activated, prog will be ignored\n");
}
if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) {
if ((bsec_get_status() & BSEC_OTP_STATUS_PWRON) == 0U) {
result = bsec_power_safmem(true);
if (result != BSEC_OK) {
@ -487,15 +409,15 @@ uint32_t bsec_program_otp(uint32_t val, uint32_t otp)
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_WRDATA_OFF, val);
mmio_write_32(BSEC_BASE + BSEC_OTP_WRDATA_OFF, val);
mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF, otp | BSEC_WRITE);
mmio_write_32(BSEC_BASE + BSEC_OTP_CTRL_OFF, otp | BSEC_WRITE);
while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) {
while ((bsec_get_status() & BSEC_OTP_STATUS_BUSY) != 0U) {
;
}
if ((bsec_get_status() & BSEC_MODE_PROGFAIL_MASK) != 0U) {
if ((bsec_get_status() & BSEC_OTP_STATUS_PROGFAIL) != 0U) {
result = BSEC_PROG_FAIL;
} else {
result = bsec_check_error(otp, true);
@ -517,6 +439,7 @@ uint32_t bsec_program_otp(uint32_t val, uint32_t otp)
* otp: OTP number.
* return value: BSEC_OK if no error.
*/
#if defined(IMAGE_BL32)
uint32_t bsec_permanent_lock_otp(uint32_t otp)
{
uint32_t result;
@ -532,7 +455,7 @@ uint32_t bsec_permanent_lock_otp(uint32_t otp)
return BSEC_INVALID_PARAM;
}
if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) {
if ((bsec_get_status() & BSEC_OTP_STATUS_PWRON) == 0U) {
result = bsec_power_safmem(true);
if (result != BSEC_OK) {
@ -554,16 +477,16 @@ uint32_t bsec_permanent_lock_otp(uint32_t otp)
bsec_lock();
mmio_write_32(bsec_base + BSEC_OTP_WRDATA_OFF, data);
mmio_write_32(BSEC_BASE + BSEC_OTP_WRDATA_OFF, data);
mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF,
mmio_write_32(BSEC_BASE + BSEC_OTP_CTRL_OFF,
addr | BSEC_WRITE | BSEC_LOCK);
while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) {
while ((bsec_get_status() & BSEC_OTP_STATUS_BUSY) != 0U) {
;
}
if ((bsec_get_status() & BSEC_MODE_PROGFAIL_MASK) != 0U) {
if ((bsec_get_status() & BSEC_OTP_STATUS_PROGFAIL) != 0U) {
result = BSEC_PROG_FAIL;
} else {
result = bsec_check_error(otp, false);
@ -579,30 +502,14 @@ uint32_t bsec_permanent_lock_otp(uint32_t otp)
return result;
}
/*
* bsec_write_debug_conf: write value in debug feature.
* to enable/disable debug service.
* val: value to write.
* return value: none.
*/
void bsec_write_debug_conf(uint32_t val)
{
if (is_otp_invalid_mode()) {
return;
}
bsec_lock();
mmio_write_32(bsec_base + BSEC_DEN_OFF, val & BSEC_DEN_ALL_MSK);
bsec_unlock();
}
#endif
/*
* bsec_read_debug_conf: return debug configuration register value.
*/
uint32_t bsec_read_debug_conf(void)
{
return mmio_read_32(bsec_base + BSEC_DEN_OFF);
return mmio_read_32(BSEC_BASE + BSEC_DEN_OFF);
}
/*
@ -618,59 +525,35 @@ void bsec_write_scratch(uint32_t val)
}
bsec_lock();
mmio_write_32(bsec_base + BSEC_SCRATCH_OFF, val);
mmio_write_32(BSEC_BASE + BSEC_SCRATCH_OFF, val);
bsec_unlock();
#else
mmio_write_32(BSEC_BASE + BSEC_SCRATCH_OFF, val);
#endif
}
/*
* bsec_read_scratch: return scratch register value.
*/
uint32_t bsec_read_scratch(void)
{
return mmio_read_32(bsec_base + BSEC_SCRATCH_OFF);
}
/*
* bsec_get_status: return status register value.
*/
uint32_t bsec_get_status(void)
static uint32_t bsec_get_status(void)
{
return mmio_read_32(bsec_base + BSEC_OTP_STATUS_OFF);
}
/*
* bsec_get_hw_conf: return hardware configuration register value.
*/
uint32_t bsec_get_hw_conf(void)
{
return mmio_read_32(bsec_base + BSEC_IPHW_CFG_OFF);
return mmio_read_32(BSEC_BASE + BSEC_OTP_STATUS_OFF);
}
/*
* bsec_get_version: return BSEC version register value.
*/
uint32_t bsec_get_version(void)
static uint32_t bsec_get_version(void)
{
return mmio_read_32(bsec_base + BSEC_IPVR_OFF);
return mmio_read_32(BSEC_BASE + BSEC_IPVR_OFF) & BSEC_IPVR_MSK;
}
/*
* bsec_get_id: return BSEC ID register value.
*/
uint32_t bsec_get_id(void)
static uint32_t bsec_get_id(void)
{
return mmio_read_32(bsec_base + BSEC_IP_ID_OFF);
}
/*
* bsec_get_magic_id: return BSEC magic number register value.
*/
uint32_t bsec_get_magic_id(void)
{
return mmio_read_32(bsec_base + BSEC_IP_MAGIC_ID_OFF);
return mmio_read_32(BSEC_BASE + BSEC_IP_ID_OFF);
}
/*
@ -681,7 +564,7 @@ uint32_t bsec_get_magic_id(void)
uint32_t bsec_set_sr_lock(uint32_t otp)
{
uint32_t bank = otp_bank_offset(otp);
uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK);
uint32_t otp_mask = otp_bit_mask(otp);
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
@ -692,7 +575,7 @@ uint32_t bsec_set_sr_lock(uint32_t otp)
}
bsec_lock();
mmio_write_32(bsec_base + BSEC_SRLOCK_OFF + bank, otp_mask);
mmio_write_32(BSEC_BASE + BSEC_SRLOCK_OFF + bank, otp_mask);
bsec_unlock();
return BSEC_OK;
@ -707,14 +590,14 @@ uint32_t bsec_set_sr_lock(uint32_t otp)
uint32_t bsec_read_sr_lock(uint32_t otp, bool *value)
{
uint32_t bank = otp_bank_offset(otp);
uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK);
uint32_t otp_mask = otp_bit_mask(otp);
uint32_t bank_value;
if (otp > STM32MP1_OTP_MAX_ID) {
return BSEC_INVALID_PARAM;
}
bank_value = mmio_read_32(bsec_base + BSEC_SRLOCK_OFF + bank);
bank_value = mmio_read_32(BSEC_BASE + BSEC_SRLOCK_OFF + bank);
*value = ((bank_value & otp_mask) != 0U);
@ -729,7 +612,7 @@ uint32_t bsec_read_sr_lock(uint32_t otp, bool *value)
uint32_t bsec_set_sw_lock(uint32_t otp)
{
uint32_t bank = otp_bank_offset(otp);
uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK);
uint32_t otp_mask = otp_bit_mask(otp);
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
@ -740,7 +623,7 @@ uint32_t bsec_set_sw_lock(uint32_t otp)
}
bsec_lock();
mmio_write_32(bsec_base + BSEC_SWLOCK_OFF + bank, otp_mask);
mmio_write_32(BSEC_BASE + BSEC_SWLOCK_OFF + bank, otp_mask);
bsec_unlock();
return BSEC_OK;
@ -762,7 +645,7 @@ uint32_t bsec_read_sw_lock(uint32_t otp, bool *value)
return BSEC_INVALID_PARAM;
}
bank_value = mmio_read_32(bsec_base + BSEC_SWLOCK_OFF + bank);
bank_value = mmio_read_32(BSEC_BASE + BSEC_SWLOCK_OFF + bank);
*value = ((bank_value & otp_mask) != 0U);
@ -777,7 +660,7 @@ uint32_t bsec_read_sw_lock(uint32_t otp, bool *value)
uint32_t bsec_set_sp_lock(uint32_t otp)
{
uint32_t bank = otp_bank_offset(otp);
uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK);
uint32_t otp_mask = otp_bit_mask(otp);
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
@ -788,7 +671,7 @@ uint32_t bsec_set_sp_lock(uint32_t otp)
}
bsec_lock();
mmio_write_32(bsec_base + BSEC_SPLOCK_OFF + bank, otp_mask);
mmio_write_32(BSEC_BASE + BSEC_SPLOCK_OFF + bank, otp_mask);
bsec_unlock();
return BSEC_OK;
@ -810,7 +693,7 @@ uint32_t bsec_read_sp_lock(uint32_t otp, bool *value)
return BSEC_INVALID_PARAM;
}
bank_value = mmio_read_32(bsec_base + BSEC_SPLOCK_OFF + bank);
bank_value = mmio_read_32(BSEC_BASE + BSEC_SPLOCK_OFF + bank);
*value = ((bank_value & otp_mask) != 0U);
@ -823,53 +706,23 @@ uint32_t bsec_read_sp_lock(uint32_t otp, bool *value)
* value: read value (true or false).
* return value: BSEC_OK if no error.
*/
uint32_t bsec_read_permanent_lock(uint32_t otp, bool *value)
static uint32_t bsec_read_permanent_lock(uint32_t otp, bool *value)
{
uint32_t bank = otp_bank_offset(otp);
uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK);
uint32_t otp_mask = otp_bit_mask(otp);
uint32_t bank_value;
if (otp > STM32MP1_OTP_MAX_ID) {
return BSEC_INVALID_PARAM;
}
bank_value = mmio_read_32(bsec_base + BSEC_WRLOCK_OFF + bank);
bank_value = mmio_read_32(BSEC_BASE + BSEC_WRLOCK_OFF + bank);
*value = ((bank_value & otp_mask) != 0U);
return BSEC_OK;
}
/*
* bsec_otp_lock: Lock Upper OTP or Global Programming or Debug Enable.
* service: Service to lock, see header file.
* return value: BSEC_OK if no error.
*/
uint32_t bsec_otp_lock(uint32_t service)
{
uintptr_t reg = bsec_base + BSEC_OTP_LOCK_OFF;
if (is_otp_invalid_mode()) {
return BSEC_ERROR;
}
switch (service) {
case BSEC_LOCK_UPPER_OTP:
mmio_write_32(reg, BIT(BSEC_LOCK_UPPER_OTP));
break;
case BSEC_LOCK_DEBUG:
mmio_write_32(reg, BIT(BSEC_LOCK_DEBUG));
break;
case BSEC_LOCK_PROGRAM:
mmio_write_32(reg, BIT(BSEC_LOCK_PROGRAM));
break;
default:
return BSEC_INVALID_PARAM;
}
return BSEC_OK;
}
/*
* bsec_power_safmem: Activate or deactivate SAFMEM power.
* power: true to power up, false to power down.
@ -882,7 +735,7 @@ static uint32_t bsec_power_safmem(bool power)
bsec_lock();
register_val = mmio_read_32(bsec_base + BSEC_OTP_CONF_OFF);
register_val = mmio_read_32(BSEC_BASE + BSEC_OTP_CONF_OFF);
if (power) {
register_val |= BSEC_CONF_POWER_UP_MASK;
@ -890,15 +743,15 @@ static uint32_t bsec_power_safmem(bool power)
register_val &= ~BSEC_CONF_POWER_UP_MASK;
}
mmio_write_32(bsec_base + BSEC_OTP_CONF_OFF, register_val);
mmio_write_32(BSEC_BASE + BSEC_OTP_CONF_OFF, register_val);
if (power) {
while (((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) &&
while (((bsec_get_status() & BSEC_OTP_STATUS_PWRON) == 0U) &&
(timeout != 0U)) {
timeout--;
}
} else {
while (((bsec_get_status() & BSEC_MODE_PWR_MASK) != 0U) &&
while (((bsec_get_status() & BSEC_OTP_STATUS_PWRON) != 0U) &&
(timeout != 0U)) {
timeout--;
}
@ -915,28 +768,29 @@ static uint32_t bsec_power_safmem(bool power)
/*
* bsec_shadow_read_otp: Load OTP from SAFMEM and provide its value.
* otp_value: read value.
* word: OTP number.
* val: read value.
* otp: OTP number.
* return value: BSEC_OK if no error.
*/
uint32_t bsec_shadow_read_otp(uint32_t *otp_value, uint32_t word)
uint32_t bsec_shadow_read_otp(uint32_t *val, uint32_t otp)
{
uint32_t result;
result = bsec_shadow_register(word);
result = bsec_shadow_register(otp);
if (result != BSEC_OK) {
ERROR("BSEC: %u Shadowing Error %u\n", word, result);
ERROR("BSEC: %u Shadowing Error %u\n", otp, result);
return result;
}
result = bsec_read_otp(otp_value, word);
result = bsec_read_otp(val, otp);
if (result != BSEC_OK) {
ERROR("BSEC: %u Read Error %u\n", word, result);
ERROR("BSEC: %u Read Error %u\n", otp, result);
}
return result;
}
#if defined(IMAGE_BL32)
/*
* bsec_check_nsec_access_rights: check non-secure access rights to target OTP.
* otp: OTP number.
@ -944,7 +798,6 @@ uint32_t bsec_shadow_read_otp(uint32_t *otp_value, uint32_t word)
*/
uint32_t bsec_check_nsec_access_rights(uint32_t otp)
{
#if defined(IMAGE_BL32)
if (otp > STM32MP1_OTP_MAX_ID) {
return BSEC_INVALID_PARAM;
}
@ -954,8 +807,33 @@ uint32_t bsec_check_nsec_access_rights(uint32_t otp)
return BSEC_ERROR;
}
}
#endif
return BSEC_OK;
}
#endif
uint32_t bsec_get_secure_state(void)
{
uint32_t status = bsec_get_status();
uint32_t result = BSEC_STATE_INVALID;
uint32_t otp_enc_id __maybe_unused;
uint32_t otp_bit_len __maybe_unused;
int res __maybe_unused;
if ((status & BSEC_OTP_STATUS_INVALID) != 0U) {
result = BSEC_STATE_INVALID;
} else {
if ((status & BSEC_OTP_STATUS_SECURE) != 0U) {
if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
result = BSEC_STATE_SEC_CLOSED;
} else {
result = BSEC_STATE_SEC_OPEN;
}
} else {
/* OTP modes OPEN1 and OPEN2 are not supported */
result = BSEC_STATE_INVALID;
}
}
return result;
}

20
fdts/stm32mp131.dtsi
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (C) 2022-2023, STMicroelectronics - All Rights Reserved
* Copyright (C) 2022-2024, STMicroelectronics - All Rights Reserved
* Author: Alexandre Torgue <alexandre.torgue@foss.st.com> for STMicroelectronics.
*/
#include <dt-bindings/clock/stm32mp13-clks.h>
@ -420,25 +420,25 @@
#address-cells = <1>;
#size-cells = <1>;
cfg0_otp: cfg0_otp@0 {
cfg0_otp: cfg0-otp@0 {
reg = <0x0 0x2>;
};
part_number_otp: part-number-otp@4 {
reg = <0x4 0x2>;
};
monotonic_otp: monotonic_otp@10 {
monotonic_otp: monotonic-otp@10 {
reg = <0x10 0x4>;
};
nand_otp: cfg9_otp@24 {
nand_otp: cfg9-otp@24 {
reg = <0x24 0x4>;
};
nand2_otp: cfg10_otp@28 {
nand2_otp: cfg10-otp@28 {
reg = <0x28 0x4>;
};
uid_otp: uid_otp@34 {
uid_otp: uid-otp@34 {
reg = <0x34 0xc>;
};
hw2_otp: hw2_otp@48 {
hw2_otp: hw2-otp@48 {
reg = <0x48 0x4>;
};
ts_cal1: calib@5c {
@ -447,14 +447,14 @@
ts_cal2: calib@5e {
reg = <0x5e 0x2>;
};
pkh_otp: pkh_otp@60 {
pkh_otp: pkh-otp@60 {
reg = <0x60 0x20>;
};
mac_addr: mac_addr@e4 {
mac_addr: mac@e4 {
reg = <0xe4 0xc>;
st,non-secure-otp;
};
enckey_otp: enckey_otp@170 {
oem_enc_key: oem-enc-key@170 {
reg = <0x170 0x10>;
};
};

4
fdts/stm32mp135f-dk.dts
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (C) STMicroelectronics 2022 - All Rights Reserved
* Copyright (C) 2022-2024, STMicroelectronics - All Rights Reserved
* Author: Alexandre Torgue <alexandre.torgue@foss.st.com> for STMicroelectronics.
*/
@ -50,7 +50,7 @@
};
&bsec {
board_id: board_id@f0 {
board_id: board-id@f0 {
reg = <0xf0 0x4>;
st,non-secure-otp;
};

18
fdts/stm32mp151.dtsi
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (c) 2017-2023, STMicroelectronics - All Rights Reserved
* Copyright (c) 2017-2024, STMicroelectronics - All Rights Reserved
* Author: Ludovic Barre <ludovic.barre@st.com> for STMicroelectronics.
*/
#include <dt-bindings/interrupt-controller/arm-gic.h>
@ -458,25 +458,25 @@
#address-cells = <1>;
#size-cells = <1>;
cfg0_otp: cfg0_otp@0 {
cfg0_otp: cfg0-otp@0 {
reg = <0x0 0x1>;
};
part_number_otp: part-number-otp@4 {
reg = <0x4 0x1>;
};
monotonic_otp: monotonic_otp@10 {
monotonic_otp: monotonic-otp@10 {
reg = <0x10 0x4>;
};
nand_otp: nand_otp@24 {
nand_otp: nand-otp@24 {
reg = <0x24 0x4>;
};
uid_otp: uid_otp@34 {
uid_otp: uid-otp@34 {
reg = <0x34 0xc>;
};
package_otp: package_otp@40 {
package_otp: package-otp@40 {
reg = <0x40 0x4>;
};
hw2_otp: hw2_otp@48 {
hw2_otp: hw2-otp@48 {
reg = <0x48 0x4>;
};
ts_cal1: calib@5c {
@ -485,10 +485,10 @@
ts_cal2: calib@5e {
reg = <0x5e 0x2>;
};
pkh_otp: pkh_otp@60 {
pkh_otp: pkh-otp@60 {
reg = <0x60 0x20>;
};
mac_addr: mac_addr@e4 {
ethernet_mac_address: mac@e4 {
reg = <0xe4 0x8>;
st,non-secure-otp;
};

4
fdts/stm32mp157c-ed1.dts
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (c) 2017-2023, STMicroelectronics - All Rights Reserved
* Copyright (c) 2017-2024, STMicroelectronics - All Rights Reserved
* Author: Ludovic Barre <ludovic.barre@st.com> for STMicroelectronics.
*/
/dts-v1/;
@ -31,7 +31,7 @@
};
&bsec {
board_id: board_id@ec {
board_id: board-id@ec {
reg = <0xec 0x4>;
st,non-secure-otp;
};

4
fdts/stm32mp157c-odyssey-som.dtsi
View file

@ -1,5 +1,5 @@
/*
* Copyright (C) 2019, STMicroelectronics. All Rights Reserved.
* Copyright (C) 2019-2024, STMicroelectronics. All Rights Reserved.
* Copyright (C) 2021, Grzegorz Szymaszek.
*
* SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
@ -28,7 +28,7 @@
};
&bsec {
board_id: board_id@ec {
board_id: board-id@ec {
reg = <0xec 0x4>;
st,non-secure-otp;
};

4
fdts/stm32mp15xx-dhcom-som.dtsi
View file

@ -2,7 +2,7 @@
/*
* Copyright (C) 2019-2020 Marek Vasut <marex@denx.de>
* Copyright (C) 2022 DH electronics GmbH
* Copyright (C) 2023, STMicroelectronics - All Rights Reserved
* Copyright (C) 2023-2024, STMicroelectronics - All Rights Reserved
*/
#include "stm32mp15-pinctrl.dtsi"
@ -18,7 +18,7 @@
};
&bsec {
board_id: board_id@ec {
board_id: board-id@ec {
reg = <0xec 0x4>;
st,non-secure-otp;
};

4
fdts/stm32mp15xx-dkx.dtsi
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (c) 2019-2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2019-2024, STMicroelectronics - All Rights Reserved
* Author: Alexandre Torgue <alexandre.torgue@st.com> for STMicroelectronics.
*/
@ -29,7 +29,7 @@
};
&bsec {
board_id: board_id@ec {
board_id: board-id@ec {
reg = <0xec 0x4>;
st,non-secure-otp;
};

4
fdts/stm32mp15xx-osd32.dtsi
View file

@ -1,6 +1,6 @@
/* SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause) */
/*
* Copyright (C) 2020 STMicroelectronics - All Rights Reserved
* Copyright (C) 2020-2024 STMicroelectronics - All Rights Reserved
* Copyright (C) 2020 Ahmad Fatoum, Pengutronix
*/
@ -157,7 +157,7 @@
};
&bsec {
board_id: board_id@ec {
board_id: board-id@ec {
reg = <0xec 0x4>;
st,non-secure-otp;
};

37
fdts/stm32mp251.dtsi
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
/*
* Copyright (C) 2023, STMicroelectronics - All Rights Reserved
* Copyright (C) 2023-2024, STMicroelectronics - All Rights Reserved
* Author: Alexandre Torgue <alexandre.torgue@foss.st.com> for STMicroelectronics.
*/
@ -99,6 +99,41 @@
};
};
bsec: efuse@44000000 {
compatible = "st,stm32mp25-bsec";
reg = <0x44000000 0x400>;
#address-cells = <1>;
#size-cells = <1>;
uid_otp: uid-otp@14 {
reg = <0x14 0xc>;
};
part_number_otp: part-number-otp@24 {
reg = <0x24 0x4>;
};
nand_otp: otp16@40 {
reg = <0x40 0x4>;
};
lifecycle2_otp: otp18@48 {
reg = <0x48 0x4>;
};
nand2_otp: otp20@50 {
reg = <0x50 0x4>;
};
package_otp: package-otp@1e8 {
reg = <0x1e8 0x1>;
};
hconf1_otp: otp124@1f0 {
reg = <0x1f0 0x4>;
};
pkh_otp: otp144@240 {
reg = <0x240 0x20>;
};
oem_fip_enc_key: otp260@410 {
reg = <0x410 0x20>;
};
};
rcc: rcc@44200000 {
compatible = "st,stm32mp25-rcc";
reg = <0x44200000 0x10000>;

8
fdts/stm32mp257f-ev1.dts
View file

@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
/*
* Copyright (C) 2023, STMicroelectronics - All Rights Reserved
* Copyright (C) 2023-2024, STMicroelectronics - All Rights Reserved
* Author: Alexandre Torgue <alexandre.torgue@foss.st.com> for STMicroelectronics.
*/
@ -29,6 +29,12 @@
};
};
&bsec {
board_id: board-id@3d8 {
reg = <0x3d8 0x4>;
};
};
&usart2 {
pinctrl-names = "default";
pinctrl-0 = <&usart2_pins_a>;

102
include/drivers/st/bsec.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2017-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -12,13 +12,6 @@
#include <lib/utils_def.h>
/*
* IP configuration
*/
#define BSEC_OTP_MASK GENMASK(4, 0)
#define BSEC_OTP_BANK_SHIFT 5
#define BSEC_TIMEOUT_VALUE 0xFFFF
/*
* Return status
*/
@ -32,98 +25,49 @@
#define BSEC_RETRY 0xFFFFFFF8U
#define BSEC_NOT_SUPPORTED 0xFFFFFFF7U
#define BSEC_WRITE_LOCKED 0xFFFFFFF6U
#define BSEC_ERROR_INVALID_FVR 0xFFFFFFF5U
/*
* OTP MODE
* get BSEC global state: result for bsec_get_secure_state()
* @state: global state
* [1:0] BSEC state
* 00b: Sec Open
* 01b: Sec Closed
* 11b: Invalid
* [8]: Hardware Key set = 1b
*/
#define BSEC_MODE_OPEN1 0x00U
#define BSEC_MODE_SECURED 0x01U
#define BSEC_MODE_OPEN2 0x02U
#define BSEC_MODE_INVALID 0x04U
/*
* OTP Lock services definition.
* Value must corresponding to the bit number in the register.
* Special case: (bit number << 1) for BSEC3.
*/
#define BSEC_LOCK_UPPER_OTP 0x00
#define BSEC_LOCK_GWLOCK 0x01
#define BSEC_LOCK_DEBUG 0x02
#define BSEC_LOCK_PROGRAM 0x03
#define BSEC_LOCK_KVLOCK 0x04
/*
* Values for struct bsec_config::freq
*/
#define FREQ_10_20_MHZ 0x0
#define FREQ_20_30_MHZ 0x1
#define FREQ_30_45_MHZ 0x2
#define FREQ_45_67_MHZ 0x3
/*
* Device info structure, providing device-specific functions and a means of
* adding driver-specific state.
*/
struct bsec_config {
uint8_t den_lock; /*
* Debug enable sticky lock
* 1 debug enable is locked until next reset
*/
/* BSEC2 only */
uint8_t tread; /* SAFMEM Reading current level default 0 */
uint8_t pulse_width; /* SAFMEM Programming pulse width default 1 */
uint8_t freq; /*
* SAFMEM CLOCK see freq value define
* default FREQ_45_67_MHZ
*/
uint8_t power; /* Power up SAFMEM. 1 power up, 0 power off */
uint8_t prog_lock; /*
* Programming Sticky lock
* 1 programming is locked until next reset
*/
uint8_t upper_otp_lock; /*
* Shadowing of upper OTP sticky lock
* 1 shadowing of upper OTP is locked
* until next reset
*/
};
#define BSEC_STATE_SEC_OPEN U(0x0)
#define BSEC_STATE_SEC_CLOSED U(0x1)
#define BSEC_STATE_INVALID U(0x3)
#define BSEC_STATE_MASK GENMASK_32(1, 0)
uint32_t bsec_probe(void);
uint32_t bsec_get_base(void);
uint32_t bsec_set_config(struct bsec_config *cfg);
uint32_t bsec_get_config(struct bsec_config *cfg);
uint32_t bsec_shadow_register(uint32_t otp);
uint32_t bsec_read_otp(uint32_t *val, uint32_t otp);
uint32_t bsec_shadow_read_otp(uint32_t *val, uint32_t otp);
uint32_t bsec_write_otp(uint32_t val, uint32_t otp);
uint32_t bsec_program_otp(uint32_t val, uint32_t otp);
uint32_t bsec_permanent_lock_otp(uint32_t otp);
void bsec_write_debug_conf(uint32_t val);
uint32_t bsec_read_debug_conf(void);
void bsec_write_scratch(uint32_t val);
uint32_t bsec_read_scratch(void);
uint32_t bsec_get_status(void);
uint32_t bsec_get_hw_conf(void);
uint32_t bsec_get_version(void);
uint32_t bsec_get_id(void);
uint32_t bsec_get_magic_id(void);
/* Sticky lock support */
uint32_t bsec_set_sr_lock(uint32_t otp);
uint32_t bsec_read_sr_lock(uint32_t otp, bool *value);
uint32_t bsec_set_sw_lock(uint32_t otp);
uint32_t bsec_read_sw_lock(uint32_t otp, bool *value);
uint32_t bsec_set_sp_lock(uint32_t otp);
uint32_t bsec_read_sp_lock(uint32_t otp, bool *value);
uint32_t bsec_read_permanent_lock(uint32_t otp, bool *value);
uint32_t bsec_otp_lock(uint32_t service);
uint32_t bsec_shadow_read_otp(uint32_t *otp_value, uint32_t word);
uint32_t bsec_get_secure_state(void);
static inline bool bsec_mode_is_closed_device(void)
{
return (bsec_get_secure_state() & BSEC_STATE_MASK) == BSEC_STATE_SEC_CLOSED;
}
#if defined(IMAGE_BL32)
uint32_t bsec_permanent_lock_otp(uint32_t otp);
uint32_t bsec_check_nsec_access_rights(uint32_t otp);
#endif
#endif /* BSEC_H */

17
include/drivers/st/bsec2_reg.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2022-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -80,22 +80,17 @@
#define GPLOCK_LOCK_SHIFT 4
/* BSEC_OTP_STATUS Register */
#define BSEC_MODE_STATUS_MASK GENMASK(2, 0)
#define BSEC_MODE_SECURE_MASK BIT(0)
#define BSEC_MODE_FULLDBG_MASK BIT(1)
#define BSEC_MODE_INVALID_MASK BIT(2)
#define BSEC_MODE_BUSY_MASK BIT(3)
#define BSEC_MODE_PROGFAIL_MASK BIT(4)
#define BSEC_MODE_PWR_MASK BIT(5)
#define BSEC_MODE_BIST1_LOCK_MASK BIT(6)
#define BSEC_MODE_BIST2_LOCK_MASK BIT(7)
#define BSEC_OTP_STATUS_SECURE BIT(0)
#define BSEC_OTP_STATUS_INVALID BIT(2)
#define BSEC_OTP_STATUS_BUSY BIT(3)
#define BSEC_OTP_STATUS_PROGFAIL BIT(4)
#define BSEC_OTP_STATUS_PWRON BIT(5)
/* BSEC_DENABLE Register */
#define BSEC_HDPEN BIT(4)
#define BSEC_SPIDEN BIT(5)
#define BSEC_SPINDEN BIT(6)
#define BSEC_DBGSWGEN BIT(10)
#define BSEC_DEN_ALL_MSK GENMASK(10, 0)
/* BSEC_FENABLE Register */
#define BSEC_FEN_ALL_MSK GENMASK(14, 0)

7
plat/st/common/include/stm32mp_common.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (C) 2018-2023, STMicroelectronics - All Rights Reserved
* Copyright (C) 2018-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -14,6 +14,9 @@
#define JEDEC_ST_BKID U(0x0)
#define JEDEC_ST_MFID U(0x20)
#define STM32MP_CHIP_SEC_CLOSED U(0x34D9CCC5)
#define STM32MP_CHIP_SEC_OPEN U(0xA764D182)
/* FWU configuration (max supported value is 15) */
#define FWU_MAX_TRIAL_REBOOT U(3)
@ -23,8 +26,8 @@ uintptr_t stm32mp_get_boot_ctx_address(void);
uint16_t stm32mp_get_boot_itf_selected(void);
bool stm32mp_is_single_core(void);
bool stm32mp_is_closed_device(void);
bool stm32mp_is_auth_supported(void);
uint32_t stm32mp_check_closed_device(void);
/* Return the base address of the DDR controller */
uintptr_t stm32mp_ddrctrl_base(void);

8
plat/st/common/stm32mp_common.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -168,9 +168,9 @@ int stm32_get_otp_value_from_idx(const uint32_t otp_idx, uint32_t *otp_val)
assert(otp_val != NULL);
#if defined(IMAGE_BL2)
ret = bsec_shadow_read_otp(otp_val, otp_idx);
#elif defined(IMAGE_BL32)
ret = bsec_read_otp(otp_val, otp_idx);
ret = stm32_otp_shadow_read(otp_val, otp_idx);
#elif defined(IMAGE_BL31) || defined(IMAGE_BL32)
ret = stm32_otp_read(otp_val, otp_idx);
#else
#error "Not supported"
#endif

9
plat/st/common/stm32mp_crypto_lib.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2022-2023, STMicroelectronics - All Rights Reserved
* Copyright (c) 2022-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -11,7 +11,6 @@
#include <common/debug.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/io/io_storage.h>
#include <drivers/st/bsec.h>
#include <drivers/st/stm32_hash.h>
#include <drivers/st/stm32_pka.h>
#include <drivers/st/stm32_rng.h>
@ -58,7 +57,8 @@ static void crypto_lib_init(void)
panic();
}
if (stm32mp_is_closed_device() || stm32mp_is_auth_supported()) {
if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) ||
stm32mp_is_auth_supported()) {
#if STM32MP_CRYPTO_ROM_LIB
boot_context = (boot_api_context_t *)stm32mp_get_boot_ctx_address();
auth_ops.verify_signature = boot_context->bootrom_ecdsa_verify_signature;
@ -322,7 +322,8 @@ static int crypto_verify_signature(void *data_ptr, unsigned int data_len,
size_t bignum_len = sizeof(sig) / 2U;
unsigned int seq_num = 0U;
if (!stm32mp_is_closed_device() && !stm32mp_is_auth_supported()) {
if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) &&
!stm32mp_is_auth_supported()) {
return CRYPTO_SUCCESS;
}

8
plat/st/common/stm32mp_trusted_boot.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2022-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -67,14 +67,14 @@ static int copy_hash_from_otp(const char *otp_name, uint8_t *hash, size_t len)
* Check if key hash values in OTP are 0 or 0xFFFFFFFFF
* programmed : Invalid Key
*/
if (!stm32mp_is_closed_device() && !valid) {
if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) && !valid) {
if ((tmp != 0U) && (tmp != 0xFFFFFFFFU) && (tmp != first)) {
valid = true;
}
}
}
if (!stm32mp_is_closed_device() && !valid) {
if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) && !valid) {
return 0;
}
@ -163,7 +163,7 @@ int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
*key_ptr = &root_pk_hash;
*flags = ROTPK_IS_HASH;
if ((res == 0) && !stm32mp_is_closed_device()) {
if ((res == 0) && (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN)) {
*flags |= ROTPK_NOT_DEPLOYED;
}

6
plat/st/stm32mp1/bl2_plat_setup.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -318,7 +318,7 @@ void bl2_el3_plat_arch_setup(void)
skip_console_init:
#if !TRUSTED_BOARD_BOOT
if (stm32mp_is_closed_device()) {
if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
/* Closed chip mandates authentication */
ERROR("Secure chip: TRUSTED_BOARD_BOOT must be enabled\n");
panic();
@ -347,7 +347,7 @@ skip_console_init:
stm32_iwdg_refresh();
if (bsec_read_debug_conf() != 0U) {
if (stm32mp_is_closed_device()) {
if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
#if DEBUG
WARN("\n%s", debug_msg);
#else

29
plat/st/stm32mp1/include/stm32mp1_private.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -32,4 +32,31 @@ static inline void stm32mp1_syscfg_boot_mode_disable(void){}
void stm32mp1_deconfigure_uart_pins(void);
void stm32mp1_init_scmi_server(void);
/* Wrappers for OTP / BSEC functions */
static inline uint32_t stm32_otp_read(uint32_t *val, uint32_t otp)
{
return bsec_read_otp(val, otp);
}
static inline uint32_t stm32_otp_shadow_read(uint32_t *val, uint32_t otp)
{
return bsec_shadow_read_otp(val, otp);
}
static inline uint32_t stm32_otp_write(uint32_t val, uint32_t otp)
{
return bsec_write_otp(val, otp);
}
static inline uint32_t stm32_otp_set_sr_lock(uint32_t otp)
{
return bsec_set_sr_lock(otp);
}
static inline uint32_t stm32_otp_read_sw_lock(uint32_t otp, bool *value)
{
return bsec_read_sw_lock(otp, value);
}
#endif /* STM32MP1_PRIVATE_H */

11
plat/st/stm32mp1/services/bsec_svc.c
View file

@ -1,15 +1,15 @@
/*
* Copyright (c) 2016-2022, STMicroelectronics - All Rights Reserved
* Copyright (c) 2016-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <platform_def.h>
#include <common/debug.h>
#include <drivers/st/bsec.h>
#include <drivers/st/bsec2_reg.h>
#include <platform_def.h>
#include <stm32mp1_smc.h>
#include "bsec_svc.h"
@ -39,12 +39,7 @@ uint32_t bsec_main(uint32_t x1, uint32_t x2, uint32_t x3,
break;
}
result = bsec_shadow_register(x2);
if (result != BSEC_OK) {
break;
}
result = bsec_read_otp(ret_otp_value, x2);
result = bsec_shadow_read_otp(ret_otp_value, x2);
if (result != BSEC_OK) {
break;
}

24
plat/st/stm32mp1/stm32mp1_def.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -426,24 +426,24 @@ enum ddr_type {
#define OTP_MAX_SIZE (STM32MP1_OTP_MAX_ID + 1U)
/* OTP labels */
#define CFG0_OTP "cfg0_otp"
#define CFG0_OTP "cfg0-otp"
#define PART_NUMBER_OTP "part-number-otp"
#if STM32MP15
#define PACKAGE_OTP "package_otp"
#define PACKAGE_OTP "package-otp"
#endif
#define HW2_OTP "hw2_otp"
#define HW2_OTP "hw2-otp"
#if STM32MP13
#define NAND_OTP "cfg9_otp"
#define NAND2_OTP "cfg10_otp"
#define NAND_OTP "cfg9-otp"
#define NAND2_OTP "cfg10-otp"
#endif
#if STM32MP15
#define NAND_OTP "nand_otp"
#define NAND_OTP "nand-otp"
#endif
#define MONOTONIC_OTP "monotonic_otp"
#define UID_OTP "uid_otp"
#define PKH_OTP "pkh_otp"
#define ENCKEY_OTP "enckey_otp"
#define BOARD_ID_OTP "board_id"
#define MONOTONIC_OTP "monotonic-otp"
#define UID_OTP "uid-otp"
#define PKH_OTP "pkh-otp"
#define ENCKEY_OTP "oem-enc-key"
#define BOARD_ID_OTP "board-id"
/* OTP mask */
/* CFG0 */

17
plat/st/stm32mp1/stm32mp1_private.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -531,12 +531,12 @@ bool stm32mp_is_single_core(void)
}
/* Return true when device is in closed state */
bool stm32mp_is_closed_device(void)
uint32_t stm32mp_check_closed_device(void)
{
uint32_t value;
if (stm32_get_otp_value(CFG0_OTP, &value) != 0) {
return true;
return STM32MP_CHIP_SEC_CLOSED;
}
#if STM32MP13
@ -544,17 +544,22 @@ bool stm32mp_is_closed_device(void)
switch (value) {
case CFG0_OPEN_DEVICE:
return false;
return STM32MP_CHIP_SEC_OPEN;
case CFG0_CLOSED_DEVICE:
case CFG0_CLOSED_DEVICE_NO_BOUNDARY_SCAN:
case CFG0_CLOSED_DEVICE_NO_JTAG:
return true;
return STM32MP_CHIP_SEC_CLOSED;
default:
panic();
}
#endif
#if STM32MP15
return (value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE;
if ((value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE) {
return STM32MP_CHIP_SEC_CLOSED;
} else {
return STM32MP_CHIP_SEC_OPEN;
}
#endif
}

4
plat/st/stm32mp2/bl2_plat_setup.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2023, STMicroelectronics - All Rights Reserved
* Copyright (c) 2023-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -7,6 +7,8 @@
#include <cdefs.h>
#include <stdint.h>
#include <plat/common/platform.h>
#include <stm32mp_common.h>
void bl2_el3_early_platform_setup(u_register_t arg0 __unused,

46
plat/st/stm32mp2/include/stm32mp2_private.h Normal file
View file

@ -0,0 +1,46 @@
/*
* Copyright (c) 2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef STM32MP2_PRIVATE_H
#define STM32MP2_PRIVATE_H
/* Wrappers for OTP / BSEC functions */
static inline uint32_t stm32_otp_probe(void)
{
return bsec_probe();
}
static inline uint32_t stm32_otp_read(uint32_t *val, uint32_t otp)
{
return bsec_read_otp(val, otp);
}
static inline uint32_t stm32_otp_shadow_read(uint32_t *val, uint32_t otp)
{
return bsec_shadow_read_otp(val, otp);
}
static inline uint32_t stm32_otp_write(uint32_t val, uint32_t otp)
{
return bsec_write_otp(val, otp);
}
static inline uint32_t stm32_otp_set_sr_lock(uint32_t otp)
{
return bsec_set_sr_lock(otp);
}
static inline uint32_t stm32_otp_read_sw_lock(uint32_t otp, bool *value)
{
return bsec_read_sw_lock(otp, value);
}
static inline bool stm32_otp_is_closed_device(void)
{
return bsec_mode_is_closed_device();
}
#endif /* STM32MP2_PRIVATE_H */

3
plat/st/stm32mp2/stm32mp2_def.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2023, STMicroelectronics - All Rights Reserved
* Copyright (c) 2023-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -18,6 +18,7 @@
#ifndef __ASSEMBLER__
#include <boot_api.h>
#include <stm32mp2_private.h>
#include <stm32mp_common.h>
#include <stm32mp_dt.h>
#include <stm32mp_shared_resources.h>