feat(stm32mp1): manage monotonic counter

The monotonic counter is stored in an OTP fuse. A check is done in TF-A. If the TF-A version is incremented, then the counter will be updated in the corresponding OTP. Change-Id: I6e7831300ca9efbb35b4c87706f2dcab35affacb Signed-off-by: Yann Gautier <yann.gautier@st.com> Signed-off-by: Mathieu Belou <mathieu.belou@st.com>
2025-04-16 09:34:18 +00:00 · 2019-04-17 15:12:58 +02:00 · 2019-04-17 15:12:58 +02:00 · f5a3688b86
commit f5a3688b86
parent ae3ce8b28e
3 changed files with 42 additions and 0 deletions
--- a/plat/st/stm32mp1/bl2_plat_setup.c
+++ b/plat/st/stm32mp1/bl2_plat_setup.c
@ -155,6 +155,40 @@ void bl2_platform_setup(void)
 #endif /* STM32MP_USE_STM32IMAGE */
 }

+static void update_monotonic_counter(void)
+{
+	uint32_t version;
+	uint32_t otp;
+
+	CASSERT(STM32_TF_VERSION <= MAX_MONOTONIC_VALUE,
+		assert_stm32mp1_monotonic_counter_reach_max);
+
+	/* Check if monotonic counter needs to be incremented */
+	if (stm32_get_otp_index(MONOTONIC_OTP, &otp, NULL) != 0) {
+		panic();
+	}
+
+	if (stm32_get_otp_value_from_idx(otp, &version) != 0) {
+		panic();
+	}
+
+	if ((version + 1U) < BIT(STM32_TF_VERSION)) {
+		uint32_t result;
+
+		/* Need to increment the monotonic counter. */
+		version = BIT(STM32_TF_VERSION) - 1U;
+
+		result = bsec_program_otp(version, otp);
+		if (result != BSEC_OK) {
+			ERROR("BSEC: MONOTONIC_OTP program Error %u\n",
+			      result);
+			panic();
+		}
+		INFO("Monotonic counter has been incremented (value 0x%x)\n",
+		     version);
+	}
+}
+
 void bl2_el3_plat_arch_setup(void)
 {
 	const char *board_model;
@ -309,6 +343,8 @@ skip_console_init:

 	print_reset_reason();

+	update_monotonic_counter();
+
 	stm32mp1_syscfg_enable_io_compensation_finish();

 #if !STM32MP_USE_STM32IMAGE
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@ -19,6 +19,8 @@ ENABLE_PIE		:=	1
 BL2_IN_XIP_MEM		:=	1
 endif

+# Please don't increment this value without good understanding of
+# the monotonic counter
 STM32_TF_VERSION	?=	0

 # Enable dynamic memory mapping
--- a/plat/st/stm32mp1/stm32mp1_def.h
+++ b/plat/st/stm32mp1/stm32mp1_def.h
@ -353,6 +353,7 @@ enum ddr_type {
 #define PACKAGE_OTP			"package_otp"
 #define HW2_OTP				"hw2_otp"
 #define NAND_OTP			"nand_otp"
+#define MONOTONIC_OTP			"monotonic_otp"
 #define UID_OTP				"uid_otp"
 #define BOARD_ID_OTP			"board_id"

@ -415,6 +416,9 @@ enum ddr_type {
 /* NAND number of planes */
 #define NAND_PLANE_BIT_NB_MASK		BIT(14)

+/* MONOTONIC OTP */
+#define MAX_MONOTONIC_VALUE		32
+
 /* UID OTP */
 #define UID_WORD_NB			U(3)