diff --git a/arch/arm/include/asm/mach-imx/ele_api.h b/arch/arm/include/asm/mach-imx/ele_api.h index cfd4ecebb62..a29b849d903 100644 --- a/arch/arm/include/asm/mach-imx/ele_api.h +++ b/arch/arm/include/asm/mach-imx/ele_api.h @@ -24,6 +24,7 @@ #define ELE_GET_FW_VERSION_REQ (0x9D) #define ELE_RET_LIFECYCLE_UP_REQ (0xA0) #define ELE_GET_EVENTS_REQ (0xA2) +#define ELE_COMMIT_REQ (0xA8) #define ELE_START_RNG (0xA3) #define ELE_GENERATE_DEK_BLOB (0xAF) #define ELE_ENABLE_PATCH_REQ (0xC3) @@ -142,6 +143,7 @@ int ele_read_common_fuse(u16 fuse_id, u32 *fuse_words, u32 fuse_num, u32 *respon int ele_release_caam(u32 core_did, u32 *response); int ele_get_fw_version(u32 *fw_version, u32 *sha1, u32 *response); int ele_get_events(u32 *events, u32 *events_cnt, u32 *response); +int ele_commit(u16 fuse_id, u32 *response, u32 *info_type); int ele_generate_dek_blob(u32 key_id, u32 src_paddr, u32 dst_paddr, u32 max_output_size); int ele_dump_buffer(u32 *buffer, u32 buffer_length); int ele_get_info(struct ele_get_info_data *info, u32 *response); diff --git a/arch/arm/mach-imx/ele_ahab.c b/arch/arm/mach-imx/ele_ahab.c index 295c055ad0a..d02316ed6cb 100644 --- a/arch/arm/mach-imx/ele_ahab.c +++ b/arch/arm/mach-imx/ele_ahab.c @@ -625,6 +625,29 @@ static int do_ahab_return_lifecycle(struct cmd_tbl *cmdtp, int flag, int argc, c return CMD_RET_SUCCESS; } +static int do_ahab_commit(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + u32 index; + u32 resp; + u32 info_type; + + if (argc < 2) + return CMD_RET_USAGE; + + index = simple_strtoul(argv[1], NULL, 16); + printf("Commit index is 0x%x\n", index); + + if (ele_commit(index, &resp, &info_type)) { + printf("Error in AHAB commit\n"); + return -EIO; + } + + printf("Ahab commit succeeded. Information type is 0x%x\n", info_type); + + return 0; +} + U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate, "autenticate OS container via AHAB", "addr\n" @@ -657,3 +680,9 @@ U_BOOT_CMD(ahab_return_lifecycle, CONFIG_SYS_MAXARGS, 1, do_ahab_return_lifecycl "addr\n" "addr - Return lifecycle message block signed by OEM SRK\n" ); + +U_BOOT_CMD(ahab_commit, CONFIG_SYS_MAXARGS, 1, do_ahab_commit, + "commit into the fuses any new SRK revocation and FW version information\n" + "that have been found into the NXP (ELE FW) and OEM containers", + "" +); diff --git a/drivers/misc/imx_ele/ele_api.c b/drivers/misc/imx_ele/ele_api.c index 0c017734a49..e0ec22c7abf 100644 --- a/drivers/misc/imx_ele/ele_api.c +++ b/drivers/misc/imx_ele/ele_api.c @@ -528,6 +528,38 @@ int ele_start_rng(void) return ret; } +int ele_commit(u16 fuse_id, u32 *response, u32 *info_type) +{ + struct udevice *dev = gd->arch.ele_dev; + int size = sizeof(struct ele_msg); + struct ele_msg msg; + int ret = 0; + + if (!dev) { + printf("ele dev is not initialized\n"); + return -ENODEV; + } + + msg.version = ELE_VERSION; + msg.tag = ELE_CMD_TAG; + msg.size = 2; + msg.command = ELE_COMMIT_REQ; + msg.data[0] = fuse_id; + + ret = misc_call(dev, false, &msg, size, &msg, size); + if (ret) + printf("Error: %s: ret %d, fuse_id 0x%x, response 0x%x\n", + __func__, ret, fuse_id, msg.data[0]); + + if (response) + *response = msg.data[0]; + + if (info_type) + *info_type = msg.data[1]; + + return ret; +} + int ele_write_secure_fuse(ulong signed_msg_blk, u32 *response) { struct udevice *dev = gd->arch.ele_dev;