refactor(st): update test for closed chip
The function stm32mp_is_closed_device() is replaced with
stm32mp_check_closed_device(), which return an uint32_t, either
STM32MP_CHIP_SEC_OPEN or STM32MP_CHIP_SEC_CLOSED.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Ie0790cdc36c4b6522083bc1f0e7c38e8061e6adf
diff --git a/plat/st/common/include/stm32mp_common.h b/plat/st/common/include/stm32mp_common.h
index e334f22..66b9310 100644
--- a/plat/st/common/include/stm32mp_common.h
+++ b/plat/st/common/include/stm32mp_common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2018-2023, STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2018-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,9 @@
#define JEDEC_ST_BKID U(0x0)
#define JEDEC_ST_MFID U(0x20)
+#define STM32MP_CHIP_SEC_CLOSED U(0x34D9CCC5)
+#define STM32MP_CHIP_SEC_OPEN U(0xA764D182)
+
/* FWU configuration (max supported value is 15) */
#define FWU_MAX_TRIAL_REBOOT U(3)
@@ -23,8 +26,8 @@
uint16_t stm32mp_get_boot_itf_selected(void);
bool stm32mp_is_single_core(void);
-bool stm32mp_is_closed_device(void);
bool stm32mp_is_auth_supported(void);
+uint32_t stm32mp_check_closed_device(void);
/* Return the base address of the DDR controller */
uintptr_t stm32mp_ddrctrl_base(void);
diff --git a/plat/st/common/stm32mp_crypto_lib.c b/plat/st/common/stm32mp_crypto_lib.c
index e282115..837c3d6 100644
--- a/plat/st/common/stm32mp_crypto_lib.c
+++ b/plat/st/common/stm32mp_crypto_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2023, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2022-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -58,7 +58,8 @@
panic();
}
- if (stm32mp_is_closed_device() || stm32mp_is_auth_supported()) {
+ if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) ||
+ stm32mp_is_auth_supported()) {
#if STM32MP_CRYPTO_ROM_LIB
boot_context = (boot_api_context_t *)stm32mp_get_boot_ctx_address();
auth_ops.verify_signature = boot_context->bootrom_ecdsa_verify_signature;
@@ -322,7 +323,8 @@
size_t bignum_len = sizeof(sig) / 2U;
unsigned int seq_num = 0U;
- if (!stm32mp_is_closed_device() && !stm32mp_is_auth_supported()) {
+ if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) &&
+ !stm32mp_is_auth_supported()) {
return CRYPTO_SUCCESS;
}
diff --git a/plat/st/common/stm32mp_trusted_boot.c b/plat/st/common/stm32mp_trusted_boot.c
index 6d89290..d40fc55 100644
--- a/plat/st/common/stm32mp_trusted_boot.c
+++ b/plat/st/common/stm32mp_trusted_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2022-2024, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -67,14 +67,14 @@
* Check if key hash values in OTP are 0 or 0xFFFFFFFFF
* programmed : Invalid Key
*/
- if (!stm32mp_is_closed_device() && !valid) {
+ if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) && !valid) {
if ((tmp != 0U) && (tmp != 0xFFFFFFFFU) && (tmp != first)) {
valid = true;
}
}
}
- if (!stm32mp_is_closed_device() && !valid) {
+ if ((stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN) && !valid) {
return 0;
}
@@ -163,7 +163,7 @@
*key_ptr = &root_pk_hash;
*flags = ROTPK_IS_HASH;
- if ((res == 0) && !stm32mp_is_closed_device()) {
+ if ((res == 0) && (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_OPEN)) {
*flags |= ROTPK_NOT_DEPLOYED;
}
diff --git a/plat/st/stm32mp1/bl2_plat_setup.c b/plat/st/stm32mp1/bl2_plat_setup.c
index eeabd09..321b8c5 100644
--- a/plat/st/stm32mp1/bl2_plat_setup.c
+++ b/plat/st/stm32mp1/bl2_plat_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -318,7 +318,7 @@
skip_console_init:
#if !TRUSTED_BOARD_BOOT
- if (stm32mp_is_closed_device()) {
+ if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
/* Closed chip mandates authentication */
ERROR("Secure chip: TRUSTED_BOARD_BOOT must be enabled\n");
panic();
@@ -347,7 +347,7 @@
stm32_iwdg_refresh();
if (bsec_read_debug_conf() != 0U) {
- if (stm32mp_is_closed_device()) {
+ if (stm32mp_check_closed_device() == STM32MP_CHIP_SEC_CLOSED) {
#if DEBUG
WARN("\n%s", debug_msg);
#else
diff --git a/plat/st/stm32mp1/stm32mp1_private.c b/plat/st/stm32mp1/stm32mp1_private.c
index ea35055..0e69513 100644
--- a/plat/st/stm32mp1/stm32mp1_private.c
+++ b/plat/st/stm32mp1/stm32mp1_private.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -531,12 +531,12 @@
}
/* Return true when device is in closed state */
-bool stm32mp_is_closed_device(void)
+uint32_t stm32mp_check_closed_device(void)
{
uint32_t value;
if (stm32_get_otp_value(CFG0_OTP, &value) != 0) {
- return true;
+ return STM32MP_CHIP_SEC_CLOSED;
}
#if STM32MP13
@@ -544,17 +544,22 @@
switch (value) {
case CFG0_OPEN_DEVICE:
- return false;
+ return STM32MP_CHIP_SEC_OPEN;
case CFG0_CLOSED_DEVICE:
case CFG0_CLOSED_DEVICE_NO_BOUNDARY_SCAN:
case CFG0_CLOSED_DEVICE_NO_JTAG:
- return true;
+ return STM32MP_CHIP_SEC_CLOSED;
default:
panic();
}
#endif
#if STM32MP15
- return (value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE;
+ if ((value & CFG0_CLOSED_DEVICE) == CFG0_CLOSED_DEVICE) {
+ return STM32MP_CHIP_SEC_CLOSED;
+ } else {
+ return STM32MP_CHIP_SEC_OPEN;
+ }
+
#endif
}