Yann Gautier | 36a1e4b | 2019-01-17 14:52:47 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2017-2019, STMicroelectronics - All Rights Reserved |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | |
| 7 | #include <assert.h> |
| 8 | #include <limits.h> |
| 9 | |
| 10 | #include <libfdt.h> |
| 11 | |
| 12 | #include <platform_def.h> |
| 13 | |
| 14 | #include <arch_helpers.h> |
| 15 | #include <common/debug.h> |
| 16 | #include <drivers/st/bsec.h> |
| 17 | #include <lib/mmio.h> |
| 18 | #include <lib/spinlock.h> |
| 19 | |
| 20 | #define BSEC_IP_VERSION_1_0 0x10 |
| 21 | #define BSEC_COMPAT "st,stm32mp15-bsec" |
| 22 | |
| 23 | #define OTP_ACCESS_SIZE (round_up(OTP_MAX_SIZE, __WORD_BIT) / __WORD_BIT) |
| 24 | |
| 25 | static uint32_t otp_nsec_access[OTP_ACCESS_SIZE] __unused; |
| 26 | |
| 27 | static uint32_t bsec_power_safmem(bool power); |
| 28 | |
| 29 | /* BSEC access protection */ |
| 30 | static spinlock_t bsec_spinlock; |
| 31 | static uintptr_t bsec_base; |
| 32 | |
| 33 | static void bsec_lock(void) |
| 34 | { |
Yann Gautier | f540a59 | 2019-05-22 19:13:51 +0200 | [diff] [blame] | 35 | if (stm32mp_lock_available()) { |
Yann Gautier | 36a1e4b | 2019-01-17 14:52:47 +0100 | [diff] [blame] | 36 | spin_lock(&bsec_spinlock); |
| 37 | } |
| 38 | } |
| 39 | |
| 40 | static void bsec_unlock(void) |
| 41 | { |
Yann Gautier | f540a59 | 2019-05-22 19:13:51 +0200 | [diff] [blame] | 42 | if (stm32mp_lock_available()) { |
Yann Gautier | 36a1e4b | 2019-01-17 14:52:47 +0100 | [diff] [blame] | 43 | spin_unlock(&bsec_spinlock); |
| 44 | } |
| 45 | } |
| 46 | |
| 47 | static int bsec_get_dt_node(struct dt_node_info *info) |
| 48 | { |
| 49 | int node; |
| 50 | |
| 51 | node = dt_get_node(info, -1, BSEC_COMPAT); |
| 52 | if (node < 0) { |
| 53 | return -FDT_ERR_NOTFOUND; |
| 54 | } |
| 55 | |
| 56 | return node; |
| 57 | } |
| 58 | |
| 59 | #if defined(IMAGE_BL32) |
| 60 | static void enable_non_secure_access(uint32_t otp) |
| 61 | { |
| 62 | otp_nsec_access[otp / __WORD_BIT] |= BIT(otp % __WORD_BIT); |
| 63 | |
| 64 | if (bsec_shadow_register(otp) != BSEC_OK) { |
| 65 | panic(); |
| 66 | } |
| 67 | } |
| 68 | |
| 69 | static bool non_secure_can_access(uint32_t otp) |
| 70 | { |
| 71 | return (otp_nsec_access[otp / __WORD_BIT] & |
| 72 | BIT(otp % __WORD_BIT)) != 0; |
| 73 | } |
| 74 | |
| 75 | static int bsec_dt_otp_nsec_access(void *fdt, int bsec_node) |
| 76 | { |
| 77 | int bsec_subnode; |
| 78 | |
| 79 | fdt_for_each_subnode(bsec_subnode, fdt, bsec_node) { |
| 80 | const fdt32_t *cuint; |
| 81 | uint32_t reg; |
| 82 | uint32_t i; |
| 83 | uint32_t size; |
| 84 | uint8_t status; |
| 85 | |
| 86 | cuint = fdt_getprop(fdt, bsec_subnode, "reg", NULL); |
| 87 | if (cuint == NULL) { |
| 88 | panic(); |
| 89 | } |
| 90 | |
| 91 | reg = fdt32_to_cpu(*cuint) / sizeof(uint32_t); |
| 92 | if (reg < STM32MP1_UPPER_OTP_START) { |
| 93 | continue; |
| 94 | } |
| 95 | |
| 96 | status = fdt_get_status(bsec_subnode); |
| 97 | if ((status & DT_NON_SECURE) == 0U) { |
| 98 | continue; |
| 99 | } |
| 100 | |
| 101 | size = fdt32_to_cpu(*(cuint + 1)) / sizeof(uint32_t); |
| 102 | |
| 103 | if ((fdt32_to_cpu(*(cuint + 1)) % sizeof(uint32_t)) != 0) { |
| 104 | size++; |
| 105 | } |
| 106 | |
| 107 | for (i = reg; i < (reg + size); i++) { |
| 108 | enable_non_secure_access(i); |
| 109 | } |
| 110 | } |
| 111 | |
| 112 | return 0; |
| 113 | } |
| 114 | #endif |
| 115 | |
| 116 | static uint32_t otp_bank_offset(uint32_t otp) |
| 117 | { |
| 118 | assert(otp <= STM32MP1_OTP_MAX_ID); |
| 119 | |
| 120 | return ((otp & ~BSEC_OTP_MASK) >> BSEC_OTP_BANK_SHIFT) * |
| 121 | sizeof(uint32_t); |
| 122 | } |
| 123 | |
| 124 | static uint32_t bsec_check_error(uint32_t otp) |
| 125 | { |
| 126 | uint32_t bit = BIT(otp & BSEC_OTP_MASK); |
| 127 | uint32_t bank = otp_bank_offset(otp); |
| 128 | |
| 129 | if ((mmio_read_32(bsec_base + BSEC_DISTURBED_OFF + bank) & bit) != 0U) { |
| 130 | return BSEC_DISTURBED; |
| 131 | } |
| 132 | |
| 133 | if ((mmio_read_32(bsec_base + BSEC_ERROR_OFF + bank) & bit) != 0U) { |
| 134 | return BSEC_ERROR; |
| 135 | } |
| 136 | |
| 137 | return BSEC_OK; |
| 138 | } |
| 139 | |
| 140 | /* |
| 141 | * bsec_probe: initialize BSEC driver. |
| 142 | * return value: BSEC_OK if no error. |
| 143 | */ |
| 144 | uint32_t bsec_probe(void) |
| 145 | { |
| 146 | void *fdt; |
| 147 | int node; |
| 148 | struct dt_node_info bsec_info; |
| 149 | |
| 150 | if (fdt_get_address(&fdt) == 0) { |
| 151 | panic(); |
| 152 | } |
| 153 | |
| 154 | node = bsec_get_dt_node(&bsec_info); |
| 155 | if (node < 0) { |
| 156 | panic(); |
| 157 | } |
| 158 | |
| 159 | bsec_base = bsec_info.base; |
| 160 | |
| 161 | #if defined(IMAGE_BL32) |
| 162 | bsec_dt_otp_nsec_access(fdt, node); |
| 163 | #endif |
| 164 | return BSEC_OK; |
| 165 | } |
| 166 | |
| 167 | /* |
| 168 | * bsec_get_base: return BSEC base address. |
| 169 | */ |
| 170 | uint32_t bsec_get_base(void) |
| 171 | { |
| 172 | return bsec_base; |
| 173 | } |
| 174 | |
| 175 | /* |
| 176 | * bsec_set_config: enable and configure BSEC. |
| 177 | * cfg: pointer to param structure used to set register. |
| 178 | * return value: BSEC_OK if no error. |
| 179 | */ |
| 180 | uint32_t bsec_set_config(struct bsec_config *cfg) |
| 181 | { |
| 182 | uint32_t value; |
| 183 | int32_t result; |
| 184 | |
| 185 | value = ((((uint32_t)cfg->freq << BSEC_CONF_FRQ_SHIFT) & |
| 186 | BSEC_CONF_FRQ_MASK) | |
| 187 | (((uint32_t)cfg->pulse_width << BSEC_CONF_PRG_WIDTH_SHIFT) & |
| 188 | BSEC_CONF_PRG_WIDTH_MASK) | |
| 189 | (((uint32_t)cfg->tread << BSEC_CONF_TREAD_SHIFT) & |
| 190 | BSEC_CONF_TREAD_MASK)); |
| 191 | |
| 192 | bsec_lock(); |
| 193 | |
| 194 | mmio_write_32(bsec_base + BSEC_OTP_CONF_OFF, value); |
| 195 | |
| 196 | bsec_unlock(); |
| 197 | |
| 198 | result = bsec_power_safmem((bool)cfg->power & |
| 199 | BSEC_CONF_POWER_UP_MASK); |
| 200 | if (result != BSEC_OK) { |
| 201 | return result; |
| 202 | } |
| 203 | |
| 204 | value = ((((uint32_t)cfg->upper_otp_lock << UPPER_OTP_LOCK_SHIFT) & |
| 205 | UPPER_OTP_LOCK_MASK) | |
| 206 | (((uint32_t)cfg->den_lock << DENREG_LOCK_SHIFT) & |
| 207 | DENREG_LOCK_MASK) | |
| 208 | (((uint32_t)cfg->prog_lock << GPLOCK_LOCK_SHIFT) & |
| 209 | GPLOCK_LOCK_MASK)); |
| 210 | |
| 211 | bsec_lock(); |
| 212 | |
| 213 | mmio_write_32(bsec_base + BSEC_OTP_LOCK_OFF, value); |
| 214 | |
| 215 | bsec_unlock(); |
| 216 | |
| 217 | return BSEC_OK; |
| 218 | } |
| 219 | |
| 220 | /* |
| 221 | * bsec_get_config: return config parameters set in BSEC registers. |
| 222 | * cfg: config param return. |
| 223 | * return value: BSEC_OK if no error. |
| 224 | */ |
| 225 | uint32_t bsec_get_config(struct bsec_config *cfg) |
| 226 | { |
| 227 | uint32_t value; |
| 228 | |
| 229 | if (cfg == NULL) { |
| 230 | return BSEC_INVALID_PARAM; |
| 231 | } |
| 232 | |
| 233 | value = mmio_read_32(bsec_base + BSEC_OTP_CONF_OFF); |
| 234 | cfg->power = (uint8_t)((value & BSEC_CONF_POWER_UP_MASK) >> |
| 235 | BSEC_CONF_POWER_UP_SHIFT); |
| 236 | cfg->freq = (uint8_t)((value & BSEC_CONF_FRQ_MASK) >> |
| 237 | BSEC_CONF_FRQ_SHIFT); |
| 238 | cfg->pulse_width = (uint8_t)((value & BSEC_CONF_PRG_WIDTH_MASK) >> |
| 239 | BSEC_CONF_PRG_WIDTH_SHIFT); |
| 240 | cfg->tread = (uint8_t)((value & BSEC_CONF_TREAD_MASK) >> |
| 241 | BSEC_CONF_TREAD_SHIFT); |
| 242 | |
| 243 | value = mmio_read_32(bsec_base + BSEC_OTP_LOCK_OFF); |
| 244 | cfg->upper_otp_lock = (uint8_t)((value & UPPER_OTP_LOCK_MASK) >> |
| 245 | UPPER_OTP_LOCK_SHIFT); |
| 246 | cfg->den_lock = (uint8_t)((value & DENREG_LOCK_MASK) >> |
| 247 | DENREG_LOCK_SHIFT); |
| 248 | cfg->prog_lock = (uint8_t)((value & GPLOCK_LOCK_MASK) >> |
| 249 | GPLOCK_LOCK_SHIFT); |
| 250 | |
| 251 | return BSEC_OK; |
| 252 | } |
| 253 | |
| 254 | /* |
| 255 | * bsec_shadow_register: copy SAFMEM OTP to BSEC data. |
| 256 | * otp: OTP number. |
| 257 | * return value: BSEC_OK if no error. |
| 258 | */ |
| 259 | uint32_t bsec_shadow_register(uint32_t otp) |
| 260 | { |
| 261 | uint32_t result; |
| 262 | bool power_up = false; |
| 263 | |
| 264 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 265 | return BSEC_INVALID_PARAM; |
| 266 | } |
| 267 | |
| 268 | /* Check if shadowing of OTP is locked */ |
| 269 | if (bsec_read_sr_lock(otp)) { |
| 270 | VERBOSE("BSEC: OTP %i is locked and will not be refreshed\n", |
| 271 | otp); |
| 272 | } |
| 273 | |
| 274 | if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) { |
| 275 | result = bsec_power_safmem(true); |
| 276 | |
| 277 | if (result != BSEC_OK) { |
| 278 | return result; |
| 279 | } |
| 280 | |
| 281 | power_up = true; |
| 282 | } |
| 283 | |
| 284 | bsec_lock(); |
| 285 | |
| 286 | /* Set BSEC_OTP_CTRL_OFF and set ADDR with the OTP value */ |
| 287 | mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF, otp | BSEC_READ); |
| 288 | |
| 289 | while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) { |
| 290 | ; |
| 291 | } |
| 292 | |
| 293 | result = bsec_check_error(otp); |
| 294 | |
| 295 | bsec_unlock(); |
| 296 | |
| 297 | if (power_up) { |
| 298 | if (bsec_power_safmem(false) != BSEC_OK) { |
| 299 | panic(); |
| 300 | } |
| 301 | } |
| 302 | |
| 303 | return result; |
| 304 | } |
| 305 | |
| 306 | /* |
| 307 | * bsec_read_otp: read an OTP data value. |
| 308 | * val: read value. |
| 309 | * otp: OTP number. |
| 310 | * return value: BSEC_OK if no error. |
| 311 | */ |
| 312 | uint32_t bsec_read_otp(uint32_t *val, uint32_t otp) |
| 313 | { |
| 314 | uint32_t result; |
| 315 | |
| 316 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 317 | return BSEC_INVALID_PARAM; |
| 318 | } |
| 319 | |
| 320 | bsec_lock(); |
| 321 | |
| 322 | *val = mmio_read_32(bsec_base + BSEC_OTP_DATA_OFF + |
| 323 | (otp * sizeof(uint32_t))); |
| 324 | |
| 325 | result = bsec_check_error(otp); |
| 326 | |
| 327 | bsec_unlock(); |
| 328 | |
| 329 | return result; |
| 330 | } |
| 331 | |
| 332 | /* |
| 333 | * bsec_write_otp: write value in BSEC data register. |
| 334 | * val: value to write. |
| 335 | * otp: OTP number. |
| 336 | * return value: BSEC_OK if no error. |
| 337 | */ |
| 338 | uint32_t bsec_write_otp(uint32_t val, uint32_t otp) |
| 339 | { |
| 340 | uint32_t result; |
| 341 | |
| 342 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 343 | return BSEC_INVALID_PARAM; |
| 344 | } |
| 345 | |
| 346 | /* Check if programming of OTP is locked */ |
| 347 | if (bsec_read_sw_lock(otp)) { |
| 348 | VERBOSE("BSEC: OTP %i is locked and write will be ignored\n", |
| 349 | otp); |
| 350 | } |
| 351 | |
| 352 | bsec_lock(); |
| 353 | |
| 354 | mmio_write_32(bsec_base + BSEC_OTP_DATA_OFF + |
| 355 | (otp * sizeof(uint32_t)), val); |
| 356 | |
| 357 | result = bsec_check_error(otp); |
| 358 | |
| 359 | bsec_unlock(); |
| 360 | |
| 361 | return result; |
| 362 | } |
| 363 | |
| 364 | /* |
| 365 | * bsec_program_otp: program a bit in SAFMEM after the prog. |
| 366 | * The OTP data is not refreshed. |
| 367 | * val: value to program. |
| 368 | * otp: OTP number. |
| 369 | * return value: BSEC_OK if no error. |
| 370 | */ |
| 371 | uint32_t bsec_program_otp(uint32_t val, uint32_t otp) |
| 372 | { |
| 373 | uint32_t result; |
| 374 | bool power_up = false; |
| 375 | |
| 376 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 377 | return BSEC_INVALID_PARAM; |
| 378 | } |
| 379 | |
| 380 | /* Check if programming of OTP is locked */ |
| 381 | if (bsec_read_sp_lock(otp)) { |
| 382 | WARN("BSEC: OTP locked, prog will be ignored\n"); |
| 383 | } |
| 384 | |
| 385 | if ((mmio_read_32(bsec_base + BSEC_OTP_LOCK_OFF) & |
| 386 | BIT(BSEC_LOCK_PROGRAM)) != 0U) { |
| 387 | WARN("BSEC: GPLOCK activated, prog will be ignored\n"); |
| 388 | } |
| 389 | |
| 390 | if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) { |
| 391 | result = bsec_power_safmem(true); |
| 392 | |
| 393 | if (result != BSEC_OK) { |
| 394 | return result; |
| 395 | } |
| 396 | |
| 397 | power_up = true; |
| 398 | } |
| 399 | |
| 400 | bsec_lock(); |
| 401 | |
| 402 | /* Set value in write register */ |
| 403 | mmio_write_32(bsec_base + BSEC_OTP_WRDATA_OFF, val); |
| 404 | |
| 405 | /* Set BSEC_OTP_CTRL_OFF and set ADDR with the OTP value */ |
| 406 | mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF, otp | BSEC_WRITE); |
| 407 | |
| 408 | while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) { |
| 409 | ; |
| 410 | } |
| 411 | |
| 412 | if ((bsec_get_status() & BSEC_MODE_PROGFAIL_MASK) != 0U) { |
| 413 | result = BSEC_PROG_FAIL; |
| 414 | } else { |
| 415 | result = bsec_check_error(otp); |
| 416 | } |
| 417 | |
| 418 | bsec_unlock(); |
| 419 | |
| 420 | if (power_up) { |
| 421 | if (bsec_power_safmem(false) != BSEC_OK) { |
| 422 | panic(); |
| 423 | } |
| 424 | } |
| 425 | |
| 426 | return result; |
| 427 | } |
| 428 | |
| 429 | /* |
| 430 | * bsec_permanent_lock_otp: permanent lock of OTP in SAFMEM. |
| 431 | * otp: OTP number. |
| 432 | * return value: BSEC_OK if no error. |
| 433 | */ |
| 434 | uint32_t bsec_permanent_lock_otp(uint32_t otp) |
| 435 | { |
| 436 | uint32_t result; |
| 437 | bool power_up = false; |
| 438 | uint32_t data; |
| 439 | uint32_t addr; |
| 440 | |
| 441 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 442 | return BSEC_INVALID_PARAM; |
| 443 | } |
| 444 | |
| 445 | if ((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) { |
| 446 | result = bsec_power_safmem(true); |
| 447 | |
| 448 | if (result != BSEC_OK) { |
| 449 | return result; |
| 450 | } |
| 451 | |
| 452 | power_up = true; |
| 453 | } |
| 454 | |
| 455 | if (otp < STM32MP1_UPPER_OTP_START) { |
| 456 | addr = otp >> ADDR_LOWER_OTP_PERLOCK_SHIFT; |
| 457 | data = DATA_LOWER_OTP_PERLOCK_BIT << |
| 458 | ((otp & DATA_LOWER_OTP_PERLOCK_MASK) << 1U); |
| 459 | } else { |
| 460 | addr = (otp >> ADDR_UPPER_OTP_PERLOCK_SHIFT) + 2U; |
| 461 | data = DATA_UPPER_OTP_PERLOCK_BIT << |
| 462 | (otp & DATA_UPPER_OTP_PERLOCK_MASK); |
| 463 | } |
| 464 | |
| 465 | bsec_lock(); |
| 466 | |
| 467 | /* Set value in write register */ |
| 468 | mmio_write_32(bsec_base + BSEC_OTP_WRDATA_OFF, data); |
| 469 | |
| 470 | /* Set BSEC_OTP_CTRL_OFF and set ADDR with the OTP value */ |
| 471 | mmio_write_32(bsec_base + BSEC_OTP_CTRL_OFF, |
| 472 | addr | BSEC_WRITE | BSEC_LOCK); |
| 473 | |
| 474 | while ((bsec_get_status() & BSEC_MODE_BUSY_MASK) != 0U) { |
| 475 | ; |
| 476 | } |
| 477 | |
| 478 | if ((bsec_get_status() & BSEC_MODE_PROGFAIL_MASK) != 0U) { |
| 479 | result = BSEC_PROG_FAIL; |
| 480 | } else { |
| 481 | result = bsec_check_error(otp); |
| 482 | } |
| 483 | |
| 484 | bsec_unlock(); |
| 485 | |
| 486 | if (power_up) { |
| 487 | if (bsec_power_safmem(false) != BSEC_OK) { |
| 488 | panic(); |
| 489 | } |
| 490 | } |
| 491 | |
| 492 | return result; |
| 493 | } |
| 494 | |
| 495 | /* |
| 496 | * bsec_write_debug_conf: write value in debug feature |
| 497 | * to enable/disable debug service. |
| 498 | * val: value to write. |
| 499 | * return value: BSEC_OK if no error. |
| 500 | */ |
| 501 | uint32_t bsec_write_debug_conf(uint32_t val) |
| 502 | { |
| 503 | uint32_t result = BSEC_ERROR; |
| 504 | uint32_t masked_val = val & BSEC_DEN_ALL_MSK; |
| 505 | |
| 506 | bsec_lock(); |
| 507 | |
| 508 | mmio_write_32(bsec_base + BSEC_DEN_OFF, masked_val); |
| 509 | |
| 510 | if ((mmio_read_32(bsec_base + BSEC_DEN_OFF) ^ masked_val) == 0U) { |
| 511 | result = BSEC_OK; |
| 512 | } |
| 513 | |
| 514 | bsec_unlock(); |
| 515 | |
| 516 | return result; |
| 517 | } |
| 518 | |
| 519 | /* |
| 520 | * bsec_read_debug_conf: read debug configuration. |
| 521 | */ |
| 522 | uint32_t bsec_read_debug_conf(void) |
| 523 | { |
| 524 | return mmio_read_32(bsec_base + BSEC_DEN_OFF); |
| 525 | } |
| 526 | |
| 527 | /* |
| 528 | * bsec_get_status: return status register value. |
| 529 | */ |
| 530 | uint32_t bsec_get_status(void) |
| 531 | { |
| 532 | return mmio_read_32(bsec_base + BSEC_OTP_STATUS_OFF); |
| 533 | } |
| 534 | |
| 535 | /* |
| 536 | * bsec_get_hw_conf: return hardware configuration. |
| 537 | */ |
| 538 | uint32_t bsec_get_hw_conf(void) |
| 539 | { |
| 540 | return mmio_read_32(bsec_base + BSEC_IPHW_CFG_OFF); |
| 541 | } |
| 542 | |
| 543 | /* |
| 544 | * bsec_get_version: return BSEC version. |
| 545 | */ |
| 546 | uint32_t bsec_get_version(void) |
| 547 | { |
| 548 | return mmio_read_32(bsec_base + BSEC_IPVR_OFF); |
| 549 | } |
| 550 | |
| 551 | /* |
| 552 | * bsec_get_id: return BSEC ID. |
| 553 | */ |
| 554 | uint32_t bsec_get_id(void) |
| 555 | { |
| 556 | return mmio_read_32(bsec_base + BSEC_IP_ID_OFF); |
| 557 | } |
| 558 | |
| 559 | /* |
| 560 | * bsec_get_magic_id: return BSEC magic number. |
| 561 | */ |
| 562 | uint32_t bsec_get_magic_id(void) |
| 563 | { |
| 564 | return mmio_read_32(bsec_base + BSEC_IP_MAGIC_ID_OFF); |
| 565 | } |
| 566 | |
| 567 | /* |
| 568 | * bsec_write_sr_lock: write shadow-read lock. |
| 569 | * otp: OTP number. |
| 570 | * value: value to write in the register. |
| 571 | * Must be always 1. |
| 572 | * return: true if OTP is locked, else false. |
| 573 | */ |
| 574 | bool bsec_write_sr_lock(uint32_t otp, uint32_t value) |
| 575 | { |
| 576 | bool result = false; |
| 577 | uint32_t bank = otp_bank_offset(otp); |
| 578 | uint32_t bank_value; |
| 579 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 580 | |
| 581 | bsec_lock(); |
| 582 | |
| 583 | bank_value = mmio_read_32(bsec_base + BSEC_SRLOCK_OFF + bank); |
| 584 | |
| 585 | if ((bank_value & otp_mask) == value) { |
| 586 | /* |
| 587 | * In case of write don't need to write, |
| 588 | * the lock is already set. |
| 589 | */ |
| 590 | if (value != 0U) { |
| 591 | result = true; |
| 592 | } |
| 593 | } else { |
| 594 | if (value != 0U) { |
| 595 | bank_value = bank_value | otp_mask; |
| 596 | } else { |
| 597 | bank_value = bank_value & ~otp_mask; |
| 598 | } |
| 599 | |
| 600 | /* |
| 601 | * We can write 0 in all other OTP |
| 602 | * if the lock is activated in one of other OTP. |
| 603 | * Write 0 has no effect. |
| 604 | */ |
| 605 | mmio_write_32(bsec_base + BSEC_SRLOCK_OFF + bank, bank_value); |
| 606 | result = true; |
| 607 | } |
| 608 | |
| 609 | bsec_unlock(); |
| 610 | |
| 611 | return result; |
| 612 | } |
| 613 | |
| 614 | /* |
| 615 | * bsec_read_sr_lock: read shadow-read lock. |
| 616 | * otp: OTP number. |
| 617 | * return: true if otp is locked, else false. |
| 618 | */ |
| 619 | bool bsec_read_sr_lock(uint32_t otp) |
| 620 | { |
| 621 | uint32_t bank = otp_bank_offset(otp); |
| 622 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 623 | uint32_t bank_value = mmio_read_32(bsec_base + BSEC_SRLOCK_OFF + bank); |
| 624 | |
| 625 | return (bank_value & otp_mask) != 0U; |
| 626 | } |
| 627 | |
| 628 | /* |
| 629 | * bsec_write_sw_lock: write shadow-write lock. |
| 630 | * otp: OTP number. |
| 631 | * value: Value to write in the register. |
| 632 | * Must be always 1. |
| 633 | * return: true if OTP is locked, else false. |
| 634 | */ |
| 635 | bool bsec_write_sw_lock(uint32_t otp, uint32_t value) |
| 636 | { |
| 637 | bool result = false; |
| 638 | uint32_t bank = otp_bank_offset(otp); |
| 639 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 640 | uint32_t bank_value; |
| 641 | |
| 642 | bsec_lock(); |
| 643 | |
| 644 | bank_value = mmio_read_32(bsec_base + BSEC_SWLOCK_OFF + bank); |
| 645 | |
| 646 | if ((bank_value & otp_mask) == value) { |
| 647 | /* |
| 648 | * In case of write don't need to write, |
| 649 | * the lock is already set. |
| 650 | */ |
| 651 | if (value != 0U) { |
| 652 | result = true; |
| 653 | } |
| 654 | } else { |
| 655 | if (value != 0U) { |
| 656 | bank_value = bank_value | otp_mask; |
| 657 | } else { |
| 658 | bank_value = bank_value & ~otp_mask; |
| 659 | } |
| 660 | |
| 661 | /* |
| 662 | * We can write 0 in all other OTP |
| 663 | * if the lock is activated in one of other OTP. |
| 664 | * Write 0 has no effect. |
| 665 | */ |
| 666 | mmio_write_32(bsec_base + BSEC_SWLOCK_OFF + bank, bank_value); |
| 667 | result = true; |
| 668 | } |
| 669 | |
| 670 | bsec_unlock(); |
| 671 | |
| 672 | return result; |
| 673 | } |
| 674 | |
| 675 | /* |
| 676 | * bsec_read_sw_lock: read shadow-write lock. |
| 677 | * otp: OTP number. |
| 678 | * return: true if OTP is locked, else false. |
| 679 | */ |
| 680 | bool bsec_read_sw_lock(uint32_t otp) |
| 681 | { |
| 682 | uint32_t bank = otp_bank_offset(otp); |
| 683 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 684 | uint32_t bank_value = mmio_read_32(bsec_base + BSEC_SWLOCK_OFF + bank); |
| 685 | |
| 686 | return (bank_value & otp_mask) != 0U; |
| 687 | } |
| 688 | |
| 689 | /* |
| 690 | * bsec_write_sp_lock: write shadow-program lock. |
| 691 | * otp: OTP number. |
| 692 | * value: Value to write in the register. |
| 693 | * Must be always 1. |
| 694 | * return: true if OTP is locked, else false. |
| 695 | */ |
| 696 | bool bsec_write_sp_lock(uint32_t otp, uint32_t value) |
| 697 | { |
| 698 | bool result = false; |
| 699 | uint32_t bank = otp_bank_offset(otp); |
| 700 | uint32_t bank_value; |
| 701 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 702 | |
| 703 | bsec_lock(); |
| 704 | |
| 705 | bank_value = mmio_read_32(bsec_base + BSEC_SPLOCK_OFF + bank); |
| 706 | |
| 707 | if ((bank_value & otp_mask) == value) { |
| 708 | /* |
| 709 | * In case of write don't need to write, |
| 710 | * the lock is already set. |
| 711 | */ |
| 712 | if (value != 0U) { |
| 713 | result = true; |
| 714 | } |
| 715 | } else { |
| 716 | if (value != 0U) { |
| 717 | bank_value = bank_value | otp_mask; |
| 718 | } else { |
| 719 | bank_value = bank_value & ~otp_mask; |
| 720 | } |
| 721 | |
| 722 | /* |
| 723 | * We can write 0 in all other OTP |
| 724 | * if the lock is activated in one of other OTP. |
| 725 | * Write 0 has no effect. |
| 726 | */ |
| 727 | mmio_write_32(bsec_base + BSEC_SPLOCK_OFF + bank, bank_value); |
| 728 | result = true; |
| 729 | } |
| 730 | |
| 731 | bsec_unlock(); |
| 732 | |
| 733 | return result; |
| 734 | } |
| 735 | |
| 736 | /* |
| 737 | * bsec_read_sp_lock: read shadow-program lock. |
| 738 | * otp: OTP number. |
| 739 | * return: true if OTP is locked, else false. |
| 740 | */ |
| 741 | bool bsec_read_sp_lock(uint32_t otp) |
| 742 | { |
| 743 | uint32_t bank = otp_bank_offset(otp); |
| 744 | uint32_t otp_mask = BIT(otp & BSEC_OTP_MASK); |
| 745 | uint32_t bank_value = mmio_read_32(bsec_base + BSEC_SPLOCK_OFF + bank); |
| 746 | |
| 747 | return (bank_value & otp_mask) != 0U; |
| 748 | } |
| 749 | |
| 750 | /* |
| 751 | * bsec_wr_lock: Read permanent lock status. |
| 752 | * otp: OTP number. |
| 753 | * return: true if OTP is locked, else false. |
| 754 | */ |
| 755 | bool bsec_wr_lock(uint32_t otp) |
| 756 | { |
| 757 | uint32_t bank = otp_bank_offset(otp); |
| 758 | uint32_t lock_bit = BIT(otp & BSEC_OTP_MASK); |
| 759 | |
| 760 | if ((mmio_read_32(bsec_base + BSEC_WRLOCK_OFF + bank) & |
| 761 | lock_bit) != 0U) { |
| 762 | /* |
| 763 | * In case of write don't need to write, |
| 764 | * the lock is already set. |
| 765 | */ |
| 766 | return true; |
| 767 | } |
| 768 | |
| 769 | return false; |
| 770 | } |
| 771 | |
| 772 | /* |
| 773 | * bsec_otp_lock: Lock Upper OTP or Global programming or debug enable |
| 774 | * service: Service to lock see header file. |
| 775 | * value: Value to write must always set to 1 (only use for debug purpose). |
| 776 | * return: BSEC_OK if succeed. |
| 777 | */ |
| 778 | uint32_t bsec_otp_lock(uint32_t service, uint32_t value) |
| 779 | { |
| 780 | uintptr_t reg = bsec_base + BSEC_OTP_LOCK_OFF; |
| 781 | |
| 782 | switch (service) { |
| 783 | case BSEC_LOCK_UPPER_OTP: |
| 784 | mmio_write_32(reg, value << BSEC_LOCK_UPPER_OTP); |
| 785 | break; |
| 786 | case BSEC_LOCK_DEBUG: |
| 787 | mmio_write_32(reg, value << BSEC_LOCK_DEBUG); |
| 788 | break; |
| 789 | case BSEC_LOCK_PROGRAM: |
| 790 | mmio_write_32(reg, value << BSEC_LOCK_PROGRAM); |
| 791 | break; |
| 792 | default: |
| 793 | return BSEC_INVALID_PARAM; |
| 794 | } |
| 795 | |
| 796 | return BSEC_OK; |
| 797 | } |
| 798 | |
| 799 | /* |
| 800 | * bsec_power_safmem: Activate or deactivate SAFMEM power. |
| 801 | * power: true to power up, false to power down. |
| 802 | * return: BSEC_OK if succeed. |
| 803 | */ |
| 804 | static uint32_t bsec_power_safmem(bool power) |
| 805 | { |
| 806 | uint32_t register_val; |
| 807 | uint32_t timeout = BSEC_TIMEOUT_VALUE; |
| 808 | |
| 809 | bsec_lock(); |
| 810 | |
| 811 | register_val = mmio_read_32(bsec_base + BSEC_OTP_CONF_OFF); |
| 812 | |
| 813 | if (power) { |
| 814 | register_val |= BSEC_CONF_POWER_UP_MASK; |
| 815 | } else { |
| 816 | register_val &= ~BSEC_CONF_POWER_UP_MASK; |
| 817 | } |
| 818 | |
| 819 | mmio_write_32(bsec_base + BSEC_OTP_CONF_OFF, register_val); |
| 820 | |
| 821 | /* Waiting loop */ |
| 822 | if (power) { |
| 823 | while (((bsec_get_status() & BSEC_MODE_PWR_MASK) == 0U) && |
| 824 | (timeout != 0U)) { |
| 825 | timeout--; |
| 826 | } |
| 827 | } else { |
| 828 | while (((bsec_get_status() & BSEC_MODE_PWR_MASK) != 0U) && |
| 829 | (timeout != 0U)) { |
| 830 | timeout--; |
| 831 | } |
| 832 | } |
| 833 | |
| 834 | bsec_unlock(); |
| 835 | |
| 836 | if (timeout == 0U) { |
| 837 | return BSEC_TIMEOUT; |
| 838 | } |
| 839 | |
| 840 | return BSEC_OK; |
| 841 | } |
| 842 | |
| 843 | /* |
| 844 | * bsec_mode_is_closed_device: read OTP secure sub-mode. |
| 845 | * return: false if open_device and true of closed_device. |
| 846 | */ |
| 847 | bool bsec_mode_is_closed_device(void) |
| 848 | { |
| 849 | uint32_t value; |
| 850 | |
| 851 | if ((bsec_shadow_register(DATA0_OTP) != BSEC_OK) || |
| 852 | (bsec_read_otp(&value, DATA0_OTP) != BSEC_OK)) { |
| 853 | return true; |
| 854 | } |
| 855 | |
| 856 | return (value & DATA0_OTP_SECURED) == DATA0_OTP_SECURED; |
| 857 | } |
| 858 | |
| 859 | /* |
| 860 | * bsec_shadow_read_otp: Load OTP from SAFMEM and provide its value |
| 861 | * otp_value: read value. |
| 862 | * word: OTP number. |
| 863 | * return value: BSEC_OK if no error. |
| 864 | */ |
| 865 | uint32_t bsec_shadow_read_otp(uint32_t *otp_value, uint32_t word) |
| 866 | { |
| 867 | uint32_t result; |
| 868 | |
| 869 | result = bsec_shadow_register(word); |
| 870 | if (result != BSEC_OK) { |
| 871 | ERROR("BSEC: %u Shadowing Error %i\n", word, result); |
| 872 | return result; |
| 873 | } |
| 874 | |
| 875 | result = bsec_read_otp(otp_value, word); |
| 876 | if (result != BSEC_OK) { |
| 877 | ERROR("BSEC: %u Read Error %i\n", word, result); |
| 878 | } |
| 879 | |
| 880 | return result; |
| 881 | } |
| 882 | |
| 883 | /* |
| 884 | * bsec_check_nsec_access_rights: check non-secure access rights to target OTP. |
| 885 | * otp: OTP number. |
| 886 | * return: BSEC_OK if authorized access. |
| 887 | */ |
| 888 | uint32_t bsec_check_nsec_access_rights(uint32_t otp) |
| 889 | { |
| 890 | #if defined(IMAGE_BL32) |
| 891 | if (otp > STM32MP1_OTP_MAX_ID) { |
| 892 | return BSEC_INVALID_PARAM; |
| 893 | } |
| 894 | |
| 895 | if (otp >= STM32MP1_UPPER_OTP_START) { |
| 896 | /* Check if BSEC is in OTP-SECURED closed_device state. */ |
| 897 | if (bsec_mode_is_closed_device()) { |
| 898 | if (!non_secure_can_access(otp)) { |
| 899 | return BSEC_ERROR; |
| 900 | } |
| 901 | } |
| 902 | } |
| 903 | #endif |
| 904 | |
| 905 | return BSEC_OK; |
| 906 | } |
| 907 | |