]>
Commit | Line | Data |
---|---|---|
19f58992 PD |
1 | // SPDX-License-Identifier: GPL-2.0+ |
2 | /* | |
3 | * Copyright (C) 2018, STMicroelectronics - All Rights Reserved | |
4 | */ | |
5 | ||
b66bfdf2 PD |
6 | #define LOG_CATEGORY UCLASS_MISC |
7 | ||
d678a59d | 8 | #include <common.h> |
622c956c | 9 | #include <clk.h> |
19f58992 | 10 | #include <dm.h> |
f7ae49fc | 11 | #include <log.h> |
19f58992 | 12 | #include <misc.h> |
33a909a4 | 13 | #include <tee.h> |
19f58992 | 14 | #include <asm/io.h> |
bd3f60d2 | 15 | #include <asm/arch/bsec.h> |
d859c611 | 16 | #include <asm/arch/stm32mp1_smc.h> |
33a909a4 | 17 | #include <dm/device.h> |
b66bfdf2 | 18 | #include <dm/device_compat.h> |
d859c611 | 19 | #include <linux/arm-smccc.h> |
ee7d7723 | 20 | #include <linux/iopoll.h> |
1e94b46f | 21 | #include <linux/printk.h> |
19f58992 | 22 | |
0c20f53b | 23 | #define BSEC_OTP_UPPER_START 32 |
19f58992 PD |
24 | #define BSEC_TIMEOUT_US 10000 |
25 | ||
26 | /* BSEC REGISTER OFFSET (base relative) */ | |
27 | #define BSEC_OTP_CONF_OFF 0x000 | |
28 | #define BSEC_OTP_CTRL_OFF 0x004 | |
29 | #define BSEC_OTP_WRDATA_OFF 0x008 | |
30 | #define BSEC_OTP_STATUS_OFF 0x00C | |
31 | #define BSEC_OTP_LOCK_OFF 0x010 | |
bd3f60d2 | 32 | #define BSEC_DENABLE_OFF 0x014 |
19f58992 PD |
33 | #define BSEC_DISTURBED_OFF 0x01C |
34 | #define BSEC_ERROR_OFF 0x034 | |
7ae22d72 PD |
35 | #define BSEC_WRLOCK_OFF 0x04C /* OTP write permananet lock */ |
36 | #define BSEC_SPLOCK_OFF 0x064 /* OTP write sticky lock */ | |
37 | #define BSEC_SWLOCK_OFF 0x07C /* shadow write sticky lock */ | |
38 | #define BSEC_SRLOCK_OFF 0x094 /* shadow read sticky lock */ | |
19f58992 PD |
39 | #define BSEC_OTP_DATA_OFF 0x200 |
40 | ||
41 | /* BSEC_CONFIGURATION Register MASK */ | |
42 | #define BSEC_CONF_POWER_UP 0x001 | |
43 | ||
44 | /* BSEC_CONTROL Register */ | |
45 | #define BSEC_READ 0x000 | |
46 | #define BSEC_WRITE 0x100 | |
0c20f53b | 47 | #define BSEC_LOCK 0x200 |
19f58992 PD |
48 | |
49 | /* LOCK Register */ | |
50 | #define OTP_LOCK_MASK 0x1F | |
51 | #define OTP_LOCK_BANK_SHIFT 0x05 | |
52 | #define OTP_LOCK_BIT_MASK 0x01 | |
53 | ||
54 | /* STATUS Register */ | |
55 | #define BSEC_MODE_BUSY_MASK 0x08 | |
56 | #define BSEC_MODE_PROGFAIL_MASK 0x10 | |
57 | #define BSEC_MODE_PWR_MASK 0x20 | |
58 | ||
bd3f60d2 PD |
59 | /* DENABLE Register */ |
60 | #define BSEC_DENABLE_DBGSWENABLE BIT(10) | |
61 | ||
19f58992 PD |
62 | /* |
63 | * OTP Lock services definition | |
64 | * Value must corresponding to the bit number in the register | |
65 | */ | |
66 | #define BSEC_LOCK_PROGRAM 0x04 | |
67 | ||
33a909a4 PD |
68 | #define PTA_BSEC_UUID { 0x94cf71ad, 0x80e6, 0x40b5, \ |
69 | { 0xa7, 0xc6, 0x3d, 0xc5, 0x01, 0xeb, 0x28, 0x03 } } | |
70 | ||
71 | /* | |
72 | * Read OTP memory | |
73 | * | |
74 | * [in] value[0].a OTP start offset in byte | |
75 | * [in] value[0].b Access type (0:shadow, 1:fuse, 2:lock) | |
76 | * [out] memref[1].buffer Output buffer to store read values | |
77 | * [out] memref[1].size Size of OTP to be read | |
78 | * | |
79 | * Return codes: | |
80 | * TEE_SUCCESS - Invoke command success | |
81 | * TEE_ERROR_BAD_PARAMETERS - Incorrect input param | |
82 | * TEE_ERROR_ACCESS_DENIED - OTP not accessible by caller | |
83 | */ | |
84 | #define PTA_BSEC_READ_MEM 0x0 | |
85 | ||
0c20f53b | 86 | /* |
33a909a4 PD |
87 | * Write OTP memory |
88 | * | |
89 | * [in] value[0].a OTP start offset in byte | |
90 | * [in] value[0].b Access type (0:shadow, 1:fuse, 2:lock) | |
91 | * [in] memref[1].buffer Input buffer to read values | |
92 | * [in] memref[1].size Size of OTP to be written | |
93 | * | |
94 | * Return codes: | |
95 | * TEE_SUCCESS - Invoke command success | |
96 | * TEE_ERROR_BAD_PARAMETERS - Incorrect input param | |
97 | * TEE_ERROR_ACCESS_DENIED - OTP not accessible by caller | |
0c20f53b | 98 | */ |
33a909a4 PD |
99 | #define PTA_BSEC_WRITE_MEM 0x1 |
100 | ||
101 | /* value of PTA_BSEC access type = value[in] b */ | |
102 | #define SHADOW_ACCESS 0 | |
103 | #define FUSE_ACCESS 1 | |
104 | #define LOCK_ACCESS 2 | |
0c20f53b | 105 | |
19f58992 | 106 | /** |
7ae22d72 PD |
107 | * bsec_lock() - manage lock for each type SR/SP/SW |
108 | * @address: address of bsec IP register | |
19f58992 | 109 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) |
7ae22d72 | 110 | * Return: true if locked else false |
19f58992 | 111 | */ |
3e0b12af | 112 | static bool bsec_read_lock(void __iomem *address, u32 otp) |
19f58992 PD |
113 | { |
114 | u32 bit; | |
115 | u32 bank; | |
116 | ||
117 | bit = 1 << (otp & OTP_LOCK_MASK); | |
118 | bank = ((otp >> OTP_LOCK_BANK_SHIFT) & OTP_LOCK_MASK) * sizeof(u32); | |
119 | ||
3e0b12af | 120 | return !!(readl((address + bank)) & bit); |
19f58992 PD |
121 | } |
122 | ||
123 | /** | |
7ae22d72 PD |
124 | * bsec_check_error() - Check status of one otp |
125 | * @base: base address of bsec IP | |
19f58992 | 126 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) |
7ae22d72 | 127 | * Return: 0 if no error, -EAGAIN or -ENOTSUPP |
19f58992 | 128 | */ |
3e0b12af | 129 | static u32 bsec_check_error(void __iomem *base, u32 otp) |
19f58992 PD |
130 | { |
131 | u32 bit; | |
132 | u32 bank; | |
133 | ||
134 | bit = 1 << (otp & OTP_LOCK_MASK); | |
135 | bank = ((otp >> OTP_LOCK_BANK_SHIFT) & OTP_LOCK_MASK) * sizeof(u32); | |
136 | ||
7ae22d72 PD |
137 | if (readl(base + BSEC_DISTURBED_OFF + bank) & bit) |
138 | return -EAGAIN; | |
139 | else if (readl(base + BSEC_ERROR_OFF + bank) & bit) | |
140 | return -ENOTSUPP; | |
141 | ||
142 | return 0; | |
19f58992 PD |
143 | } |
144 | ||
145 | /** | |
146 | * bsec_read_SR_lock() - read SR lock (Shadowing) | |
147 | * @base: base address of bsec IP | |
148 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
149 | * Return: true if locked else false | |
150 | */ | |
3e0b12af | 151 | static bool bsec_read_SR_lock(void __iomem *base, u32 otp) |
19f58992 PD |
152 | { |
153 | return bsec_read_lock(base + BSEC_SRLOCK_OFF, otp); | |
154 | } | |
155 | ||
156 | /** | |
157 | * bsec_read_SP_lock() - read SP lock (program Lock) | |
158 | * @base: base address of bsec IP | |
159 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
160 | * Return: true if locked else false | |
161 | */ | |
3e0b12af | 162 | static bool bsec_read_SP_lock(void __iomem *base, u32 otp) |
19f58992 PD |
163 | { |
164 | return bsec_read_lock(base + BSEC_SPLOCK_OFF, otp); | |
165 | } | |
166 | ||
167 | /** | |
168 | * bsec_SW_lock() - manage SW lock (Write in Shadow) | |
169 | * @base: base address of bsec IP | |
170 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
171 | * Return: true if locked else false | |
172 | */ | |
3e0b12af | 173 | static bool bsec_read_SW_lock(void __iomem *base, u32 otp) |
19f58992 PD |
174 | { |
175 | return bsec_read_lock(base + BSEC_SWLOCK_OFF, otp); | |
176 | } | |
177 | ||
178 | /** | |
179 | * bsec_power_safmem() - Activate or deactivate safmem power | |
180 | * @base: base address of bsec IP | |
181 | * @power: true to power up , false to power down | |
182 | * Return: 0 if succeed | |
183 | */ | |
3e0b12af | 184 | static int bsec_power_safmem(void __iomem *base, bool power) |
19f58992 PD |
185 | { |
186 | u32 val; | |
187 | u32 mask; | |
188 | ||
189 | if (power) { | |
190 | setbits_le32(base + BSEC_OTP_CONF_OFF, BSEC_CONF_POWER_UP); | |
191 | mask = BSEC_MODE_PWR_MASK; | |
192 | } else { | |
193 | clrbits_le32(base + BSEC_OTP_CONF_OFF, BSEC_CONF_POWER_UP); | |
194 | mask = 0; | |
195 | } | |
196 | ||
197 | /* waiting loop */ | |
198 | return readl_poll_timeout(base + BSEC_OTP_STATUS_OFF, | |
199 | val, (val & BSEC_MODE_PWR_MASK) == mask, | |
200 | BSEC_TIMEOUT_US); | |
201 | } | |
202 | ||
203 | /** | |
204 | * bsec_shadow_register() - copy safmen otp to bsec data | |
2d48d99c | 205 | * @dev: bsec IP device |
19f58992 PD |
206 | * @base: base address of bsec IP |
207 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
208 | * Return: 0 if no error | |
209 | */ | |
3e0b12af | 210 | static int bsec_shadow_register(struct udevice *dev, void __iomem *base, u32 otp) |
19f58992 PD |
211 | { |
212 | u32 val; | |
213 | int ret; | |
214 | bool power_up = false; | |
215 | ||
216 | /* check if shadowing of otp is locked */ | |
217 | if (bsec_read_SR_lock(base, otp)) | |
b66bfdf2 PD |
218 | dev_dbg(dev, "OTP %d is locked and refreshed with 0\n", |
219 | otp); | |
19f58992 PD |
220 | |
221 | /* check if safemem is power up */ | |
222 | val = readl(base + BSEC_OTP_STATUS_OFF); | |
223 | if (!(val & BSEC_MODE_PWR_MASK)) { | |
224 | ret = bsec_power_safmem(base, true); | |
225 | if (ret) | |
226 | return ret; | |
815bc8bc | 227 | power_up = true; |
19f58992 PD |
228 | } |
229 | /* set BSEC_OTP_CTRL_OFF with the otp value*/ | |
230 | writel(otp | BSEC_READ, base + BSEC_OTP_CTRL_OFF); | |
231 | ||
232 | /* check otp status*/ | |
233 | ret = readl_poll_timeout(base + BSEC_OTP_STATUS_OFF, | |
234 | val, (val & BSEC_MODE_BUSY_MASK) == 0, | |
235 | BSEC_TIMEOUT_US); | |
236 | if (ret) | |
237 | return ret; | |
238 | ||
239 | ret = bsec_check_error(base, otp); | |
240 | ||
241 | if (power_up) | |
242 | bsec_power_safmem(base, false); | |
243 | ||
244 | return ret; | |
245 | } | |
246 | ||
247 | /** | |
248 | * bsec_read_shadow() - read an otp data value from shadow | |
2d48d99c | 249 | * @dev: bsec IP device |
19f58992 PD |
250 | * @base: base address of bsec IP |
251 | * @val: read value | |
252 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
253 | * Return: 0 if no error | |
254 | */ | |
3e0b12af PC |
255 | static int bsec_read_shadow(struct udevice *dev, void __iomem *base, u32 *val, |
256 | u32 otp) | |
19f58992 PD |
257 | { |
258 | *val = readl(base + BSEC_OTP_DATA_OFF + otp * sizeof(u32)); | |
259 | ||
260 | return bsec_check_error(base, otp); | |
261 | } | |
262 | ||
263 | /** | |
264 | * bsec_write_shadow() - write value in BSEC data register in shadow | |
2d48d99c | 265 | * @dev: bsec IP device |
19f58992 PD |
266 | * @base: base address of bsec IP |
267 | * @val: value to write | |
268 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
269 | * Return: 0 if no error | |
270 | */ | |
3e0b12af | 271 | static int bsec_write_shadow(struct udevice *dev, void __iomem *base, u32 val, u32 otp) |
19f58992 PD |
272 | { |
273 | /* check if programming of otp is locked */ | |
274 | if (bsec_read_SW_lock(base, otp)) | |
b66bfdf2 | 275 | dev_dbg(dev, "OTP %d is lock, write will be ignore\n", otp); |
19f58992 PD |
276 | |
277 | writel(val, base + BSEC_OTP_DATA_OFF + otp * sizeof(u32)); | |
278 | ||
279 | return bsec_check_error(base, otp); | |
280 | } | |
281 | ||
282 | /** | |
283 | * bsec_program_otp() - program a bit in SAFMEM | |
2d48d99c | 284 | * @dev: bsec IP device |
19f58992 PD |
285 | * @base: base address of bsec IP |
286 | * @val: value to program | |
287 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
288 | * after the function the otp data is not refreshed in shadow | |
289 | * Return: 0 if no error | |
290 | */ | |
3e0b12af | 291 | static int bsec_program_otp(struct udevice *dev, void __iomem *base, u32 val, u32 otp) |
19f58992 PD |
292 | { |
293 | u32 ret; | |
294 | bool power_up = false; | |
295 | ||
296 | if (bsec_read_SP_lock(base, otp)) | |
b66bfdf2 | 297 | dev_dbg(dev, "OTP %d locked, prog will be ignore\n", otp); |
19f58992 PD |
298 | |
299 | if (readl(base + BSEC_OTP_LOCK_OFF) & (1 << BSEC_LOCK_PROGRAM)) | |
b66bfdf2 | 300 | dev_dbg(dev, "Global lock, prog will be ignore\n"); |
19f58992 PD |
301 | |
302 | /* check if safemem is power up */ | |
303 | if (!(readl(base + BSEC_OTP_STATUS_OFF) & BSEC_MODE_PWR_MASK)) { | |
304 | ret = bsec_power_safmem(base, true); | |
305 | if (ret) | |
306 | return ret; | |
307 | ||
308 | power_up = true; | |
309 | } | |
310 | /* set value in write register*/ | |
311 | writel(val, base + BSEC_OTP_WRDATA_OFF); | |
312 | ||
313 | /* set BSEC_OTP_CTRL_OFF with the otp value */ | |
314 | writel(otp | BSEC_WRITE, base + BSEC_OTP_CTRL_OFF); | |
315 | ||
316 | /* check otp status*/ | |
317 | ret = readl_poll_timeout(base + BSEC_OTP_STATUS_OFF, | |
318 | val, (val & BSEC_MODE_BUSY_MASK) == 0, | |
319 | BSEC_TIMEOUT_US); | |
320 | if (ret) | |
321 | return ret; | |
322 | ||
323 | if (val & BSEC_MODE_PROGFAIL_MASK) | |
324 | ret = -EACCES; | |
325 | else | |
326 | ret = bsec_check_error(base, otp); | |
327 | ||
328 | if (power_up) | |
329 | bsec_power_safmem(base, false); | |
330 | ||
331 | return ret; | |
332 | } | |
333 | ||
0c20f53b PD |
334 | /** |
335 | * bsec_permanent_lock_otp() - permanent lock of OTP in SAFMEM | |
336 | * @dev: bsec IP device | |
337 | * @base: base address of bsec IP | |
338 | * @otp: otp number (0 - BSEC_OTP_MAX_VALUE) | |
339 | * Return: 0 if no error | |
340 | */ | |
3e0b12af | 341 | static int bsec_permanent_lock_otp(struct udevice *dev, void __iomem *base, uint32_t otp) |
0c20f53b PD |
342 | { |
343 | int ret; | |
344 | bool power_up = false; | |
345 | u32 val, addr; | |
346 | ||
347 | /* check if safemem is power up */ | |
348 | if (!(readl(base + BSEC_OTP_STATUS_OFF) & BSEC_MODE_PWR_MASK)) { | |
349 | ret = bsec_power_safmem(base, true); | |
350 | if (ret) | |
351 | return ret; | |
352 | ||
353 | power_up = true; | |
354 | } | |
355 | ||
356 | /* | |
357 | * low OTPs = 2 bits word for low OTPs, 1 bits per word for upper OTP | |
358 | * and only 16 bits used in WRDATA | |
359 | */ | |
360 | if (otp < BSEC_OTP_UPPER_START) { | |
361 | addr = otp / 8; | |
362 | val = 0x03 << ((otp * 2) & 0xF); | |
363 | } else { | |
364 | addr = BSEC_OTP_UPPER_START / 8 + | |
365 | ((otp - BSEC_OTP_UPPER_START) / 16); | |
366 | val = 0x01 << (otp & 0xF); | |
367 | } | |
368 | ||
369 | /* set value in write register*/ | |
370 | writel(val, base + BSEC_OTP_WRDATA_OFF); | |
371 | ||
372 | /* set BSEC_OTP_CTRL_OFF with the otp addr and lock request*/ | |
373 | writel(addr | BSEC_WRITE | BSEC_LOCK, base + BSEC_OTP_CTRL_OFF); | |
374 | ||
375 | /* check otp status*/ | |
376 | ret = readl_poll_timeout(base + BSEC_OTP_STATUS_OFF, | |
377 | val, (val & BSEC_MODE_BUSY_MASK) == 0, | |
378 | BSEC_TIMEOUT_US); | |
379 | if (ret) | |
380 | return ret; | |
381 | ||
382 | if (val & BSEC_MODE_PROGFAIL_MASK) | |
383 | ret = -EACCES; | |
384 | else | |
385 | ret = bsec_check_error(base, otp); | |
386 | ||
387 | if (power_up) | |
388 | bsec_power_safmem(base, false); | |
389 | ||
390 | return ret; | |
391 | } | |
392 | ||
19f58992 | 393 | /* BSEC MISC driver *******************************************************/ |
8a8d24bd | 394 | struct stm32mp_bsec_plat { |
3e0b12af | 395 | void __iomem *base; |
19f58992 PD |
396 | }; |
397 | ||
33a909a4 PD |
398 | struct stm32mp_bsec_priv { |
399 | struct udevice *tee; | |
400 | }; | |
401 | ||
0d0266c4 PD |
402 | struct stm32mp_bsec_drvdata { |
403 | int size; | |
404 | bool ta; | |
405 | }; | |
406 | ||
19f58992 PD |
407 | static int stm32mp_bsec_read_otp(struct udevice *dev, u32 *val, u32 otp) |
408 | { | |
8a8d24bd | 409 | struct stm32mp_bsec_plat *plat; |
19f58992 PD |
410 | u32 tmp_data = 0; |
411 | int ret; | |
412 | ||
f42045b2 | 413 | if (IS_ENABLED(CONFIG_ARM_SMCCC) && !IS_ENABLED(CONFIG_SPL_BUILD)) |
4e9e358f PD |
414 | return stm32_smc(STM32_SMC_BSEC, |
415 | STM32_SMC_READ_OTP, | |
416 | otp, 0, val); | |
417 | ||
c69cda25 | 418 | plat = dev_get_plat(dev); |
4e9e358f | 419 | |
19f58992 | 420 | /* read current shadow value */ |
b66bfdf2 | 421 | ret = bsec_read_shadow(dev, plat->base, &tmp_data, otp); |
19f58992 PD |
422 | if (ret) |
423 | return ret; | |
424 | ||
425 | /* copy otp in shadow */ | |
b66bfdf2 | 426 | ret = bsec_shadow_register(dev, plat->base, otp); |
19f58992 PD |
427 | if (ret) |
428 | return ret; | |
429 | ||
b66bfdf2 | 430 | ret = bsec_read_shadow(dev, plat->base, val, otp); |
19f58992 PD |
431 | if (ret) |
432 | return ret; | |
433 | ||
434 | /* restore shadow value */ | |
b66bfdf2 | 435 | ret = bsec_write_shadow(dev, plat->base, tmp_data, otp); |
4e9e358f | 436 | |
19f58992 PD |
437 | return ret; |
438 | } | |
439 | ||
440 | static int stm32mp_bsec_read_shadow(struct udevice *dev, u32 *val, u32 otp) | |
441 | { | |
8a8d24bd | 442 | struct stm32mp_bsec_plat *plat; |
4e9e358f | 443 | |
f42045b2 | 444 | if (IS_ENABLED(CONFIG_ARM_SMCCC) && !IS_ENABLED(CONFIG_SPL_BUILD)) |
4e9e358f PD |
445 | return stm32_smc(STM32_SMC_BSEC, |
446 | STM32_SMC_READ_SHADOW, | |
447 | otp, 0, val); | |
448 | ||
c69cda25 | 449 | plat = dev_get_plat(dev); |
19f58992 | 450 | |
b66bfdf2 | 451 | return bsec_read_shadow(dev, plat->base, val, otp); |
19f58992 PD |
452 | } |
453 | ||
7ae22d72 PD |
454 | static int stm32mp_bsec_read_lock(struct udevice *dev, u32 *val, u32 otp) |
455 | { | |
8a8d24bd | 456 | struct stm32mp_bsec_plat *plat = dev_get_plat(dev); |
0c20f53b | 457 | u32 wrlock; |
7ae22d72 PD |
458 | |
459 | /* return OTP permanent write lock status */ | |
0c20f53b PD |
460 | wrlock = bsec_read_lock(plat->base + BSEC_WRLOCK_OFF, otp); |
461 | ||
462 | *val = 0; | |
463 | if (wrlock) | |
464 | *val = BSEC_LOCK_PERM; | |
7ae22d72 PD |
465 | |
466 | return 0; | |
467 | } | |
468 | ||
19f58992 PD |
469 | static int stm32mp_bsec_write_otp(struct udevice *dev, u32 val, u32 otp) |
470 | { | |
8a8d24bd | 471 | struct stm32mp_bsec_plat *plat; |
4e9e358f | 472 | |
f42045b2 | 473 | if (IS_ENABLED(CONFIG_ARM_SMCCC) && !IS_ENABLED(CONFIG_SPL_BUILD)) |
4e9e358f PD |
474 | return stm32_smc_exec(STM32_SMC_BSEC, |
475 | STM32_SMC_PROG_OTP, | |
476 | otp, val); | |
477 | ||
c69cda25 | 478 | plat = dev_get_plat(dev); |
19f58992 | 479 | |
b66bfdf2 | 480 | return bsec_program_otp(dev, plat->base, val, otp); |
4e9e358f | 481 | |
19f58992 PD |
482 | } |
483 | ||
484 | static int stm32mp_bsec_write_shadow(struct udevice *dev, u32 val, u32 otp) | |
485 | { | |
8a8d24bd | 486 | struct stm32mp_bsec_plat *plat; |
4e9e358f | 487 | |
f42045b2 | 488 | if (IS_ENABLED(CONFIG_ARM_SMCCC) && !IS_ENABLED(CONFIG_SPL_BUILD)) |
4e9e358f PD |
489 | return stm32_smc_exec(STM32_SMC_BSEC, |
490 | STM32_SMC_WRITE_SHADOW, | |
491 | otp, val); | |
492 | ||
c69cda25 | 493 | plat = dev_get_plat(dev); |
19f58992 | 494 | |
b66bfdf2 | 495 | return bsec_write_shadow(dev, plat->base, val, otp); |
19f58992 PD |
496 | } |
497 | ||
7ae22d72 PD |
498 | static int stm32mp_bsec_write_lock(struct udevice *dev, u32 val, u32 otp) |
499 | { | |
0c20f53b PD |
500 | struct stm32mp_bsec_plat *plat; |
501 | ||
502 | /* only permanent write lock is supported in U-Boot */ | |
503 | if (!(val & BSEC_LOCK_PERM)) { | |
504 | dev_dbg(dev, "lock option without BSEC_LOCK_PERM: %x\n", val); | |
505 | return 0; /* nothing to do */ | |
506 | } | |
4e9e358f | 507 | |
0c20f53b | 508 | if (IS_ENABLED(CONFIG_ARM_SMCCC) && !IS_ENABLED(CONFIG_SPL_BUILD)) |
7ae22d72 PD |
509 | return stm32_smc_exec(STM32_SMC_BSEC, |
510 | STM32_SMC_WRLOCK_OTP, | |
511 | otp, 0); | |
0c20f53b PD |
512 | |
513 | plat = dev_get_plat(dev); | |
514 | ||
515 | return bsec_permanent_lock_otp(dev, plat->base, otp); | |
7ae22d72 PD |
516 | } |
517 | ||
33a909a4 PD |
518 | static int bsec_pta_open_session(struct udevice *tee, u32 *tee_session) |
519 | { | |
520 | const struct tee_optee_ta_uuid uuid = PTA_BSEC_UUID; | |
521 | struct tee_open_session_arg arg; | |
522 | int rc; | |
523 | ||
524 | memset(&arg, 0, sizeof(arg)); | |
525 | tee_optee_ta_uuid_to_octets(arg.uuid, &uuid); | |
526 | arg.clnt_login = TEE_LOGIN_REE_KERNEL; | |
527 | rc = tee_open_session(tee, &arg, 0, NULL); | |
528 | if (rc < 0) | |
529 | return -ENODEV; | |
530 | ||
531 | *tee_session = arg.session; | |
532 | ||
533 | return 0; | |
534 | } | |
535 | ||
536 | static int bsec_optee_open(struct udevice *dev) | |
537 | { | |
538 | struct stm32mp_bsec_priv *priv = dev_get_priv(dev); | |
539 | struct udevice *tee; | |
540 | u32 tee_session; | |
541 | int rc; | |
542 | ||
543 | tee = tee_find_device(NULL, NULL, NULL, NULL); | |
544 | if (!tee) | |
545 | return -ENODEV; | |
546 | ||
547 | /* try to open the STM32 BSEC TA */ | |
548 | rc = bsec_pta_open_session(tee, &tee_session); | |
549 | if (rc) | |
550 | return rc; | |
551 | ||
552 | tee_close_session(tee, tee_session); | |
553 | ||
554 | priv->tee = tee; | |
555 | ||
556 | return 0; | |
557 | } | |
558 | ||
559 | static int bsec_optee_pta(struct udevice *dev, int cmd, int type, int offset, | |
560 | void *buff, ulong size) | |
561 | { | |
562 | struct stm32mp_bsec_priv *priv = dev_get_priv(dev); | |
563 | u32 tee_session; | |
564 | struct tee_invoke_arg arg; | |
565 | struct tee_param param[2]; | |
566 | struct tee_shm *fw_shm; | |
567 | int rc; | |
568 | ||
569 | rc = bsec_pta_open_session(priv->tee, &tee_session); | |
570 | if (rc) | |
571 | return rc; | |
572 | ||
573 | rc = tee_shm_register(priv->tee, buff, size, 0, &fw_shm); | |
574 | if (rc) | |
575 | goto close_session; | |
576 | ||
577 | memset(&arg, 0, sizeof(arg)); | |
578 | arg.func = cmd; | |
579 | arg.session = tee_session; | |
580 | ||
581 | memset(param, 0, sizeof(param)); | |
582 | ||
583 | param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_INPUT; | |
584 | param[0].u.value.a = offset; | |
585 | param[0].u.value.b = type; | |
586 | ||
587 | if (cmd == PTA_BSEC_WRITE_MEM) | |
588 | param[1].attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT; | |
589 | else | |
590 | param[1].attr = TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT; | |
591 | ||
592 | param[1].u.memref.shm = fw_shm; | |
593 | param[1].u.memref.size = size; | |
594 | ||
595 | rc = tee_invoke_func(priv->tee, &arg, 2, param); | |
596 | if (rc < 0 || arg.ret != 0) { | |
597 | dev_err(priv->tee, | |
598 | "PTA_BSEC invoke failed TEE err: %x, err:%x\n", | |
599 | arg.ret, rc); | |
600 | if (!rc) | |
601 | rc = -EIO; | |
602 | } | |
603 | ||
604 | tee_shm_free(fw_shm); | |
605 | ||
606 | close_session: | |
607 | tee_close_session(priv->tee, tee_session); | |
608 | ||
609 | return rc; | |
610 | } | |
611 | ||
19f58992 PD |
612 | static int stm32mp_bsec_read(struct udevice *dev, int offset, |
613 | void *buf, int size) | |
614 | { | |
33a909a4 | 615 | struct stm32mp_bsec_priv *priv = dev_get_priv(dev); |
0d0266c4 | 616 | struct stm32mp_bsec_drvdata *data = (struct stm32mp_bsec_drvdata *)dev_get_driver_data(dev); |
19f58992 PD |
617 | int ret; |
618 | int i; | |
7ae22d72 | 619 | bool shadow = true, lock = false; |
19f58992 | 620 | int nb_otp = size / sizeof(u32); |
33a909a4 | 621 | int otp, cmd; |
745b676d | 622 | unsigned int offs = offset; |
19f58992 | 623 | |
7ae22d72 PD |
624 | if (offs >= STM32_BSEC_LOCK_OFFSET) { |
625 | offs -= STM32_BSEC_LOCK_OFFSET; | |
626 | lock = true; | |
627 | } else if (offs >= STM32_BSEC_OTP_OFFSET) { | |
745b676d | 628 | offs -= STM32_BSEC_OTP_OFFSET; |
19f58992 PD |
629 | shadow = false; |
630 | } | |
19f58992 | 631 | |
7b802e1a | 632 | if ((offs % 4) || (size % 4) || !size) |
19f58992 | 633 | return -EINVAL; |
19f58992 | 634 | |
33a909a4 PD |
635 | if (IS_ENABLED(CONFIG_OPTEE) && priv->tee) { |
636 | cmd = FUSE_ACCESS; | |
637 | if (shadow) | |
638 | cmd = SHADOW_ACCESS; | |
639 | if (lock) | |
640 | cmd = LOCK_ACCESS; | |
641 | ret = bsec_optee_pta(dev, PTA_BSEC_READ_MEM, cmd, offs, buf, size); | |
642 | if (ret) | |
643 | return ret; | |
644 | ||
645 | return size; | |
646 | } | |
647 | ||
0c8620d2 PD |
648 | otp = offs / sizeof(u32); |
649 | ||
0d0266c4 | 650 | for (i = otp; i < (otp + nb_otp) && i < data->size; i++) { |
19f58992 PD |
651 | u32 *addr = &((u32 *)buf)[i - otp]; |
652 | ||
7ae22d72 PD |
653 | if (lock) |
654 | ret = stm32mp_bsec_read_lock(dev, addr, i); | |
655 | else if (shadow) | |
19f58992 PD |
656 | ret = stm32mp_bsec_read_shadow(dev, addr, i); |
657 | else | |
658 | ret = stm32mp_bsec_read_otp(dev, addr, i); | |
659 | ||
660 | if (ret) | |
661 | break; | |
662 | } | |
0c8620d2 PD |
663 | if (ret) |
664 | return ret; | |
665 | else | |
666 | return (i - otp) * 4; | |
19f58992 PD |
667 | } |
668 | ||
669 | static int stm32mp_bsec_write(struct udevice *dev, int offset, | |
670 | const void *buf, int size) | |
671 | { | |
33a909a4 | 672 | struct stm32mp_bsec_priv *priv = dev_get_priv(dev); |
0d0266c4 | 673 | struct stm32mp_bsec_drvdata *data = (struct stm32mp_bsec_drvdata *)dev_get_driver_data(dev); |
19f58992 PD |
674 | int ret = 0; |
675 | int i; | |
7ae22d72 | 676 | bool shadow = true, lock = false; |
19f58992 | 677 | int nb_otp = size / sizeof(u32); |
33a909a4 | 678 | int otp, cmd; |
745b676d | 679 | unsigned int offs = offset; |
19f58992 | 680 | |
7ae22d72 PD |
681 | if (offs >= STM32_BSEC_LOCK_OFFSET) { |
682 | offs -= STM32_BSEC_LOCK_OFFSET; | |
683 | lock = true; | |
684 | } else if (offs >= STM32_BSEC_OTP_OFFSET) { | |
745b676d | 685 | offs -= STM32_BSEC_OTP_OFFSET; |
19f58992 PD |
686 | shadow = false; |
687 | } | |
19f58992 | 688 | |
7b802e1a | 689 | if ((offs % 4) || (size % 4) || !size) |
19f58992 | 690 | return -EINVAL; |
19f58992 | 691 | |
33a909a4 PD |
692 | if (IS_ENABLED(CONFIG_OPTEE) && priv->tee) { |
693 | cmd = FUSE_ACCESS; | |
694 | if (shadow) | |
695 | cmd = SHADOW_ACCESS; | |
696 | if (lock) | |
697 | cmd = LOCK_ACCESS; | |
698 | ret = bsec_optee_pta(dev, PTA_BSEC_WRITE_MEM, cmd, offs, (void *)buf, size); | |
699 | if (ret) | |
700 | return ret; | |
701 | ||
702 | return size; | |
703 | } | |
704 | ||
0c8620d2 PD |
705 | otp = offs / sizeof(u32); |
706 | ||
0d0266c4 | 707 | for (i = otp; i < otp + nb_otp && i < data->size; i++) { |
19f58992 PD |
708 | u32 *val = &((u32 *)buf)[i - otp]; |
709 | ||
7ae22d72 PD |
710 | if (lock) |
711 | ret = stm32mp_bsec_write_lock(dev, *val, i); | |
712 | else if (shadow) | |
19f58992 PD |
713 | ret = stm32mp_bsec_write_shadow(dev, *val, i); |
714 | else | |
715 | ret = stm32mp_bsec_write_otp(dev, *val, i); | |
716 | if (ret) | |
717 | break; | |
718 | } | |
0c8620d2 PD |
719 | if (ret) |
720 | return ret; | |
721 | else | |
722 | return (i - otp) * 4; | |
19f58992 PD |
723 | } |
724 | ||
725 | static const struct misc_ops stm32mp_bsec_ops = { | |
726 | .read = stm32mp_bsec_read, | |
727 | .write = stm32mp_bsec_write, | |
728 | }; | |
729 | ||
d1998a9f | 730 | static int stm32mp_bsec_of_to_plat(struct udevice *dev) |
19f58992 | 731 | { |
8a8d24bd | 732 | struct stm32mp_bsec_plat *plat = dev_get_plat(dev); |
19f58992 | 733 | |
3e0b12af | 734 | plat->base = dev_read_addr_ptr(dev); |
19f58992 PD |
735 | |
736 | return 0; | |
737 | } | |
738 | ||
815bc8bc PD |
739 | static int stm32mp_bsec_probe(struct udevice *dev) |
740 | { | |
0d0266c4 | 741 | struct stm32mp_bsec_drvdata *data = (struct stm32mp_bsec_drvdata *)dev_get_driver_data(dev); |
815bc8bc | 742 | int otp; |
8a8d24bd | 743 | struct stm32mp_bsec_plat *plat; |
622c956c PD |
744 | struct clk_bulk clk_bulk; |
745 | int ret; | |
746 | ||
747 | ret = clk_get_bulk(dev, &clk_bulk); | |
748 | if (!ret) { | |
749 | ret = clk_enable_bulk(&clk_bulk); | |
750 | if (ret) | |
751 | return ret; | |
752 | } | |
815bc8bc | 753 | |
33a909a4 | 754 | if (IS_ENABLED(CONFIG_OPTEE)) |
0d0266c4 PD |
755 | ret = bsec_optee_open(dev); |
756 | else | |
757 | ret = -ENOTSUPP; | |
758 | /* failed if OP-TEE TA is required */ | |
759 | if (data->ta && !ret) | |
760 | return ret; | |
33a909a4 | 761 | |
95bd49a5 PD |
762 | /* |
763 | * update unlocked shadow for OTP cleared by the rom code | |
9788708f | 764 | * only executed in SPL, it is done in TF-A for TFABOOT |
95bd49a5 | 765 | */ |
0d0266c4 | 766 | if (IS_ENABLED(CONFIG_SPL_BUILD) && !data->ta) { |
c69cda25 | 767 | plat = dev_get_plat(dev); |
4e9e358f | 768 | |
0d0266c4 PD |
769 | /* here 57 is the value for STM32MP15x ROM code, only MPU with SPL support*/ |
770 | for (otp = 57; otp < data->size; otp++) | |
4e9e358f | 771 | if (!bsec_read_SR_lock(plat->base, otp)) |
b66bfdf2 | 772 | bsec_shadow_register(dev, plat->base, otp); |
4e9e358f | 773 | } |
815bc8bc PD |
774 | |
775 | return 0; | |
776 | } | |
815bc8bc | 777 | |
0d0266c4 PD |
778 | static const struct stm32mp_bsec_drvdata stm32mp13_data = { |
779 | .size = 96, | |
780 | .ta = true, | |
781 | }; | |
782 | ||
783 | static const struct stm32mp_bsec_drvdata stm32mp15_data = { | |
784 | .size = 96, | |
785 | .ta = false, | |
786 | }; | |
e508b597 PD |
787 | |
788 | static const struct stm32mp_bsec_drvdata stm32mp25_data = { | |
789 | .size = 368, /* 384 but no access to HWKEY and STM32PRVKEY */ | |
790 | .ta = true, | |
791 | }; | |
792 | ||
19f58992 | 793 | static const struct udevice_id stm32mp_bsec_ids[] = { |
0d0266c4 PD |
794 | { .compatible = "st,stm32mp13-bsec", .data = (ulong)&stm32mp13_data}, |
795 | { .compatible = "st,stm32mp15-bsec", .data = (ulong)&stm32mp15_data}, | |
e508b597 | 796 | { .compatible = "st,stm32mp25-bsec", .data = (ulong)&stm32mp25_data}, |
19f58992 PD |
797 | {} |
798 | }; | |
799 | ||
800 | U_BOOT_DRIVER(stm32mp_bsec) = { | |
801 | .name = "stm32mp_bsec", | |
802 | .id = UCLASS_MISC, | |
803 | .of_match = stm32mp_bsec_ids, | |
d1998a9f | 804 | .of_to_plat = stm32mp_bsec_of_to_plat, |
27bad4e7 | 805 | .plat_auto = sizeof(struct stm32mp_bsec_plat), |
33a909a4 | 806 | .priv_auto = sizeof(struct stm32mp_bsec_priv), |
19f58992 | 807 | .ops = &stm32mp_bsec_ops, |
815bc8bc | 808 | .probe = stm32mp_bsec_probe, |
19f58992 | 809 | }; |
bd3f60d2 PD |
810 | |
811 | bool bsec_dbgswenable(void) | |
812 | { | |
813 | struct udevice *dev; | |
8a8d24bd | 814 | struct stm32mp_bsec_plat *plat; |
bd3f60d2 PD |
815 | int ret; |
816 | ||
817 | ret = uclass_get_device_by_driver(UCLASS_MISC, | |
65e25bea | 818 | DM_DRIVER_GET(stm32mp_bsec), &dev); |
bd3f60d2 | 819 | if (ret || !dev) { |
b66bfdf2 | 820 | log_debug("bsec driver not available\n"); |
bd3f60d2 PD |
821 | return false; |
822 | } | |
823 | ||
c69cda25 | 824 | plat = dev_get_plat(dev); |
bd3f60d2 PD |
825 | if (readl(plat->base + BSEC_DENABLE_OFF) & BSEC_DENABLE_DBGSWENABLE) |
826 | return true; | |
827 | ||
828 | return false; | |
829 | } | |
3865a7ec PD |
830 | |
831 | u32 get_otp(int index, int shift, int mask) | |
832 | { | |
833 | int ret; | |
834 | struct udevice *dev; | |
835 | u32 otp = 0; | |
836 | ||
837 | ret = uclass_get_device_by_driver(UCLASS_MISC, | |
838 | DM_DRIVER_GET(stm32mp_bsec), | |
839 | &dev); | |
840 | ||
841 | if (!ret) | |
842 | ret = misc_read(dev, STM32_BSEC_SHADOW(index), | |
843 | &otp, sizeof(otp)); | |
844 | ||
845 | return (otp >> shift) & mask; | |
846 | } |