]>
Commit | Line | Data |
---|---|---|
b83c709e | 1 | /* |
29067abf | 2 | * Copyright (C) 2012-2015 Freescale Semiconductor, Inc. All Rights Reserved. |
b83c709e SB |
3 | * |
4 | * SPDX-License-Identifier: GPL-2.0+ | |
5 | * | |
6 | */ | |
7 | ||
8 | #ifndef __SECURE_MX6Q_H__ | |
9 | #define __SECURE_MX6Q_H__ | |
10 | ||
11 | #include <linux/types.h> | |
12 | ||
13 | /* -------- start of HAB API updates ------------*/ | |
14 | /* The following are taken from HAB4 SIS */ | |
15 | ||
16 | /* Status definitions */ | |
17 | enum hab_status { | |
18 | HAB_STS_ANY = 0x00, | |
19 | HAB_FAILURE = 0x33, | |
20 | HAB_WARNING = 0x69, | |
21 | HAB_SUCCESS = 0xf0 | |
22 | }; | |
23 | ||
24 | /* Security Configuration definitions */ | |
25 | enum hab_config { | |
29067abf UC |
26 | HAB_CFG_RETURN = 0x33, /* < Field Return IC */ |
27 | HAB_CFG_OPEN = 0xf0, /* < Non-secure IC */ | |
28 | HAB_CFG_CLOSED = 0xcc /* < Secure IC */ | |
b83c709e SB |
29 | }; |
30 | ||
31 | /* State definitions */ | |
32 | enum hab_state { | |
29067abf UC |
33 | HAB_STATE_INITIAL = 0x33, /* Initialising state (transitory) */ |
34 | HAB_STATE_CHECK = 0x55, /* Check state (non-secure) */ | |
35 | HAB_STATE_NONSECURE = 0x66, /* Non-secure state */ | |
36 | HAB_STATE_TRUSTED = 0x99, /* Trusted state */ | |
37 | HAB_STATE_SECURE = 0xaa, /* Secure state */ | |
38 | HAB_STATE_FAIL_SOFT = 0xcc, /* Soft fail state */ | |
39 | HAB_STATE_FAIL_HARD = 0xff, /* Hard fail state (terminal) */ | |
40 | HAB_STATE_NONE = 0xf0, /* No security state machine */ | |
b83c709e SB |
41 | HAB_STATE_MAX |
42 | }; | |
43 | ||
29067abf UC |
44 | enum hab_reason { |
45 | HAB_RSN_ANY = 0x00, /* Match any reason */ | |
46 | HAB_ENG_FAIL = 0x30, /* Engine failure */ | |
47 | HAB_INV_ADDRESS = 0x22, /* Invalid address: access denied */ | |
48 | HAB_INV_ASSERTION = 0x0c, /* Invalid assertion */ | |
49 | HAB_INV_CALL = 0x28, /* Function called out of sequence */ | |
50 | HAB_INV_CERTIFICATE = 0x21, /* Invalid certificate */ | |
51 | HAB_INV_COMMAND = 0x06, /* Invalid command: command malformed */ | |
52 | HAB_INV_CSF = 0x11, /* Invalid csf */ | |
53 | HAB_INV_DCD = 0x27, /* Invalid dcd */ | |
54 | HAB_INV_INDEX = 0x0f, /* Invalid index: access denied */ | |
55 | HAB_INV_IVT = 0x05, /* Invalid ivt */ | |
56 | HAB_INV_KEY = 0x1d, /* Invalid key */ | |
57 | HAB_INV_RETURN = 0x1e, /* Failed callback function */ | |
58 | HAB_INV_SIGNATURE = 0x18, /* Invalid signature */ | |
59 | HAB_INV_SIZE = 0x17, /* Invalid data size */ | |
60 | HAB_MEM_FAIL = 0x2e, /* Memory failure */ | |
61 | HAB_OVR_COUNT = 0x2b, /* Expired poll count */ | |
62 | HAB_OVR_STORAGE = 0x2d, /* Exhausted storage region */ | |
63 | HAB_UNS_ALGORITHM = 0x12, /* Unsupported algorithm */ | |
64 | HAB_UNS_COMMAND = 0x03, /* Unsupported command */ | |
65 | HAB_UNS_ENGINE = 0x0a, /* Unsupported engine */ | |
66 | HAB_UNS_ITEM = 0x24, /* Unsupported configuration item */ | |
67 | HAB_UNS_KEY = 0x1b, /* Unsupported key type/parameters */ | |
68 | HAB_UNS_PROTOCOL = 0x14, /* Unsupported protocol */ | |
69 | HAB_UNS_STATE = 0x09, /* Unsuitable state */ | |
70 | HAB_RSN_MAX | |
71 | }; | |
72 | ||
73 | enum hab_context { | |
74 | HAB_CTX_ANY = 0x00, /* Match any context */ | |
75 | HAB_CTX_FAB = 0xff, /* Event logged in hab_fab_test() */ | |
76 | HAB_CTX_ENTRY = 0xe1, /* Event logged in hab_rvt.entry() */ | |
77 | HAB_CTX_TARGET = 0x33, /* Event logged in hab_rvt.check_target() */ | |
78 | HAB_CTX_AUTHENTICATE = 0x0a,/* Logged in hab_rvt.authenticate_image() */ | |
79 | HAB_CTX_DCD = 0xdd, /* Event logged in hab_rvt.run_dcd() */ | |
80 | HAB_CTX_CSF = 0xcf, /* Event logged in hab_rvt.run_csf() */ | |
81 | HAB_CTX_COMMAND = 0xc0, /* Event logged executing csf/dcd command */ | |
82 | HAB_CTX_AUT_DAT = 0xdb, /* Authenticated data block */ | |
83 | HAB_CTX_ASSERT = 0xa0, /* Event logged in hab_rvt.assert() */ | |
84 | HAB_CTX_EXIT = 0xee, /* Event logged in hab_rvt.exit() */ | |
85 | HAB_CTX_MAX | |
86 | }; | |
87 | ||
f68c61a3 AA |
88 | struct imx_sec_config_fuse_t { |
89 | int bank; | |
90 | int word; | |
91 | }; | |
92 | ||
93 | #if defined(CONFIG_SECURE_BOOT) | |
94 | extern struct imx_sec_config_fuse_t const imx_sec_config_fuse; | |
95 | #endif | |
96 | ||
b83c709e SB |
97 | /*Function prototype description*/ |
98 | typedef enum hab_status hab_rvt_report_event_t(enum hab_status, uint32_t, | |
99 | uint8_t* , size_t*); | |
100 | typedef enum hab_status hab_rvt_report_status_t(enum hab_config *, | |
101 | enum hab_state *); | |
102 | typedef enum hab_status hab_loader_callback_f_t(void**, size_t*, const void*); | |
103 | typedef enum hab_status hab_rvt_entry_t(void); | |
104 | typedef enum hab_status hab_rvt_exit_t(void); | |
105 | typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t, | |
106 | void **, size_t *, hab_loader_callback_f_t); | |
107 | typedef void hapi_clock_init_t(void); | |
108 | ||
29067abf UC |
109 | #define HAB_ENG_ANY 0x00 /* Select first compatible engine */ |
110 | #define HAB_ENG_SCC 0x03 /* Security controller */ | |
111 | #define HAB_ENG_RTIC 0x05 /* Run-time integrity checker */ | |
112 | #define HAB_ENG_SAHARA 0x06 /* Crypto accelerator */ | |
113 | #define HAB_ENG_CSU 0x0a /* Central Security Unit */ | |
114 | #define HAB_ENG_SRTC 0x0c /* Secure clock */ | |
115 | #define HAB_ENG_DCP 0x1b /* Data Co-Processor */ | |
116 | #define HAB_ENG_CAAM 0x1d /* CAAM */ | |
117 | #define HAB_ENG_SNVS 0x1e /* Secure Non-Volatile Storage */ | |
118 | #define HAB_ENG_OCOTP 0x21 /* Fuse controller */ | |
119 | #define HAB_ENG_DTCP 0x22 /* DTCP co-processor */ | |
120 | #define HAB_ENG_ROM 0x36 /* Protected ROM area */ | |
121 | #define HAB_ENG_HDCP 0x24 /* HDCP co-processor */ | |
122 | #define HAB_ENG_RTL 0x77 /* RTL simulation engine */ | |
123 | #define HAB_ENG_SW 0xff /* Software engine */ | |
124 | ||
a89729c9 | 125 | #ifdef CONFIG_ROM_UNIFIED_SECTIONS |
13bc8603 NG |
126 | #define HAB_RVT_BASE 0x00000100 |
127 | #else | |
128 | #define HAB_RVT_BASE 0x00000094 | |
129 | #endif | |
130 | ||
131 | #define HAB_RVT_ENTRY (*(uint32_t *)(HAB_RVT_BASE + 0x04)) | |
132 | #define HAB_RVT_EXIT (*(uint32_t *)(HAB_RVT_BASE + 0x08)) | |
133 | #define HAB_RVT_AUTHENTICATE_IMAGE (*(uint32_t *)(HAB_RVT_BASE + 0x10)) | |
134 | #define HAB_RVT_REPORT_EVENT (*(uint32_t *)(HAB_RVT_BASE + 0x20)) | |
135 | #define HAB_RVT_REPORT_STATUS (*(uint32_t *)(HAB_RVT_BASE + 0x24)) | |
f2f07e85 SB |
136 | |
137 | #define HAB_RVT_REPORT_EVENT_NEW (*(uint32_t *)0x000000B8) | |
138 | #define HAB_RVT_REPORT_STATUS_NEW (*(uint32_t *)0x000000BC) | |
139 | #define HAB_RVT_AUTHENTICATE_IMAGE_NEW (*(uint32_t *)0x000000A8) | |
140 | #define HAB_RVT_ENTRY_NEW (*(uint32_t *)0x0000009C) | |
141 | #define HAB_RVT_EXIT_NEW (*(uint32_t *)0x000000A0) | |
b83c709e SB |
142 | |
143 | #define HAB_CID_ROM 0 /**< ROM Caller ID */ | |
144 | #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/ | |
29067abf | 145 | |
191d8bd5 | 146 | #define IVT_SIZE 0x20 |
08a81cad | 147 | #define CSF_PAD_SIZE 0x2000 |
191d8bd5 | 148 | |
b83c709e SB |
149 | /* ----------- end of HAB API updates ------------*/ |
150 | ||
c5800b25 BD |
151 | int authenticate_image(uint32_t ddr_start, uint32_t image_size, |
152 | uint32_t ivt_offset); | |
15b505b0 | 153 | |
b83c709e | 154 | #endif |