stm32mp1: read auth stats and boot_partition from tamp

Obtain from TAMP backup register information about image authorization
status and partition id used for booting. Store this info in
environmental variables ("boot_auth" and "boot_part" correspondingly).

Image authorization supported values:
0x0 - No authentication done
0x1 - Authentication done and failed
0x2 - Authentication done and succeeded

These values are stored to TAMP backup register by Trusted Firmware-A [1].

Testing:
STM32MP> print boot_part
boot_part=1
STM32MP> print boot_auth
boot_auth=2

[1] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?h=refs/heads/integration&id=ab2b325c1ab895e626d4e11a9f26b9e7c968f8d8

Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>

diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c
index bab318875cb41060b30544e8aadfc629d1a80c18..55574fd4bebfee80663a3b8d9a5f0bade6ccae81 100644 (file)
--- a/arch/arm/mach-stm32mp/cpu.c
+++ b/arch/arm/mach-stm32mp/cpu.c
@@ -40,6 +40,13 @@ u32 get_bootmode(void)
                    TAMP_BOOT_MODE_SHIFT;
 }
 
+u32 get_bootauth(void)
+{
+       /* read boot auth status and partition from TAMP backup register */
+       return (readl(TAMP_BOOT_CONTEXT) & TAMP_BOOT_AUTH_MASK) >>
+                   TAMP_BOOT_AUTH_SHIFT;
+}
+
 /*
  * weak function overidde: set the DDR/SYSRAM executable before to enable the
  * MMU and configure DACR, for early early_enable_caches (SPL or pre-reloc)
@@ -371,8 +378,24 @@ __weak void stm32mp_misc_init(void)
 {
 }
 
+static int setup_boot_auth_info(void)
+{
+       char buf[10];
+       u32 bootauth = get_bootauth();
+
+       snprintf(buf, sizeof(buf), "%d", bootauth >> 4);
+       env_set("boot_auth", buf);
+
+       snprintf(buf, sizeof(buf), "%d", bootauth &
+                (u32)TAMP_BOOT_PARTITION_MASK);
+       env_set("boot_part", buf);
+
+       return 0;
+}
+
 int arch_misc_init(void)
 {
+       setup_boot_auth_info();
        setup_boot_mode();
        setup_mac_address();
        setup_serial_number();

diff --git a/arch/arm/mach-stm32mp/include/mach/stm32.h b/arch/arm/mach-stm32mp/include/mach/stm32.h
index 1cdc5e3b1864bbc1ebfaa7ebf864659a8d86f529..ac0deced67e42b8333fe6a36a052fec9f67ca07e 100644 (file)
--- a/arch/arm/mach-stm32mp/include/mach/stm32.h
+++ b/arch/arm/mach-stm32mp/include/mach/stm32.h
@@ -139,8 +139,12 @@ enum boot_device {
 
 #define TAMP_BOOT_MODE_MASK            GENMASK(15, 8)
 #define TAMP_BOOT_MODE_SHIFT           8
+#define TAMP_BOOT_AUTH_MASK            GENMASK(23, 16)
+#define TAMP_BOOT_AUTH_SHIFT           16
 #define TAMP_BOOT_DEVICE_MASK          GENMASK(7, 4)
 #define TAMP_BOOT_INSTANCE_MASK                GENMASK(3, 0)
+#define TAMP_BOOT_AUTH_ST_MASK         GENMASK(7, 4)
+#define TAMP_BOOT_PARTITION_MASK       GENMASK(3, 0)
 #define TAMP_BOOT_FORCED_MASK          GENMASK(7, 0)
 
 enum forced_boot_mode {

diff --git a/arch/arm/mach-stm32mp/include/mach/sys_proto.h b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
index 83fb32a45fccbe71f62d8fb2536934440d77ff9f..52aca1e23e1933c3ae990fc323718d59672c9463 100644 (file)
--- a/arch/arm/mach-stm32mp/include/mach/sys_proto.h
+++ b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
@@ -66,6 +66,9 @@ void get_soc_name(char name[SOC_NAME_SIZE]);
 /* return boot mode */
 u32 get_bootmode(void);
 
+/* return auth status and partition */
+u32 get_bootauth(void);
+
 int get_eth_nb(void);
 int setup_mac_address(void);