1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (C) 2022 Foundries.io Ltd
4 * Jorge Ramirez-Ortiz <jorge@foundries.io>
5 *
6 * Copyright (C) ProvenRun SAS 2023
7 */
8
9 #include <arm.h>
10 #include <drivers/versal_nvm.h>
11 #include <drivers/versal_pmc.h>
12 #include <initcall.h>
13 #include <kernel/panic.h>
14 #include <kernel/tee_misc.h>
15 #include <mm/core_memprot.h>
16 #include <string.h>
17 #include <tee/cache.h>
18
19 #define NVM_WORD_LEN 4
20
21 /* Protocol API with the remote processor */
22 #define NVM_MODULE_SHIFT 8
23 #define NVM_MODULE 11
24 #define NVM_API_ID(_id) (SHIFT_U32(NVM_MODULE, NVM_MODULE_SHIFT) | (_id))
25
26 #define __aligned_efuse __aligned(CACHELINE_LEN)
27
28 #define EFUSE_CACHE_DNA_OFFSET 0x20
29 #define EFUSE_CACHE_BOOT_ENV_CTRL_OFFSET 0x94
30 #define EFUSE_CACHE_MISC_CTRL_OFFSET 0xA0
31 #define EFUSE_CACHE_PUF_ECC_CTRL_OFFSET 0xA4
32 #define EFUSE_CACHE_PUF_CHASH_OFFSET 0xA8
33 #define EFUSE_CACHE_SEC_CTRL_OFFSET 0xAC
34 #define EFUSE_CACHE_REVOCATION_ID0_OFFSET 0xB0
35 #define EFUSE_CACHE_SEC_MISC0_OFFSET 0xE4
36 #define EFUSE_CACHE_SEC_MISC1_OFFSET 0xE8
37 #define EFUSE_CACHE_PPK0_OFFSET 0x100
38 #define EFUSE_CACHE_PPK1_OFFSET 0x120
39 #define EFUSE_CACHE_PPK2_OFFSET 0x140
40 #define EFUSE_CACHE_OFFCHIP_REVOKE_ID0_OFFSET 0x160
41 #define EFUSE_CACHE_METAHEADER_IV_RANGE0_OFFSET 0x180
42 #define EFUSE_CACHE_BLACK_IV0_OFFSET 0x1D0
43 #define EFUSE_CACHE_PLM_IV_RANGE0_OFFSET 0x1DC
44 #define EFUSE_CACHE_DATA_PARTITION_IV_RANGE0_OFFSET 0x1E8
45 #define EFUSE_CACHE_USER0_OFFSET 0x240
46 #define EFUSE_CACHE_PUF_SYN0_OFFSET 0x300
47
48 #define EFUSE_ENV_DIS_FLAG 0
49
50 #define EFUSE_AES_KEY_ID 0
51 #define EFUSE_USER_KEY0_ID 1
52 #define EFUSE_USER_KEY1_ID 2
53
54 #define EFUSE_WRITE_PUF_DATA_WORDS (PUF_SYN_DATA_WORDS + 6)
55
56 /* Internal */
57 struct versal_efuse_write_puf_data {
58 uint32_t sec_ctrl;
59 uint32_t prgm_puf_helper_data;
60 uint32_t env_monitor_dis;
61 uint32_t syn[PUF_SYN_DATA_WORDS];
62 uint32_t chash;
63 uint32_t aux;
64 uint32_t ro_swap;
65 };
66
67 /*
68 * Max size of the buffer needed for the remote processor to DMA efuse _data_
69 * to/from
70 */
71 #define EFUSE_MAX_LEN (EFUSE_MAX_USER_FUSES * sizeof(uint32_t))
72
73 enum versal_nvm_api_id {
74 API_FEATURES = 0,
75 BBRAM_WRITE_AES_KEY = 1,
76 BBRAM_ZEROIZE = 2,
77 BBRAM_WRITE_USER_DATA = 3,
78 BBRAM_READ_USER_DATA = 4,
79 BBRAM_LOCK_WRITE_USER_DATA = 5,
80 BBRAM_WRITE_AES_KEY_FROM_PLOAD = 6,
81 EFUSE_WRITE_AES_KEY = 7,
82 EFUSE_WRITE_AES_KEY_FROM_PLOAD = 8,
83 EFUSE_WRITE_PPK_HASH = 9,
84 EFUSE_WRITE_PPK_HASH_FROM_PLOAD = 10,
85 EFUSE_WRITE_IV = 11,
86 EFUSE_WRITE_IV_FROM_PLOAD = 12,
87 EFUSE_WRITE_GLITCH_CONFIG = 13,
88 EFUSE_WRITE_DEC_ONLY = 14,
89 EFUSE_WRITE_REVOCATION_ID = 15,
90 EFUSE_WRITE_OFFCHIP_REVOKE_ID = 16,
91 EFUSE_WRITE_MISC_CTRL_BITS = 17,
92 EFUSE_WRITE_SEC_CTRL_BITS = 18,
93 EFUSE_WRITE_MISC1_CTRL_BITS = 19,
94 EFUSE_WRITE_BOOT_ENV_CTRL_BITS = 20,
95 EFUSE_WRITE_FIPS_INFO = 21,
96 EFUSE_WRITE_UDS_FROM_PLOAD = 22,
97 EFUSE_WRITE_DME_KEY_FROM_PLOAD = 23,
98 EFUSE_WRITE_DME_REVOKE = 24,
99 EFUSE_WRITE_PLM_UPDATE = 25,
100 EFUSE_WRITE_BOOT_MODE_DISABLE = 26,
101 EFUSE_WRITE_CRC = 27,
102 EFUSE_WRITE_DME_MODE = 28,
103 EFUSE_WRITE_PUF_HD_FROM_PLOAD = 29,
104 EFUSE_WRITE_PUF = 30,
105 EFUSE_WRITE_ROM_RSVD = 31,
106 EFUSE_WRITE_PUF_CTRL_BITS = 32,
107 EFUSE_READ_CACHE = 33,
108 EFUSE_RELOAD_N_PRGM_PROT_BITS = 34,
109 EFUSE_INVALID = 35,
110 };
111
112 /* uint64_t are memory addresses */
113 struct versal_efuse_data {
114 uint64_t env_mon_dis_flag;
115 uint64_t aes_key_addr;
116 uint64_t ppk_hash_addr;
117 uint64_t dec_only_addr;
118 uint64_t sec_ctrl_addr;
119 uint64_t misc_ctrl_addr;
120 uint64_t revoke_id_addr;
121 uint64_t iv_addr;
122 uint64_t user_fuse_addr;
123 uint64_t glitch_cfg_addr;
124 uint64_t boot_env_ctrl_addr;
125 uint64_t misc1_ctrl_addr;
126 uint64_t offchip_id_addr;
127 uint8_t pad[24];
128 };
129
130 /* Helper read and write requests (not part of the protocol) */
131 struct versal_nvm_buf {
132 size_t len;
133 void *buf;
134 };
135
136 struct versal_nvm_read_req {
137 enum versal_nvm_api_id efuse_id;
138 struct versal_nvm_buf ibuf[VERSAL_MAX_IPI_BUF];
139 };
140
141 struct versal_bbram_data {
142 size_t aes_key_len;
143 uint32_t user_data;
144 };
145
146 struct versal_nvm_write_req {
147 struct versal_efuse_data data;
148 struct versal_bbram_data bbram;
149 struct versal_nvm_buf ibuf[VERSAL_MAX_IPI_BUF];
150 enum versal_nvm_api_id efuse_id;
151 };
152
153 static TEE_Result
prepare_cmd(struct versal_ipi_cmd * cmd,enum versal_nvm_api_id efuse,struct versal_nvm_buf * ibufs,uint32_t * arg)154 prepare_cmd(struct versal_ipi_cmd *cmd, enum versal_nvm_api_id efuse,
155 struct versal_nvm_buf *ibufs, uint32_t *arg)
156 {
157 uint32_t low = 0;
158 uint32_t hi = 0;
159 size_t i = 0;
160
161 cmd->data[i++] = NVM_API_ID(efuse);
162 if (arg)
163 cmd->data[i++] = *arg;
164
165 if (!ibufs[0].buf)
166 return TEE_SUCCESS;
167
168 reg_pair_from_64(virt_to_phys(ibufs[0].buf), &hi, &low);
169
170 cmd->data[i++] = low;
171 cmd->data[i++] = hi;
172
173 for (i = 0; i < VERSAL_MAX_IPI_BUF; i++) {
174 cmd->ibuf[i].mem.alloc_len = ibufs[i].len;
175 cmd->ibuf[i].mem.buf = ibufs[i].buf;
176 }
177
178 return TEE_SUCCESS;
179 }
180
efuse_req(enum versal_nvm_api_id efuse,struct versal_nvm_buf * ibufs,uint32_t * arg)181 static TEE_Result efuse_req(enum versal_nvm_api_id efuse,
182 struct versal_nvm_buf *ibufs, uint32_t *arg)
183 {
184 struct versal_ipi_cmd cmd = { };
185 TEE_Result ret = TEE_SUCCESS;
186
187 ret = prepare_cmd(&cmd, efuse, ibufs, arg);
188 if (ret)
189 return ret;
190
191 ret = versal_pmc_notify(&cmd, NULL, NULL);
192 if (ret)
193 EMSG("Mailbox error");
194
195 return ret;
196 }
197
versal_alloc_read_buffer(struct versal_nvm_read_req * req)198 static TEE_Result versal_alloc_read_buffer(struct versal_nvm_read_req *req)
199 {
200 assert(req);
201 req->ibuf[0].len = 1024;
202 req->ibuf[0].buf = alloc_cache_aligned(req->ibuf[0].len);
203 if (!req->ibuf[0].buf)
204 return TEE_ERROR_OUT_OF_MEMORY;
205
206 return TEE_SUCCESS;
207 }
208
versal_free_read_buffer(struct versal_nvm_read_req * req)209 static void versal_free_read_buffer(struct versal_nvm_read_req *req)
210 {
211 assert(req);
212 free(req->ibuf[0].buf);
213 }
214
versal_get_read_buffer(struct versal_nvm_read_req * req)215 static void *versal_get_read_buffer(struct versal_nvm_read_req *req)
216 {
217 assert(req);
218 return req->ibuf[0].buf;
219 }
220
versal_nvm_read(struct versal_nvm_read_req * req)221 static TEE_Result versal_nvm_read(struct versal_nvm_read_req *req)
222 {
223 if (!req)
224 return TEE_ERROR_GENERIC;
225
226 switch (req->efuse_id) {
227 case EFUSE_READ_CACHE:
228 case BBRAM_READ_USER_DATA:
229 break;
230 default:
231 return TEE_ERROR_GENERIC;
232 }
233
234 return efuse_req(req->efuse_id, req->ibuf, NULL);
235 }
236
versal_nvm_write(struct versal_nvm_write_req * req)237 static TEE_Result versal_nvm_write(struct versal_nvm_write_req *req)
238 {
239 uint32_t *arg = NULL;
240 uint32_t val = 0;
241
242 switch (req->efuse_id) {
243 case BBRAM_WRITE_AES_KEY:
244 val = req->bbram.aes_key_len;
245 arg = &val;
246 break;
247 case BBRAM_ZEROIZE:
248 break;
249 case BBRAM_WRITE_USER_DATA:
250 val = req->bbram.user_data;
251 arg = &val;
252 break;
253 default:
254 return TEE_ERROR_GENERIC;
255 }
256
257 return efuse_req(req->efuse_id, req->ibuf, arg);
258 }
259
versal_efuse_read_cache(uint16_t off,uint16_t num,uint32_t * buf,size_t len)260 static TEE_Result versal_efuse_read_cache(uint16_t off, uint16_t num,
261 uint32_t *buf, size_t len)
262 {
263 struct versal_ipi_cmd cmd = { };
264 struct versal_mbox_mem p = { };
265 TEE_Result ret = TEE_SUCCESS;
266 uint32_t low = 0;
267 uint32_t hi = 0;
268
269 if (!buf)
270 return TEE_ERROR_BAD_PARAMETERS;
271
272 if (len < num * NVM_WORD_LEN)
273 return TEE_ERROR_BAD_PARAMETERS;
274
275 ret = versal_mbox_alloc(num * NVM_WORD_LEN, NULL, &p);
276 if (ret)
277 return ret;
278
279 reg_pair_from_64(virt_to_phys(p.buf), &hi, &low);
280
281 cmd.data[0] = NVM_API_ID(EFUSE_READ_CACHE);
282 cmd.data[1] = SHIFT_U32(num, 16) | off;
283 cmd.data[2] = low;
284 cmd.data[3] = hi;
285
286 cmd.ibuf[0].mem = p;
287
288 ret = versal_pmc_notify(&cmd, NULL, NULL);
289 if (ret)
290 EMSG("Mailbox error");
291 else
292 memcpy(buf, p.buf, num * NVM_WORD_LEN);
293
294 versal_mbox_free(&p);
295 return ret;
296 }
297
versal_efuse_read_user_data(uint32_t * buf,size_t len,uint32_t first,size_t num)298 TEE_Result versal_efuse_read_user_data(uint32_t *buf, size_t len,
299 uint32_t first, size_t num)
300 {
301 uint16_t offset = 0;
302
303 if (first + num > EFUSE_MAX_USER_FUSES || len < num * NVM_WORD_LEN)
304 return TEE_ERROR_BAD_PARAMETERS;
305
306 offset = EFUSE_CACHE_USER0_OFFSET + first * NVM_WORD_LEN;
307
308 return versal_efuse_read_cache(offset, num, buf, len);
309 }
310
versal_efuse_read_dna(uint32_t * buf,size_t len)311 TEE_Result versal_efuse_read_dna(uint32_t *buf, size_t len)
312 {
313 if (len < EFUSE_DNA_LEN)
314 return TEE_ERROR_BAD_PARAMETERS;
315
316 return versal_efuse_read_cache(EFUSE_CACHE_DNA_OFFSET,
317 EFUSE_DNA_LEN / NVM_WORD_LEN, buf, len);
318 }
319
versal_efuse_read_iv(uint32_t * buf,size_t len,enum versal_nvm_iv_type type)320 TEE_Result versal_efuse_read_iv(uint32_t *buf, size_t len,
321 enum versal_nvm_iv_type type)
322 {
323 uint16_t offset = 0;
324
325 switch (type) {
326 case EFUSE_META_HEADER_IV_RANGE:
327 offset = EFUSE_CACHE_METAHEADER_IV_RANGE0_OFFSET;
328 break;
329 case EFUSE_BLACK_IV:
330 offset = EFUSE_CACHE_BLACK_IV0_OFFSET;
331 break;
332 case EFUSE_PLM_IV_RANGE:
333 offset = EFUSE_CACHE_PLM_IV_RANGE0_OFFSET;
334 break;
335 case EFUSE_DATA_PARTITION_IV_RANGE:
336 offset = EFUSE_CACHE_DATA_PARTITION_IV_RANGE0_OFFSET;
337 break;
338 default:
339 return TEE_ERROR_BAD_PARAMETERS;
340 }
341
342 return versal_efuse_read_cache(offset, EFUSE_IV_LEN / NVM_WORD_LEN,
343 buf, len);
344 }
345
versal_efuse_read_ppk(uint32_t * buf,size_t len,enum versal_nvm_ppk_type type)346 TEE_Result versal_efuse_read_ppk(uint32_t *buf, size_t len,
347 enum versal_nvm_ppk_type type)
348 {
349 uint16_t offset = 0;
350
351 switch (type) {
352 case EFUSE_PPK0:
353 offset = EFUSE_CACHE_PPK0_OFFSET;
354 break;
355 case EFUSE_PPK1:
356 offset = EFUSE_CACHE_PPK1_OFFSET;
357 break;
358 case EFUSE_PPK2:
359 offset = EFUSE_CACHE_PPK2_OFFSET;
360 break;
361 default:
362 return TEE_ERROR_BAD_PARAMETERS;
363 }
364
365 return versal_efuse_read_cache(offset, EFUSE_PPK_LEN / NVM_WORD_LEN,
366 buf, len);
367 }
368
versal_efuse_write_user_data(uint32_t * buf __unused,size_t len __unused,uint32_t first __unused,size_t num __unused)369 TEE_Result versal_efuse_write_user_data(uint32_t *buf __unused,
370 size_t len __unused,
371 uint32_t first __unused,
372 size_t num __unused)
373 {
374 return TEE_ERROR_NOT_IMPLEMENTED;
375 }
376
do_write_efuses_buffer(enum versal_nvm_api_id id,uint16_t type,uint32_t * buf,size_t len)377 static TEE_Result do_write_efuses_buffer(enum versal_nvm_api_id id,
378 uint16_t type, uint32_t *buf,
379 size_t len)
380 {
381 struct versal_ipi_cmd cmd = { };
382 struct versal_mbox_mem p = { };
383 TEE_Result ret = TEE_SUCCESS;
384 uint32_t low = 0;
385 uint32_t hi = 0;
386
387 ret = versal_mbox_alloc(len, buf, &p);
388 if (ret)
389 return ret;
390
391 reg_pair_from_64(virt_to_phys(p.buf), &hi, &low);
392
393 cmd.data[0] = NVM_API_ID(id);
394 cmd.data[1] = SHIFT_U32(type, 16) | EFUSE_ENV_DIS_FLAG;
395 cmd.data[2] = low;
396 cmd.data[3] = hi;
397
398 cmd.ibuf[0].mem = p;
399
400 ret = versal_pmc_notify(&cmd, NULL, NULL);
401
402 versal_mbox_free(&p);
403 return ret;
404 }
405
do_write_efuses_value(enum versal_nvm_api_id id,uint32_t val)406 static TEE_Result do_write_efuses_value(enum versal_nvm_api_id id, uint32_t val)
407 {
408 struct versal_ipi_cmd cmd = { };
409
410 cmd.data[0] = NVM_API_ID(id);
411 cmd.data[1] = EFUSE_ENV_DIS_FLAG;
412 cmd.data[2] = val;
413
414 return versal_pmc_notify(&cmd, NULL, NULL);
415 }
416
do_write_efuses(enum versal_nvm_api_id id)417 static TEE_Result do_write_efuses(enum versal_nvm_api_id id)
418 {
419 return do_write_efuses_value(id, 0);
420 }
421
versal_efuse_write_aes_keys(struct versal_efuse_aes_keys * keys)422 TEE_Result versal_efuse_write_aes_keys(struct versal_efuse_aes_keys *keys)
423 {
424 TEE_Result res = TEE_SUCCESS;
425 TEE_Result res2 = TEE_SUCCESS;
426
427 if (!keys)
428 return TEE_ERROR_BAD_PARAMETERS;
429
430 if (keys->prgm_aes_key) {
431 res2 = do_write_efuses_buffer(EFUSE_WRITE_AES_KEY,
432 EFUSE_AES_KEY_ID,
433 keys->aes_key, EFUSE_AES_KEY_LEN);
434 if (res2) {
435 DMSG("Error programming AES key (0x%" PRIx32 ")", res2);
436 res = TEE_ERROR_GENERIC;
437 }
438 }
439
440 if (keys->prgm_user_key0) {
441 res2 = do_write_efuses_buffer(EFUSE_WRITE_AES_KEY,
442 EFUSE_USER_KEY0_ID,
443 keys->user_key0,
444 EFUSE_AES_KEY_LEN);
445 if (res2) {
446 DMSG("Error programming User key 0 (0x%" PRIx32 ")",
447 res2);
448 res = TEE_ERROR_GENERIC;
449 }
450 }
451
452 if (keys->prgm_user_key1) {
453 res2 = do_write_efuses_buffer(EFUSE_WRITE_AES_KEY,
454 EFUSE_USER_KEY1_ID,
455 keys->user_key1,
456 EFUSE_AES_KEY_LEN);
457 if (res2) {
458 DMSG("Error programming User key 1 (0x%" PRIx32 ")",
459 res2);
460 res = TEE_ERROR_GENERIC;
461 }
462 }
463
464 return res;
465 }
466
versal_efuse_write_ppk_hash(struct versal_efuse_ppk_hash * hash)467 TEE_Result versal_efuse_write_ppk_hash(struct versal_efuse_ppk_hash *hash)
468 {
469 TEE_Result res = TEE_SUCCESS;
470 TEE_Result res2 = TEE_SUCCESS;
471
472 if (!hash)
473 return TEE_ERROR_BAD_PARAMETERS;
474
475 if (hash->prgm_ppk0_hash) {
476 res2 = do_write_efuses_buffer(EFUSE_WRITE_PPK_HASH, EFUSE_PPK0,
477 hash->ppk0_hash, EFUSE_PPK_LEN);
478 if (res2) {
479 DMSG("Error programming PPK hash 0 (0x%" PRIx32 ")",
480 res2);
481 res = TEE_ERROR_GENERIC;
482 }
483 }
484
485 if (hash->prgm_ppk1_hash) {
486 res2 = do_write_efuses_buffer(EFUSE_WRITE_PPK_HASH, EFUSE_PPK1,
487 hash->ppk1_hash, EFUSE_PPK_LEN);
488 if (res2) {
489 DMSG("Error programming PPK hash 1 (0x%" PRIx32 ")",
490 res2);
491 res = TEE_ERROR_GENERIC;
492 }
493 }
494
495 if (hash->prgm_ppk2_hash) {
496 res2 = do_write_efuses_buffer(EFUSE_WRITE_PPK_HASH, EFUSE_PPK2,
497 hash->ppk2_hash, EFUSE_PPK_LEN);
498 if (res2) {
499 DMSG("Error programming PPK hash 2 (0x%" PRIx32 ")",
500 res2);
501 res = TEE_ERROR_GENERIC;
502 }
503 }
504
505 return res;
506 }
507
versal_efuse_write_iv(struct versal_efuse_ivs * p)508 TEE_Result versal_efuse_write_iv(struct versal_efuse_ivs *p)
509 {
510 TEE_Result res = TEE_SUCCESS;
511 TEE_Result res2 = TEE_SUCCESS;
512
513 if (!p)
514 return TEE_ERROR_BAD_PARAMETERS;
515
516 if (p->prgm_meta_header_iv) {
517 res2 = do_write_efuses_buffer(EFUSE_WRITE_IV,
518 EFUSE_META_HEADER_IV_RANGE,
519 p->meta_header_iv, EFUSE_IV_LEN);
520 if (res2) {
521 DMSG("Error programming meta header IV (0x%" PRIx32 ")",
522 res2);
523 res = TEE_ERROR_GENERIC;
524 }
525 }
526
527 if (p->prgm_blk_obfus_iv) {
528 res2 = do_write_efuses_buffer(EFUSE_WRITE_IV, EFUSE_BLACK_IV,
529 p->blk_obfus_iv, EFUSE_IV_LEN);
530 if (res2) {
531 DMSG("Error programming black IV (0x%" PRIx32 ")",
532 res2);
533 res = TEE_ERROR_GENERIC;
534 }
535 }
536
537 if (p->prgm_plm_iv) {
538 res2 = do_write_efuses_buffer(EFUSE_WRITE_IV,
539 EFUSE_PLM_IV_RANGE,
540 p->plm_iv, EFUSE_IV_LEN);
541 if (res2) {
542 DMSG("Error programming plm IV (0x%" PRIx32 ")", res2);
543 res = TEE_ERROR_GENERIC;
544 }
545 }
546
547 if (p->prgm_data_partition_iv) {
548 res2 = do_write_efuses_buffer(EFUSE_WRITE_IV,
549 EFUSE_DATA_PARTITION_IV_RANGE,
550 p->data_partition_iv,
551 EFUSE_IV_LEN);
552 if (res2) {
553 DMSG("Error programming data IV (0x%" PRIx32 ")", res2);
554 res = TEE_ERROR_GENERIC;
555 }
556 }
557
558 return res;
559 }
560
versal_efuse_write_dec_only(struct versal_efuse_dec_only * p)561 TEE_Result versal_efuse_write_dec_only(struct versal_efuse_dec_only *p)
562 {
563 if (!p)
564 return TEE_ERROR_BAD_PARAMETERS;
565
566 if (!p->prgm_dec_only)
567 return TEE_SUCCESS;
568
569 return do_write_efuses(EFUSE_WRITE_DEC_ONLY);
570 }
571
versal_efuse_write_sec(struct versal_efuse_sec_ctrl_bits * p)572 TEE_Result versal_efuse_write_sec(struct versal_efuse_sec_ctrl_bits *p)
573 {
574 uint32_t val = 0;
575
576 if (!p)
577 return TEE_ERROR_BAD_PARAMETERS;
578
579 val = SHIFT_U32(p->reg_init_dis & 0x3, 30) |
580 SHIFT_U32(p->boot_env_wr_lk & 0x1, 28) |
581 SHIFT_U32(p->sec_lock_dbg_dis & 0x3, 21) |
582 SHIFT_U32(p->sec_dbg_dis & 0x3, 19) |
583 SHIFT_U32(p->user_key1_wr_lk & 0x1, 15) |
584 SHIFT_U32(p->user_key1_crc_lk & 0x1, 14) |
585 SHIFT_U32(p->user_key0_wr_lk & 0x1, 13) |
586 SHIFT_U32(p->user_key0_crc_lk & 0x1, 12) |
587 SHIFT_U32(p->aes_wr_lk & 0x1, 11) |
588 SHIFT_U32(p->aes_crc_lk & 0x3, 9) |
589 SHIFT_U32(p->ppk2_wr_lk & 0x1, 8) |
590 SHIFT_U32(p->ppk1_wr_lk & 0x1, 7) |
591 SHIFT_U32(p->ppk0_wr_lk & 0x1, 6) |
592 SHIFT_U32(p->jtag_dis & 0x1, 2) |
593 SHIFT_U32(p->jtag_err_out_dis & 0x1, 1) |
594 (p->aes_dis & 0x1);
595
596 return do_write_efuses_value(EFUSE_WRITE_SEC_CTRL_BITS, val);
597 }
598
versal_efuse_write_misc(struct versal_efuse_misc_ctrl_bits * p)599 TEE_Result versal_efuse_write_misc(struct versal_efuse_misc_ctrl_bits *p)
600 {
601 uint32_t val = 0;
602
603 if (!p)
604 return TEE_ERROR_BAD_PARAMETERS;
605
606 val = SHIFT_U32(p->glitch_det_halt_boot_en & 0x3, 30) |
607 SHIFT_U32(p->glitch_det_rom_monitor_en & 0x1, 29) |
608 SHIFT_U32(p->halt_boot_error & 0x3, 21) |
609 SHIFT_U32(p->halt_boot_env & 0x3, 19) |
610 SHIFT_U32(p->crypto_kat_en & 0x1, 15) |
611 SHIFT_U32(p->lbist_en & 0x1, 14) |
612 SHIFT_U32(p->safety_mission_en & 0x1, 8) |
613 SHIFT_U32(p->ppk2_invalid & 0x3, 6) |
614 SHIFT_U32(p->ppk1_invalid & 0x3, 4) |
615 SHIFT_U32(p->ppk0_invalid & 0x3, 2);
616
617 return do_write_efuses_value(EFUSE_WRITE_MISC_CTRL_BITS, val);
618 }
619
620 TEE_Result
versal_efuse_write_glitch_cfg(struct versal_efuse_glitch_cfg_bits * p)621 versal_efuse_write_glitch_cfg(struct versal_efuse_glitch_cfg_bits *p)
622 {
623 uint32_t val = 0;
624
625 if (!p)
626 return TEE_ERROR_BAD_PARAMETERS;
627
628 if (!p->prgm_glitch)
629 return TEE_SUCCESS;
630
631 val = SHIFT_U32(p->glitch_det_wr_lk & 0x1, 31) | p->glitch_det_trim;
632
633 return do_write_efuses_value(EFUSE_WRITE_GLITCH_CONFIG, val);
634 }
635
636 TEE_Result
versal_efuse_write_boot_env(struct versal_efuse_boot_env_ctrl_bits * p)637 versal_efuse_write_boot_env(struct versal_efuse_boot_env_ctrl_bits *p)
638 {
639 uint32_t val = 0;
640
641 if (!p)
642 return TEE_ERROR_BAD_PARAMETERS;
643
644 val = SHIFT_U32(p->sysmon_temp_en & 0x1, 21) |
645 SHIFT_U32(p->sysmon_volt_en & 0x1, 20) |
646 SHIFT_U32(p->sysmon_temp_hot & 0x3, 17) |
647 SHIFT_U32(p->sysmon_volt_pmc & 0x3, 12) |
648 SHIFT_U32(p->sysmon_volt_pslp & 0x3, 10) |
649 SHIFT_U32(p->sysmon_volt_soc & 0x3, 8) |
650 (p->sysmon_temp_cold & 0x2);
651
652 return do_write_efuses_value(EFUSE_WRITE_BOOT_ENV_CTRL_BITS, val);
653 }
654
versal_efuse_write_sec_misc1(struct versal_efuse_sec_misc1_bits * p)655 TEE_Result versal_efuse_write_sec_misc1(struct versal_efuse_sec_misc1_bits *p)
656 {
657 uint32_t val = 0;
658
659 if (!p)
660 return TEE_ERROR_BAD_PARAMETERS;
661
662 val = SHIFT_U32(p->lpd_mbist_en & 0x7, 10) |
663 SHIFT_U32(p->pmc_mbist_en & 0x7, 7) |
664 SHIFT_U32(p->lpd_noc_sc_en & 0x7, 4) |
665 SHIFT_U32(p->sysmon_volt_mon_en & 0x3, 2) |
666 (p->sysmon_temp_mon_en & 0x3);
667
668 return do_write_efuses_value(EFUSE_WRITE_MISC1_CTRL_BITS, val);
669 }
670
versal_efuse_write_offchip_ids(struct versal_efuse_offchip_ids * p)671 TEE_Result versal_efuse_write_offchip_ids(struct versal_efuse_offchip_ids *p)
672 {
673 uint32_t id = 0;
674 bool id_valid = false;
675
676 /*
677 * XilNvm API id 0xb10 (EFUSE_WRITE_OFFCHIP_REVOKE_ID) can write a
678 * single OffChip Revoke Id eFuse bit at a time, only!
679 */
680 for (int word = 0; word <= EFUSE_OFFCHIP_REVOKE_ID_7; ++word) {
681 uint32_t current_word = p->offchip_id[word];
682
683 if (!current_word)
684 continue;
685
686 if (id_valid) {
687 EMSG("Trying to write multiple offchip IDs");
688 return TEE_ERROR_BAD_PARAMETERS;
689 }
690
691 id_valid = true;
692
693 /* Determine if only 1 bit is set. */
694 if (!IS_POWER_OF_TWO(current_word)) {
695 EMSG("Trying to write multiple bits (0x%08x) in offchip ID %u",
696 current_word, word);
697 return TEE_ERROR_BAD_PARAMETERS;
698 }
699
700 /* Determine which bit is set. */
701 id = (word * 32) + (31 - __builtin_clz(current_word));
702 }
703
704 if (!id_valid) {
705 EMSG("Trying to write no offchip IDs");
706 return TEE_ERROR_BAD_PARAMETERS;
707 }
708
709 /*
710 * Do not send any command to PLM firmware, if we do not
711 * actually want to write any eFuse. Mimics behavior of XilNvm
712 * API id EFUSE_WRITE (0xb06) on Versal.
713 */
714 if (p->prgm_offchip_id)
715 return do_write_efuses_value(EFUSE_WRITE_OFFCHIP_REVOKE_ID, id);
716
717 return TEE_SUCCESS;
718 }
719
versal_efuse_write_revoke_ppk(enum versal_nvm_ppk_type type)720 TEE_Result versal_efuse_write_revoke_ppk(enum versal_nvm_ppk_type type)
721 {
722 struct versal_efuse_misc_ctrl_bits misc_ctrl = {};
723
724 switch (type) {
725 case EFUSE_PPK0:
726 misc_ctrl.ppk0_invalid = 0x3;
727 break;
728 case EFUSE_PPK1:
729 misc_ctrl.ppk1_invalid = 0x3;
730 break;
731 case EFUSE_PPK2:
732 misc_ctrl.ppk2_invalid = 0x3;
733 break;
734 default:
735 return TEE_ERROR_BAD_PARAMETERS;
736 }
737
738 return versal_efuse_write_misc(&misc_ctrl);
739 }
740
versal_efuse_write_revoke_id(uint32_t id)741 TEE_Result versal_efuse_write_revoke_id(uint32_t id)
742 {
743 if (id < VERSAL_NET_REVOKE_EFUSE_MIN ||
744 id > VERSAL_NET_REVOKE_EFUSE_MAX)
745 return TEE_ERROR_BAD_PARAMETERS;
746
747 return do_write_efuses_value(EFUSE_WRITE_REVOCATION_ID, id);
748 }
749
versal_efuse_read_revoke_id(uint32_t * buf,size_t len,enum versal_nvm_revocation_id id)750 TEE_Result versal_efuse_read_revoke_id(uint32_t *buf, size_t len,
751 enum versal_nvm_revocation_id id)
752 {
753 uint32_t reg = EFUSE_CACHE_REVOCATION_ID0_OFFSET;
754
755 reg += id;
756
757 return versal_efuse_read_cache(reg,
758 EFUSE_REVOCATION_ID_LEN / NVM_WORD_LEN,
759 buf, len);
760 }
761
versal_efuse_read_misc_ctrl(struct versal_efuse_misc_ctrl_bits * buf)762 TEE_Result versal_efuse_read_misc_ctrl(struct versal_efuse_misc_ctrl_bits *buf)
763 {
764 TEE_Result ret = TEE_SUCCESS;
765 uint32_t misc_ctrl = 0;
766
767 if (!buf)
768 return TEE_ERROR_BAD_PARAMETERS;
769
770 ret = versal_efuse_read_cache(EFUSE_CACHE_MISC_CTRL_OFFSET, 1,
771 &misc_ctrl, sizeof(misc_ctrl));
772 if (ret)
773 return ret;
774
775 buf->glitch_det_halt_boot_en = (misc_ctrl & GENMASK_32(31, 30)) >> 30;
776 buf->glitch_det_rom_monitor_en = (misc_ctrl & BIT(29)) >> 29;
777 buf->halt_boot_error = (misc_ctrl & GENMASK_32(22, 21)) >> 21;
778 buf->halt_boot_env = (misc_ctrl & GENMASK_32(20, 19)) >> 19;
779 buf->crypto_kat_en = (misc_ctrl & BIT(15)) >> 15;
780 buf->lbist_en = (misc_ctrl & BIT(14)) >> 14;
781 buf->safety_mission_en = (misc_ctrl & BIT(8)) >> 8;
782 buf->ppk0_invalid = (misc_ctrl & GENMASK_32(7, 6)) >> 6;
783 buf->ppk1_invalid = (misc_ctrl & GENMASK_32(5, 4)) >> 4;
784 buf->ppk2_invalid = (misc_ctrl & GENMASK_32(3, 2)) >> 2;
785
786 return TEE_SUCCESS;
787 }
788
versal_efuse_read_sec_ctrl(struct versal_efuse_sec_ctrl_bits * buf)789 TEE_Result versal_efuse_read_sec_ctrl(struct versal_efuse_sec_ctrl_bits *buf)
790 {
791 TEE_Result ret = TEE_SUCCESS;
792 uint32_t sec_ctrl = 0;
793
794 if (!buf)
795 return TEE_ERROR_BAD_PARAMETERS;
796
797 ret = versal_efuse_read_cache(EFUSE_CACHE_SEC_CTRL_OFFSET, 1,
798 &sec_ctrl, sizeof(sec_ctrl));
799 if (ret)
800 return ret;
801
802 buf->aes_dis = sec_ctrl & BIT(0);
803 buf->jtag_err_out_dis = (sec_ctrl & BIT(1)) >> 1;
804 buf->jtag_dis = (sec_ctrl & BIT(2)) >> 2;
805 buf->ppk0_wr_lk = (sec_ctrl & BIT(6)) >> 6;
806 buf->ppk1_wr_lk = (sec_ctrl & BIT(7)) >> 7;
807 buf->ppk2_wr_lk = (sec_ctrl & BIT(8)) >> 8;
808 buf->aes_crc_lk = (sec_ctrl & GENMASK_32(10, 9)) >> 9;
809 buf->aes_wr_lk = (sec_ctrl & BIT(11)) >> 11;
810 buf->user_key0_crc_lk = (sec_ctrl & BIT(12)) >> 12;
811 buf->user_key0_wr_lk = (sec_ctrl & BIT(13)) >> 13;
812 buf->user_key1_crc_lk = (sec_ctrl & BIT(14)) >> 14;
813 buf->user_key1_wr_lk = (sec_ctrl & BIT(15)) >> 15;
814 buf->sec_dbg_dis = (sec_ctrl & GENMASK_32(20, 19)) >> 19;
815 buf->sec_lock_dbg_dis = (sec_ctrl & GENMASK_32(22, 21)) >> 21;
816 buf->boot_env_wr_lk = (sec_ctrl & BIT(28)) >> 28;
817 buf->reg_init_dis = (sec_ctrl & GENMASK_32(31, 30)) >> 30;
818
819 return TEE_SUCCESS;
820 }
821
versal_efuse_read_sec_misc1(struct versal_efuse_sec_misc1_bits * buf)822 TEE_Result versal_efuse_read_sec_misc1(struct versal_efuse_sec_misc1_bits *buf)
823 {
824 TEE_Result ret = TEE_SUCCESS;
825 uint32_t sec_misc1 = 0;
826
827 if (!buf)
828 return TEE_ERROR_BAD_PARAMETERS;
829
830 ret = versal_efuse_read_cache(EFUSE_CACHE_SEC_MISC1_OFFSET, 1,
831 &sec_misc1, sizeof(sec_misc1));
832 if (ret)
833 return ret;
834
835 buf->lpd_mbist_en = (sec_misc1 & GENMASK_32(12, 10)) >> 10;
836 buf->pmc_mbist_en = (sec_misc1 & GENMASK_32(9, 7)) >> 7;
837 buf->lpd_noc_sc_en = (sec_misc1 & GENMASK_32(6, 4)) >> 4;
838 buf->sysmon_volt_mon_en = (sec_misc1 & GENMASK_32(3, 2)) >> 2;
839 buf->sysmon_temp_mon_en = sec_misc1 & GENMASK_32(1, 0);
840
841 return TEE_SUCCESS;
842 }
843
844 TEE_Result
versal_efuse_read_boot_env_ctrl(struct versal_efuse_boot_env_ctrl_bits * buf)845 versal_efuse_read_boot_env_ctrl(struct versal_efuse_boot_env_ctrl_bits *buf)
846 {
847 TEE_Result ret = TEE_SUCCESS;
848 uint32_t boot_env_ctrl = 0;
849
850 if (!buf)
851 return TEE_ERROR_BAD_PARAMETERS;
852
853 ret = versal_efuse_read_cache(EFUSE_CACHE_BOOT_ENV_CTRL_OFFSET, 1,
854 &boot_env_ctrl, sizeof(boot_env_ctrl));
855 if (ret)
856 return ret;
857
858 buf->sysmon_temp_en = (boot_env_ctrl & BIT(21)) >> 21;
859 buf->sysmon_volt_en = (boot_env_ctrl & BIT(20)) >> 20;
860 buf->sysmon_temp_hot = (boot_env_ctrl & GENMASK_32(18, 17)) >> 17;
861 buf->sysmon_volt_pmc = (boot_env_ctrl & GENMASK_32(13, 12)) >> 12;
862 buf->sysmon_volt_pslp = (boot_env_ctrl & GENMASK_32(11, 10)) >> 10;
863 buf->sysmon_volt_soc = (boot_env_ctrl & GENMASK_32(9, 8)) >> 8;
864 buf->sysmon_temp_cold = boot_env_ctrl & GENMASK_32(1, 0);
865
866 return TEE_SUCCESS;
867 }
868
versal_efuse_read_offchip_revoke_id(uint32_t * buf,size_t len,enum versal_nvm_offchip_id id)869 TEE_Result versal_efuse_read_offchip_revoke_id(uint32_t *buf, size_t len,
870 enum versal_nvm_offchip_id id)
871 {
872 uint32_t reg = EFUSE_CACHE_OFFCHIP_REVOKE_ID0_OFFSET;
873
874 if (len < EFUSE_OFFCHIP_REVOCATION_ID_LEN)
875 return TEE_ERROR_BAD_PARAMETERS;
876
877 reg += id;
878
879 return versal_efuse_read_cache(reg,
880 EFUSE_OFFCHIP_REVOCATION_ID_LEN /
881 NVM_WORD_LEN,
882 buf, len);
883 }
884
versal_efuse_read_dec_only(uint32_t * buf,size_t len)885 TEE_Result versal_efuse_read_dec_only(uint32_t *buf, size_t len)
886 {
887 TEE_Result ret = TEE_SUCCESS;
888 uint32_t sec_misc0 = 0;
889
890 if (len < EFUSE_DEC_ONLY_LEN)
891 return TEE_ERROR_BAD_PARAMETERS;
892
893 ret = versal_efuse_read_cache(EFUSE_CACHE_SEC_MISC0_OFFSET, 1,
894 &sec_misc0, sizeof(sec_misc0));
895 if (ret)
896 return ret;
897
898 sec_misc0 &= GENMASK_32(15, 0);
899
900 memcpy(buf, &sec_misc0, EFUSE_DEC_ONLY_LEN);
901
902 return TEE_SUCCESS;
903 }
904
versal_efuse_read_puf_sec_ctrl(struct versal_efuse_puf_sec_ctrl_bits * buf)905 TEE_Result versal_efuse_read_puf_sec_ctrl(struct versal_efuse_puf_sec_ctrl_bits
906 *buf)
907 {
908 TEE_Result ret = TEE_SUCCESS;
909 uint32_t puf_ctrl = 0;
910 uint32_t sec_ctrl = 0;
911
912 if (!buf)
913 return TEE_ERROR_BAD_PARAMETERS;
914
915 ret = versal_efuse_read_cache(EFUSE_CACHE_PUF_ECC_CTRL_OFFSET, 1,
916 &puf_ctrl, sizeof(puf_ctrl));
917 if (ret)
918 return ret;
919
920 /* Some fuses have moved from PUF_ECC_CTRL to SECURITY_CTRL */
921 ret = versal_efuse_read_cache(EFUSE_CACHE_SEC_CTRL_OFFSET, 1,
922 &sec_ctrl, sizeof(sec_ctrl));
923 if (ret)
924 return ret;
925
926 buf->puf_regen_dis = (puf_ctrl & BIT(31)) >> 31;
927 buf->puf_hd_invalid = (puf_ctrl & BIT(30)) >> 30;
928 buf->puf_test2_dis = (puf_ctrl & BIT(29)) >> 29;
929 buf->puf_dis = (sec_ctrl & BIT(18)) >> 18;
930 buf->puf_syn_lk = (sec_ctrl & BIT(16)) >> 16;
931
932 return TEE_SUCCESS;
933 }
934
versal_efuse_read_puf(struct versal_efuse_puf_header * buf)935 TEE_Result versal_efuse_read_puf(struct versal_efuse_puf_header *buf)
936 {
937 TEE_Result ret = TEE_SUCCESS;
938
939 if (!buf)
940 return TEE_ERROR_BAD_PARAMETERS;
941
942 ret = versal_efuse_read_puf_sec_ctrl(&buf->sec_ctrl);
943 if (ret)
944 return ret;
945
946 ret = versal_efuse_read_cache(EFUSE_CACHE_SEC_CTRL_OFFSET, 1,
947 &buf->aux, sizeof(uint32_t));
948 if (ret)
949 return ret;
950
951 buf->aux &= GENMASK_32(23, 0);
952
953 ret = versal_efuse_read_cache(EFUSE_CACHE_PUF_CHASH_OFFSET, 1,
954 &buf->chash, sizeof(uint32_t));
955 if (ret)
956 return ret;
957
958 return versal_efuse_read_cache(EFUSE_CACHE_PUF_SYN0_OFFSET,
959 PUF_SYN_DATA_WORDS, buf->efuse_syn_data,
960 PUF_SYN_DATA_WORDS * NVM_WORD_LEN);
961 }
962
963 TEE_Result
versal_efuse_read_puf_as_user_fuse(struct versal_efuse_puf_user_fuse * p __unused)964 versal_efuse_read_puf_as_user_fuse(struct versal_efuse_puf_user_fuse
965 *p __unused)
966 {
967 return TEE_ERROR_NOT_IMPLEMENTED;
968 }
969
versal_efuse_write_puf_as_user_fuse(struct versal_efuse_puf_user_fuse * p __unused)970 TEE_Result versal_efuse_write_puf_as_user_fuse(struct versal_efuse_puf_user_fuse
971 *p __unused)
972 {
973 return TEE_ERROR_NOT_IMPLEMENTED;
974 }
975
versal_efuse_write_puf(struct versal_efuse_puf_header * buf)976 TEE_Result versal_efuse_write_puf(struct versal_efuse_puf_header *buf)
977 {
978 struct versal_ipi_cmd cmd = { };
979 struct versal_mbox_mem p = { };
980 TEE_Result ret = TEE_SUCCESS;
981 uint32_t low = 0;
982 uint32_t hi = 0;
983 struct versal_efuse_write_puf_data *data = NULL;
984
985 if (!buf)
986 return TEE_ERROR_BAD_PARAMETERS;
987
988 ret = versal_mbox_alloc(EFUSE_WRITE_PUF_DATA_WORDS * NVM_WORD_LEN,
989 NULL, &p);
990 if (ret)
991 return ret;
992
993 data = p.buf;
994
995 data->sec_ctrl = 0;
996 data->prgm_puf_helper_data = buf->prmg_puf_helper_data;
997 data->env_monitor_dis = buf->env_monitor_dis;
998 memcpy(data->syn, buf->efuse_syn_data,
999 PUF_SYN_DATA_WORDS * NVM_WORD_LEN);
1000 data->chash = buf->chash;
1001 data->aux = buf->aux;
1002 data->ro_swap = 0;
1003
1004 reg_pair_from_64(virt_to_phys(p.buf), &hi, &low);
1005
1006 cmd.data[0] = NVM_API_ID(EFUSE_WRITE_PUF);
1007 cmd.data[2] = low;
1008 cmd.data[3] = hi;
1009
1010 cmd.ibuf[0].mem = p;
1011
1012 ret = versal_pmc_notify(&cmd, NULL, NULL);
1013
1014 versal_mbox_free(&p);
1015 return ret;
1016 }
1017
versal_bbram_write_aes_key(uint8_t * key,size_t len)1018 TEE_Result versal_bbram_write_aes_key(uint8_t *key, size_t len)
1019 {
1020 struct versal_nvm_write_req req __aligned_efuse = {
1021 .efuse_id = BBRAM_WRITE_AES_KEY,
1022 .bbram.aes_key_len = len,
1023 };
1024 void *buf = NULL;
1025
1026 if (len != 32)
1027 return TEE_ERROR_BAD_PARAMETERS;
1028
1029 buf = alloc_cache_aligned(1024);
1030 if (!buf)
1031 return TEE_ERROR_OUT_OF_MEMORY;
1032
1033 memcpy(buf, key, len);
1034
1035 req.ibuf[0].buf = buf;
1036 req.ibuf[0].len = 1024;
1037
1038 if (versal_nvm_write(&req)) {
1039 free(buf);
1040 return TEE_ERROR_GENERIC;
1041 }
1042 free(buf);
1043
1044 return TEE_SUCCESS;
1045 }
1046
versal_bbram_zeroize(void)1047 TEE_Result versal_bbram_zeroize(void)
1048 {
1049 struct versal_nvm_write_req req __aligned_efuse = {
1050 .efuse_id = BBRAM_ZEROIZE,
1051 };
1052
1053 if (versal_nvm_write(&req))
1054 return TEE_ERROR_GENERIC;
1055
1056 return TEE_SUCCESS;
1057 }
1058
versal_bbram_write_user_data(uint32_t data)1059 TEE_Result versal_bbram_write_user_data(uint32_t data)
1060 {
1061 struct versal_nvm_write_req req __aligned_efuse = {
1062 .efuse_id = BBRAM_WRITE_USER_DATA,
1063 .bbram.user_data = data,
1064 };
1065
1066 if (versal_nvm_write(&req))
1067 return TEE_ERROR_GENERIC;
1068
1069 return TEE_SUCCESS;
1070 }
1071
versal_bbram_read_user_data(uint32_t * data)1072 TEE_Result versal_bbram_read_user_data(uint32_t *data)
1073 {
1074 struct versal_nvm_read_req req = {
1075 .efuse_id = BBRAM_READ_USER_DATA,
1076 };
1077
1078 if (versal_alloc_read_buffer(&req))
1079 return TEE_ERROR_OUT_OF_MEMORY;
1080
1081 if (versal_nvm_read(&req)) {
1082 versal_free_read_buffer(&req);
1083 return TEE_ERROR_GENERIC;
1084 }
1085
1086 memcpy(data, versal_get_read_buffer(&req), sizeof(*data));
1087 versal_free_read_buffer(&req);
1088
1089 return TEE_SUCCESS;
1090 }
1091
versal_bbram_lock_write_user_data(void)1092 TEE_Result versal_bbram_lock_write_user_data(void)
1093 {
1094 struct versal_nvm_write_req req __aligned_efuse = {
1095 .efuse_id = BBRAM_LOCK_WRITE_USER_DATA,
1096 };
1097
1098 if (versal_nvm_write(&req))
1099 return TEE_ERROR_GENERIC;
1100
1101 return TEE_SUCCESS;
1102 }
1103