1d64485e4SEtienne Carriere // SPDX-License-Identifier: BSD-3-Clause 2d64485e4SEtienne Carriere /* 38afb7c41SEtienne Carriere * Copyright (c) 2017-2021, STMicroelectronics 4d64485e4SEtienne Carriere */ 5d64485e4SEtienne Carriere 6d64485e4SEtienne Carriere #include <assert.h> 7890703c3SEtienne Carriere #include <config.h> 8d64485e4SEtienne Carriere #include <drivers/stm32_bsec.h> 9d64485e4SEtienne Carriere #include <io.h> 10d64485e4SEtienne Carriere #include <kernel/delay.h> 11890703c3SEtienne Carriere #include <kernel/dt.h> 1265401337SJens Wiklander #include <kernel/boot.h> 13d64485e4SEtienne Carriere #include <kernel/spinlock.h> 14a2fc83d1SJerome Forissier #include <libfdt.h> 15d64485e4SEtienne Carriere #include <limits.h> 16d64485e4SEtienne Carriere #include <mm/core_memprot.h> 17d64485e4SEtienne Carriere #include <platform_config.h> 18d64485e4SEtienne Carriere #include <stm32_util.h> 19ef9888dcSEtienne Carriere #include <string.h> 20ef9888dcSEtienne Carriere #include <tee_api_defines.h> 21d64485e4SEtienne Carriere #include <types_ext.h> 22d64485e4SEtienne Carriere #include <util.h> 23d64485e4SEtienne Carriere 24d64485e4SEtienne Carriere #define BSEC_OTP_MASK GENMASK_32(4, 0) 254bbd20f1SGatien Chevallier #define BSEC_OTP_BANK_SHIFT U(5) 26d64485e4SEtienne Carriere 27d64485e4SEtienne Carriere /* Permanent lock bitmasks */ 284bbd20f1SGatien Chevallier #define DATA_LOWER_OTP_PERLOCK_BIT U(3) 294bbd20f1SGatien Chevallier #define DATA_UPPER_OTP_PERLOCK_BIT U(1) 30d64485e4SEtienne Carriere 31d64485e4SEtienne Carriere /* BSEC register offset */ 324bbd20f1SGatien Chevallier #define BSEC_OTP_CONF_OFF U(0x000) 334bbd20f1SGatien Chevallier #define BSEC_OTP_CTRL_OFF U(0x004) 344bbd20f1SGatien Chevallier #define BSEC_OTP_WRDATA_OFF U(0x008) 354bbd20f1SGatien Chevallier #define BSEC_OTP_STATUS_OFF U(0x00C) 364bbd20f1SGatien Chevallier #define BSEC_OTP_LOCK_OFF U(0x010) 374bbd20f1SGatien Chevallier #define BSEC_DEN_OFF U(0x014) 384bbd20f1SGatien Chevallier #define BSEC_FEN_OFF U(0x018) 394bbd20f1SGatien Chevallier #define BSEC_DISTURBED_OFF U(0x01C) 404bbd20f1SGatien Chevallier #define BSEC_DISTURBED1_OFF U(0x020) 414bbd20f1SGatien Chevallier #define BSEC_DISTURBED2_OFF U(0x024) 424bbd20f1SGatien Chevallier #define BSEC_ERROR_OFF U(0x034) 434bbd20f1SGatien Chevallier #define BSEC_ERROR1_OFF U(0x038) 444bbd20f1SGatien Chevallier #define BSEC_ERROR2_OFF U(0x03C) 454bbd20f1SGatien Chevallier #define BSEC_WRLOCK_OFF U(0x04C) 464bbd20f1SGatien Chevallier #define BSEC_WRLOCK1_OFF U(0x050) 474bbd20f1SGatien Chevallier #define BSEC_WRLOCK2_OFF U(0x054) 484bbd20f1SGatien Chevallier #define BSEC_SPLOCK_OFF U(0x064) 494bbd20f1SGatien Chevallier #define BSEC_SPLOCK1_OFF U(0x068) 504bbd20f1SGatien Chevallier #define BSEC_SPLOCK2_OFF U(0x06C) 514bbd20f1SGatien Chevallier #define BSEC_SWLOCK_OFF U(0x07C) 524bbd20f1SGatien Chevallier #define BSEC_SWLOCK1_OFF U(0x080) 534bbd20f1SGatien Chevallier #define BSEC_SWLOCK2_OFF U(0x084) 544bbd20f1SGatien Chevallier #define BSEC_SRLOCK_OFF U(0x094) 554bbd20f1SGatien Chevallier #define BSEC_SRLOCK1_OFF U(0x098) 564bbd20f1SGatien Chevallier #define BSEC_SRLOCK2_OFF U(0x09C) 574bbd20f1SGatien Chevallier #define BSEC_JTAG_IN_OFF U(0x0AC) 584bbd20f1SGatien Chevallier #define BSEC_JTAG_OUT_OFF U(0x0B0) 594bbd20f1SGatien Chevallier #define BSEC_SCRATCH_OFF U(0x0B4) 604bbd20f1SGatien Chevallier #define BSEC_OTP_DATA_OFF U(0x200) 614bbd20f1SGatien Chevallier #define BSEC_IPHW_CFG_OFF U(0xFF0) 624bbd20f1SGatien Chevallier #define BSEC_IPVR_OFF U(0xFF4) 634bbd20f1SGatien Chevallier #define BSEC_IP_ID_OFF U(0xFF8) 644bbd20f1SGatien Chevallier #define BSEC_IP_MAGIC_ID_OFF U(0xFFC) 65d64485e4SEtienne Carriere 66d64485e4SEtienne Carriere /* BSEC_CONFIGURATION Register */ 67d64485e4SEtienne Carriere #define BSEC_CONF_POWER_UP_MASK BIT(0) 684bbd20f1SGatien Chevallier #define BSEC_CONF_POWER_UP_SHIFT U(0) 69d64485e4SEtienne Carriere #define BSEC_CONF_FRQ_MASK GENMASK_32(2, 1) 704bbd20f1SGatien Chevallier #define BSEC_CONF_FRQ_SHIFT U(1) 71d64485e4SEtienne Carriere #define BSEC_CONF_PRG_WIDTH_MASK GENMASK_32(6, 3) 724bbd20f1SGatien Chevallier #define BSEC_CONF_PRG_WIDTH_SHIFT U(3) 73d64485e4SEtienne Carriere #define BSEC_CONF_TREAD_MASK GENMASK_32(8, 7) 744bbd20f1SGatien Chevallier #define BSEC_CONF_TREAD_SHIFT U(7) 75d64485e4SEtienne Carriere 76d64485e4SEtienne Carriere /* BSEC_CONTROL Register */ 774bbd20f1SGatien Chevallier #define BSEC_READ U(0x000) 784bbd20f1SGatien Chevallier #define BSEC_WRITE U(0x100) 794bbd20f1SGatien Chevallier #define BSEC_LOCK U(0x200) 80d64485e4SEtienne Carriere 81d64485e4SEtienne Carriere /* BSEC_STATUS Register */ 82d64485e4SEtienne Carriere #define BSEC_MODE_STATUS_MASK GENMASK_32(2, 0) 83d64485e4SEtienne Carriere #define BSEC_MODE_BUSY_MASK BIT(3) 84d64485e4SEtienne Carriere #define BSEC_MODE_PROGFAIL_MASK BIT(4) 85d64485e4SEtienne Carriere #define BSEC_MODE_PWR_MASK BIT(5) 86d64485e4SEtienne Carriere #define BSEC_MODE_BIST1_LOCK_MASK BIT(6) 87d64485e4SEtienne Carriere #define BSEC_MODE_BIST2_LOCK_MASK BIT(7) 88d64485e4SEtienne Carriere 89d64485e4SEtienne Carriere /* 90d64485e4SEtienne Carriere * OTP Lock services definition 91d64485e4SEtienne Carriere * Value must corresponding to the bit position in the register 92d64485e4SEtienne Carriere */ 934bbd20f1SGatien Chevallier #define BSEC_LOCK_UPPER_OTP U(0x00) 944bbd20f1SGatien Chevallier #define BSEC_LOCK_DEBUG U(0x02) 954bbd20f1SGatien Chevallier #define BSEC_LOCK_PROGRAM U(0x04) 96d64485e4SEtienne Carriere 97d64485e4SEtienne Carriere /* Timeout when polling on status */ 984bbd20f1SGatien Chevallier #define BSEC_TIMEOUT_US U(10000) 99890703c3SEtienne Carriere 100d64485e4SEtienne Carriere struct bsec_dev { 101d64485e4SEtienne Carriere struct io_pa_va base; 102d64485e4SEtienne Carriere unsigned int upper_base; 103d64485e4SEtienne Carriere unsigned int max_id; 104890703c3SEtienne Carriere uint32_t *nsec_access; 105d64485e4SEtienne Carriere }; 106d64485e4SEtienne Carriere 107d64485e4SEtienne Carriere /* Only 1 instance of BSEC is expected per platform */ 108d64485e4SEtienne Carriere static struct bsec_dev bsec_dev; 109d64485e4SEtienne Carriere 110d64485e4SEtienne Carriere /* BSEC access protection */ 111d64485e4SEtienne Carriere static unsigned int lock = SPINLOCK_UNLOCK; 112d64485e4SEtienne Carriere 113d64485e4SEtienne Carriere static uint32_t bsec_lock(void) 114d64485e4SEtienne Carriere { 115d64485e4SEtienne Carriere return may_spin_lock(&lock); 116d64485e4SEtienne Carriere } 117d64485e4SEtienne Carriere 118d64485e4SEtienne Carriere static void bsec_unlock(uint32_t exceptions) 119d64485e4SEtienne Carriere { 120d64485e4SEtienne Carriere may_spin_unlock(&lock, exceptions); 121d64485e4SEtienne Carriere } 122d64485e4SEtienne Carriere 123d64485e4SEtienne Carriere static uint32_t otp_max_id(void) 124d64485e4SEtienne Carriere { 125d64485e4SEtienne Carriere return bsec_dev.max_id; 126d64485e4SEtienne Carriere } 127d64485e4SEtienne Carriere 128586eee81SEtienne Carriere static uint32_t otp_upper_base(void) 129586eee81SEtienne Carriere { 130586eee81SEtienne Carriere return bsec_dev.upper_base; 131586eee81SEtienne Carriere } 132586eee81SEtienne Carriere 133d64485e4SEtienne Carriere static uint32_t otp_bank_offset(uint32_t otp_id) 134d64485e4SEtienne Carriere { 135d64485e4SEtienne Carriere assert(otp_id <= otp_max_id()); 136d64485e4SEtienne Carriere 137d64485e4SEtienne Carriere return ((otp_id & ~BSEC_OTP_MASK) >> BSEC_OTP_BANK_SHIFT) * 138d64485e4SEtienne Carriere sizeof(uint32_t); 139d64485e4SEtienne Carriere } 140d64485e4SEtienne Carriere 141d64485e4SEtienne Carriere static vaddr_t bsec_base(void) 142d64485e4SEtienne Carriere { 143c2e4eb43SAnton Rybakov return io_pa_or_va_secure(&bsec_dev.base, BSEC_IP_MAGIC_ID_OFF + 1); 144d64485e4SEtienne Carriere } 145d64485e4SEtienne Carriere 146d64485e4SEtienne Carriere static uint32_t bsec_status(void) 147d64485e4SEtienne Carriere { 148d64485e4SEtienne Carriere return io_read32(bsec_base() + BSEC_OTP_STATUS_OFF); 149d64485e4SEtienne Carriere } 150d64485e4SEtienne Carriere 1511ac4ea14SEtienne Carriere /* 1521ac4ea14SEtienne Carriere * Check that BSEC interface does not report an error 1531ac4ea14SEtienne Carriere * @otp_id : OTP number 1541ac4ea14SEtienne Carriere * @check_disturbed: check only error (false) or all sources (true) 1551ac4ea14SEtienne Carriere * Return a TEE_Result compliant value 1561ac4ea14SEtienne Carriere */ 1571ac4ea14SEtienne Carriere static TEE_Result check_no_error(uint32_t otp_id, bool check_disturbed) 158d64485e4SEtienne Carriere { 159d64485e4SEtienne Carriere uint32_t bit = BIT(otp_id & BSEC_OTP_MASK); 160d64485e4SEtienne Carriere uint32_t bank = otp_bank_offset(otp_id); 161d64485e4SEtienne Carriere 1621ac4ea14SEtienne Carriere if (io_read32(bsec_base() + BSEC_ERROR_OFF + bank) & bit) 163d64485e4SEtienne Carriere return TEE_ERROR_GENERIC; 164d64485e4SEtienne Carriere 1651ac4ea14SEtienne Carriere if (check_disturbed && 1661ac4ea14SEtienne Carriere io_read32(bsec_base() + BSEC_DISTURBED_OFF + bank) & bit) 167d64485e4SEtienne Carriere return TEE_ERROR_GENERIC; 168d64485e4SEtienne Carriere 169d64485e4SEtienne Carriere return TEE_SUCCESS; 170d64485e4SEtienne Carriere } 171d64485e4SEtienne Carriere 172d64485e4SEtienne Carriere static TEE_Result power_up_safmem(void) 173d64485e4SEtienne Carriere { 174d64485e4SEtienne Carriere uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 175d64485e4SEtienne Carriere 176d64485e4SEtienne Carriere io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, BSEC_CONF_POWER_UP_MASK, 177d64485e4SEtienne Carriere BSEC_CONF_POWER_UP_MASK); 178d64485e4SEtienne Carriere 179d64485e4SEtienne Carriere /* 180d64485e4SEtienne Carriere * If a timeout is detected, test the condition again to consider 181d64485e4SEtienne Carriere * cases where timeout is due to the executing TEE thread rescheduling. 182d64485e4SEtienne Carriere */ 183d64485e4SEtienne Carriere while (!timeout_elapsed(timeout_ref)) 184d64485e4SEtienne Carriere if (bsec_status() & BSEC_MODE_PWR_MASK) 185d64485e4SEtienne Carriere break; 186d64485e4SEtienne Carriere 187d64485e4SEtienne Carriere if (bsec_status() & BSEC_MODE_PWR_MASK) 188d64485e4SEtienne Carriere return TEE_SUCCESS; 189d64485e4SEtienne Carriere 190d64485e4SEtienne Carriere return TEE_ERROR_GENERIC; 191d64485e4SEtienne Carriere } 192d64485e4SEtienne Carriere 193d64485e4SEtienne Carriere static TEE_Result power_down_safmem(void) 194d64485e4SEtienne Carriere { 195d64485e4SEtienne Carriere uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 196d64485e4SEtienne Carriere 197d64485e4SEtienne Carriere io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, 0, BSEC_CONF_POWER_UP_MASK); 198d64485e4SEtienne Carriere 199d64485e4SEtienne Carriere /* 200d64485e4SEtienne Carriere * If a timeout is detected, test the condition again to consider 201d64485e4SEtienne Carriere * cases where timeout is due to the executing TEE thread rescheduling. 202d64485e4SEtienne Carriere */ 203d64485e4SEtienne Carriere while (!timeout_elapsed(timeout_ref)) 204d64485e4SEtienne Carriere if (!(bsec_status() & BSEC_MODE_PWR_MASK)) 205d64485e4SEtienne Carriere break; 206d64485e4SEtienne Carriere 207d64485e4SEtienne Carriere if (!(bsec_status() & BSEC_MODE_PWR_MASK)) 208d64485e4SEtienne Carriere return TEE_SUCCESS; 209d64485e4SEtienne Carriere 210d64485e4SEtienne Carriere return TEE_ERROR_GENERIC; 211d64485e4SEtienne Carriere } 212d64485e4SEtienne Carriere 213d64485e4SEtienne Carriere TEE_Result stm32_bsec_shadow_register(uint32_t otp_id) 214d64485e4SEtienne Carriere { 215d64485e4SEtienne Carriere TEE_Result result = 0; 216d64485e4SEtienne Carriere uint32_t exceptions = 0; 217d64485e4SEtienne Carriere uint64_t timeout_ref = 0; 218ef9888dcSEtienne Carriere bool locked = false; 219d64485e4SEtienne Carriere 220ef9888dcSEtienne Carriere /* Check if shadowing of OTP is locked, informative only */ 221ef9888dcSEtienne Carriere result = stm32_bsec_read_sr_lock(otp_id, &locked); 222ef9888dcSEtienne Carriere if (result) 223ef9888dcSEtienne Carriere return result; 224d64485e4SEtienne Carriere 225ef9888dcSEtienne Carriere if (locked) 226ef9888dcSEtienne Carriere DMSG("BSEC shadow warning: OTP locked"); 227d64485e4SEtienne Carriere 228d64485e4SEtienne Carriere exceptions = bsec_lock(); 229d64485e4SEtienne Carriere 230d64485e4SEtienne Carriere result = power_up_safmem(); 231d64485e4SEtienne Carriere if (result) 2327b05d514SEtienne Carriere goto out; 233d64485e4SEtienne Carriere 234d64485e4SEtienne Carriere io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_READ); 235d64485e4SEtienne Carriere 236d64485e4SEtienne Carriere timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 237d64485e4SEtienne Carriere while (!timeout_elapsed(timeout_ref)) 238d64485e4SEtienne Carriere if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 239d64485e4SEtienne Carriere break; 240d64485e4SEtienne Carriere 241d64485e4SEtienne Carriere if (bsec_status() & BSEC_MODE_BUSY_MASK) 2428afb7c41SEtienne Carriere result = TEE_ERROR_BUSY; 243d64485e4SEtienne Carriere else 2441ac4ea14SEtienne Carriere result = check_no_error(otp_id, true /* check-disturbed */); 245d64485e4SEtienne Carriere 246d64485e4SEtienne Carriere power_down_safmem(); 247d64485e4SEtienne Carriere 2487b05d514SEtienne Carriere out: 249d64485e4SEtienne Carriere bsec_unlock(exceptions); 250d64485e4SEtienne Carriere 251d64485e4SEtienne Carriere return result; 252d64485e4SEtienne Carriere } 253d64485e4SEtienne Carriere 254d64485e4SEtienne Carriere TEE_Result stm32_bsec_read_otp(uint32_t *value, uint32_t otp_id) 255d64485e4SEtienne Carriere { 256d64485e4SEtienne Carriere if (otp_id > otp_max_id()) 257d64485e4SEtienne Carriere return TEE_ERROR_BAD_PARAMETERS; 258d64485e4SEtienne Carriere 259d64485e4SEtienne Carriere *value = io_read32(bsec_base() + BSEC_OTP_DATA_OFF + 260d64485e4SEtienne Carriere (otp_id * sizeof(uint32_t))); 261d64485e4SEtienne Carriere 2621ac4ea14SEtienne Carriere return TEE_SUCCESS; 263d64485e4SEtienne Carriere } 264d64485e4SEtienne Carriere 265d64485e4SEtienne Carriere TEE_Result stm32_bsec_shadow_read_otp(uint32_t *otp_value, uint32_t otp_id) 266d64485e4SEtienne Carriere { 267d64485e4SEtienne Carriere TEE_Result result = 0; 268d64485e4SEtienne Carriere 269d64485e4SEtienne Carriere result = stm32_bsec_shadow_register(otp_id); 270d64485e4SEtienne Carriere if (result) { 271ef9888dcSEtienne Carriere EMSG("BSEC %"PRIu32" Shadowing Error %#"PRIx32, otp_id, result); 272d64485e4SEtienne Carriere return result; 273d64485e4SEtienne Carriere } 274d64485e4SEtienne Carriere 275d64485e4SEtienne Carriere result = stm32_bsec_read_otp(otp_value, otp_id); 276d64485e4SEtienne Carriere if (result) 277ef9888dcSEtienne Carriere EMSG("BSEC %"PRIu32" Read Error %#"PRIx32, otp_id, result); 278d64485e4SEtienne Carriere 279d64485e4SEtienne Carriere return result; 280d64485e4SEtienne Carriere } 281d64485e4SEtienne Carriere 282d64485e4SEtienne Carriere TEE_Result stm32_bsec_write_otp(uint32_t value, uint32_t otp_id) 283d64485e4SEtienne Carriere { 284d64485e4SEtienne Carriere TEE_Result result = 0; 285d64485e4SEtienne Carriere uint32_t exceptions = 0; 286d64485e4SEtienne Carriere vaddr_t otp_data_base = bsec_base() + BSEC_OTP_DATA_OFF; 287ef9888dcSEtienne Carriere bool locked = false; 288d64485e4SEtienne Carriere 289ef9888dcSEtienne Carriere /* Check if write of OTP is locked, informative only */ 290ef9888dcSEtienne Carriere result = stm32_bsec_read_sw_lock(otp_id, &locked); 291ef9888dcSEtienne Carriere if (result) 292ef9888dcSEtienne Carriere return result; 293d64485e4SEtienne Carriere 294ef9888dcSEtienne Carriere if (locked) 295ef9888dcSEtienne Carriere DMSG("BSEC write warning: OTP locked"); 296d64485e4SEtienne Carriere 297d64485e4SEtienne Carriere exceptions = bsec_lock(); 298d64485e4SEtienne Carriere 299d64485e4SEtienne Carriere io_write32(otp_data_base + (otp_id * sizeof(uint32_t)), value); 300d64485e4SEtienne Carriere 301d64485e4SEtienne Carriere bsec_unlock(exceptions); 302d64485e4SEtienne Carriere 3031ac4ea14SEtienne Carriere return TEE_SUCCESS; 304d64485e4SEtienne Carriere } 305d64485e4SEtienne Carriere 3060c30f9eaSEtienne Carriere #ifdef CFG_STM32_BSEC_WRITE 307d64485e4SEtienne Carriere TEE_Result stm32_bsec_program_otp(uint32_t value, uint32_t otp_id) 308d64485e4SEtienne Carriere { 309d64485e4SEtienne Carriere TEE_Result result = 0; 310d64485e4SEtienne Carriere uint32_t exceptions = 0; 311ef9888dcSEtienne Carriere uint64_t timeout_ref = 0; 312ef9888dcSEtienne Carriere bool locked = false; 313d64485e4SEtienne Carriere 314ef9888dcSEtienne Carriere /* Check if shadowing of OTP is locked, informative only */ 315ef9888dcSEtienne Carriere result = stm32_bsec_read_sp_lock(otp_id, &locked); 316ef9888dcSEtienne Carriere if (result) 317ef9888dcSEtienne Carriere return result; 318d64485e4SEtienne Carriere 319ef9888dcSEtienne Carriere if (locked) 320ef9888dcSEtienne Carriere DMSG("BSEC program warning: OTP locked"); 321d64485e4SEtienne Carriere 322d64485e4SEtienne Carriere if (io_read32(bsec_base() + BSEC_OTP_LOCK_OFF) & BIT(BSEC_LOCK_PROGRAM)) 323ef9888dcSEtienne Carriere DMSG("BSEC program warning: GPLOCK activated"); 324d64485e4SEtienne Carriere 325d64485e4SEtienne Carriere exceptions = bsec_lock(); 326d64485e4SEtienne Carriere 327d64485e4SEtienne Carriere result = power_up_safmem(); 328d64485e4SEtienne Carriere if (result) 3297b05d514SEtienne Carriere goto out; 330d64485e4SEtienne Carriere 331d64485e4SEtienne Carriere io_write32(bsec_base() + BSEC_OTP_WRDATA_OFF, value); 332d64485e4SEtienne Carriere io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_WRITE); 333d64485e4SEtienne Carriere 334d64485e4SEtienne Carriere timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 335d64485e4SEtienne Carriere while (!timeout_elapsed(timeout_ref)) 336d64485e4SEtienne Carriere if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 337d64485e4SEtienne Carriere break; 338d64485e4SEtienne Carriere 3398afb7c41SEtienne Carriere if (bsec_status() & BSEC_MODE_BUSY_MASK) 3408afb7c41SEtienne Carriere result = TEE_ERROR_BUSY; 3418afb7c41SEtienne Carriere else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK) 3428afb7c41SEtienne Carriere result = TEE_ERROR_BAD_PARAMETERS; 343d64485e4SEtienne Carriere else 3441ac4ea14SEtienne Carriere result = check_no_error(otp_id, true /* check-disturbed */); 345d64485e4SEtienne Carriere 346d64485e4SEtienne Carriere power_down_safmem(); 347d64485e4SEtienne Carriere 3487b05d514SEtienne Carriere out: 349d64485e4SEtienne Carriere bsec_unlock(exceptions); 350d64485e4SEtienne Carriere 351d64485e4SEtienne Carriere return result; 352d64485e4SEtienne Carriere } 353301b3eb5SEtienne Carriere #endif /*CFG_STM32_BSEC_WRITE*/ 354d64485e4SEtienne Carriere 355d64485e4SEtienne Carriere TEE_Result stm32_bsec_permanent_lock_otp(uint32_t otp_id) 356d64485e4SEtienne Carriere { 357d64485e4SEtienne Carriere TEE_Result result = 0; 358d64485e4SEtienne Carriere uint32_t data = 0; 359d64485e4SEtienne Carriere uint32_t addr = 0; 360d64485e4SEtienne Carriere uint32_t exceptions = 0; 361d64485e4SEtienne Carriere vaddr_t base = bsec_base(); 362586eee81SEtienne Carriere uint64_t timeout_ref = 0; 363c6d2483aSGatien Chevallier uint32_t upper_base = otp_upper_base(); 364d64485e4SEtienne Carriere 365d64485e4SEtienne Carriere if (otp_id > otp_max_id()) 366d64485e4SEtienne Carriere return TEE_ERROR_BAD_PARAMETERS; 367d64485e4SEtienne Carriere 368c6d2483aSGatien Chevallier /* 369c6d2483aSGatien Chevallier * 2 bits per words for lower OTPs: 2:1 Redundancy 370c6d2483aSGatien Chevallier * 1 bit per word for upper OTPs : ECC support 371c6d2483aSGatien Chevallier * e.g with 32 lower and 64 upper OTPs: 372c6d2483aSGatien Chevallier * OTP word to be ADDR[6:0] WRDATA[31:0] 373c6d2483aSGatien Chevallier * locked 374c6d2483aSGatien Chevallier * 0 0x00 0x0000 0003 375c6d2483aSGatien Chevallier * 1 0x00 0x0000 000C 376c6d2483aSGatien Chevallier * ... ... ... 377c6d2483aSGatien Chevallier * 7 0x00 0x0000 C000 378c6d2483aSGatien Chevallier * 8 0x01 0x0000 0003 379c6d2483aSGatien Chevallier * ... ... ... 380c6d2483aSGatien Chevallier * 31 0x03 0x0000 C000 381c6d2483aSGatien Chevallier * 32 0x04 0x0000 0001 382c6d2483aSGatien Chevallier * 33 0x04 0x0000 0002 383c6d2483aSGatien Chevallier * 95 0x07 0x0000 8000 384c6d2483aSGatien Chevallier */ 385c6d2483aSGatien Chevallier if (otp_id < upper_base) { 386c6d2483aSGatien Chevallier addr = otp_id / 8U; 387c6d2483aSGatien Chevallier data = DATA_LOWER_OTP_PERLOCK_BIT << ((otp_id * 2U) & 0xF); 388d64485e4SEtienne Carriere } else { 389c6d2483aSGatien Chevallier addr = upper_base / 8U + (otp_id - upper_base) / 16U; 390c6d2483aSGatien Chevallier data = DATA_UPPER_OTP_PERLOCK_BIT << (otp_id & 0xF); 391d64485e4SEtienne Carriere } 392d64485e4SEtienne Carriere 393d64485e4SEtienne Carriere exceptions = bsec_lock(); 394d64485e4SEtienne Carriere 395d64485e4SEtienne Carriere result = power_up_safmem(); 396d64485e4SEtienne Carriere if (result) 3977b05d514SEtienne Carriere goto out; 398d64485e4SEtienne Carriere 399d64485e4SEtienne Carriere io_write32(base + BSEC_OTP_WRDATA_OFF, data); 400d64485e4SEtienne Carriere io_write32(base + BSEC_OTP_CTRL_OFF, addr | BSEC_WRITE | BSEC_LOCK); 401d64485e4SEtienne Carriere 402d64485e4SEtienne Carriere timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 403d64485e4SEtienne Carriere while (!timeout_elapsed(timeout_ref)) 404d64485e4SEtienne Carriere if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 405d64485e4SEtienne Carriere break; 406d64485e4SEtienne Carriere 4078afb7c41SEtienne Carriere if (bsec_status() & BSEC_MODE_BUSY_MASK) 4088afb7c41SEtienne Carriere result = TEE_ERROR_BUSY; 4098afb7c41SEtienne Carriere else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK) 410d64485e4SEtienne Carriere result = TEE_ERROR_BAD_PARAMETERS; 411d64485e4SEtienne Carriere else 4121ac4ea14SEtienne Carriere result = check_no_error(otp_id, false /* not-disturbed */); 413d64485e4SEtienne Carriere 414d64485e4SEtienne Carriere power_down_safmem(); 415d64485e4SEtienne Carriere 4167b05d514SEtienne Carriere out: 417d64485e4SEtienne Carriere bsec_unlock(exceptions); 418d64485e4SEtienne Carriere 419d64485e4SEtienne Carriere return result; 420d64485e4SEtienne Carriere } 421d64485e4SEtienne Carriere 422301b3eb5SEtienne Carriere #ifdef CFG_STM32_BSEC_WRITE 423d64485e4SEtienne Carriere TEE_Result stm32_bsec_write_debug_conf(uint32_t value) 424d64485e4SEtienne Carriere { 425d64485e4SEtienne Carriere TEE_Result result = TEE_ERROR_GENERIC; 426d64485e4SEtienne Carriere uint32_t exceptions = 0; 427d64485e4SEtienne Carriere 428d64485e4SEtienne Carriere exceptions = bsec_lock(); 429d64485e4SEtienne Carriere 430d64485e4SEtienne Carriere io_write32(bsec_base() + BSEC_DEN_OFF, value); 431d64485e4SEtienne Carriere 432*1ff52b85SGatien Chevallier if ((io_read32(bsec_base() + BSEC_DEN_OFF) ^ value) == 0U) 433d64485e4SEtienne Carriere result = TEE_SUCCESS; 434d64485e4SEtienne Carriere 435d64485e4SEtienne Carriere bsec_unlock(exceptions); 436d64485e4SEtienne Carriere 437d64485e4SEtienne Carriere return result; 438d64485e4SEtienne Carriere } 439301b3eb5SEtienne Carriere #endif /*CFG_STM32_BSEC_WRITE*/ 440d64485e4SEtienne Carriere 441d64485e4SEtienne Carriere uint32_t stm32_bsec_read_debug_conf(void) 442d64485e4SEtienne Carriere { 443d64485e4SEtienne Carriere return io_read32(bsec_base() + BSEC_DEN_OFF); 444d64485e4SEtienne Carriere } 445d64485e4SEtienne Carriere 446ef9888dcSEtienne Carriere static TEE_Result set_bsec_lock(uint32_t otp_id, size_t lock_offset) 447d64485e4SEtienne Carriere { 448d64485e4SEtienne Carriere uint32_t bank = otp_bank_offset(otp_id); 449d64485e4SEtienne Carriere uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK); 450d64485e4SEtienne Carriere vaddr_t lock_addr = bsec_base() + bank + lock_offset; 451d64485e4SEtienne Carriere uint32_t exceptions = 0; 452d64485e4SEtienne Carriere 453ef9888dcSEtienne Carriere if (otp_id > STM32MP1_OTP_MAX_ID) 454ef9888dcSEtienne Carriere return TEE_ERROR_BAD_PARAMETERS; 455d64485e4SEtienne Carriere 456d64485e4SEtienne Carriere exceptions = bsec_lock(); 457d64485e4SEtienne Carriere 458ef9888dcSEtienne Carriere io_write32(lock_addr, otp_mask); 459d64485e4SEtienne Carriere 460d64485e4SEtienne Carriere bsec_unlock(exceptions); 461d64485e4SEtienne Carriere 462ef9888dcSEtienne Carriere return TEE_SUCCESS; 463d64485e4SEtienne Carriere } 464d64485e4SEtienne Carriere 465ef9888dcSEtienne Carriere TEE_Result stm32_bsec_set_sr_lock(uint32_t otp_id) 466d64485e4SEtienne Carriere { 467ef9888dcSEtienne Carriere return set_bsec_lock(otp_id, BSEC_SRLOCK_OFF); 468d64485e4SEtienne Carriere } 469d64485e4SEtienne Carriere 470ef9888dcSEtienne Carriere TEE_Result stm32_bsec_set_sw_lock(uint32_t otp_id) 471d64485e4SEtienne Carriere { 472ef9888dcSEtienne Carriere return set_bsec_lock(otp_id, BSEC_SWLOCK_OFF); 473d64485e4SEtienne Carriere } 474d64485e4SEtienne Carriere 475ef9888dcSEtienne Carriere TEE_Result stm32_bsec_set_sp_lock(uint32_t otp_id) 476d64485e4SEtienne Carriere { 477ef9888dcSEtienne Carriere return set_bsec_lock(otp_id, BSEC_SPLOCK_OFF); 478d64485e4SEtienne Carriere } 479d64485e4SEtienne Carriere 480ef9888dcSEtienne Carriere static TEE_Result read_bsec_lock(uint32_t otp_id, bool *locked, 481ef9888dcSEtienne Carriere size_t lock_offset) 482d64485e4SEtienne Carriere { 483d64485e4SEtienne Carriere uint32_t bank = otp_bank_offset(otp_id); 484d64485e4SEtienne Carriere uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK); 485d64485e4SEtienne Carriere vaddr_t lock_addr = bsec_base() + bank + lock_offset; 486d64485e4SEtienne Carriere 487ef9888dcSEtienne Carriere if (otp_id > STM32MP1_OTP_MAX_ID) 488ef9888dcSEtienne Carriere return TEE_ERROR_BAD_PARAMETERS; 489ef9888dcSEtienne Carriere 490ef9888dcSEtienne Carriere *locked = (io_read32(lock_addr) & otp_mask) != 0; 491ef9888dcSEtienne Carriere 492ef9888dcSEtienne Carriere return TEE_SUCCESS; 493d64485e4SEtienne Carriere } 494d64485e4SEtienne Carriere 495ef9888dcSEtienne Carriere TEE_Result stm32_bsec_read_sr_lock(uint32_t otp_id, bool *locked) 496d64485e4SEtienne Carriere { 497ef9888dcSEtienne Carriere return read_bsec_lock(otp_id, locked, BSEC_SRLOCK_OFF); 498d64485e4SEtienne Carriere } 499d64485e4SEtienne Carriere 500ef9888dcSEtienne Carriere TEE_Result stm32_bsec_read_sw_lock(uint32_t otp_id, bool *locked) 501d64485e4SEtienne Carriere { 502ef9888dcSEtienne Carriere return read_bsec_lock(otp_id, locked, BSEC_SWLOCK_OFF); 503d64485e4SEtienne Carriere } 504d64485e4SEtienne Carriere 505ef9888dcSEtienne Carriere TEE_Result stm32_bsec_read_sp_lock(uint32_t otp_id, bool *locked) 506d64485e4SEtienne Carriere { 507ef9888dcSEtienne Carriere return read_bsec_lock(otp_id, locked, BSEC_SPLOCK_OFF); 508d64485e4SEtienne Carriere } 509d64485e4SEtienne Carriere 510ef9888dcSEtienne Carriere TEE_Result stm32_bsec_read_permanent_lock(uint32_t otp_id, bool *locked) 511d64485e4SEtienne Carriere { 512ef9888dcSEtienne Carriere return read_bsec_lock(otp_id, locked, BSEC_WRLOCK_OFF); 513d64485e4SEtienne Carriere } 514d64485e4SEtienne Carriere 515ef9888dcSEtienne Carriere TEE_Result stm32_bsec_otp_lock(uint32_t service) 516d64485e4SEtienne Carriere { 517d64485e4SEtienne Carriere vaddr_t addr = bsec_base() + BSEC_OTP_LOCK_OFF; 518d64485e4SEtienne Carriere 519d64485e4SEtienne Carriere switch (service) { 520d64485e4SEtienne Carriere case BSEC_LOCK_UPPER_OTP: 521ef9888dcSEtienne Carriere io_write32(addr, BIT(BSEC_LOCK_UPPER_OTP)); 522d64485e4SEtienne Carriere break; 523d64485e4SEtienne Carriere case BSEC_LOCK_DEBUG: 524ef9888dcSEtienne Carriere io_write32(addr, BIT(BSEC_LOCK_DEBUG)); 525d64485e4SEtienne Carriere break; 526d64485e4SEtienne Carriere case BSEC_LOCK_PROGRAM: 527ef9888dcSEtienne Carriere io_write32(addr, BIT(BSEC_LOCK_PROGRAM)); 528d64485e4SEtienne Carriere break; 529d64485e4SEtienne Carriere default: 530d64485e4SEtienne Carriere return TEE_ERROR_BAD_PARAMETERS; 531d64485e4SEtienne Carriere } 532d64485e4SEtienne Carriere 533d64485e4SEtienne Carriere return TEE_SUCCESS; 534d64485e4SEtienne Carriere } 535d64485e4SEtienne Carriere 536890703c3SEtienne Carriere static size_t nsec_access_array_size(void) 537890703c3SEtienne Carriere { 538586eee81SEtienne Carriere size_t upper_count = otp_max_id() - otp_upper_base() + 1; 539890703c3SEtienne Carriere 5408396f62eSGatien Chevallier return ROUNDUP_DIV(upper_count, BSEC_BITS_PER_WORD); 541890703c3SEtienne Carriere } 542890703c3SEtienne Carriere 543890703c3SEtienne Carriere static bool nsec_access_granted(unsigned int index) 544890703c3SEtienne Carriere { 545890703c3SEtienne Carriere uint32_t *array = bsec_dev.nsec_access; 546890703c3SEtienne Carriere 547890703c3SEtienne Carriere return array && 5488396f62eSGatien Chevallier (index / BSEC_BITS_PER_WORD) < nsec_access_array_size() && 5498396f62eSGatien Chevallier array[index / BSEC_BITS_PER_WORD] & 5508396f62eSGatien Chevallier BIT(index % BSEC_BITS_PER_WORD); 551890703c3SEtienne Carriere } 552890703c3SEtienne Carriere 553d64485e4SEtienne Carriere bool stm32_bsec_nsec_can_access_otp(uint32_t otp_id) 554d64485e4SEtienne Carriere { 555586eee81SEtienne Carriere return otp_id < otp_upper_base() || 556586eee81SEtienne Carriere nsec_access_granted(otp_id - otp_upper_base()); 557d64485e4SEtienne Carriere } 558d64485e4SEtienne Carriere 559cfada897SAlexandru Gagniuc #ifdef CFG_EMBED_DTB 560890703c3SEtienne Carriere static void enable_nsec_access(unsigned int otp_id) 561890703c3SEtienne Carriere { 5628396f62eSGatien Chevallier unsigned int idx = (otp_id - otp_upper_base()) / BSEC_BITS_PER_WORD; 563890703c3SEtienne Carriere 564586eee81SEtienne Carriere if (otp_id < otp_upper_base()) 565890703c3SEtienne Carriere return; 566890703c3SEtienne Carriere 567890703c3SEtienne Carriere if (otp_id > otp_max_id() || stm32_bsec_shadow_register(otp_id)) 568890703c3SEtienne Carriere panic(); 569890703c3SEtienne Carriere 5708396f62eSGatien Chevallier bsec_dev.nsec_access[idx] |= BIT(otp_id % BSEC_BITS_PER_WORD); 571890703c3SEtienne Carriere } 572890703c3SEtienne Carriere 573890703c3SEtienne Carriere static void bsec_dt_otp_nsec_access(void *fdt, int bsec_node) 574890703c3SEtienne Carriere { 575890703c3SEtienne Carriere int bsec_subnode = 0; 576890703c3SEtienne Carriere 577890703c3SEtienne Carriere bsec_dev.nsec_access = calloc(nsec_access_array_size(), 578890703c3SEtienne Carriere sizeof(*bsec_dev.nsec_access)); 579890703c3SEtienne Carriere if (!bsec_dev.nsec_access) 580890703c3SEtienne Carriere panic(); 581890703c3SEtienne Carriere 582890703c3SEtienne Carriere fdt_for_each_subnode(bsec_subnode, fdt, bsec_node) { 58327a02b1eSGatien Chevallier unsigned int reg_offset = 0; 58427a02b1eSGatien Chevallier unsigned int reg_size = 0; 585890703c3SEtienne Carriere unsigned int otp_id = 0; 586890703c3SEtienne Carriere unsigned int i = 0; 587890703c3SEtienne Carriere size_t size = 0; 588890703c3SEtienne Carriere 58927a02b1eSGatien Chevallier reg_offset = _fdt_reg_base_address(fdt, bsec_subnode); 59027a02b1eSGatien Chevallier reg_size = _fdt_reg_size(fdt, bsec_subnode); 591890703c3SEtienne Carriere 59227a02b1eSGatien Chevallier assert(reg_offset != DT_INFO_INVALID_REG && 59327a02b1eSGatien Chevallier reg_size != DT_INFO_INVALID_REG_SIZE); 594890703c3SEtienne Carriere 59527a02b1eSGatien Chevallier otp_id = reg_offset / sizeof(uint32_t); 596890703c3SEtienne Carriere 597890703c3SEtienne Carriere if (otp_id < STM32MP1_UPPER_OTP_START) { 59827a02b1eSGatien Chevallier unsigned int otp_end = 59927a02b1eSGatien Chevallier ROUNDUP_DIV(reg_offset + reg_size, 60027a02b1eSGatien Chevallier sizeof(uint32_t)); 601890703c3SEtienne Carriere 602890703c3SEtienne Carriere if (otp_end > STM32MP1_UPPER_OTP_START) { 603890703c3SEtienne Carriere /* 604890703c3SEtienne Carriere * OTP crosses Lower/Upper boundary, consider 605890703c3SEtienne Carriere * only the upper part. 606890703c3SEtienne Carriere */ 607890703c3SEtienne Carriere otp_id = STM32MP1_UPPER_OTP_START; 60827a02b1eSGatien Chevallier reg_size -= (STM32MP1_UPPER_OTP_START * 60927a02b1eSGatien Chevallier sizeof(uint32_t)) - reg_offset; 61027a02b1eSGatien Chevallier reg_offset = STM32MP1_UPPER_OTP_START * 611890703c3SEtienne Carriere sizeof(uint32_t); 612890703c3SEtienne Carriere 613890703c3SEtienne Carriere DMSG("OTP crosses Lower/Upper boundary"); 614890703c3SEtienne Carriere } else { 615890703c3SEtienne Carriere continue; 616890703c3SEtienne Carriere } 617890703c3SEtienne Carriere } 618890703c3SEtienne Carriere 619890703c3SEtienne Carriere if (!fdt_getprop(fdt, bsec_subnode, "st,non-secure-otp", NULL)) 620890703c3SEtienne Carriere continue; 621890703c3SEtienne Carriere 62227a02b1eSGatien Chevallier if ((reg_offset % sizeof(uint32_t)) || 62327a02b1eSGatien Chevallier (reg_size % sizeof(uint32_t))) 624890703c3SEtienne Carriere panic("Unaligned non-secure OTP"); 625890703c3SEtienne Carriere 62627a02b1eSGatien Chevallier size = reg_size / sizeof(uint32_t); 627890703c3SEtienne Carriere 628890703c3SEtienne Carriere if (otp_id + size > STM32MP1_OTP_MAX_ID) 629890703c3SEtienne Carriere panic("OTP range oversized"); 630890703c3SEtienne Carriere 631890703c3SEtienne Carriere for (i = otp_id; i < otp_id + size; i++) 632890703c3SEtienne Carriere enable_nsec_access(i); 633890703c3SEtienne Carriere } 634890703c3SEtienne Carriere } 635890703c3SEtienne Carriere 636890703c3SEtienne Carriere static void initialize_bsec_from_dt(void) 637890703c3SEtienne Carriere { 638890703c3SEtienne Carriere void *fdt = NULL; 639890703c3SEtienne Carriere int node = 0; 640890703c3SEtienne Carriere struct dt_node_info bsec_info = { }; 641890703c3SEtienne Carriere 642890703c3SEtienne Carriere fdt = get_embedded_dt(); 643890703c3SEtienne Carriere node = fdt_node_offset_by_compatible(fdt, 0, "st,stm32mp15-bsec"); 644890703c3SEtienne Carriere if (node < 0) 645890703c3SEtienne Carriere panic(); 646890703c3SEtienne Carriere 647890703c3SEtienne Carriere _fdt_fill_device_info(fdt, &bsec_info, node); 648890703c3SEtienne Carriere 649890703c3SEtienne Carriere if (bsec_info.reg != bsec_dev.base.pa || 650890703c3SEtienne Carriere !(bsec_info.status & DT_STATUS_OK_SEC)) 651890703c3SEtienne Carriere panic(); 652890703c3SEtienne Carriere 653890703c3SEtienne Carriere bsec_dt_otp_nsec_access(fdt, node); 654890703c3SEtienne Carriere } 655890703c3SEtienne Carriere #else 656890703c3SEtienne Carriere static void initialize_bsec_from_dt(void) 657890703c3SEtienne Carriere { 658890703c3SEtienne Carriere } 659cfada897SAlexandru Gagniuc #endif /*CFG_EMBED_DTB*/ 660890703c3SEtienne Carriere 661d64485e4SEtienne Carriere static TEE_Result initialize_bsec(void) 662d64485e4SEtienne Carriere { 6637994d842SEtienne Carriere struct stm32_bsec_static_cfg cfg = { }; 664d64485e4SEtienne Carriere 665d64485e4SEtienne Carriere stm32mp_get_bsec_static_cfg(&cfg); 666d64485e4SEtienne Carriere 667d64485e4SEtienne Carriere bsec_dev.base.pa = cfg.base; 668d64485e4SEtienne Carriere bsec_dev.upper_base = cfg.upper_start; 669d64485e4SEtienne Carriere bsec_dev.max_id = cfg.max_id; 670d64485e4SEtienne Carriere 671890703c3SEtienne Carriere if (IS_ENABLED(CFG_EMBED_DTB)) 672890703c3SEtienne Carriere initialize_bsec_from_dt(); 673890703c3SEtienne Carriere 674d64485e4SEtienne Carriere return TEE_SUCCESS; 675d64485e4SEtienne Carriere } 676d64485e4SEtienne Carriere 6778c8316dbSEtienne Carriere early_init(initialize_bsec); 678