1 // SPDX-License-Identifier: BSD-3-Clause 2 /* 3 * Copyright (c) 2017-2021, STMicroelectronics 4 */ 5 6 #include <assert.h> 7 #include <config.h> 8 #include <drivers/stm32_bsec.h> 9 #include <io.h> 10 #include <kernel/delay.h> 11 #include <kernel/dt.h> 12 #include <kernel/boot.h> 13 #include <kernel/spinlock.h> 14 #include <libfdt.h> 15 #include <limits.h> 16 #include <mm/core_memprot.h> 17 #include <platform_config.h> 18 #include <stm32_util.h> 19 #include <string.h> 20 #include <tee_api_defines.h> 21 #include <types_ext.h> 22 #include <util.h> 23 24 #define BSEC_OTP_MASK GENMASK_32(4, 0) 25 #define BSEC_OTP_BANK_SHIFT U(5) 26 27 /* Permanent lock bitmasks */ 28 #define ADDR_LOWER_OTP_PERLOCK_SHIFT U(3) 29 #define DATA_LOWER_OTP_PERLOCK_BIT U(3) 30 #define DATA_LOWER_OTP_PERLOCK_MASK GENMASK_32(2, 0) 31 #define ADDR_UPPER_OTP_PERLOCK_SHIFT U(4) 32 #define DATA_UPPER_OTP_PERLOCK_BIT U(1) 33 #define DATA_UPPER_OTP_PERLOCK_MASK GENMASK_32(3, 0) 34 35 /* BSEC register offset */ 36 #define BSEC_OTP_CONF_OFF U(0x000) 37 #define BSEC_OTP_CTRL_OFF U(0x004) 38 #define BSEC_OTP_WRDATA_OFF U(0x008) 39 #define BSEC_OTP_STATUS_OFF U(0x00C) 40 #define BSEC_OTP_LOCK_OFF U(0x010) 41 #define BSEC_DEN_OFF U(0x014) 42 #define BSEC_FEN_OFF U(0x018) 43 #define BSEC_DISTURBED_OFF U(0x01C) 44 #define BSEC_DISTURBED1_OFF U(0x020) 45 #define BSEC_DISTURBED2_OFF U(0x024) 46 #define BSEC_ERROR_OFF U(0x034) 47 #define BSEC_ERROR1_OFF U(0x038) 48 #define BSEC_ERROR2_OFF U(0x03C) 49 #define BSEC_WRLOCK_OFF U(0x04C) 50 #define BSEC_WRLOCK1_OFF U(0x050) 51 #define BSEC_WRLOCK2_OFF U(0x054) 52 #define BSEC_SPLOCK_OFF U(0x064) 53 #define BSEC_SPLOCK1_OFF U(0x068) 54 #define BSEC_SPLOCK2_OFF U(0x06C) 55 #define BSEC_SWLOCK_OFF U(0x07C) 56 #define BSEC_SWLOCK1_OFF U(0x080) 57 #define BSEC_SWLOCK2_OFF U(0x084) 58 #define BSEC_SRLOCK_OFF U(0x094) 59 #define BSEC_SRLOCK1_OFF U(0x098) 60 #define BSEC_SRLOCK2_OFF U(0x09C) 61 #define BSEC_JTAG_IN_OFF U(0x0AC) 62 #define BSEC_JTAG_OUT_OFF U(0x0B0) 63 #define BSEC_SCRATCH_OFF U(0x0B4) 64 #define BSEC_OTP_DATA_OFF U(0x200) 65 #define BSEC_IPHW_CFG_OFF U(0xFF0) 66 #define BSEC_IPVR_OFF U(0xFF4) 67 #define BSEC_IP_ID_OFF U(0xFF8) 68 #define BSEC_IP_MAGIC_ID_OFF U(0xFFC) 69 70 /* BSEC_CONFIGURATION Register */ 71 #define BSEC_CONF_POWER_UP_MASK BIT(0) 72 #define BSEC_CONF_POWER_UP_SHIFT U(0) 73 #define BSEC_CONF_FRQ_MASK GENMASK_32(2, 1) 74 #define BSEC_CONF_FRQ_SHIFT U(1) 75 #define BSEC_CONF_PRG_WIDTH_MASK GENMASK_32(6, 3) 76 #define BSEC_CONF_PRG_WIDTH_SHIFT U(3) 77 #define BSEC_CONF_TREAD_MASK GENMASK_32(8, 7) 78 #define BSEC_CONF_TREAD_SHIFT U(7) 79 80 /* BSEC_CONTROL Register */ 81 #define BSEC_READ U(0x000) 82 #define BSEC_WRITE U(0x100) 83 #define BSEC_LOCK U(0x200) 84 85 /* BSEC_STATUS Register */ 86 #define BSEC_MODE_STATUS_MASK GENMASK_32(2, 0) 87 #define BSEC_MODE_BUSY_MASK BIT(3) 88 #define BSEC_MODE_PROGFAIL_MASK BIT(4) 89 #define BSEC_MODE_PWR_MASK BIT(5) 90 #define BSEC_MODE_BIST1_LOCK_MASK BIT(6) 91 #define BSEC_MODE_BIST2_LOCK_MASK BIT(7) 92 93 /* BSEC_DEBUG */ 94 #define BSEC_HDPEN BIT(4) 95 #define BSEC_SPIDEN BIT(5) 96 #define BSEC_SPINDEN BIT(6) 97 #define BSEC_DBGSWGEN BIT(10) 98 #define BSEC_DEN_ALL_MSK GENMASK_32(10, 0) 99 100 /* 101 * OTP Lock services definition 102 * Value must corresponding to the bit position in the register 103 */ 104 #define BSEC_LOCK_UPPER_OTP U(0x00) 105 #define BSEC_LOCK_DEBUG U(0x02) 106 #define BSEC_LOCK_PROGRAM U(0x04) 107 108 /* Timeout when polling on status */ 109 #define BSEC_TIMEOUT_US U(10000) 110 111 struct bsec_dev { 112 struct io_pa_va base; 113 unsigned int upper_base; 114 unsigned int max_id; 115 uint32_t *nsec_access; 116 }; 117 118 /* Only 1 instance of BSEC is expected per platform */ 119 static struct bsec_dev bsec_dev; 120 121 /* BSEC access protection */ 122 static unsigned int lock = SPINLOCK_UNLOCK; 123 124 static uint32_t bsec_lock(void) 125 { 126 return may_spin_lock(&lock); 127 } 128 129 static void bsec_unlock(uint32_t exceptions) 130 { 131 may_spin_unlock(&lock, exceptions); 132 } 133 134 static uint32_t otp_max_id(void) 135 { 136 return bsec_dev.max_id; 137 } 138 139 static uint32_t otp_upper_base(void) 140 { 141 return bsec_dev.upper_base; 142 } 143 144 static uint32_t otp_bank_offset(uint32_t otp_id) 145 { 146 assert(otp_id <= otp_max_id()); 147 148 return ((otp_id & ~BSEC_OTP_MASK) >> BSEC_OTP_BANK_SHIFT) * 149 sizeof(uint32_t); 150 } 151 152 static vaddr_t bsec_base(void) 153 { 154 return io_pa_or_va_secure(&bsec_dev.base, BSEC_IP_MAGIC_ID_OFF + 1); 155 } 156 157 static uint32_t bsec_status(void) 158 { 159 return io_read32(bsec_base() + BSEC_OTP_STATUS_OFF); 160 } 161 162 /* 163 * Check that BSEC interface does not report an error 164 * @otp_id : OTP number 165 * @check_disturbed: check only error (false) or all sources (true) 166 * Return a TEE_Result compliant value 167 */ 168 static TEE_Result check_no_error(uint32_t otp_id, bool check_disturbed) 169 { 170 uint32_t bit = BIT(otp_id & BSEC_OTP_MASK); 171 uint32_t bank = otp_bank_offset(otp_id); 172 173 if (io_read32(bsec_base() + BSEC_ERROR_OFF + bank) & bit) 174 return TEE_ERROR_GENERIC; 175 176 if (check_disturbed && 177 io_read32(bsec_base() + BSEC_DISTURBED_OFF + bank) & bit) 178 return TEE_ERROR_GENERIC; 179 180 return TEE_SUCCESS; 181 } 182 183 static TEE_Result power_up_safmem(void) 184 { 185 uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 186 187 io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, BSEC_CONF_POWER_UP_MASK, 188 BSEC_CONF_POWER_UP_MASK); 189 190 /* 191 * If a timeout is detected, test the condition again to consider 192 * cases where timeout is due to the executing TEE thread rescheduling. 193 */ 194 while (!timeout_elapsed(timeout_ref)) 195 if (bsec_status() & BSEC_MODE_PWR_MASK) 196 break; 197 198 if (bsec_status() & BSEC_MODE_PWR_MASK) 199 return TEE_SUCCESS; 200 201 return TEE_ERROR_GENERIC; 202 } 203 204 static TEE_Result power_down_safmem(void) 205 { 206 uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 207 208 io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, 0, BSEC_CONF_POWER_UP_MASK); 209 210 /* 211 * If a timeout is detected, test the condition again to consider 212 * cases where timeout is due to the executing TEE thread rescheduling. 213 */ 214 while (!timeout_elapsed(timeout_ref)) 215 if (!(bsec_status() & BSEC_MODE_PWR_MASK)) 216 break; 217 218 if (!(bsec_status() & BSEC_MODE_PWR_MASK)) 219 return TEE_SUCCESS; 220 221 return TEE_ERROR_GENERIC; 222 } 223 224 TEE_Result stm32_bsec_shadow_register(uint32_t otp_id) 225 { 226 TEE_Result result = 0; 227 uint32_t exceptions = 0; 228 uint64_t timeout_ref = 0; 229 bool locked = false; 230 231 /* Check if shadowing of OTP is locked, informative only */ 232 result = stm32_bsec_read_sr_lock(otp_id, &locked); 233 if (result) 234 return result; 235 236 if (locked) 237 DMSG("BSEC shadow warning: OTP locked"); 238 239 exceptions = bsec_lock(); 240 241 result = power_up_safmem(); 242 if (result) 243 goto out; 244 245 io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_READ); 246 247 timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 248 while (!timeout_elapsed(timeout_ref)) 249 if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 250 break; 251 252 if (bsec_status() & BSEC_MODE_BUSY_MASK) 253 result = TEE_ERROR_BUSY; 254 else 255 result = check_no_error(otp_id, true /* check-disturbed */); 256 257 power_down_safmem(); 258 259 out: 260 bsec_unlock(exceptions); 261 262 return result; 263 } 264 265 TEE_Result stm32_bsec_read_otp(uint32_t *value, uint32_t otp_id) 266 { 267 if (otp_id > otp_max_id()) 268 return TEE_ERROR_BAD_PARAMETERS; 269 270 *value = io_read32(bsec_base() + BSEC_OTP_DATA_OFF + 271 (otp_id * sizeof(uint32_t))); 272 273 return TEE_SUCCESS; 274 } 275 276 TEE_Result stm32_bsec_shadow_read_otp(uint32_t *otp_value, uint32_t otp_id) 277 { 278 TEE_Result result = 0; 279 280 result = stm32_bsec_shadow_register(otp_id); 281 if (result) { 282 EMSG("BSEC %"PRIu32" Shadowing Error %#"PRIx32, otp_id, result); 283 return result; 284 } 285 286 result = stm32_bsec_read_otp(otp_value, otp_id); 287 if (result) 288 EMSG("BSEC %"PRIu32" Read Error %#"PRIx32, otp_id, result); 289 290 return result; 291 } 292 293 TEE_Result stm32_bsec_write_otp(uint32_t value, uint32_t otp_id) 294 { 295 TEE_Result result = 0; 296 uint32_t exceptions = 0; 297 vaddr_t otp_data_base = bsec_base() + BSEC_OTP_DATA_OFF; 298 bool locked = false; 299 300 /* Check if write of OTP is locked, informative only */ 301 result = stm32_bsec_read_sw_lock(otp_id, &locked); 302 if (result) 303 return result; 304 305 if (locked) 306 DMSG("BSEC write warning: OTP locked"); 307 308 exceptions = bsec_lock(); 309 310 io_write32(otp_data_base + (otp_id * sizeof(uint32_t)), value); 311 312 bsec_unlock(exceptions); 313 314 return TEE_SUCCESS; 315 } 316 317 #ifdef CFG_STM32_BSEC_WRITE 318 TEE_Result stm32_bsec_program_otp(uint32_t value, uint32_t otp_id) 319 { 320 TEE_Result result = 0; 321 uint32_t exceptions = 0; 322 uint64_t timeout_ref = 0; 323 bool locked = false; 324 325 /* Check if shadowing of OTP is locked, informative only */ 326 result = stm32_bsec_read_sp_lock(otp_id, &locked); 327 if (result) 328 return result; 329 330 if (locked) 331 DMSG("BSEC program warning: OTP locked"); 332 333 if (io_read32(bsec_base() + BSEC_OTP_LOCK_OFF) & BIT(BSEC_LOCK_PROGRAM)) 334 DMSG("BSEC program warning: GPLOCK activated"); 335 336 exceptions = bsec_lock(); 337 338 result = power_up_safmem(); 339 if (result) 340 goto out; 341 342 io_write32(bsec_base() + BSEC_OTP_WRDATA_OFF, value); 343 io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_WRITE); 344 345 timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 346 while (!timeout_elapsed(timeout_ref)) 347 if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 348 break; 349 350 if (bsec_status() & BSEC_MODE_BUSY_MASK) 351 result = TEE_ERROR_BUSY; 352 else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK) 353 result = TEE_ERROR_BAD_PARAMETERS; 354 else 355 result = check_no_error(otp_id, true /* check-disturbed */); 356 357 power_down_safmem(); 358 359 out: 360 bsec_unlock(exceptions); 361 362 return result; 363 } 364 #endif /*CFG_STM32_BSEC_WRITE*/ 365 366 TEE_Result stm32_bsec_permanent_lock_otp(uint32_t otp_id) 367 { 368 TEE_Result result = 0; 369 uint32_t data = 0; 370 uint32_t addr = 0; 371 uint32_t exceptions = 0; 372 vaddr_t base = bsec_base(); 373 uint64_t timeout_ref = 0; 374 375 if (otp_id > otp_max_id()) 376 return TEE_ERROR_BAD_PARAMETERS; 377 378 if (otp_id < otp_upper_base()) { 379 addr = otp_id >> ADDR_LOWER_OTP_PERLOCK_SHIFT; 380 data = DATA_LOWER_OTP_PERLOCK_BIT << 381 ((otp_id & DATA_LOWER_OTP_PERLOCK_MASK) << 1U); 382 } else { 383 addr = (otp_id >> ADDR_UPPER_OTP_PERLOCK_SHIFT) + 2U; 384 data = DATA_UPPER_OTP_PERLOCK_BIT << 385 (otp_id & DATA_UPPER_OTP_PERLOCK_MASK); 386 } 387 388 exceptions = bsec_lock(); 389 390 result = power_up_safmem(); 391 if (result) 392 goto out; 393 394 io_write32(base + BSEC_OTP_WRDATA_OFF, data); 395 io_write32(base + BSEC_OTP_CTRL_OFF, addr | BSEC_WRITE | BSEC_LOCK); 396 397 timeout_ref = timeout_init_us(BSEC_TIMEOUT_US); 398 while (!timeout_elapsed(timeout_ref)) 399 if (!(bsec_status() & BSEC_MODE_BUSY_MASK)) 400 break; 401 402 if (bsec_status() & BSEC_MODE_BUSY_MASK) 403 result = TEE_ERROR_BUSY; 404 else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK) 405 result = TEE_ERROR_BAD_PARAMETERS; 406 else 407 result = check_no_error(otp_id, false /* not-disturbed */); 408 409 power_down_safmem(); 410 411 out: 412 bsec_unlock(exceptions); 413 414 return result; 415 } 416 417 #ifdef CFG_STM32_BSEC_WRITE 418 TEE_Result stm32_bsec_write_debug_conf(uint32_t value) 419 { 420 TEE_Result result = TEE_ERROR_GENERIC; 421 uint32_t masked_val = value & BSEC_DEN_ALL_MSK; 422 uint32_t exceptions = 0; 423 424 exceptions = bsec_lock(); 425 426 io_write32(bsec_base() + BSEC_DEN_OFF, value); 427 428 if ((io_read32(bsec_base() + BSEC_DEN_OFF) ^ masked_val) == 0U) 429 result = TEE_SUCCESS; 430 431 bsec_unlock(exceptions); 432 433 return result; 434 } 435 #endif /*CFG_STM32_BSEC_WRITE*/ 436 437 uint32_t stm32_bsec_read_debug_conf(void) 438 { 439 return io_read32(bsec_base() + BSEC_DEN_OFF); 440 } 441 442 static TEE_Result set_bsec_lock(uint32_t otp_id, size_t lock_offset) 443 { 444 uint32_t bank = otp_bank_offset(otp_id); 445 uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK); 446 vaddr_t lock_addr = bsec_base() + bank + lock_offset; 447 uint32_t exceptions = 0; 448 449 if (otp_id > STM32MP1_OTP_MAX_ID) 450 return TEE_ERROR_BAD_PARAMETERS; 451 452 exceptions = bsec_lock(); 453 454 io_write32(lock_addr, otp_mask); 455 456 bsec_unlock(exceptions); 457 458 return TEE_SUCCESS; 459 } 460 461 TEE_Result stm32_bsec_set_sr_lock(uint32_t otp_id) 462 { 463 return set_bsec_lock(otp_id, BSEC_SRLOCK_OFF); 464 } 465 466 TEE_Result stm32_bsec_set_sw_lock(uint32_t otp_id) 467 { 468 return set_bsec_lock(otp_id, BSEC_SWLOCK_OFF); 469 } 470 471 TEE_Result stm32_bsec_set_sp_lock(uint32_t otp_id) 472 { 473 return set_bsec_lock(otp_id, BSEC_SPLOCK_OFF); 474 } 475 476 static TEE_Result read_bsec_lock(uint32_t otp_id, bool *locked, 477 size_t lock_offset) 478 { 479 uint32_t bank = otp_bank_offset(otp_id); 480 uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK); 481 vaddr_t lock_addr = bsec_base() + bank + lock_offset; 482 483 if (otp_id > STM32MP1_OTP_MAX_ID) 484 return TEE_ERROR_BAD_PARAMETERS; 485 486 *locked = (io_read32(lock_addr) & otp_mask) != 0; 487 488 return TEE_SUCCESS; 489 } 490 491 TEE_Result stm32_bsec_read_sr_lock(uint32_t otp_id, bool *locked) 492 { 493 return read_bsec_lock(otp_id, locked, BSEC_SRLOCK_OFF); 494 } 495 496 TEE_Result stm32_bsec_read_sw_lock(uint32_t otp_id, bool *locked) 497 { 498 return read_bsec_lock(otp_id, locked, BSEC_SWLOCK_OFF); 499 } 500 501 TEE_Result stm32_bsec_read_sp_lock(uint32_t otp_id, bool *locked) 502 { 503 return read_bsec_lock(otp_id, locked, BSEC_SPLOCK_OFF); 504 } 505 506 TEE_Result stm32_bsec_read_permanent_lock(uint32_t otp_id, bool *locked) 507 { 508 return read_bsec_lock(otp_id, locked, BSEC_WRLOCK_OFF); 509 } 510 511 TEE_Result stm32_bsec_otp_lock(uint32_t service) 512 { 513 vaddr_t addr = bsec_base() + BSEC_OTP_LOCK_OFF; 514 515 switch (service) { 516 case BSEC_LOCK_UPPER_OTP: 517 io_write32(addr, BIT(BSEC_LOCK_UPPER_OTP)); 518 break; 519 case BSEC_LOCK_DEBUG: 520 io_write32(addr, BIT(BSEC_LOCK_DEBUG)); 521 break; 522 case BSEC_LOCK_PROGRAM: 523 io_write32(addr, BIT(BSEC_LOCK_PROGRAM)); 524 break; 525 default: 526 return TEE_ERROR_BAD_PARAMETERS; 527 } 528 529 return TEE_SUCCESS; 530 } 531 532 static size_t nsec_access_array_size(void) 533 { 534 size_t upper_count = otp_max_id() - otp_upper_base() + 1; 535 536 return ROUNDUP_DIV(upper_count, BSEC_BITS_PER_WORD); 537 } 538 539 static bool nsec_access_granted(unsigned int index) 540 { 541 uint32_t *array = bsec_dev.nsec_access; 542 543 return array && 544 (index / BSEC_BITS_PER_WORD) < nsec_access_array_size() && 545 array[index / BSEC_BITS_PER_WORD] & 546 BIT(index % BSEC_BITS_PER_WORD); 547 } 548 549 bool stm32_bsec_nsec_can_access_otp(uint32_t otp_id) 550 { 551 return otp_id < otp_upper_base() || 552 nsec_access_granted(otp_id - otp_upper_base()); 553 } 554 555 #ifdef CFG_EMBED_DTB 556 static void enable_nsec_access(unsigned int otp_id) 557 { 558 unsigned int idx = (otp_id - otp_upper_base()) / BSEC_BITS_PER_WORD; 559 560 if (otp_id < otp_upper_base()) 561 return; 562 563 if (otp_id > otp_max_id() || stm32_bsec_shadow_register(otp_id)) 564 panic(); 565 566 bsec_dev.nsec_access[idx] |= BIT(otp_id % BSEC_BITS_PER_WORD); 567 } 568 569 static void bsec_dt_otp_nsec_access(void *fdt, int bsec_node) 570 { 571 int bsec_subnode = 0; 572 573 bsec_dev.nsec_access = calloc(nsec_access_array_size(), 574 sizeof(*bsec_dev.nsec_access)); 575 if (!bsec_dev.nsec_access) 576 panic(); 577 578 fdt_for_each_subnode(bsec_subnode, fdt, bsec_node) { 579 const fdt32_t *cuint = NULL; 580 unsigned int otp_id = 0; 581 unsigned int i = 0; 582 size_t size = 0; 583 uint32_t offset = 0; 584 uint32_t length = 0; 585 586 cuint = fdt_getprop(fdt, bsec_subnode, "reg", NULL); 587 assert(cuint); 588 589 offset = fdt32_to_cpu(*cuint); 590 cuint++; 591 length = fdt32_to_cpu(*cuint); 592 593 otp_id = offset / sizeof(uint32_t); 594 595 if (otp_id < STM32MP1_UPPER_OTP_START) { 596 unsigned int otp_end = ROUNDUP(offset + length, 597 sizeof(uint32_t)) / 598 sizeof(uint32_t); 599 600 if (otp_end > STM32MP1_UPPER_OTP_START) { 601 /* 602 * OTP crosses Lower/Upper boundary, consider 603 * only the upper part. 604 */ 605 otp_id = STM32MP1_UPPER_OTP_START; 606 length -= (STM32MP1_UPPER_OTP_START * 607 sizeof(uint32_t)) - offset; 608 offset = STM32MP1_UPPER_OTP_START * 609 sizeof(uint32_t); 610 611 DMSG("OTP crosses Lower/Upper boundary"); 612 } else { 613 continue; 614 } 615 } 616 617 if (!fdt_getprop(fdt, bsec_subnode, "st,non-secure-otp", NULL)) 618 continue; 619 620 if ((offset % sizeof(uint32_t)) || (length % sizeof(uint32_t))) 621 panic("Unaligned non-secure OTP"); 622 623 size = length / sizeof(uint32_t); 624 625 if (otp_id + size > STM32MP1_OTP_MAX_ID) 626 panic("OTP range oversized"); 627 628 for (i = otp_id; i < otp_id + size; i++) 629 enable_nsec_access(i); 630 } 631 } 632 633 static void initialize_bsec_from_dt(void) 634 { 635 void *fdt = NULL; 636 int node = 0; 637 struct dt_node_info bsec_info = { }; 638 639 fdt = get_embedded_dt(); 640 node = fdt_node_offset_by_compatible(fdt, 0, "st,stm32mp15-bsec"); 641 if (node < 0) 642 panic(); 643 644 _fdt_fill_device_info(fdt, &bsec_info, node); 645 646 if (bsec_info.reg != bsec_dev.base.pa || 647 !(bsec_info.status & DT_STATUS_OK_SEC)) 648 panic(); 649 650 bsec_dt_otp_nsec_access(fdt, node); 651 } 652 #else 653 static void initialize_bsec_from_dt(void) 654 { 655 } 656 #endif /*CFG_EMBED_DTB*/ 657 658 static TEE_Result initialize_bsec(void) 659 { 660 struct stm32_bsec_static_cfg cfg = { }; 661 662 stm32mp_get_bsec_static_cfg(&cfg); 663 664 bsec_dev.base.pa = cfg.base; 665 bsec_dev.upper_base = cfg.upper_start; 666 bsec_dev.max_id = cfg.max_id; 667 668 if (IS_ENABLED(CFG_EMBED_DTB)) 669 initialize_bsec_from_dt(); 670 671 return TEE_SUCCESS; 672 } 673 674 early_init(initialize_bsec); 675