xref: /optee_os/core/include/drivers/stm32_bsec.h (revision 1ff52b85d531fb7eedaa50e62801a12024b8c695) 
1 /* SPDX-License-Identifier: BSD-3-Clause */
2 /*
3  * Copyright (c) 2017-2020, STMicroelectronics
4  */
5 
6 #ifndef __STM32_BSEC_H
7 #define __STM32_BSEC_H
8 
9 #include <compiler.h>
10 #include <stdint.h>
11 #include <tee_api.h>
12 
13 /* BSEC_DEBUG */
14 #define BSEC_HDPEN			BIT(4)
15 #define BSEC_SPIDEN			BIT(5)
16 #define BSEC_SPINDEN			BIT(6)
17 #define BSEC_DBGSWGEN			BIT(10)
18 #define BSEC_DEBUG_ALL			(BSEC_HDPEN | \
19 					 BSEC_SPIDEN | \
20 					 BSEC_SPINDEN | \
21 					 BSEC_DBGSWGEN)
22 
23 #define BSEC_BITS_PER_WORD		(8U * sizeof(uint32_t))
24 #define BSEC_BYTES_PER_WORD		sizeof(uint32_t)
25 
26 /*
27  * Load OTP from SAFMEM and provide its value
28  * @value: Output read value
29  * @otp_id: OTP number
30  * Return a TEE_Result compliant return value
31  */
32 TEE_Result stm32_bsec_shadow_read_otp(uint32_t *value, uint32_t otp_id);
33 
34 /*
35  * Copy SAFMEM OTP to BSEC data.
36  * @otp_id: OTP number.
37  * Return a TEE_Result compliant return value
38  */
39 TEE_Result stm32_bsec_shadow_register(uint32_t otp_id);
40 
41 /*
42  * Read an OTP data value
43  * @value: Output read value
44  * @otp_id: OTP number
45  * Return a TEE_Result compliant return value
46  */
47 TEE_Result stm32_bsec_read_otp(uint32_t *value, uint32_t otp_id);
48 
49 /*
50  * Write value in BSEC data register
51  * @value: Value to write
52  * @otp_id: OTP number
53  * Return a TEE_Result compliant return value
54  */
55 TEE_Result stm32_bsec_write_otp(uint32_t value, uint32_t otp_id);
56 
57 /*
58  * Program a bit in SAFMEM without BSEC data refresh
59  * @value: Value to program.
60  * @otp_id: OTP number.
61  * Return a TEE_Result compliant return value
62  */
63 #ifdef CFG_STM32_BSEC_WRITE
64 TEE_Result stm32_bsec_program_otp(uint32_t value, uint32_t otp_id);
65 #else
66 static inline TEE_Result stm32_bsec_program_otp(uint32_t value __unused,
67 						uint32_t otp_id __unused)
68 {
69 	return TEE_ERROR_NOT_SUPPORTED;
70 }
71 #endif
72 
73 /*
74  * Permanent lock of OTP in SAFMEM
75  * @otp_id: OTP number
76  * Return a TEE_Result compliant return value
77  */
78 TEE_Result stm32_bsec_permanent_lock_otp(uint32_t otp_id);
79 
80 /*
81  * Enable/disable debug service
82  * @value: Value to write
83  * Return a TEE_Result compliant return value
84  */
85 #ifdef CFG_STM32_BSEC_WRITE
86 TEE_Result stm32_bsec_write_debug_conf(uint32_t value);
87 #else
88 static inline TEE_Result stm32_bsec_write_debug_conf(uint32_t value __unused)
89 {
90 	return TEE_ERROR_NOT_SUPPORTED;
91 }
92 #endif
93 
94 /* Return debug configuration read from BSEC */
95 uint32_t stm32_bsec_read_debug_conf(void);
96 
97 /*
98  * Write shadow-read lock
99  * @otp_id: OTP number
100  * Return a TEE_Result compliant return value
101  */
102 TEE_Result stm32_bsec_set_sr_lock(uint32_t otp_id);
103 
104 /*
105  * Read shadow-read lock
106  * @otp_id: OTP number
107  * @locked: (out) true if shadow-read is locked, false if not locked.
108  * Return a TEE_Result compliant return value
109  */
110 TEE_Result stm32_bsec_read_sr_lock(uint32_t otp_id, bool *locked);
111 
112 /*
113  * Write shadow-write lock
114  * @otp_id: OTP number
115  * Return a TEE_Result compliant return value
116  */
117 TEE_Result stm32_bsec_set_sw_lock(uint32_t otp_id);
118 
119 /*
120  * Read shadow-write lock
121  * @otp_id: OTP number
122  * @locked: (out) true if shadow-write is locked, false if not locked.
123  * Return a TEE_Result compliant return value
124  */
125 TEE_Result stm32_bsec_read_sw_lock(uint32_t otp_id, bool *locked);
126 
127 /*
128  * Write shadow-program lock
129  * @otp_id: OTP number
130  * Return a TEE_Result compliant return value
131  */
132 TEE_Result stm32_bsec_set_sp_lock(uint32_t otp_id);
133 
134 /*
135  * Read shadow-program lock
136  * @otp_id: OTP number
137  * @locked: (out) true if shadow-program is locked, false if not locked.
138  * Return a TEE_Result compliant return value
139  */
140 TEE_Result stm32_bsec_read_sp_lock(uint32_t otp_id, bool *locked);
141 
142 /*
143  * Read permanent lock status
144  * @otp_id: OTP number
145  * @locked: (out) true if permanent lock is locked, false if not locked.
146  * Return a TEE_Result compliant return value
147  */
148 TEE_Result stm32_bsec_read_permanent_lock(uint32_t otp_id, bool *locked);
149 
150 /*
151  * Lock Upper OTP or Global programming or debug enable
152  * @service: Service to lock, see header file
153  * Return a TEE_Result compliant return value
154  */
155 TEE_Result stm32_bsec_otp_lock(uint32_t service);
156 
157 /*
158  * Return true if non-secure world is allowed to read the target OTP
159  * @otp_id: OTP number
160  */
161 bool stm32_bsec_nsec_can_access_otp(uint32_t otp_id);
162 
163 #endif /*__STM32_BSEC_H*/
164