As debugger must be totally closed on Sec closed chip,
the DBGMCU_IDC register is no more accessible (self
hosted debug is disabled with OTP).
This patch adds a function bsec_dbgswenable() to check
if the DBGMCU registers are available before to access them:
BSEC_DENABLE.DBGSWENABLE = self hosted debug status.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Add the bsec driver in SPL, as it is needed by SOC part number detection
to found the supported OPP.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Activate ARCH_SUPPORT_TFABOOT and replace the arch stm32mp
specific config CONFIG_STM32MP1_TRUSTED by the generic CONFIG_TFABOOT
introduced by the commit 535d76a121 ("armv8: layerscape: Add TFABOOT
support").
This config CONFIG_TFABOOT is activated for the trusted boot chain,
when U-Boot is loaded by TF-A.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Add BSEC lock access (read / write) at 0xC0000000 offset of misc driver.
The write access only available for Trusted boot mode, based on new
SMC STM32_SMC_WRLOCK_OTP.
With the fuse command, the permanent lock status is accessed with
0x10000000 offset (0xC0000000 - 0x8000000 for OTP sense/program
divided by u32 size), for example:
Read lock status of fuse 57 (0x39)
STM32MP> fuse sense 0 0x10000039 1
Sensing bank 0:
Word 0x10000039: 00000000
Set permanent lock of fuse 57 (0x39)
STM32MP> fuse prog 0 0x10000039 1
Sensing bank 0:
Word 0x10000039: 00000000
WARNING: the OTP lock is updated only after reboot
WARING: Programming lock or fuses is an irreversible operation!
This may brick your system.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Patrice Chotard <patrice.chotard@st.com>
Remove the test offs < 0 , as offs is unsigned.
This patch solves the warnings when compiling with W=1
on stm32mp1 board:
In function ‘stm32mp_bsec_read’:
arch/arm/mach-stm32mp/bsec.c:368:11: warning:
comparison of unsigned expression < 0 is always false [-Wtype-limits]
368 | if (offs < 0 || (offs % 4) || (size % 4))
| ^
In function ‘stm32mp_bsec_write’:
arch/arm/mach-stm32mp/bsec.c:405:11: warning:
comparison of unsigned expression < 0 is always false [-Wtype-limits]
405 | if (offs < 0 || (offs % 4) || (size % 4))
| ^
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Patrice Chotard <patrice.chotard@st.com>
Since the commit 8729b1ae2c ("misc: Update read() and
write() methods to return bytes xfered"); The misc bsec driver
need to be adapted to reflect the number of transferred bytes.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
This patch solves the following warnings:
arch/arm/mach-stm32mp/bsec.c: In function 'stm32mp_bsec_read':
warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
if (offset >= STM32_BSEC_OTP_OFFSET) {
^~
arch/arm/mach-stm32mp/bsec.c: In function 'stm32mp_bsec_write':
warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
if (offset >= STM32_BSEC_OTP_OFFSET) {
^~
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
As BSEC is secure aware, all register access need to be done
by TF-A for TRUSTED boot chain, when U-Boot is executed in
normal world.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
When a driver declares DM_FLAG_PRE_RELOC flag, it wishes to be
bound before relocation. However due to a bug in the DM core,
the flag only takes effect when devices are statically declared
via U_BOOT_DEVICE(). This bug has been fixed recently by commit
"dm: core: Respect drivers with the DM_FLAG_PRE_RELOC flag in
lists_bind_fdt()", but with the fix, it has a side effect that
all existing drivers that declared DM_FLAG_PRE_RELOC flag will
be bound before relocation now. This may expose potential boot
failure on some boards due to insufficient memory during the
pre-relocation stage.
To mitigate this potential impact, the following changes are
implemented:
- Remove DM_FLAG_PRE_RELOC flag in the driver, if the driver
only supports configuration from device tree (OF_CONTROL)
- Keep DM_FLAG_PRE_RELOC flag in the driver only if the device
is statically declared via U_BOOT_DEVICE()
- Surround DM_FLAG_PRE_RELOC flag with OF_CONTROL check, for
drivers that support both statically declared devices and
configuration from device tree
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@st.com>
Add a MISC driver with read and write access to BSEC IP
(Boot and Security and OTP control)
- offset 0: shadowed values
- offset 0x80000000: OTP fuse box values (SAFMEM)
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
