mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-05 02:51:00 +00:00
b83c709e8d
Add functions to report the HAB (High Assurance Boot) status of e.g. i.MX6 CPUs. This is taken from git://git.freescale.com/imx/uboot-imx.git branch imx_v2009.08_3.0.35_4.0.0 cpu/arm_cortexa8/mx6/generic.c include/asm-arm/arch-mx6/mx6_secure.h Signed-off-by: Stefano Babic <sbabic@denx.de>
104 lines
2.5 KiB
C
104 lines
2.5 KiB
C
/*
|
|
* Copyright (C) 2010-2013 Freescale Semiconductor, Inc.
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
*/
|
|
|
|
#include <common.h>
|
|
#include <asm/io.h>
|
|
#include <asm/arch/hab.h>
|
|
|
|
/* -------- start of HAB API updates ------------*/
|
|
#define hab_rvt_report_event ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT)
|
|
#define hab_rvt_report_status ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS)
|
|
#define hab_rvt_authenticate_image \
|
|
((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE)
|
|
#define hab_rvt_entry ((hab_rvt_entry_t *)HAB_RVT_ENTRY)
|
|
#define hab_rvt_exit ((hab_rvt_exit_t *)HAB_RVT_EXIT)
|
|
#define hab_rvt_clock_init HAB_RVT_CLOCK_INIT
|
|
|
|
bool is_hab_enabled(void)
|
|
{
|
|
struct ocotp_regs *ocotp = (struct ocotp_regs *)OCOTP_BASE_ADDR;
|
|
struct fuse_bank *bank = &ocotp->bank[0];
|
|
struct fuse_bank0_regs *fuse =
|
|
(struct fuse_bank0_regs *)bank->fuse_regs;
|
|
uint32_t reg = readl(&fuse->cfg5);
|
|
|
|
return (reg & 0x2) == 0x2;
|
|
}
|
|
|
|
void display_event(uint8_t *event_data, size_t bytes)
|
|
{
|
|
uint32_t i;
|
|
|
|
if (!(event_data && bytes > 0))
|
|
return;
|
|
|
|
for (i = 0; i < bytes; i++) {
|
|
if (i == 0)
|
|
printf("\t0x%02x", event_data[i]);
|
|
else if ((i % 8) == 0)
|
|
printf("\n\t0x%02x", event_data[i]);
|
|
else
|
|
printf(" 0x%02x", event_data[i]);
|
|
}
|
|
}
|
|
|
|
int get_hab_status(void)
|
|
{
|
|
uint32_t index = 0; /* Loop index */
|
|
uint8_t event_data[128]; /* Event data buffer */
|
|
size_t bytes = sizeof(event_data); /* Event size in bytes */
|
|
enum hab_config config = 0;
|
|
enum hab_state state = 0;
|
|
|
|
if (is_hab_enabled())
|
|
puts("\nSecure boot enabled\n");
|
|
else
|
|
puts("\nSecure boot disabled\n");
|
|
|
|
/* Check HAB status */
|
|
if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) {
|
|
printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
|
|
config, state);
|
|
|
|
/* Display HAB Error events */
|
|
while (hab_rvt_report_event(HAB_FAILURE, index, event_data,
|
|
&bytes) == HAB_SUCCESS) {
|
|
puts("\n");
|
|
printf("--------- HAB Event %d -----------------\n",
|
|
index + 1);
|
|
puts("event data:\n");
|
|
display_event(event_data, bytes);
|
|
puts("\n");
|
|
bytes = sizeof(event_data);
|
|
index++;
|
|
}
|
|
}
|
|
/* Display message if no HAB events are found */
|
|
else {
|
|
printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n",
|
|
config, state);
|
|
puts("No HAB Events Found!\n\n");
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
|
|
{
|
|
if ((argc != 1)) {
|
|
cmd_usage(cmdtp);
|
|
return 1;
|
|
}
|
|
|
|
get_hab_status();
|
|
|
|
return 0;
|
|
}
|
|
|
|
U_BOOT_CMD(
|
|
hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status,
|
|
"display HAB status",
|
|
""
|
|
);
|