From patchwork Wed Apr 22 13:52:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peng Fan X-Patchwork-Id: 1275059 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.a=rsa-sha256 header.s=selector2 header.b=FCMB54JF; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 496hLn1G2Gz9sSm for ; Wed, 22 Apr 2020 23:37:21 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 469B381CAE; Wed, 22 Apr 2020 15:34:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="FCMB54JF"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2EA2B81C91; Wed, 22 Apr 2020 15:31:37 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FORGED_SPF_HELO,MSGID_FROM_MTA_HEADER, SPF_HELO_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.2 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20611.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::611]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 1520781C76 for ; Wed, 22 Apr 2020 15:30:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=peng.fan@nxp.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dURXelji5jHZiKybJpu+r34p+qwKeaeiieR76ySK60TEjOHxEoR+FWeHfvlkxI3u6bfrSZp6EqJhL4KmKNK83jmTBe9N8Qynk+rFd6V9TAkiOyDJIZR1V0XtnfnX87r49iCRqmFwTxe2jICmq4mBsKAYuDq6EcxMrZX1S8WVOoPqAkXRI+wELZusATKCXTkmK9/px8TvlGytBl1Pv5aDrSLGP37tP73Wy8ZqbrwftIZKba5GpUFgmT1UyN1GhCeLuIfD42NqdeDC4ZOxGqWl97RXrcrKefovWqkqB4sL0nN4E/dSnbmaqo2diM6y74YoUEGe12SI1WeLx/VpGy3Wxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UoPzEIfd01Zfypf4bRdcKHJ5+x4PQ/cNswof3IkqXPk=; b=htjpNNvcz4MN05cExPRBF+V7f1+Z7P/ZrssQshxqqhI8npg7FAdoPxWGaMy7b2d0hDIejDu9ifjKnON/L08aeBfTWO+VmBr3ehdEQR60cPZ61EN0M8zDn+CwGJMYKQ7J1NdhBfKP8oqxgpLtRLwl042epEM4kBZwddrclIjDun1a1+DJB9lGXd4wnISSPWIZAd6a1CGRL8Lsf3LMCK7PlYaTMXsMzfZ19/cyekY3JjvAjWSQu1AbkBzavTznlrDTDLkzV51TWcZHLpE83PKnTxyWa4Rc9ZkEAdQOSzbEjFvjQooK2qSmIsOZPQQ5GLrVEUSPC/3NxCTL8O0JNk/HuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UoPzEIfd01Zfypf4bRdcKHJ5+x4PQ/cNswof3IkqXPk=; b=FCMB54JFTojPztTYDXo3ymZ6OwZIjqE2Tt1uhumgyg7vS/JGJAYiBTe9ZpMPgBskw9obj2e2062B6B2nhcWXlnxeQdVy4lobKCi7S8Cs96cdvpVu8f3shDIkxMHhPiNAMDNtWeMJhMjVXgjS7pxBDjNLo1G6hkhlrZcgQxJ49TQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=peng.fan@nxp.com; Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com (2603:10a6:4:a1::14) by DB6PR0402MB2773.eurprd04.prod.outlook.com (2603:10a6:4:94::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.29; Wed, 22 Apr 2020 13:30:42 +0000 Received: from DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::d17b:d767:19c3:b871]) by DB6PR0402MB2760.eurprd04.prod.outlook.com ([fe80::d17b:d767:19c3:b871%6]) with mapi id 15.20.2921.030; Wed, 22 Apr 2020 13:30:42 +0000 From: Peng Fan To: sbabic@denx.de, festevam@gmail.com Cc: u-boot@lists.denx.de Subject: [PATCH 24/24] imx8: Configure SNVS Date: Wed, 22 Apr 2020 21:52:35 +0800 Message-Id: <20200422135235.14756-24-peng.fan@nxp.com> X-Mailer: git-send-email 2.16.4 In-Reply-To: <20200422135235.14756-1-peng.fan@nxp.com> References: <20200422135235.14756-1-peng.fan@nxp.com> X-ClientProxiedBy: SG2PR06CA0190.apcprd06.prod.outlook.com (2603:1096:4:1::22) To DB6PR0402MB2760.eurprd04.prod.outlook.com (2603:10a6:4:a1::14) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from linux-ljuv.ap.freescale.net (119.31.174.71) by SG2PR06CA0190.apcprd06.prod.outlook.com (2603:1096:4:1::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13 via Frontend Transport; Wed, 22 Apr 2020 13:30:40 +0000 X-Mailer: git-send-email 2.16.4 X-Originating-IP: [119.31.174.71] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 9d4c7e2b-3448-48cb-ad1c-08d7e6c15abf X-MS-TrafficTypeDiagnostic: DB6PR0402MB2773: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1148; X-Forefront-PRVS: 03818C953D X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR0402MB2760.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(396003)(39860400002)(346002)(366004)(376002)(136003)(16526019)(2616005)(44832011)(52116002)(66946007)(186003)(8676002)(6666004)(30864003)(956004)(86362001)(1076003)(5660300002)(2906002)(8936002)(36756003)(6486002)(81156014)(478600001)(316002)(6506007)(26005)(6512007)(66476007)(66556008)(4326008); DIR:OUT; SFP:1101; Received-SPF: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZoYvBnjuzy7BHa1hzTjr/HjbfIVsVE8V5ByYXV0COzV2IOkk/py4lC9ziRFM0+HiTQJ1a2GkYU8cmB5y85/gvzaTFJ2Ji8Ze4rvXMGUPapV1XbX0VWQzBXr7OBPevqOUuqnjuwRtHVcSyt8HqLxjIgxUp4JWFdM0Epxnhcqe1WmT2xjjzyPAsD+hFBonKLPzfd7CopESzadPs9bbdnRcy2YTwX0ubIP0jGy+W0gLLFaU9k2+dNsNHoZJZPnSNsa6V1tnqTXfSzmtWxK7ooz7sVlLUOc3XLUEubj357SrOUzZElRt7eDrL9Mx5iOFurXt85hLc/rifjM7JYDA4Z//kEwBXRYvngg7lvE6m7EvRWtXiZwF1JKHb1JGQQbVVlVGASLCd82WhxYsLHYAx4Q+0oq5LNftbBXwGuOwqVkRZRi3J24Vj5/Qd3g8UWSqECa6 X-MS-Exchange-AntiSpam-MessageData: oG2ZrTBh5jXkjH9/88pefktNrxQ5TBrtZq/u98WBeJjx9cVyUeAIJo267XQN3Exsgw4ifU/Y6TLw1VAc96t0JG4LFbInHJDCS4knIdTFeeZvDO2EQBcucIksFpOeQ99cptbKinXmstf2vKSak33VJg== X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9d4c7e2b-3448-48cb-ad1c-08d7e6c15abf X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2020 13:30:42.6640 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: w74/SIq9iwLTN+O3t/5FEOW6JVVZ3Xi9uTPOF/BRBEixhe4aQe9v2ONdBkVBjResIzY9PbSqKW57Dyiu7gYZAA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0402MB2773 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.30rc1 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.2 at phobos.denx.de X-Virus-Status: Clean From: Franck LENORMAND Add a module to configure the tamper and secure violation of the SNVS using the SCU API. The module also adds some commands: - snvs_cfg: Configure the SNVS HP and LP registers - snvs_dgo_cfg: Configure the SNVS DGO bloc if present (8QXP) - tamper_pin_cfg: Change the configuration of the tamper pins - snvs_clear_status: Allow to write to LPSR and LPTDSR to clear status bits Signed-off-by: Franck LENORMAND Signed-off-by: Ye Li Signed-off-by: Peng Fan --- arch/arm/include/asm/arch-imx8/sci/sci.h | 4 + arch/arm/include/asm/arch-imx8/snvs_security_sc.h | 11 + arch/arm/mach-imx/imx8/Kconfig | 13 + arch/arm/mach-imx/imx8/Makefile | 1 + arch/arm/mach-imx/imx8/snvs_security_sc.c | 923 ++++++++++++++++++++++ board/freescale/imx8qxp_mek/imx8qxp_mek.c | 10 + drivers/misc/imx8/scu_api.c | 72 +- 7 files changed, 1030 insertions(+), 4 deletions(-) create mode 100644 arch/arm/include/asm/arch-imx8/snvs_security_sc.h create mode 100644 arch/arm/mach-imx/imx8/snvs_security_sc.c diff --git a/arch/arm/include/asm/arch-imx8/sci/sci.h b/arch/arm/include/asm/arch-imx8/sci/sci.h index 179037ae17..05f736f14f 100644 --- a/arch/arm/include/asm/arch-imx8/sci/sci.h +++ b/arch/arm/include/asm/arch-imx8/sci/sci.h @@ -109,6 +109,7 @@ int sc_rm_get_resource_owner(sc_ipc_t ipc, sc_rsrc_t resource, /* PAD API */ int sc_pad_set(sc_ipc_t ipc, sc_pad_t pad, u32 val); +int sc_pad_get(sc_ipc_t ipc, sc_pad_t pad, uint32_t *val); /* SMMU API */ int sc_rm_set_master_sid(sc_ipc_t ipc, sc_rsrc_t resource, sc_rm_sid_t sid); @@ -128,5 +129,8 @@ int sc_seco_update_mpmr(sc_ipc_t ipc, sc_faddr_t addr, u8 size, u8 lock); int sc_seco_get_mp_sign(sc_ipc_t ipc, sc_faddr_t msg_addr, u16 msg_size, sc_faddr_t dst_addr, u16 dst_size); int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data); +int sc_seco_secvio_config(sc_ipc_t ipc, u8 id, u8 access, + u32 *data0, u32 *data1, u32 *data2, u32 *data3, + u32 *data4, u8 size); #endif diff --git a/arch/arm/include/asm/arch-imx8/snvs_security_sc.h b/arch/arm/include/asm/arch-imx8/snvs_security_sc.h new file mode 100644 index 0000000000..0b7ded7ba6 --- /dev/null +++ b/arch/arm/include/asm/arch-imx8/snvs_security_sc.h @@ -0,0 +1,11 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2018 NXP + */ + +#ifndef _SNVS_SECURITY_SC_H +#define _SNVS_SECURITY_SC_H + +int snvs_security_sc_init(void); + +#endif /* _SNVS_SECURITY_SC_H */ diff --git a/arch/arm/mach-imx/imx8/Kconfig b/arch/arm/mach-imx/imx8/Kconfig index 5827ab334f..1f8add015f 100644 --- a/arch/arm/mach-imx/imx8/Kconfig +++ b/arch/arm/mach-imx/imx8/Kconfig @@ -90,4 +90,17 @@ source "board/toradex/apalis-imx8/Kconfig" source "board/toradex/colibri-imx8x/Kconfig" source "board/siemens/capricorn/Kconfig" +config IMX_SNVS_SEC_SC + bool "Support SNVS configuration" + help + Allow to configure the SNVS via SCU API to configure tampers and secure + violation. + +config IMX_SNVS_SEC_SC_AUTO + bool "Support SNVS configuration command" + depends on IMX_SNVS_SEC_SC + help + This configuration will apply the selected configurations automatically + at boot. + endif diff --git a/arch/arm/mach-imx/imx8/Makefile b/arch/arm/mach-imx/imx8/Makefile index 7ffb7e95b2..bbb41adbe4 100644 --- a/arch/arm/mach-imx/imx8/Makefile +++ b/arch/arm/mach-imx/imx8/Makefile @@ -11,3 +11,4 @@ obj-$(CONFIG_AHAB_BOOT) += ahab.o ifdef CONFIG_SPL_BUILD obj-$(CONFIG_SPL_LOAD_IMX_CONTAINER) += image.o parse-container.o endif +obj-$(CONFIG_IMX_SNVS_SEC_SC) += snvs_security_sc.o diff --git a/arch/arm/mach-imx/imx8/snvs_security_sc.c b/arch/arm/mach-imx/imx8/snvs_security_sc.c new file mode 100644 index 0000000000..73f5651161 --- /dev/null +++ b/arch/arm/mach-imx/imx8/snvs_security_sc.c @@ -0,0 +1,923 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2019-2020 NXP. + */ + +/* + * Configuration of the Tamper pins in different mode: + * - default (no tamper pins): _default_ + * - passive mode expecting VCC on the line: "_passive_vcc_" + * - passive mode expecting VCC on the line: "_passive_gnd_" + * - active mode: "_active_" + */ + +#include +#include +#include +#include +#include +#include +#include + +/* Access to gd */ +DECLARE_GLOBAL_DATA_PTR; + +#define SC_WRITE_CONF 1 + +#define PGD_HEX_VALUE 0x41736166 +#define SRTC_EN 0x1 +#define DP_EN BIT(5) + +struct snvs_security_sc_conf { + struct snvs_hp_conf { + u32 lock; /* HPLR - HP Lock */ + u32 __cmd; /* HPCOMR - HP Command */ + u32 __ctl; /* HPCR - HP Control */ + u32 secvio_intcfg; /* HPSICR - Security Violation Int + * Config + */ + u32 secvio_ctl; /* HPSVCR - Security Violation Control*/ + u32 status; /* HPSR - HP Status */ + u32 secvio_status; /* HPSVSR - Security Violation Status */ + u32 __ha_counteriv; /* High Assurance Counter IV */ + u32 __ha_counter; /* High Assurance Counter */ + u32 __rtc_msb; /* Real Time Clock/Counter MSB */ + u32 __rtc_lsb; /* Real Time Counter LSB */ + u32 __time_alarm_msb; /* Time Alarm MSB */ + u32 __time_alarm_lsb; /* Time Alarm LSB */ + } hp; + struct snvs_lp_conf { + u32 lock; + u32 __ctl; + u32 __mstr_key_ctl; /* Master Key Control */ + u32 secvio_ctl; /* Security Violation Control */ + u32 tamper_filt_cfg; /* Tamper Glitch Filters Configuration*/ + u32 tamper_det_cfg; /* Tamper Detectors Configuration */ + u32 status; + u32 __srtc_msb; /* Secure Real Time Clock/Counter MSB */ + u32 __srtc_lsb; /* Secure Real Time Clock/Counter LSB */ + u32 __time_alarm; /* Time Alarm */ + u32 __smc_msb; /* Secure Monotonic Counter MSB */ + u32 __smc_lsb; /* Secure Monotonic Counter LSB */ + u32 __pwr_glitch_det; /* Power Glitch Detector */ + u32 __gen_purpose; + u8 __zmk[32]; /* Zeroizable Master Key */ + u32 __rsvd0; + u32 __gen_purposes[4]; /* gp0_30 to gp0_33 */ + u32 tamper_det_cfg2; /* Tamper Detectors Configuration2 */ + u32 tamper_det_status; /* Tamper Detectors status */ + u32 tamper_filt1_cfg; /* Tamper Glitch Filter1 Configuration*/ + u32 tamper_filt2_cfg; /* Tamper Glitch Filter2 Configuration*/ + u32 __rsvd1[4]; + u32 act_tamper1_cfg; /* Active Tamper1 Configuration */ + u32 act_tamper2_cfg; /* Active Tamper2 Configuration */ + u32 act_tamper3_cfg; /* Active Tamper3 Configuration */ + u32 act_tamper4_cfg; /* Active Tamper4 Configuration */ + u32 act_tamper5_cfg; /* Active Tamper5 Configuration */ + u32 __rsvd2[3]; + u32 act_tamper_ctl; /* Active Tamper Control */ + u32 act_tamper_clk_ctl; /* Active Tamper Clock Control */ + u32 act_tamper_routing_ctl1;/* Active Tamper Routing Control1 */ + u32 act_tamper_routing_ctl2;/* Active Tamper Routing Control2 */ + } lp; +}; + +static struct snvs_security_sc_conf snvs_default_config = { + .hp = { + .lock = 0x1f0703ff, + .secvio_ctl = 0x3000007f, + }, + .lp = { + .lock = 0x1f0003ff, + .secvio_ctl = 0x36, + .tamper_filt_cfg = 0, + .tamper_det_cfg = 0x76, /* analogic tampers + * + rollover tampers + */ + .tamper_det_cfg2 = 0, + .tamper_filt1_cfg = 0, + .tamper_filt2_cfg = 0, + .act_tamper1_cfg = 0, + .act_tamper2_cfg = 0, + .act_tamper3_cfg = 0, + .act_tamper4_cfg = 0, + .act_tamper5_cfg = 0, + .act_tamper_ctl = 0, + .act_tamper_clk_ctl = 0, + .act_tamper_routing_ctl1 = 0, + .act_tamper_routing_ctl2 = 0, + } +}; + +static struct snvs_security_sc_conf snvs_passive_vcc_config = { + .hp = { + .lock = 0x1f0703ff, + .secvio_ctl = 0x3000007f, + }, + .lp = { + .lock = 0x1f0003ff, + .secvio_ctl = 0x36, + .tamper_filt_cfg = 0, + .tamper_det_cfg = 0x276, /* ET1 will trig on line at GND + * + analogic tampers + * + rollover tampers + */ + .tamper_det_cfg2 = 0, + .tamper_filt1_cfg = 0, + .tamper_filt2_cfg = 0, + .act_tamper1_cfg = 0, + .act_tamper2_cfg = 0, + .act_tamper3_cfg = 0, + .act_tamper4_cfg = 0, + .act_tamper5_cfg = 0, + .act_tamper_ctl = 0, + .act_tamper_clk_ctl = 0, + .act_tamper_routing_ctl1 = 0, + .act_tamper_routing_ctl2 = 0, + } +}; + +static struct snvs_security_sc_conf snvs_passive_gnd_config = { + .hp = { + .lock = 0x1f0703ff, + .secvio_ctl = 0x3000007f, + }, + .lp = { + .lock = 0x1f0003ff, + .secvio_ctl = 0x36, + .tamper_filt_cfg = 0, + .tamper_det_cfg = 0xa76, /* ET1 will trig on line at VCC + * + analogic tampers + * + rollover tampers + */ + .tamper_det_cfg2 = 0, + .tamper_filt1_cfg = 0, + .tamper_filt2_cfg = 0, + .act_tamper1_cfg = 0, + .act_tamper2_cfg = 0, + .act_tamper3_cfg = 0, + .act_tamper4_cfg = 0, + .act_tamper5_cfg = 0, + .act_tamper_ctl = 0, + .act_tamper_clk_ctl = 0, + .act_tamper_routing_ctl1 = 0, + .act_tamper_routing_ctl2 = 0, + } +}; + +static struct snvs_security_sc_conf snvs_active_config = { + .hp = { + .lock = 0x1f0703ff, + .secvio_ctl = 0x3000007f, + }, + .lp = { + .lock = 0x1f0003ff, + .secvio_ctl = 0x36, + .tamper_filt_cfg = 0x00800000, /* Enable filtering */ + .tamper_det_cfg = 0x276, /* ET1 enabled + analogic tampers + * + rollover tampers + */ + .tamper_det_cfg2 = 0, + .tamper_filt1_cfg = 0, + .tamper_filt2_cfg = 0, + .act_tamper1_cfg = 0x84001111, + .act_tamper2_cfg = 0, + .act_tamper3_cfg = 0, + .act_tamper4_cfg = 0, + .act_tamper5_cfg = 0, + .act_tamper_ctl = 0x00010001, + .act_tamper_clk_ctl = 0, + .act_tamper_routing_ctl1 = 0x1, + .act_tamper_routing_ctl2 = 0, + } +}; + +static struct snvs_security_sc_conf *get_snvs_config(void) +{ + return &snvs_default_config; +} + +struct snvs_dgo_conf { + u32 tamper_offset_ctl; + u32 tamper_pull_ctl; + u32 tamper_ana_test_ctl; + u32 tamper_sensor_trim_ctl; + u32 tamper_misc_ctl; + u32 tamper_core_volt_mon_ctl; +}; + +static struct snvs_dgo_conf snvs_dgo_default_config = { + .tamper_misc_ctl = 0x80000000, /* Lock the DGO */ +}; + +static struct snvs_dgo_conf snvs_dgo_passive_vcc_config = { + .tamper_misc_ctl = 0x80000000, /* Lock the DGO */ + .tamper_pull_ctl = 0x00000001, /* Pull down ET1 */ + .tamper_ana_test_ctl = 0x20000000, /* Enable tamper */ +}; + +static struct snvs_dgo_conf snvs_dgo_passive_gnd_config = { + .tamper_misc_ctl = 0x80000000, /* Lock the DGO */ + .tamper_pull_ctl = 0x00000401, /* Pull up ET1 */ + .tamper_ana_test_ctl = 0x20000000, /* Enable tamper */ +}; + +static struct snvs_dgo_conf snvs_dgo_active_config = { + .tamper_misc_ctl = 0x80000000, /* Lock the DGO */ + .tamper_ana_test_ctl = 0x20000000, /* Enable tamper */ +}; + +static struct snvs_dgo_conf *get_snvs_dgo_config(void) +{ + return &snvs_dgo_default_config; +} + +struct tamper_pin_cfg { + u32 pad; + u32 mux_conf; +}; + +static struct tamper_pin_cfg tamper_pin_list_default_config[] = { + {SC_P_CSI_D00, 0}, /* Tamp_Out0 */ + {SC_P_CSI_D01, 0}, /* Tamp_Out1 */ + {SC_P_CSI_D02, 0}, /* Tamp_Out2 */ + {SC_P_CSI_D03, 0}, /* Tamp_Out3 */ + {SC_P_CSI_D04, 0}, /* Tamp_Out4 */ + {SC_P_CSI_D05, 0}, /* Tamp_In0 */ + {SC_P_CSI_D06, 0}, /* Tamp_In1 */ + {SC_P_CSI_D07, 0}, /* Tamp_In2 */ + {SC_P_CSI_HSYNC, 0}, /* Tamp_In3 */ + {SC_P_CSI_VSYNC, 0}, /* Tamp_In4 */ +}; + +static struct tamper_pin_cfg tamper_pin_list_passive_vcc_config[] = { + {SC_P_CSI_D05, 0x1c000060}, /* Tamp_In0 */ /* Sel tamper + OD input */ +}; + +static struct tamper_pin_cfg tamper_pin_list_passive_gnd_config[] = { + {SC_P_CSI_D05, 0x1c000060}, /* Tamp_In0 */ /* Sel tamper + OD input */ +}; + +static struct tamper_pin_cfg tamper_pin_list_active_config[] = { + {SC_P_CSI_D00, 0x1a000060}, /* Tamp_Out0 */ /* Sel tamper + OD */ + {SC_P_CSI_D05, 0x1c000060}, /* Tamp_In0 */ /* Sel tamper + OD input */ +}; + +#define TAMPER_PIN_LIST_CHOSEN tamper_pin_list_default_config + +static struct tamper_pin_cfg *get_tamper_pin_cfg_list(u32 *size) +{ + *size = sizeof(TAMPER_PIN_LIST_CHOSEN) / + sizeof(TAMPER_PIN_LIST_CHOSEN[0]); + + return TAMPER_PIN_LIST_CHOSEN; +} + +#define SC_CONF_OFFSET_OF(_field) \ + (offsetof(struct snvs_security_sc_conf, _field)) + +static u32 ptr_value(u32 *_p) +{ + return (_p) ? *_p : 0xdeadbeef; +} + +static int check_write_secvio_config(u32 id, u32 *_p1, u32 *_p2, + u32 *_p3, u32 *_p4, u32 *_p5, + u32 _cnt) +{ + int scierr = 0; + u32 d1 = ptr_value(_p1); + u32 d2 = ptr_value(_p2); + u32 d3 = ptr_value(_p3); + u32 d4 = ptr_value(_p4); + u32 d5 = ptr_value(_p5); + + scierr = sc_seco_secvio_config(-1, id, SC_WRITE_CONF, &d1, &d2, &d3, + &d4, &d4, _cnt); + if (scierr != SC_ERR_NONE) { + printf("Failed to set secvio configuration\n"); + debug("Failed to set conf id 0x%x with values ", id); + debug("0x%.8x 0x%.8x 0x%.8x 0x%.8x 0x%.8x (cnt: %d)\n", + d1, d2, d3, d4, d5, _cnt); + goto exit; + } + + if (_p1) + *(u32 *)_p1 = d1; + if (_p2) + *(u32 *)_p2 = d2; + if (_p3) + *(u32 *)_p3 = d3; + if (_p4) + *(u32 *)_p4 = d4; + if (_p5) + *(u32 *)_p5 = d5; + +exit: + return scierr; +} + +#define SC_CHECK_WRITE1(id, _p1) \ + check_write_secvio_config(id, _p1, NULL, NULL, NULL, NULL, 1) + +static int apply_snvs_config(struct snvs_security_sc_conf *cnf) +{ + int scierr = 0; + + debug("%s\n", __func__); + + debug("Applying config:\n" + "\thp.lock = 0x%.8x\n" + "\thp.secvio_ctl = 0x%.8x\n" + "\tlp.lock = 0x%.8x\n" + "\tlp.secvio_ctl = 0x%.8x\n" + "\tlp.tamper_filt_cfg = 0x%.8x\n" + "\tlp.tamper_det_cfg = 0x%.8x\n" + "\tlp.tamper_det_cfg2 = 0x%.8x\n" + "\tlp.tamper_filt1_cfg = 0x%.8x\n" + "\tlp.tamper_filt2_cfg = 0x%.8x\n" + "\tlp.act_tamper1_cfg = 0x%.8x\n" + "\tlp.act_tamper2_cfg = 0x%.8x\n" + "\tlp.act_tamper3_cfg = 0x%.8x\n" + "\tlp.act_tamper4_cfg = 0x%.8x\n" + "\tlp.act_tamper5_cfg = 0x%.8x\n" + "\tlp.act_tamper_ctl = 0x%.8x\n" + "\tlp.act_tamper_clk_ctl = 0x%.8x\n" + "\tlp.act_tamper_routing_ctl1 = 0x%.8x\n" + "\tlp.act_tamper_routing_ctl2 = 0x%.8x\n", + cnf->hp.lock, + cnf->hp.secvio_ctl, + cnf->lp.lock, + cnf->lp.secvio_ctl, + cnf->lp.tamper_filt_cfg, + cnf->lp.tamper_det_cfg, + cnf->lp.tamper_det_cfg2, + cnf->lp.tamper_filt1_cfg, + cnf->lp.tamper_filt2_cfg, + cnf->lp.act_tamper1_cfg, + cnf->lp.act_tamper2_cfg, + cnf->lp.act_tamper3_cfg, + cnf->lp.act_tamper4_cfg, + cnf->lp.act_tamper5_cfg, + cnf->lp.act_tamper_ctl, + cnf->lp.act_tamper_clk_ctl, + cnf->lp.act_tamper_routing_ctl1, + cnf->lp.act_tamper_routing_ctl2); + + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.tamper_filt_cfg), + &cnf->lp.tamper_filt_cfg, + &cnf->lp.tamper_filt1_cfg, + &cnf->lp.tamper_filt2_cfg, NULL, + NULL, 3); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Configure AT */ + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.act_tamper1_cfg), + &cnf->lp.act_tamper1_cfg, + &cnf->lp.act_tamper2_cfg, + &cnf->lp.act_tamper2_cfg, + &cnf->lp.act_tamper2_cfg, + &cnf->lp.act_tamper2_cfg, 5); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Configure AT routing */ + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.act_tamper_routing_ctl1), + &cnf->lp.act_tamper_routing_ctl1, + &cnf->lp.act_tamper_routing_ctl2, + NULL, NULL, NULL, 2); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Configure AT frequency */ + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(lp.act_tamper_clk_ctl), + &cnf->lp.act_tamper_clk_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Activate the ATs */ + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(lp.act_tamper_ctl), + &cnf->lp.act_tamper_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Activate the detectors */ + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.tamper_det_cfg), + &cnf->lp.tamper_det_cfg, + &cnf->lp.tamper_det_cfg2, NULL, NULL, + NULL, 2); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Configure LP secvio */ + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(lp.secvio_ctl), + &cnf->lp.secvio_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Configure HP secvio */ + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(hp.secvio_ctl), + &cnf->hp.secvio_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Lock access */ + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(hp.lock), &cnf->hp.lock); + if (scierr != SC_ERR_NONE) + goto exit; + + scierr = SC_CHECK_WRITE1(SC_CONF_OFFSET_OF(lp.lock), &cnf->lp.lock); + if (scierr != SC_ERR_NONE) + goto exit; + +exit: + return (scierr == SC_ERR_NONE) ? 0 : -EIO; +} + +static int dgo_write(u32 _id, u8 _access, u32 *_pdata) +{ + int scierr = sc_seco_secvio_dgo_config(-1, _id, _access, _pdata); + + if (scierr != SC_ERR_NONE) { + printf("Failed to set dgo configuration\n"); + debug("Failed to set conf id 0x%x : 0x%.8x", _id, *_pdata); + } + + return scierr; +} + +static int apply_snvs_dgo_config(struct snvs_dgo_conf *cnf) +{ + int scierr = 0; + + debug("%s\n", __func__); + + debug("Applying config:\n" + "\ttamper_offset_ctl = 0x%.8x\n" + "\ttamper_pull_ctl = 0x%.8x\n" + "\ttamper_ana_test_ctl = 0x%.8x\n" + "\ttamper_sensor_trim_ctl = 0x%.8x\n" + "\ttamper_misc_ctl = 0x%.8x\n" + "\ttamper_core_volt_mon_ctl = 0x%.8x\n", + cnf->tamper_offset_ctl, + cnf->tamper_pull_ctl, + cnf->tamper_ana_test_ctl, + cnf->tamper_sensor_trim_ctl, + cnf->tamper_misc_ctl, + cnf->tamper_core_volt_mon_ctl); + + dgo_write(0x04, 1, &cnf->tamper_offset_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + dgo_write(0x14, 1, &cnf->tamper_pull_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + dgo_write(0x24, 1, &cnf->tamper_ana_test_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + dgo_write(0x34, 1, &cnf->tamper_sensor_trim_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + dgo_write(0x54, 1, &cnf->tamper_core_volt_mon_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + + /* Last as it could lock the writes */ + dgo_write(0x44, 1, &cnf->tamper_misc_ctl); + if (scierr != SC_ERR_NONE) + goto exit; + +exit: + return (scierr == SC_ERR_NONE) ? 0 : -EIO; +} + +static int pad_write(u32 _pad, u32 _value) +{ + int scierr = sc_pad_set(-1, _pad, _value); + + if (scierr != SC_ERR_NONE) { + printf("Failed to set pad configuration\n"); + debug("Failed to set conf pad 0x%x : 0x%.8x", _pad, _value); + } + + return scierr; +} + +static int apply_tamper_pin_list_config(struct tamper_pin_cfg *confs, u32 size) +{ + int scierr = 0; + u32 idx; + + debug("%s\n", __func__); + + for (idx = 0; idx < size; idx++) { + debug("\t idx %d: pad %d: 0x%.8x\n", idx, confs[idx].pad, + confs[idx].mux_conf); + pad_write(confs[idx].pad, 3 << 30 | confs[idx].mux_conf); + if (scierr != SC_ERR_NONE) + goto exit; + } + +exit: + return (scierr == SC_ERR_NONE) ? 0 : -EIO; +} + +int examples(void) +{ + u32 size; + struct snvs_security_sc_conf *snvs_conf; + struct snvs_dgo_conf *snvs_dgo_conf; + struct tamper_pin_cfg *tamper_pin_conf; + + /* Caller */ + snvs_conf = get_snvs_config(); + snvs_dgo_conf = get_snvs_dgo_config(); + tamper_pin_conf = get_tamper_pin_cfg_list(&size); + + /* Default */ + snvs_conf = &snvs_default_config; + snvs_dgo_conf = &snvs_dgo_default_config; + tamper_pin_conf = tamper_pin_list_default_config; + + /* Passive tamper expecting VCC on the line */ + snvs_conf = &snvs_passive_vcc_config; + snvs_dgo_conf = &snvs_dgo_passive_vcc_config; + tamper_pin_conf = tamper_pin_list_passive_vcc_config; + + /* Passive tamper expecting GND on the line */ + snvs_conf = &snvs_passive_gnd_config; + snvs_dgo_conf = &snvs_dgo_passive_gnd_config; + tamper_pin_conf = tamper_pin_list_passive_gnd_config; + + /* Active tamper */ + snvs_conf = &snvs_active_config; + snvs_dgo_conf = &snvs_dgo_active_config; + tamper_pin_conf = tamper_pin_list_active_config; + + return !snvs_conf + !snvs_dgo_conf + !tamper_pin_conf; +} + +#ifdef CONFIG_IMX_SNVS_SEC_SC_AUTO +int snvs_security_sc_init(void) +{ + int err = 0; + + struct snvs_security_sc_conf *snvs_conf; + struct snvs_dgo_conf *snvs_dgo_conf; + struct tamper_pin_cfg *tamper_pin_conf; + u32 size; + + debug("%s\n", __func__); + + snvs_conf = get_snvs_config(); + snvs_dgo_conf = get_snvs_dgo_config(); + + tamper_pin_conf = get_tamper_pin_cfg_list(&size); + + err = apply_tamper_pin_list_config(tamper_pin_conf, size); + if (err) { + debug("Failed to set pins\n"); + goto exit; + } + + err = apply_snvs_dgo_config(snvs_dgo_conf); + if (err) { + debug("Failed to set dgo\n"); + goto exit; + } + + err = apply_snvs_config(snvs_conf); + if (err) { + debug("Failed to set snvs\n"); + goto exit; + } + +exit: + return err; +} +#endif /* CONFIG_IMX_SNVS_SEC_SC_AUTO */ + +static char snvs_cfg_help_text[] = + "snvs_cfg\n" + "\thp.lock\n" + "\thp.secvio_ctl\n" + "\tlp.lock\n" + "\tlp.secvio_ctl\n" + "\tlp.tamper_filt_cfg\n" + "\tlp.tamper_det_cfg\n" + "\tlp.tamper_det_cfg2\n" + "\tlp.tamper_filt1_cfg\n" + "\tlp.tamper_filt2_cfg\n" + "\tlp.act_tamper1_cfg\n" + "\tlp.act_tamper2_cfg\n" + "\tlp.act_tamper3_cfg\n" + "\tlp.act_tamper4_cfg\n" + "\tlp.act_tamper5_cfg\n" + "\tlp.act_tamper_ctl\n" + "\tlp.act_tamper_clk_ctl\n" + "\tlp.act_tamper_routing_ctl1\n" + "\tlp.act_tamper_routing_ctl2\n" + "\n" + "ALL values should be in hexadecimal format"; + +#define NB_REGISTERS 18 +static int do_snvs_cfg(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]) +{ + int err = 0; + u32 idx = 0; + + struct snvs_security_sc_conf conf = {0}; + + if (argc != (NB_REGISTERS + 1)) + return CMD_RET_USAGE; + + conf.hp.lock = simple_strtoul(argv[++idx], NULL, 16); + conf.hp.secvio_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.lock = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.secvio_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_filt_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_det_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_det_cfg2 = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_filt1_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_filt2_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper1_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper2_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper3_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper4_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper5_cfg = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper_clk_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper_routing_ctl1 = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.act_tamper_routing_ctl2 = simple_strtoul(argv[++idx], NULL, 16); + + err = apply_snvs_config(&conf); + + return err; +} + +U_BOOT_CMD(snvs_cfg, + NB_REGISTERS + 1, 1, do_snvs_cfg, + "Security violation configuration", + snvs_cfg_help_text +); + +static char snvs_dgo_cfg_help_text[] = + "snvs_dgo_cfg\n" + "\ttamper_offset_ctl\n" + "\ttamper_pull_ctl\n" + "\ttamper_ana_test_ctl\n" + "\ttamper_sensor_trim_ctl\n" + "\ttamper_misc_ctl\n" + "\ttamper_core_volt_mon_ctl\n" + "\n" + "ALL values should be in hexadecimal format"; + +static int do_snvs_dgo_cfg(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + int err = 0; + u32 idx = 0; + + struct snvs_dgo_conf conf = {0}; + + if (argc != (6 + 1)) + return CMD_RET_USAGE; + + conf.tamper_offset_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.tamper_pull_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.tamper_ana_test_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.tamper_sensor_trim_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.tamper_misc_ctl = simple_strtoul(argv[++idx], NULL, 16); + conf.tamper_core_volt_mon_ctl = simple_strtoul(argv[++idx], NULL, 16); + + err = apply_snvs_dgo_config(&conf); + + return err; +} + +U_BOOT_CMD(snvs_dgo_cfg, + 7, 1, do_snvs_dgo_cfg, + "SNVS DGO configuration", + snvs_dgo_cfg_help_text +); + +static char tamper_pin_cfg_help_text[] = + "snvs_dgo_cfg\n" + "\tpad\n" + "\tvalue\n" + "\n" + "ALL values should be in hexadecimal format"; + +static int do_tamper_pin_cfg(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + int err = 0; + u32 idx = 0; + + struct tamper_pin_cfg conf = {0}; + + if (argc != (2 + 1)) + return CMD_RET_USAGE; + + conf.pad = simple_strtoul(argv[++idx], NULL, 10); + conf.mux_conf = simple_strtoul(argv[++idx], NULL, 16); + + err = apply_tamper_pin_list_config(&conf, 1); + + return err; +} + +U_BOOT_CMD(tamper_pin_cfg, + 3, 1, do_tamper_pin_cfg, + "tamper pin configuration", + tamper_pin_cfg_help_text +); + +static char snvs_clear_status_help_text[] = + "snvs_clear_status\n" + "\tHPSR\n" + "\tHPSVSR\n" + "\tLPSR\n" + "\tLPTDSR\n" + "\n" + "Write the status registers with the value provided," + " clearing the status"; + +static int do_snvs_clear_status(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + int scierr = 0; + u32 idx = 0; + + struct snvs_security_sc_conf conf = {0}; + + if (argc != (2 + 1)) + return CMD_RET_USAGE; + + conf.lp.status = simple_strtoul(argv[++idx], NULL, 16); + conf.lp.tamper_det_status = simple_strtoul(argv[++idx], NULL, 16); + + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.status), + &conf.lp.status, NULL, NULL, NULL, + NULL, 1); + if (scierr != SC_ERR_NONE) + goto exit; + + scierr = check_write_secvio_config(SC_CONF_OFFSET_OF(lp.tamper_det_status), + &conf.lp.tamper_det_status, NULL, + NULL, NULL, NULL, 1); + if (scierr != SC_ERR_NONE) + goto exit; + +exit: + return (scierr == SC_ERR_NONE) ? 0 : 1; +} + +U_BOOT_CMD(snvs_clear_status, + 3, 1, do_snvs_clear_status, + "snvs clear status", + snvs_clear_status_help_text +); + +static char snvs_sec_status_help_text[] = + "snvs_sec_status\n" + "Display information about the security related to tamper and secvio"; + +static int do_snvs_sec_status(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + int scierr; + u32 idx; + + u32 data[5]; + + u32 pads[] = { + SC_P_CSI_D00, + SC_P_CSI_D01, + SC_P_CSI_D02, + SC_P_CSI_D03, + SC_P_CSI_D04, + SC_P_CSI_D05, + SC_P_CSI_D06, + SC_P_CSI_D07, + SC_P_CSI_HSYNC, + SC_P_CSI_VSYNC, + }; + + u32 fuses[] = { + 14, + 30, + 31, + 260, + 261, + 262, + 263, + 768, + }; + + struct snvs_reg { + u32 id; + u32 nb; + } snvs[] = { + /* Locks */ + {0x0, 1}, + {0x34, 1}, + /* Security violation */ + {0xc, 1}, + {0x10, 1}, + {0x18, 1}, + {0x40, 1}, + /* Temper detectors */ + {0x48, 2}, + {0x4c, 1}, + {0xa4, 1}, + /* */ + {0x44, 3}, + {0xe0, 1}, + {0xe4, 1}, + {0xe8, 2}, + /* Misc */ + {0x3c, 1}, + {0x5c, 2}, + {0x64, 1}, + {0xf8, 2}, + }; + + u32 dgo[] = { + 0x0, + 0x10, + 0x20, + 0x30, + 0x40, + 0x50, + }; + + /* Pins */ + printf("Pins:\n"); + for (idx = 0; idx < ARRAY_SIZE(pads); idx++) { + u8 pad_id = pads[idx]; + + scierr = sc_pad_get(-1, pad_id, &data[0]); + if (scierr == 0) + printf("\t- Pin %d: %.8x\n", pad_id, data[0]); + else + printf("Failed to read Pin %d\n", pad_id); + } + + /* Fuses */ + printf("Fuses:\n"); + for (idx = 0; idx < ARRAY_SIZE(fuses); idx++) { + u32 fuse_id = fuses[idx]; + + scierr = sc_misc_otp_fuse_read(-1, fuse_id, &data[0]); + if (scierr == 0) + printf("\t- Fuse %d: %.8x\n", fuse_id, data[0]); + else + printf("Failed to read Fuse %d\n", fuse_id); + } + + /* SNVS */ + printf("SNVS:\n"); + for (idx = 0; idx < ARRAY_SIZE(snvs); idx++) { + struct snvs_reg *reg = &snvs[idx]; + + scierr = sc_seco_secvio_config(-1, reg->id, 0, &data[0], + &data[1], &data[2], &data[3], + &data[4], reg->nb); + if (scierr == 0) { + int subidx; + + printf("\t- SNVS %.2x(%d):", reg->id, reg->nb); + for (subidx = 0; subidx < reg->nb; subidx++) + printf(" %.8x", data[subidx]); + printf("\n"); + } else { + printf("Failed to read SNVS %d\n", reg->id); + } + } + + /* DGO */ + printf("DGO:\n"); + for (idx = 0; idx < ARRAY_SIZE(dgo); idx++) { + u8 dgo_id = dgo[idx]; + + scierr = sc_seco_secvio_dgo_config(-1, dgo_id, 0, &data[0]); + if (scierr == 0) + printf("\t- DGO %.2x: %.8x\n", dgo_id, data[0]); + else + printf("Failed to read DGO %d\n", dgo_id); + } + + return 0; +} + +U_BOOT_CMD(snvs_sec_status, + 1, 1, do_snvs_sec_status, + "tamper pin configuration", + snvs_sec_status_help_text +); diff --git a/board/freescale/imx8qxp_mek/imx8qxp_mek.c b/board/freescale/imx8qxp_mek/imx8qxp_mek.c index b96f0da21e..93f0cd827c 100644 --- a/board/freescale/imx8qxp_mek/imx8qxp_mek.c +++ b/board/freescale/imx8qxp_mek/imx8qxp_mek.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include @@ -111,6 +112,15 @@ int board_init(void) { board_gpio_init(); +#ifdef CONFIG_IMX_SNVS_SEC_SC_AUTO + { + int ret = snvs_security_sc_init(); + + if (ret) + return ret; + } +#endif + return 0; } diff --git a/drivers/misc/imx8/scu_api.c b/drivers/misc/imx8/scu_api.c index 227bc52873..3e38edbf5d 100644 --- a/drivers/misc/imx8/scu_api.c +++ b/drivers/misc/imx8/scu_api.c @@ -222,6 +222,34 @@ int sc_pad_set(sc_ipc_t ipc, sc_pad_t pad, u32 val) return ret; } +int sc_pad_get(sc_ipc_t ipc, sc_pad_t pad, u32 *val) +{ + struct udevice *dev = gd->arch.scu_dev; + int size = sizeof(struct sc_rpc_msg_s); + struct sc_rpc_msg_s msg; + int ret; + + if (!dev) + hang(); + + RPC_VER(&msg) = SC_RPC_VERSION; + RPC_SIZE(&msg) = 2U; + RPC_SVC(&msg) = (u8)(SC_RPC_SVC_PAD); + RPC_FUNC(&msg) = (u8)(PAD_FUNC_GET); + + RPC_U16(&msg, 0U) = (u16)(pad); + + ret = misc_call(dev, SC_FALSE, &msg, size, &msg, size); + if (ret) + printf("%s: pad:%d: res:%d\n", + __func__, pad, RPC_R8(&msg)); + + if (val) + *val = (u32)RPC_U32(&msg, 0U); + + return ret; +} + /* MISC */ int sc_misc_set_control(sc_ipc_t ipc, sc_rsrc_t resource, sc_ctrl_t ctrl, u32 val) @@ -996,8 +1024,8 @@ int sc_seco_get_mp_key(sc_ipc_t ipc, sc_faddr_t dst_addr, return ret; } -int sc_seco_update_mpmr(sc_ipc_t ipc, sc_faddr_t addr, uint8_t size_m, - uint8_t lock) +int sc_seco_update_mpmr(sc_ipc_t ipc, sc_faddr_t addr, u8 size_m, + u8 lock) { struct udevice *dev = gd->arch.scu_dev; struct sc_rpc_msg_s msg; @@ -1051,8 +1079,44 @@ int sc_seco_get_mp_sign(sc_ipc_t ipc, sc_faddr_t msg_addr, return ret; } -int sc_seco_secvio_dgo_config(sc_ipc_t ipc, uint8_t id, uint8_t access, - u32 *data) +int sc_seco_secvio_config(sc_ipc_t ipc, u8 id, u8 access, + u32 *data0, u32 *data1, u32 *data2, u32 *data3, + u32 *data4, u8 size) +{ + struct udevice *dev = gd->arch.scu_dev; + struct sc_rpc_msg_s msg; + int msg_size = sizeof(struct sc_rpc_msg_s); + int ret; + + RPC_VER(&msg) = SC_RPC_VERSION; + RPC_SIZE(&msg) = 7U; + RPC_SVC(&msg) = (u8)(SC_RPC_SVC_SECO); + RPC_FUNC(&msg) = (u8)(SECO_FUNC_SECVIO_CONFIG); + + RPC_U32(&msg, 0U) = (u32)(*data0); + RPC_U32(&msg, 4U) = (u32)(*data1); + RPC_U32(&msg, 8U) = (u32)(*data2); + RPC_U32(&msg, 12U) = (u32)(*data3); + RPC_U32(&msg, 16U) = (u32)(*data4); + RPC_U8(&msg, 20U) = (u8)(id); + RPC_U8(&msg, 21U) = (u8)(access); + RPC_U8(&msg, 22U) = (u8)(size); + + ret = misc_call(dev, SC_FALSE, &msg, msg_size, &msg, msg_size); + if (ret) + printf("%s, id:0x%x, access:%x, res:%d\n", + __func__, id, access, RPC_R8(&msg)); + + *data0 = (u32)RPC_U32(&msg, 0U); + *data1 = (u32)RPC_U32(&msg, 4U); + *data2 = (u32)RPC_U32(&msg, 8U); + *data3 = (u32)RPC_U32(&msg, 12U); + *data4 = (u32)RPC_U32(&msg, 16U); + + return ret; +} + +int sc_seco_secvio_dgo_config(sc_ipc_t ipc, u8 id, u8 access, u32 *data) { struct udevice *dev = gd->arch.scu_dev; struct sc_rpc_msg_s msg;