diff mbox series

[4/4] arm: stm32mp: adapt the command stm32key for STM32MP13x

Message ID 20220915181132.4.I1431827b62d294343069ff0aa7e59abaacb8bdd5@changeid
State Accepted
Commit e83cef87a847d10aa2c46308bd8ac870bf56deee
Delegated to: Patrice Chotard
Headers show
Series arm: stm32mp: adapt the command stm32key for STM32MP13x | expand

Commit Message

Patrick Delaunay Sept. 15, 2022, 4:11 p.m. UTC 
Change the mask of OTP0 used to close the device on STM32MP
- STM32MP15x: bit 6 of OPT0
- STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device

And support the 2 keys for STM32MP13x
- PKHTH : Hash of the 8 ECC Public Keys Hashes Table
          (ECDSA is the authentication algorithm)
- EDMK : Encryption/Decryption Master Key

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
---

 arch/arm/mach-stm32mp/cmd_stm32key.c | 52 ++++++++++++++++++++++++----
 1 file changed, 45 insertions(+), 7 deletions(-)

Comments

Patrice CHOTARD Sept. 19, 2022, 6:53 a.m. UTC | #1 
HI Patrick

On 9/15/22 18:11, Patrick Delaunay wrote:
> Change the mask of OTP0 used to close the device on STM32MP
> - STM32MP15x: bit 6 of OPT0
> - STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device
> 
> And support the 2 keys for STM32MP13x
> - PKHTH : Hash of the 8 ECC Public Keys Hashes Table
>           (ECDSA is the authentication algorithm)
> - EDMK : Encryption/Decryption Master Key
> 
> Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
> ---
> 
>  arch/arm/mach-stm32mp/cmd_stm32key.c | 52 ++++++++++++++++++++++++----
>  1 file changed, 45 insertions(+), 7 deletions(-)
> 
> diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
> index 4eac56082db..278253e472f 100644
> --- a/arch/arm/mach-stm32mp/cmd_stm32key.c
> +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
> @@ -11,9 +11,14 @@
>  #include <dm/device.h>
>  #include <dm/uclass.h>
>  
> -/* Closed device : bit 6 of OPT0*/
> +/*
> + * Closed device: OTP0
> + * STM32MP15x: bit 6 of OPT0
> + * STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device
> + */
>  #define STM32_OTP_CLOSE_ID		0
> -#define STM32_OTP_CLOSE_MASK		BIT(6)
> +#define STM32_OTP_STM32MP13x_CLOSE_MASK	0x3F
> +#define STM32_OTP_STM32MP15x_CLOSE_MASK	BIT(6)
>  
>  /* PKH is the first element of the key list */
>  #define STM32KEY_PKH 0
> @@ -25,6 +30,21 @@ struct stm32key {
>  	u8 size;
>  };
>  
> +const struct stm32key stm32mp13_list[] = {
> +	[STM32KEY_PKH] = {
> +		.name = "PKHTH",
> +		.desc = "Hash of the 8 ECC Public Keys Hashes Table (ECDSA is the authentication algorithm)",
> +		.start = 24,
> +		.size = 8,
> +	},
> +	{
> +		.name = "EDMK",
> +		.desc = "Encryption/Decryption Master Key",
> +		.start = 92,
> +		.size = 4,
> +	}
> +};
> +
>  const struct stm32key stm32mp15_list[] = {
>  	[STM32KEY_PKH] = {
>  		.name = "PKH",
> @@ -39,12 +59,29 @@ static u8 stm32key_index;
>  
>  static u8 get_key_nb(void)
>  {
> -	return ARRAY_SIZE(stm32mp15_list);
> +	if (IS_ENABLED(CONFIG_STM32MP13x))
> +		return ARRAY_SIZE(stm32mp13_list);
> +
> +	if (IS_ENABLED(CONFIG_STM32MP15x))
> +		return ARRAY_SIZE(stm32mp15_list);
>  }
>  
>  static const struct stm32key *get_key(u8 index)
>  {
> -	return &stm32mp15_list[index];
> +	if (IS_ENABLED(CONFIG_STM32MP13x))
> +		return &stm32mp13_list[index];
> +
> +	if (IS_ENABLED(CONFIG_STM32MP15x))
> +		return &stm32mp15_list[index];
> +}
> +
> +static u32 get_otp_close_mask(void)
> +{
> +	if (IS_ENABLED(CONFIG_STM32MP13x))
> +		return STM32_OTP_STM32MP13x_CLOSE_MASK;
> +
> +	if (IS_ENABLED(CONFIG_STM32MP15x))
> +		return STM32_OTP_STM32MP15x_CLOSE_MASK;
>  }
>  
>  #define BSEC_LOCK_ERROR			(-1)
> @@ -123,7 +160,7 @@ static int read_key_otp(struct udevice *dev, const struct stm32key *key, bool pr
>  static int read_close_status(struct udevice *dev, bool print, bool *closed)
>  {
>  	int word, ret, result;
> -	u32 val, lock;
> +	u32 val, lock, mask;
>  	bool status;
>  
>  	result = 0;
> @@ -140,7 +177,8 @@ static int read_close_status(struct udevice *dev, bool print, bool *closed)
>  	if (ret != 4)
>  		lock = BSEC_LOCK_ERROR;
>  
> -	status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
> +	mask = get_otp_close_mask();
> +	status = (val & mask) == mask;
>  	if (closed)
>  		*closed = status;
>  	if (print)
> @@ -371,7 +409,7 @@ static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *co
>  	if (!yes && !confirm_prog())
>  		return CMD_RET_FAILURE;
>  
> -	val = STM32_OTP_CLOSE_MASK;
> +	val = get_otp_close_mask();
>  	ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
>  	if (ret != 4) {
>  		printf("Error: can't update OTP %d\n", STM32_OTP_CLOSE_ID);
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>

Thanks
Patrice
diff mbox series

Patch

diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
index 4eac56082db..278253e472f 100644
--- a/arch/arm/mach-stm32mp/cmd_stm32key.c
+++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
@@ -11,9 +11,14 @@ 
 #include <dm/device.h>
 #include <dm/uclass.h>
 
-/* Closed device : bit 6 of OPT0*/
+/*
+ * Closed device: OTP0
+ * STM32MP15x: bit 6 of OPT0
+ * STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device
+ */
 #define STM32_OTP_CLOSE_ID		0
-#define STM32_OTP_CLOSE_MASK		BIT(6)
+#define STM32_OTP_STM32MP13x_CLOSE_MASK	0x3F
+#define STM32_OTP_STM32MP15x_CLOSE_MASK	BIT(6)
 
 /* PKH is the first element of the key list */
 #define STM32KEY_PKH 0
@@ -25,6 +30,21 @@  struct stm32key {
 	u8 size;
 };
 
+const struct stm32key stm32mp13_list[] = {
+	[STM32KEY_PKH] = {
+		.name = "PKHTH",
+		.desc = "Hash of the 8 ECC Public Keys Hashes Table (ECDSA is the authentication algorithm)",
+		.start = 24,
+		.size = 8,
+	},
+	{
+		.name = "EDMK",
+		.desc = "Encryption/Decryption Master Key",
+		.start = 92,
+		.size = 4,
+	}
+};
+
 const struct stm32key stm32mp15_list[] = {
 	[STM32KEY_PKH] = {
 		.name = "PKH",
@@ -39,12 +59,29 @@  static u8 stm32key_index;
 
 static u8 get_key_nb(void)
 {
-	return ARRAY_SIZE(stm32mp15_list);
+	if (IS_ENABLED(CONFIG_STM32MP13x))
+		return ARRAY_SIZE(stm32mp13_list);
+
+	if (IS_ENABLED(CONFIG_STM32MP15x))
+		return ARRAY_SIZE(stm32mp15_list);
 }
 
 static const struct stm32key *get_key(u8 index)
 {
-	return &stm32mp15_list[index];
+	if (IS_ENABLED(CONFIG_STM32MP13x))
+		return &stm32mp13_list[index];
+
+	if (IS_ENABLED(CONFIG_STM32MP15x))
+		return &stm32mp15_list[index];
+}
+
+static u32 get_otp_close_mask(void)
+{
+	if (IS_ENABLED(CONFIG_STM32MP13x))
+		return STM32_OTP_STM32MP13x_CLOSE_MASK;
+
+	if (IS_ENABLED(CONFIG_STM32MP15x))
+		return STM32_OTP_STM32MP15x_CLOSE_MASK;
 }
 
 #define BSEC_LOCK_ERROR			(-1)
@@ -123,7 +160,7 @@  static int read_key_otp(struct udevice *dev, const struct stm32key *key, bool pr
 static int read_close_status(struct udevice *dev, bool print, bool *closed)
 {
 	int word, ret, result;
-	u32 val, lock;
+	u32 val, lock, mask;
 	bool status;
 
 	result = 0;
@@ -140,7 +177,8 @@  static int read_close_status(struct udevice *dev, bool print, bool *closed)
 	if (ret != 4)
 		lock = BSEC_LOCK_ERROR;
 
-	status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
+	mask = get_otp_close_mask();
+	status = (val & mask) == mask;
 	if (closed)
 		*closed = status;
 	if (print)
@@ -371,7 +409,7 @@  static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *co
 	if (!yes && !confirm_prog())
 		return CMD_RET_FAILURE;
 
-	val = STM32_OTP_CLOSE_MASK;
+	val = get_otp_close_mask();
 	ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
 	if (ret != 4) {
 		printf("Error: can't update OTP %d\n", STM32_OTP_CLOSE_ID);