From patchwork Mon Jun 28 12:55:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497957 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=e1OJ7Qg5; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD70K3SSSz9sT6 for ; Mon, 28 Jun 2021 22:56:33 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3F6B382DC3; Mon, 28 Jun 2021 14:56:24 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="e1OJ7Qg5"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 81F0982DA6; Mon, 28 Jun 2021 14:56:14 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 0681082DA6 for ; Mon, 28 Jun 2021 14:56:11 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqcx2032716; Mon, 28 Jun 2021 14:56:10 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=imNRI+Gj+fJci6N4FsgJYx67iTdcughSMATOXzR7iDU=; b=e1OJ7Qg52UYuHDPSyh/+wXtsmoUxE65GLDT0TY8N2/yzxXOU6vmUuxPY+1/ko4f57AFS Bve6b7+N3VOInCXrPftsSiSwGkir7AAeVCVouniQqojALqGvziZ6DyK5I3HGWfu1XR9J jYavW9fsB/A+uBMpxZ9zXx2Fotft6OiA7i2S+VE6X4QvwzgJ28pPU+ZQXdTLUHi2nxPw +UaeSqbNQ/oAVuDmyh3Q0Pyn+7CVs5Ak43yXNLs7MhlWuV68EvffDRA9LseoG8h92xfE GoVuk4CIDHNeHbXV6crhYMyl4U2DUarYl9mtlQcoY4GsqJHlD/5dx7zcxeVF+6fx2Zqi 1Q== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f1xsktvx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:10 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id E4FC610002A; Mon, 28 Jun 2021 14:56:09 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id DBF662291B7; Mon, 28 Jun 2021 14:56:09 +0200 (CEST) Received: from localhost (10.75.127.49) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:09 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 1/7] stm32mp: configs: activate the command stm32key only for ST boards Date: Mon, 28 Jun 2021 14:55:57 +0200 Message-ID: <20210628145519.1.I222bda2f6a603fbc60ccaae84a9936af8ccbba8b@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.49] X-ClientProxiedBy: SFHDAG2NODE3.st.com (10.75.127.6) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean This command is used to evaluate the secure boot on stm32mp SOC, it is deactivated by default in real products. We activate this command only in STMicroelectronics defconfig used with the evaluation boards. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/Kconfig | 4 +++- configs/stm32mp15_basic_defconfig | 1 + configs/stm32mp15_trusted_defconfig | 1 + 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig index 7c25266f33..0e59931679 100644 --- a/arch/arm/mach-stm32mp/Kconfig +++ b/arch/arm/mach-stm32mp/Kconfig @@ -174,10 +174,12 @@ config STM32_ETZPC config CMD_STM32KEY bool "command stm32key to fuse public key hash" - default y + default n help fuse public key hash in corresponding fuse used to authenticate binary. + This command is used to evaluate the secure boot on stm32mp SOC, + it is deactivated by default in real products. config PRE_CON_BUF_ADDR default 0xC02FF000 diff --git a/configs/stm32mp15_basic_defconfig b/configs/stm32mp15_basic_defconfig index 3ff46f7048..4e66472825 100644 --- a/configs/stm32mp15_basic_defconfig +++ b/configs/stm32mp15_basic_defconfig @@ -10,6 +10,7 @@ CONFIG_SPL_DM_SPI=y CONFIG_SPL_TEXT_BASE=0x2FFC2500 CONFIG_SPL_MMC_SUPPORT=y CONFIG_SPL=y +CONFIG_CMD_STM32KEY=y CONFIG_TARGET_ST_STM32MP15x=y CONFIG_CMD_STM32PROG=y CONFIG_ENV_OFFSET_REDUND=0x2C0000 diff --git a/configs/stm32mp15_trusted_defconfig b/configs/stm32mp15_trusted_defconfig index afbf721299..d68bdf9eea 100644 --- a/configs/stm32mp15_trusted_defconfig +++ b/configs/stm32mp15_trusted_defconfig @@ -6,6 +6,7 @@ CONFIG_SYS_MEMTEST_START=0xc0000000 CONFIG_SYS_MEMTEST_END=0xc4000000 CONFIG_ENV_OFFSET=0x280000 CONFIG_ENV_SECT_SIZE=0x40000 +CONFIG_CMD_STM32KEY=y CONFIG_TARGET_ST_STM32MP15x=y CONFIG_CMD_STM32PROG=y CONFIG_ENV_OFFSET_REDUND=0x2C0000 From patchwork Mon Jun 28 12:55:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497958 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=yGGT8cOg; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD70W5tynz9sT6 for ; Mon, 28 Jun 2021 22:56:43 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E7F8F82DE1; Mon, 28 Jun 2021 14:56:27 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="yGGT8cOg"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 38D7182DDB; Mon, 28 Jun 2021 14:56:18 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 7951782DC1 for ; Mon, 28 Jun 2021 14:56:11 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqbPc032703; Mon, 28 Jun 2021 14:56:11 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=NTMIgZlY5YOfcKiPq4ITB3vu9oz93nwT+7OzT3w+Go4=; b=yGGT8cOgB9a4Mso2dWzI2aiOJl/94YJh3gMUmZ+K9ZofDDdgL7PqdJ2gEcDZV9POo90r Z97yB1f7I1dxE5uVwf1KhnY9Q6+Mi3pafuoElxAvOGJKTOnGplOOBMez/MXcbib2e/mM xY8cV14cIibyWwu/AP6sjyTO17ZqohlRDTEZarxGl28K7sEtW0MbLCe4pK6Iy8e/5enl +tc1ethF3ekjDxJa4ya5LYF1eMzi7Z/j7g11yGos9Wagc34n5SRZzJKDksT2Iha/TlNN RunebKjHAU++Xpb1DOUzFY423dNMNkzyvGi4y8F+lg2reUfe6eyj4YdlWlirsb9p91mI sA== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f1xsktvy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:11 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id BBECA10002A; Mon, 28 Jun 2021 14:56:10 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id B22AB2291B7; Mon, 28 Jun 2021 14:56:10 +0200 (CEST) Received: from localhost (10.75.127.49) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:10 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 2/7] stm32mp: cmd_stm32key: use sub command Date: Mon, 28 Jun 2021 14:55:58 +0200 Message-ID: <20210628145519.2.I55399cf019408c6f6d4f86aa8783c8187b090280@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.49] X-ClientProxiedBy: SFHDAG2NODE1.st.com (10.75.127.4) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Simplify parsing the command argument by using the macro U_BOOT_CMD_WITH_SUBCMDS. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 55 ++++++++++++++++++---------- 1 file changed, 36 insertions(+), 19 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index 42fdc11238..d2045a5983 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -67,36 +67,53 @@ static int confirm_prog(void) return 0; } -static int do_stm32key(struct cmd_tbl *cmdtp, int flag, int argc, - char *const argv[]) +static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { u32 addr; - const char *op = argc >= 2 ? argv[1] : NULL; - int confirmed = argc > 3 && !strcmp(argv[2], "-y"); - argc -= 2 + confirmed; - argv += 2 + confirmed; - - if (argc < 1) + if (argc == 1) return CMD_RET_USAGE; - addr = simple_strtoul(argv[0], NULL, 16); + addr = simple_strtoul(argv[1], NULL, 16); if (!addr) return CMD_RET_USAGE; - if (!strcmp(op, "read")) - read_hash_value(addr); + read_hash_value(addr); + + return CMD_RET_SUCCESS; +} + +static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) +{ + u32 addr; + bool yes = false; - if (!strcmp(op, "fuse")) { - if (!confirmed && !confirm_prog()) - return CMD_RET_FAILURE; - fuse_hash_value(addr, !confirmed); + if (argc < 2) + return CMD_RET_USAGE; + + if (argc == 3) { + if (strcmp(argv[1], "-y")) + return CMD_RET_USAGE; + yes = true; } + addr = simple_strtoul(argv[argc - 1], NULL, 16); + if (!addr) + return CMD_RET_USAGE; + + if (!yes && !confirm_prog()) + return CMD_RET_FAILURE; + + fuse_hash_value(addr, !yes); + printf("Hash key updated !\n"); + return CMD_RET_SUCCESS; } -U_BOOT_CMD(stm32key, 4, 1, do_stm32key, - "Fuse ST Hash key", - "read : Read the hash store at addr in memory\n" - "stm32key fuse [-y] : Fuse hash store at addr in otp\n"); +static char stm32key_help_text[] = + "read : Read the hash stored at addr in memory\n" + "stm32key fuse [-y] : Fuse hash stored at addr in OTP\n"; + +U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text, + U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read), + U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse)); From patchwork Mon Jun 28 12:55:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497959 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=a5qaP5qo; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD70j3L2Vz9sT6 for ; Mon, 28 Jun 2021 22:56:52 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E31F282DDD; Mon, 28 Jun 2021 14:56:30 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="a5qaP5qo"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 6135982DDD; Mon, 28 Jun 2021 14:56:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2991482D22 for ; Mon, 28 Jun 2021 14:56:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqciD032715; Mon, 28 Jun 2021 14:56:12 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=qlQefkGqqCQEo4S5C45+LpIzDRCcz5iglyOO5UTfQwk=; b=a5qaP5qop0QD0q1b047v6TqXQMCPFQVhJwFfJh364dFNA7u6DMU2Z2dZaQGGsI2JZef6 umdfTO6dVoqPIsSNlLFJKf79xAmbke+1EVNUstrXq/ysY/da61sSfYeSoZ4nYdwT0acE cqmp85R+6SU33GLWc+WXHtPe0lbylc4flsCZVSNduL+vkzbKQ8egONkaUFZ5V16aHU6F 3J4QSyhwrYHsFrF+PFxwf0StiF2YQrVQ7abMvTE7GwJeKnIVNQb6LInm+NcRpv/wwXEc 99v4zzewCBu/wZRfFK/JHs+VlOEimCqHzCEMlG0yvd+jFFvKPovNbO058qTk/xdLPQcl lg== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f1xsktw3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:12 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 67E4A10002A; Mon, 28 Jun 2021 14:56:12 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 88CF720B87F; Mon, 28 Jun 2021 14:56:11 +0200 (CEST) Received: from localhost (10.75.127.51) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:11 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 3/7] stm32mp: cmd_stm32key: handle error in fuse_hash_value Date: Mon, 28 Jun 2021 14:55:59 +0200 Message-ID: <20210628145519.3.Id13cccdd894c43f0df0833fc71e3ff084eb4cc1d@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.51] X-ClientProxiedBy: SFHDAG1NODE2.st.com (10.75.127.2) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Handle errors in fuse_hash_value function. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index d2045a5983..2529139ebc 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -25,7 +25,7 @@ static void read_hash_value(u32 addr) } } -static void fuse_hash_value(u32 addr, bool print) +static int fuse_hash_value(u32 addr, bool print) { struct udevice *dev; u32 word, val; @@ -36,21 +36,25 @@ static void fuse_hash_value(u32 addr, bool print) &dev); if (ret) { log_err("Can't find stm32mp_bsec driver\n"); - return; + return ret; } for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) { - if (print) - printf("Fuse OTP %i : %x\n", - STM32_OTP_HASH_KEY_START + i, - __be32_to_cpu(*(u32 *)addr)); - word = STM32_OTP_HASH_KEY_START + i; val = __be32_to_cpu(*(u32 *)addr); - misc_write(dev, STM32_BSEC_OTP(word), &val, 4); + if (print) + printf("Fuse OTP %i : %x\n", word, val); + + ret = misc_write(dev, STM32_BSEC_OTP(word), &val, 4); + if (ret != 4) { + log_err("Fuse OTP %i failed\n", word); + return ret; + } addr += 4; } + + return 0; } static int confirm_prog(void) @@ -104,7 +108,9 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con if (!yes && !confirm_prog()) return CMD_RET_FAILURE; - fuse_hash_value(addr, !yes); + if (fuse_hash_value(addr, !yes)) + return CMD_RET_FAILURE; + printf("Hash key updated !\n"); return CMD_RET_SUCCESS; From patchwork Mon Jun 28 12:56:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497962 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=mGUomV95; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD71J3j8Dz9sT6 for ; Mon, 28 Jun 2021 22:57:23 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C6AC082DF0; Mon, 28 Jun 2021 14:56:42 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="mGUomV95"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5A32682DC3; Mon, 28 Jun 2021 14:56:21 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 67B6F82DCA for ; Mon, 28 Jun 2021 14:56:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0241204.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqjQY009496; Mon, 28 Jun 2021 14:56:12 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=/rL3FY+O/fnnS0gNAJMOxWute20BdfrZwbaWJhdft/c=; b=mGUomV95Rbl7H09kO9+18rduBf6CSQXu8TXgs2FvEdtw7Iod2YqHe1vyt81wMmaXTyiZ K36T59PTFOUQNhG6VHsmPovhzjLcwkBQBuYZTeCIKBRE+Ra8exzbWQpFFWDpC8FaRXai XY73vTSQSq8DQm2LQKjf1I778ZoqWbSLhtLjIAbMkQlUpdd62gVvg2/hq3+5hAO4B+Y6 uAdLavZla+XAZJNveEbPapbclgfkze3udV5Luht+z4YJzueDUnMIBd+HGqTfzAat3LIa oriK2znAOI4VPZJ/ZCWT56zFJOB7xVgSb6gsIALaJpT2Bg85iFCYG2ltSFddUxYff098 Aw== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39fc110x0n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:12 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 71FAE100034; Mon, 28 Jun 2021 14:56:12 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 6AD8320B87F; Mon, 28 Jun 2021 14:56:12 +0200 (CEST) Received: from localhost (10.75.127.50) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:12 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 4/7] stm32mp: cmd_stm32key: lock of PKH OTP after fuse Date: Mon, 28 Jun 2021 14:56:00 +0200 Message-ID: <20210628145519.4.I8410e2048aae4150e956478327751a71d8124024@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.50] X-ClientProxiedBy: SFHDAG2NODE1.st.com (10.75.127.4) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Lock the OTP value of key's hash after the command $> stm32key fuse
This operation forbids a second update of these OTP as they are ECC protected in BSEC: any update of these OTP with a different value causes a BSEC disturb error and the closed chip will be bricked. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index 2529139ebc..c4cb6342fa 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -39,8 +39,9 @@ static int fuse_hash_value(u32 addr, bool print) return ret; } - for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) { - word = STM32_OTP_HASH_KEY_START + i; + for (i = 0, word = STM32_OTP_HASH_KEY_START; + i < STM32_OTP_HASH_KEY_SIZE; + i++, word++, addr += 4) { val = __be32_to_cpu(*(u32 *)addr); if (print) printf("Fuse OTP %i : %x\n", word, val); @@ -50,8 +51,13 @@ static int fuse_hash_value(u32 addr, bool print) log_err("Fuse OTP %i failed\n", word); return ret; } - - addr += 4; + /* on success, lock the OTP for HASH key */ + val = 1; + ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4); + if (ret != 4) { + log_err("Lock OTP %i failed\n", word); + return ret; + } } return 0; From patchwork Mon Jun 28 12:56:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497960 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=k1bXa0eF; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD70v2NCyz9sT6 for ; Mon, 28 Jun 2021 22:57:03 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 142B482DEB; Mon, 28 Jun 2021 14:56:35 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="k1bXa0eF"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id A9A0882DC1; Mon, 28 Jun 2021 14:56:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx08-00178001.pphosted.com [91.207.212.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 0620382DD5 for ; Mon, 28 Jun 2021 14:56:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046661.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqeok025031; Mon, 28 Jun 2021 14:56:13 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=LZJ+0QzPjs73JQhmaCAZs/G19Jdo76XCTHqUIAHD0TE=; b=k1bXa0eFHYcvhPvUVgtKvVsdZXG02jG5i2iZjw6hr918DqnhHYaLuPADr2Xpxm49PpjE BONSA7r4Zq4WHTr4Fc29lnZ8BqjdJHViiNyOO3In3OqlZV63iTxksyS895rannUD75FU PWeNgoY7L31DOD6UeZsmgH1svlftXgsASaHuZl/F+tmDWR0uKLNltpLfgkrYGIevHtd2 LD2lRhWo9FbwI8q4ONCS4GXAzRiibR5XJmgJopQd7Dfc677kONbYo1LfU2Au+MrbfEBy DZxvLxduCGqqoATtv3fo+FqPD0/Sqk3VLhJLlaXEkCDcaXlIrScTQy6LVhebkrmSvQom /A== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f94c2fnh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:13 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 47E2710002A; Mon, 28 Jun 2021 14:56:13 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 40D9121ED37; Mon, 28 Jun 2021 14:56:13 +0200 (CEST) Received: from localhost (10.75.127.50) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:12 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 5/7] stm32mp: cmd_stm32key: add get_misc_dev function Date: Mon, 28 Jun 2021 14:56:01 +0200 Message-ID: <20210628145519.5.I38ea9658e6b3f7be161eddb47b792f8af938910e@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.50] X-ClientProxiedBy: SFHDAG2NODE3.st.com (10.75.127.6) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Add a helper function to access to BSEC misc driver. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index c4cb6342fa..886c52794f 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -14,6 +14,17 @@ #define STM32_OTP_HASH_KEY_START 24 #define STM32_OTP_HASH_KEY_SIZE 8 +static int get_misc_dev(struct udevice **dev) +{ + int ret; + + ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(stm32mp_bsec), dev); + if (ret) + log_err("Can't find stm32mp_bsec driver\n"); + + return ret; +} + static void read_hash_value(u32 addr) { int i; @@ -31,13 +42,9 @@ static int fuse_hash_value(u32 addr, bool print) u32 word, val; int i, ret; - ret = uclass_get_device_by_driver(UCLASS_MISC, - DM_DRIVER_GET(stm32mp_bsec), - &dev); - if (ret) { - log_err("Can't find stm32mp_bsec driver\n"); + ret = get_misc_dev(&dev); + if (ret) return ret; - } for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; From patchwork Mon Jun 28 12:56:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497961 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=RjaD6al1; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD7163mj9z9sW6 for ; Mon, 28 Jun 2021 22:57:14 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 429EF82DE6; Mon, 28 Jun 2021 14:56:40 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="RjaD6al1"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5BC7D82DC3; Mon, 28 Jun 2021 14:56:20 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id E361082DC3 for ; Mon, 28 Jun 2021 14:56:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqhVx032766; Mon, 28 Jun 2021 14:56:14 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=gwX8LPBHdv3diqVbAv7mjJnwEs8XgGzMXIyp3mJLcUc=; b=RjaD6al1R6BNEwdDPOeZUFuRFgcN4wwPhWeAXoxN49DoICG3MIJQTbKhCN9cksZCHmOy H5oQ0tuKi4DRwpT9rMRaB5B8qn2Zo/4EfbgLkUIV5bY6h2ZMheknzedCd/BvfJ4XCS1P E/LnZXUeXNEkdxp+SZ/KkCrdm0aeN3nY9dDYuXEsL0SPoZDG8t7pBPEyOkJIQ8AKJRxA Gf8mlKXf9DC4DYDOcSSKLsi+8J3Vr5Q/xqOe6AHIdtXUj3kR0NbXyBg/HFB/tumBfM3w jcPD+NWpkhsgl47eteobm5Zfg0UhmFTABqrYWT9dNwobOWIgSKP8b24eV4oBmsFdcOFt /g== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f1xsktw8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:14 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 2B85B10002A; Mon, 28 Jun 2021 14:56:14 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 234E321ED37; Mon, 28 Jun 2021 14:56:14 +0200 (CEST) Received: from localhost (10.75.127.48) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:13 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 6/7] stm32mp: cmd_stm32key: add read OTP subcommand Date: Mon, 28 Jun 2021 14:56:02 +0200 Message-ID: <20210628145519.6.Ied9f79b7d73deaea9b2680449aac2a92b3dae465@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.48] X-ClientProxiedBy: SFHDAG2NODE1.st.com (10.75.127.4) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Allow to read the OTP value and lock status with the command $> stm32key read. This patch also protects the stm32key fuse command. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 93 ++++++++++++++++++++++++++-- 1 file changed, 87 insertions(+), 6 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index 886c52794f..8c8d476b65 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -11,8 +11,13 @@ #include #include -#define STM32_OTP_HASH_KEY_START 24 -#define STM32_OTP_HASH_KEY_SIZE 8 +/* Closed device : bit 6 of OPT0*/ +#define STM32_OTP_CLOSE_ID 0 +#define STM32_OTP_CLOSE_MASK BIT(6) + +/* HASH of key: 8 OTPs, starting with OTP24) */ +#define STM32_OTP_HASH_KEY_START 24 +#define STM32_OTP_HASH_KEY_SIZE 8 static int get_misc_dev(struct udevice **dev) { @@ -29,6 +34,7 @@ static void read_hash_value(u32 addr) { int i; + printf("Read KEY at 0x%x\n", addr); for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) { printf("OTP value %i: %x\n", STM32_OTP_HASH_KEY_START + i, __be32_to_cpu(*(u32 *)addr)); @@ -36,6 +42,69 @@ static void read_hash_value(u32 addr) } } +static int read_hash_otp(bool print, bool *locked, bool *closed) +{ + struct udevice *dev; + int i, word, ret; + int nb_invalid = 0, nb_zero = 0, nb_lock = 0; + u32 val, lock; + bool status; + + ret = get_misc_dev(&dev); + if (ret) + return ret; + + for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; i++, word++) { + ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4); + if (ret != 4) + val = ~0x0; + ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4); + if (ret != 4) + lock = -1; + if (print) + printf("OTP HASH %i: %x lock : %d\n", word, val, lock); + if (val == ~0x0) + nb_invalid++; + else if (val == 0x0) + nb_zero++; + if (lock == 1) + nb_lock++; + } + + word = STM32_OTP_CLOSE_ID; + ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4); + if (ret != 4) + val = 0x0; + ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4); + if (ret != 4) + lock = -1; + + status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK; + if (closed) + *closed = status; + if (print) + printf("OTP %d: closed status: %d lock : %d\n", word, status, lock); + + status = (nb_lock == STM32_OTP_HASH_KEY_SIZE); + if (locked) + *locked = status; + if (!status && print) + printf("Hash of key is not locked!\n"); + + if (nb_invalid == STM32_OTP_HASH_KEY_SIZE) { + if (print) + printf("Hash of key is invalid!\n"); + return -EINVAL; + } + if (nb_zero == STM32_OTP_HASH_KEY_SIZE) { + if (print) + printf("Hash of key is free!\n"); + return -ENOENT; + } + + return 0; +} + static int fuse_hash_value(u32 addr, bool print) { struct udevice *dev; @@ -88,8 +157,10 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con { u32 addr; - if (argc == 1) - return CMD_RET_USAGE; + if (argc == 1) { + read_hash_otp(true, NULL, NULL); + return CMD_RET_SUCCESS; + } addr = simple_strtoul(argv[1], NULL, 16); if (!addr) @@ -103,7 +174,7 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { u32 addr; - bool yes = false; + bool yes = false, lock, closed; if (argc < 2) return CMD_RET_USAGE; @@ -118,6 +189,16 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con if (!addr) return CMD_RET_USAGE; + if (read_hash_otp(!yes, &lock, &closed) != -ENOENT) { + printf("Error: can't fuse again the OTP\n"); + return CMD_RET_FAILURE; + } + + if (lock || closed) { + printf("Error: invalid OTP configuration (lock=%d, closed=%d)\n", lock, closed); + return CMD_RET_FAILURE; + } + if (!yes && !confirm_prog()) return CMD_RET_FAILURE; @@ -130,7 +211,7 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con } static char stm32key_help_text[] = - "read : Read the hash stored at addr in memory\n" + "read []: Read the hash stored at addr in memory or in OTP\n" "stm32key fuse [-y] : Fuse hash stored at addr in OTP\n"; U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text, From patchwork Mon Jun 28 12:56:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick DELAUNAY X-Patchwork-Id: 1497963 X-Patchwork-Delegate: patrick.delaunay73@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.a=rsa-sha256 header.s=selector1 header.b=KlrvLX8z; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GD71V2fwFz9sT6 for ; Mon, 28 Jun 2021 22:57:34 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 8A6C982DF9; Mon, 28 Jun 2021 14:56:45 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foss.st.com header.i=@foss.st.com header.b="KlrvLX8z"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D6D2D82DC3; Mon, 28 Jun 2021 14:56:22 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id E9C4482DD7 for ; Mon, 28 Jun 2021 14:56:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=prvs=1813415642=patrick.delaunay@foss.st.com Received: from pps.filterd (m0046668.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15SCqsRR000415; Mon, 28 Jun 2021 14:56:15 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=selector1; bh=udZx0N7zCxmXMdwwtqsETQmF+qYXV+35ev9oSctMCMc=; b=KlrvLX8zCJ1nUo3kTEF5ydL+eWVHs9nF9lEsNFFAhTJNJOsml9V1sbny4++rZ0J+//xb ICl8l+uYWv1GwPnmV29IiWoy7c9GURgCYdG18UOxNhwiGasYZlsNWRCtiqC5P/loBhYM pk204WLPRKS98Kjaa6yM8EOf1Wujm6M+yPjpija6Wvsk5dmuAENRC9sF2lQC7UWGqPwh B679QIFrkwDpVslZx1WnMPc5etSSWH9xQROfUsaa0mN6Bq3gP1SQlmH4yVNemQUv28s3 APp4voTsOrWLiRGmppQxWXIUzC85Uto+fu2NpgOp+LW8+7kl26ILgVjFK4egTmYjlHQi Og== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com with ESMTP id 39f1xsktwc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 28 Jun 2021 14:56:15 +0200 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 0E38B10002A; Mon, 28 Jun 2021 14:56:15 +0200 (CEST) Received: from Webmail-eu.st.com (sfhdag2node3.st.com [10.75.127.6]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 058E221ED37; Mon, 28 Jun 2021 14:56:15 +0200 (CEST) Received: from localhost (10.75.127.50) by SFHDAG2NODE3.st.com (10.75.127.6) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 28 Jun 2021 14:56:14 +0200 From: Patrick Delaunay To: CC: Patrick Delaunay , Patrice Chotard , U-Boot STM32 Subject: [PATCH 7/7] stm32mp: cmd_stm32key: add subcommand close Date: Mon, 28 Jun 2021 14:56:03 +0200 Message-ID: <20210628145519.7.Ice24ec3430539077cefa5a43cb6245847db3871e@changeid> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> References: <20210628125603.2936135-1-patrick.delaunay@foss.st.com> MIME-Version: 1.0 X-Originating-IP: [10.75.127.50] X-ClientProxiedBy: SFHDAG1NODE2.st.com (10.75.127.2) To SFHDAG2NODE3.st.com (10.75.127.6) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-28_11:2021-06-25, 2021-06-28 signatures=0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean The expected sequence to close the device 1/ Load key in DDR with any supported load command 2/ Update OTP with key: STM32MP> stm32key read At this point the device is able to perform image authentication but non-authenticated images can still be used and executed. So it is the last moment to test boot with signed binary and check that the ROM code accepts them. 3/ Close the device: only signed binary will be accepted !! STM32MP> stm32key close Warning: Programming these OTP is an irreversible operation! This may brick your system if the HASH of key is invalid This command should be deactivated by default in real product. Signed-off-by: Patrick Delaunay Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cmd_stm32key.c | 54 ++++++++++++++++++++++++++-- 1 file changed, 52 insertions(+), 2 deletions(-) diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c index 8c8d476b65..50840b0f38 100644 --- a/arch/arm/mach-stm32mp/cmd_stm32key.c +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c @@ -210,10 +210,60 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con return CMD_RET_SUCCESS; } +static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) +{ + bool yes, lock, closed; + struct udevice *dev; + u32 val; + int ret; + + yes = false; + if (argc == 2) { + if (strcmp(argv[1], "-y")) + return CMD_RET_USAGE; + yes = true; + } + + ret = read_hash_otp(!yes, &lock, &closed); + if (ret) { + if (ret == -ENOENT) + printf("Error: OTP not programmed!\n"); + return CMD_RET_FAILURE; + } + + if (closed) { + printf("Error: already closed!\n"); + return CMD_RET_FAILURE; + } + + if (!lock) + printf("Warning: OTP not locked!\n"); + + if (!yes && !confirm_prog()) + return CMD_RET_FAILURE; + + ret = get_misc_dev(&dev); + if (ret) + return CMD_RET_FAILURE; + + val = STM32_OTP_CLOSE_MASK; + ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4); + if (ret != 4) { + printf("Error: can't update OTP\n"); + return CMD_RET_FAILURE; + } + + printf("Device is closed !\n"); + + return CMD_RET_SUCCESS; +} + static char stm32key_help_text[] = "read []: Read the hash stored at addr in memory or in OTP\n" - "stm32key fuse [-y] : Fuse hash stored at addr in OTP\n"; + "stm32key fuse [-y] : Fuse hash stored at addr in OTP\n" + "stm32key close [-y] : Close the device, the hash stored in OTP\n"; U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text, U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read), - U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse)); + U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse), + U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));