mirror of
				https://github.com/smaeul/u-boot.git
				synced 2025-10-24 17:48:14 +01:00 
			
		
		
		
	After adding the U_BOOT_LONGHELP macro some new commands came in still that were not making use if it. Switch these cases over and in a few places add missing newlines as well. Signed-off-by: Tom Rini <trini@konsulko.com>
		
			
				
	
	
		
			435 lines
		
	
	
		
			9.7 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			435 lines
		
	
	
		
			9.7 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| // SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
 | |
| /*
 | |
|  * Copyright (C) 2019, STMicroelectronics - All Rights Reserved
 | |
|  */
 | |
| 
 | |
| #include <command.h>
 | |
| #include <console.h>
 | |
| #include <log.h>
 | |
| #include <misc.h>
 | |
| #include <asm/arch/bsec.h>
 | |
| #include <dm/device.h>
 | |
| #include <dm/uclass.h>
 | |
| #include <linux/printk.h>
 | |
| 
 | |
| /*
 | |
|  * Closed device: OTP0
 | |
|  * STM32MP15x: bit 6 of OPT0
 | |
|  * STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device
 | |
|  */
 | |
| #define STM32_OTP_CLOSE_ID		0
 | |
| #define STM32_OTP_STM32MP13X_CLOSE_MASK	0x3F
 | |
| #define STM32_OTP_STM32MP15X_CLOSE_MASK	BIT(6)
 | |
| 
 | |
| /* PKH is the first element of the key list */
 | |
| #define STM32KEY_PKH 0
 | |
| 
 | |
| struct stm32key {
 | |
| 	char *name;
 | |
| 	char *desc;
 | |
| 	u8 start;
 | |
| 	u8 size;
 | |
| };
 | |
| 
 | |
| const struct stm32key stm32mp13_list[] = {
 | |
| 	[STM32KEY_PKH] = {
 | |
| 		.name = "PKHTH",
 | |
| 		.desc = "Hash of the 8 ECC Public Keys Hashes Table (ECDSA is the authentication algorithm)",
 | |
| 		.start = 24,
 | |
| 		.size = 8,
 | |
| 	},
 | |
| 	{
 | |
| 		.name = "EDMK",
 | |
| 		.desc = "Encryption/Decryption Master Key",
 | |
| 		.start = 92,
 | |
| 		.size = 4,
 | |
| 	}
 | |
| };
 | |
| 
 | |
| const struct stm32key stm32mp15_list[] = {
 | |
| 	[STM32KEY_PKH] = {
 | |
| 		.name = "PKH",
 | |
| 		.desc = "Hash of the ECC Public Key (ECDSA is the authentication algorithm)",
 | |
| 		.start = 24,
 | |
| 		.size = 8,
 | |
| 	}
 | |
| };
 | |
| 
 | |
| /* index of current selected key in stm32key list, 0 = PKH by default */
 | |
| static u8 stm32key_index;
 | |
| 
 | |
| static u8 get_key_nb(void)
 | |
| {
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP13X))
 | |
| 		return ARRAY_SIZE(stm32mp13_list);
 | |
| 
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP15X))
 | |
| 		return ARRAY_SIZE(stm32mp15_list);
 | |
| }
 | |
| 
 | |
| static const struct stm32key *get_key(u8 index)
 | |
| {
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP13X))
 | |
| 		return &stm32mp13_list[index];
 | |
| 
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP15X))
 | |
| 		return &stm32mp15_list[index];
 | |
| }
 | |
| 
 | |
| static u32 get_otp_close_mask(void)
 | |
| {
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP13X))
 | |
| 		return STM32_OTP_STM32MP13X_CLOSE_MASK;
 | |
| 
 | |
| 	if (IS_ENABLED(CONFIG_STM32MP15X))
 | |
| 		return STM32_OTP_STM32MP15X_CLOSE_MASK;
 | |
| }
 | |
| 
 | |
| static int get_misc_dev(struct udevice **dev)
 | |
| {
 | |
| 	int ret;
 | |
| 
 | |
| 	ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(stm32mp_bsec), dev);
 | |
| 	if (ret)
 | |
| 		log_err("Can't find stm32mp_bsec driver\n");
 | |
| 
 | |
| 	return ret;
 | |
| }
 | |
| 
 | |
| static void read_key_value(const struct stm32key *key, u32 addr)
 | |
| {
 | |
| 	int i;
 | |
| 
 | |
| 	for (i = 0; i < key->size; i++) {
 | |
| 		printf("%s OTP %i: [%08x] %08x\n", key->name, key->start + i,
 | |
| 		       addr, __be32_to_cpu(*(u32 *)addr));
 | |
| 		addr += 4;
 | |
| 	}
 | |
| }
 | |
| 
 | |
| static int read_key_otp(struct udevice *dev, const struct stm32key *key, bool print, bool *locked)
 | |
| {
 | |
| 	int i, word, ret;
 | |
| 	int nb_invalid = 0, nb_zero = 0, nb_lock = 0, nb_lock_err = 0;
 | |
| 	u32 val, lock;
 | |
| 	bool status;
 | |
| 
 | |
| 	for (i = 0, word = key->start; i < key->size; i++, word++) {
 | |
| 		ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
 | |
| 		if (ret != 4)
 | |
| 			val = ~0x0;
 | |
| 		ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
 | |
| 		if (ret != 4)
 | |
| 			lock = BSEC_LOCK_ERROR;
 | |
| 		if (print)
 | |
| 			printf("%s OTP %i: %08x lock : %08x\n", key->name, word, val, lock);
 | |
| 		if (val == ~0x0)
 | |
| 			nb_invalid++;
 | |
| 		else if (val == 0x0)
 | |
| 			nb_zero++;
 | |
| 		if (lock & BSEC_LOCK_PERM)
 | |
| 			nb_lock++;
 | |
| 		if (lock & BSEC_LOCK_ERROR)
 | |
| 			nb_lock_err++;
 | |
| 	}
 | |
| 
 | |
| 	status = nb_lock_err || (nb_lock == key->size);
 | |
| 	if (locked)
 | |
| 		*locked = status;
 | |
| 	if (nb_lock_err && print)
 | |
| 		printf("%s lock is invalid!\n", key->name);
 | |
| 	else if (!status && print)
 | |
| 		printf("%s is not locked!\n", key->name);
 | |
| 
 | |
| 	if (nb_invalid == key->size) {
 | |
| 		if (print)
 | |
| 			printf("%s is invalid!\n", key->name);
 | |
| 		return -EINVAL;
 | |
| 	}
 | |
| 	if (nb_zero == key->size) {
 | |
| 		if (print)
 | |
| 			printf("%s is free!\n", key->name);
 | |
| 		return -ENOENT;
 | |
| 	}
 | |
| 
 | |
| 	return 0;
 | |
| }
 | |
| 
 | |
| static int read_close_status(struct udevice *dev, bool print, bool *closed)
 | |
| {
 | |
| 	int word, ret, result;
 | |
| 	u32 val, lock, mask;
 | |
| 	bool status;
 | |
| 
 | |
| 	result = 0;
 | |
| 	word = STM32_OTP_CLOSE_ID;
 | |
| 	ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
 | |
| 	if (ret < 0)
 | |
| 		result = ret;
 | |
| 	if (ret != 4)
 | |
| 		val = 0x0;
 | |
| 
 | |
| 	ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
 | |
| 	if (ret < 0)
 | |
| 		result = ret;
 | |
| 	if (ret != 4)
 | |
| 		lock = BSEC_LOCK_ERROR;
 | |
| 
 | |
| 	mask = get_otp_close_mask();
 | |
| 	status = (val & mask) == mask;
 | |
| 	if (closed)
 | |
| 		*closed = status;
 | |
| 	if (print)
 | |
| 		printf("OTP %d: closed status: %d lock : %08x\n", word, status, lock);
 | |
| 
 | |
| 	return result;
 | |
| }
 | |
| 
 | |
| static int fuse_key_value(struct udevice *dev, const struct stm32key *key, u32 addr, bool print)
 | |
| {
 | |
| 	u32 word, val;
 | |
| 	int i, ret;
 | |
| 
 | |
| 	for (i = 0, word = key->start; i < key->size; i++, word++, addr += 4) {
 | |
| 		val = __be32_to_cpu(*(u32 *)addr);
 | |
| 		if (print)
 | |
| 			printf("Fuse %s OTP %i : %08x\n", key->name, word, val);
 | |
| 
 | |
| 		ret = misc_write(dev, STM32_BSEC_OTP(word), &val, 4);
 | |
| 		if (ret != 4) {
 | |
| 			log_err("Fuse %s OTP %i failed\n", key->name, word);
 | |
| 			return ret;
 | |
| 		}
 | |
| 		/* on success, lock the OTP for the key */
 | |
| 		val = BSEC_LOCK_PERM;
 | |
| 		ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
 | |
| 		if (ret != 4) {
 | |
| 			log_err("Lock %s OTP %i failed\n", key->name, word);
 | |
| 			return ret;
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	return 0;
 | |
| }
 | |
| 
 | |
| static int confirm_prog(void)
 | |
| {
 | |
| 	puts("Warning: Programming fuses is an irreversible operation!\n"
 | |
| 			"         This may brick your system.\n"
 | |
| 			"         Use this command only if you are sure of what you are doing!\n"
 | |
| 			"\nReally perform this fuse programming? <y/N>\n");
 | |
| 
 | |
| 	if (confirm_yesno())
 | |
| 		return 1;
 | |
| 
 | |
| 	puts("Fuse programming aborted\n");
 | |
| 	return 0;
 | |
| }
 | |
| 
 | |
| static void display_key_info(const struct stm32key *key)
 | |
| {
 | |
| 	printf("%s : %s\n", key->name, key->desc);
 | |
| 	printf("\tOTP%d..%d\n", key->start, key->start + key->size);
 | |
| }
 | |
| 
 | |
| static int do_stm32key_list(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
 | |
| {
 | |
| 	int i;
 | |
| 
 | |
| 	for (i = 0; i < get_key_nb(); i++)
 | |
| 		display_key_info(get_key(i));
 | |
| 
 | |
| 	return CMD_RET_SUCCESS;
 | |
| }
 | |
| 
 | |
| static int do_stm32key_select(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
 | |
| {
 | |
| 	const struct stm32key *key;
 | |
| 	int i;
 | |
| 
 | |
| 	if (argc == 1) {
 | |
| 		printf("Selected key:\n");
 | |
| 		key = get_key(stm32key_index);
 | |
| 		display_key_info(key);
 | |
| 		return CMD_RET_SUCCESS;
 | |
| 	}
 | |
| 
 | |
| 	for (i = 0; i < get_key_nb(); i++) {
 | |
| 		key = get_key(i);
 | |
| 		if (!strcmp(key->name, argv[1])) {
 | |
| 			printf("%s selected\n", key->name);
 | |
| 			stm32key_index = i;
 | |
| 			return CMD_RET_SUCCESS;
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	printf("Unknown key %s\n", argv[1]);
 | |
| 
 | |
| 	return CMD_RET_FAILURE;
 | |
| }
 | |
| 
 | |
| static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
 | |
| {
 | |
| 	const struct stm32key *key;
 | |
| 	struct udevice *dev;
 | |
| 	u32 addr;
 | |
| 	int ret, i;
 | |
| 	int result;
 | |
| 
 | |
| 	ret = get_misc_dev(&dev);
 | |
| 
 | |
| 	if (argc == 1) {
 | |
| 		if (ret)
 | |
| 			return CMD_RET_FAILURE;
 | |
| 		key = get_key(stm32key_index);
 | |
| 		ret = read_key_otp(dev, key, true, NULL);
 | |
| 		if (ret != -ENOENT)
 | |
| 			return CMD_RET_FAILURE;
 | |
| 		return CMD_RET_SUCCESS;
 | |
| 	}
 | |
| 
 | |
| 	if (!strcmp("-a", argv[1])) {
 | |
| 		if (ret)
 | |
| 			return CMD_RET_FAILURE;
 | |
| 		result = CMD_RET_SUCCESS;
 | |
| 		for (i = 0; i < get_key_nb(); i++) {
 | |
| 			key = get_key(i);
 | |
| 			ret = read_key_otp(dev, key, true, NULL);
 | |
| 			if (ret != -ENOENT)
 | |
| 				result = CMD_RET_FAILURE;
 | |
| 		}
 | |
| 		ret = read_close_status(dev, true, NULL);
 | |
| 		if (ret)
 | |
| 			result = CMD_RET_FAILURE;
 | |
| 
 | |
| 		return result;
 | |
| 	}
 | |
| 
 | |
| 	addr = hextoul(argv[1], NULL);
 | |
| 	if (!addr)
 | |
| 		return CMD_RET_USAGE;
 | |
| 
 | |
| 	key = get_key(stm32key_index);
 | |
| 	printf("Read %s at 0x%08x\n", key->name, addr);
 | |
| 	read_key_value(key, addr);
 | |
| 
 | |
| 	return CMD_RET_SUCCESS;
 | |
| }
 | |
| 
 | |
| static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
 | |
| {
 | |
| 	const struct stm32key *key = get_key(stm32key_index);
 | |
| 	struct udevice *dev;
 | |
| 	u32 addr;
 | |
| 	int ret;
 | |
| 	bool yes = false, lock;
 | |
| 
 | |
| 	if (argc < 2)
 | |
| 		return CMD_RET_USAGE;
 | |
| 
 | |
| 	if (argc == 3) {
 | |
| 		if (strcmp(argv[1], "-y"))
 | |
| 			return CMD_RET_USAGE;
 | |
| 		yes = true;
 | |
| 	}
 | |
| 
 | |
| 	addr = hextoul(argv[argc - 1], NULL);
 | |
| 	if (!addr)
 | |
| 		return CMD_RET_USAGE;
 | |
| 
 | |
| 	ret = get_misc_dev(&dev);
 | |
| 	if (ret)
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	if (read_key_otp(dev, key, !yes, &lock) != -ENOENT) {
 | |
| 		printf("Error: can't fuse again the OTP\n");
 | |
| 		return CMD_RET_FAILURE;
 | |
| 	}
 | |
| 	if (lock) {
 | |
| 		printf("Error: %s is locked\n", key->name);
 | |
| 		return CMD_RET_FAILURE;
 | |
| 	}
 | |
| 
 | |
| 	if (!yes) {
 | |
| 		printf("Writing %s with\n", key->name);
 | |
| 		read_key_value(key, addr);
 | |
| 	}
 | |
| 
 | |
| 	if (!yes && !confirm_prog())
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	if (fuse_key_value(dev, key, addr, !yes))
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	printf("%s updated !\n", key->name);
 | |
| 
 | |
| 	return CMD_RET_SUCCESS;
 | |
| }
 | |
| 
 | |
| static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
 | |
| {
 | |
| 	const struct stm32key *key;
 | |
| 	bool yes, lock, closed;
 | |
| 	struct udevice *dev;
 | |
| 	u32 val;
 | |
| 	int ret;
 | |
| 
 | |
| 	yes = false;
 | |
| 	if (argc == 2) {
 | |
| 		if (strcmp(argv[1], "-y"))
 | |
| 			return CMD_RET_USAGE;
 | |
| 		yes = true;
 | |
| 	}
 | |
| 
 | |
| 	ret = get_misc_dev(&dev);
 | |
| 	if (ret)
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	if (read_close_status(dev, !yes, &closed))
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	if (closed) {
 | |
| 		printf("Error: already closed!\n");
 | |
| 		return CMD_RET_FAILURE;
 | |
| 	}
 | |
| 
 | |
| 	/* check PKH status before to close */
 | |
| 	key = get_key(STM32KEY_PKH);
 | |
| 	ret = read_key_otp(dev, key, !yes, &lock);
 | |
| 	if (ret) {
 | |
| 		if (ret == -ENOENT)
 | |
| 			printf("Error: %s not programmed!\n", key->name);
 | |
| 		return CMD_RET_FAILURE;
 | |
| 	}
 | |
| 	if (!lock)
 | |
| 		printf("Warning: %s not locked!\n", key->name);
 | |
| 
 | |
| 	if (!yes && !confirm_prog())
 | |
| 		return CMD_RET_FAILURE;
 | |
| 
 | |
| 	val = get_otp_close_mask();
 | |
| 	ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
 | |
| 	if (ret != 4) {
 | |
| 		printf("Error: can't update OTP %d\n", STM32_OTP_CLOSE_ID);
 | |
| 		return CMD_RET_FAILURE;
 | |
| 	}
 | |
| 
 | |
| 	printf("Device is closed !\n");
 | |
| 
 | |
| 	return CMD_RET_SUCCESS;
 | |
| }
 | |
| 
 | |
| U_BOOT_LONGHELP(stm32key,
 | |
| 	"list : list the supported key with description\n"
 | |
| 	"stm32key select [<key>] : Select the key identified by <key> or display the key used for read/fuse command\n"
 | |
| 	"stm32key read [<addr> | -a ] : Read the curent key at <addr> or current / all (-a) key in OTP\n"
 | |
| 	"stm32key fuse [-y] <addr> : Fuse the current key at addr in OTP\n"
 | |
| 	"stm32key close [-y] : Close the device\n");
 | |
| 
 | |
| U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Manage key on STM32", stm32key_help_text,
 | |
| 	U_BOOT_SUBCMD_MKENT(list, 1, 0, do_stm32key_list),
 | |
| 	U_BOOT_SUBCMD_MKENT(select, 2, 0, do_stm32key_select),
 | |
| 	U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
 | |
| 	U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
 | |
| 	U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));
 |