From c205fe979ebc1961cf28555c00e24a9004761366 Mon Sep 17 00:00:00 2001 From: Igor Opaniuk Date: Mon, 6 Nov 2023 11:41:52 +0100 Subject: [PATCH] stm32mp1: read auth stats and boot_partition from tamp Obtain from TAMP backup register information about image authorization status and partition id used for booting. Store this info in environmental variables ("boot_auth" and "boot_part" correspondingly). Image authorization supported values: 0x0 - No authentication done 0x1 - Authentication done and failed 0x2 - Authentication done and succeeded These values are stored to TAMP backup register by Trusted Firmware-A [1]. Testing: STM32MP> print boot_part boot_part=1 STM32MP> print boot_auth boot_auth=2 [1] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?h=refs/heads/integration&id=ab2b325c1ab895e626d4e11a9f26b9e7c968f8d8 Signed-off-by: Igor Opaniuk Co-developed-by: Oleksandr Suvorov Signed-off-by: Oleksandr Suvorov Reviewed-by: Patrice Chotard --- arch/arm/mach-stm32mp/cpu.c | 23 +++++++++++++++++++ arch/arm/mach-stm32mp/include/mach/stm32.h | 4 ++++ .../arm/mach-stm32mp/include/mach/sys_proto.h | 3 +++ 3 files changed, 30 insertions(+) diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c index bab318875c..55574fd4be 100644 --- a/arch/arm/mach-stm32mp/cpu.c +++ b/arch/arm/mach-stm32mp/cpu.c @@ -40,6 +40,13 @@ u32 get_bootmode(void) TAMP_BOOT_MODE_SHIFT; } +u32 get_bootauth(void) +{ + /* read boot auth status and partition from TAMP backup register */ + return (readl(TAMP_BOOT_CONTEXT) & TAMP_BOOT_AUTH_MASK) >> + TAMP_BOOT_AUTH_SHIFT; +} + /* * weak function overidde: set the DDR/SYSRAM executable before to enable the * MMU and configure DACR, for early early_enable_caches (SPL or pre-reloc) @@ -371,8 +378,24 @@ __weak void stm32mp_misc_init(void) { } +static int setup_boot_auth_info(void) +{ + char buf[10]; + u32 bootauth = get_bootauth(); + + snprintf(buf, sizeof(buf), "%d", bootauth >> 4); + env_set("boot_auth", buf); + + snprintf(buf, sizeof(buf), "%d", bootauth & + (u32)TAMP_BOOT_PARTITION_MASK); + env_set("boot_part", buf); + + return 0; +} + int arch_misc_init(void) { + setup_boot_auth_info(); setup_boot_mode(); setup_mac_address(); setup_serial_number(); diff --git a/arch/arm/mach-stm32mp/include/mach/stm32.h b/arch/arm/mach-stm32mp/include/mach/stm32.h index 1cdc5e3b18..ac0deced67 100644 --- a/arch/arm/mach-stm32mp/include/mach/stm32.h +++ b/arch/arm/mach-stm32mp/include/mach/stm32.h @@ -139,8 +139,12 @@ enum boot_device { #define TAMP_BOOT_MODE_MASK GENMASK(15, 8) #define TAMP_BOOT_MODE_SHIFT 8 +#define TAMP_BOOT_AUTH_MASK GENMASK(23, 16) +#define TAMP_BOOT_AUTH_SHIFT 16 #define TAMP_BOOT_DEVICE_MASK GENMASK(7, 4) #define TAMP_BOOT_INSTANCE_MASK GENMASK(3, 0) +#define TAMP_BOOT_AUTH_ST_MASK GENMASK(7, 4) +#define TAMP_BOOT_PARTITION_MASK GENMASK(3, 0) #define TAMP_BOOT_FORCED_MASK GENMASK(7, 0) enum forced_boot_mode { diff --git a/arch/arm/mach-stm32mp/include/mach/sys_proto.h b/arch/arm/mach-stm32mp/include/mach/sys_proto.h index 83fb32a45f..52aca1e23e 100644 --- a/arch/arm/mach-stm32mp/include/mach/sys_proto.h +++ b/arch/arm/mach-stm32mp/include/mach/sys_proto.h @@ -66,6 +66,9 @@ void get_soc_name(char name[SOC_NAME_SIZE]); /* return boot mode */ u32 get_bootmode(void); +/* return auth status and partition */ +u32 get_bootauth(void); + int get_eth_nb(void); int setup_mac_address(void); -- 2.39.5