From 3da2552a22580d5cb703bce9f07f1444136589a3 Mon Sep 17 00:00:00 2001
From: Patrick Delaunay <patrick.delaunay@foss.st.com>
Date: Mon, 28 Jun 2021 14:56:00 +0200
Subject: [PATCH] stm32mp: cmd_stm32key: lock of PKH OTP after fuse

Lock the OTP value of key's hash after the command
$> stm32key fuse <address>

This operation forbids a second update of these OTP as they are
ECC protected in BSEC: any update of these OTP with a different value
causes a BSEC disturb error and the closed chip will be bricked.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
---
 arch/arm/mach-stm32mp/cmd_stm32key.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
index 2529139ebc..c4cb6342fa 100644
--- a/arch/arm/mach-stm32mp/cmd_stm32key.c
+++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
@@ -39,8 +39,9 @@ static int fuse_hash_value(u32 addr, bool print)
 		return ret;
 	}
 
-	for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
-		word = STM32_OTP_HASH_KEY_START + i;
+	for (i = 0, word = STM32_OTP_HASH_KEY_START;
+	     i < STM32_OTP_HASH_KEY_SIZE;
+	     i++, word++, addr += 4) {
 		val = __be32_to_cpu(*(u32 *)addr);
 		if (print)
 			printf("Fuse OTP %i : %x\n", word, val);
@@ -50,8 +51,13 @@ static int fuse_hash_value(u32 addr, bool print)
 			log_err("Fuse OTP %i failed\n", word);
 			return ret;
 		}
-
-		addr += 4;
+		/* on success, lock the OTP for HASH key */
+		val = 1;
+		ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
+		if (ret != 4) {
+			log_err("Lock OTP %i failed\n", word);
+			return ret;
+		}
 	}
 
 	return 0;
-- 
2.39.5