return 0;
}
+static int do_sec_fuse_prog(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ ulong addr;
+ u32 header, response;
+
+ if (argc < 2)
+ return CMD_RET_USAGE;
+
+ addr = hextoul(argv[1], NULL);
+ header = *(u32 *)addr;
+
+ if ((header & 0xff0000ff) != 0x89000000) {
+ printf("Wrong Signed message block format, header 0x%x\n", header);
+ return CMD_RET_FAILURE;
+ }
+
+ header = (header & 0xffff00) >> 8;
+
+ printf("Signed Message block at 0x%lx, size 0x%x\n", addr, header);
+ flush_dcache_range(addr, addr + header - 1);
+
+ if (ele_write_secure_fuse(addr, &response)) {
+ printf("Program secure fuse failed, response 0x%x\n", response);
+ return CMD_RET_FAILURE;
+ }
+
+ printf("Program secure fuse completed, response 0x%x\n", response);
+
+ return CMD_RET_SUCCESS;
+}
+
+static int do_ahab_return_lifecycle(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ ulong addr;
+ u32 header, response;
+
+ if (argc < 2)
+ return CMD_RET_USAGE;
+
+ addr = hextoul(argv[1], NULL);
+ header = *(u32 *)addr;
+
+ if ((header & 0xff0000ff) != 0x89000000) {
+ printf("Wrong Signed message block format, header 0x%x\n", header);
+ return CMD_RET_FAILURE;
+ }
+
+ header = (header & 0xffff00) >> 8;
+
+ printf("Signed Message block at 0x%lx, size 0x%x\n", addr, header);
+ flush_dcache_range(addr, addr + header - 1);
+
+ if (ele_return_lifecycle_update(addr, &response)) {
+ printf("Return lifecycle failed, response 0x%x\n", response);
+ return CMD_RET_FAILURE;
+ }
+
+ printf("Return lifecycle completed, response 0x%x\n", response);
+
+ return CMD_RET_SUCCESS;
+}
+
U_BOOT_CMD(auth_cntr, CONFIG_SYS_MAXARGS, 1, do_authenticate,
"autenticate OS container via AHAB",
"addr\n"
"display AHAB lifecycle only",
""
);
+
+U_BOOT_CMD(ahab_sec_fuse_prog, CONFIG_SYS_MAXARGS, 1, do_sec_fuse_prog,
+ "Program secure fuse via signed message block",
+ "addr\n"
+ "addr - Signed message block for secure fuse\n"
+);
+
+U_BOOT_CMD(ahab_return_lifecycle, CONFIG_SYS_MAXARGS, 1, do_ahab_return_lifecycle,
+ "Return lifecycle to OEM field return via signed message block",
+ "addr\n"
+ "addr - Return lifecycle message block signed by OEM SRK\n"
+);
// SPDX-License-Identifier: GPL-2.0
/*
- * Copyright 2020 NXP
+ * Copyright 2020, 2023 NXP
*
*/
return ret;
}
+
+int ele_write_secure_fuse(ulong signed_msg_blk, u32 *response)
+{
+ struct udevice *dev = gd->arch.ele_dev;
+ int size = sizeof(struct ele_msg);
+ struct ele_msg msg;
+ int ret;
+
+ if (!dev) {
+ printf("ele dev is not initialized\n");
+ return -ENODEV;
+ }
+
+ msg.version = ELE_VERSION;
+ msg.tag = ELE_CMD_TAG;
+ msg.size = 3;
+ msg.command = ELE_WRITE_SECURE_FUSE_REQ;
+
+ msg.data[0] = upper_32_bits(signed_msg_blk);
+ msg.data[1] = lower_32_bits(signed_msg_blk);
+
+ ret = misc_call(dev, false, &msg, size, &msg, size);
+ if (ret)
+ printf("Error: %s: ret %d, response 0x%x, failed fuse row index %u\n",
+ __func__, ret, msg.data[0], msg.data[1]);
+
+ if (response)
+ *response = msg.data[0];
+
+ return ret;
+}
+
+int ele_return_lifecycle_update(ulong signed_msg_blk, u32 *response)
+{
+ struct udevice *dev = gd->arch.ele_dev;
+ int size = sizeof(struct ele_msg);
+ struct ele_msg msg;
+ int ret;
+
+ if (!dev) {
+ printf("ele dev is not initialized\n");
+ return -ENODEV;
+ }
+
+ msg.version = ELE_VERSION;
+ msg.tag = ELE_CMD_TAG;
+ msg.size = 3;
+ msg.command = ELE_RET_LIFECYCLE_UP_REQ;
+
+ msg.data[0] = upper_32_bits(signed_msg_blk);
+ msg.data[1] = lower_32_bits(signed_msg_blk);
+
+ ret = misc_call(dev, false, &msg, size, &msg, size);
+ if (ret)
+ printf("Error: %s: ret %d, response 0x%x, failed fuse row index %u\n",
+ __func__, ret, msg.data[0], msg.data[1]);
+
+ if (response)
+ *response = msg.data[0];
+
+ return ret;
+}