[J-u-boot.git] / arch / arm / mach-stm32mp / cmd_stm32key.c

// SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
/*
 * Copyright (C) 2019, STMicroelectronics - All Rights Reserved
 */

#include <common.h>
#include <command.h>
#include <console.h>
#include <log.h>
#include <misc.h>
#include <dm/device.h>
#include <dm/uclass.h>

/* Closed device : bit 6 of OPT0*/
#define STM32_OTP_CLOSE_ID		0
#define STM32_OTP_CLOSE_MASK		BIT(6)

/* HASH of key: 8 OTPs, starting with OTP24) */
#define STM32_OTP_HASH_KEY_START	24
#define STM32_OTP_HASH_KEY_SIZE		8

static int get_misc_dev(struct udevice **dev)
{
	int ret;

	ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(stm32mp_bsec), dev);
	if (ret)
		log_err("Can't find stm32mp_bsec driver\n");

	return ret;
}

static void read_hash_value(u32 addr)
{
	int i;

	printf("Read KEY at 0x%x\n", addr);
	for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
		printf("OTP value %i: %x\n", STM32_OTP_HASH_KEY_START + i,
		       __be32_to_cpu(*(u32 *)addr));
		addr += 4;
	}
}

static int read_hash_otp(bool print, bool *locked, bool *closed)
{
	struct udevice *dev;
	int i, word, ret;
	int nb_invalid = 0, nb_zero = 0, nb_lock = 0;
	u32 val, lock;
	bool status;

	ret = get_misc_dev(&dev);
	if (ret)
		return ret;

	for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; i++, word++) {
		ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
		if (ret != 4)
			val = ~0x0;
		ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
		if (ret != 4)
			lock = -1;
		if (print)
			printf("OTP HASH %i: %x lock : %d\n", word, val, lock);
		if (val == ~0x0)
			nb_invalid++;
		else if (val == 0x0)
			nb_zero++;
		if (lock == 1)
			nb_lock++;
	}

	word = STM32_OTP_CLOSE_ID;
	ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
	if (ret != 4)
		val = 0x0;
	ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
	if (ret != 4)
		lock = -1;

	status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
	if (closed)
		*closed = status;
	if (print)
		printf("OTP %d: closed status: %d lock : %d\n", word, status, lock);

	status = (nb_lock == STM32_OTP_HASH_KEY_SIZE);
	if (locked)
		*locked = status;
	if (!status && print)
		printf("Hash of key is not locked!\n");

	if (nb_invalid == STM32_OTP_HASH_KEY_SIZE) {
		if (print)
			printf("Hash of key is invalid!\n");
		return -EINVAL;
	}
	if (nb_zero == STM32_OTP_HASH_KEY_SIZE) {
		if (print)
			printf("Hash of key is free!\n");
		return -ENOENT;
	}

	return 0;
}

static int fuse_hash_value(u32 addr, bool print)
{
	struct udevice *dev;
	u32 word, val;
	int i, ret;

	ret = get_misc_dev(&dev);
	if (ret)
		return ret;

	for (i = 0, word = STM32_OTP_HASH_KEY_START;
	     i < STM32_OTP_HASH_KEY_SIZE;
	     i++, word++, addr += 4) {
		val = __be32_to_cpu(*(u32 *)addr);
		if (print)
			printf("Fuse OTP %i : %x\n", word, val);

		ret = misc_write(dev, STM32_BSEC_OTP(word), &val, 4);
		if (ret != 4) {
			log_err("Fuse OTP %i failed\n", word);
			return ret;
		}
		/* on success, lock the OTP for HASH key */
		val = 1;
		ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
		if (ret != 4) {
			log_err("Lock OTP %i failed\n", word);
			return ret;
		}
	}

	return 0;
}

static int confirm_prog(void)
{
	puts("Warning: Programming fuses is an irreversible operation!\n"
			"         This may brick your system.\n"
			"         Use this command only if you are sure of what you are doing!\n"
			"\nReally perform this fuse programming? <y/N>\n");

	if (confirm_yesno())
		return 1;

	puts("Fuse programming aborted\n");
	return 0;
}

static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	u32 addr;

	if (argc == 1) {
		read_hash_otp(true, NULL, NULL);
		return CMD_RET_SUCCESS;
	}

	addr = hextoul(argv[1], NULL);
	if (!addr)
		return CMD_RET_USAGE;

	read_hash_value(addr);

	return CMD_RET_SUCCESS;
}

static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	u32 addr;
	bool yes = false, lock, closed;

	if (argc < 2)
		return CMD_RET_USAGE;

	if (argc == 3) {
		if (strcmp(argv[1], "-y"))
			return CMD_RET_USAGE;
		yes = true;
	}

	addr = hextoul(argv[argc - 1], NULL);
	if (!addr)
		return CMD_RET_USAGE;

	if (read_hash_otp(!yes, &lock, &closed) != -ENOENT) {
		printf("Error: can't fuse again the OTP\n");
		return CMD_RET_FAILURE;
	}

	if (lock || closed) {
		printf("Error: invalid OTP configuration (lock=%d, closed=%d)\n", lock, closed);
		return CMD_RET_FAILURE;
	}

	if (!yes && !confirm_prog())
		return CMD_RET_FAILURE;

	if (fuse_hash_value(addr, !yes))
		return CMD_RET_FAILURE;

	printf("Hash key updated !\n");

	return CMD_RET_SUCCESS;
}

static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	bool yes, lock, closed;
	struct udevice *dev;
	u32 val;
	int ret;

	yes = false;
	if (argc == 2) {
		if (strcmp(argv[1], "-y"))
			return CMD_RET_USAGE;
		yes = true;
	}

	ret = read_hash_otp(!yes, &lock, &closed);
	if (ret) {
		if (ret == -ENOENT)
			printf("Error: OTP not programmed!\n");
		return CMD_RET_FAILURE;
	}

	if (closed) {
		printf("Error: already closed!\n");
		return CMD_RET_FAILURE;
	}

	if (!lock)
		printf("Warning: OTP not locked!\n");

	if (!yes && !confirm_prog())
		return CMD_RET_FAILURE;

	ret = get_misc_dev(&dev);
	if (ret)
		return CMD_RET_FAILURE;

	val = STM32_OTP_CLOSE_MASK;
	ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
	if (ret != 4) {
		printf("Error: can't update OTP\n");
		return CMD_RET_FAILURE;
	}

	printf("Device is closed !\n");

	return CMD_RET_SUCCESS;
}

static char stm32key_help_text[] =
	"read [<addr>]: Read the hash stored at addr in memory or in OTP\n"
	"stm32key fuse [-y] <addr> : Fuse hash stored at addr in OTP\n"
	"stm32key close [-y] : Close the device, the hash stored in OTP\n";

U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text,
	U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
	U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
	U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));
Commit	Line	Data
f4cb5d69 PD	1	// SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
	2	/*
	3	* Copyright (C) 2019, STMicroelectronics - All Rights Reserved
	4	*/
	5
	6	#include <common.h>
	7	#include <command.h>
	8	#include <console.h>
eb653acd	9	#include <log.h>
f4cb5d69 PD	10	#include <misc.h>
	11	#include <dm/device.h>
	12	#include <dm/uclass.h>
	13
d3551b8e PD	14	/* Closed device : bit 6 of OPT0*/
	15	#define STM32_OTP_CLOSE_ID 0
	16	#define STM32_OTP_CLOSE_MASK BIT(6)
	17
	18	/* HASH of key: 8 OTPs, starting with OTP24) */
	19	#define STM32_OTP_HASH_KEY_START 24
	20	#define STM32_OTP_HASH_KEY_SIZE 8
f4cb5d69	21
e00e1f39 PD	22	static int get_misc_dev(struct udevice **dev)
	23	{
	24	int ret;
	25
	26	ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(stm32mp_bsec), dev);
	27	if (ret)
	28	log_err("Can't find stm32mp_bsec driver\n");
	29
	30	return ret;
	31	}
	32
f4cb5d69 PD	33	static void read_hash_value(u32 addr)
	34	{
	35	int i;
	36
d3551b8e	37	printf("Read KEY at 0x%x\n", addr);
f4cb5d69 PD	38	for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
	39	printf("OTP value %i: %x\n", STM32_OTP_HASH_KEY_START + i,
	40	__be32_to_cpu((u32 )addr));
	41	addr += 4;
	42	}
	43	}
	44
d3551b8e PD	45	static int read_hash_otp(bool print, bool locked, bool closed)
	46	{
	47	struct udevice *dev;
	48	int i, word, ret;
	49	int nb_invalid = 0, nb_zero = 0, nb_lock = 0;
	50	u32 val, lock;
	51	bool status;
	52
	53	ret = get_misc_dev(&dev);
	54	if (ret)
	55	return ret;
	56
	57	for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; i++, word++) {
	58	ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
	59	if (ret != 4)
	60	val = ~0x0;
	61	ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
	62	if (ret != 4)
	63	lock = -1;
	64	if (print)
	65	printf("OTP HASH %i: %x lock : %d\n", word, val, lock);
	66	if (val == ~0x0)
	67	nb_invalid++;
	68	else if (val == 0x0)
	69	nb_zero++;
	70	if (lock == 1)
	71	nb_lock++;
	72	}
	73
	74	word = STM32_OTP_CLOSE_ID;
	75	ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
	76	if (ret != 4)
	77	val = 0x0;
	78	ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
	79	if (ret != 4)
	80	lock = -1;
	81
	82	status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
	83	if (closed)
	84	*closed = status;
	85	if (print)
	86	printf("OTP %d: closed status: %d lock : %d\n", word, status, lock);
	87
	88	status = (nb_lock == STM32_OTP_HASH_KEY_SIZE);
	89	if (locked)
	90	*locked = status;
	91	if (!status && print)
	92	printf("Hash of key is not locked!\n");
	93
	94	if (nb_invalid == STM32_OTP_HASH_KEY_SIZE) {
	95	if (print)
	96	printf("Hash of key is invalid!\n");
	97	return -EINVAL;
	98	}
	99	if (nb_zero == STM32_OTP_HASH_KEY_SIZE) {
	100	if (print)
	101	printf("Hash of key is free!\n");
	102	return -ENOENT;
	103	}
	104
	105	return 0;
	106	}
	107
fe24090e	108	static int fuse_hash_value(u32 addr, bool print)
f4cb5d69 PD	109	{
	110	struct udevice *dev;
	111	u32 word, val;
	112	int i, ret;
	113
e00e1f39 PD	114	ret = get_misc_dev(&dev);
e00e1f39 PD	115	if (ret)
fe24090e	116	return ret;
f4cb5d69	117
3da2552a PD	118	for (i = 0, word = STM32_OTP_HASH_KEY_START;
	119	i < STM32_OTP_HASH_KEY_SIZE;
	120	i++, word++, addr += 4) {
f4cb5d69	121	val = __be32_to_cpu((u32 )addr);
fe24090e PD	122	if (print)
	123	printf("Fuse OTP %i : %x\n", word, val);
	124
	125	ret = misc_write(dev, STM32_BSEC_OTP(word), &val, 4);
	126	if (ret != 4) {
	127	log_err("Fuse OTP %i failed\n", word);
	128	return ret;
	129	}
3da2552a PD	130	/* on success, lock the OTP for HASH key */
	131	val = 1;
	132	ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
	133	if (ret != 4) {
	134	log_err("Lock OTP %i failed\n", word);
	135	return ret;
	136	}
f4cb5d69	137	}
fe24090e PD	138
fe24090e PD	139	return 0;
f4cb5d69 PD	140	}
	141
	142	static int confirm_prog(void)
	143	{
	144	puts("Warning: Programming fuses is an irreversible operation!\n"
	145	" This may brick your system.\n"
	146	" Use this command only if you are sure of what you are doing!\n"
	147	"\nReally perform this fuse programming? <y/N>\n");
	148
	149	if (confirm_yesno())
	150	return 1;
	151
	152	puts("Fuse programming aborted\n");
	153	return 0;
	154	}
	155
bc78d5f2	156	static int do_stm32key_read(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
f4cb5d69 PD	157	{
f4cb5d69 PD	158	u32 addr;
f4cb5d69	159
d3551b8e PD	160	if (argc == 1) {
	161	read_hash_otp(true, NULL, NULL);
	162	return CMD_RET_SUCCESS;
	163	}
f4cb5d69	164
7e5f460e	165	addr = hextoul(argv[1], NULL);
f4cb5d69 PD	166	if (!addr)
	167	return CMD_RET_USAGE;
	168
bc78d5f2 PD	169	read_hash_value(addr);
	170
	171	return CMD_RET_SUCCESS;
	172	}
	173
	174	static int do_stm32key_fuse(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
	175	{
	176	u32 addr;
d3551b8e	177	bool yes = false, lock, closed;
f4cb5d69	178
bc78d5f2 PD	179	if (argc < 2)
	180	return CMD_RET_USAGE;
	181
	182	if (argc == 3) {
	183	if (strcmp(argv[1], "-y"))
	184	return CMD_RET_USAGE;
	185	yes = true;
f4cb5d69 PD	186	}
f4cb5d69 PD	187
7e5f460e	188	addr = hextoul(argv[argc - 1], NULL);
bc78d5f2 PD	189	if (!addr)
	190	return CMD_RET_USAGE;
	191
d3551b8e PD	192	if (read_hash_otp(!yes, &lock, &closed) != -ENOENT) {
	193	printf("Error: can't fuse again the OTP\n");
	194	return CMD_RET_FAILURE;
	195	}
	196
	197	if (lock \|\| closed) {
	198	printf("Error: invalid OTP configuration (lock=%d, closed=%d)\n", lock, closed);
	199	return CMD_RET_FAILURE;
	200	}
	201
bc78d5f2 PD	202	if (!yes && !confirm_prog())
	203	return CMD_RET_FAILURE;
	204
fe24090e PD	205	if (fuse_hash_value(addr, !yes))
	206	return CMD_RET_FAILURE;
	207
bc78d5f2 PD	208	printf("Hash key updated !\n");
bc78d5f2 PD	209
f4cb5d69 PD	210	return CMD_RET_SUCCESS;
	211	}
	212
80cfc6c6 PD	213	static int do_stm32key_close(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
	214	{
	215	bool yes, lock, closed;
	216	struct udevice *dev;
	217	u32 val;
	218	int ret;
	219
	220	yes = false;
	221	if (argc == 2) {
	222	if (strcmp(argv[1], "-y"))
	223	return CMD_RET_USAGE;
	224	yes = true;
	225	}
	226
	227	ret = read_hash_otp(!yes, &lock, &closed);
	228	if (ret) {
	229	if (ret == -ENOENT)
	230	printf("Error: OTP not programmed!\n");
	231	return CMD_RET_FAILURE;
	232	}
	233
	234	if (closed) {
	235	printf("Error: already closed!\n");
	236	return CMD_RET_FAILURE;
	237	}
	238
	239	if (!lock)
	240	printf("Warning: OTP not locked!\n");
	241
	242	if (!yes && !confirm_prog())
	243	return CMD_RET_FAILURE;
	244
	245	ret = get_misc_dev(&dev);
	246	if (ret)
	247	return CMD_RET_FAILURE;
	248
	249	val = STM32_OTP_CLOSE_MASK;
	250	ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
	251	if (ret != 4) {
	252	printf("Error: can't update OTP\n");
	253	return CMD_RET_FAILURE;
	254	}
	255
	256	printf("Device is closed !\n");
	257
	258	return CMD_RET_SUCCESS;
	259	}
	260
bc78d5f2	261	static char stm32key_help_text[] =
d3551b8e	262	"read [<addr>]: Read the hash stored at addr in memory or in OTP\n"
80cfc6c6 PD	263	"stm32key fuse [-y] <addr> : Fuse hash stored at addr in OTP\n"
80cfc6c6 PD	264	"stm32key close [-y] : Close the device, the hash stored in OTP\n";
bc78d5f2 PD	265
	266	U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text,
	267	U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
80cfc6c6 PD	268	U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
80cfc6c6 PD	269	U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));