[PATCH 6/7] stm32mp: cmd_stm32key: add read OTP subcommand

Patrice CHOTARD patrice.chotard at foss.st.com
Thu Jul 1 09:36:14 CEST 2021 

Hi Patrick

On 6/28/21 2:56 PM, Patrick Delaunay wrote:
> Allow to read the OTP value and lock status with the command
> $> stm32key read.
> 
> This patch also protects the stm32key fuse command.
> 
> Signed-off-by: Patrick Delaunay <patrick.delaunay at foss.st.com>
> ---
> 
>  arch/arm/mach-stm32mp/cmd_stm32key.c | 93 ++++++++++++++++++++++++++--
>  1 file changed, 87 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
> index 886c52794f..8c8d476b65 100644
> --- a/arch/arm/mach-stm32mp/cmd_stm32key.c
> +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
> @@ -11,8 +11,13 @@
>  #include <dm/device.h>
>  #include <dm/uclass.h>
>  
> -#define STM32_OTP_HASH_KEY_START 24
> -#define STM32_OTP_HASH_KEY_SIZE 8
> +/* Closed device : bit 6 of OPT0*/
> +#define STM32_OTP_CLOSE_ID		0
> +#define STM32_OTP_CLOSE_MASK		BIT(6)
> +
> +/* HASH of key: 8 OTPs, starting with OTP24) */
> +#define STM32_OTP_HASH_KEY_START	24
> +#define STM32_OTP_HASH_KEY_SIZE		8
>  
>  static int get_misc_dev(struct udevice **dev)
>  {
> @@ -29,6 +34,7 @@ static void read_hash_value(u32 addr)
>  {
>  	int i;
>  
> +	printf("Read KEY at 0x%x\n", addr);
>  	for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
>  		printf("OTP value %i: %x\n", STM32_OTP_HASH_KEY_START + i,
>  		       __be32_to_cpu(*(u32 *)addr));
> @@ -36,6 +42,69 @@ static void read_hash_value(u32 addr)
>  	}
>  }
>  
> +static int read_hash_otp(bool print, bool *locked, bool *closed)
> +{
> +	struct udevice *dev;
> +	int i, word, ret;
> +	int nb_invalid = 0, nb_zero = 0, nb_lock = 0;
> +	u32 val, lock;
> +	bool status;
> +
> +	ret = get_misc_dev(&dev);
> +	if (ret)
> +		return ret;
> +
> +	for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; i++, word++) {
> +		ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
> +		if (ret != 4)
> +			val = ~0x0;
> +		ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
> +		if (ret != 4)
> +			lock = -1;
> +		if (print)
> +			printf("OTP HASH %i: %x lock : %d\n", word, val, lock);
> +		if (val == ~0x0)
> +			nb_invalid++;
> +		else if (val == 0x0)
> +			nb_zero++;
> +		if (lock == 1)
> +			nb_lock++;
> +	}
> +
> +	word = STM32_OTP_CLOSE_ID;
> +	ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
> +	if (ret != 4)
> +		val = 0x0;
> +	ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
> +	if (ret != 4)
> +		lock = -1;
> +
> +	status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
> +	if (closed)
> +		*closed = status;
> +	if (print)
> +		printf("OTP %d: closed status: %d lock : %d\n", word, status, lock);
> +
> +	status = (nb_lock == STM32_OTP_HASH_KEY_SIZE);
> +	if (locked)
> +		*locked = status;
> +	if (!status && print)
> +		printf("Hash of key is not locked!\n");
> +
> +	if (nb_invalid == STM32_OTP_HASH_KEY_SIZE) {
> +		if (print)
> +			printf("Hash of key is invalid!\n");
> +		return -EINVAL;
> +	}
> +	if (nb_zero == STM32_OTP_HASH_KEY_SIZE) {
> +		if (print)
> +			printf("Hash of key is free!\n");
> +		return -ENOENT;
> +	}
> +
> +	return 0;
> +}
> +
>  static int fuse_hash_value(u32 addr, bool print)
>  {
>  	struct udevice *dev;
> @@ -88,8 +157,10 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con
>  {
>  	u32 addr;
>  
> -	if (argc == 1)
> -		return CMD_RET_USAGE;
> +	if (argc == 1) {
> +		read_hash_otp(true, NULL, NULL);
> +		return CMD_RET_SUCCESS;
> +	}
>  
>  	addr = simple_strtoul(argv[1], NULL, 16);
>  	if (!addr)
> @@ -103,7 +174,7 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con
>  static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
>  {
>  	u32 addr;
> -	bool yes = false;
> +	bool yes = false, lock, closed;
>  
>  	if (argc < 2)
>  		return CMD_RET_USAGE;
> @@ -118,6 +189,16 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con
>  	if (!addr)
>  		return CMD_RET_USAGE;
>  
> +	if (read_hash_otp(!yes, &lock, &closed) != -ENOENT) {
> +		printf("Error: can't fuse again the OTP\n");
> +		return CMD_RET_FAILURE;
> +	}
> +
> +	if (lock || closed) {
> +		printf("Error: invalid OTP configuration (lock=%d, closed=%d)\n", lock, closed);
> +		return CMD_RET_FAILURE;
> +	}
> +
>  	if (!yes && !confirm_prog())
>  		return CMD_RET_FAILURE;
>  
> @@ -130,7 +211,7 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con
>  }
>  
>  static char stm32key_help_text[] =
> -	"read <addr>: Read the hash stored at addr in memory\n"
> +	"read [<addr>]: Read the hash stored at addr in memory or in OTP\n"
>  	"stm32key fuse [-y] <addr> : Fuse hash stored at addr in OTP\n";
>  
>  U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text,
> 
Reviewed-by: Patrice Chotard <patrice.chotard at foss.st.com>

Thanks
Patrice

More information about the U-Boot mailing list