[PATCH v1] stm32mp1: read auth stats and boot_partition from tamp
Patrice CHOTARD
patrice.chotard at foss.st.com
Thu Nov 9 08:47:58 CET 2023
On 11/6/23 11:41, Igor Opaniuk wrote:
> Obtain from TAMP backup register information about image authorization
> status and partition id used for booting. Store this info in
> environmental variables ("boot_auth" and "boot_part" correspondingly).
>
> Image authorization supported values:
> 0x0 - No authentication done
> 0x1 - Authentication done and failed
> 0x2 - Authentication done and succeeded
>
> These values are stored to TAMP backup register by Trusted Firmware-A [1].
>
> Testing:
> STM32MP> print boot_part
> boot_part=1
> STM32MP> print boot_auth
> boot_auth=2
>
> [1] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?h=refs/heads/integration&id=ab2b325c1ab895e626d4e11a9f26b9e7c968f8d8
>
> Signed-off-by: Igor Opaniuk <igor.opaniuk at foundries.io>
> Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov at foundries.io>
> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov at foundries.io>
>
> ---
>
> arch/arm/mach-stm32mp/cpu.c | 23 +++++++++++++++++++
> arch/arm/mach-stm32mp/include/mach/stm32.h | 4 ++++
> .../arm/mach-stm32mp/include/mach/sys_proto.h | 3 +++
> 3 files changed, 30 insertions(+)
>
> diff --git a/arch/arm/mach-stm32mp/cpu.c b/arch/arm/mach-stm32mp/cpu.c
> index e07abbe21c1..ba5942848bd 100644
> --- a/arch/arm/mach-stm32mp/cpu.c
> +++ b/arch/arm/mach-stm32mp/cpu.c
> @@ -40,6 +40,13 @@ u32 get_bootmode(void)
> TAMP_BOOT_MODE_SHIFT;
> }
>
> +u32 get_bootauth(void)
> +{
> + /* read boot auth status and partition from TAMP backup register */
> + return (readl(TAMP_BOOT_CONTEXT) & TAMP_BOOT_AUTH_MASK) >>
> + TAMP_BOOT_AUTH_SHIFT;
> +}
> +
> /*
> * weak function overidde: set the DDR/SYSRAM executable before to enable the
> * MMU and configure DACR, for early early_enable_caches (SPL or pre-reloc)
> @@ -371,8 +378,24 @@ __weak void stm32mp_misc_init(void)
> {
> }
>
> +static int setup_boot_auth_info(void)
> +{
> + char buf[10];
> + u32 bootauth = get_bootauth();
> +
> + snprintf(buf, sizeof(buf), "%d", bootauth >> 4);
> + env_set("boot_auth", buf);
> +
> + snprintf(buf, sizeof(buf), "%d", bootauth &
> + (u32)TAMP_BOOT_PARTITION_MASK);
> + env_set("boot_part", buf);
> +
> + return 0;
> +}
> +
> int arch_misc_init(void)
> {
> + setup_boot_auth_info();
> setup_boot_mode();
> setup_mac_address();
> setup_serial_number();
> diff --git a/arch/arm/mach-stm32mp/include/mach/stm32.h b/arch/arm/mach-stm32mp/include/mach/stm32.h
> index 1cdc5e3b186..ac0deced67e 100644
> --- a/arch/arm/mach-stm32mp/include/mach/stm32.h
> +++ b/arch/arm/mach-stm32mp/include/mach/stm32.h
> @@ -139,8 +139,12 @@ enum boot_device {
>
> #define TAMP_BOOT_MODE_MASK GENMASK(15, 8)
> #define TAMP_BOOT_MODE_SHIFT 8
> +#define TAMP_BOOT_AUTH_MASK GENMASK(23, 16)
> +#define TAMP_BOOT_AUTH_SHIFT 16
> #define TAMP_BOOT_DEVICE_MASK GENMASK(7, 4)
> #define TAMP_BOOT_INSTANCE_MASK GENMASK(3, 0)
> +#define TAMP_BOOT_AUTH_ST_MASK GENMASK(7, 4)
> +#define TAMP_BOOT_PARTITION_MASK GENMASK(3, 0)
> #define TAMP_BOOT_FORCED_MASK GENMASK(7, 0)
>
> enum forced_boot_mode {
> diff --git a/arch/arm/mach-stm32mp/include/mach/sys_proto.h b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
> index 83fb32a45fc..52aca1e23e1 100644
> --- a/arch/arm/mach-stm32mp/include/mach/sys_proto.h
> +++ b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
> @@ -66,6 +66,9 @@ void get_soc_name(char name[SOC_NAME_SIZE]);
> /* return boot mode */
> u32 get_bootmode(void);
>
> +/* return auth status and partition */
> +u32 get_bootauth(void);
> +
> int get_eth_nb(void);
> int setup_mac_address(void);
>
Reviewed-by: Patrice Chotard <patrice.chotard at foss.st.com>
Thanks
Patrice
More information about the U-Boot
mailing list