[PATCH v2 19/22] arm: stm32mp: add helper function stm32mp_is_closed()

Patrice Chotard patrice.chotard at foss.st.com
Fri Apr 25 15:15:30 CEST 2025 

From: Patrick Delaunay <patrick.delaunay at foss.st.com>

Add the helper function stm32mp_is_closed() to check the "closed" state in
product life cycle, when product secrets have  been provisioned into the
device, by "secure secret provisioning" tools (SSP) for example.

Signed-off-by: Patrick Delaunay <patrick.delaunay at foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard at foss.st.com>
---

(no changes since v1)

 arch/arm/mach-stm32mp/cmd_stm32key.c          | 22 +++++++++++++++++++
 .../arm/mach-stm32mp/include/mach/sys_proto.h |  7 ++++++
 2 files changed, 29 insertions(+)

diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
index d6bf72d8e32..6bfa67859e1 100644
--- a/arch/arm/mach-stm32mp/cmd_stm32key.c
+++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
@@ -618,3 +618,25 @@ U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Manage key on STM32", stm32key_help_text,
 	U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
 	U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
 	U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));
+
+/*
+ * Check the "closed" state in product life cycle, when product secrets have
+ * been provisioned into the device, by SSP tools for example.
+ * On closed devices, authentication is mandatory.
+ */
+bool stm32mp_is_closed(void)
+{
+	struct udevice *dev;
+	bool closed;
+	int ret;
+
+	ret = get_misc_dev(&dev);
+	if (ret)
+		return false;
+
+	ret = read_close_status(dev, false, &closed);
+	if (ret)
+		return false;
+
+	return closed;
+}
diff --git a/arch/arm/mach-stm32mp/include/mach/sys_proto.h b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
index bf1c39742c1..19073668497 100644
--- a/arch/arm/mach-stm32mp/include/mach/sys_proto.h
+++ b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
@@ -120,3 +120,10 @@ u32 get_otp(int index, int shift, int mask);
 
 uintptr_t get_stm32mp_rom_api_table(void);
 uintptr_t get_stm32mp_bl2_dtb(void);
+
+/* helper function: check "closed" state in product "Life Cycle" */
+#ifdef CONFIG_CMD_STM32KEY
+bool stm32mp_is_closed(void);
+#else
+static inline bool stm32mp_is_closed(void) { return false; }
+#endif
-- 
2.25.1

More information about the U-Boot mailing list