1 // SPDX-License-Identifier: BSD-3-Clause
2 /*
3  * Copyright (c) 2017-2021, STMicroelectronics
4  */
5 
6 #include <assert.h>
7 #include <config.h>
8 #include <drivers/stm32_bsec.h>
9 #include <io.h>
10 #include <kernel/delay.h>
11 #include <kernel/dt.h>
12 #include <kernel/boot.h>
13 #include <kernel/spinlock.h>
14 #include <libfdt.h>
15 #include <limits.h>
16 #include <mm/core_memprot.h>
17 #include <platform_config.h>
18 #include <stm32_util.h>
19 #include <string.h>
20 #include <tee_api_defines.h>
21 #include <types_ext.h>
22 #include <util.h>
23 
24 #define BSEC_OTP_MASK			GENMASK_32(4, 0)
25 #define BSEC_OTP_BANK_SHIFT		5
26 
27 /* Permanent lock bitmasks */
28 #define ADDR_LOWER_OTP_PERLOCK_SHIFT	3
29 #define DATA_LOWER_OTP_PERLOCK_BIT	3
30 #define DATA_LOWER_OTP_PERLOCK_MASK	GENMASK_32(2, 0)
31 #define ADDR_UPPER_OTP_PERLOCK_SHIFT	4
32 #define DATA_UPPER_OTP_PERLOCK_BIT	1
33 #define DATA_UPPER_OTP_PERLOCK_MASK	GENMASK_32(3, 0)
34 
35 /* BSEC register offset */
36 #define BSEC_OTP_CONF_OFF		0x000U
37 #define BSEC_OTP_CTRL_OFF		0x004U
38 #define BSEC_OTP_WRDATA_OFF		0x008U
39 #define BSEC_OTP_STATUS_OFF		0x00CU
40 #define BSEC_OTP_LOCK_OFF		0x010U
41 #define BSEC_DEN_OFF			0x014U
42 #define BSEC_FEN_OFF			0x018U
43 #define BSEC_DISTURBED_OFF		0x01CU
44 #define BSEC_DISTURBED1_OFF		0x020U
45 #define BSEC_DISTURBED2_OFF		0x024U
46 #define BSEC_ERROR_OFF			0x034U
47 #define BSEC_ERROR1_OFF			0x038U
48 #define BSEC_ERROR2_OFF			0x03CU
49 #define BSEC_WRLOCK_OFF			0x04CU
50 #define BSEC_WRLOCK1_OFF		0x050U
51 #define BSEC_WRLOCK2_OFF		0x054U
52 #define BSEC_SPLOCK_OFF			0x064U
53 #define BSEC_SPLOCK1_OFF		0x068U
54 #define BSEC_SPLOCK2_OFF		0x06CU
55 #define BSEC_SWLOCK_OFF			0x07CU
56 #define BSEC_SWLOCK1_OFF		0x080U
57 #define BSEC_SWLOCK2_OFF		0x084U
58 #define BSEC_SRLOCK_OFF			0x094U
59 #define BSEC_SRLOCK1_OFF		0x098U
60 #define BSEC_SRLOCK2_OFF		0x09CU
61 #define BSEC_JTAG_IN_OFF		0x0ACU
62 #define BSEC_JTAG_OUT_OFF		0x0B0U
63 #define BSEC_SCRATCH_OFF		0x0B4U
64 #define BSEC_OTP_DATA_OFF		0x200U
65 #define BSEC_IPHW_CFG_OFF		0xFF0U
66 #define BSEC_IPVR_OFF			0xFF4U
67 #define BSEC_IP_ID_OFF			0xFF8U
68 #define BSEC_IP_MAGIC_ID_OFF		0xFFCU
69 
70 /* BSEC_CONFIGURATION Register */
71 #define BSEC_CONF_POWER_UP_MASK		BIT(0)
72 #define BSEC_CONF_POWER_UP_SHIFT	0
73 #define BSEC_CONF_FRQ_MASK		GENMASK_32(2, 1)
74 #define BSEC_CONF_FRQ_SHIFT		1
75 #define BSEC_CONF_PRG_WIDTH_MASK	GENMASK_32(6, 3)
76 #define BSEC_CONF_PRG_WIDTH_SHIFT	3
77 #define BSEC_CONF_TREAD_MASK		GENMASK_32(8, 7)
78 #define BSEC_CONF_TREAD_SHIFT		7
79 
80 /* BSEC_CONTROL Register */
81 #define BSEC_READ			0x000U
82 #define BSEC_WRITE			0x100U
83 #define BSEC_LOCK			0x200U
84 
85 /* BSEC_STATUS Register */
86 #define BSEC_MODE_STATUS_MASK		GENMASK_32(2, 0)
87 #define BSEC_MODE_BUSY_MASK		BIT(3)
88 #define BSEC_MODE_PROGFAIL_MASK		BIT(4)
89 #define BSEC_MODE_PWR_MASK		BIT(5)
90 #define BSEC_MODE_BIST1_LOCK_MASK	BIT(6)
91 #define BSEC_MODE_BIST2_LOCK_MASK	BIT(7)
92 
93 /* BSEC_DEBUG */
94 #define BSEC_HDPEN			BIT(4)
95 #define BSEC_SPIDEN			BIT(5)
96 #define BSEC_SPINDEN			BIT(6)
97 #define BSEC_DBGSWGEN			BIT(10)
98 #define BSEC_DEN_ALL_MSK		GENMASK_32(10, 0)
99 
100 /*
101  * OTP Lock services definition
102  * Value must corresponding to the bit position in the register
103  */
104 #define BSEC_LOCK_UPPER_OTP		0x00
105 #define BSEC_LOCK_DEBUG			0x02
106 #define BSEC_LOCK_PROGRAM		0x04
107 
108 /* Timeout when polling on status */
109 #define BSEC_TIMEOUT_US			10000
110 
111 #define BITS_PER_WORD		(CHAR_BIT * sizeof(uint32_t))
112 
113 struct bsec_dev {
114 	struct io_pa_va base;
115 	unsigned int upper_base;
116 	unsigned int max_id;
117 	uint32_t *nsec_access;
118 };
119 
120 /* Only 1 instance of BSEC is expected per platform */
121 static struct bsec_dev bsec_dev;
122 
123 /* BSEC access protection */
124 static unsigned int lock = SPINLOCK_UNLOCK;
125 
bsec_lock(void)126 static uint32_t bsec_lock(void)
127 {
128 	return may_spin_lock(&lock);
129 }
130 
bsec_unlock(uint32_t exceptions)131 static void bsec_unlock(uint32_t exceptions)
132 {
133 	may_spin_unlock(&lock, exceptions);
134 }
135 
otp_max_id(void)136 static uint32_t otp_max_id(void)
137 {
138 	return bsec_dev.max_id;
139 }
140 
otp_upper_base(void)141 static uint32_t otp_upper_base(void)
142 {
143 	return bsec_dev.upper_base;
144 }
145 
otp_bank_offset(uint32_t otp_id)146 static uint32_t otp_bank_offset(uint32_t otp_id)
147 {
148 	assert(otp_id <= otp_max_id());
149 
150 	return ((otp_id & ~BSEC_OTP_MASK) >> BSEC_OTP_BANK_SHIFT) *
151 		sizeof(uint32_t);
152 }
153 
bsec_base(void)154 static vaddr_t bsec_base(void)
155 {
156 	return io_pa_or_va_secure(&bsec_dev.base, BSEC_IP_MAGIC_ID_OFF + 1);
157 }
158 
bsec_status(void)159 static uint32_t bsec_status(void)
160 {
161 	return io_read32(bsec_base() + BSEC_OTP_STATUS_OFF);
162 }
163 
164 /*
165  * Check that BSEC interface does not report an error
166  * @otp_id : OTP number
167  * @check_disturbed: check only error (false) or all sources (true)
168  * Return a TEE_Result compliant value
169  */
check_no_error(uint32_t otp_id,bool check_disturbed)170 static TEE_Result check_no_error(uint32_t otp_id, bool check_disturbed)
171 {
172 	uint32_t bit = BIT(otp_id & BSEC_OTP_MASK);
173 	uint32_t bank = otp_bank_offset(otp_id);
174 
175 	if (io_read32(bsec_base() + BSEC_ERROR_OFF + bank) & bit)
176 		return TEE_ERROR_GENERIC;
177 
178 	if (check_disturbed &&
179 	    io_read32(bsec_base() + BSEC_DISTURBED_OFF + bank) & bit)
180 		return TEE_ERROR_GENERIC;
181 
182 	return TEE_SUCCESS;
183 }
184 
power_up_safmem(void)185 static TEE_Result power_up_safmem(void)
186 {
187 	uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US);
188 
189 	io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, BSEC_CONF_POWER_UP_MASK,
190 		  BSEC_CONF_POWER_UP_MASK);
191 
192 	/*
193 	 * If a timeout is detected, test the condition again to consider
194 	 * cases where timeout is due to the executing TEE thread rescheduling.
195 	 */
196 	while (!timeout_elapsed(timeout_ref))
197 		if (bsec_status() & BSEC_MODE_PWR_MASK)
198 			break;
199 
200 	if (bsec_status() & BSEC_MODE_PWR_MASK)
201 		return TEE_SUCCESS;
202 
203 	return TEE_ERROR_GENERIC;
204 }
205 
power_down_safmem(void)206 static TEE_Result power_down_safmem(void)
207 {
208 	uint64_t timeout_ref = timeout_init_us(BSEC_TIMEOUT_US);
209 
210 	io_mask32(bsec_base() + BSEC_OTP_CONF_OFF, 0, BSEC_CONF_POWER_UP_MASK);
211 
212 	/*
213 	 * If a timeout is detected, test the condition again to consider
214 	 * cases where timeout is due to the executing TEE thread rescheduling.
215 	 */
216 	while (!timeout_elapsed(timeout_ref))
217 		if (!(bsec_status() & BSEC_MODE_PWR_MASK))
218 			break;
219 
220 	if (!(bsec_status() & BSEC_MODE_PWR_MASK))
221 		return TEE_SUCCESS;
222 
223 	return TEE_ERROR_GENERIC;
224 }
225 
stm32_bsec_shadow_register(uint32_t otp_id)226 TEE_Result stm32_bsec_shadow_register(uint32_t otp_id)
227 {
228 	TEE_Result result = 0;
229 	uint32_t exceptions = 0;
230 	uint64_t timeout_ref = 0;
231 	bool locked = false;
232 
233 	/* Check if shadowing of OTP is locked, informative only */
234 	result = stm32_bsec_read_sr_lock(otp_id, &locked);
235 	if (result)
236 		return result;
237 
238 	if (locked)
239 		DMSG("BSEC shadow warning: OTP locked");
240 
241 	exceptions = bsec_lock();
242 
243 	result = power_up_safmem();
244 	if (result)
245 		goto out;
246 
247 	io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_READ);
248 
249 	timeout_ref = timeout_init_us(BSEC_TIMEOUT_US);
250 	while (!timeout_elapsed(timeout_ref))
251 		if (!(bsec_status() & BSEC_MODE_BUSY_MASK))
252 			break;
253 
254 	if (bsec_status() & BSEC_MODE_BUSY_MASK)
255 		result = TEE_ERROR_BUSY;
256 	else
257 		result = check_no_error(otp_id, true /* check-disturbed */);
258 
259 	power_down_safmem();
260 
261 out:
262 	bsec_unlock(exceptions);
263 
264 	return result;
265 }
266 
stm32_bsec_read_otp(uint32_t * value,uint32_t otp_id)267 TEE_Result stm32_bsec_read_otp(uint32_t *value, uint32_t otp_id)
268 {
269 	if (otp_id > otp_max_id())
270 		return TEE_ERROR_BAD_PARAMETERS;
271 
272 	*value = io_read32(bsec_base() + BSEC_OTP_DATA_OFF +
273 			   (otp_id * sizeof(uint32_t)));
274 
275 	return TEE_SUCCESS;
276 }
277 
stm32_bsec_shadow_read_otp(uint32_t * otp_value,uint32_t otp_id)278 TEE_Result stm32_bsec_shadow_read_otp(uint32_t *otp_value, uint32_t otp_id)
279 {
280 	TEE_Result result = 0;
281 
282 	result = stm32_bsec_shadow_register(otp_id);
283 	if (result) {
284 		EMSG("BSEC %"PRIu32" Shadowing Error %#"PRIx32, otp_id, result);
285 		return result;
286 	}
287 
288 	result = stm32_bsec_read_otp(otp_value, otp_id);
289 	if (result)
290 		EMSG("BSEC %"PRIu32" Read Error %#"PRIx32, otp_id, result);
291 
292 	return result;
293 }
294 
stm32_bsec_write_otp(uint32_t value,uint32_t otp_id)295 TEE_Result stm32_bsec_write_otp(uint32_t value, uint32_t otp_id)
296 {
297 	TEE_Result result = 0;
298 	uint32_t exceptions = 0;
299 	vaddr_t otp_data_base = bsec_base() + BSEC_OTP_DATA_OFF;
300 	bool locked = false;
301 
302 	/* Check if write of OTP is locked, informative only */
303 	result = stm32_bsec_read_sw_lock(otp_id, &locked);
304 	if (result)
305 		return result;
306 
307 	if (locked)
308 		DMSG("BSEC write warning: OTP locked");
309 
310 	exceptions = bsec_lock();
311 
312 	io_write32(otp_data_base + (otp_id * sizeof(uint32_t)), value);
313 
314 	bsec_unlock(exceptions);
315 
316 	return TEE_SUCCESS;
317 }
318 
319 #ifdef CFG_STM32_BSEC_WRITE
stm32_bsec_program_otp(uint32_t value,uint32_t otp_id)320 TEE_Result stm32_bsec_program_otp(uint32_t value, uint32_t otp_id)
321 {
322 	TEE_Result result = 0;
323 	uint32_t exceptions = 0;
324 	uint64_t timeout_ref = 0;
325 	bool locked = false;
326 
327 	/* Check if shadowing of OTP is locked, informative only */
328 	result = stm32_bsec_read_sp_lock(otp_id, &locked);
329 	if (result)
330 		return result;
331 
332 	if (locked)
333 		DMSG("BSEC program warning: OTP locked");
334 
335 	if (io_read32(bsec_base() + BSEC_OTP_LOCK_OFF) & BIT(BSEC_LOCK_PROGRAM))
336 		DMSG("BSEC program warning: GPLOCK activated");
337 
338 	exceptions = bsec_lock();
339 
340 	result = power_up_safmem();
341 	if (result)
342 		goto out;
343 
344 	io_write32(bsec_base() + BSEC_OTP_WRDATA_OFF, value);
345 	io_write32(bsec_base() + BSEC_OTP_CTRL_OFF, otp_id | BSEC_WRITE);
346 
347 	timeout_ref = timeout_init_us(BSEC_TIMEOUT_US);
348 	while (!timeout_elapsed(timeout_ref))
349 		if (!(bsec_status() & BSEC_MODE_BUSY_MASK))
350 			break;
351 
352 	if (bsec_status() & BSEC_MODE_BUSY_MASK)
353 		result = TEE_ERROR_BUSY;
354 	else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK)
355 		result = TEE_ERROR_BAD_PARAMETERS;
356 	else
357 		result = check_no_error(otp_id, true /* check-disturbed */);
358 
359 	power_down_safmem();
360 
361 out:
362 	bsec_unlock(exceptions);
363 
364 	return result;
365 }
366 #endif /*CFG_STM32_BSEC_WRITE*/
367 
stm32_bsec_permanent_lock_otp(uint32_t otp_id)368 TEE_Result stm32_bsec_permanent_lock_otp(uint32_t otp_id)
369 {
370 	TEE_Result result = 0;
371 	uint32_t data = 0;
372 	uint32_t addr = 0;
373 	uint32_t exceptions = 0;
374 	vaddr_t base = bsec_base();
375 	uint64_t timeout_ref = 0;
376 
377 	if (otp_id > otp_max_id())
378 		return TEE_ERROR_BAD_PARAMETERS;
379 
380 	if (otp_id < otp_upper_base()) {
381 		addr = otp_id >> ADDR_LOWER_OTP_PERLOCK_SHIFT;
382 		data = DATA_LOWER_OTP_PERLOCK_BIT <<
383 		       ((otp_id & DATA_LOWER_OTP_PERLOCK_MASK) << 1U);
384 	} else {
385 		addr = (otp_id >> ADDR_UPPER_OTP_PERLOCK_SHIFT) + 2U;
386 		data = DATA_UPPER_OTP_PERLOCK_BIT <<
387 		       (otp_id & DATA_UPPER_OTP_PERLOCK_MASK);
388 	}
389 
390 	exceptions = bsec_lock();
391 
392 	result = power_up_safmem();
393 	if (result)
394 		goto out;
395 
396 	io_write32(base + BSEC_OTP_WRDATA_OFF, data);
397 	io_write32(base + BSEC_OTP_CTRL_OFF, addr | BSEC_WRITE | BSEC_LOCK);
398 
399 	timeout_ref = timeout_init_us(BSEC_TIMEOUT_US);
400 	while (!timeout_elapsed(timeout_ref))
401 		if (!(bsec_status() & BSEC_MODE_BUSY_MASK))
402 			break;
403 
404 	if (bsec_status() & BSEC_MODE_BUSY_MASK)
405 		result = TEE_ERROR_BUSY;
406 	else if (bsec_status() & BSEC_MODE_PROGFAIL_MASK)
407 		result = TEE_ERROR_BAD_PARAMETERS;
408 	else
409 		result = check_no_error(otp_id, false /* not-disturbed */);
410 
411 	power_down_safmem();
412 
413 out:
414 	bsec_unlock(exceptions);
415 
416 	return result;
417 }
418 
419 #ifdef CFG_STM32_BSEC_WRITE
stm32_bsec_write_debug_conf(uint32_t value)420 TEE_Result stm32_bsec_write_debug_conf(uint32_t value)
421 {
422 	TEE_Result result = TEE_ERROR_GENERIC;
423 	uint32_t masked_val = value & BSEC_DEN_ALL_MSK;
424 	uint32_t exceptions = 0;
425 
426 	exceptions = bsec_lock();
427 
428 	io_write32(bsec_base() + BSEC_DEN_OFF, value);
429 
430 	if ((io_read32(bsec_base() + BSEC_DEN_OFF) ^ masked_val) == 0U)
431 		result = TEE_SUCCESS;
432 
433 	bsec_unlock(exceptions);
434 
435 	return result;
436 }
437 #endif /*CFG_STM32_BSEC_WRITE*/
438 
stm32_bsec_read_debug_conf(void)439 uint32_t stm32_bsec_read_debug_conf(void)
440 {
441 	return io_read32(bsec_base() + BSEC_DEN_OFF);
442 }
443 
set_bsec_lock(uint32_t otp_id,size_t lock_offset)444 static TEE_Result set_bsec_lock(uint32_t otp_id, size_t lock_offset)
445 {
446 	uint32_t bank = otp_bank_offset(otp_id);
447 	uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK);
448 	vaddr_t lock_addr = bsec_base() + bank + lock_offset;
449 	uint32_t exceptions = 0;
450 
451 	if (otp_id > STM32MP1_OTP_MAX_ID)
452 		return TEE_ERROR_BAD_PARAMETERS;
453 
454 	exceptions = bsec_lock();
455 
456 	io_write32(lock_addr, otp_mask);
457 
458 	bsec_unlock(exceptions);
459 
460 	return TEE_SUCCESS;
461 }
462 
stm32_bsec_set_sr_lock(uint32_t otp_id)463 TEE_Result stm32_bsec_set_sr_lock(uint32_t otp_id)
464 {
465 	return set_bsec_lock(otp_id, BSEC_SRLOCK_OFF);
466 }
467 
stm32_bsec_set_sw_lock(uint32_t otp_id)468 TEE_Result stm32_bsec_set_sw_lock(uint32_t otp_id)
469 {
470 	return set_bsec_lock(otp_id, BSEC_SWLOCK_OFF);
471 }
472 
stm32_bsec_set_sp_lock(uint32_t otp_id)473 TEE_Result stm32_bsec_set_sp_lock(uint32_t otp_id)
474 {
475 	return set_bsec_lock(otp_id, BSEC_SPLOCK_OFF);
476 }
477 
read_bsec_lock(uint32_t otp_id,bool * locked,size_t lock_offset)478 static TEE_Result read_bsec_lock(uint32_t otp_id, bool *locked,
479 				 size_t lock_offset)
480 {
481 	uint32_t bank = otp_bank_offset(otp_id);
482 	uint32_t otp_mask = BIT(otp_id & BSEC_OTP_MASK);
483 	vaddr_t lock_addr = bsec_base() + bank + lock_offset;
484 
485 	if (otp_id > STM32MP1_OTP_MAX_ID)
486 		return TEE_ERROR_BAD_PARAMETERS;
487 
488 	*locked = (io_read32(lock_addr) & otp_mask) != 0;
489 
490 	return TEE_SUCCESS;
491 }
492 
stm32_bsec_read_sr_lock(uint32_t otp_id,bool * locked)493 TEE_Result stm32_bsec_read_sr_lock(uint32_t otp_id, bool *locked)
494 {
495 	return read_bsec_lock(otp_id, locked, BSEC_SRLOCK_OFF);
496 }
497 
stm32_bsec_read_sw_lock(uint32_t otp_id,bool * locked)498 TEE_Result stm32_bsec_read_sw_lock(uint32_t otp_id, bool *locked)
499 {
500 	return read_bsec_lock(otp_id, locked, BSEC_SWLOCK_OFF);
501 }
502 
stm32_bsec_read_sp_lock(uint32_t otp_id,bool * locked)503 TEE_Result stm32_bsec_read_sp_lock(uint32_t otp_id, bool *locked)
504 {
505 	return read_bsec_lock(otp_id, locked, BSEC_SPLOCK_OFF);
506 }
507 
stm32_bsec_read_permanent_lock(uint32_t otp_id,bool * locked)508 TEE_Result stm32_bsec_read_permanent_lock(uint32_t otp_id, bool *locked)
509 {
510 	return read_bsec_lock(otp_id, locked, BSEC_WRLOCK_OFF);
511 }
512 
stm32_bsec_otp_lock(uint32_t service)513 TEE_Result stm32_bsec_otp_lock(uint32_t service)
514 {
515 	vaddr_t addr = bsec_base() + BSEC_OTP_LOCK_OFF;
516 
517 	switch (service) {
518 	case BSEC_LOCK_UPPER_OTP:
519 		io_write32(addr, BIT(BSEC_LOCK_UPPER_OTP));
520 		break;
521 	case BSEC_LOCK_DEBUG:
522 		io_write32(addr, BIT(BSEC_LOCK_DEBUG));
523 		break;
524 	case BSEC_LOCK_PROGRAM:
525 		io_write32(addr, BIT(BSEC_LOCK_PROGRAM));
526 		break;
527 	default:
528 		return TEE_ERROR_BAD_PARAMETERS;
529 	}
530 
531 	return TEE_SUCCESS;
532 }
533 
nsec_access_array_size(void)534 static size_t nsec_access_array_size(void)
535 {
536 	size_t upper_count = otp_max_id() - otp_upper_base() + 1;
537 
538 	return ROUNDUP(upper_count, BITS_PER_WORD) / BITS_PER_WORD;
539 }
540 
nsec_access_granted(unsigned int index)541 static bool nsec_access_granted(unsigned int index)
542 {
543 	uint32_t *array = bsec_dev.nsec_access;
544 
545 	return array &&
546 	       (index / BITS_PER_WORD) < nsec_access_array_size() &&
547 	       array[index / BITS_PER_WORD] & BIT(index % BITS_PER_WORD);
548 }
549 
stm32_bsec_nsec_can_access_otp(uint32_t otp_id)550 bool stm32_bsec_nsec_can_access_otp(uint32_t otp_id)
551 {
552 	return otp_id < otp_upper_base() ||
553 	       nsec_access_granted(otp_id - otp_upper_base());
554 }
555 
556 #ifdef CFG_EMBED_DTB
enable_nsec_access(unsigned int otp_id)557 static void enable_nsec_access(unsigned int otp_id)
558 {
559 	unsigned int idx = (otp_id - otp_upper_base()) / BITS_PER_WORD;
560 
561 	if (otp_id < otp_upper_base())
562 		return;
563 
564 	if (otp_id > otp_max_id() || stm32_bsec_shadow_register(otp_id))
565 		panic();
566 
567 	bsec_dev.nsec_access[idx] |= BIT(otp_id % BITS_PER_WORD);
568 }
569 
bsec_dt_otp_nsec_access(void * fdt,int bsec_node)570 static void bsec_dt_otp_nsec_access(void *fdt, int bsec_node)
571 {
572 	int bsec_subnode = 0;
573 
574 	bsec_dev.nsec_access = calloc(nsec_access_array_size(),
575 				      sizeof(*bsec_dev.nsec_access));
576 	if (!bsec_dev.nsec_access)
577 		panic();
578 
579 	fdt_for_each_subnode(bsec_subnode, fdt, bsec_node) {
580 		const fdt32_t *cuint = NULL;
581 		unsigned int otp_id = 0;
582 		unsigned int i = 0;
583 		size_t size = 0;
584 		uint32_t offset = 0;
585 		uint32_t length = 0;
586 
587 		cuint = fdt_getprop(fdt, bsec_subnode, "reg", NULL);
588 		assert(cuint);
589 
590 		offset = fdt32_to_cpu(*cuint);
591 		cuint++;
592 		length = fdt32_to_cpu(*cuint);
593 
594 		otp_id = offset / sizeof(uint32_t);
595 
596 		if (otp_id < STM32MP1_UPPER_OTP_START) {
597 			unsigned int otp_end = ROUNDUP(offset + length,
598 						       sizeof(uint32_t)) /
599 					       sizeof(uint32_t);
600 
601 			if (otp_end > STM32MP1_UPPER_OTP_START) {
602 				/*
603 				 * OTP crosses Lower/Upper boundary, consider
604 				 * only the upper part.
605 				 */
606 				otp_id = STM32MP1_UPPER_OTP_START;
607 				length -= (STM32MP1_UPPER_OTP_START *
608 					   sizeof(uint32_t)) - offset;
609 				offset = STM32MP1_UPPER_OTP_START *
610 					 sizeof(uint32_t);
611 
612 				DMSG("OTP crosses Lower/Upper boundary");
613 			} else {
614 				continue;
615 			}
616 		}
617 
618 		if (!fdt_getprop(fdt, bsec_subnode, "st,non-secure-otp", NULL))
619 			continue;
620 
621 		if ((offset % sizeof(uint32_t)) || (length % sizeof(uint32_t)))
622 			panic("Unaligned non-secure OTP");
623 
624 		size = length / sizeof(uint32_t);
625 
626 		if (otp_id + size > STM32MP1_OTP_MAX_ID)
627 			panic("OTP range oversized");
628 
629 		for (i = otp_id; i < otp_id + size; i++)
630 			enable_nsec_access(i);
631 	}
632 }
633 
initialize_bsec_from_dt(void)634 static void initialize_bsec_from_dt(void)
635 {
636 	void *fdt = NULL;
637 	int node = 0;
638 	struct dt_node_info bsec_info = { };
639 
640 	fdt = get_embedded_dt();
641 	node = fdt_node_offset_by_compatible(fdt, 0, "st,stm32mp15-bsec");
642 	if (node < 0)
643 		panic();
644 
645 	_fdt_fill_device_info(fdt, &bsec_info, node);
646 
647 	if (bsec_info.reg != bsec_dev.base.pa ||
648 	    !(bsec_info.status & DT_STATUS_OK_SEC))
649 		panic();
650 
651 	bsec_dt_otp_nsec_access(fdt, node);
652 }
653 #else
initialize_bsec_from_dt(void)654 static void initialize_bsec_from_dt(void)
655 {
656 }
657 #endif /*CFG_EMBED_DTB*/
658 
initialize_bsec(void)659 static TEE_Result initialize_bsec(void)
660 {
661 	struct stm32_bsec_static_cfg cfg = { };
662 
663 	stm32mp_get_bsec_static_cfg(&cfg);
664 
665 	bsec_dev.base.pa = cfg.base;
666 	bsec_dev.upper_base = cfg.upper_start;
667 	bsec_dev.max_id = cfg.max_id;
668 
669 	if (IS_ENABLED(CFG_EMBED_DTB))
670 		initialize_bsec_from_dt();
671 
672 	return TEE_SUCCESS;
673 }
674 
675 early_init(initialize_bsec);
676