From: Patrice CHOTARD <patrice.chotard@foss.st.com>
To: Patrick Delaunay <patrick.delaunay@foss.st.com>, <u-boot@lists.denx.de>
Cc: U-Boot STM32 <uboot-stm32@st-md-mailman.stormreply.com>
Subject: Re: [PATCH 6/7] stm32mp: cmd_stm32key: add read OTP subcommand
Date: Thu, 1 Jul 2021 09:36:14 +0200 [thread overview]
Message-ID: <71ce055a-1f8c-2a3b-47d2-eec00ae1d77e@foss.st.com> (raw)
In-Reply-To: <20210628145519.6.Ied9f79b7d73deaea9b2680449aac2a92b3dae465@changeid>
Hi Patrick
On 6/28/21 2:56 PM, Patrick Delaunay wrote:
> Allow to read the OTP value and lock status with the command
> $> stm32key read.
>
> This patch also protects the stm32key fuse command.
>
> Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
> ---
>
> arch/arm/mach-stm32mp/cmd_stm32key.c | 93 ++++++++++++++++++++++++++--
> 1 file changed, 87 insertions(+), 6 deletions(-)
>
> diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
> index 886c52794f..8c8d476b65 100644
> --- a/arch/arm/mach-stm32mp/cmd_stm32key.c
> +++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
> @@ -11,8 +11,13 @@
> #include <dm/device.h>
> #include <dm/uclass.h>
>
> -#define STM32_OTP_HASH_KEY_START 24
> -#define STM32_OTP_HASH_KEY_SIZE 8
> +/* Closed device : bit 6 of OPT0*/
> +#define STM32_OTP_CLOSE_ID 0
> +#define STM32_OTP_CLOSE_MASK BIT(6)
> +
> +/* HASH of key: 8 OTPs, starting with OTP24) */
> +#define STM32_OTP_HASH_KEY_START 24
> +#define STM32_OTP_HASH_KEY_SIZE 8
>
> static int get_misc_dev(struct udevice **dev)
> {
> @@ -29,6 +34,7 @@ static void read_hash_value(u32 addr)
> {
> int i;
>
> + printf("Read KEY at 0x%x\n", addr);
> for (i = 0; i < STM32_OTP_HASH_KEY_SIZE; i++) {
> printf("OTP value %i: %x\n", STM32_OTP_HASH_KEY_START + i,
> __be32_to_cpu(*(u32 *)addr));
> @@ -36,6 +42,69 @@ static void read_hash_value(u32 addr)
> }
> }
>
> +static int read_hash_otp(bool print, bool *locked, bool *closed)
> +{
> + struct udevice *dev;
> + int i, word, ret;
> + int nb_invalid = 0, nb_zero = 0, nb_lock = 0;
> + u32 val, lock;
> + bool status;
> +
> + ret = get_misc_dev(&dev);
> + if (ret)
> + return ret;
> +
> + for (i = 0, word = STM32_OTP_HASH_KEY_START; i < STM32_OTP_HASH_KEY_SIZE; i++, word++) {
> + ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
> + if (ret != 4)
> + val = ~0x0;
> + ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
> + if (ret != 4)
> + lock = -1;
> + if (print)
> + printf("OTP HASH %i: %x lock : %d\n", word, val, lock);
> + if (val == ~0x0)
> + nb_invalid++;
> + else if (val == 0x0)
> + nb_zero++;
> + if (lock == 1)
> + nb_lock++;
> + }
> +
> + word = STM32_OTP_CLOSE_ID;
> + ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
> + if (ret != 4)
> + val = 0x0;
> + ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
> + if (ret != 4)
> + lock = -1;
> +
> + status = (val & STM32_OTP_CLOSE_MASK) == STM32_OTP_CLOSE_MASK;
> + if (closed)
> + *closed = status;
> + if (print)
> + printf("OTP %d: closed status: %d lock : %d\n", word, status, lock);
> +
> + status = (nb_lock == STM32_OTP_HASH_KEY_SIZE);
> + if (locked)
> + *locked = status;
> + if (!status && print)
> + printf("Hash of key is not locked!\n");
> +
> + if (nb_invalid == STM32_OTP_HASH_KEY_SIZE) {
> + if (print)
> + printf("Hash of key is invalid!\n");
> + return -EINVAL;
> + }
> + if (nb_zero == STM32_OTP_HASH_KEY_SIZE) {
> + if (print)
> + printf("Hash of key is free!\n");
> + return -ENOENT;
> + }
> +
> + return 0;
> +}
> +
> static int fuse_hash_value(u32 addr, bool print)
> {
> struct udevice *dev;
> @@ -88,8 +157,10 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con
> {
> u32 addr;
>
> - if (argc == 1)
> - return CMD_RET_USAGE;
> + if (argc == 1) {
> + read_hash_otp(true, NULL, NULL);
> + return CMD_RET_SUCCESS;
> + }
>
> addr = simple_strtoul(argv[1], NULL, 16);
> if (!addr)
> @@ -103,7 +174,7 @@ static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *con
> static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
> {
> u32 addr;
> - bool yes = false;
> + bool yes = false, lock, closed;
>
> if (argc < 2)
> return CMD_RET_USAGE;
> @@ -118,6 +189,16 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con
> if (!addr)
> return CMD_RET_USAGE;
>
> + if (read_hash_otp(!yes, &lock, &closed) != -ENOENT) {
> + printf("Error: can't fuse again the OTP\n");
> + return CMD_RET_FAILURE;
> + }
> +
> + if (lock || closed) {
> + printf("Error: invalid OTP configuration (lock=%d, closed=%d)\n", lock, closed);
> + return CMD_RET_FAILURE;
> + }
> +
> if (!yes && !confirm_prog())
> return CMD_RET_FAILURE;
>
> @@ -130,7 +211,7 @@ static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *con
> }
>
> static char stm32key_help_text[] =
> - "read <addr>: Read the hash stored at addr in memory\n"
> + "read [<addr>]: Read the hash stored at addr in memory or in OTP\n"
> "stm32key fuse [-y] <addr> : Fuse hash stored at addr in OTP\n";
>
> U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Fuse ST Hash key", stm32key_help_text,
>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Thanks
Patrice
next prev parent reply other threads:[~2021-07-01 7:36 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-28 12:55 [PATCH 0/7] stm32mp: cmd_stm32key: updates Patrick Delaunay
2021-06-28 12:55 ` [PATCH 1/7] stm32mp: configs: activate the command stm32key only for ST boards Patrick Delaunay
2021-07-01 7:35 ` Patrice CHOTARD
2021-07-16 8:27 ` Patrick DELAUNAY
2021-06-28 12:55 ` [PATCH 2/7] stm32mp: cmd_stm32key: use sub command Patrick Delaunay
2021-07-01 7:35 ` Patrice CHOTARD
2021-07-16 8:27 ` Patrick DELAUNAY
2021-06-28 12:55 ` [PATCH 3/7] stm32mp: cmd_stm32key: handle error in fuse_hash_value Patrick Delaunay
2021-07-01 7:35 ` Patrice CHOTARD
2021-07-16 8:28 ` Patrick DELAUNAY
2021-06-28 12:56 ` [PATCH 4/7] stm32mp: cmd_stm32key: lock of PKH OTP after fuse Patrick Delaunay
2021-07-01 7:35 ` Patrice CHOTARD
2021-07-16 8:28 ` Patrick DELAUNAY
2021-06-28 12:56 ` [PATCH 5/7] stm32mp: cmd_stm32key: add get_misc_dev function Patrick Delaunay
2021-07-01 7:36 ` Patrice CHOTARD
2021-07-16 8:28 ` Patrick DELAUNAY
2021-06-28 12:56 ` [PATCH 6/7] stm32mp: cmd_stm32key: add read OTP subcommand Patrick Delaunay
2021-07-01 7:36 ` Patrice CHOTARD [this message]
2021-07-16 8:28 ` Patrick DELAUNAY
2021-06-28 12:56 ` [PATCH 7/7] stm32mp: cmd_stm32key: add subcommand close Patrick Delaunay
2021-07-01 7:36 ` Patrice CHOTARD
2021-07-16 8:28 ` Patrick DELAUNAY
-- strict thread matches above, loose matches on Subject: below --
2021-07-01 12:56 [PATCH 6/7] stm32mp: cmd_stm32key: add read OTP subcommand Hexagon Email Recovery
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=71ce055a-1f8c-2a3b-47d2-eec00ae1d77e@foss.st.com \
--to=patrice.chotard@foss.st.com \
--cc=patrick.delaunay@foss.st.com \
--cc=u-boot@lists.denx.de \
--cc=uboot-stm32@st-md-mailman.stormreply.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox