From patchwork Wed Aug 31 12:54:15 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sumit Garg X-Patchwork-Id: 664366 X-Patchwork-Delegate: yorksun@freescale.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 3sPGF134v8z9s9c for ; Wed, 31 Aug 2016 16:48:36 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 699AFA7532; Wed, 31 Aug 2016 08:48:32 +0200 (CEST) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vC4bUqjPpP9R; Wed, 31 Aug 2016 08:48:32 +0200 (CEST) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id C40B24B6B3; Wed, 31 Aug 2016 08:48:31 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id D83544B6B3 for ; Wed, 31 Aug 2016 08:48:27 +0200 (CEST) Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TiN9I6_vpGc6 for ; Wed, 31 Aug 2016 08:48:27 +0200 (CEST) X-Greylist: delayed 849 seconds by postgrey-1.34 at theia; Wed, 31 Aug 2016 08:48:23 CEST X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0077.outbound.protection.outlook.com [104.47.36.77]) by theia.denx.de (Postfix) with ESMTPS id 15CAB4B656 for ; Wed, 31 Aug 2016 08:48:23 +0200 (CEST) Received: from DM5PR03CA0009.namprd03.prod.outlook.com (10.175.104.19) by DM5PR03MB2442.namprd03.prod.outlook.com (10.168.233.12) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.599.9; Wed, 31 Aug 2016 06:34:09 +0000 Received: from BL2FFO11FD048.protection.gbl (2a01:111:f400:7c09::113) by DM5PR03CA0009.outlook.office365.com (2603:10b6:3:118::19) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.599.9 via Frontend Transport; Wed, 31 Aug 2016 06:34:09 +0000 Authentication-Results: spf=fail (sender IP is 192.88.168.50) smtp.mailfrom=nxp.com; nxp.com; dkim=none (message not signed) header.d=none; nxp.com; dmarc=fail action=none header.from=nxp.com; nxp.com; dkim=none (message not signed) header.d=none; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.168.50 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.168.50; helo=tx30smr01.am.freescale.net; Received: from tx30smr01.am.freescale.net (192.88.168.50) by BL2FFO11FD048.mail.protection.outlook.com (10.173.161.210) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.1.587.6 via Frontend Transport; Wed, 31 Aug 2016 06:34:10 +0000 Received: from localhost.localdomain.ap.freescale.net ([10.232.14.31]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id u7V6Y6fR028673; Tue, 30 Aug 2016 23:34:08 -0700 From: Sumit Garg To: Date: Wed, 31 Aug 2016 08:54:15 -0400 Message-ID: <1472648055-7684-1-git-send-email-sumit.garg@nxp.com> X-Mailer: git-send-email 1.8.1.4 X-EOPAttributedMessage: 0 X-Matching-Connectors: 131170988511044986; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.168.50; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(7916002)(2980300002)(1109001)(1110001)(339900001)(189002)(199003)(43544003)(106466001)(2351001)(5660300001)(305945005)(68736007)(48376002)(85426001)(33646002)(11100500001)(5003940100001)(8936002)(50466002)(8666005)(92566002)(7846002)(47776003)(97736004)(36756003)(229853001)(356003)(86362001)(15650500001)(189998001)(2906002)(87936001)(81166006)(19580395003)(4326007)(105606002)(77096005)(50986999)(19580405001)(104016004)(8676002)(81156014)(110136002)(586003)(50226002)(626004)(7059030)(4720700001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR03MB2442; H:tx30smr01.am.freescale.net; FPR:; SPF:Fail; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11FD048; 1:T1MT2cVhkqHSR3tMxuRV8AJgCMNh9RT6jx77vyNVjnZBLVqxsz9nu9Jq8pM+kp7ZugESPCR/eZLgIyBgIoUE4wDLgYBl0zRtSOqG5zsGYKFwazU5QaJZhCVMel/sNA8lBlPsRL2PsmH/Jo8mFluVwzOLmja5xaRsUwZoZqYCCMkrYWD3tsEypAmCtcIrdyqN1bNIom1iLEonkNGmLbo5patt14V+FPcePRNsJuTpIQxclQ0Le/b+f3VI2cD1FcmVDq1EaLRHhqPJ3loDpoiPj8UA/dXrQvHXqGaXJMP3eZVbFTN71SsIkegjh/jNAXPsFyZgukbC8bEzCfTVAtrtBvSK0TWBbzGvL8KO3afAkknU8yNguB3YcIYapnmWNKc/kKcHkD9Xt1fqhEFP6UZk7A5uxtAX/PC9FtNyGsShydUTqHaM4pQtFsuBBxSFyCcNapEV/wP5e0V6rjZa8LSMa8yNg3Bf+95+8EAotz/43OSPLUAh55a7FOYx2eyYZ1+9VgAwFSGYnzeTLMq3leCjkgkWrxSx3ttgOFsJwD+MpFMkrNDI25z/E60oWrxJKqneZ9KP1cdA/0I8aHnL4WI8NsS3j2Z01TtotDbGZ1WfpZ7/xZMnQXAZov+JWIIz9S1b0eKOqKUzEp/dGkw6CXcItugXuD8WqwXeA54kwGhsHFc3yLwYoAFs/rMrs2W0mf/CmS1VxnWZzcjCyTUV2e2+Gxmy1AQpctClTzD9oXFjVvs= MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 8a65127f-dad4-4910-441d-08d3d168d17e X-Microsoft-Exchange-Diagnostics: 1; DM5PR03MB2442; 2:tsjzcFE5f0NUo4cmDqoUQu7O54m58sAya1TkoDXj4dYgqLPbGuRvqNlmCPfBuLYTxL9AgC5YQyo5kqkmbyldPgWQ3TuUOy9MPhltHSBep52HHoeQc/nqDTOksHP3b/7D+W1KSHzMOLmFHsMFykfNpDMCh1o5ofc7b9U5aHjTwW5/FSgvhWi4Ls2KnQrm/sst; 3:KnT5QN4xmd5o4cxABCkH9H7KmPkDGILEAdXYDYwZbosjWiUu1ZruS3ZLmu3UZPZb8LYzyti2Lmsz4FnY54TgK5R+L/p98pYYvzTmniiMubP3vdN7GrNXmyzsfoeYx5k+BF+pwyXFXZ8ZGr7NASO5C1vQPjMP5BFzscgrM06IBss1szYBZ2jXL5vZenA6ek0bbksISg52HlyId6v66EbWqQs6vuWz9emLuMTMx3mzF+I=; 25:lLP8NFh0T0LJl2lP4hYqaxkeFwHI2fm9xsOM79BT5m1LSLKBXDzZeY69/yHvoD0VPzeeudpYc+VWoIzNLUcFs9iz3YsTQybBvNoqar+1QCMRLK7zQM+Uc5DLn1HwmrvtZVwzR2HODLpzTFuYnUupah1INWz+fVHJfrOsoHqndutcd/xASi9UI+d/V5/dHBzHO95r7Ksd1woDrFzdF5sEvdypxJ2qhMmkKoxA3Ggb0tl/qnleuRqZrI1oTA423CE1AxDDY4cH+GUpsYog1WY79UXnPy6xNXf4X7TUGsbcpoqOurlOUAYkxZq+oys30B8h+a8E+9I8lhEJ/Xu/hmrcHFvLUvEb6beEL3sSvsZLgJfW3+cJdvU2Ern+atMtUtqGyKSLJvmkiub57Uk+JBengg== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM5PR03MB2442; X-Microsoft-Exchange-Diagnostics: 1; DM5PR03MB2442; 31:4eEbXgcdgGf0eDy1PEAzUH2/qk2McD6CZ2FydNccHtyTSZU2c8RwiGjD7/M4bHOsOSQVQnv8ts1LbaqsTlMHXgXhNPQWFDFvXlvb6hoPM3UanWTXFMHGqZ2LZpnuR5MUeFRA2sYjG6TZsHrJeZFiKO4oiq0Bo3tF1RbfbXoTzroFZJSi3W4o49rMYiwcL21KInh6mb/jODBCOBPUkW3cEP8sk80NWji7MZ4tY6g71KA=; 4:SxNDyivojqOKRSrYHgqM8BLK5pyGA3dq/NveU6tcNThNfjZ+oItkVweUaKeuIrBJWQY/yEy98ZGAIq4K9x09MvXgRDrs64clU4o3+4PVb3UJuaCs7Xd2Vrr3dEHZLu2jldgklI2rTV/WqIEMNLPiOg9MYEVpNJl1eNPM9LWZ2nCePQKcTgzQPxJMlimEHy3V8Yi88w3toDDUD41QQg+vg4gWAH6T6pK34jA3FxkxxFSJJ9+sC6hY15VZYyiSuvApgxcoAp+rzxqCKqFM9qC43B+jbzoSm3EeI2OCZmEZAQuch46zl3pj+A+3IjThsNrWxcEFCVp3VX+8hmr8ol+s+qAfiSQuYHr1Ct7BElk7wugfo24oD4YFfmGhU9Uhp/3sqLnErubQ4YirBEK1YLeotlIBLuHjD5pUaAead24wXPrmNX2rL3baCR/7A5V15cG6L/+tT9OHUaRUzIqJK2/EpudAwXnp6yWGWoAWRjYW5NQrIRkTOWvGcdB2rr8edqFhAm6VU+uL7zt3aDAPZcp9x3Q511wjeLSElGVy3ZlAZIcMRnsfUHbOqj/cyz4ZiaZR X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(185117386973197); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(13015025)(13017025)(13023025)(13024025)(13018025)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:DM5PR03MB2442; BCL:0; PCL:0; RULEID:(400006); SRVR:DM5PR03MB2442; X-Forefront-PRVS: 00514A2FE6 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM5PR03MB2442; 23:SfwSsEaHjrrijLX3PMKzIAHNrUDJjkCaod2xGcIS8?= =?us-ascii?Q?gtPDFjlDCqfAoMqm8vdIne8zuG1bW1W4TU8ozPgJ1PqAqQdJal6t2lXPDU9+?= =?us-ascii?Q?V3C9hLrCZnQ21xf0KlBcqRQWizsHkhxDoaCkg+ZSh5siHya95Jvz2SgCfueo?= =?us-ascii?Q?oQy2SSMZFS77KUYoH7xvIhLT+xTTu+2iwTX9lfUvFRo1+I6EBR9Uw5kO4AJP?= =?us-ascii?Q?Ea9Di1af/QHOGLygV+OTp+LMS53IdxEB68059bYUko2o/4v8okcieDyCCRPB?= =?us-ascii?Q?IKmu0AP1OKqkoHao/9fYJDTwX5Y3EHCCp/dMtWNDJW4W3kdWWOIZHYdt87mQ?= =?us-ascii?Q?vV/gXaS3tj+n2pqwSJy2Y9ULx3sZrFSBVohcHyUqE4HA2MdA3CA56loP4lD7?= =?us-ascii?Q?RbjfII/60vIVvGHZ3K3aPbx/wtM7GZJtjgK72iSPGpdwScZa8rU4+7ZJYTKQ?= =?us-ascii?Q?wX1e+/6wz7kg4qIONsM+QS91fAdbBOgsTYQgAAESihRdas8PPOtWBlA83llH?= =?us-ascii?Q?BigSeTuiFj40B8sNw6a0rX2WGVEVn0iZKntXaTsdL3BG4DdkCNf0iJQZoBxd?= =?us-ascii?Q?7hkAtR/4/bMKHAGNCoCPgxTjJ4SkUFkj9m3L70TU4XuV2AtI6DiUkf7jPNVv?= =?us-ascii?Q?P1auekn24yMDLhaCt9PoFiv/B9DFl/e9wKpTwj3fCCrhtbXOmJPAVGSxd2Fe?= =?us-ascii?Q?tTt/P91InP/44idkgV30+6h7h+agxm1X4b78eRJWTC0L3TzBwYgoWTjLvBJ9?= =?us-ascii?Q?uk6kv6VjH/eflfxkctSTHlYh977p2TpoiWAd1QNIU2euWlCWZuIuAYObZFVt?= =?us-ascii?Q?vzzGdB8BozWF0ppfzMrpAF5Tgq/1Nrd0wW5pRx0OFF9hzlqcZRWmdrYuWkCh?= =?us-ascii?Q?dEPU42D1CPkoX6P41GHy9ElpFw3Rh41FP547Ri9H6Db9v4LagN5xq+g4t00M?= =?us-ascii?Q?5Wx0VTzDhh/viAPfe6xn+/P7jiTf2f/cTt+iwDsJMC89LdLU7bUsjtsoGLFI?= =?us-ascii?Q?aXJ0tBTIWVRO/cZ69r8QE/9tFHzRHFR7vxs2W3xrg98Xm0mAxkyHjrs/2Ile?= =?us-ascii?Q?IUyUpC3Qp6rs0l4aN6xG1zB5ctRHgobvVeSUe2hRMT4snlDqb186Yvw4okDL?= =?us-ascii?Q?uBn+LnQdFgw5/dTKd0Jp6p8ZnHjBdMBtc6USvnrjeQVEbJluZA3Wnci2+but?= =?us-ascii?Q?1qClHSUeluENOJ6VRHA63nlr6ozFV1rbLCD?= X-Microsoft-Exchange-Diagnostics: 1; DM5PR03MB2442; 6:LkABG0yTx5ilzunoez3DGGAJk4Hfoofw6/M3huG9fmb3oFxBSINrsUNepsK3vbkrV+l0+V5fr4XL4CnUUCEY9pzDH29WyAWJHx3YqBxGj6kWWr3J0X9v58H6lRnVmmmyMpg6s2iYUd9EWixXri27CQNOihMGUfi3BVX0KlZK4svniuKC+1xXlrDeddl4CZL774JmJ7TEUD+LNcbHNyzA8F46NiBAmVBfTrAqgda+NryX30n0yfZwfUVTImz0MokhHs8FPdIbJs8oigrqn/KNhSq8LqL8Tm+vOufFIydIo+s=; 5:yB3K1lGzsrsp5NQVJ6g1RfMCp9cFICqYanhXCk06qwc2iUDnghkaz4Y1jxnic5DBqDUYdgHgwhXk0ceRv/egLNU8MEBoZyoHEf8KA4hLGg01FLBf62OsYAEWDKRGUovZSN171XsomY0WNircfSK5Q0qnAY9GahrpQRya4KoT9b4=; 24:4I2G2YxRXboanIXBbnSJmitowv1xB+DGRmSvbgRVvGRN21QX3Z7lQGcqRAISCAhbCMe9o37wh8ZCZPCtftgB/ryI7DRncYleFMNT+CrDIME=; 7:eRSyiVlGibq3PIhkytDVG8VbfuwdLaj8Vqy1s0kUse5z3wXR1tKT1lzbjQ7Huw61fS2mnjC43RxI8GWSHeuJ3D9GLfJmeag2hXN7oHeM4jERMJjNw5Wp0KwOtq70a7F4hjNZuKanI4akJgAr9bWK/Sucb1/KzTmbX+64BNtdoSVhFp9AMeR9Ow7F7EG6LTnt8rTCYlrsRVBvSpC5+g+8dNYDGJA2IWlrk2BinI9loUQOeN6FsWhfeGjalwrJbDP9 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Aug 2016 06:34:10.9173 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.168.50]; Helo=[tx30smr01.am.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB2442 Cc: ruchika.gupta@nxp.com Subject: [U-Boot] [PATCH] fsl_sec_mon: Update driver for Security Monitor X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.15 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Update the API's for transition of Security Monitor states. Instead of providing both initial and final states for transition, just provide final state for transition as Security Monitor driver will take care of it internally. Signed-off-by: Sumit Garg --- board/freescale/common/fsl_validate.c | 52 ++------ drivers/misc/fsl_sec_mon.c | 240 ++++++++++++++++++---------------- include/fsl_sec_mon.h | 12 +- 3 files changed, 151 insertions(+), 153 deletions(-) diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c index 37c249d..91e6b50 100644 --- a/board/freescale/common/fsl_validate.c +++ b/board/freescale/common/fsl_validate.c @@ -339,27 +339,15 @@ static inline u32 get_key_len(struct fsl_secboot_img_priv *img) */ static void fsl_secboot_header_verification_failure(void) { - struct ccsr_sec_mon_regs *sec_mon_regs = (void *) - (CONFIG_SYS_SEC_MON_ADDR); struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); - u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); /* 29th bit of OSPR is ITS */ u32 its = sfp_in32(&sfp_regs->ospr) >> 2; - /* - * Read the SEC_MON status register - * Read SSM_ST field - */ - sts = sec_mon_in32(&sec_mon_regs->hp_stat); - if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { - if (its == 1) - change_sec_mon_state(HPSR_SSM_ST_TRUST, - HPSR_SSM_ST_SOFT_FAIL); - else - change_sec_mon_state(HPSR_SSM_ST_TRUST, - HPSR_SSM_ST_NON_SECURE); - } + if (its == 1) + set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL); + else + set_sec_mon_state(HPSR_SSM_ST_NON_SECURE); printf("Generating reset request\n"); do_reset(NULL, 0, 0, NULL); @@ -376,32 +364,20 @@ static void fsl_secboot_header_verification_failure(void) */ static void fsl_secboot_image_verification_failure(void) { - struct ccsr_sec_mon_regs *sec_mon_regs = (void *) - (CONFIG_SYS_SEC_MON_ADDR); struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); - u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT; - /* - * Read the SEC_MON status register - * Read SSM_ST field - */ - sts = sec_mon_in32(&sec_mon_regs->hp_stat); - if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { - if (its == 1) { - change_sec_mon_state(HPSR_SSM_ST_TRUST, - HPSR_SSM_ST_SOFT_FAIL); - - printf("Generating reset request\n"); - do_reset(NULL, 0, 0, NULL); - /* If reset doesn't coocur, halt execution */ - do_esbc_halt(NULL, 0, 0, NULL); - - } else { - change_sec_mon_state(HPSR_SSM_ST_TRUST, - HPSR_SSM_ST_NON_SECURE); - } + if (its == 1) { + set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL); + + printf("Generating reset request\n"); + do_reset(NULL, 0, 0, NULL); + /* If reset doesn't coocur, halt execution */ + do_esbc_halt(NULL, 0, 0, NULL); + + } else { + set_sec_mon_state(HPSR_SSM_ST_NON_SECURE); } } diff --git a/drivers/misc/fsl_sec_mon.c b/drivers/misc/fsl_sec_mon.c index d482a7d..415232e 100644 --- a/drivers/misc/fsl_sec_mon.c +++ b/drivers/misc/fsl_sec_mon.c @@ -7,140 +7,158 @@ #include #include -int change_sec_mon_state(u32 initial_state, u32 final_state) +static u32 get_sec_mon_state(void) { struct ccsr_sec_mon_regs *sec_mon_regs = (void *) (CONFIG_SYS_SEC_MON_ADDR); - u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); + return sec_mon_in32(&sec_mon_regs->hp_stat) & HPSR_SSM_ST_MASK; +} + +static int set_sec_mon_state_non_sec(void) +{ + u32 sts; int timeout = 10; + struct ccsr_sec_mon_regs *sec_mon_regs = (void *) + (CONFIG_SYS_SEC_MON_ADDR); - if ((sts & HPSR_SSM_ST_MASK) != initial_state) - return -1; + sts = get_sec_mon_state(); - if (initial_state == HPSR_SSM_ST_TRUST) { - switch (final_state) { - case HPSR_SSM_ST_NON_SECURE: - printf("SEC_MON state transitioning to Soft Fail.\n"); - sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV); - - /* - * poll till SEC_MON is in - * Soft Fail state - */ - while (((sts & HPSR_SSM_ST_MASK) != - HPSR_SSM_ST_SOFT_FAIL)) { - while (timeout) { - sts = sec_mon_in32 - (&sec_mon_regs->hp_stat); - - if ((sts & HPSR_SSM_ST_MASK) == - HPSR_SSM_ST_SOFT_FAIL) - break; - - udelay(10); - timeout--; - } - } + switch (sts) { + /* + * If initial state is check or Non-Secure, then set the Software + * Security Violation Bit and transition to Non-Secure State. + */ + case HPSR_SSM_ST_CHECK: + printf("SEC_MON state transitioning to Non Secure.\n"); + sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV); - if (timeout == 0) { - printf("SEC_MON state transition timeout.\n"); - return -1; - } + /* polling loop till SEC_MON is in Non Secure state */ + while (timeout) { + sts = get_sec_mon_state(); + + if ((sts & HPSR_SSM_ST_MASK) == + HPSR_SSM_ST_NON_SECURE) + break; + + udelay(10); + timeout--; + } - timeout = 10; + if (timeout == 0) { + printf("SEC_MON state transition timeout.\n"); + return -1; + } + break; + + /* + * If initial state is Trusted, Secure or Soft-Fail, then first set + * the Software Security Violation Bit and transition to Soft-Fail + * State. + */ + case HPSR_SSM_ST_TRUST: + case HPSR_SSM_ST_SECURE: + case HPSR_SSM_ST_SOFT_FAIL: + printf("SEC_MON state transitioning to Soft Fail.\n"); + sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV); + + /* polling loop till SEC_MON is in Soft-Fail state */ + while (timeout) { + sts = get_sec_mon_state(); + + if ((sts & HPSR_SSM_ST_MASK) == + HPSR_SSM_ST_SOFT_FAIL) + break; + + udelay(10); + timeout--; + } + + if (timeout == 0) { + printf("SEC_MON state transition timeout.\n"); + return -1; + } + + timeout = 10; + /* + * If SSM Soft Fail to Non-Secure State Transition + * disable is not set, then set SSM_ST bit and + * transition to Non-Secure State. + */ + if ((sec_mon_in32(&sec_mon_regs->hp_com) & + HPCOMR_SSM_SFNS_DIS) == 0) { printf("SEC_MON state transitioning to Non Secure.\n"); sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SSM_ST); - /* - * poll till SEC_MON is in - * Non Secure state - */ - while (((sts & HPSR_SSM_ST_MASK) != - HPSR_SSM_ST_NON_SECURE)) { - while (timeout) { - sts = sec_mon_in32 - (&sec_mon_regs->hp_stat); - - if ((sts & HPSR_SSM_ST_MASK) == - HPSR_SSM_ST_NON_SECURE) - break; - - udelay(10); - timeout--; - } - } + /* polling loop till SEC_MON is in Non Secure*/ + while (timeout) { + sts = get_sec_mon_state(); - if (timeout == 0) { - printf("SEC_MON state transition timeout.\n"); - return -1; - } - break; - case HPSR_SSM_ST_SOFT_FAIL: - printf("SEC_MON state transitioning to Soft Fail.\n"); - sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_FSV); - - /* - * polling loop till SEC_MON is in - * Soft Fail state - */ - while (((sts & HPSR_SSM_ST_MASK) != - HPSR_SSM_ST_SOFT_FAIL)) { - while (timeout) { - sts = sec_mon_in32 - (&sec_mon_regs->hp_stat); - - if ((sts & HPSR_SSM_ST_MASK) == - HPSR_SSM_ST_SOFT_FAIL) - break; - - udelay(10); - timeout--; - } + if ((sts & HPSR_SSM_ST_MASK) == + HPSR_SSM_ST_NON_SECURE) + break; + + udelay(10); + timeout--; } if (timeout == 0) { printf("SEC_MON state transition timeout.\n"); return -1; } - break; - default: - return -1; } - } else if (initial_state == HPSR_SSM_ST_NON_SECURE) { - switch (final_state) { - case HPSR_SSM_ST_SOFT_FAIL: - printf("SEC_MON state transitioning to Soft Fail.\n"); - sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_FSV); - - /* - * polling loop till SEC_MON is in - * Soft Fail state - */ - while (((sts & HPSR_SSM_ST_MASK) != - HPSR_SSM_ST_SOFT_FAIL)) { - while (timeout) { - sts = sec_mon_in32 - (&sec_mon_regs->hp_stat); - - if ((sts & HPSR_SSM_ST_MASK) == - HPSR_SSM_ST_SOFT_FAIL) - break; - - udelay(10); - timeout--; - } - } + break; + default: + printf("SEC_MON already in Non Secure state.\n"); + return 0; + } + return 0; +} - if (timeout == 0) { - printf("SEC_MON state transition timeout.\n"); - return -1; - } +static int set_sec_mon_state_soft_fail(void) +{ + u32 sts; + int timeout = 10; + struct ccsr_sec_mon_regs *sec_mon_regs = (void *) + (CONFIG_SYS_SEC_MON_ADDR); + + printf("SEC_MON state transitioning to Soft Fail.\n"); + sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_FSV); + + /* polling loop till SEC_MON is in Soft-Fail state */ + while (timeout) { + sts = get_sec_mon_state(); + + if ((sts & HPSR_SSM_ST_MASK) == + HPSR_SSM_ST_SOFT_FAIL) break; - default: - return -1; - } + + udelay(10); + timeout--; } + if (timeout == 0) { + printf("SEC_MON state transition timeout.\n"); + return -1; + } return 0; } + +int set_sec_mon_state(u32 state) +{ + int ret = -1; + + switch (state) { + case HPSR_SSM_ST_NON_SECURE: + ret = set_sec_mon_state_non_sec(); + break; + case HPSR_SSM_ST_SOFT_FAIL: + ret = set_sec_mon_state_soft_fail(); + break; + default: + printf("SEC_MON state transition not supported.\n"); + return 0; + } + + return ret; +} diff --git a/include/fsl_sec_mon.h b/include/fsl_sec_mon.h index b6794ce..1f31f88 100644 --- a/include/fsl_sec_mon.h +++ b/include/fsl_sec_mon.h @@ -34,13 +34,16 @@ struct ccsr_sec_mon_regs { u32 hp_stat; /* 0x08 SEC_MON_HP Status Register */ }; -#define HPCOMR_SW_SV 0x100 /* Security Violation bit */ -#define HPCOMR_SW_FSV 0x200 /* Fatal Security Violation bit */ -#define HPCOMR_SSM_ST 0x1 /* SSM_ST field in SEC_MON command */ +#define HPCOMR_SW_SV 0x100 /* Security Violation bit */ +#define HPCOMR_SW_FSV 0x200 /* Fatal Security Violation bit */ +#define HPCOMR_SSM_ST 0x1 /* SSM_ST field in SEC_MON command */ +#define HPCOMR_SSM_ST_DIS 0x2 /* Disable Secure to Trusted State */ +#define HPCOMR_SSM_SFNS_DIS 0x4 /* Disable Soft Fail to Non-Secure */ #define HPSR_SSM_ST_CHECK 0x900 /* SEC_MON is in check state */ #define HPSR_SSM_ST_NON_SECURE 0xb00 /* SEC_MON is in non secure state */ #define HPSR_SSM_ST_TRUST 0xd00 /* SEC_MON is in trusted state */ #define HPSR_SSM_ST_SOFT_FAIL 0x300 /* SEC_MON is in soft fail state */ +#define HPSR_SSM_ST_SECURE 0xf00 /* SEC_MON is in secure state */ #define HPSR_SSM_ST_MASK 0xf00 /* Mask for SSM_ST field */ /* @@ -53,6 +56,7 @@ enum { SEC_MON_SW_SV, }; -int change_sec_mon_state(uint32_t initial_state, uint32_t final_state); +/* Transition SEC_MON state */ +int set_sec_mon_state(u32 state); #endif /* __FSL_SEC_MON_H */