diff options
author | Stefano Babic <sbabic@denx.de> | 2013-06-28 00:20:21 +0200 |
---|---|---|
committer | Stefano Babic <sbabic@denx.de> | 2013-08-31 15:06:29 +0200 |
commit | b83c709e8d3f29721f32d66f19f953a2f818afbc (patch) | |
tree | 54859fcb4d11575b3ec6b101f17e4d08a50050ca /arch/arm/cpu/armv7/mx6 | |
parent | 0187c985aa870a74caeecd3bd10244322b7e4d99 (diff) |
imx: add status reporting for HAB status
Add functions to report the HAB (High Assurance Boot) status
of e.g. i.MX6 CPUs.
This is taken from
git://git.freescale.com/imx/uboot-imx.git branch imx_v2009.08_3.0.35_4.0.0
cpu/arm_cortexa8/mx6/generic.c
include/asm-arm/arch-mx6/mx6_secure.h
Signed-off-by: Stefano Babic <sbabic@denx.de>
Diffstat (limited to 'arch/arm/cpu/armv7/mx6')
-rw-r--r-- | arch/arm/cpu/armv7/mx6/Makefile | 7 | ||||
-rw-r--r-- | arch/arm/cpu/armv7/mx6/hab.c | 104 |
2 files changed, 108 insertions, 3 deletions
diff --git a/arch/arm/cpu/armv7/mx6/Makefile b/arch/arm/cpu/armv7/mx6/Makefile index c5e98582d0..6d736174db 100644 --- a/arch/arm/cpu/armv7/mx6/Makefile +++ b/arch/arm/cpu/armv7/mx6/Makefile @@ -11,10 +11,11 @@ include $(TOPDIR)/config.mk LIB = $(obj)lib$(SOC).o -COBJS = soc.o clock.o +COBJS-y = soc.o clock.o +COBJS-$(CONFIG_SECURE_BOOT) += hab.o -SRCS := $(SOBJS:.o=.S) $(COBJS:.o=.c) -OBJS := $(addprefix $(obj),$(SOBJS) $(COBJS)) +SRCS := $(SOBJS:.o=.S) $(COBJS-y:.o=.c) +OBJS := $(addprefix $(obj),$(SOBJS) $(COBJS-y)) all: $(obj).depend $(LIB) diff --git a/arch/arm/cpu/armv7/mx6/hab.c b/arch/arm/cpu/armv7/mx6/hab.c new file mode 100644 index 0000000000..5187775365 --- /dev/null +++ b/arch/arm/cpu/armv7/mx6/hab.c @@ -0,0 +1,104 @@ +/* + * Copyright (C) 2010-2013 Freescale Semiconductor, Inc. + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include <common.h> +#include <asm/io.h> +#include <asm/arch/hab.h> + +/* -------- start of HAB API updates ------------*/ +#define hab_rvt_report_event ((hab_rvt_report_event_t *)HAB_RVT_REPORT_EVENT) +#define hab_rvt_report_status ((hab_rvt_report_status_t *)HAB_RVT_REPORT_STATUS) +#define hab_rvt_authenticate_image \ + ((hab_rvt_authenticate_image_t *)HAB_RVT_AUTHENTICATE_IMAGE) +#define hab_rvt_entry ((hab_rvt_entry_t *)HAB_RVT_ENTRY) +#define hab_rvt_exit ((hab_rvt_exit_t *)HAB_RVT_EXIT) +#define hab_rvt_clock_init HAB_RVT_CLOCK_INIT + +bool is_hab_enabled(void) +{ + struct ocotp_regs *ocotp = (struct ocotp_regs *)OCOTP_BASE_ADDR; + struct fuse_bank *bank = &ocotp->bank[0]; + struct fuse_bank0_regs *fuse = + (struct fuse_bank0_regs *)bank->fuse_regs; + uint32_t reg = readl(&fuse->cfg5); + + return (reg & 0x2) == 0x2; +} + +void display_event(uint8_t *event_data, size_t bytes) +{ + uint32_t i; + + if (!(event_data && bytes > 0)) + return; + + for (i = 0; i < bytes; i++) { + if (i == 0) + printf("\t0x%02x", event_data[i]); + else if ((i % 8) == 0) + printf("\n\t0x%02x", event_data[i]); + else + printf(" 0x%02x", event_data[i]); + } +} + +int get_hab_status(void) +{ + uint32_t index = 0; /* Loop index */ + uint8_t event_data[128]; /* Event data buffer */ + size_t bytes = sizeof(event_data); /* Event size in bytes */ + enum hab_config config = 0; + enum hab_state state = 0; + + if (is_hab_enabled()) + puts("\nSecure boot enabled\n"); + else + puts("\nSecure boot disabled\n"); + + /* Check HAB status */ + if (hab_rvt_report_status(&config, &state) != HAB_SUCCESS) { + printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", + config, state); + + /* Display HAB Error events */ + while (hab_rvt_report_event(HAB_FAILURE, index, event_data, + &bytes) == HAB_SUCCESS) { + puts("\n"); + printf("--------- HAB Event %d -----------------\n", + index + 1); + puts("event data:\n"); + display_event(event_data, bytes); + puts("\n"); + bytes = sizeof(event_data); + index++; + } + } + /* Display message if no HAB events are found */ + else { + printf("\nHAB Configuration: 0x%02x, HAB State: 0x%02x\n", + config, state); + puts("No HAB Events Found!\n\n"); + } + return 0; +} + +int do_hab_status(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ + if ((argc != 1)) { + cmd_usage(cmdtp); + return 1; + } + + get_hab_status(); + + return 0; +} + +U_BOOT_CMD( + hab_status, CONFIG_SYS_MAXARGS, 1, do_hab_status, + "display HAB status", + "" + ); |