Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / trini / u-boot / fe78378d7df90541c09b279b67ce79ebbdca93d5^! / . / drivers
commitfe78378d7df90541c09b279b67ce79ebbdca93d5[log] [tgz]
authorgaurav rana <gaurav.rana@freescale.com>Fri Feb 27 09:44:22 2015 +0530
committerYork Sun <yorksun@freescale.com>Thu Mar 05 12:04:59 2015 -0800
tree8e098a4a1e6c3eb73cf610a4992c7d75231fe9af
parenta2e225e65df3d0fe0ddefec77a3db05b881d1e68 [diff]
fsl_sec_mon: Add driver for Security Monitor block of Freescale

The Security Monitor is the SOC’s central reporting point for
security-relevant events such as the success or failure of boot
software validation and the detection of potential security compromises.

The API's for transition of Security states have been added
which will be used in case of SECURE BOOT.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>

diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 0df25c3..36a8f0d 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig

@@ -53,3 +53,11 @@
 	  but otherwise makes few changes. Since cros_ec also supports
 	  LPC (which doesn't support driver model yet), a full
 	  conversion is not yet possible.
+
+config CONFIG_FSL_SEC_MON
+	bool "Enable FSL SEC_MON Driver"
+	help
+	  Freescale Security Monitor block is responsible for monitoring
+	  system states.
+	  Security Monitor can be transitioned on any security failures,
+	  like software violations or hardware security violations.

diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index a34972d..6028cd4 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile

@@ -28,3 +28,4 @@
 obj-$(CONFIG_STATUS_LED) += status_led.o
 obj-$(CONFIG_TWL4030_LED) += twl4030_led.o
 obj-$(CONFIG_FSL_IFC) += fsl_ifc.o
+obj-$(CONFIG_FSL_SEC_MON) += fsl_sec_mon.o

diff --git a/drivers/misc/fsl_sec_mon.c b/drivers/misc/fsl_sec_mon.c
new file mode 100644
index 0000000..d482a7d
--- /dev/null
+++ b/drivers/misc/fsl_sec_mon.c

@@ -0,0 +1,146 @@
+/*
+ * Copyright 2015 Freescale Semiconductor, Inc.
+ *
+ * SPDX-License-Identifier:	GPL-2.0+
+ */
+
+#include <common.h>
+#include <fsl_sec_mon.h>
+
+int change_sec_mon_state(u32 initial_state, u32 final_state)
+{
+	struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
+						(CONFIG_SYS_SEC_MON_ADDR);
+	u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
+	int timeout = 10;
+
+	if ((sts & HPSR_SSM_ST_MASK) != initial_state)
+		return -1;
+
+	if (initial_state == HPSR_SSM_ST_TRUST) {
+		switch (final_state) {
+		case HPSR_SSM_ST_NON_SECURE:
+			printf("SEC_MON state transitioning to Soft Fail.\n");
+			sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV);
+
+			/*
+			 * poll till SEC_MON is in
+			 * Soft Fail state
+			 */
+			while (((sts & HPSR_SSM_ST_MASK) !=
+				HPSR_SSM_ST_SOFT_FAIL)) {
+				while (timeout) {
+					sts = sec_mon_in32
+						(&sec_mon_regs->hp_stat);
+
+					if ((sts & HPSR_SSM_ST_MASK) ==
+						HPSR_SSM_ST_SOFT_FAIL)
+						break;
+
+					udelay(10);
+					timeout--;
+				}
+			}
+
+			if (timeout == 0) {
+				printf("SEC_MON state transition timeout.\n");
+				return -1;
+			}
+
+			timeout = 10;
+
+			printf("SEC_MON state transitioning to Non Secure.\n");
+			sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SSM_ST);
+
+			/*
+			 * poll till SEC_MON is in
+			 * Non Secure state
+			 */
+			while (((sts & HPSR_SSM_ST_MASK) !=
+				HPSR_SSM_ST_NON_SECURE)) {
+				while (timeout) {
+					sts = sec_mon_in32
+						(&sec_mon_regs->hp_stat);
+
+					if ((sts & HPSR_SSM_ST_MASK) ==
+						HPSR_SSM_ST_NON_SECURE)
+						break;
+
+					udelay(10);
+					timeout--;
+				}
+			}
+
+			if (timeout == 0) {
+				printf("SEC_MON state transition timeout.\n");
+				return -1;
+			}
+			break;
+		case HPSR_SSM_ST_SOFT_FAIL:
+			printf("SEC_MON state transitioning to Soft Fail.\n");
+			sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_FSV);
+
+			/*
+			 * polling loop till SEC_MON is in
+			 * Soft Fail state
+			 */
+			while (((sts & HPSR_SSM_ST_MASK) !=
+				HPSR_SSM_ST_SOFT_FAIL)) {
+				while (timeout) {
+					sts = sec_mon_in32
+						(&sec_mon_regs->hp_stat);
+
+					if ((sts & HPSR_SSM_ST_MASK) ==
+						HPSR_SSM_ST_SOFT_FAIL)
+						break;
+
+					udelay(10);
+					timeout--;
+				}
+			}
+
+			if (timeout == 0) {
+				printf("SEC_MON state transition timeout.\n");
+				return -1;
+			}
+			break;
+		default:
+			return -1;
+		}
+	} else if (initial_state == HPSR_SSM_ST_NON_SECURE) {
+		switch (final_state) {
+		case HPSR_SSM_ST_SOFT_FAIL:
+			printf("SEC_MON state transitioning to Soft Fail.\n");
+			sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_FSV);
+
+			/*
+			 * polling loop till SEC_MON is in
+			 * Soft Fail state
+			 */
+			while (((sts & HPSR_SSM_ST_MASK) !=
+				HPSR_SSM_ST_SOFT_FAIL)) {
+				while (timeout) {
+					sts = sec_mon_in32
+						(&sec_mon_regs->hp_stat);
+
+					if ((sts & HPSR_SSM_ST_MASK) ==
+						HPSR_SSM_ST_SOFT_FAIL)
+						break;
+
+					udelay(10);
+					timeout--;
+				}
+			}
+
+			if (timeout == 0) {
+				printf("SEC_MON state transition timeout.\n");
+				return -1;
+			}
+			break;
+		default:
+			return -1;
+		}
+	}
+
+	return 0;
+}