diff options
Diffstat (limited to 'arch/arm/mach-stm32mp/stm32mp1')
| -rw-r--r-- | arch/arm/mach-stm32mp/stm32mp1/Makefile | 1 | ||||
| -rw-r--r-- | arch/arm/mach-stm32mp/stm32mp1/psci.c | 14 | ||||
| -rw-r--r-- | arch/arm/mach-stm32mp/stm32mp1/stm32mp15x.c | 35 |
3 files changed, 47 insertions, 3 deletions
diff --git a/arch/arm/mach-stm32mp/stm32mp1/Makefile b/arch/arm/mach-stm32mp/stm32mp1/Makefile index 857148747ef..ebae50f66c9 100644 --- a/arch/arm/mach-stm32mp/stm32mp1/Makefile +++ b/arch/arm/mach-stm32mp/stm32mp1/Makefile @@ -8,7 +8,6 @@ obj-y += cpu.o obj-$(CONFIG_STM32MP13X) += stm32mp13x.o obj-$(CONFIG_STM32MP15X) += stm32mp15x.o -obj-$(CONFIG_STM32_ECDSA_VERIFY) += ecdsa_romapi.o ifdef CONFIG_SPL_BUILD obj-y += spl.o obj-y += tzc400.o diff --git a/arch/arm/mach-stm32mp/stm32mp1/psci.c b/arch/arm/mach-stm32mp/stm32mp1/psci.c index 8cdeb0ab3f2..4f2379df45f 100644 --- a/arch/arm/mach-stm32mp/stm32mp1/psci.c +++ b/arch/arm/mach-stm32mp/stm32mp1/psci.c @@ -703,6 +703,8 @@ void __secure psci_system_suspend(u32 __always_unused function_id, { u32 saved_mcudivr, saved_pll3cr, saved_pll4cr, saved_mssckselr; u32 gicd_addr = stm32mp_get_gicd_base_address(); + u32 cpu = psci_get_cpu_id(); + u32 sp = (u32)__secure_stack_end - (cpu << ARM_PSCI_STACK_SHIFT); bool iwdg1_wake = false; bool iwdg2_wake = false; bool other_wake = false; @@ -805,4 +807,16 @@ void __secure psci_system_suspend(u32 __always_unused function_id, writel(SYSCFG_CMPENR_MPUEN, STM32_SYSCFG_BASE + SYSCFG_CMPENSETR); clrbits_le32(STM32_SYSCFG_BASE + SYSCFG_CMPCR, SYSCFG_CMPCR_SW_CTRL); + + /* + * The system has resumed successfully. Rewrite LR register stored + * on stack with 'ep' value, so that on return from this PSCI call, + * the code would jump to that 'ep' resume entry point code path + * instead of the previous 'lr' register content which (e.g. with + * Linux) points to resume failure code path. + * + * See arch/arm/cpu/armv7/psci.S _smc_psci: for the stack layout + * used here, SP-4 is PC, SP-8 is LR, SP-12 is R7, and so on. + */ + writel(ep, sp - 8); } diff --git a/arch/arm/mach-stm32mp/stm32mp1/stm32mp15x.c b/arch/arm/mach-stm32mp/stm32mp1/stm32mp15x.c index afc56b02eea..d75ec99d6a1 100644 --- a/arch/arm/mach-stm32mp/stm32mp1/stm32mp15x.c +++ b/arch/arm/mach-stm32mp/stm32mp1/stm32mp15x.c @@ -14,6 +14,7 @@ #include <asm/arch/sys_proto.h> #include <dm/device.h> #include <dm/uclass.h> +#include <linux/bitfield.h> /* RCC register */ #define RCC_TZCR (STM32_RCC_BASE + 0x00) @@ -41,6 +42,9 @@ #define TZC_REGION_ID_ACCESS0 (STM32_TZC_BASE + 0x114) #define TAMP_CR1 (STM32_TAMP_BASE + 0x00) +#define TAMP_SMCR (STM32_TAMP_BASE + 0x20) +#define TAMP_SMCR_BKPRWDPROT GENMASK(7, 0) +#define TAMP_SMCR_BKPWDPROT GENMASK(23, 16) #define PWR_CR1 (STM32_PWR_BASE + 0x00) #define PWR_MCUCR (STM32_PWR_BASE + 0x14) @@ -136,6 +140,18 @@ static void security_init(void) */ writel(0x0, TAMP_CR1); + /* + * TAMP: Configure non-zero secure protection settings. This is + * checked by BootROM function 35ac on OTP-CLOSED device during + * CPU core 1 release from endless loop. If secure protection + * fields are zero, the core 1 is not released from endless + * loop on second SGI0. + */ + clrsetbits_le32(TAMP_SMCR, + TAMP_SMCR_BKPRWDPROT | TAMP_SMCR_BKPWDPROT, + FIELD_PREP(TAMP_SMCR_BKPRWDPROT, 0x20) | + FIELD_PREP(TAMP_SMCR_BKPWDPROT, 0x20)); + /* GPIOZ: deactivate the security */ writel(BIT(0), RCC_MP_AHB5ENSETR); writel(0x0, GPIOZ_SECCFGR); @@ -322,8 +338,23 @@ void get_soc_name(char name[SOC_NAME_SIZE]) get_cpu_string_offsets(&type, &pkg, &rev); - snprintf(name, SOC_NAME_SIZE, "STM32MP%s%s Rev.%s", - soc_type[type], soc_pkg[pkg], soc_rev[rev]); + if (bsec_dbgswenable()) { + snprintf(name, SOC_NAME_SIZE, "STM32MP%s%s Rev.%s", + soc_type[type], soc_pkg[pkg], soc_rev[rev]); + } else { + /* + * SoC revision is only accessible via DBUMCU IDC register, + * which requires BSEC.DENABLE DBGSWENABLE bit to be set to + * make the register accessible, otherwise an access to the + * register triggers bus fault. As BSEC.DBGSWENABLE is zero + * in case of an OTP-CLOSED system, do NOT set DBGSWENABLE + * bit as this might open a brief window for timing attacks. + * Instead, report that this system is OTP-CLOSED and do not + * report any SoC revision to avoid confusing users. + */ + snprintf(name, SOC_NAME_SIZE, "STM32MP%s%s SEC/C", + soc_type[type], soc_pkg[pkg]); + } } static void setup_soc_type_pkg_rev(void) |