Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / 5ec6cbcc7fb9604fd70587215123b77fdc326032 / . / arch / arm / mach-stm32mp / cmd_stm32key.c
blob: 278253e472f5acf9a187264dee6adf5e79611351 [file] [log] [blame]
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
2/*
3 * Copyright (C) 2019, STMicroelectronics - All Rights Reserved
4 */
5
6#include <common.h>
7#include <command.h>
8#include <console.h>
Patrick Delaunayeb653ac2020-11-06 19:01:29 +0100[diff] [blame]9#include <log.h>
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]10#include <misc.h>
11#include <dm/device.h>
12#include <dm/uclass.h>
13
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]14/*
15 * Closed device: OTP0
16 * STM32MP15x: bit 6 of OPT0
17 * STM32MP13x: 0b111111 = 0x3F for OTP_SECURED closed device
18 */
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]19#define STM32_OTP_CLOSE_ID 0
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]20#define STM32_OTP_STM32MP13x_CLOSE_MASK 0x3F
21#define STM32_OTP_STM32MP15x_CLOSE_MASK BIT(6)
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]22
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]23/* PKH is the first element of the key list */
24#define STM32KEY_PKH 0
25
26struct stm32key {
27 char *name;
28 char *desc;
29 u8 start;
30 u8 size;
31};
32
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]33const struct stm32key stm32mp13_list[] = {
34 [STM32KEY_PKH] = {
35 .name = "PKHTH",
36 .desc = "Hash of the 8 ECC Public Keys Hashes Table (ECDSA is the authentication algorithm)",
37 .start = 24,
38 .size = 8,
39 },
40 {
41 .name = "EDMK",
42 .desc = "Encryption/Decryption Master Key",
43 .start = 92,
44 .size = 4,
45 }
46};
47
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]48const struct stm32key stm32mp15_list[] = {
49 [STM32KEY_PKH] = {
50 .name = "PKH",
51 .desc = "Hash of the ECC Public Key (ECDSA is the authentication algorithm)",
52 .start = 24,
53 .size = 8,
54 }
55};
56
57/* index of current selected key in stm32key list, 0 = PKH by default */
58static u8 stm32key_index;
59
60static u8 get_key_nb(void)
61{
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]62 if (IS_ENABLED(CONFIG_STM32MP13x))
63 return ARRAY_SIZE(stm32mp13_list);
64
65 if (IS_ENABLED(CONFIG_STM32MP15x))
66 return ARRAY_SIZE(stm32mp15_list);
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]67}
68
69static const struct stm32key *get_key(u8 index)
70{
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]71 if (IS_ENABLED(CONFIG_STM32MP13x))
72 return &stm32mp13_list[index];
73
74 if (IS_ENABLED(CONFIG_STM32MP15x))
75 return &stm32mp15_list[index];
76}
77
78static u32 get_otp_close_mask(void)
79{
80 if (IS_ENABLED(CONFIG_STM32MP13x))
81 return STM32_OTP_STM32MP13x_CLOSE_MASK;
82
83 if (IS_ENABLED(CONFIG_STM32MP15x))
84 return STM32_OTP_STM32MP15x_CLOSE_MASK;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]85}
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]86
Patrick Delaunayc6327ba2022-09-15 18:11:38 +0200[diff] [blame]87#define BSEC_LOCK_ERROR (-1)
88#define BSEC_LOCK_PERM BIT(0)
89
Patrick Delaunaye00e1f32021-06-28 14:56:01 +0200[diff] [blame]90static int get_misc_dev(struct udevice **dev)
91{
92 int ret;
93
94 ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(stm32mp_bsec), dev);
95 if (ret)
96 log_err("Can't find stm32mp_bsec driver\n");
97
98 return ret;
99}
100
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]101static void read_key_value(const struct stm32key *key, u32 addr)
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]102{
103 int i;
104
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]105 for (i = 0; i < key->size; i++) {
106 printf("%s OTP %i: [%08x] %08x\n", key->name, key->start + i,
107 addr, __be32_to_cpu(*(u32 *)addr));
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]108 addr += 4;
109 }
110}
111
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]112static int read_key_otp(struct udevice *dev, const struct stm32key *key, bool print, bool *locked)
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]113{
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]114 int i, word, ret;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]115 int nb_invalid = 0, nb_zero = 0, nb_lock = 0, nb_lock_err = 0;
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]116 u32 val, lock;
117 bool status;
118
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]119 for (i = 0, word = key->start; i < key->size; i++, word++) {
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]120 ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
121 if (ret != 4)
122 val = ~0x0;
123 ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
124 if (ret != 4)
Patrick Delaunayc6327ba2022-09-15 18:11:38 +0200[diff] [blame]125 lock = BSEC_LOCK_ERROR;
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]126 if (print)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]127 printf("%s OTP %i: %08x lock : %08x\n", key->name, word, val, lock);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]128 if (val == ~0x0)
129 nb_invalid++;
130 else if (val == 0x0)
131 nb_zero++;
Patrick Delaunayc6327ba2022-09-15 18:11:38 +0200[diff] [blame]132 if (lock & BSEC_LOCK_PERM)
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]133 nb_lock++;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]134 if (lock & BSEC_LOCK_ERROR)
135 nb_lock_err++;
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]136 }
137
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]138 status = nb_lock_err || (nb_lock == key->size);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]139 if (locked)
140 *locked = status;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]141 if (nb_lock_err && print)
142 printf("%s lock is invalid!\n", key->name);
143 else if (!status && print)
144 printf("%s is not locked!\n", key->name);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]145
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]146 if (nb_invalid == key->size) {
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]147 if (print)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]148 printf("%s is invalid!\n", key->name);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]149 return -EINVAL;
150 }
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]151 if (nb_zero == key->size) {
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]152 if (print)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]153 printf("%s is free!\n", key->name);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]154 return -ENOENT;
155 }
156
157 return 0;
158}
159
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]160static int read_close_status(struct udevice *dev, bool print, bool *closed)
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]161{
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]162 int word, ret, result;
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]163 u32 val, lock, mask;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]164 bool status;
165
166 result = 0;
167 word = STM32_OTP_CLOSE_ID;
168 ret = misc_read(dev, STM32_BSEC_OTP(word), &val, 4);
169 if (ret < 0)
170 result = ret;
171 if (ret != 4)
172 val = 0x0;
173
174 ret = misc_read(dev, STM32_BSEC_LOCK(word), &lock, 4);
175 if (ret < 0)
176 result = ret;
177 if (ret != 4)
178 lock = BSEC_LOCK_ERROR;
179
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]180 mask = get_otp_close_mask();
181 status = (val & mask) == mask;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]182 if (closed)
183 *closed = status;
184 if (print)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]185 printf("OTP %d: closed status: %d lock : %08x\n", word, status, lock);
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]186
187 return result;
188}
189
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]190static int fuse_key_value(struct udevice *dev, const struct stm32key *key, u32 addr, bool print)
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]191{
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]192 u32 word, val;
193 int i, ret;
194
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]195 for (i = 0, word = key->start; i < key->size; i++, word++, addr += 4) {
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]196 val = __be32_to_cpu(*(u32 *)addr);
Patrick Delaunayfe240902021-06-28 14:55:59 +0200[diff] [blame]197 if (print)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]198 printf("Fuse %s OTP %i : %08x\n", key->name, word, val);
Patrick Delaunayfe240902021-06-28 14:55:59 +0200[diff] [blame]199
200 ret = misc_write(dev, STM32_BSEC_OTP(word), &val, 4);
201 if (ret != 4) {
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]202 log_err("Fuse %s OTP %i failed\n", key->name, word);
Patrick Delaunayfe240902021-06-28 14:55:59 +0200[diff] [blame]203 return ret;
204 }
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]205 /* on success, lock the OTP for the key */
Patrick Delaunayc6327ba2022-09-15 18:11:38 +0200[diff] [blame]206 val = BSEC_LOCK_PERM;
Patrick Delaunay3da25522021-06-28 14:56:00 +0200[diff] [blame]207 ret = misc_write(dev, STM32_BSEC_LOCK(word), &val, 4);
208 if (ret != 4) {
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]209 log_err("Lock %s OTP %i failed\n", key->name, word);
Patrick Delaunay3da25522021-06-28 14:56:00 +0200[diff] [blame]210 return ret;
211 }
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]212 }
Patrick Delaunayfe240902021-06-28 14:55:59 +0200[diff] [blame]213
214 return 0;
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]215}
216
217static int confirm_prog(void)
218{
219 puts("Warning: Programming fuses is an irreversible operation!\n"
220 " This may brick your system.\n"
221 " Use this command only if you are sure of what you are doing!\n"
222 "\nReally perform this fuse programming? <y/N>\n");
223
224 if (confirm_yesno())
225 return 1;
226
227 puts("Fuse programming aborted\n");
228 return 0;
229}
230
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]231static void display_key_info(const struct stm32key *key)
232{
233 printf("%s : %s\n", key->name, key->desc);
234 printf("\tOTP%d..%d\n", key->start, key->start + key->size);
235}
236
237static int do_stm32key_list(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
238{
239 int i;
240
241 for (i = 0; i < get_key_nb(); i++)
242 display_key_info(get_key(i));
243
244 return CMD_RET_SUCCESS;
245}
246
247static int do_stm32key_select(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
248{
249 const struct stm32key *key;
250 int i;
251
252 if (argc == 1) {
253 printf("Selected key:\n");
254 key = get_key(stm32key_index);
255 display_key_info(key);
256 return CMD_RET_SUCCESS;
257 }
258
259 for (i = 0; i < get_key_nb(); i++) {
260 key = get_key(i);
261 if (!strcmp(key->name, argv[1])) {
262 printf("%s selected\n", key->name);
263 stm32key_index = i;
264 return CMD_RET_SUCCESS;
265 }
266 }
267
268 printf("Unknown key %s\n", argv[1]);
269
270 return CMD_RET_FAILURE;
271}
272
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]273static int do_stm32key_read(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]274{
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]275 const struct stm32key *key;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]276 struct udevice *dev;
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]277 u32 addr;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]278 int ret, i;
279 int result;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]280
281 ret = get_misc_dev(&dev);
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]282
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]283 if (argc == 1) {
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]284 if (ret)
285 return CMD_RET_FAILURE;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]286 key = get_key(stm32key_index);
287 ret = read_key_otp(dev, key, true, NULL);
288 if (ret != -ENOENT)
289 return CMD_RET_FAILURE;
290 return CMD_RET_SUCCESS;
291 }
292
293 if (!strcmp("-a", argv[1])) {
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]294 if (ret)
295 return CMD_RET_FAILURE;
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]296 result = CMD_RET_SUCCESS;
297 for (i = 0; i < get_key_nb(); i++) {
298 key = get_key(i);
299 ret = read_key_otp(dev, key, true, NULL);
300 if (ret != -ENOENT)
301 result = CMD_RET_FAILURE;
302 }
303 ret = read_close_status(dev, true, NULL);
304 if (ret)
305 result = CMD_RET_FAILURE;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]306
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]307 return result;
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]308 }
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]309
Simon Glass7e5f4602021-07-24 09:03:29 -0600[diff] [blame]310 addr = hextoul(argv[1], NULL);
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]311 if (!addr)
312 return CMD_RET_USAGE;
313
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]314 key = get_key(stm32key_index);
315 printf("Read %s at 0x%08x\n", key->name, addr);
316 read_key_value(key, addr);
Patrick Delaunayf4cb5d62019-07-05 17:20:17 +0200[diff] [blame]317
318 return CMD_RET_SUCCESS;
319}
320
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]321static int do_stm32key_fuse(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
322{
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]323 const struct stm32key *key = get_key(stm32key_index);
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]324 struct udevice *dev;
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]325 u32 addr;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]326 int ret;
327 bool yes = false, lock;
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]328
329 if (argc < 2)
330 return CMD_RET_USAGE;
331
332 if (argc == 3) {
333 if (strcmp(argv[1], "-y"))
334 return CMD_RET_USAGE;
335 yes = true;
336 }
337
Simon Glass7e5f4602021-07-24 09:03:29 -0600[diff] [blame]338 addr = hextoul(argv[argc - 1], NULL);
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]339 if (!addr)
340 return CMD_RET_USAGE;
341
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]342 ret = get_misc_dev(&dev);
343 if (ret)
344 return CMD_RET_FAILURE;
345
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]346 if (read_key_otp(dev, key, !yes, &lock) != -ENOENT) {
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]347 printf("Error: can't fuse again the OTP\n");
348 return CMD_RET_FAILURE;
349 }
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]350 if (lock) {
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]351 printf("Error: %s is locked\n", key->name);
Patrick Delaunayd3551b82021-06-28 14:56:02 +0200[diff] [blame]352 return CMD_RET_FAILURE;
353 }
354
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]355 if (!yes) {
356 printf("Writing %s with\n", key->name);
357 read_key_value(key, addr);
358 }
359
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]360 if (!yes && !confirm_prog())
361 return CMD_RET_FAILURE;
362
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]363 if (fuse_key_value(dev, key, addr, !yes))
Patrick Delaunayfe240902021-06-28 14:55:59 +0200[diff] [blame]364 return CMD_RET_FAILURE;
365
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]366 printf("%s updated !\n", key->name);
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]367
368 return CMD_RET_SUCCESS;
369}
370
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]371static int do_stm32key_close(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
372{
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]373 const struct stm32key *key;
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]374 bool yes, lock, closed;
375 struct udevice *dev;
376 u32 val;
377 int ret;
378
379 yes = false;
380 if (argc == 2) {
381 if (strcmp(argv[1], "-y"))
382 return CMD_RET_USAGE;
383 yes = true;
384 }
385
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]386 ret = get_misc_dev(&dev);
387 if (ret)
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]388 return CMD_RET_FAILURE;
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]389
390 if (read_close_status(dev, !yes, &closed))
391 return CMD_RET_FAILURE;
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]392
393 if (closed) {
394 printf("Error: already closed!\n");
395 return CMD_RET_FAILURE;
396 }
397
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]398 /* check PKH status before to close */
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]399 key = get_key(STM32KEY_PKH);
400 ret = read_key_otp(dev, key, !yes, &lock);
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]401 if (ret) {
402 if (ret == -ENOENT)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]403 printf("Error: %s not programmed!\n", key->name);
Patrick Delaunay8921b3d2022-09-15 18:11:39 +0200[diff] [blame]404 return CMD_RET_FAILURE;
405 }
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]406 if (!lock)
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]407 printf("Warning: %s not locked!\n", key->name);
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]408
409 if (!yes && !confirm_prog())
410 return CMD_RET_FAILURE;
411
Patrick Delaunaye83cef82022-09-15 18:11:41 +0200[diff] [blame]412 val = get_otp_close_mask();
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]413 ret = misc_write(dev, STM32_BSEC_OTP(STM32_OTP_CLOSE_ID), &val, 4);
414 if (ret != 4) {
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]415 printf("Error: can't update OTP %d\n", STM32_OTP_CLOSE_ID);
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]416 return CMD_RET_FAILURE;
417 }
418
419 printf("Device is closed !\n");
420
421 return CMD_RET_SUCCESS;
422}
423
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]424static char stm32key_help_text[] =
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]425 "list : list the supported key with description\n"
426 "stm32key select [<key>] : Select the key identified by <key> or display the key used for read/fuse command\n"
427 "stm32key read [<addr> | -a ] : Read the curent key at <addr> or current / all (-a) key in OTP\n"
428 "stm32key fuse [-y] <addr> : Fuse the current key at addr in OTP\n"
429 "stm32key close [-y] : Close the device\n";
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]430
Patrick Delaunayfd1f4c92022-09-15 18:11:40 +0200[diff] [blame]431U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Manage key on STM32", stm32key_help_text,
432 U_BOOT_SUBCMD_MKENT(list, 1, 0, do_stm32key_list),
433 U_BOOT_SUBCMD_MKENT(select, 2, 0, do_stm32key_select),
Patrick Delaunaybc78d5f2021-06-28 14:55:58 +0200[diff] [blame]434 U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
Patrick Delaunay80cfc6c2021-06-28 14:56:03 +0200[diff] [blame]435 U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
436 U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));