lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AM0PR04MB448144701DB63A3C9F05B3E488BA0@AM0PR04MB4481.eurprd04.prod.outlook.com>
Date:   Fri, 6 Sep 2019 06:57:19 +0000
From:   Peng Fan <peng.fan@....com>
To:     Peng Fan <peng.fan@....com>,
        "srinivas.kandagatla@...aro.org" <srinivas.kandagatla@...aro.org>,
        "shawnguo@...nel.org" <shawnguo@...nel.org>,
        "s.hauer@...gutronix.de" <s.hauer@...gutronix.de>
CC:     "kernel@...gutronix.de" <kernel@...gutronix.de>,
        "festevam@...il.com" <festevam@...il.com>,
        dl-linux-imx <linux-imx@....com>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Aisheng Dong <aisheng.dong@....com>
Subject: RE: [PATCH 2/2] nvmem: imx: scu: support write

> Subject: [PATCH 2/2] nvmem: imx: scu: support write

Ping..

Thanks,
Peng.

> 
> From: Peng Fan <peng.fan@....com>
> 
> The fuse programming from non-secure world is blocked, so we could only use
> Arm Trusted Firmware SIP call to let ATF program fuse.
> 
> Because there is ECC region that could only be programmed once, so add a
> heler in_ecc to check the ecc region.
> 
> Signed-off-by: Peng Fan <peng.fan@....com>
> ---
> 
> The ATF patch will soon be posted to ATF community.
> 
>  drivers/nvmem/imx-ocotp-scu.c | 73
> ++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 72 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/nvmem/imx-ocotp-scu.c b/drivers/nvmem/imx-ocotp-scu.c
> index 2f339d7432e6..0f064f2e74a8 100644
> --- a/drivers/nvmem/imx-ocotp-scu.c
> +++ b/drivers/nvmem/imx-ocotp-scu.c
> @@ -7,6 +7,7 @@
>   * Peng Fan <peng.fan@....com>
>   */
> 
> +#include <linux/arm-smccc.h>
>  #include <linux/firmware/imx/sci.h>
>  #include <linux/module.h>
>  #include <linux/nvmem-provider.h>
> @@ -14,6 +15,9 @@
>  #include <linux/platform_device.h>
>  #include <linux/slab.h>
> 
> +#define IMX_SIP_OTP			0xC200000A
> +#define IMX_SIP_OTP_WRITE		0x2
> +
>  enum ocotp_devtype {
>  	IMX8QXP,
>  };
> @@ -45,6 +49,8 @@ struct imx_sc_msg_misc_fuse_read {
>  	u32 word;
>  } __packed;
> 
> +static DEFINE_MUTEX(scu_ocotp_mutex);
> +
>  static struct ocotp_devtype_data imx8qxp_data = {
>  	.devtype = IMX8QXP,
>  	.nregs = 800,
> @@ -73,6 +79,23 @@ static bool in_hole(void *context, u32 index)
>  	return false;
>  }
> 
> +static bool in_ecc(void *context, u32 index) {
> +	struct ocotp_priv *priv = context;
> +	const struct ocotp_devtype_data *data = priv->data;
> +	int i;
> +
> +	for (i = 0; i < data->num_region; i++) {
> +		if (data->region[i].flag & ECC_REGION) {
> +			if ((index >= data->region[i].start) &&
> +			    (index <= data->region[i].end))
> +				return true;
> +		}
> +	}
> +
> +	return false;
> +}
> +
>  static int imx_sc_misc_otp_fuse_read(struct imx_sc_ipc *ipc, u32 word,
>  				     u32 *val)
>  {
> @@ -116,6 +139,8 @@ static int imx_scu_ocotp_read(void *context,
> unsigned int offset,
>  	if (!p)
>  		return -ENOMEM;
> 
> +	mutex_lock(&scu_ocotp_mutex);
> +
>  	buf = p;
> 
>  	for (i = index; i < (index + count); i++) { @@ -126,6 +151,7 @@ static int
> imx_scu_ocotp_read(void *context, unsigned int offset,
> 
>  		ret = imx_sc_misc_otp_fuse_read(priv->nvmem_ipc, i, buf);
>  		if (ret) {
> +			mutex_unlock(&scu_ocotp_mutex);
>  			kfree(p);
>  			return ret;
>  		}
> @@ -134,18 +160,63 @@ static int imx_scu_ocotp_read(void *context,
> unsigned int offset,
> 
>  	memcpy(val, (u8 *)p + offset % 4, bytes);
> 
> +	mutex_unlock(&scu_ocotp_mutex);
> +
>  	kfree(p);
> 
>  	return 0;
>  }
> 
> +static int imx_scu_ocotp_write(void *context, unsigned int offset,
> +			       void *val, size_t bytes)
> +{
> +	struct ocotp_priv *priv = context;
> +	struct arm_smccc_res res;
> +	u32 *buf = val;
> +	u32 tmp;
> +	u32 index;
> +	int ret;
> +
> +	/* allow only writing one complete OTP word at a time */
> +	if ((bytes != 4) || (offset % 4))
> +		return -EINVAL;
> +
> +	index = offset >> 2;
> +
> +	if (in_hole(context, index))
> +		return -EINVAL;
> +
> +	if (in_ecc(context, index)) {
> +		pr_warn("ECC region, only program once\n");
> +		mutex_lock(&scu_ocotp_mutex);
> +		ret = imx_sc_misc_otp_fuse_read(priv->nvmem_ipc, index, &tmp);
> +		mutex_unlock(&scu_ocotp_mutex);
> +		if (ret)
> +			return ret;
> +		if (tmp) {
> +			pr_warn("ECC region, already has value: %x\n", tmp);
> +			return -EIO;
> +		}
> +	}
> +
> +	mutex_lock(&scu_ocotp_mutex);
> +
> +	arm_smccc_smc(IMX_SIP_OTP, IMX_SIP_OTP_WRITE, index, *buf,
> +		      0, 0, 0, 0, &res);
> +
> +	mutex_unlock(&scu_ocotp_mutex);
> +
> +	return res.a0;
> +}
> +
>  static struct nvmem_config imx_scu_ocotp_nvmem_config = {
>  	.name = "imx-scu-ocotp",
> -	.read_only = true,
> +	.read_only = false,
>  	.word_size = 4,
>  	.stride = 1,
>  	.owner = THIS_MODULE,
>  	.reg_read = imx_scu_ocotp_read,
> +	.reg_write = imx_scu_ocotp_write,
>  };
> 
>  static const struct of_device_id imx_scu_ocotp_dt_ids[] = {
> --
> 2.16.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ