blob: a67718c2f04abc22c08d8a28381dea8860684e63 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
/* SPDX-License-Identifier: GPL-2.0+ */
/*
* Copyright 2020 Broadcom Ltd.
*/
#include <common.h>
#include <wdt.h>
#include <fdtdec.h>
#include <asm/types.h>
#include <asm/byteorder.h>
#include <linux/errno.h>
#include <asm/unaligned.h>
#include <malloc.h>
#include "tpl_params.h"
#include "bcm_secure.h"
#include "bcm_otp.h"
#include <asm/arch/rng.h>
#include "u-boot/rsa.h"
#include "u-boot/rsa-mod-exp.h"
#include <u-boot/sha256.h>
#include <uboot_aes.h>
void bcm_sec_clean_secmem(bcm_sec_t* sec)
{
if ( sec->state & SEC_STATE_SECURE) {
memset((void*)bcm_secbt_args(), 0, sizeof(bcm_secbt_args_t));
}
}
/* prevent zerofying by bss loop since we are called early in before relocation*/
static int sec_otp_ctrl(bcm_sec_t* sec, bcm_sec_ctrl_t ctrl, void* arg)
{
switch(ctrl) {
case SEC_CTRL_SOTP_LOCK_ALL:
/*
* disable sensitive blocks for sec slave
* and non-sec master*/
{
if (bcm_sotp_ctl_perm(OTP_HW_CMN_CTL_LOCK,
OTP_HW_CMN_CTL_LOCK_ALL, NULL) == OTP_MAP_CMN_ERR_UNSP) {
printf("WARNING: lock is not supported\n");
}
}
break;
default:
break;
}
return 0;
}
static int sec_key_ctrl(bcm_sec_t *sec, bcm_sec_ctrl_t ctrl, void* arg)
{
switch(ctrl) {
case SEC_CTRL_KEY_GET:
if ( sec->state & SEC_STATE_SECURE) {
bcm_sec_btrm_key_info(sec);
}
break;
case SEC_CTRL_KEY_CLEAN_ALL:
bcm_sec_clean_secmem(sec);
bcm_sec_clean_keys(sec);
break;
default:
break;
}
return 0;
}
void bcm_sec_cb_init(bcm_sec_t* sec)
{
sec->cb[SEC_CTRL_ARG_KEY].cb = sec_key_ctrl;
sec->cb[SEC_CTRL_ARG_SOTP].cb = sec_otp_ctrl;
}
|
