2 * Copyright (C) 2012-2015 Freescale Semiconductor, Inc. All Rights Reserved.
4 * SPDX-License-Identifier: GPL-2.0+
8 #ifndef __ARCH_MX6_HAB_H
9 #define __ARCH_MX6_HAB_H
11 #ifdef CONFIG_SECURE_BOOT
13 #include <linux/types.h>
14 #include <asm/arch/sys_proto.h>
16 int get_hab_status(void);
18 /* -------- start of HAB API updates ------------*/
19 /* The following are taken from HAB4 SIS */
21 /* Status definitions */
22 typedef enum hab_status {
29 /* Security Configuration definitions */
31 HAB_CFG_RETURN = 0x33, /* < Field Return IC */
32 HAB_CFG_OPEN = 0xf0, /* < Non-secure IC */
33 HAB_CFG_CLOSED = 0xcc /* < Secure IC */
36 /* State definitions */
38 HAB_STATE_INITIAL = 0x33, /* Initialising state (transitory) */
39 HAB_STATE_CHECK = 0x55, /* Check state (non-secure) */
40 HAB_STATE_NONSECURE = 0x66, /* Non-secure state */
41 HAB_STATE_TRUSTED = 0x99, /* Trusted state */
42 HAB_STATE_SECURE = 0xaa, /* Secure state */
43 HAB_STATE_FAIL_SOFT = 0xcc, /* Soft fail state */
44 HAB_STATE_FAIL_HARD = 0xff, /* Hard fail state (terminal) */
45 HAB_STATE_NONE = 0xf0, /* No security state machine */
49 typedef enum hab_target {
50 HAB_TGT_MEMORY = 0x0f, /* Check memory white list */
51 HAB_TGT_PERIPHERAL = 0xf0, /* Check peripheral white list*/
52 HAB_TGT_ANY = 0x55, /**< Check memory & peripheral white list */
55 enum HAB_FUNC_OFFSETS {
60 HAB_RVT_AUTHENTICATE_IMAGE,
65 HAB_RVT_REPORT_STATUS,
70 HAB_RSN_ANY = 0x00, /* Match any reason */
71 HAB_ENG_FAIL = 0x30, /* Engine failure */
72 HAB_INV_ADDRESS = 0x22, /* Invalid address: access denied */
73 HAB_INV_ASSERTION = 0x0c, /* Invalid assertion */
74 HAB_INV_CALL = 0x28, /* Function called out of sequence */
75 HAB_INV_CERTIFICATE = 0x21, /* Invalid certificate */
76 HAB_INV_COMMAND = 0x06, /* Invalid command: command malformed */
77 HAB_INV_CSF = 0x11, /* Invalid csf */
78 HAB_INV_DCD = 0x27, /* Invalid dcd */
79 HAB_INV_INDEX = 0x0f, /* Invalid index: access denied */
80 HAB_INV_IVT = 0x05, /* Invalid ivt */
81 HAB_INV_KEY = 0x1d, /* Invalid key */
82 HAB_INV_RETURN = 0x1e, /* Failed callback function */
83 HAB_INV_SIGNATURE = 0x18, /* Invalid signature */
84 HAB_INV_SIZE = 0x17, /* Invalid data size */
85 HAB_MEM_FAIL = 0x2e, /* Memory failure */
86 HAB_OVR_COUNT = 0x2b, /* Expired poll count */
87 HAB_OVR_STORAGE = 0x2d, /* Exhausted storage region */
88 HAB_UNS_ALGORITHM = 0x12, /* Unsupported algorithm */
89 HAB_UNS_COMMAND = 0x03, /* Unsupported command */
90 HAB_UNS_ENGINE = 0x0a, /* Unsupported engine */
91 HAB_UNS_ITEM = 0x24, /* Unsupported configuration item */
92 HAB_UNS_KEY = 0x1b, /* Unsupported key type/parameters */
93 HAB_UNS_PROTOCOL = 0x14, /* Unsupported protocol */
94 HAB_UNS_STATE = 0x09, /* Unsuitable state */
99 HAB_CTX_ANY = 0x00, /* Match any context */
100 HAB_CTX_FAB = 0xff, /* Event logged in hab_fab_test() */
101 HAB_CTX_ENTRY = 0xe1, /* Event logged in hab_rvt.entry() */
102 HAB_CTX_TARGET = 0x33, /* Event logged in hab_rvt.check_target() */
103 HAB_CTX_AUTHENTICATE = 0x0a,/* Logged in hab_rvt.authenticate_image() */
104 HAB_CTX_DCD = 0xdd, /* Event logged in hab_rvt.run_dcd() */
105 HAB_CTX_CSF = 0xcf, /* Event logged in hab_rvt.run_csf() */
106 HAB_CTX_COMMAND = 0xc0, /* Event logged executing csf/dcd command */
107 HAB_CTX_AUT_DAT = 0xdb, /* Authenticated data block */
108 HAB_CTX_ASSERT = 0xa0, /* Event logged in hab_rvt.assert() */
109 HAB_CTX_EXIT = 0xee, /* Event logged in hab_rvt.exit() */
113 /*Function prototype description*/
114 typedef enum hab_status hab_rvt_report_event_t(enum hab_status, uint32_t,
116 typedef enum hab_status hab_rvt_report_status_t(enum hab_config *,
118 typedef enum hab_status hab_loader_callback_f_t(void**, size_t*, const void*);
119 typedef enum hab_status hab_rvt_entry_t(void);
120 typedef enum hab_status hab_rvt_exit_t(void);
121 typedef void *hab_rvt_authenticate_image_t(uint8_t, ptrdiff_t,
122 void **, size_t *, hab_loader_callback_f_t);
124 typedef hab_status_t hab_rvt_run_dcd_t(const uint8_t *dcd);
126 typedef hab_status_t hab_rvt_run_csf_t(const uint8_t *csf, uint8_t cid);
128 typedef hab_status_t hab_rvt_assert_t(uint32_t, const void *,
131 typedef hab_status_t hab_rvt_report_event_t(hab_status_t, uint32_t,
134 typedef hab_status_t hab_rvt_report_status_t(enum hab_config *,
137 typedef void hapi_clock_init_t(void);
139 #define HAB_ENG_ANY 0x00 /* Select first compatible engine */
140 #define HAB_ENG_SCC 0x03 /* Security controller */
141 #define HAB_ENG_RTIC 0x05 /* Run-time integrity checker */
142 #define HAB_ENG_SAHARA 0x06 /* Crypto accelerator */
143 #define HAB_ENG_CSU 0x0a /* Central Security Unit */
144 #define HAB_ENG_SRTC 0x0c /* Secure clock */
145 #define HAB_ENG_DCP 0x1b /* Data Co-Processor */
146 #define HAB_ENG_CAAM 0x1d /* CAAM */
147 #define HAB_ENG_SNVS 0x1e /* Secure Non-Volatile Storage */
148 #define HAB_ENG_OCOTP 0x21 /* Fuse controller */
149 #define HAB_ENG_DTCP 0x22 /* DTCP co-processor */
150 #define HAB_ENG_ROM 0x36 /* Protected ROM area */
151 #define HAB_ENG_HDCP 0x24 /* HDCP co-processor */
152 #define HAB_ENG_RTL 0x77 /* RTL simulation engine */
153 #define HAB_ENG_SW 0xff /* Software engine */
155 #ifdef CONFIG_SOC_MX6SX
156 #define HAB_RVT_BASE 0x00000100
158 #define HAB_RVT_BASE 0x00000094
161 static inline void **hab_rvt_base(void)
165 if (((is_cpu_type(MXC_CPU_MX6Q) || is_cpu_type(MXC_CPU_MX6D)) &&
166 soc_rev() >= CHIP_REV_1_5) ||
167 (is_cpu_type(MXC_CPU_MX6DL) && soc_rev() >= CHIP_REV_1_2) ||
168 is_cpu_type(MXC_CPU_MX6SOLO))
172 if ((*base & 0xff0000ff) != cpu_to_be32(0xdd000041)) {
173 printf("Invalid RVT @ %p\n", base);
176 return (void **)base;
179 #define HAB_CID_ROM 0 /**< ROM Caller ID */
180 #define HAB_CID_UBOOT 1 /**< UBOOT Caller ID*/
182 /* ----------- end of HAB API updates ------------*/
184 #define hab_rvt_entry_p \
185 ((hab_rvt_entry_t *)hab_rvt_base()[HAB_RVT_ENTRY])
187 #define hab_rvt_exit_p \
188 ((hab_rvt_exit_t *)hab_rvt_base()[HAB_RVT_EXIT])
190 #define hab_rvt_check_target_p \
191 ((hab_rvt_check_target_t*)hab_rvt_base()[HAB_RVT_CHECK_TARGET])
193 #define hab_rvt_authenticate_image_p \
194 ((hab_rvt_authenticate_image_t *)hab_rvt_base()[HAB_RVT_AUTHENTICATE_IMAGE])
196 #define hab_rvt_run_dcd_p \
197 ((hab_rvt_run_dcd_t*)hab_rvt_base()[HAB_RVT_RUN_DCD])
199 #define hab_rvt_run_csf_p \
200 ((hab_rvt_run_csf_t*)hab_rvt_base()[HAB_RVT_RUN_CSF])
202 #define hab_rvt_assert_p \
203 ((hab_rvt_assert_t*)hab_rvt_base()[HAB_RVT_ASSERT])
205 #define hab_rvt_report_event_p \
206 ((hab_rvt_report_event_t*)hab_rvt_base()[HAB_RVT_REPORT_EVENT])
208 #define hab_rvt_report_status_p \
209 ((hab_rvt_report_status_t*)hab_rvt_base()[HAB_RVT_REPORT_STATUS])
211 #define HAB_FUNC(n, rt) \
212 static inline rt hab_rvt_##n(void) \
214 if (hab_rvt_base() == NULL) \
216 return hab_rvt_##n##_p(); \
219 #define HAB_FUNC1(n, rt, t1) \
220 static inline rt hab_rvt_##n(t1 p1) \
222 if (hab_rvt_base() == NULL) \
224 return hab_rvt_##n##_p(p1); \
227 #define HAB_FUNC2(n, rt, t1, t2) \
228 static inline rt hab_rvt_##n(t1 p1, t2 p2) \
230 if (hab_rvt_base() == NULL) \
232 return hab_rvt_##n##_p(p1, p2); \
235 #define HAB_FUNC3(n, rt, t1, t2, t3) \
236 static inline rt hab_rvt_##n(t1 p1, t2 p2, t3 p3) \
238 if (hab_rvt_base() == NULL) \
240 return hab_rvt_##n##_p(p1, p2, p3); \
243 #define HAB_FUNC4(n, rt, t1, t2, t3, t4) \
244 static inline rt hab_rvt_##n(t1 p1, t2 p2, t3 p3, t4 p4) \
246 if (hab_rvt_base() == NULL) \
248 return hab_rvt_##n##_p(p1, p2, p3, p4); \
251 #define HAB_FUNC5(n, rt, t1, t2, t3, t4, t5) \
252 static inline rt hab_rvt_##n(t1 p1, t2 p2, t3 p3, t4 p4, t5 p5) \
254 if (hab_rvt_base() == NULL) \
256 return hab_rvt_##n##_p(p1, p2, p3, p4, p5); \
259 #else /* CONFIG_SECURE_BOOT */
261 static inline int get_hab_status(void)
266 #endif /* CONFIG_SECURE_BOOT */
267 #endif /* __ARCH_MX6_HAB_H */