1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3  * Copyright 2022 Microsoft
4  *
5  * Definitions for the NXP LX2160A-series Security Fuse Processor (SFP) driver.
6  */
7 
8 #ifndef __DRIVERS_LS_SFP_H
9 #define __DRIVERS_LS_SFP_H
10 
11 #include <drivers/ls_gpio.h>
12 #include <stdlib.h>
13 #include <tee_api_types.h>
14 
15 /* SFP instruction register */
16 /* SFP is big endian */
17 #define SFP_INGR_PROGFB_CMD 0x2
18 #define SFP_INGR_ERROR_MASK 0x100
19 #define SFP_INGR_FUSE_TIMEOUT 10000
20 
21 /* SFP configuration register */
22 #define SFP_SFPCR_SB 0x20000000
23 
24 /* SFP OEM security policy register 0 */
25 #define SFP_OSPR0_WP 0x1
26 #define SFP_OSPR0_ITS 0x4
27 
28 /* SFP OEM security policy register 1 */
29 #define SFP_OSPR1_DBLEV_MASK 0x7
30 #define SFP_OSPR1_DBLEV_OPEN 0x0
31 #define SFP_OSPR1_DBLEV_CLOSED_NOTIFY 0x1
32 #define SFP_OSPR1_DBLEV_CLOSED_SILENT 0x2
33 #define SFP_OSPR1_DBLEV_CLOSED 0x4
34 
35 /**
36  * struct ls_sfp_data - Compact data struct of all SFP registers.
37  * @ingr:		Instruction Register.
38  * @svhesr:		Secret Value Hamming Error Status Register.
39  * @sfpcr:		SFP Configuration Register.
40  * @version:		SFP Version Register.
41  * @ospr0:		OEM Security Policy Register 0.
42  * @ospr1:		OEM Security Policy Register 1.
43  * @dcvr0:		Debug Challenge Value Register 0.
44  * @dcvr1:		Debug Challenge Value Register 1.
45  * @drvr0:		Debug Response Value Register 0.
46  * @drvr1:		Debug Response Value Register 1.
47  * @fswpr:		Factory Section Write Protect Register.
48  * @fuidr0:		Factory Unique ID Register 0.
49  * @fuidr1:		Factory Unique ID Register 1.
50  * @isbccr:		ISBC Configuration Register.
51  * @fspfr[0x3]:		Factory Scratch Pad Fuse Registers.
52  * @otpmkr[0x8]:	One Time Programmable Master Key.
53  * @srkhr[0x8]:		Super Root Key Hash Register.
54  * @ouidr[0x5]:		OEM Unique ID/Scratch Pad Fuse Registers.
55  */
56 struct ls_sfp_data {
57 	uint32_t ingr;
58 	uint32_t svhesr;
59 	uint32_t sfpcr;
60 	uint32_t version;
61 	uint32_t ospr0;
62 	uint32_t ospr1;
63 	uint32_t dcvr0;
64 	uint32_t dcvr1;
65 	uint32_t drvr0;
66 	uint32_t drvr1;
67 	uint32_t fswpr;
68 	uint32_t fuidr0;
69 	uint32_t fuidr1;
70 	uint32_t isbccr;
71 	uint32_t fspfr[0x3];
72 	uint32_t otpmkr[0x8];
73 	uint32_t srkhr[0x8];
74 	uint32_t ouidr[0x5];
75 };
76 
77 /**
78  * ls_sfp_read() - Read a copy of the SFP register data if the SFP driver was
79  *		   successfully initialized.
80  * @data:	Location to save SFP data.
81  *
82  * Return:	TEE_SUCCESS or > 0 on error
83  */
84 TEE_Result ls_sfp_read(struct ls_sfp_data *data);
85 
86 /**
87  * ls_sfp_get_debug_level() - Read the last 3 bits of the SFP OSPR1 register
88  *			      which denotes the debug level.
89  * @dblev:	Pointer location to store the read debug level.
90  *
91  * Return:	TEE_SUCCESS or > 0 on error.
92  */
93 TEE_Result ls_sfp_get_debug_level(uint32_t *dblev);
94 
95 /**
96  * ls_sfp_get_its() - Read bit 29 of the SFP OSPR0 register which denotes the
97  *		      ITS flag.
98  * @its:	Pointer location to store the ITS flag.
99  *
100  * Return:	TEE_SUCCESS or > 0 on error.
101  */
102 TEE_Result ls_sfp_get_its(uint32_t *its);
103 
104 /**
105  * ls_sfp_get_ouid() - Read the SFP OUID register at the given index.
106  * @index:	Index of the OUID register to read.
107  * @ouid:	Pointer location to store the OIUD register value.
108  *
109  * Return:	TEE_SUCCESS or > 0 on error.
110  */
111 TEE_Result ls_sfp_get_ouid(uint32_t index, uint32_t *ouid);
112 
113 /**
114  * ls_sfp_get_sb() - Read bit 2 of the SFP SFPCR register which denotes the
115  *		     secure boot flag.
116  * @sb:		Pointer location to store the secure boot flag.
117  *
118  * Return:	TEE_SUCCESS or > 0 on error.
119  */
120 TEE_Result ls_sfp_get_sb(uint32_t *sb);
121 
122 /**
123  * ls_sfp_get_srkh() - Read the SFP SRKH register at the given index.
124  * @index:	Index of the SRKH register to read.
125  * @srkh:	Pointer location to store the SRKH register value.
126  *
127  * Return:	TEE_SUCCESS or > 0 on error.
128  */
129 TEE_Result ls_sfp_get_srkh(uint32_t index, uint32_t *srkh);
130 
131 /**
132  * ls_sfp_set_debug_level() - Set the last 3 bits of the SFP OSPR1 register
133  *			      which denotes the debug level.
134  * @dblev:	Value to write into the SFP OSPR1 register.
135  *
136  * Return:	TEE_SUCCESS or > 0 on error.
137  */
138 TEE_Result ls_sfp_set_debug_level(uint32_t dblev);
139 
140 /**
141  * ls_sfp_set_its_wp() - Set bits 29 and 31 of the SFP OSPR0 register which
142  *			 denote the ITS and write protect flags respectively.
143  *
144  * WARNING - Setting the ITS and write protect flags will lock the mirror
145  * registers and permanently prevent any further programming of the fuse block.
146  * The system will also be forced to always attempt to secure boot which
147  * requires signature validation and the absence of any hardware security
148  * violations when booting.
149  *
150  * Return:	TEE_SUCCESS or > 0 on error.
151  */
152 TEE_Result ls_sfp_set_its_wp(void);
153 
154 /**
155  * ls_sfp_set_ouid() - Write to the SFP OUID register at the given index.
156  * @index:	Index of the OUID register to write.
157  * @ouid:	Value to write into the SFP OUID register.
158  *
159  * Return:	TEE_SUCCESS or > 0 on error.
160  */
161 TEE_Result ls_sfp_set_ouid(uint32_t index, uint32_t ouid);
162 
163 /**
164  * ls_sfp_status() - Check if the SFP driver was initialized successfully.
165  *
166  * Return:	TEE_SUCCESS or > 0 on error.
167  */
168 TEE_Result ls_sfp_status(void);
169 
170 #endif /* __DRIVERS_LS_SFP_H */
171