2023-11-17 14:34:30

by Patrick Delaunay

[permalink] [raw]
Subject: [PATCH 2/4] nvmem: stm32: add support for STM32MP25 BSEC to control OTP data

On STM32MP25, OTP area may be read/written by using BSEC (boot, security
and OTP control). The BSEC internal peripheral is only managed by the
secure world.

The 12 Kbits of OTP (effective) are organized into the following regions:
- lower OTP (OTP0 to OTP127) = 4096 lower OTP bits,
bitwise (1-bit) programmable
- mid OTP (OTP128 to OTP255) = 4096 middle OTP bits,
bulk (32-bit) programmable
- upper OTP (OTP256 to OTP383) = 4096 upper OTP bits,
bulk (32-bit) programmable,
only accessible when BSEC is in closed state.

As HWKEY and ECIES key are only accessible by ROM code;
only 368 OTP words are managed in this driver (OTP0 to OTP267).

This patch adds the STM32MP25 configuration for reading and writing
the OTP data using the OP-TEE BSEC TA services.

Signed-off-by: Patrick Delaunay <[email protected]>
---

drivers/nvmem/stm32-romem.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)

diff --git a/drivers/nvmem/stm32-romem.c b/drivers/nvmem/stm32-romem.c
index 8a553b1799a8..82879b1c9eb9 100644
--- a/drivers/nvmem/stm32-romem.c
+++ b/drivers/nvmem/stm32-romem.c
@@ -269,6 +269,19 @@ static const struct stm32_romem_cfg stm32mp13_bsec_cfg = {
.ta = true,
};

+/*
+ * STM32MP25 BSEC OTP: 3 regions of 32-bits data words
+ * lower OTP (OTP0 to OTP127), bitwise (1-bit) programmable
+ * mid OTP (OTP128 to OTP255), bulk (32-bit) programmable
+ * upper OTP (OTP256 to OTP383), bulk (32-bit) programmable
+ * but no access to HWKEY and ECIES key: limited at OTP367
+ */
+static const struct stm32_romem_cfg stm32mp25_bsec_cfg = {
+ .size = 368 * 4,
+ .lower = 127,
+ .ta = true,
+};
+
static const struct of_device_id stm32_romem_of_match[] __maybe_unused = {
{ .compatible = "st,stm32f4-otp", }, {
.compatible = "st,stm32mp15-bsec",
@@ -276,6 +289,9 @@ static const struct of_device_id stm32_romem_of_match[] __maybe_unused = {
}, {
.compatible = "st,stm32mp13-bsec",
.data = (void *)&stm32mp13_bsec_cfg,
+ }, {
+ .compatible = "st,stm32mp25-bsec",
+ .data = (void *)&stm32mp25_bsec_cfg,
},
{ /* sentinel */ },
};
--
2.25.1