arm: stm32mp: add helper function stm32mp_is_closed()

Add the helper function stm32mp_is_closed() to check the "closed" state in
product life cycle, when product secrets have  been provisioned into the
device, by "secure secret provisioning" tools (SSP) for example.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>

diff --git a/arch/arm/mach-stm32mp/cmd_stm32key.c b/arch/arm/mach-stm32mp/cmd_stm32key.c
index d6bf72d..6bfa678 100644 (file)
--- a/arch/arm/mach-stm32mp/cmd_stm32key.c
+++ b/arch/arm/mach-stm32mp/cmd_stm32key.c
@@ -618,3 +618,25 @@ U_BOOT_CMD_WITH_SUBCMDS(stm32key, "Manage key on STM32", stm32key_help_text,
        U_BOOT_SUBCMD_MKENT(read, 2, 0, do_stm32key_read),
        U_BOOT_SUBCMD_MKENT(fuse, 3, 0, do_stm32key_fuse),
        U_BOOT_SUBCMD_MKENT(close, 2, 0, do_stm32key_close));
+
+/*
+ * Check the "closed" state in product life cycle, when product secrets have
+ * been provisioned into the device, by SSP tools for example.
+ * On closed devices, authentication is mandatory.
+ */
+bool stm32mp_is_closed(void)
+{
+       struct udevice *dev;
+       bool closed;
+       int ret;
+
+       ret = get_misc_dev(&dev);
+       if (ret)
+               return false;
+
+       ret = read_close_status(dev, false, &closed);
+       if (ret)
+               return false;
+
+       return closed;
+}

diff --git a/arch/arm/mach-stm32mp/include/mach/sys_proto.h b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
index bf1c397..1907366 100644 (file)
--- a/arch/arm/mach-stm32mp/include/mach/sys_proto.h
+++ b/arch/arm/mach-stm32mp/include/mach/sys_proto.h
@@ -120,3 +120,10 @@ u32 get_otp(int index, int shift, int mask);
 
 uintptr_t get_stm32mp_rom_api_table(void);
 uintptr_t get_stm32mp_bl2_dtb(void);
+
+/* helper function: check "closed" state in product "Life Cycle" */
+#ifdef CONFIG_CMD_STM32KEY
+bool stm32mp_is_closed(void);
+#else
+static inline bool stm32mp_is_closed(void) { return false; }
+#endif