Commit c77586be authored by Anson Huang's avatar Anson Huang

imx: update SCFW API

This patch updates SCFW API to v1.7, based on below commit:

252281d48647 ("SCF-105: Update wiki.")
Signed-off-by: default avatarAnson Huang <Anson.Huang@nxp.com>
parent 204b6bb2
......@@ -21,7 +21,7 @@
/* Defines */
#define SCFW_API_VERSION_MAJOR 1U
#define SCFW_API_VERSION_MINOR 3U
#define SCFW_API_VERSION_MINOR 7U
#define SC_RPC_VERSION 1U
......
......@@ -27,6 +27,7 @@
/*@{*/
#define SC_32KHZ 32768U /* 32KHz */
#define SC_10MHZ 10000000U /* 10MHz */
#define SC_16MHZ 16000000U /* 16MHz */
#define SC_20MHZ 20000000U /* 20MHz */
#define SC_25MHZ 25000000U /* 25MHz */
#define SC_27MHZ 27000000U /* 27MHz */
......@@ -206,7 +207,7 @@
#define SC_R_DC_0_BLIT2 21U
#define SC_R_DC_0_BLIT_OUT 22U
#define SC_R_PERF 23U
#define SC_R_UNUSED5 24U
#define SC_R_USB_1_PHY 24U
#define SC_R_DC_0_WARP 25U
#define SC_R_UNUSED7 26U
#define SC_R_UNUSED8 27U
......@@ -732,10 +733,16 @@
#define SC_R_ALL ((sc_rsrc_t) UINT16_MAX) /* All resources */
/*@}*/
/*!
* Define for ATF/Linux. Not used by SCFW. Not a valid parameter
* for any SCFW API calls!
*/
#define SC_R_NONE 0xFFF0U
/* NOTE - please add by replacing some of the UNUSED from above! */
/*!
* Defnes for sc_ctrl_t.
* Defines for sc_ctrl_t.
*/
#define SC_C_TEMP 0U
#define SC_C_TEMP_HI 1U
......
......@@ -508,6 +508,21 @@ void sc_misc_get_boot_dev(sc_ipc_t ipc, sc_rsrc_t *dev);
*/
sc_err_t sc_misc_get_boot_type(sc_ipc_t ipc, sc_misc_bt_t *type);
/*!
* This function returns the boot container index.
*
* @param[in] ipc IPC handle
* @param[out] idx pointer to return index
*
* Return \a idx = 1 for first container, 2 for second.
*
* @return Returns and error code (SC_ERR_NONE = success).
*
* Return errors code:
* - SC_ERR_UNAVAILABLE if index not passed by ROM
*/
sc_err_t sc_misc_get_boot_container(sc_ipc_t ipc, uint8_t *idx);
/*!
* This function returns the current status of the ON/OFF button.
*
......
......@@ -140,12 +140,21 @@ typedef uint8_t sc_rm_perm_t;
* - SC_ERR_UNAVAILABLE if partition table is full (no more allocation space)
*
* Marking as non-secure prevents subsequent functions from configuring masters in this
* partition to assert the secure signal. If restricted then the new partition is limited
* in what functions it can call, especially those associated with managing partitions.
* partition to assert the secure signal. Basically, if TrustZone SW is used, the Cortex-A
* cores and peripherals the TZ SW will use should be in a secure partition. Almost all
* other partitions (for a non-secure OS or M4 cores) should be in non-secure partitions.
*
* Isolated should be true for almost all partitions. The exception is the non-secure
* partition for a Cortex-A core used to run a non-secure OS. This isn't isolated by
* domain but is instead isolated by the TZ security hardware.
*
* If restricted then the new partition is limited in what functions it can call,
* especially those associated with managing partitions.
*
* The grant option is usually used to isolate a bus master's traffic to specific
* memory without isolating the peripheral interface of the master or the API
* controls of that master.
* controls of that master. This is only used when creating a sub-partition with
* no CPU. It's useful to separate out a master and the memory it uses.
*/
sc_err_t sc_rm_partition_alloc(sc_ipc_t ipc, sc_rm_pt_t *pt, sc_bool_t secure,
sc_bool_t isolated, sc_bool_t restricted, sc_bool_t grant, sc_bool_t coherent);
......@@ -317,6 +326,12 @@ sc_err_t sc_rm_move_all(sc_ipc_t ipc, sc_rm_pt_t pt_src, sc_rm_pt_t pt_dst,
* assigned
* @param[in] resource resource to assign
*
* This function assigned a resource to a partition. This partition is then
* the owner. All resources always have an owner (one owner). The owner
* has various rights to make API calls affecting the resource. Ownership
* does not imply access to the peripheral itself (that is based on access
* rights).
*
* @return Returns an error code (SC_ERR_NONE = success).
*
* This action resets the resource's master and peripheral attributes.
......@@ -367,6 +382,12 @@ sc_err_t sc_rm_set_resource_movable(sc_ipc_t ipc, sc_rsrc_t resource_fst,
* @param[in] resource resource to use to identify subsystem
* @param[in] movable movable flag (SC_TRUE is movable)
*
* A subsystem is a physical grouping within the chip of related resources;
* this is SoC specific. This function is used to optimize moving resource
* for these groupings, for instance, an M4 core and its associated resources.
* The list of subsystems and associated resources can be found in the
* SoC-specific API document [Resources](@ref RESOURCES) chapter.
*
* @return Returns an error code (SC_ERR_NONE = success).
*
* Return errors:
......@@ -396,9 +417,13 @@ sc_err_t sc_rm_set_subsys_rsrc_movable(sc_ipc_t ipc, sc_rsrc_t resource,
* - SC_ERR_NOACCESS if caller's partition is not a parent of the resource owner,
* - SC_ERR_LOCKED if the owning partition is locked
*
* This function configures how the HW isolation will see bus transactions
* from the specified master. Note the security attribute will only be
* changed if the caller's partition is secure.
* Masters are IP blocks that generate bus transactions. This function configures
* how the isolation HW will define these bus transactions from the specified master.
* Note the security attribute will only be changed if the caller's partition is
* secure.
*
* Note an IP block can be both a master and peripheral (have both a programming model
* and generate bus transactions).
*/
sc_err_t sc_rm_set_master_attributes(sc_ipc_t ipc, sc_rsrc_t resource,
sc_rm_spa_t sa, sc_rm_spa_t pa, sc_bool_t smmu_bypass);
......@@ -444,9 +469,15 @@ sc_err_t sc_rm_set_master_sid(sc_ipc_t ipc, sc_rsrc_t resource,
* - SC_ERR_LOCKED if the owning partition is locked
* - SC_ERR_LOCKED if the \a pt is confidential and the caller isn't \a pt
*
* This function configures how the HW isolation will restrict access to a
* Peripherals are IP blocks that have a programming model that can be
* accessed.
*
* This function configures how the isolation HW will restrict access to a
* peripheral based on the attributes of a transaction from bus master. It
* also allows the access permissions of SC_R_SYSTEM to be set.
*
* Note an IP block can be both a master and peripheral (have both a programming
* model and generate bus transactions).
*/
sc_err_t sc_rm_set_peripheral_permissions(sc_ipc_t ipc, sc_rsrc_t resource,
sc_rm_pt_t pt, sc_rm_perm_t perm);
......@@ -486,6 +517,10 @@ sc_err_t sc_rm_get_resource_owner(sc_ipc_t ipc, sc_rsrc_t resource,
* @param[in] ipc IPC handle
* @param[in] resource resource to check
*
* Masters are IP blocks that generate bus transactions. Note an IP block
* can be both a master and peripheral (have both a programming model
* and generate bus transactions).
*
* @return Returns a boolean (SC_TRUE if the resource is a bus master).
*
* If \a resource is out of range then SC_FALSE is returned.
......@@ -498,6 +533,10 @@ sc_bool_t sc_rm_is_resource_master(sc_ipc_t ipc, sc_rsrc_t resource);
* @param[in] ipc IPC handle
* @param[in] resource resource to check
*
* Peripherals are IP blocks that have a programming model that can be
* accessed. Note an IP block can be both a master and peripheral (have
* both a programming model and generate bus transactions)
*
* @return Returns a boolean (SC_TRUE if the resource is a peripheral).
*
* If \a resource is out of range then SC_FALSE is returned.
......@@ -676,6 +715,12 @@ sc_err_t sc_rm_assign_memreg(sc_ipc_t ipc, sc_rm_pt_t pt, sc_rm_mr_t mr);
* applied for
* @param[in] perm permissions to apply to \a mr for \a pt
*
* This function assigned a memory region to a partition. This partition is then
* the owner. All regions always have an owner (one owner). The owner
* has various rights to make API calls affecting the region. Ownership
* does not imply access to the memory itself (that is based on access
* rights).
*
* @return Returns an error code (SC_ERR_NONE = success).
*
* Return errors:
......@@ -754,6 +799,10 @@ sc_err_t sc_rm_assign_pad(sc_ipc_t ipc, sc_rm_pt_t pt, sc_pad_t pad);
* @param[in] pad_lst last pad for which flag should be set
* @param[in] movable movable flag (SC_TRUE is movable)
*
* This function assigned a pad to a partition. This partition is then
* the owner. All pads always have an owner (one owner). The owner
* has various rights to make API calls affecting the pad.
*
* @return Returns an error code (SC_ERR_NONE = success).
*
* Return errors:
......
......@@ -38,6 +38,15 @@
#define SC_SECO_AUTH_HDMI_RX_FW 5U /* HDMI RX Firmware */
/*@}*/
/*!
* @name Defines for seco_rng_stat_t
*/
/*@{*/
#define SC_SECO_RNG_STAT_UNAVAILABLE 0U /* Unable to initialize the RNG */
#define SC_SECO_RNG_STAT_INPROGRESS 1U /* Initialization is on-going */
#define SC_SECO_RNG_STAT_READY 2U /* Initialized */
/*@}*/
/* Types */
/*!
......@@ -45,6 +54,11 @@
*/
typedef uint8_t sc_seco_auth_cmd_t;
/*!
* This type is used to return the RNG initialization status.
*/
typedef uint32_t sc_seco_rng_stat_t;
/* Functions */
/*!
......@@ -504,6 +518,41 @@ sc_err_t sc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
*/
sc_err_t sc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr);
/*!
* This function applies a patch.
*
* @param[in] ipc IPC handle
* @param[in] addr address of message block
*
* @return Returns and error code (SC_ERR_NONE = success).
*
* Return errors codes:
* - SC_ERR_UNAVAILABLE if SECO not available
*
* Note \a addr must be a pointer to a signed message block.
*
* See the Security Reference Manual (SRM) for more info.
*/
sc_err_t sc_seco_patch(sc_ipc_t ipc, sc_faddr_t addr);
/*!
* This function starts the random number generator.
*
* @param[in] ipc IPC handle
* @param[out] status pointer to return state of RNG
*
* @return Returns and error code (SC_ERR_NONE = success).
*
* Return errors codes:
* - SC_ERR_UNAVAILABLE if SECO not available
*
* The RNG is started automatically after all CPUs are booted. This
* function can be used to start earlier and to check the status.
*
* See the Security Reference Manual (SRM) for more info.
*/
sc_err_t sc_seco_start_rng(sc_ipc_t ipc, sc_seco_rng_stat_t *status);
/* @} */
#endif /* SC_SECO_API_H */
......
......@@ -651,6 +651,25 @@ sc_err_t sc_misc_get_boot_type(sc_ipc_t ipc, sc_misc_bt_t *type)
return (sc_err_t)result;
}
sc_err_t sc_misc_get_boot_container(sc_ipc_t ipc, uint8_t *idx)
{
sc_rpc_msg_t msg;
uint8_t result;
RPC_VER(&msg) = SC_RPC_VERSION;
RPC_SVC(&msg) = U8(SC_RPC_SVC_MISC);
RPC_FUNC(&msg) = U8(MISC_FUNC_GET_BOOT_CONTAINER);
RPC_SIZE(&msg) = 1U;
sc_call_rpc(ipc, &msg, SC_FALSE);
result = RPC_R8(&msg);
if (idx != NULL)
*idx = RPC_U8(&msg, 0U);
return (sc_err_t)result;
}
void sc_misc_get_button_status(sc_ipc_t ipc, sc_bool_t *status)
{
sc_rpc_msg_t msg;
......
......@@ -56,6 +56,7 @@
#define MISC_FUNC_GET_TEMP 13U /* Index for misc_get_temp() RPC call */
#define MISC_FUNC_GET_BOOT_DEV 16U /* Index for misc_get_boot_dev() RPC call */
#define MISC_FUNC_GET_BOOT_TYPE 33U /* Index for misc_get_boot_type() RPC call */
#define MISC_FUNC_GET_BOOT_CONTAINER 36U /* Index for misc_get_boot_container() RPC call */
#define MISC_FUNC_GET_BUTTON_STATUS 18U /* Index for misc_get_button_status() RPC call */
#define MISC_FUNC_ROMPATCH_CHECKSUM 26U /* Index for misc_rompatch_checksum() RPC call */
#define MISC_FUNC_BOARD_IOCTL 34U /* Index for misc_board_ioctl() RPC call */
......
......@@ -44,6 +44,8 @@
#define SECO_FUNC_ENABLE_DEBUG 18U /* Index for seco_enable_debug() RPC call */
#define SECO_FUNC_GET_EVENT 19U /* Index for seco_get_event() RPC call */
#define SECO_FUNC_FUSE_WRITE 20U /* Index for seco_fuse_write() RPC call */
#define SECO_FUNC_PATCH 21U /* Index for seco_patch() RPC call */
#define SECO_FUNC_START_RNG 22U /* Index for seco_start_rng() RPC call */
/*@}*/
/* Types */
......
......@@ -425,5 +425,42 @@ sc_err_t sc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr)
return (sc_err_t)result;
}
sc_err_t sc_seco_patch(sc_ipc_t ipc, sc_faddr_t addr)
{
sc_rpc_msg_t msg;
uint8_t result;
RPC_VER(&msg) = SC_RPC_VERSION;
RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
RPC_FUNC(&msg) = U8(SECO_FUNC_PATCH);
RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
RPC_U32(&msg, 4U) = U32(addr);
RPC_SIZE(&msg) = 3U;
sc_call_rpc(ipc, &msg, SC_FALSE);
result = RPC_R8(&msg);
return (sc_err_t)result;
}
sc_err_t sc_seco_start_rng(sc_ipc_t ipc, sc_seco_rng_stat_t *status)
{
sc_rpc_msg_t msg;
uint8_t result;
RPC_VER(&msg) = SC_RPC_VERSION;
RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
RPC_FUNC(&msg) = U8(SECO_FUNC_START_RNG);
RPC_SIZE(&msg) = 1U;
sc_call_rpc(ipc, &msg, SC_FALSE);
if (status != NULL)
*status = RPC_U32(&msg, 0U);
result = RPC_R8(&msg);
return (sc_err_t)result;
}
/**@}*/
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment