Eric Lee / smarc-uboot

Download as
Browse Code ยป

Commit bacee7266d7296bbb08b8df647ce350038c6c96a

Authored by Ye Li
1 parent f435435f2e
Exists in smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga and in 4 other branches smarc-imx6_v2018.03_4.14.98_2.0.0_ga, smarc-imx7_v2018.03_4.14.98_2.0.0_ga, smarc_8m-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8m_00d0-imx_v2018.03_4.14.98_2.0.0_ga

MLK-20884-1 imx8qm/qxp: Update SCFW API to latest commit 

Update SCFW API to below commit which has deprecated APIs with
misc_seco prefix.

commit 30b8f67097d65c6e22f218b106aeafdc636aece3
Author: Chuck Cannon <chuck.cannon@nxp.com>
Date:   Fri Jan 25 15:24:55 2019 -0600

    SCF-60: MISRA fixes.

    Signed-off-by: Chuck Cannon <chuck.cannon@nxp.com>

Signed-off-by: Ye Li <ye.li@nxp.com>

Showing 16 changed files with 1143 additions and 299 deletions Side-by-side Diff

arch/arm/include/asm/mach-imx/sci/rpc.h
Diff comments   View file @ bacee72
... ... @@ -43,7 +43,8 @@
43 43 #define SC_RPC_SVC_PAD 6U
44 44 #define SC_RPC_SVC_MISC 7U
45 45 #define SC_RPC_SVC_IRQ 8U
46   -#define SC_RPC_SVC_ABORT 9U
  46 +#define SC_RPC_SVC_SECO 9U
  47 +#define SC_RPC_SVC_ABORT 10U
47 48  
48 49 #define SC_RPC_ASYNC_STATE_RD_START 0U
49 50 #define SC_RPC_ASYNC_STATE_RD_ACTIVE 1U
arch/arm/include/asm/mach-imx/sci/sci.h
Diff comments   View file @ bacee72
... ... @@ -31,6 +31,7 @@
31 31 #include <asm/mach-imx/sci/svc/pm/api.h>
32 32 #include <asm/mach-imx/sci/svc/rm/api.h>
33 33 #include <asm/mach-imx/sci/svc/timer/api.h>
  34 +#include <asm/mach-imx/sci/svc/seco/api.h>
34 35  
35 36 #define SC_IPC_AP_CH0 (MU_BASE_ADDR(0))
36 37 #define SC_IPC_AP_CH1 (MU_BASE_ADDR(1))
arch/arm/include/asm/mach-imx/sci/svc/irq/api.h
Diff comments   View file @ bacee72
... ... @@ -25,7 +25,7 @@
25 25  
26 26 /* Defines */
27 27  
28   -#define SC_IRQ_NUM_GROUP 6U /*!< Number of groups */
  28 +#define SC_IRQ_NUM_GROUP 7U /*!< Number of groups */
29 29  
30 30 /*!
31 31 * @name Defines for sc_irq_group_t
... ... @@ -37,6 +37,7 @@
37 37 #define SC_IRQ_GROUP_WAKE 3U /*!< Wakeup interrupts */
38 38 #define SC_IRQ_GROUP_SYSCTR 4U /*!< System counter interrupts */
39 39 #define SC_IRQ_GROUP_REBOOTED 5U /*!< Partition reboot complete */
  40 +#define SC_IRQ_GROUP_REBOOT 6U /*!< Partition reboot starting */
40 41 /*@}*/
41 42  
42 43 /*!
arch/arm/include/asm/mach-imx/sci/svc/misc/api.h
Diff comments   View file @ bacee72
... ... @@ -207,314 +207,76 @@
207 207 */
208 208  
209 209 /*!
210   - * This function loads a SECO image.
211   - *
212   - * @param[in] ipc IPC handle
213   - * @param[in] addr_src address of image source
214   - * @param[in] addr_dst address of image destination
215   - * @param[in] len lenth of image to load
216   - * @param[in] fw SC_TRUE = firmware load
217   - *
218   - * @return Returns an error code (SC_ERR_NONE = success).
219   - *
220   - * Return errors codes:
221   - * - SC_ERR_PARM if word fuse index param out of range or invalid
222   - * - SC_ERR_UNAVAILABLE if SECO not available
223   - *
224   - * This is used to load images via the SECO. Examples include SECO
225   - * Firmware and IVT/CSF data used for authentication. These are usually
226   - * loaded into SECO TCM. \a addr_src is in secure memory.
227   - *
228   - * See the Security Reference Manual (SRM) for more info.
  210 + * @deprecated Use sc_seco_image_load() instead.
229 211 */
230 212 sc_err_t sc_misc_seco_image_load(sc_ipc_t ipc, sc_faddr_t addr_src,
231 213 sc_faddr_t addr_dst, uint32_t len, sc_bool_t fw);
232 214  
233 215 /*!
234   - * This function is used to authenticate a SECO image or command.
235   - *
236   - * @param[in] ipc IPC handle
237   - * @param[in] cmd authenticate command
238   - * @param[in] addr address of/or metadata
239   - *
240   - * @return Returns an error code (SC_ERR_NONE = success).
241   - *
242   - * Return errors codes:
243   - * - SC_ERR_PARM if word fuse index param out of range or invalid
244   - * - SC_ERR_UNAVAILABLE if SECO not available
245   - *
246   - * This is used to authenticate a SECO image or issue a security
247   - * command. \a addr often points to an container. It is also
248   - * just data (or even unused) for some commands.
249   - *
250   - * See the Security Reference Manual (SRM) for more info.
  216 + * @deprecated Use sc_seco_authenticate() instead.
251 217 */
252 218 sc_err_t sc_misc_seco_authenticate(sc_ipc_t ipc,
253 219 sc_misc_seco_auth_cmd_t cmd, sc_faddr_t addr);
254 220  
255 221 /*!
256   - * This function is used to load a SECO key.
257   - *
258   - * @param[in] ipc IPC handle
259   - * @param[in] id key identifier
260   - * @param[in] addr key address
261   - *
262   - * @return Returns an error code (SC_ERR_NONE = success).
263   - *
264   - * Return errors codes:
265   - * - SC_ERR_PARM if word fuse index param out of range or invalid
266   - * - SC_ERR_UNAVAILABLE if SECO not available
267   - *
268   - * This function is used to install private cryptographic keys encapsulated
269   - * in a blob previously generated by SECO. The controller can be either the
270   - * IEE or the VPU. The blob header carries the controller type and the key
271   - * size, as provided by the user when generating the key blob.
272   - *
273   - * See the Security Reference Manual (SRM) for more info.
  222 + * @deprecated Use sc_seco_fuse_write() instead.
274 223 */
275   -sc_err_t sc_misc_seco_load_key(sc_ipc_t ipc, uint32_t id,
276   - sc_faddr_t addr);
277   -
278   -/*!
279   - * This function securely writes a group of fuse words.
280   - *
281   - * @param[in] ipc IPC handle
282   - * @param[in] addr address of message block
283   - *
284   - * @return Returns and error code (SC_ERR_NONE = success).
285   - *
286   - * Return errors codes:
287   - * - SC_ERR_UNAVAILABLE if SECO not available
288   - *
289   - * Note \a addr must be a pointer to a signed message block.
290   - *
291   - * See the Security Reference Manual (SRM) for more info.
292   - */
293 224 sc_err_t sc_misc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr);
294 225  
295 226 /*!
296   - * This function securely enables debug.
297   - *
298   - * @param[in] ipc IPC handle
299   - * @param[in] addr address of message block
300   - *
301   - * @return Returns and error code (SC_ERR_NONE = success).
302   - *
303   - * Return errors codes:
304   - * - SC_ERR_UNAVAILABLE if SECO not available
305   - *
306   - * Note \a addr must be a pointer to a signed message block.
307   - *
308   - * See the Security Reference Manual (SRM) for more info.
  227 + * @deprecated Use sc_seco_enable_debug() instead.
309 228 */
310 229 sc_err_t sc_misc_seco_enable_debug(sc_ipc_t ipc, sc_faddr_t addr);
311 230  
312 231 /*!
313   - * This function updates the lifecycle of the device.
314   - *
315   - * @param[in] ipc IPC handle
316   - * @param[in] change desired lifecycle transistion
317   - *
318   - * @return Returns and error code (SC_ERR_NONE = success).
319   - *
320   - * Return errors codes:
321   - * - SC_ERR_UNAVAILABLE if SECO not available
322   - *
323   - * This message is used for going from Open to NXP Closed to OEM Closed.
324   - * Note \a change is NOT the new desired lifecycle. It is a lifecycle
325   - * transition as documented in the Security Reference Manual (SRM).
326   - *
327   - * If any SECO request fails or only succeeds because the part is in an
328   - * "OEM open" lifecycle, then a request to transition from "NXP closed"
329   - * to "OEM closed" will also fail. For example, booting a signed container
330   - * when the OEM SRK is not fused will succeed, but as it is an abnormal
331   - * situation, a subsequent request to transition the lifecycle will return
332   - * an error.
  232 + * @deprecated Use sc_seco_forward_lifecycle() instead.
333 233 */
334 234 sc_err_t sc_misc_seco_forward_lifecycle(sc_ipc_t ipc, uint32_t change);
335 235  
336 236 /*!
337   - * This function updates the lifecycle to one of the return lifecycles.
338   - *
339   - * @param[in] ipc IPC handle
340   - * @param[in] addr address of message block
341   - *
342   - * @return Returns and error code (SC_ERR_NONE = success).
343   - *
344   - * Return errors codes:
345   - * - SC_ERR_UNAVAILABLE if SECO not available
346   - *
347   - * Note \a addr must be a pointer to a signed message block.
348   - *
349   - * To switch back to NXP states (Full Field Return), message must be signed
350   - * by NXP SRK. For OEM States (Partial Field Return), must be signed by OEM
351   - * SRK.
352   - *
353   - * See the Security Reference Manual (SRM) for more info.
  237 + * @deprecated Use sc_seco_return_lifecycle() instead.
354 238 */
355 239 sc_err_t sc_misc_seco_return_lifecycle(sc_ipc_t ipc, sc_faddr_t addr);
356 240  
357 241 /*!
358   - * This function is used to return the SECO FW build info.
359   - *
360   - * @param[in] ipc IPC handle
361   - * @param[out] version pointer to return build number
362   - * @param[out] commit pointer to return commit ID (git SHA-1)
  242 + * @deprecated Use sc_seco_build_info() instead.
363 243 */
364 244 void sc_misc_seco_build_info(sc_ipc_t ipc, uint32_t *version,
365 245 uint32_t *commit);
366 246  
367 247 /*!
368   - * This function is used to return SECO chip info.
369   - *
370   - * @param[in] ipc IPC handle
371   - * @param[out] lc pointer to return lifecycle
372   - * @param[out] monotonic pointer to return monotonic counter
373   - * @param[out] uid_l pointer to return UID (lower 32 bits)
374   - * @param[out] uid_h pointer to return UID (upper 32 bits)
  248 + * @deprecated Use sc_seco_chip_info() instead.
375 249 */
376 250 sc_err_t sc_misc_seco_chip_info(sc_ipc_t ipc, uint16_t *lc,
377 251 uint16_t *monotonic, uint32_t *uid_l, uint32_t *uid_h);
378 252  
379 253 /*!
380   - * This function is used to return an event from the SECO error log.
381   - *
382   - * @param[in] ipc IPC handle
383   - * @param[out] idx index of event to return
384   - * @param[out] event pointer to return event
385   - *
386   - * @return Returns an error code (SC_ERR_NONE = success).
387   - *
388   - * Read of \a idx 0 captures events from SECO. Loop starting
389   - * with 0 until an error is returned to dump all events.
  254 + * @deprecated Use sc_seco_attest_mode() instead.
390 255 */
391   -sc_err_t sc_misc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
392   - uint32_t *event);
393   -
394   -/*!
395   - * This function is used to set the attestation mode. Only the owner of
396   - * the SC_R_ATTESTATION resource may make this call.
397   - *
398   - * @param[in] ipc IPC handle
399   - * @param[in] mode mode
400   - *
401   - * @return Returns an error code (SC_ERR_NONE = success).
402   - *
403   - * Return errors codes:
404   - * - SC_ERR_PARM if \a mode is invalid
405   - * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
406   - * - SC_ERR_UNAVAILABLE if SECO not available
407   - *
408   - * This is used to set the SECO attestation mode. This can be prover
409   - * or verfier. See the Security Reference Manual (SRM) for more on the
410   - * suported modes, mode values, and mode behavior.
411   - */
412 256 sc_err_t sc_misc_seco_attest_mode(sc_ipc_t ipc, uint32_t mode);
413 257  
414 258 /*!
415   - * This function is used to request atestation. Only the owner of
416   - * the SC_R_ATTESTATION resource may make this call.
417   - *
418   - * @param[in] ipc IPC handle
419   - * @param[in] nonce unique value
420   - *
421   - * @return Returns an error code (SC_ERR_NONE = success).
422   - *
423   - * Return errors codes:
424   - * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
425   - * - SC_ERR_UNAVAILABLE if SECO not available
426   - *
427   - * This is used to ask SECO to perform an attestation. The result depends
428   - * on the attestation mode. After this call, the signature can be
429   - * requested or a verify can be requested.
430   - *
431   - * See the Security Reference Manual (SRM) for more info.
  259 + * @deprecated Use sc_seco_attest() instead.
432 260 */
433 261 sc_err_t sc_misc_seco_attest(sc_ipc_t ipc, uint64_t nonce);
434 262  
435 263 /*!
436   - * This function is used to retrieve the attestation public key.
437   - * Mode must be verifier. Only the owner of the SC_R_ATTESTATION resource
438   - * may make this call.
439   - *
440   - * @param[in] ipc IPC handle
441   - * @param[in] addr address to write response
442   - *
443   - * Result will be written to \a addr. The \a addr parmater must point
444   - * to an address SECO can access. It must be 64-bit aligned. There
445   - * should be 96 bytes of space.
446   - *
447   - * @return Returns an error code (SC_ERR_NONE = success).
448   - *
449   - * Return errors codes:
450   - * - SC_ERR_PARM if \a addr bad or attestation has not been requested
451   - * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
452   - * - SC_ERR_UNAVAILABLE if SECO not available
453   - *
454   - * See the Security Reference Manual (SRM) for more info.
  264 + * @deprecated Use sc_seco_get_attest_pkey() instead.
455 265 */
456 266 sc_err_t sc_misc_seco_get_attest_pkey(sc_ipc_t ipc, sc_faddr_t addr);
457 267  
458 268 /*!
459   - * This function is used to retrieve attestation signature and parameters.
460   - * Mode must be provider. Only the owner of the SC_R_ATTESTATION resource
461   - * may make this call.
462   - *
463   - * @param[in] ipc IPC handle
464   - * @param[in] addr address to write response
465   - *
466   - * Result will be written to \a addr. The \a addr parmater must point
467   - * to an address SECO can access. It must be 64-bit aligned. There
468   - * should be 120 bytes of space.
469   - *
470   - * @return Returns an error code (SC_ERR_NONE = success).
471   - *
472   - * Return errors codes:
473   - * - SC_ERR_PARM if \a addr bad or attestation has not been requested
474   - * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
475   - * - SC_ERR_UNAVAILABLE if SECO not available
476   - *
477   - * See the Security Reference Manual (SRM) for more info.
  269 + * @deprecated Use sc_seco_get_attest_sign() instead.
478 270 */
479 271 sc_err_t sc_misc_seco_get_attest_sign(sc_ipc_t ipc, sc_faddr_t addr);
480 272  
481 273 /*!
482   - * This function is used to verify attestation. Mode must be verifier.
483   - * Only the owner of the SC_R_ATTESTATION resource may make this call.
484   - *
485   - * @param[in] ipc IPC handle
486   - * @param[in] addr address of signature
487   - *
488   - * The \a addr parmater must point to an address SECO can access. It must be
489   - * 64-bit aligned.
490   - *
491   - * @return Returns an error code (SC_ERR_NONE = success).
492   - *
493   - * Return errors codes:
494   - * - SC_ERR_PARM if \a addr bad or attestation has not been requested
495   - * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
496   - * - SC_ERR_UNAVAILABLE if SECO not available
497   - * - SC_ERR_FAIL if signature doesn't match
498   - *
499   - * See the Security Reference Manual (SRM) for more info.
  274 + * @deprecated Use sc_seco_attest_verify() instead.
500 275 */
501 276 sc_err_t sc_misc_seco_attest_verify(sc_ipc_t ipc, sc_faddr_t addr);
502 277  
503 278 /*!
504   - * This function is used to commit into the fuses any new SRK revocation
505   - * and FW version information that have been found in the primary and
506   - * secondary containers.
507   - *
508   - * @param[in] ipc IPC handle
509   - * @param[in,out] info pointer to information type to be committed
510   - *
511   - * The return \a info will contain what was actually committed.
512   - *
513   - * @return Returns an error code (SC_ERR_NONE = success).
514   - *
515   - * Return errors codes:
516   - * - SC_ERR_PARM if \a info is invalid
517   - * - SC_ERR_UNAVAILABLE if SECO not available
  279 + * @deprecated Use sc_seco_commit() instead.
518 280 */
519 281 sc_err_t sc_misc_seco_commit(sc_ipc_t ipc, uint32_t *info);
520 282  
arch/arm/include/asm/mach-imx/sci/svc/pm/api.h
Diff comments   View file @ bacee72
... ... @@ -687,11 +687,28 @@
687 687 * possible. SC state (partitions, power, clocks, etc.) is reset. The
688 688 * boot SW of the booting CPU must be able to handle peripherals that
689 689 * that are not reset.
  690 + *
  691 + * If board_reboot_part() returns a non-0 mask, then the reboot will
  692 + * be delayed until all partitions indicated in the mask have called
  693 + * sc_pm_reboot_continue() to continue the boot.
690 694 */
691 695 sc_err_t sc_pm_reboot_partition(sc_ipc_t ipc, sc_rm_pt_t pt,
692 696 sc_pm_reset_type_t type);
693 697  
694 698 /*!
  699 + * This function is used to continue the reboot a partition.
  700 + *
  701 + * @param[in] ipc IPC handle
  702 + * @param[in] pt handle of partition to continue
  703 + *
  704 + * @return Returns an error code (SC_ERR_NONE = success).
  705 + *
  706 + * Return errors:
  707 + * - SC_ERR_PARM if invalid partition
  708 + */
  709 +sc_err_t sc_pm_reboot_continue(sc_ipc_t ipc, sc_rm_pt_t pt);
  710 +
  711 +/*!
695 712 * This function is used to start/stop a CPU.
696 713 *
697 714 * @param[in] ipc IPC handle
... ... @@ -737,6 +754,19 @@
737 754 * on the core has to understand and deal with this.
738 755 */
739 756 void sc_pm_cpu_reset(sc_ipc_t ipc, sc_rsrc_t resource, sc_faddr_t address);
  757 +
  758 +/*!
  759 + * This function returns a bool indicating if a partition was started.
  760 + *
  761 + * @param[in] ipc IPC handle
  762 + * @param[in] pt handle of partition to check
  763 + *
  764 + * @return Returns a bool (SC_TRUE = started).
  765 + *
  766 + * Note this indicates if a partition was started. It does not indicate if a
  767 + * partition is currently running or in a low power state.
  768 + */
  769 +sc_bool_t sc_pm_is_partition_started(sc_ipc_t ipc, sc_rm_pt_t pt);
740 770  
741 771 /* @} */
742 772  
arch/arm/include/asm/mach-imx/sci/svc/rm/api.h
Diff comments   View file @ bacee72
... ... @@ -464,6 +464,21 @@
464 464 sc_bool_t sc_rm_is_resource_owned(sc_ipc_t ipc, sc_rsrc_t resource);
465 465  
466 466 /*!
  467 + * This function is used to get the owner of a resource.
  468 + *
  469 + * @param[in] ipc IPC handle
  470 + * @param[in] resource resource to check
  471 + * @param[out] pt pointer to return owning partition
  472 + *
  473 + * Return errors:
  474 + * - SC_PARM if arguments out of range or invalid
  475 + *
  476 + * If \a resource is out of range then SC_ERR_PARM is returned.
  477 + */
  478 +sc_err_t sc_rm_get_resource_owner(sc_ipc_t ipc, sc_rsrc_t resource,
  479 + sc_rm_pt_t *pt);
  480 +
  481 +/*!
467 482 * This function is used to test if a resource is a bus master.
468 483 *
469 484 * @param[in] ipc IPC handle
arch/arm/include/asm/mach-imx/sci/svc/seco/api.h
Diff comments   View file @ bacee72
  1 +/*
  2 + * Copyright (C) 2016 Freescale Semiconductor, Inc.
  3 + * Copyright 2017-2018 NXP
  4 + *
  5 + * SPDX-License-Identifier: GPL-2.0+
  6 + */
  7 +
  8 +/*!
  9 + * Header file containing the public API for the System Controller (SC)
  10 + * Security (SECO) function.
  11 + *
  12 + * @addtogroup SECO_SVC (SVC) Security Service
  13 + *
  14 + * Module for the Security (SECO) service.
  15 + *
  16 + * @{
  17 + */
  18 +
  19 +#ifndef SC_SECO_API_H
  20 +#define SC_SECO_API_H
  21 +
  22 +/* Includes */
  23 +
  24 +#include <asm/mach-imx/sci/types.h>
  25 +#include <asm/mach-imx/sci/svc/rm/api.h>
  26 +
  27 +/* Defines */
  28 +
  29 +/*!
  30 + * @name Defines for sc_seco_auth_cmd_t
  31 + */
  32 +/*@{*/
  33 +#define SC_SECO_AUTH_CONTAINER 0U /*!< Authenticate container */
  34 +#define SC_SECO_VERIFY_IMAGE 1U /*!< Verify image */
  35 +#define SC_SECO_REL_CONTAINER 2U /*!< Release container */
  36 +#define SC_SECO_AUTH_SECO_FW 3U /*!< SECO Firmware */
  37 +#define SC_SECO_AUTH_HDMI_TX_FW 4U /*!< HDMI TX Firmware */
  38 +#define SC_SECO_AUTH_HDMI_RX_FW 5U /*!< HDMI RX Firmware */
  39 +/*@}*/
  40 +
  41 +/* Types */
  42 +
  43 +/*!
  44 + * This type is used to issue SECO authenticate commands.
  45 + */
  46 +typedef uint8_t sc_seco_auth_cmd_t;
  47 +
  48 +/* Functions */
  49 +
  50 +/*!
  51 + * @name Image Functions
  52 + * @{
  53 + */
  54 +
  55 +/*!
  56 + * This function loads a SECO image.
  57 + *
  58 + * @param[in] ipc IPC handle
  59 + * @param[in] addr_src address of image source
  60 + * @param[in] addr_dst address of image destination
  61 + * @param[in] len lenth of image to load
  62 + * @param[in] fw SC_TRUE = firmware load
  63 + *
  64 + * @return Returns an error code (SC_ERR_NONE = success).
  65 + *
  66 + * Return errors codes:
  67 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  68 + * - SC_ERR_UNAVAILABLE if SECO not available
  69 + *
  70 + * This is used to load images via the SECO. Examples include SECO
  71 + * Firmware and IVT/CSF data used for authentication. These are usually
  72 + * loaded into SECO TCM. \a addr_src is in secure memory.
  73 + *
  74 + * See the Security Reference Manual (SRM) for more info.
  75 + */
  76 +sc_err_t sc_seco_image_load(sc_ipc_t ipc, sc_faddr_t addr_src,
  77 + sc_faddr_t addr_dst, uint32_t len, sc_bool_t fw);
  78 +
  79 +/*!
  80 + * This function is used to authenticate a SECO image or command.
  81 + *
  82 + * @param[in] ipc IPC handle
  83 + * @param[in] cmd authenticate command
  84 + * @param[in] addr address of/or metadata
  85 + *
  86 + * @return Returns an error code (SC_ERR_NONE = success).
  87 + *
  88 + * Return errors codes:
  89 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  90 + * - SC_ERR_UNAVAILABLE if SECO not available
  91 + *
  92 + * This is used to authenticate a SECO image or issue a security
  93 + * command. \a addr often points to an container. It is also
  94 + * just data (or even unused) for some commands.
  95 + *
  96 + * See the Security Reference Manual (SRM) for more info.
  97 + */
  98 +sc_err_t sc_seco_authenticate(sc_ipc_t ipc,
  99 + sc_seco_auth_cmd_t cmd, sc_faddr_t addr);
  100 +
  101 +/* @} */
  102 +
  103 +/*!
  104 + * @name Lifecycle Functions
  105 + * @{
  106 + */
  107 +
  108 +/*!
  109 + * This function updates the lifecycle of the device.
  110 + *
  111 + * @param[in] ipc IPC handle
  112 + * @param[in] change desired lifecycle transistion
  113 + *
  114 + * @return Returns and error code (SC_ERR_NONE = success).
  115 + *
  116 + * Return errors codes:
  117 + * - SC_ERR_UNAVAILABLE if SECO not available
  118 + *
  119 + * This message is used for going from Open to NXP Closed to OEM Closed.
  120 + * Note \a change is NOT the new desired lifecycle. It is a lifecycle
  121 + * transition as documented in the Security Reference Manual (SRM).
  122 + *
  123 + * If any SECO request fails or only succeeds because the part is in an
  124 + * "OEM open" lifecycle, then a request to transition from "NXP closed"
  125 + * to "OEM closed" will also fail. For example, booting a signed container
  126 + * when the OEM SRK is not fused will succeed, but as it is an abnormal
  127 + * situation, a subsequent request to transition the lifecycle will return
  128 + * an error.
  129 + */
  130 +sc_err_t sc_seco_forward_lifecycle(sc_ipc_t ipc, uint32_t change);
  131 +
  132 +/*!
  133 + * This function updates the lifecycle to one of the return lifecycles.
  134 + *
  135 + * @param[in] ipc IPC handle
  136 + * @param[in] addr address of message block
  137 + *
  138 + * @return Returns and error code (SC_ERR_NONE = success).
  139 + *
  140 + * Return errors codes:
  141 + * - SC_ERR_UNAVAILABLE if SECO not available
  142 + *
  143 + * Note \a addr must be a pointer to a signed message block.
  144 + *
  145 + * To switch back to NXP states (Full Field Return), message must be signed
  146 + * by NXP SRK. For OEM States (Partial Field Return), must be signed by OEM
  147 + * SRK.
  148 + *
  149 + * See the Security Reference Manual (SRM) for more info.
  150 + */
  151 +sc_err_t sc_seco_return_lifecycle(sc_ipc_t ipc, sc_faddr_t addr);
  152 +
  153 +/*!
  154 + * This function is used to commit into the fuses any new SRK revocation
  155 + * and FW version information that have been found in the primary and
  156 + * secondary containers.
  157 + *
  158 + * @param[in] ipc IPC handle
  159 + * @param[in,out] info pointer to information type to be committed
  160 + *
  161 + * The return \a info will contain what was actually committed.
  162 + *
  163 + * @return Returns an error code (SC_ERR_NONE = success).
  164 + *
  165 + * Return errors codes:
  166 + * - SC_ERR_PARM if \a info is invalid
  167 + * - SC_ERR_UNAVAILABLE if SECO not available
  168 + */
  169 +sc_err_t sc_seco_commit(sc_ipc_t ipc, uint32_t *info);
  170 +
  171 +/* @} */
  172 +
  173 +/*!
  174 + * @name Attestation Functions
  175 + * @{
  176 + */
  177 +
  178 +/*!
  179 + * This function is used to set the attestation mode. Only the owner of
  180 + * the SC_R_ATTESTATION resource may make this call.
  181 + *
  182 + * @param[in] ipc IPC handle
  183 + * @param[in] mode mode
  184 + *
  185 + * @return Returns an error code (SC_ERR_NONE = success).
  186 + *
  187 + * Return errors codes:
  188 + * - SC_ERR_PARM if \a mode is invalid
  189 + * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
  190 + * - SC_ERR_UNAVAILABLE if SECO not available
  191 + *
  192 + * This is used to set the SECO attestation mode. This can be prover
  193 + * or verfier. See the Security Reference Manual (SRM) for more on the
  194 + * suported modes, mode values, and mode behavior.
  195 + */
  196 +sc_err_t sc_seco_attest_mode(sc_ipc_t ipc, uint32_t mode);
  197 +
  198 +/*!
  199 + * This function is used to request atestation. Only the owner of
  200 + * the SC_R_ATTESTATION resource may make this call.
  201 + *
  202 + * @param[in] ipc IPC handle
  203 + * @param[in] nonce unique value
  204 + *
  205 + * @return Returns an error code (SC_ERR_NONE = success).
  206 + *
  207 + * Return errors codes:
  208 + * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
  209 + * - SC_ERR_UNAVAILABLE if SECO not available
  210 + *
  211 + * This is used to ask SECO to perform an attestation. The result depends
  212 + * on the attestation mode. After this call, the signature can be
  213 + * requested or a verify can be requested.
  214 + *
  215 + * See the Security Reference Manual (SRM) for more info.
  216 + */
  217 +sc_err_t sc_seco_attest(sc_ipc_t ipc, uint64_t nonce);
  218 +
  219 +/*!
  220 + * This function is used to retrieve the attestation public key.
  221 + * Mode must be verifier. Only the owner of the SC_R_ATTESTATION resource
  222 + * may make this call.
  223 + *
  224 + * @param[in] ipc IPC handle
  225 + * @param[in] addr address to write response
  226 + *
  227 + * Result will be written to \a addr. The \a addr parmater must point
  228 + * to an address SECO can access. It must be 64-bit aligned. There
  229 + * should be 96 bytes of space.
  230 + *
  231 + * @return Returns an error code (SC_ERR_NONE = success).
  232 + *
  233 + * Return errors codes:
  234 + * - SC_ERR_PARM if \a addr bad or attestation has not been requested
  235 + * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
  236 + * - SC_ERR_UNAVAILABLE if SECO not available
  237 + *
  238 + * See the Security Reference Manual (SRM) for more info.
  239 + */
  240 +sc_err_t sc_seco_get_attest_pkey(sc_ipc_t ipc, sc_faddr_t addr);
  241 +
  242 +/*!
  243 + * This function is used to retrieve attestation signature and parameters.
  244 + * Mode must be provider. Only the owner of the SC_R_ATTESTATION resource
  245 + * may make this call.
  246 + *
  247 + * @param[in] ipc IPC handle
  248 + * @param[in] addr address to write response
  249 + *
  250 + * Result will be written to \a addr. The \a addr parmater must point
  251 + * to an address SECO can access. It must be 64-bit aligned. There
  252 + * should be 120 bytes of space.
  253 + *
  254 + * @return Returns an error code (SC_ERR_NONE = success).
  255 + *
  256 + * Return errors codes:
  257 + * - SC_ERR_PARM if \a addr bad or attestation has not been requested
  258 + * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
  259 + * - SC_ERR_UNAVAILABLE if SECO not available
  260 + *
  261 + * See the Security Reference Manual (SRM) for more info.
  262 + */
  263 +sc_err_t sc_seco_get_attest_sign(sc_ipc_t ipc, sc_faddr_t addr);
  264 +
  265 +/*!
  266 + * This function is used to verify attestation. Mode must be verifier.
  267 + * Only the owner of the SC_R_ATTESTATION resource may make this call.
  268 + *
  269 + * @param[in] ipc IPC handle
  270 + * @param[in] addr address of signature
  271 + *
  272 + * The \a addr parmater must point to an address SECO can access. It must be
  273 + * 64-bit aligned.
  274 + *
  275 + * @return Returns an error code (SC_ERR_NONE = success).
  276 + *
  277 + * Return errors codes:
  278 + * - SC_ERR_PARM if \a addr bad or attestation has not been requested
  279 + * - SC_ERR_NOACCESS if SC_R_ATTESTATON not owned by caller
  280 + * - SC_ERR_UNAVAILABLE if SECO not available
  281 + * - SC_ERR_FAIL if signature doesn't match
  282 + *
  283 + * See the Security Reference Manual (SRM) for more info.
  284 + */
  285 +sc_err_t sc_seco_attest_verify(sc_ipc_t ipc, sc_faddr_t addr);
  286 +
  287 +/* @} */
  288 +
  289 +/*!
  290 + * @name Key Functions
  291 + * @{
  292 + */
  293 +
  294 +/*!
  295 + * This function is used to generate a SECO key blob.
  296 + *
  297 + * @param[in] ipc IPC handle
  298 + * @param[in] id key identifier
  299 + * @param[in] load_addr load address
  300 + * @param[in] export_addr export address
  301 + * @param[in] max_size max export size
  302 + *
  303 + * @return Returns an error code (SC_ERR_NONE = success).
  304 + *
  305 + * Return errors codes:
  306 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  307 + * - SC_ERR_UNAVAILABLE if SECO not available
  308 + *
  309 + * This function is used to encapsulate sensitive keys in a specific structure
  310 + * called a blob, which provides both confidentiality and integrity protection.
  311 + *
  312 + * See the Security Reference Manual (SRM) for more info.
  313 + */
  314 +sc_err_t sc_seco_gen_key_blob(sc_ipc_t ipc, uint32_t id,
  315 + sc_faddr_t load_addr, sc_faddr_t export_addr, uint16_t max_size);
  316 +
  317 +/*!
  318 + * This function is used to load a SECO key.
  319 + *
  320 + * @param[in] ipc IPC handle
  321 + * @param[in] id key identifier
  322 + * @param[in] addr key address
  323 + *
  324 + * @return Returns an error code (SC_ERR_NONE = success).
  325 + *
  326 + * Return errors codes:
  327 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  328 + * - SC_ERR_UNAVAILABLE if SECO not available
  329 + *
  330 + * This function is used to install private cryptographic keys encapsulated
  331 + * in a blob previously generated by SECO. The controller can be either the
  332 + * IEE or the VPU. The blob header carries the controller type and the key
  333 + * size, as provided by the user when generating the key blob.
  334 + *
  335 + * See the Security Reference Manual (SRM) for more info.
  336 + */
  337 +sc_err_t sc_seco_load_key(sc_ipc_t ipc, uint32_t id,
  338 + sc_faddr_t addr);
  339 +
  340 +/* @} */
  341 +
  342 +/*!
  343 + * @name Manufacturing Protection Functions
  344 + * @{
  345 + */
  346 +
  347 +/*!
  348 + * This function is used to get the manufacturing protection public key.
  349 + *
  350 + * @param[in] ipc IPC handle
  351 + * @param[in] dst_addr destination address
  352 + * @param[in] dst_size destination size
  353 + *
  354 + * @return Returns an error code (SC_ERR_NONE = success).
  355 + *
  356 + * Return errors codes:
  357 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  358 + * - SC_ERR_UNAVAILABLE if SECO not available
  359 + *
  360 + * This function is supported only in OEM-closed lifecycle. It generates
  361 + * the mfg public key and stores it in a specific location in the secure
  362 + * memory.
  363 + *
  364 + * See the Security Reference Manual (SRM) for more info.
  365 + */
  366 +sc_err_t sc_seco_get_mp_key(sc_ipc_t ipc, sc_faddr_t dst_addr,
  367 + uint16_t dst_size);
  368 +
  369 +/*!
  370 + * This function is used to update the manufacturing protection message
  371 + * register.
  372 + *
  373 + * @param[in] ipc IPC handle
  374 + * @param[in] addr data address
  375 + * @param[in] size size
  376 + * @param[in] lock lock_reg
  377 + *
  378 + * @return Returns an error code (SC_ERR_NONE = success).
  379 + *
  380 + * Return errors codes:
  381 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  382 + * - SC_ERR_UNAVAILABLE if SECO not available
  383 + *
  384 + * This function is supported only in OEM-closed lifecycle. It updates the
  385 + * content of the MPMR (Manufacturing Protection Message register of 256
  386 + * bits). This register will be appended to the input-data message when
  387 + * generating the signature. Please refer to the CAAM block guide for details.
  388 + *
  389 + * See the Security Reference Manual (SRM) for more info.
  390 + */
  391 +sc_err_t sc_seco_update_mpmr(sc_ipc_t ipc, sc_faddr_t addr,
  392 + uint8_t size, uint8_t lock);
  393 +
  394 +/*!
  395 + * This function is used to get the manufacturing protection signature.
  396 + *
  397 + * @param[in] ipc IPC handle
  398 + * @param[in] msg_addr message address
  399 + * @param[in] msg_size message size
  400 + * @param[in] dst_addr destination address
  401 + * @param[in] dst_size destination size
  402 + *
  403 + * @return Returns an error code (SC_ERR_NONE = success).
  404 + *
  405 + * Return errors codes:
  406 + * - SC_ERR_PARM if word fuse index param out of range or invalid
  407 + * - SC_ERR_UNAVAILABLE if SECO not available
  408 + *
  409 + * This function is used to generate an ECDSA signature for an input-data
  410 + * message and to store it in a specific location in the secure memory. It
  411 + * is only supported in OEM-closed lifecycle. In order to get the ECDSA
  412 + * signature, the RNG must be initialized. In case it has not been started
  413 + * an error will be returned.
  414 + *
  415 + * See the Security Reference Manual (SRM) for more info.
  416 + */
  417 +sc_err_t sc_seco_get_mp_sign(sc_ipc_t ipc, sc_faddr_t msg_addr,
  418 + uint16_t msg_size, sc_faddr_t dst_addr, uint16_t dst_size);
  419 +
  420 +/* @} */
  421 +
  422 +/*!
  423 + * @name Debug Functions
  424 + * @{
  425 + */
  426 +
  427 +/*!
  428 + * This function is used to return the SECO FW build info.
  429 + *
  430 + * @param[in] ipc IPC handle
  431 + * @param[out] version pointer to return build number
  432 + * @param[out] commit pointer to return commit ID (git SHA-1)
  433 + */
  434 +void sc_seco_build_info(sc_ipc_t ipc, uint32_t *version,
  435 + uint32_t *commit);
  436 +
  437 +/*!
  438 + * This function is used to return SECO chip info.
  439 + *
  440 + * @param[in] ipc IPC handle
  441 + * @param[out] lc pointer to return lifecycle
  442 + * @param[out] monotonic pointer to return monotonic counter
  443 + * @param[out] uid_l pointer to return UID (lower 32 bits)
  444 + * @param[out] uid_h pointer to return UID (upper 32 bits)
  445 + */
  446 +sc_err_t sc_seco_chip_info(sc_ipc_t ipc, uint16_t *lc,
  447 + uint16_t *monotonic, uint32_t *uid_l, uint32_t *uid_h);
  448 +
  449 +/*!
  450 + * This function securely enables debug.
  451 + *
  452 + * @param[in] ipc IPC handle
  453 + * @param[in] addr address of message block
  454 + *
  455 + * @return Returns and error code (SC_ERR_NONE = success).
  456 + *
  457 + * Return errors codes:
  458 + * - SC_ERR_UNAVAILABLE if SECO not available
  459 + *
  460 + * Note \a addr must be a pointer to a signed message block.
  461 + *
  462 + * See the Security Reference Manual (SRM) for more info.
  463 + */
  464 +sc_err_t sc_seco_enable_debug(sc_ipc_t ipc, sc_faddr_t addr);
  465 +
  466 +/*!
  467 + * This function is used to return an event from the SECO error log.
  468 + *
  469 + * @param[in] ipc IPC handle
  470 + * @param[out] idx index of event to return
  471 + * @param[out] event pointer to return event
  472 + *
  473 + * @return Returns an error code (SC_ERR_NONE = success).
  474 + *
  475 + * Read of \a idx 0 captures events from SECO. Loop starting
  476 + * with 0 until an error is returned to dump all events.
  477 + */
  478 +sc_err_t sc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
  479 + uint32_t *event);
  480 +
  481 +/* @} */
  482 +
  483 +/*!
  484 + * @name Miscellaneous Functions
  485 + * @{
  486 + */
  487 +
  488 +/*!
  489 + * This function securely writes a group of fuse words.
  490 + *
  491 + * @param[in] ipc IPC handle
  492 + * @param[in] addr address of message block
  493 + *
  494 + * @return Returns and error code (SC_ERR_NONE = success).
  495 + *
  496 + * Return errors codes:
  497 + * - SC_ERR_UNAVAILABLE if SECO not available
  498 + *
  499 + * Note \a addr must be a pointer to a signed message block.
  500 + *
  501 + * See the Security Reference Manual (SRM) for more info.
  502 + */
  503 +sc_err_t sc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr);
  504 +
  505 +/* @} */
  506 +
  507 +#endif /* SC_SECO_API_H */
  508 +
  509 +/**@}*/
arch/arm/mach-imx/sci/Makefile
Diff comments   View file @ bacee72
... ... @@ -10,4 +10,5 @@
10 10 obj-y += svc/pm/rpc_clnt.o
11 11 obj-y += svc/rm/rpc_clnt.o
12 12 obj-y += svc/timer/rpc_clnt.o
  13 +obj-y += svc/seco/rpc_clnt.o
arch/arm/mach-imx/sci/svc/misc/rpc.h
Diff comments   View file @ bacee72
... ... @@ -30,14 +30,12 @@
30 30 #define MISC_FUNC_SET_DMA_GROUP 5U /*!< Index for misc_set_dma_group() RPC call */
31 31 #define MISC_FUNC_SECO_IMAGE_LOAD 8U /*!< Index for misc_seco_image_load() RPC call */
32 32 #define MISC_FUNC_SECO_AUTHENTICATE 9U /*!< Index for misc_seco_authenticate() RPC call */
33   -#define MISC_FUNC_SECO_LOAD_KEY 34U /*!< Index for misc_seco_load_key() RPC call */
34 33 #define MISC_FUNC_SECO_FUSE_WRITE 20U /*!< Index for misc_seco_fuse_write() RPC call */
35 34 #define MISC_FUNC_SECO_ENABLE_DEBUG 21U /*!< Index for misc_seco_enable_debug() RPC call */
36 35 #define MISC_FUNC_SECO_FORWARD_LIFECYCLE 22U /*!< Index for misc_seco_forward_lifecycle() RPC call */
37 36 #define MISC_FUNC_SECO_RETURN_LIFECYCLE 23U /*!< Index for misc_seco_return_lifecycle() RPC call */
38 37 #define MISC_FUNC_SECO_BUILD_INFO 24U /*!< Index for misc_seco_build_info() RPC call */
39 38 #define MISC_FUNC_SECO_CHIP_INFO 25U /*!< Index for misc_seco_chip_info() RPC call */
40   -#define MISC_FUNC_SECO_GET_EVENT 35U /*!< Index for misc_seco_get_event() RPC call */
41 39 #define MISC_FUNC_SECO_ATTEST_MODE 27U /*!< Index for misc_seco_attest_mode() RPC call */
42 40 #define MISC_FUNC_SECO_ATTEST 28U /*!< Index for misc_seco_attest() RPC call */
43 41 #define MISC_FUNC_SECO_GET_ATTEST_PKEY 31U /*!< Index for misc_seco_get_attest_pkey() RPC call */
arch/arm/mach-imx/sci/svc/misc/rpc_clnt.c
Diff comments   View file @ bacee72
... ... @@ -152,26 +152,6 @@
152 152 return (sc_err_t) result;
153 153 }
154 154  
155   -sc_err_t sc_misc_seco_load_key(sc_ipc_t ipc, uint32_t id,
156   - sc_faddr_t addr)
157   -{
158   - sc_rpc_msg_t msg;
159   - uint8_t result;
160   -
161   - RPC_VER(&msg) = SC_RPC_VERSION;
162   - RPC_SVC(&msg) = U8(SC_RPC_SVC_MISC);
163   - RPC_FUNC(&msg) = U8(MISC_FUNC_SECO_LOAD_KEY);
164   - RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
165   - RPC_U32(&msg, 4U) = U32(addr);
166   - RPC_U32(&msg, 8U) = U32(id);
167   - RPC_SIZE(&msg) = 4U;
168   -
169   - sc_call_rpc(ipc, &msg, SC_FALSE);
170   -
171   - result = RPC_R8(&msg);
172   - return (sc_err_t) result;
173   -}
174   -
175 155 sc_err_t sc_misc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr)
176 156 {
177 157 sc_rpc_msg_t msg;
... ... @@ -299,29 +279,6 @@
299 279 if (monotonic != NULL)
300 280 {
301 281 *monotonic = RPC_U16(&msg, 10U);
302   - }
303   -
304   - result = RPC_R8(&msg);
305   - return (sc_err_t) result;
306   -}
307   -
308   -sc_err_t sc_misc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
309   - uint32_t *event)
310   -{
311   - sc_rpc_msg_t msg;
312   - uint8_t result;
313   -
314   - RPC_VER(&msg) = SC_RPC_VERSION;
315   - RPC_SVC(&msg) = U8(SC_RPC_SVC_MISC);
316   - RPC_FUNC(&msg) = U8(MISC_FUNC_SECO_GET_EVENT);
317   - RPC_U8(&msg, 0U) = U8(idx);
318   - RPC_SIZE(&msg) = 2U;
319   -
320   - sc_call_rpc(ipc, &msg, SC_FALSE);
321   -
322   - if (event != NULL)
323   - {
324   - *event = RPC_U32(&msg, 0U);
325 282 }
326 283  
327 284 result = RPC_R8(&msg);
arch/arm/mach-imx/sci/svc/pm/rpc.h
Diff comments   View file @ bacee72
... ... @@ -45,8 +45,10 @@
45 45 #define PM_FUNC_BOOT 8U /*!< Index for pm_boot() RPC call */
46 46 #define PM_FUNC_REBOOT 9U /*!< Index for pm_reboot() RPC call */
47 47 #define PM_FUNC_REBOOT_PARTITION 12U /*!< Index for pm_reboot_partition() RPC call */
  48 +#define PM_FUNC_REBOOT_CONTINUE 25U /*!< Index for pm_reboot_continue() RPC call */
48 49 #define PM_FUNC_CPU_START 11U /*!< Index for pm_cpu_start() RPC call */
49 50 #define PM_FUNC_CPU_RESET 23U /*!< Index for pm_cpu_reset() RPC call */
  51 +#define PM_FUNC_IS_PARTITION_STARTED 24U /*!< Index for pm_is_partition_started() RPC call */
50 52 /*@}*/
51 53  
52 54 /* Types */
arch/arm/mach-imx/sci/svc/pm/rpc_clnt.c
Diff comments   View file @ bacee72
... ... @@ -455,6 +455,23 @@
455 455 return (sc_err_t) result;
456 456 }
457 457  
  458 +sc_err_t sc_pm_reboot_continue(sc_ipc_t ipc, sc_rm_pt_t pt)
  459 +{
  460 + sc_rpc_msg_t msg;
  461 + uint8_t result;
  462 +
  463 + RPC_VER(&msg) = SC_RPC_VERSION;
  464 + RPC_SVC(&msg) = U8(SC_RPC_SVC_PM);
  465 + RPC_FUNC(&msg) = U8(PM_FUNC_REBOOT_CONTINUE);
  466 + RPC_U8(&msg, 0U) = U8(pt);
  467 + RPC_SIZE(&msg) = 2U;
  468 +
  469 + sc_call_rpc(ipc, &msg, SC_FALSE);
  470 +
  471 + result = RPC_R8(&msg);
  472 + return (sc_err_t) result;
  473 +}
  474 +
458 475 sc_err_t sc_pm_cpu_start(sc_ipc_t ipc, sc_rsrc_t resource, sc_bool_t enable,
459 476 sc_faddr_t address)
460 477 {
... ... @@ -491,6 +508,23 @@
491 508 sc_call_rpc(ipc, &msg, SC_TRUE);
492 509  
493 510 return;
  511 +}
  512 +
  513 +sc_bool_t sc_pm_is_partition_started(sc_ipc_t ipc, sc_rm_pt_t pt)
  514 +{
  515 + sc_rpc_msg_t msg;
  516 + sc_bool_t result;
  517 +
  518 + RPC_VER(&msg) = SC_RPC_VERSION;
  519 + RPC_SVC(&msg) = U8(SC_RPC_SVC_PM);
  520 + RPC_FUNC(&msg) = U8(PM_FUNC_IS_PARTITION_STARTED);
  521 + RPC_U8(&msg, 0U) = U8(pt);
  522 + RPC_SIZE(&msg) = 2U;
  523 +
  524 + sc_call_rpc(ipc, &msg, SC_FALSE);
  525 +
  526 + result = U2B(RPC_R8(&msg));
  527 + return result;
494 528 }
495 529  
496 530 /**@}*/
arch/arm/mach-imx/sci/svc/rm/rpc.h
Diff comments   View file @ bacee72
... ... @@ -40,6 +40,7 @@
40 40 #define RM_FUNC_SET_MASTER_SID 11U /*!< Index for rm_set_master_sid() RPC call */
41 41 #define RM_FUNC_SET_PERIPHERAL_PERMISSIONS 12U /*!< Index for rm_set_peripheral_permissions() RPC call */
42 42 #define RM_FUNC_IS_RESOURCE_OWNED 13U /*!< Index for rm_is_resource_owned() RPC call */
  43 +#define RM_FUNC_GET_RESOURCE_OWNER 33U /*!< Index for rm_get_resource_owner() RPC call */
43 44 #define RM_FUNC_IS_RESOURCE_MASTER 14U /*!< Index for rm_is_resource_master() RPC call */
44 45 #define RM_FUNC_IS_RESOURCE_PERIPHERAL 15U /*!< Index for rm_is_resource_peripheral() RPC call */
45 46 #define RM_FUNC_GET_RESOURCE_INFO 16U /*!< Index for rm_get_resource_info() RPC call */
arch/arm/mach-imx/sci/svc/rm/rpc_clnt.c
Diff comments   View file @ bacee72
... ... @@ -336,6 +336,29 @@
336 336 return result;
337 337 }
338 338  
  339 +sc_err_t sc_rm_get_resource_owner(sc_ipc_t ipc, sc_rsrc_t resource,
  340 + sc_rm_pt_t *pt)
  341 +{
  342 + sc_rpc_msg_t msg;
  343 + uint8_t result;
  344 +
  345 + RPC_VER(&msg) = SC_RPC_VERSION;
  346 + RPC_SVC(&msg) = U8(SC_RPC_SVC_RM);
  347 + RPC_FUNC(&msg) = U8(RM_FUNC_GET_RESOURCE_OWNER);
  348 + RPC_U16(&msg, 0U) = U16(resource);
  349 + RPC_SIZE(&msg) = 2U;
  350 +
  351 + sc_call_rpc(ipc, &msg, SC_FALSE);
  352 +
  353 + result = RPC_R8(&msg);
  354 + if (pt != NULL)
  355 + {
  356 + *pt = RPC_U8(&msg, 0U);
  357 + }
  358 +
  359 + return (sc_err_t) result;
  360 +}
  361 +
339 362 sc_bool_t sc_rm_is_resource_master(sc_ipc_t ipc, sc_rsrc_t resource)
340 363 {
341 364 sc_rpc_msg_t msg;
arch/arm/mach-imx/sci/svc/seco/rpc.h
Diff comments   View file @ bacee72
  1 +/*
  2 + * Copyright (C) 2016 Freescale Semiconductor, Inc.
  3 + * Copyright 2017-2018 NXP
  4 + *
  5 + * SPDX-License-Identifier: GPL-2.0+
  6 + */
  7 +
  8 +/*!
  9 + * Header file for the SECO RPC implementation.
  10 + *
  11 + * @addtogroup SECO_SVC
  12 + * @{
  13 + */
  14 +
  15 +#ifndef SC_SECO_RPC_H
  16 +#define SC_SECO_RPC_H
  17 +
  18 +/* Includes */
  19 +
  20 +/* Defines */
  21 +
  22 +/*!
  23 + * @name Defines for RPC SECO function calls
  24 + */
  25 +/*@{*/
  26 +#define SECO_FUNC_UNKNOWN 0 /*!< Unknown function */
  27 +#define SECO_FUNC_IMAGE_LOAD 1U /*!< Index for seco_image_load() RPC call */
  28 +#define SECO_FUNC_AUTHENTICATE 2U /*!< Index for seco_authenticate() RPC call */
  29 +#define SECO_FUNC_FORWARD_LIFECYCLE 3U /*!< Index for seco_forward_lifecycle() RPC call */
  30 +#define SECO_FUNC_RETURN_LIFECYCLE 4U /*!< Index for seco_return_lifecycle() RPC call */
  31 +#define SECO_FUNC_COMMIT 5U /*!< Index for seco_commit() RPC call */
  32 +#define SECO_FUNC_ATTEST_MODE 6U /*!< Index for seco_attest_mode() RPC call */
  33 +#define SECO_FUNC_ATTEST 7U /*!< Index for seco_attest() RPC call */
  34 +#define SECO_FUNC_GET_ATTEST_PKEY 8U /*!< Index for seco_get_attest_pkey() RPC call */
  35 +#define SECO_FUNC_GET_ATTEST_SIGN 9U /*!< Index for seco_get_attest_sign() RPC call */
  36 +#define SECO_FUNC_ATTEST_VERIFY 10U /*!< Index for seco_attest_verify() RPC call */
  37 +#define SECO_FUNC_GEN_KEY_BLOB 11U /*!< Index for seco_gen_key_blob() RPC call */
  38 +#define SECO_FUNC_LOAD_KEY 12U /*!< Index for seco_load_key() RPC call */
  39 +#define SECO_FUNC_GET_MP_KEY 13U /*!< Index for seco_get_mp_key() RPC call */
  40 +#define SECO_FUNC_UPDATE_MPMR 14U /*!< Index for seco_update_mpmr() RPC call */
  41 +#define SECO_FUNC_GET_MP_SIGN 15U /*!< Index for seco_get_mp_sign() RPC call */
  42 +#define SECO_FUNC_BUILD_INFO 16U /*!< Index for seco_build_info() RPC call */
  43 +#define SECO_FUNC_CHIP_INFO 17U /*!< Index for seco_chip_info() RPC call */
  44 +#define SECO_FUNC_ENABLE_DEBUG 18U /*!< Index for seco_enable_debug() RPC call */
  45 +#define SECO_FUNC_GET_EVENT 19U /*!< Index for seco_get_event() RPC call */
  46 +#define SECO_FUNC_FUSE_WRITE 20U /*!< Index for seco_fuse_write() RPC call */
  47 +/*@}*/
  48 +
  49 +/* Types */
  50 +
  51 +/* Functions */
  52 +
  53 +/*!
  54 + * This function dispatches an incoming SECO RPC request.
  55 + *
  56 + * @param[in] caller_pt caller partition
  57 + * @param[in] msg pointer to RPC message
  58 + */
  59 +void seco_dispatch(sc_rm_pt_t caller_pt, sc_rpc_msg_t *msg);
  60 +
  61 +#endif /* SC_SECO_RPC_H */
  62 +
  63 +/**@}*/
arch/arm/mach-imx/sci/svc/seco/rpc_clnt.c
Diff comments   View file @ bacee72
  1 +/*
  2 + * Copyright (C) 2016 Freescale Semiconductor, Inc.
  3 + * Copyright 2017-2018 NXP
  4 + *
  5 + * SPDX-License-Identifier: GPL-2.0+
  6 + */
  7 +
  8 +/*!
  9 + * File containing client-side RPC functions for the SECO service. These
  10 + * functions are ported to clients that communicate to the SC.
  11 + *
  12 + * @addtogroup SECO_SVC
  13 + * @{
  14 + */
  15 +
  16 +/* Includes */
  17 +
  18 +#include <asm/mach-imx/sci/types.h>
  19 +#include <asm/mach-imx/sci/svc/rm/api.h>
  20 +#include <asm/mach-imx/sci/svc/seco/api.h>
  21 +#include <asm/mach-imx/sci/rpc.h>
  22 +#include "rpc.h"
  23 +
  24 +/* Local Defines */
  25 +
  26 +/* Local Types */
  27 +
  28 +/* Local Functions */
  29 +
  30 +sc_err_t sc_seco_image_load(sc_ipc_t ipc, sc_faddr_t addr_src,
  31 + sc_faddr_t addr_dst, uint32_t len, sc_bool_t fw)
  32 +{
  33 + sc_rpc_msg_t msg;
  34 + uint8_t result;
  35 +
  36 + RPC_VER(&msg) = SC_RPC_VERSION;
  37 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  38 + RPC_FUNC(&msg) = U8(SECO_FUNC_IMAGE_LOAD);
  39 + RPC_U32(&msg, 0U) = U32(addr_src >> 32ULL);
  40 + RPC_U32(&msg, 4U) = U32(addr_src);
  41 + RPC_U32(&msg, 8U) = U32(addr_dst >> 32ULL);
  42 + RPC_U32(&msg, 12U) = U32(addr_dst);
  43 + RPC_U32(&msg, 16U) = U32(len);
  44 + RPC_U8(&msg, 20U) = B2U8(fw);
  45 + RPC_SIZE(&msg) = 7U;
  46 +
  47 + sc_call_rpc(ipc, &msg, SC_FALSE);
  48 +
  49 + result = RPC_R8(&msg);
  50 + return (sc_err_t) result;
  51 +}
  52 +
  53 +sc_err_t sc_seco_authenticate(sc_ipc_t ipc,
  54 + sc_seco_auth_cmd_t cmd, sc_faddr_t addr)
  55 +{
  56 + sc_rpc_msg_t msg;
  57 + uint8_t result;
  58 +
  59 + RPC_VER(&msg) = SC_RPC_VERSION;
  60 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  61 + RPC_FUNC(&msg) = U8(SECO_FUNC_AUTHENTICATE);
  62 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  63 + RPC_U32(&msg, 4U) = U32(addr);
  64 + RPC_U8(&msg, 8U) = U8(cmd);
  65 + RPC_SIZE(&msg) = 4U;
  66 +
  67 + sc_call_rpc(ipc, &msg, SC_FALSE);
  68 +
  69 + result = RPC_R8(&msg);
  70 + return (sc_err_t) result;
  71 +}
  72 +
  73 +sc_err_t sc_seco_forward_lifecycle(sc_ipc_t ipc, uint32_t change)
  74 +{
  75 + sc_rpc_msg_t msg;
  76 + uint8_t result;
  77 +
  78 + RPC_VER(&msg) = SC_RPC_VERSION;
  79 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  80 + RPC_FUNC(&msg) = U8(SECO_FUNC_FORWARD_LIFECYCLE);
  81 + RPC_U32(&msg, 0U) = U32(change);
  82 + RPC_SIZE(&msg) = 2U;
  83 +
  84 + sc_call_rpc(ipc, &msg, SC_FALSE);
  85 +
  86 + result = RPC_R8(&msg);
  87 + return (sc_err_t) result;
  88 +}
  89 +
  90 +sc_err_t sc_seco_return_lifecycle(sc_ipc_t ipc, sc_faddr_t addr)
  91 +{
  92 + sc_rpc_msg_t msg;
  93 + uint8_t result;
  94 +
  95 + RPC_VER(&msg) = SC_RPC_VERSION;
  96 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  97 + RPC_FUNC(&msg) = U8(SECO_FUNC_RETURN_LIFECYCLE);
  98 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  99 + RPC_U32(&msg, 4U) = U32(addr);
  100 + RPC_SIZE(&msg) = 3U;
  101 +
  102 + sc_call_rpc(ipc, &msg, SC_FALSE);
  103 +
  104 + result = RPC_R8(&msg);
  105 + return (sc_err_t) result;
  106 +}
  107 +
  108 +sc_err_t sc_seco_commit(sc_ipc_t ipc, uint32_t *info)
  109 +{
  110 + sc_rpc_msg_t msg;
  111 + uint8_t result;
  112 +
  113 + RPC_VER(&msg) = SC_RPC_VERSION;
  114 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  115 + RPC_FUNC(&msg) = U8(SECO_FUNC_COMMIT);
  116 + RPC_U32(&msg, 0U) = *PTR_U32(info);
  117 + RPC_SIZE(&msg) = 2U;
  118 +
  119 + sc_call_rpc(ipc, &msg, SC_FALSE);
  120 +
  121 + *info = RPC_U32(&msg, 0U);
  122 + result = RPC_R8(&msg);
  123 + return (sc_err_t) result;
  124 +}
  125 +
  126 +sc_err_t sc_seco_attest_mode(sc_ipc_t ipc, uint32_t mode)
  127 +{
  128 + sc_rpc_msg_t msg;
  129 + uint8_t result;
  130 +
  131 + RPC_VER(&msg) = SC_RPC_VERSION;
  132 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  133 + RPC_FUNC(&msg) = U8(SECO_FUNC_ATTEST_MODE);
  134 + RPC_U32(&msg, 0U) = U32(mode);
  135 + RPC_SIZE(&msg) = 2U;
  136 +
  137 + sc_call_rpc(ipc, &msg, SC_FALSE);
  138 +
  139 + result = RPC_R8(&msg);
  140 + return (sc_err_t) result;
  141 +}
  142 +
  143 +sc_err_t sc_seco_attest(sc_ipc_t ipc, uint64_t nonce)
  144 +{
  145 + sc_rpc_msg_t msg;
  146 + uint8_t result;
  147 +
  148 + RPC_VER(&msg) = SC_RPC_VERSION;
  149 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  150 + RPC_FUNC(&msg) = U8(SECO_FUNC_ATTEST);
  151 + RPC_U32(&msg, 0U) = U32(nonce >> 32ULL);
  152 + RPC_U32(&msg, 4U) = U32(nonce);
  153 + RPC_SIZE(&msg) = 3U;
  154 +
  155 + sc_call_rpc(ipc, &msg, SC_FALSE);
  156 +
  157 + result = RPC_R8(&msg);
  158 + return (sc_err_t) result;
  159 +}
  160 +
  161 +sc_err_t sc_seco_get_attest_pkey(sc_ipc_t ipc, sc_faddr_t addr)
  162 +{
  163 + sc_rpc_msg_t msg;
  164 + uint8_t result;
  165 +
  166 + RPC_VER(&msg) = SC_RPC_VERSION;
  167 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  168 + RPC_FUNC(&msg) = U8(SECO_FUNC_GET_ATTEST_PKEY);
  169 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  170 + RPC_U32(&msg, 4U) = U32(addr);
  171 + RPC_SIZE(&msg) = 3U;
  172 +
  173 + sc_call_rpc(ipc, &msg, SC_FALSE);
  174 +
  175 + result = RPC_R8(&msg);
  176 + return (sc_err_t) result;
  177 +}
  178 +
  179 +sc_err_t sc_seco_get_attest_sign(sc_ipc_t ipc, sc_faddr_t addr)
  180 +{
  181 + sc_rpc_msg_t msg;
  182 + uint8_t result;
  183 +
  184 + RPC_VER(&msg) = SC_RPC_VERSION;
  185 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  186 + RPC_FUNC(&msg) = U8(SECO_FUNC_GET_ATTEST_SIGN);
  187 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  188 + RPC_U32(&msg, 4U) = U32(addr);
  189 + RPC_SIZE(&msg) = 3U;
  190 +
  191 + sc_call_rpc(ipc, &msg, SC_FALSE);
  192 +
  193 + result = RPC_R8(&msg);
  194 + return (sc_err_t) result;
  195 +}
  196 +
  197 +sc_err_t sc_seco_attest_verify(sc_ipc_t ipc, sc_faddr_t addr)
  198 +{
  199 + sc_rpc_msg_t msg;
  200 + uint8_t result;
  201 +
  202 + RPC_VER(&msg) = SC_RPC_VERSION;
  203 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  204 + RPC_FUNC(&msg) = U8(SECO_FUNC_ATTEST_VERIFY);
  205 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  206 + RPC_U32(&msg, 4U) = U32(addr);
  207 + RPC_SIZE(&msg) = 3U;
  208 +
  209 + sc_call_rpc(ipc, &msg, SC_FALSE);
  210 +
  211 + result = RPC_R8(&msg);
  212 + return (sc_err_t) result;
  213 +}
  214 +
  215 +sc_err_t sc_seco_gen_key_blob(sc_ipc_t ipc, uint32_t id,
  216 + sc_faddr_t load_addr, sc_faddr_t export_addr, uint16_t max_size)
  217 +{
  218 + sc_rpc_msg_t msg;
  219 + uint8_t result;
  220 +
  221 + RPC_VER(&msg) = SC_RPC_VERSION;
  222 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  223 + RPC_FUNC(&msg) = U8(SECO_FUNC_GEN_KEY_BLOB);
  224 + RPC_U32(&msg, 0U) = U32(load_addr >> 32ULL);
  225 + RPC_U32(&msg, 4U) = U32(load_addr);
  226 + RPC_U32(&msg, 8U) = U32(export_addr >> 32ULL);
  227 + RPC_U32(&msg, 12U) = U32(export_addr);
  228 + RPC_U32(&msg, 16U) = U32(id);
  229 + RPC_U16(&msg, 20U) = U16(max_size);
  230 + RPC_SIZE(&msg) = 7U;
  231 +
  232 + sc_call_rpc(ipc, &msg, SC_FALSE);
  233 +
  234 + result = RPC_R8(&msg);
  235 + return (sc_err_t) result;
  236 +}
  237 +
  238 +sc_err_t sc_seco_load_key(sc_ipc_t ipc, uint32_t id,
  239 + sc_faddr_t addr)
  240 +{
  241 + sc_rpc_msg_t msg;
  242 + uint8_t result;
  243 +
  244 + RPC_VER(&msg) = SC_RPC_VERSION;
  245 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  246 + RPC_FUNC(&msg) = U8(SECO_FUNC_LOAD_KEY);
  247 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  248 + RPC_U32(&msg, 4U) = U32(addr);
  249 + RPC_U32(&msg, 8U) = U32(id);
  250 + RPC_SIZE(&msg) = 4U;
  251 +
  252 + sc_call_rpc(ipc, &msg, SC_FALSE);
  253 +
  254 + result = RPC_R8(&msg);
  255 + return (sc_err_t) result;
  256 +}
  257 +
  258 +sc_err_t sc_seco_get_mp_key(sc_ipc_t ipc, sc_faddr_t dst_addr,
  259 + uint16_t dst_size)
  260 +{
  261 + sc_rpc_msg_t msg;
  262 + uint8_t result;
  263 +
  264 + RPC_VER(&msg) = SC_RPC_VERSION;
  265 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  266 + RPC_FUNC(&msg) = U8(SECO_FUNC_GET_MP_KEY);
  267 + RPC_U32(&msg, 0U) = U32(dst_addr >> 32ULL);
  268 + RPC_U32(&msg, 4U) = U32(dst_addr);
  269 + RPC_U16(&msg, 8U) = U16(dst_size);
  270 + RPC_SIZE(&msg) = 4U;
  271 +
  272 + sc_call_rpc(ipc, &msg, SC_FALSE);
  273 +
  274 + result = RPC_R8(&msg);
  275 + return (sc_err_t) result;
  276 +}
  277 +
  278 +sc_err_t sc_seco_update_mpmr(sc_ipc_t ipc, sc_faddr_t addr,
  279 + uint8_t size, uint8_t lock)
  280 +{
  281 + sc_rpc_msg_t msg;
  282 + uint8_t result;
  283 +
  284 + RPC_VER(&msg) = SC_RPC_VERSION;
  285 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  286 + RPC_FUNC(&msg) = U8(SECO_FUNC_UPDATE_MPMR);
  287 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  288 + RPC_U32(&msg, 4U) = U32(addr);
  289 + RPC_U8(&msg, 8U) = U8(size);
  290 + RPC_U8(&msg, 9U) = U8(lock);
  291 + RPC_SIZE(&msg) = 4U;
  292 +
  293 + sc_call_rpc(ipc, &msg, SC_FALSE);
  294 +
  295 + result = RPC_R8(&msg);
  296 + return (sc_err_t) result;
  297 +}
  298 +
  299 +sc_err_t sc_seco_get_mp_sign(sc_ipc_t ipc, sc_faddr_t msg_addr,
  300 + uint16_t msg_size, sc_faddr_t dst_addr, uint16_t dst_size)
  301 +{
  302 + sc_rpc_msg_t msg;
  303 + uint8_t result;
  304 +
  305 + RPC_VER(&msg) = SC_RPC_VERSION;
  306 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  307 + RPC_FUNC(&msg) = U8(SECO_FUNC_GET_MP_SIGN);
  308 + RPC_U32(&msg, 0U) = U32(msg_addr >> 32ULL);
  309 + RPC_U32(&msg, 4U) = U32(msg_addr);
  310 + RPC_U32(&msg, 8U) = U32(dst_addr >> 32ULL);
  311 + RPC_U32(&msg, 12U) = U32(dst_addr);
  312 + RPC_U16(&msg, 16U) = U16(msg_size);
  313 + RPC_U16(&msg, 18U) = U16(dst_size);
  314 + RPC_SIZE(&msg) = 6U;
  315 +
  316 + sc_call_rpc(ipc, &msg, SC_FALSE);
  317 +
  318 + result = RPC_R8(&msg);
  319 + return (sc_err_t) result;
  320 +}
  321 +
  322 +void sc_seco_build_info(sc_ipc_t ipc, uint32_t *version,
  323 + uint32_t *commit)
  324 +{
  325 + sc_rpc_msg_t msg;
  326 +
  327 + RPC_VER(&msg) = SC_RPC_VERSION;
  328 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  329 + RPC_FUNC(&msg) = U8(SECO_FUNC_BUILD_INFO);
  330 + RPC_SIZE(&msg) = 1U;
  331 +
  332 + sc_call_rpc(ipc, &msg, SC_FALSE);
  333 +
  334 + if (version != NULL)
  335 + {
  336 + *version = RPC_U32(&msg, 0U);
  337 + }
  338 +
  339 + if (commit != NULL)
  340 + {
  341 + *commit = RPC_U32(&msg, 4U);
  342 + }
  343 +
  344 + return;
  345 +}
  346 +
  347 +sc_err_t sc_seco_chip_info(sc_ipc_t ipc, uint16_t *lc,
  348 + uint16_t *monotonic, uint32_t *uid_l, uint32_t *uid_h)
  349 +{
  350 + sc_rpc_msg_t msg;
  351 + uint8_t result;
  352 +
  353 + RPC_VER(&msg) = SC_RPC_VERSION;
  354 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  355 + RPC_FUNC(&msg) = U8(SECO_FUNC_CHIP_INFO);
  356 + RPC_SIZE(&msg) = 1U;
  357 +
  358 + sc_call_rpc(ipc, &msg, SC_FALSE);
  359 +
  360 + if (uid_l != NULL)
  361 + {
  362 + *uid_l = RPC_U32(&msg, 0U);
  363 + }
  364 +
  365 + if (uid_h != NULL)
  366 + {
  367 + *uid_h = RPC_U32(&msg, 4U);
  368 + }
  369 +
  370 + if (lc != NULL)
  371 + {
  372 + *lc = RPC_U16(&msg, 8U);
  373 + }
  374 +
  375 + if (monotonic != NULL)
  376 + {
  377 + *monotonic = RPC_U16(&msg, 10U);
  378 + }
  379 +
  380 + result = RPC_R8(&msg);
  381 + return (sc_err_t) result;
  382 +}
  383 +
  384 +sc_err_t sc_seco_enable_debug(sc_ipc_t ipc, sc_faddr_t addr)
  385 +{
  386 + sc_rpc_msg_t msg;
  387 + uint8_t result;
  388 +
  389 + RPC_VER(&msg) = SC_RPC_VERSION;
  390 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  391 + RPC_FUNC(&msg) = U8(SECO_FUNC_ENABLE_DEBUG);
  392 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  393 + RPC_U32(&msg, 4U) = U32(addr);
  394 + RPC_SIZE(&msg) = 3U;
  395 +
  396 + sc_call_rpc(ipc, &msg, SC_FALSE);
  397 +
  398 + result = RPC_R8(&msg);
  399 + return (sc_err_t) result;
  400 +}
  401 +
  402 +sc_err_t sc_seco_get_event(sc_ipc_t ipc, uint8_t idx,
  403 + uint32_t *event)
  404 +{
  405 + sc_rpc_msg_t msg;
  406 + uint8_t result;
  407 +
  408 + RPC_VER(&msg) = SC_RPC_VERSION;
  409 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  410 + RPC_FUNC(&msg) = U8(SECO_FUNC_GET_EVENT);
  411 + RPC_U8(&msg, 0U) = U8(idx);
  412 + RPC_SIZE(&msg) = 2U;
  413 +
  414 + sc_call_rpc(ipc, &msg, SC_FALSE);
  415 +
  416 + if (event != NULL)
  417 + {
  418 + *event = RPC_U32(&msg, 0U);
  419 + }
  420 +
  421 + result = RPC_R8(&msg);
  422 + return (sc_err_t) result;
  423 +}
  424 +
  425 +sc_err_t sc_seco_fuse_write(sc_ipc_t ipc, sc_faddr_t addr)
  426 +{
  427 + sc_rpc_msg_t msg;
  428 + uint8_t result;
  429 +
  430 + RPC_VER(&msg) = SC_RPC_VERSION;
  431 + RPC_SVC(&msg) = U8(SC_RPC_SVC_SECO);
  432 + RPC_FUNC(&msg) = U8(SECO_FUNC_FUSE_WRITE);
  433 + RPC_U32(&msg, 0U) = U32(addr >> 32ULL);
  434 + RPC_U32(&msg, 4U) = U32(addr);
  435 + RPC_SIZE(&msg) = 3U;
  436 +
  437 + sc_call_rpc(ipc, &msg, SC_FALSE);
  438 +
  439 + result = RPC_R8(&msg);
  440 + return (sc_err_t) result;
  441 +}
  442 +
  443 +/**@}*/