diff options
author | Rouven Czerwinski <r.czerwinski@pengutronix.de> | 2020-11-24 08:40:49 +0100 |
---|---|---|
committer | Jérôme Forissier <jerome@forissier.org> | 2021-01-07 14:34:47 +0100 |
commit | cfff3778dae05f06473d8d3870896a607d69dcef (patch) | |
tree | a7dc066976f326501bc958455fb5f8547181405a /core | |
parent | 496551a928aa78773915607966c0e5add2914dd2 (diff) |
core: imx: remove security check for i.MX6SDL
The i.MX6SDL SoCs do not expose the security configuration in the HPSR
registers correctly, they always return SNVS_SECURITY_CFG_FAB (000),
however the SSM information is still exposed correctly.
Remove the check for the security configuration, since the bits all read
zero on these SoCs, even if they are securely booted.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <clement.faure@nxp.com>
Diffstat (limited to 'core')
-rw-r--r-- | core/arch/arm/plat-imx/drivers/imx_snvs.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/core/arch/arm/plat-imx/drivers/imx_snvs.c b/core/arch/arm/plat-imx/drivers/imx_snvs.c index 1be20a7c..52310d3d 100644 --- a/core/arch/arm/plat-imx/drivers/imx_snvs.c +++ b/core/arch/arm/plat-imx/drivers/imx_snvs.c @@ -3,16 +3,27 @@ * Copyright 2020 Pengutronix, Rouven Czerwinski <entwicklung@pengutronix.de> */ #include <drivers/imx_snvs.h> +#include <imx.h> #include <tee/tee_fs.h> bool plat_rpmb_key_is_ready(void) { enum snvs_ssm_mode mode = SNVS_SSM_MODE_INIT; enum snvs_security_cfg security = SNVS_SECURITY_CFG_OPEN; + bool ssm_secure = false; mode = snvs_get_ssm_mode(); security = snvs_get_security_cfg(); - return (mode == SNVS_SSM_MODE_TRUSTED || - mode == SNVS_SSM_MODE_SECURE) && - (security == SNVS_SECURITY_CFG_CLOSED); + ssm_secure = (mode == SNVS_SSM_MODE_TRUSTED || + mode == SNVS_SSM_MODE_SECURE); + + /* + * On i.MX6SDL, the security cfg always returns + * SNVS_SECURITY_CFG_FAB (000), therefore we ignore the security + * configuration for this SoC. + */ + if (soc_is_imx6sdl()) + return ssm_secure; + + return ssm_secure && (security == SNVS_SECURITY_CFG_CLOSED); } |