platform: msm_shared: Add support to detect secure device
Add support to detect secure device
Change-Id: I0f771d413698e7315cadef5dd8b5f84e3ecc69df
diff --git a/platform/msm_shared/include/scm.h b/platform/msm_shared/include/scm.h
index 2c0bb42..6ca7d34 100644
--- a/platform/msm_shared/include/scm.h
+++ b/platform/msm_shared/include/scm.h
@@ -127,6 +127,7 @@
#define IOMMU_SECURE_CFG 0x02
#define TZ_INFO_GET_FEATURE_ID 0x03
+#define IS_SECURE_BOOT_ENABLED 0x04
#define PRNG_CMD_ID 0x01
@@ -185,6 +186,8 @@
#define SCM_SVC_PWR 0x9
#define SCM_IO_DISABLE_PMIC_ARBITER 0x1
+#define SCM_SVC_TZSCHEDULER 0xFC
+
enum ap_ce_channel_type {
AP_CE_REGISTER_USE = 0,
AP_CE_ADM_USE = 1
diff --git a/platform/msm_shared/scm.c b/platform/msm_shared/scm.c
index c64c392..fcfd6bd 100644
--- a/platform/msm_shared/scm.c
+++ b/platform/msm_shared/scm.c
@@ -142,7 +142,7 @@
{
uint32_t context_id;
register uint32_t r0 __asm__("r0") = SCM_ATOMIC(svc, cmd, 1);
- register uint32_t r1 __asm__("r1") = &context_id;
+ register uint32_t r1 __asm__("r1") = (uint32_t)&context_id;
register uint32_t r2 __asm__("r2") = arg1;
__asm__ volatile(
@@ -641,3 +641,30 @@
return canary;
}
+static bool secure_boot_enabled = true;
+static bool wdog_debug_fuse_disabled = true;
+
+void scm_check_boot_fuses()
+{
+ uint32_t ret = 0;
+ uint32_t resp;
+
+ ret = scm_call(TZBSP_SVC_INFO, IS_SECURE_BOOT_ENABLED, NULL, 0, &resp, sizeof(resp));
+
+ /* Parse Bit 0 and Bit 2 of the response */
+ if(!ret) {
+ /* Bit 0 - SECBOOT_ENABLE_CHECK */
+ if(resp & 0x1)
+ secure_boot_enabled = false;
+ /* Bit 2 - DEBUG_DISABLE_CHECK */
+ if(resp & 0x4)
+ wdog_debug_fuse_disabled = false;
+ } else
+ dprintf(CRITICAL, "scm call to check secure boot fuses failed\n");
+}
+
+bool is_secure_boot_enable()
+{
+ scm_check_boot_fuses();
+ return secure_boot_enabled;
+}