Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / d0443e2a55f0d1cc838f6cabb46f6f9aca962730^! / .
commitd0443e2a55f0d1cc838f6cabb46f6f9aca962730[log] [tgz]
authorSridhar Parasuram <sridhar@codeaurora.org>Sat Aug 29 09:56:03 2015 -0700
committerSwetha Chikkaboraiah <schikk@codeaurora.org>Mon Nov 09 17:11:57 2015 +0530
tree985c26c17310d7db892497c4404506980080f203
parent32d42ed5f85022c4b8b364ca5d31584e77c770ec [diff]
platform: msm_shared: Add support to detect secure device

Add support to detect secure device

Change-Id: I0f771d413698e7315cadef5dd8b5f84e3ecc69df

diff --git a/platform/msm_shared/include/scm.h b/platform/msm_shared/include/scm.h
index 2c0bb42..6ca7d34 100644
--- a/platform/msm_shared/include/scm.h
+++ b/platform/msm_shared/include/scm.h

@@ -127,6 +127,7 @@
 #define IOMMU_SECURE_CFG            0x02
 
 #define TZ_INFO_GET_FEATURE_ID      0x03
+#define IS_SECURE_BOOT_ENABLED      0x04
 
 #define PRNG_CMD_ID                 0x01
 
@@ -185,6 +186,8 @@
 #define SCM_SVC_PWR                     0x9
 #define SCM_IO_DISABLE_PMIC_ARBITER     0x1
 
+#define SCM_SVC_TZSCHEDULER             0xFC
+
 enum ap_ce_channel_type {
 AP_CE_REGISTER_USE = 0,
 AP_CE_ADM_USE = 1

diff --git a/platform/msm_shared/scm.c b/platform/msm_shared/scm.c
index c64c392..fcfd6bd 100644
--- a/platform/msm_shared/scm.c
+++ b/platform/msm_shared/scm.c

@@ -142,7 +142,7 @@
 {
 	uint32_t context_id;
 	register uint32_t r0 __asm__("r0") = SCM_ATOMIC(svc, cmd, 1);
-	register uint32_t r1 __asm__("r1") = &context_id;
+	register uint32_t r1 __asm__("r1") = (uint32_t)&context_id;
 	register uint32_t r2 __asm__("r2") = arg1;
 
 	__asm__ volatile(
@@ -641,3 +641,30 @@
 
 	return canary;
 }
+static bool secure_boot_enabled = true;
+static bool wdog_debug_fuse_disabled = true;
+
+void scm_check_boot_fuses()
+{
+	uint32_t ret = 0;
+	uint32_t resp;
+
+	ret = scm_call(TZBSP_SVC_INFO, IS_SECURE_BOOT_ENABLED, NULL, 0, &resp, sizeof(resp));
+
+	/* Parse Bit 0 and Bit 2 of the response */
+	if(!ret) {
+		/* Bit 0 - SECBOOT_ENABLE_CHECK */
+		if(resp & 0x1)
+			secure_boot_enabled = false;
+		/* Bit 2 - DEBUG_DISABLE_CHECK */
+		if(resp & 0x4)
+			wdog_debug_fuse_disabled = false;
+	} else
+		dprintf(CRITICAL, "scm call to check secure boot fuses failed\n");
+}
+
+bool is_secure_boot_enable()
+{
+	scm_check_boot_fuses();
+	return secure_boot_enabled;
+}