Do basic CryptoCell LCS check

This patch implements the basic lifecycle state check when CryptoCell
SBROM is initialized. Currently the check ensures that if the lifecycle
state is Security Disabled (SD), the boot process does not proceed
further.

Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

diff --git a/drivers/auth/cryptocell/cryptocell_crypto.c b/drivers/auth/cryptocell/cryptocell_crypto.c
index bf7dff4ac21b9ba0935c22727277777ab268a97b..05462bea12347022d2a3b89e0b221f8f12765df3 100644 (file)
--- a/drivers/auth/cryptocell/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/cryptocell_crypto.c
@@ -55,6 +55,7 @@
 static void init(void)
 {
        CCError_t ret;
+       uint32_t lcs;
 
        /* Initialize CC SBROM */
        ret = CC_BsvSbromInit((uintptr_t)PLAT_CRYPTOCELL_BASE);
@@ -62,6 +63,19 @@ static void init(void)
                ERROR("CryptoCell CC_BsvSbromInit() error %x\n", ret);
                panic();
        }
+
+       /* Initialize lifecycle state */
+       ret = CC_BsvLcsGetAndInit((uintptr_t)PLAT_CRYPTOCELL_BASE, &lcs);
+       if (ret != CC_OK) {
+               ERROR("CryptoCell CC_BsvLcsGetAndInit() error %x\n", ret);
+               panic();
+       }
+
+       /* If the lifecyclestate is `SD`, then stop further execution */
+       if (lcs == CC_BSV_SECURITY_DISABLED_LCS) {
+               ERROR("CryptoCell LCS is security-disabled\n");
+               panic();
+       }
 }
 
 /*