From fd2b42f4aee116e47044840eca3817af3248ea84 Mon Sep 17 00:00:00 2001 From: Soby Mathew Date: Mon, 5 Jun 2017 15:55:59 +0100 Subject: [PATCH] Do basic CryptoCell LCS check This patch implements the basic lifecycle state check when CryptoCell SBROM is initialized. Currently the check ensures that if the lifecycle state is Security Disabled (SD), the boot process does not proceed further. Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea Signed-off-by: Soby Mathew --- drivers/auth/cryptocell/cryptocell_crypto.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/drivers/auth/cryptocell/cryptocell_crypto.c b/drivers/auth/cryptocell/cryptocell_crypto.c index bf7dff4a..05462bea 100644 --- a/drivers/auth/cryptocell/cryptocell_crypto.c +++ b/drivers/auth/cryptocell/cryptocell_crypto.c @@ -55,6 +55,7 @@ static void init(void) { CCError_t ret; + uint32_t lcs; /* Initialize CC SBROM */ ret = CC_BsvSbromInit((uintptr_t)PLAT_CRYPTOCELL_BASE); @@ -62,6 +63,19 @@ static void init(void) ERROR("CryptoCell CC_BsvSbromInit() error %x\n", ret); panic(); } + + /* Initialize lifecycle state */ + ret = CC_BsvLcsGetAndInit((uintptr_t)PLAT_CRYPTOCELL_BASE, &lcs); + if (ret != CC_OK) { + ERROR("CryptoCell CC_BsvLcsGetAndInit() error %x\n", ret); + panic(); + } + + /* If the lifecyclestate is `SD`, then stop further execution */ + if (lcs == CC_BSV_SECURITY_DISABLED_LCS) { + ERROR("CryptoCell LCS is security-disabled\n"); + panic(); + } } /* -- 2.30.2