pinctrl: stm32: prevent the use of the secure protected pins

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The hardware denies any access from the Linux non-secure world to the
secure-protected pins. Hence, prevent any driver to request such a pin.

Mark the secure-protected GPIO lines as invalid (.init_valid_mask) and
prevent the pinmux request / pinconf setting operations.
Identify the secure pins with "NO ACCESS" in the pinconf sysfs.

Signed-off-by: Fabien Dessenne <fabien.dessenne@foss.st.com>
Link: https://lore.kernel.org/r/20220502153114.283618-1-fabien.dessenne@foss.st.com
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

authored by

Fabien Dessenne and committed by

Linus Walleij 3 years ago 3389b098 3296c473

+66

3 changed files

expand all

drivers

pinctrl

stm32

pinctrl-stm32.c

pinctrl-stm32.h

pinctrl-stm32mp135.c

+64

drivers/pinctrl/stm32/pinctrl-stm32.c

··· 44 44 #define STM32_GPIO_LCKR 0x1c 45 45 #define STM32_GPIO_AFRL 0x20 46 46 #define STM32_GPIO_AFRH 0x24 47 + #define STM32_GPIO_SECCFGR 0x30 47 48 48 49 /* custom bitfield to backup pin status */ 49 50 #define STM32_GPIO_BKP_MODE_SHIFT 0 ··· 96 95 u32 bank_ioport_nr; 97 96 u32 pin_backup[STM32_GPIO_PINS_PER_BANK]; 98 97 u8 irq_type[STM32_GPIO_PINS_PER_BANK]; 98 + bool secure_control; 99 99 }; 100 100 101 101 struct stm32_pinctrl { ··· 286 284 return ret; 287 285 } 288 286 287 + static int stm32_gpio_init_valid_mask(struct gpio_chip *chip, 288 + unsigned long *valid_mask, 289 + unsigned int ngpios) 290 + { 291 + struct stm32_gpio_bank *bank = gpiochip_get_data(chip); 292 + struct stm32_pinctrl *pctl = dev_get_drvdata(bank->gpio_chip.parent); 293 + unsigned int i; 294 + u32 sec; 295 + 296 + /* All gpio are valid per default */ 297 + bitmap_fill(valid_mask, ngpios); 298 + 299 + if (bank->secure_control) { 300 + /* Tag secured pins as invalid */ 301 + sec = readl_relaxed(bank->base + STM32_GPIO_SECCFGR); 302 + 303 + for (i = 0; i < ngpios; i++) { 304 + if (sec & BIT(i)) { 305 + clear_bit(i, valid_mask); 306 + dev_dbg(pctl->dev, "No access to gpio %d - %d\n", bank->bank_nr, i); 307 + } 308 + } 309 + } 310 + 311 + return 0; 312 + } 313 + 289 314 static const struct gpio_chip stm32_gpio_template = { 290 315 .request = stm32_gpio_request, 291 316 .free = stm32_gpio_free, ··· 323 294 .to_irq = stm32_gpio_to_irq, 324 295 .get_direction = stm32_gpio_get_direction, 325 296 .set_config = gpiochip_generic_config, 297 + .init_valid_mask = stm32_gpio_init_valid_mask, 326 298 }; 327 299 328 300 static void stm32_gpio_irq_trigger(struct irq_data *d) ··· 868 838 return stm32_pmx_set_mode(bank, pin, !input, 0); 869 839 } 870 840 841 + static int stm32_pmx_request(struct pinctrl_dev *pctldev, unsigned int gpio) 842 + { 843 + struct stm32_pinctrl *pctl = pinctrl_dev_get_drvdata(pctldev); 844 + struct pinctrl_gpio_range *range; 845 + 846 + range = pinctrl_find_gpio_range_from_pin_nolock(pctldev, gpio); 847 + if (!range) { 848 + dev_err(pctl->dev, "No gpio range defined.\n"); 849 + return -EINVAL; 850 + } 851 + 852 + if (!gpiochip_line_is_valid(range->gc, stm32_gpio_pin(gpio))) { 853 + dev_warn(pctl->dev, "Can't access gpio %d\n", gpio); 854 + return -EACCES; 855 + } 856 + 857 + return 0; 858 + } 859 + 871 860 static const struct pinmux_ops stm32_pmx_ops = { 872 861 .get_functions_count = stm32_pmx_get_funcs_cnt, 873 862 .get_function_name = stm32_pmx_get_func_name, 874 863 .get_function_groups = stm32_pmx_get_func_groups, 875 864 .set_mux = stm32_pmx_set_mux, 876 865 .gpio_set_direction = stm32_pmx_gpio_set_direction, 866 + .request = stm32_pmx_request, 877 867 .strict = true, 878 868 }; 879 869 ··· 1090 1040 bank = gpiochip_get_data(range->gc); 1091 1041 offset = stm32_gpio_pin(pin); 1092 1042 1043 + if (!gpiochip_line_is_valid(range->gc, offset)) { 1044 + dev_warn(pctl->dev, "Can't access gpio %d\n", pin); 1045 + return -EACCES; 1046 + } 1047 + 1093 1048 switch (param) { 1094 1049 case PIN_CONFIG_DRIVE_PUSH_PULL: 1095 1050 ret = stm32_pconf_set_driving(bank, offset, 0); ··· 1214 1159 bank = gpiochip_get_data(range->gc); 1215 1160 offset = stm32_gpio_pin(pin); 1216 1161 1162 + if (!gpiochip_line_is_valid(range->gc, offset)) { 1163 + seq_puts(s, "NO ACCESS"); 1164 + return; 1165 + } 1166 + 1217 1167 stm32_pmx_get_mode(bank, offset, &mode, &alt); 1218 1168 bias = stm32_pconf_get_bias(bank, offset); 1219 1169 ··· 1335 1275 bank->gpio_chip.parent = dev; 1336 1276 bank->bank_nr = bank_nr; 1337 1277 bank->bank_ioport_nr = bank_ioport_nr; 1278 + bank->secure_control = pctl->match_data->secure_control; 1338 1279 spin_lock_init(&bank->lock); 1339 1280 1340 1281 /* create irq hierarchical domain */ ··· 1637 1576 1638 1577 range = pinctrl_find_gpio_range_from_pin(pctl->pctl_dev, pin); 1639 1578 if (!range) 1579 + return 0; 1580 + 1581 + if (!gpiochip_line_is_valid(range->gc, offset)) 1640 1582 return 0; 1641 1583 1642 1584 pin_is_irq = gpiochip_line_is_irq(range->gc, offset);

drivers/pinctrl/stm32/pinctrl-stm32.h

··· 59 59 struct stm32_pinctrl_match_data { 60 60 const struct stm32_desc_pin *pins; 61 61 const unsigned int npins; 62 + bool secure_control; 62 63 }; 63 64 64 65 struct stm32_gpio_bank;

drivers/pinctrl/stm32/pinctrl-stm32mp135.c

··· 1649 1649 static struct stm32_pinctrl_match_data stm32mp135_match_data = { 1650 1650 .pins = stm32mp135_pins, 1651 1651 .npins = ARRAY_SIZE(stm32mp135_pins), 1652 + .secure_control = true, 1652 1653 }; 1653 1654 1654 1655 static const struct of_device_id stm32mp135_pctrl_match[] = {