github.com/usbarmory/tamago@v0.0.0-20240508072735-8612bbe1e454/soc/nxp/csu/csu.go

github.com/usbarmory/tamago@v0.0.0-20240508072735-8612bbe1e454/soc/nxp/csu/csu.go (about)

     1  // NXP i.MX Central Security Unit (CSU) driver
     2  // https://github.com/usbarmory/tamago
     3  //
     4  // Copyright (c) WithSecure Corporation
     5  // https://foundry.withsecure.com
     6  //
     7  // Use of this source code is governed by the license
     8  // that can be found in the LICENSE file.
     9  
    10  // Package csu implements a driver for the NXP Central Security Unit (CSU)
    11  // adopting the following reference specifications:
    12  //   - IMX6ULLRM  - i.MX 6ULL Applications Processor Reference Manual          - Rev 1 2017/11
    13  //   - IMX6ULLSRM - i.MX 6ULL Applications Processor Security Reference Manual - Rev 0 2016/09
    14  //
    15  // This package is only meant to be used with `GOOS=tamago GOARCH=arm` as
    16  // supported by the TamaGo framework for bare metal Go on ARM SoCs, see
    17  // https://github.com/usbarmory/tamago.
    18  package csu
    19  
    20  import (
    21  	"errors"
    22  
    23  	"github.com/usbarmory/tamago/internal/reg"
    24  )
    25  
    26  // CSU registers
    27  const (
    28  	CSU_CSL0 = 0x00
    29  	CSU_SA   = 0x218
    30  )
    31  
    32  // CSU represents the Central Security Unit instance.
    33  type CSU struct {
    34  	// Base register
    35  	Base uint32
    36  	// Clock gate register
    37  	CCGR uint32
    38  	// Clock gate
    39  	CG int
    40  
    41  	// control registers
    42  	csl0 uint32
    43  	sa   uint32
    44  }
    45  
    46  // Init initializes the Central Security Unit (CSU).
    47  func (hw *CSU) Init() {
    48  	if hw.Base == 0 || hw.CCGR == 0 {
    49  		panic("invalid CSU instance")
    50  	}
    51  
    52  	hw.csl0 = hw.Base + CSU_CSL0
    53  	hw.sa = hw.Base + CSU_SA
    54  
    55  	// enable clock
    56  	reg.SetN(hw.CCGR, hw.CG, 0b11, 0b11)
    57  }
    58  
    59  // GetAccess returns the security access (SA) for one of the 16 masters IDs.
    60  // The lock return value indicates whether the SA is locked for changes until
    61  // the next power cycle.
    62  func (hw *CSU) GetAccess(id int) (secure bool, lock bool, err error) {
    63  	if id < SA_MIN || id > SA_MAX {
    64  		return false, false, errors.New("index out of range")
    65  	}
    66  
    67  	val := reg.Get(hw.sa, id*2, 0b11)
    68  
    69  	if val&0b01 == 0 {
    70  		secure = true
    71  	}
    72  
    73  	if val&0b10 != 0 {
    74  		lock = true
    75  	}
    76  
    77  	return
    78  }
    79  
    80  // SetAccess configures the security access (SA) for one of the 16 masters IDs.
    81  // The lock argument controls whether the SA is locked for changes until the
    82  // next power cycle.
    83  func (hw *CSU) SetAccess(id int, secure bool, lock bool) (err error) {
    84  	if id < SA_MIN || id > SA_MAX {
    85  		return errors.New("index out of range")
    86  	}
    87  
    88  	reg.SetTo(hw.sa, id*2, !secure)
    89  
    90  	if lock {
    91  		reg.Set(hw.sa, id*2+1)
    92  	}
    93  
    94  	return
    95  }