On Thu, Dec 12, 2024 at 12:45:48PM -0500, Frank Li wrote:
>On Thu, Dec 12, 2024 at 04:24:42PM +0800, Peng Fan (OSS) wrote:
>> From: Peng Fan <peng.fan@xxxxxxx>
>>
>> i.MX9 OCOTP supports a specific peripheral or function being fused
>> which means disabled, so
>> - Introduce ocotp_access_gates to be container of efuse gate info
>> - Iterate each node under '/soc' to check accessing permission. If not
>> allowed to be accessed, detach the node
>>
>> Signed-off-by: Peng Fan <peng.fan@xxxxxxx>
>> ---
>> drivers/nvmem/imx-ocotp-ele.c | 187 +++++++++++++++++++++++++++++++++++++++++-
>> 1 file changed, 186 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/nvmem/imx-ocotp-ele.c b/drivers/nvmem/imx-ocotp-ele.c
>> index ca6dd71d8a2e29888c6e556aaea116c1a967cb5f..542539b86efd2d38be2903c1d0ea72f918ff5b75 100644
>> --- a/drivers/nvmem/imx-ocotp-ele.c
>> +++ b/drivers/nvmem/imx-ocotp-ele.c
>> @@ -5,6 +5,8 @@
>> * Copyright 2023 NXP
>> */
>>
>> +#include <dt-bindings/nvmem/fsl,imx93-ocotp.h>
>> +#include <dt-bindings/nvmem/fsl,imx95-ocotp.h>
>> #include <linux/device.h>
>> #include <linux/io.h>
>> #include <linux/module.h>
>> @@ -27,6 +29,7 @@ struct ocotp_map_entry {
>> };
>>
>> struct ocotp_devtype_data {
>> + const struct ocotp_access_gates *access_gates;
>> u32 reg_off;
>> char *name;
>> u32 size;
>> @@ -36,11 +39,26 @@ struct ocotp_devtype_data {
>> struct ocotp_map_entry entry[];
>> };
>>
>> +#define OCOTP_MAX_NUM_GATE_WORDS 4
>> +#define IMX93_OCOTP_NUM_GATES 17
>> +#define IMX95_OCOTP_NUM_GATES 36
>> +
>> +struct ocotp_access_gates {
>> + u32 num_words;
>> + u32 words[OCOTP_MAX_NUM_GATE_WORDS];
>> + u32 num_gates;
>> + struct access_gate {
>> + u32 word;
>> + u32 mask;
>> + } gates[];
>> +};
>> +
>> struct imx_ocotp_priv {
>> struct device *dev;
>> void __iomem *base;
>> struct nvmem_config config;
>> struct mutex lock;
>> + u32 value[OCOTP_MAX_NUM_GATE_WORDS];
>> const struct ocotp_devtype_data *data;
>> };
>>
>> @@ -131,6 +149,100 @@ static void imx_ocotp_fixup_dt_cell_info(struct nvmem_device *nvmem,
>> cell->read_post_process = imx_ocotp_cell_pp;
>> }
>>
>> +static int imx_ele_ocotp_check_access(struct platform_device *pdev, u32 id)
>> +{
>> + struct imx_ocotp_priv *priv = platform_get_drvdata(pdev);
>> + const struct ocotp_access_gates *access_gates = priv->data->access_gates;
>> + u32 word, mask;
>> +
>> + if (id >= access_gates->num_gates) {
>> + dev_err(&pdev->dev, "Index %d too large\n", id);
>> + return -EACCES;
>> + }
>> +
>> + word = access_gates->gates[id].word;
>> + mask = access_gates->gates[id].mask;
>> +
>> + dev_dbg(&pdev->dev, "id:%d word:%d mask:0x%08x\n", id, word, mask);
>> + /* true means not allow access */
>> + if (priv->value[word] & mask)
>> + return -EACCES;
>> +
>> + return 0;
>> +}
>> +
>> +static int imx_ele_ocotp_grant_access(struct platform_device *pdev, struct device_node *parent)
>> +{
>> + struct device_node *child;
>> + struct device *dev = &pdev->dev;
>> +
>> + for_each_available_child_of_node(parent, child) {
>> + struct of_phandle_iterator it;
>> + int err;
>> + u32 id;
>> +
>> + of_for_each_phandle(&it, err, child, "access-controllers",
>> + "#access-controller-cells", 0) {
>> + struct of_phandle_args provider_args;
>> + struct device_node *provider = it.node;
>> +
>> + if (err) {
>> + dev_err(dev, "Unable to get access-controllers property for node %s\n, err: %d",
>> + child->full_name, err);
>> + of_node_put(provider);
>> + return err;
>> + }
>> +
>> + /* Only support one cell */
>> + if (of_phandle_iterator_args(&it, provider_args.args, 1) != 1) {
>> + dev_err(dev, "wrong args count\n");
>> + return -EINVAL;
>> + }
>> +
>> + id = provider_args.args[0];
>> +
>> + dev_dbg(dev, "Checking node: %s gate: %d\n", child->full_name, id);
>> +
>> + if (imx_ele_ocotp_check_access(pdev, id)) {
>> + of_detach_node(child);
>> + dev_err(dev, "%s: Not granted, device driver will not be probed\n",
>> + child->full_name);
>> + }
>> + }
>> +
>> + imx_ele_ocotp_grant_access(pdev, child);
>> + }
>
>Does it mean ocopt driver have to probe before other driver probe?
Yes. devlink could make sure ocotp being probed before other drivers which
needs access control check.
Regards,
Peng.
>
>Frank
>
