commit d147d4b05c6a65fd727283a83cf3aff492dd0633
author Maulik Patel <maulik.patel@arm.com> Mon Dec 09 13:28:52 2024 +0000
committer Maulik Patel <maulik.patel@arm.com> Fri Jan 10 06:26:56 2025 +0000
tree 86eb92802843462e4d0f652bd54f5e0ef8d1a25f
parent 805216a4744c72e578a1c5da1120dcf3105eb5be

ADAC: Simplify the service by removing concept of debug zones

There is no need to differentiate between various debug zones.
The permission bits from the authenticated certificate are now
applied directly (with or without reset).

However if the reset is required, then the service notifies
the boot using a bit in software syndrome register. Please
see function psa_adac_apply_permissions in psa-adac repo.

Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: Ib0629d6972fdd42cb6e659174a01defd92adb276

partitions/adac/adac.c

diff --git a/partitions/adac/adac.c b/partitions/adac/adac.c
index a93f8c1..1406723 100644
--- a/partitions/adac/adac.c
+++ b/partitions/adac/adac.c
@@ -7,6 +7,7 @@
 
 #include <stdint.h>
 #include <stdbool.h>
+#include <string.h>
 #include "tfm_plat_defs.h"
 #include "tfm_plat_otp.h"
 #include "platform_regs.h"
@@ -19,105 +20,39 @@
 #define ROTPK_SIZE 32
 
 static uint8_t secure_debug_rotpk[ROTPK_SIZE];
-static uint32_t current_debug_session;
+static bool is_session_in_progress;
 
-static uint32_t read_persistent_debug_state(void)
+static bool read_persistent_debug_state(void)
 {
-    uint16_t read_mask;
     uint32_t reg_value;
-    uint32_t debug_state;
-
     struct rse_sysctrl_t *sysctrl = (struct rse_sysctrl_t *)RSE_SYSCTRL_BASE_S;
+
     reg_value = sysctrl->reset_syndrome;
 
-    /* Bits 24:31 (SWSYN) are allocated for software defined reset syndrome */
-    reg_value = (reg_value >> 24) & 0xFF;
-    /* Use last TFM_PLAT_LAST_CCA_ADAC_ZONE number of bits of
-     * RESET_SYNDROME.SWSYN register for conveying debug state information
-     */
-    read_mask = (1 << TFM_PLAT_LAST_CCA_ADAC_ZONE) - 1;
-    debug_state = reg_value & read_mask;
-
-    return debug_state;
-}
-
-static void write_persistent_debug_state(uint32_t debug_state)
-{
-    struct rse_sysctrl_t *sysctrl = (struct rse_sysctrl_t *)RSE_SYSCTRL_BASE_S;
-    uint32_t reg_value = sysctrl->swreset;
-
-    /* Clear bits 24:31 (SWSYN)in SWRESET reg */
-    reg_value = reg_value & 0x00FFFFFF;
-    sysctrl->swreset = reg_value | ((debug_state & 0xFF) << 24);
-}
-
-static psa_status_t set_non_cca_debug(uint32_t debug_request)
-{
-//    TODO: Implement the required updates
-    current_debug_session = debug_request;
-
-    return PSA_SUCCESS;
-}
-
-static psa_status_t set_cca_debug(uint32_t debug_request)
-{
-    enum tfm_platform_err_t plat_err;
-
-    write_persistent_debug_state(debug_request);
-
-    /* Trigger a reset */
-    plat_err = tfm_platform_system_reset();
-    if (plat_err != TFM_PLATFORM_ERR_SUCCESS) {
-        return PSA_ERROR_SERVICE_FAILURE;
-    }
-
-    return PSA_SUCCESS;
+    return (reg_value & (1 << SWSYN_DEBUG_STATE_IN_BOOT_BIT_POS));
 }
 
 psa_status_t adac_service_request(uint32_t debug_request)
 {
     int rc;
+    /* Not relevant anymore. Will be removed once the API gets updated */
+    (void) debug_request;
 
-    /* check if invalid debug request */
-    if (debug_request & ~((1U << (TFM_PLAT_MAX_NUM_DEBUG_ZONES - 1)) - 1)) {
-        return PSA_ERROR_INVALID_ARGUMENT;
-    }
+    /* Read current value of debug state from PSI */
+    is_session_in_progress = read_persistent_debug_state();
 
-    if (debug_request == current_debug_session) {
-        /* Do nothing as requested session already in progress */
-        return PSA_SUCCESS;
-    }
+    if (is_session_in_progress) {
+        /* Do nothing as a session is already in progress */
+        return PSA_ERROR_CONNECTION_BUSY;
 
-    if ((current_debug_session != TFM_PLAT_NO_DEBUG) &&
-        (debug_request != TFM_PLAT_NO_DEBUG)) {
-
-        /* A debug session is already in progress; terminate it first before
-         * any new request
-         */
-        return PSA_ERROR_NOT_PERMITTED;
-    }
-
-    if (debug_request == TFM_PLAT_NO_DEBUG) {
-        /* Request to terminate the current debug session in progress */
-        if (current_debug_session & ((1 << TFM_PLAT_LAST_CCA_ADAC_ZONE) - 1)) {
-            return set_cca_debug(TFM_PLAT_NO_DEBUG);
-        } else {
-            return set_non_cca_debug(TFM_PLAT_NO_DEBUG);
-        }
     }
 
     /* Authenticate incoming debug request */
-    rc = tfm_to_psa_adac_rse_secure_debug(secure_debug_rotpk, ROTPK_SIZE);
-    if (rc != 0) {
-        /* Authentication failure */
-        return PSA_ERROR_NOT_PERMITTED;
-    }
-
-    if (debug_request & ((1 << TFM_PLAT_LAST_CCA_ADAC_ZONE) - 1)) {
-        return set_cca_debug(debug_request);
-    } else {
-        return set_non_cca_debug(debug_request);
-    }
+   rc = tfm_to_psa_adac_rse_secure_debug(secure_debug_rotpk, ROTPK_SIZE);
+   if (rc != 0) {
+       /* Authentication failure */
+       return PSA_ERROR_NOT_PERMITTED;
+   }
 
     return PSA_SUCCESS;
 }
@@ -135,7 +70,7 @@
         return PSA_ERROR_SERVICE_FAILURE;
     }
 
-    if(lcs != PLAT_OTP_LCS_SECURED) {
+    if (lcs != PLAT_OTP_LCS_SECURED) {
         /* Device is not in secured state, hence ADAC service should be
          * disabled
          */
@@ -148,8 +83,6 @@
         }
 
         *is_service_enabled = true;
-        /* Read current value of debug state from PSI */
-        current_debug_session = read_persistent_debug_state();
     }
 
     return PSA_SUCCESS;